From ecc65eddec743b14ec129b0e76dc2184e418259e Mon Sep 17 00:00:00 2001 From: Ana Pazos <apazos@codeaurora.org> Date: Fri, 24 Aug 2018 23:47:49 +0000 Subject: [PATCH] [RISCV] Fixed Assertion`Kind == Immediate && "Invalid type access!"' failed. Summary: Missing check for isImm() in some Immediate classes. This bug was uncovered by a LLVM MC Assembler Protocol Buffer Fuzzer for the RISC-V assembly language. Reviewers: hiraditya, asb Reviewed By: hiraditya, asb Subscribers: llvm-commits, hiraditya, kito-cheng, shiva0217, rkruppe, asb, rbar, johnrusso, simoncook, sabuasal, niosHD, zzheng, edward-jones, mgrang, rogfer01, MartinMosbeck, brucehoult, the_o, PkmX, jocewei Differential Revision: https://reviews.llvm.org/D50797 llvm-svn: 340674 --- .../Target/RISCV/AsmParser/RISCVAsmParser.cpp | 18 ++++++++++++++++++ llvm/test/MC/RISCV/rv32c-fuzzed-invalid.s | 17 +++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 llvm/test/MC/RISCV/rv32c-fuzzed-invalid.s diff --git a/llvm/lib/Target/RISCV/AsmParser/RISCVAsmParser.cpp b/llvm/lib/Target/RISCV/AsmParser/RISCVAsmParser.cpp index 3a5257206bf9..831dcbce71b8 100644 --- a/llvm/lib/Target/RISCV/AsmParser/RISCVAsmParser.cpp +++ b/llvm/lib/Target/RISCV/AsmParser/RISCVAsmParser.cpp @@ -322,6 +322,8 @@ public: } bool isSImm6() const { + if (!isImm()) + return false; RISCVMCExpr::VariantKind VK; int64_t Imm; bool IsValid; @@ -335,6 +337,8 @@ public: } bool isSImm6NonZero() const { + if (!isImm()) + return false; RISCVMCExpr::VariantKind VK; int64_t Imm; bool IsValid; @@ -348,6 +352,8 @@ public: } bool isCLUIImm() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); @@ -357,6 +363,8 @@ public: } bool isUImm7Lsb00() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); @@ -365,6 +373,8 @@ public: } bool isUImm8Lsb00() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); @@ -373,6 +383,8 @@ public: } bool isUImm8Lsb000() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); @@ -383,6 +395,8 @@ public: bool isSImm9Lsb0() const { return isBareSimmNLsb0<9>(); } bool isUImm9Lsb000() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); @@ -391,6 +405,8 @@ public: } bool isUImm10Lsb00NonZero() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); @@ -428,6 +444,8 @@ public: bool isSImm13Lsb0() const { return isBareSimmNLsb0<13>(); } bool isSImm10Lsb0000NonZero() const { + if (!isImm()) + return false; int64_t Imm; RISCVMCExpr::VariantKind VK; bool IsConstantImm = evaluateConstantImm(Imm, VK); diff --git a/llvm/test/MC/RISCV/rv32c-fuzzed-invalid.s b/llvm/test/MC/RISCV/rv32c-fuzzed-invalid.s new file mode 100644 index 000000000000..0fa3b8137a12 --- /dev/null +++ b/llvm/test/MC/RISCV/rv32c-fuzzed-invalid.s @@ -0,0 +1,17 @@ +# REQUIRES: asserts +# RUN: not llvm-mc -triple riscv32 -mattr=+c,+f,+d < %s 2>&1 | FileCheck %s +# +# Fuzzed test cases produced by a LLVM MC Assembler +# Protocol Buffer Fuzzer for the RISC-V assembly language. +# + +c.addi x13,f30,0 # CHECK: error: immediate must be non-zero in the range [-32, 31] +c.swsp x0,(f14) # CHECK: error: immediate must be a multiple of 4 bytes in the range [0, 252] +c.lui x4,x0 # CHECK: error: immediate must be in [0xfffe0, 0xfffff] or [1, 31] +c.li x6,x6,x0,x0 # CHECK: error: immediate must be an integer in the range [-32, 31] +c.addi16sp 2,(x0) # CHECK: error: invalid operand for instruction +c.fsdsp f9,x0,0 # CHECK: error: immediate must be a multiple of 8 bytes in the range [0, 504] +c.flw f15,x14,x0 # CHECK: error: immediate must be a multiple of 4 bytes in the range [0, 124] +c.fld f8,f30,x17 # CHECK: error: immediate must be a multiple of 8 bytes in the range [0, 248] +c.addi4spn x8,x2,x8 # CHECK: error: immediate must be a multiple of 4 bytes in the range [4, 1020] +