From: John McCall Date: Tue, 28 Jul 2009 06:52:18 +0000 (+0000) Subject: Bounds checking for address spaces. X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8945266f3d024d8b494c7751175519a723205e67;p=platform%2Fupstream%2Fllvm.git Bounds checking for address spaces. llvm-svn: 77303 --- diff --git a/clang/include/clang/AST/Type.h b/clang/include/clang/AST/Type.h index 737b259..70a5931 100644 --- a/clang/include/clang/AST/Type.h +++ b/clang/include/clang/AST/Type.h @@ -97,6 +97,9 @@ public: Weak, Strong }; + + // 24 bits should be enough for anyone. + static const unsigned MaxAddressSpace = 0xffffffu; QualType() {} @@ -569,6 +572,10 @@ public: /// QualifierSet - This class is used to collect qualifiers. +/// Clang supports five independent qualifiers: +/// * C99: const, volatile, and restrict +/// * Embedded C (TR18037): address spaces +/// * Objective C: the GC attributes (none, weak, or strong) class QualifierSet { public: QualifierSet() : Mask(0) {} @@ -653,7 +660,7 @@ private: static const uint32_t GCAttrShift = 3; static const uint32_t AddressSpaceMask = ~(CVRMask | GCAttrMask); static const uint32_t AddressSpaceShift = 5; - static const unsigned MaxAddressSpace = ~0u >> AddressSpaceShift; + static const unsigned MaxAddressSpace = QualType::MaxAddressSpace; }; diff --git a/clang/include/clang/Basic/DiagnosticSemaKinds.td b/clang/include/clang/Basic/DiagnosticSemaKinds.td index b7e9404..b654557 100644 --- a/clang/include/clang/Basic/DiagnosticSemaKinds.td +++ b/clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -512,6 +512,10 @@ def err_ext_vector_component_name_illegal : Error< "illegal vector component name '%0'">; def err_attribute_address_space_not_int : Error< "address space attribute requires an integer constant">; +def err_attribute_address_space_negative : Error< + "address space is negative">; +def err_attribute_address_space_too_high : Error< + "address space is larger than the maximum supported (%0)">; def err_attribute_address_multiple_qualifiers : Error< "multiple address spaces specified for type">; def err_implicit_pointer_address_space_cast : Error< diff --git a/clang/lib/Sema/SemaType.cpp b/clang/lib/Sema/SemaType.cpp index 226f214..d3daa07 100644 --- a/clang/lib/Sema/SemaType.cpp +++ b/clang/lib/Sema/SemaType.cpp @@ -1469,6 +1469,23 @@ static void HandleAddressSpaceTypeAttribute(QualType &Type, return; } + // Bounds checking. + if (addrSpace.isSigned()) { + if (addrSpace.isNegative()) { + S.Diag(Attr.getLoc(), diag::err_attribute_address_space_negative) + << ASArgExpr->getSourceRange(); + return; + } + addrSpace.setIsSigned(false); + } + llvm::APSInt max(addrSpace.getBitWidth()); + max = QualType::MaxAddressSpace; + if (addrSpace > max) { + S.Diag(Attr.getLoc(), diag::err_attribute_address_space_too_high) + << QualType::MaxAddressSpace << ASArgExpr->getSourceRange(); + return; + } + unsigned ASIdx = static_cast(addrSpace.getZExtValue()); Type = S.Context.getAddrSpaceQualType(Type, ASIdx); } diff --git a/clang/test/Sema/address_spaces.c b/clang/test/Sema/address_spaces.c index b79799f..684a99f 100644 --- a/clang/test/Sema/address_spaces.c +++ b/clang/test/Sema/address_spaces.c @@ -15,6 +15,12 @@ void foo(_AS3 float *a) { _AS1 int array[5]; // expected-error {{automatic variable qualified with an address space}} _AS1 int arrarr[5][5]; // expected-error {{automatic variable qualified with an address space}} + __attribute__((address_space(-1))) int *_boundsA; // expected-error {{address space is negative}} + __attribute__((address_space(0xFFFFFF))) int *_boundsB; + __attribute__((address_space(0x1000000))) int *_boundsC; // expected-error {{address space is larger than the maximum supported}} + // chosen specifically to overflow 32 bits and come out reasonable + __attribute__((address_space(4294967500))) int *_boundsD; // expected-error {{address space is larger than the maximum supported}} + *a = 5.0f; }