Disallow a global address in the x86-64 displacement field.

This applies only to %r15 sandboxed memory references.  The problem
is that if the index register is negative, the sandboxing operation
will cause the index to become a large positive 32-bit value, which
combined with the displacement, will overflow and try to reference
memory outside the sandbox.  This situation may legitimately occur
if the compiler happens to construct a (constant) interior pointer
to the middle of the global struct/array, and then dereferences it
with a variable offset.

After this fix, pnacl/scripts/testsuite_known_failures_pnacl.txt can
be updated to remove the "aha x86-64" known failure.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3517
R=eliben@chromium.org

Review URL: https://codereview.chromium.org/17987002

0 files changed, 0 insertions, 0 deletions