• tzik's avatar
    Pass argc of JSEntry as intptr_t · 088f9c60
    tzik authored
    |argc| parameter of JSEntry is passed as int from C++ code, and loaded
    into a register on the asm code. As int is 32 bit, and registers are
    64 bit on 64 bit platforms, upper 32 bits of the loaded value may be
    contaminated by a random value if it's passed as a stack parameter.
    
    For now, |argc| is passed as a register parameter on all platforms, and
    the upper 32 bits of |argc| is filled by zero, fortunately. However, if
    we shuffle the order of parameters, |argc| can be passed as a stack
    parameter and its value may be broken.
    
    Specifically on x64 Windows, the first 4 parameters are passed as
    register parameters and the rest are stack parameters. As |argc| is the
    4th parameter, if we prepend another parameter and shift |argc| to
    the 5th parameter, |argc| will become a stack parameter and its load
    to 64 bit register breaks the value.
    
    This CL converts the type of the |argc| parameter to intptr_t, so that
    it's safe to load from stack to full width registers.
    
    Bug: v8:8124
    Change-Id: Ie7407cf5e6252ed7323a9c42389db387b0064673
    Reviewed-on: https://chromium-review.googlesource.com/c/1400326Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
    Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#58614}
    088f9c60
builtins-mips64.cc 121 KB