Fix Cluster Fuzz stack frame corruption bug.

BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/23596002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-27 13:31:15 +00:00 · 2013-08-27 13:31:15 +00:00 · 9d8684f8de
commit 9d8684f8de
parent 9f8f0c6d45
3 changed files with 6 additions and 0 deletions
--- a/src/arm/code-stubs-arm.cc
+++ b/src/arm/code-stubs-arm.cc
@ -4413,6 +4413,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
  {
    FrameScope scope(masm, StackFrame::INTERNAL);

+    __ SmiTag(r0);
    __ push(r0);
    __ push(r1);
    __ push(r2);
@ -4423,6 +4424,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
    __ pop(r2);
    __ pop(r1);
    __ pop(r0);
+    __ SmiUntag(r0);
  }
  __ b(&done);

--- a/src/ia32/code-stubs-ia32.cc
+++ b/src/ia32/code-stubs-ia32.cc
@ -4303,6 +4303,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
  {
    FrameScope scope(masm, StackFrame::INTERNAL);

+    __ SmiTag(eax);
    __ push(eax);
    __ push(edi);
    __ push(ebx);
@ -4313,6 +4314,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
    __ pop(ebx);
    __ pop(edi);
    __ pop(eax);
+    __ SmiUntag(eax);
  }
  __ jmp(&done);

--- a/src/x64/code-stubs-x64.cc
+++ b/src/x64/code-stubs-x64.cc
@ -3391,6 +3391,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
  {
    FrameScope scope(masm, StackFrame::INTERNAL);

+    __ Integer32ToSmi(rax, rax);
    __ push(rax);
    __ push(rdi);
    __ push(rbx);
@ -3401,6 +3402,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
    __ pop(rbx);
    __ pop(rdi);
    __ pop(rax);
+    __ SmiToInteger32(rax, rax);
  }
  __ jmp(&done);