RESOLVED FIXED 83191
Constant Blinding for add/sub immediate crashes in ArmV7 when dest is SP 
https://bugs.webkit.org/show_bug.cgi?id=83191
Summary Constant Blinding for add/sub immediate crashes in ArmV7 when dest is SP
Michael Saboff
Reported 2012-04-04 12:28:39 PDT
ARMv7 and therefore the ARMv7Assembler::add() method has a special case for SP destination register. It assumes that any immediate is word aligned. When constant blinding is used, the immediate value could be any value since it starts as a random number. The same is true for ARMv7Assembler::sub().
Attachments
Patch (1.80 KB, patch)
2012-04-04 12:33 PDT, Michael Saboff 		oliver: review+
buildbot: commit-queue-
DetailsFormatted DiffDiff
Updated Patch with ASSERT Added (3.27 KB, patch)
2012-04-04 15:40 PDT, Michael Saboff 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Michael Saboff
Comment 1 2012-04-04 12:33:33 PDT
Created attachment 135652 [details] Patch
Build Bot
Comment 2 2012-04-04 12:46:43 PDT
Comment on attachment 135652 [details] Patch Attachment 135652 [details] did not pass win-ews (win): Output: http://queues.webkit.org/results/12330014
Michael Saboff
Comment 3 2012-04-04 15:40:51 PDT
Created attachment 135702 [details] Updated Patch with ASSERT Added Added ASSERTs in ARMv7Assembler::add() and ARMv7Assembler::sub(). These ASSERTs rubber stamped by Oliver.
Michael Saboff
Comment 4 2012-04-04 15:42:59 PDT
Committed r113253: <http://trac.webkit.org/changeset/113253>
Note You need to log in before you can comment on or make changes to this bug.