Use ecx/rcx to restore entrypoint after call to __guard_check_icall_fptr

Author: Cellule

lib/Backend/NativeCodeGenerator.cpp

@@ -1495,10 +1495,9 @@ NativeCodeGenerator::CheckAsmJsCodeGenThunk(Js::RecyclableObject* function, Js::
             call NativeCodeGenerator::CheckAsmJsCodeGen
 #ifdef _CONTROL_FLOW_GUARD
             // verify that the call target is valid
-            push eax
             mov  ecx, eax
             call[__guard_check_icall_fptr]
-            pop eax
+            mov  eax, ecx
 #endif
             pop ebp
             jmp  eax
@@ -1524,10 +1523,9 @@ NativeCodeGenerator::CheckCodeGenThunk(Js::RecyclableObject* function, Js::CallI
         call NativeCodeGenerator::CheckCodeGen
 #ifdef _CONTROL_FLOW_GUARD
         // verify that the call target is valid
-        push eax
         mov  ecx, eax
         call[__guard_check_icall_fptr]
-        pop eax
+        mov  eax, ecx
 #endif
         pop ebp
         jmp  eax

lib/Runtime/Language/InterpreterStackFrame.cpp

@@ -1612,10 +1612,9 @@ namespace Js
 skipThunk:
 #ifdef _CONTROL_FLOW_GUARD
             // verify that the call target is valid
-            push eax;
             mov  ecx, eax;
             call[__guard_check_icall_fptr];
-            pop eax;
+            mov  eax, ecx;
 #endif
 
             pop ebp;
@@ -1636,10 +1635,9 @@ namespace Js
 
 #ifdef _CONTROL_FLOW_GUARD
             // verify that the call target is valid
-            push eax;
             mov  ecx, eax;
             call[__guard_check_icall_fptr];
-            pop eax;
+            mov  eax, ecx;
 #endif
 
             pop ebp;

lib/Runtime/Language/JavascriptExceptionOperators.cpp

@@ -917,10 +917,9 @@ namespace Js
 
 #if 0 && defined(_CONTROL_FLOW_GUARD)
             // verify that the call target is valid
-            mov  ebx, eax; save call target
             mov  ecx, eax
             call[__guard_check_icall_fptr]
-            mov  eax, ebx; restore call target
+            mov  eax, ecx; restore call target
 #endif
 
             // save the current frame ptr, and adjust the frame to access

lib/Runtime/Library/JavascriptFunction.cpp

@@ -1204,14 +1204,13 @@ using namespace Js;
             mov ecx, argsSize;
             rep movs byte ptr[edi], byte ptr[esi];
 
+            mov  ecx, entryPoint
 #ifdef _CONTROL_FLOW_GUARD
             // verify that the call target is valid
-            mov  ecx, entryPoint
             call[__guard_check_icall_fptr]
-            ; no need to restore ecx('call entryPoint' is a __cdecl call)
 #endif
             push function;
-            call entryPoint;
+            call ecx;
             mov retVals.low, eax;
             mov retVals.high, edx;
             movaps retVals.xmm, xmm0;
@@ -1297,16 +1296,15 @@ void __cdecl _alloca_probe_16()
         // call variable argument function provided in entryPoint
         __asm
         {
+            mov  ecx, entryPoint
 #ifdef _CONTROL_FLOW_GUARD
             // verify that the call target is valid
-            mov  ecx, entryPoint
             call [__guard_check_icall_fptr]
-            ; no need to restore ecx ('call entryPoint' is a __cdecl call)
 #endif
 
             push callInfo
             push function
-            call entryPoint
+            call ecx
 
             // Restore ESP
             mov esp, savedEsp