-
tzik authored
|argc| parameter of JSEntry is passed as int from C++ code, and loaded into a register on the asm code. As int is 32 bit, and registers are 64 bit on 64 bit platforms, upper 32 bits of the loaded value may be contaminated by a random value if it's passed as a stack parameter. For now, |argc| is passed as a register parameter on all platforms, and the upper 32 bits of |argc| is filled by zero, fortunately. However, if we shuffle the order of parameters, |argc| can be passed as a stack parameter and its value may be broken. Specifically on x64 Windows, the first 4 parameters are passed as register parameters and the rest are stack parameters. As |argc| is the 4th parameter, if we prepend another parameter and shift |argc| to the 5th parameter, |argc| will become a stack parameter and its load to 64 bit register breaks the value. This CL converts the type of the |argc| parameter to intptr_t, so that it's safe to load from stack to full width registers. Bug: v8:8124 Change-Id: Ie7407cf5e6252ed7323a9c42389db387b0064673 Reviewed-on: https://chromium-review.googlesource.com/c/1400326Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Taiju Tsuiki <tzik@chromium.org> Cr-Commit-Position: refs/heads/master@{#58614}
088f9c60
