Reviewers: Erik Corry,
Message:
My co-worker found this while merging 3.0.5. I'm not sure about the
correctness
of the push instruction which appears to push r0 and r1 while the Instanceof
builtin seems to expect only a single arg word. However, the location of
where
the binding of the slow label does appear to be misplaced. Please take a
look.
Thanks.
Description:
Instanceof slow case bind is incorrect.
Currently, the bind for the slow label is after the pushing of the
args registers which renders the args pushing dead code because there
is a Ret preceeding it. The comments also imply that the arg pushing
should be part of the InvokeBuiltins tail call.
Please review this at http://codereview.chromium.org/6107001/
SVN Base: http://v8.googlecode.com/svn/branches/bleeding_edge/
Affected files:
M src/arm/code-stubs-arm.cc
Index: src/arm/code-stubs-arm.cc
===================================================================
--- src/arm/code-stubs-arm.cc (revision 6187)
+++ src/arm/code-stubs-arm.cc (working copy)
@@ -2987,10 +2987,10 @@
__ Ret(HasArgsInRegisters() ? 0 : 2);
// Slow-case. Tail call builtin.
+ __ bind(&slow);
if (HasArgsInRegisters()) {
__ Push(r0, r1);
}
- __ bind(&slow);
__ InvokeBuiltin(Builtins::INSTANCE_OF, JUMP_JS);
}
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
