From: Matt Arsenault Date: Mon, 4 Feb 2019 22:59:56 +0000 (+0000) Subject: MIR: Validate LLT types when parsing X-Git-Tag: llvmorg-10-init~12834 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8a59b1919cceb9e66c25147f19d670bfe5c3a829;p=platform%2Fupstream%2Fllvm.git MIR: Validate LLT types when parsing llvm-svn: 353107 --- diff --git a/llvm/lib/CodeGen/MIRParser/MIParser.cpp b/llvm/lib/CodeGen/MIRParser/MIParser.cpp index c5db9cc..2ee4f78 100644 --- a/llvm/lib/CodeGen/MIRParser/MIParser.cpp +++ b/llvm/lib/CodeGen/MIRParser/MIParser.cpp @@ -1340,6 +1340,19 @@ bool MIParser::parseIRConstant(StringRef::iterator Loc, const Constant *&C) { return false; } +// See LLT implemntation for bit size limits. +static bool verifyScalarSize(uint64_t Size) { + return Size != 0 && isUInt<16>(Size); +} + +static bool verifyVectorElementCount(uint64_t NumElts) { + return NumElts != 0 && isUInt<16>(NumElts); +} + +static bool verifyAddrSpace(uint64_t AddrSpace) { + return isUInt<24>(AddrSpace); +} + bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { if (Token.range().front() == 's' || Token.range().front() == 'p') { StringRef SizeStr = Token.range().drop_front(); @@ -1348,12 +1361,19 @@ bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { } if (Token.range().front() == 's') { - Ty = LLT::scalar(APSInt(Token.range().drop_front()).getZExtValue()); + auto ScalarSize = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyScalarSize(ScalarSize)) + return error("invalid size for scalar type"); + + Ty = LLT::scalar(ScalarSize); lex(); return false; } else if (Token.range().front() == 'p') { const DataLayout &DL = MF.getDataLayout(); - unsigned AS = APSInt(Token.range().drop_front()).getZExtValue(); + uint64_t AS = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyAddrSpace(AS)) + return error("invalid address space number"); + Ty = LLT::pointer(AS, DL.getPointerSizeInBits(AS)); lex(); return false; @@ -1368,6 +1388,9 @@ bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { if (Token.isNot(MIToken::IntegerLiteral)) return error(Loc, "expected or for vector type"); uint64_t NumElements = Token.integerValue().getZExtValue(); + if (!verifyVectorElementCount(NumElements)) + return error("invalid number of vector elements"); + lex(); if (Token.isNot(MIToken::Identifier) || Token.stringValue() != "x") @@ -1380,11 +1403,17 @@ bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { if (SizeStr.size() == 0 || !llvm::all_of(SizeStr, isdigit)) return error("expected integers after 's'/'p' type character"); - if (Token.range().front() == 's') - Ty = LLT::scalar(APSInt(Token.range().drop_front()).getZExtValue()); - else if (Token.range().front() == 'p') { + if (Token.range().front() == 's') { + auto ScalarSize = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyScalarSize(ScalarSize)) + return error("invalid size for scalar type"); + Ty = LLT::scalar(ScalarSize); + } else if (Token.range().front() == 'p') { const DataLayout &DL = MF.getDataLayout(); - unsigned AS = APSInt(Token.range().drop_front()).getZExtValue(); + uint64_t AS = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyAddrSpace(AS)) + return error("invalid address space number"); + Ty = LLT::pointer(AS, DL.getPointerSizeInBits(AS)); } else return error(Loc, "expected or for vector type"); diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir new file mode 100644 index 0000000..e8a102e --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir @@ -0,0 +1,12 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s + +# When a low-level type pointer has an address space greater than supported, and make sure an implicit truncate to 32-bits doesn't happen. + +--- +name: test_address_space_number_too_big64 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid address space number + %0:_(p17179869185) = G_IMPLICIT_DEF +... diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir new file mode 100644 index 0000000..d66dd10 --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type is 0 bits +--- +name: test_scalar_size_0 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid size for scalar type + %0:_(s0) = G_IMPLICIT_DEF +... diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir new file mode 100644 index 0000000..79f0d55 --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type is larger than supported +--- +name: test_scalar_size_65536 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid size for scalar type + %0:_(s65536) = G_IMPLICIT_DEF +... diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir new file mode 100644 index 0000000..6985687 --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type vector has a 0-bit element +--- +name: test_vector_element_size_0 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:15: invalid size for scalar type + %0:_(<2 x s0>) = G_IMPLICIT_DEF +... diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir new file mode 100644 index 0000000..9d07464 --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type vector has 0 elements +--- +name: test_vector_0_elements +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:11: invalid number of vector elements + %0:_(<0 x s1>) = G_IMPLICIT_DEF +... diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir new file mode 100644 index 0000000..1b93834 --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type vector has more elements than supported +--- +name: test_vector_too_many_elements +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:11: invalid number of vector elements + %0:_(<65536 x s1>) = G_IMPLICIT_DEF +... diff --git a/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir new file mode 100644 index 0000000..f421238 --- /dev/null +++ b/llvm/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type pointer has an address space greater than supported. +--- +name: test_address_space_number_too_big +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid address space number + %0:_(p16777216) = G_IMPLICIT_DEF +...