From ab8dc6c3bd73b838ad17ef08b853fcaba47031b5 Mon Sep 17 00:00:00 2001 From: Matt Arsenault Date: Mon, 4 Feb 2019 22:59:56 +0000 Subject: [PATCH] MIR: Validate LLT types when parsing git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@353107 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/CodeGen/MIRParser/MIParser.cpp | 41 ++++++++++++++++--- .../parse-low-level-type-invalid10.mir | 12 ++++++ .../AArch64/parse-low-level-type-invalid4.mir | 10 +++++ .../AArch64/parse-low-level-type-invalid5.mir | 10 +++++ .../AArch64/parse-low-level-type-invalid6.mir | 10 +++++ .../AArch64/parse-low-level-type-invalid7.mir | 10 +++++ .../AArch64/parse-low-level-type-invalid8.mir | 10 +++++ .../AArch64/parse-low-level-type-invalid9.mir | 10 +++++ 8 files changed, 107 insertions(+), 6 deletions(-) create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir create mode 100644 test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir diff --git a/lib/CodeGen/MIRParser/MIParser.cpp b/lib/CodeGen/MIRParser/MIParser.cpp index c5db9cc6c2e..2ee4f782597 100644 --- a/lib/CodeGen/MIRParser/MIParser.cpp +++ b/lib/CodeGen/MIRParser/MIParser.cpp @@ -1340,6 +1340,19 @@ bool MIParser::parseIRConstant(StringRef::iterator Loc, const Constant *&C) { return false; } +// See LLT implemntation for bit size limits. +static bool verifyScalarSize(uint64_t Size) { + return Size != 0 && isUInt<16>(Size); +} + +static bool verifyVectorElementCount(uint64_t NumElts) { + return NumElts != 0 && isUInt<16>(NumElts); +} + +static bool verifyAddrSpace(uint64_t AddrSpace) { + return isUInt<24>(AddrSpace); +} + bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { if (Token.range().front() == 's' || Token.range().front() == 'p') { StringRef SizeStr = Token.range().drop_front(); @@ -1348,12 +1361,19 @@ bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { } if (Token.range().front() == 's') { - Ty = LLT::scalar(APSInt(Token.range().drop_front()).getZExtValue()); + auto ScalarSize = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyScalarSize(ScalarSize)) + return error("invalid size for scalar type"); + + Ty = LLT::scalar(ScalarSize); lex(); return false; } else if (Token.range().front() == 'p') { const DataLayout &DL = MF.getDataLayout(); - unsigned AS = APSInt(Token.range().drop_front()).getZExtValue(); + uint64_t AS = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyAddrSpace(AS)) + return error("invalid address space number"); + Ty = LLT::pointer(AS, DL.getPointerSizeInBits(AS)); lex(); return false; @@ -1368,6 +1388,9 @@ bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { if (Token.isNot(MIToken::IntegerLiteral)) return error(Loc, "expected or for vector type"); uint64_t NumElements = Token.integerValue().getZExtValue(); + if (!verifyVectorElementCount(NumElements)) + return error("invalid number of vector elements"); + lex(); if (Token.isNot(MIToken::Identifier) || Token.stringValue() != "x") @@ -1380,11 +1403,17 @@ bool MIParser::parseLowLevelType(StringRef::iterator Loc, LLT &Ty) { if (SizeStr.size() == 0 || !llvm::all_of(SizeStr, isdigit)) return error("expected integers after 's'/'p' type character"); - if (Token.range().front() == 's') - Ty = LLT::scalar(APSInt(Token.range().drop_front()).getZExtValue()); - else if (Token.range().front() == 'p') { + if (Token.range().front() == 's') { + auto ScalarSize = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyScalarSize(ScalarSize)) + return error("invalid size for scalar type"); + Ty = LLT::scalar(ScalarSize); + } else if (Token.range().front() == 'p') { const DataLayout &DL = MF.getDataLayout(); - unsigned AS = APSInt(Token.range().drop_front()).getZExtValue(); + uint64_t AS = APSInt(Token.range().drop_front()).getZExtValue(); + if (!verifyAddrSpace(AS)) + return error("invalid address space number"); + Ty = LLT::pointer(AS, DL.getPointerSizeInBits(AS)); } else return error(Loc, "expected or for vector type"); diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir new file mode 100644 index 00000000000..e8a102ef2cd --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid10.mir @@ -0,0 +1,12 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s + +# When a low-level type pointer has an address space greater than supported, and make sure an implicit truncate to 32-bits doesn't happen. + +--- +name: test_address_space_number_too_big64 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid address space number + %0:_(p17179869185) = G_IMPLICIT_DEF +... diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir new file mode 100644 index 00000000000..d66dd104486 --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid4.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type is 0 bits +--- +name: test_scalar_size_0 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid size for scalar type + %0:_(s0) = G_IMPLICIT_DEF +... diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir new file mode 100644 index 00000000000..79f0d554c12 --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid5.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type is larger than supported +--- +name: test_scalar_size_65536 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid size for scalar type + %0:_(s65536) = G_IMPLICIT_DEF +... diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir new file mode 100644 index 00000000000..698568701fb --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid6.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type vector has a 0-bit element +--- +name: test_vector_element_size_0 +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:15: invalid size for scalar type + %0:_(<2 x s0>) = G_IMPLICIT_DEF +... diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir new file mode 100644 index 00000000000..9d074648b7e --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid7.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type vector has 0 elements +--- +name: test_vector_0_elements +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:11: invalid number of vector elements + %0:_(<0 x s1>) = G_IMPLICIT_DEF +... diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir new file mode 100644 index 00000000000..1b938344040 --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid8.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type vector has more elements than supported +--- +name: test_vector_too_many_elements +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:11: invalid number of vector elements + %0:_(<65536 x s1>) = G_IMPLICIT_DEF +... diff --git a/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir new file mode 100644 index 00000000000..f4212382801 --- /dev/null +++ b/test/CodeGen/MIR/AArch64/parse-low-level-type-invalid9.mir @@ -0,0 +1,10 @@ +# RUN: not llc -mtriple=aarch64-- -run-pass none -o /dev/null %s 2>&1 | FileCheck %s +# When a low-level type pointer has an address space greater than supported. +--- +name: test_address_space_number_too_big +body: | + bb.0: + liveins: $x0 + ; CHECK: [[@LINE+1]]:10: invalid address space number + %0:_(p16777216) = G_IMPLICIT_DEF +... -- 2.50.1