| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Also tagged a FIXME comment, and added information about why it breaks.
Bug found using AFL fuzz.
Reviewers: rafael, craig.topper
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9729
llvm-svn: 237709
|
| |
|
|
|
|
| |
Bug found with AFL fuzz.
llvm-svn: 237650
|
| |
|
|
|
|
| |
Bug found with AFL fuzz.
llvm-svn: 237646
|
| |
|
|
|
|
|
|
| |
the aggregate at those indices
Bug found with AFL-fuzz.
llvm-svn: 237628
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Added isLoadableOrStorableType to PointerType.
We were doing some checks in some places, occasionally assert()ing instead
of telling the caller. With this patch, I'm putting all type checking in
the same place for load/store type instructions, and verifying the same
thing every time.
I also added a check for load/store of a function type.
Applied extracted check to Load, Store, and Cmpxcg.
I don't have exhaustive tests for all of these, but all Error() calls in
TypeCheckLoadStoreInst are being tested (in invalid.test).
Reviewers: dblaikie, rafael
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9785
llvm-svn: 237619
|
| |
|
|
|
|
|
|
| |
This would trigger an assertion later.
Bug found with AFL fuzz.
llvm-svn: 237494
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: Bug found with AFL fuzz.
Reviewers: rafael, dexonsmith
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9361
llvm-svn: 236200
|
| |
|
|
|
|
| |
Bug found with AFL fuzz.
llvm-svn: 236193
|
| |
|
|
|
|
|
|
| |
Make it an error instead.
Bug found with AFL fuzz.
llvm-svn: 236190
|
| |
|
|
|
|
|
|
| |
Same as r236073 but for PointerType.
Bug found with AFL fuzz.
llvm-svn: 236079
|
| |
|
|
|
|
| |
Bug found with AFL fuzz.
llvm-svn: 236076
|
| |
|
|
|
|
|
|
| |
{Array,Struct}Type::get(Type)
Bug found with AFL fuzz.
llvm-svn: 236073
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
We don't seem to need to assert here, since this function's callers expect
to get a nullptr on error. This way we don't assert on user input.
Bug found with AFL fuzz.
Reviewers: rafael
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9308
llvm-svn: 236027
|
| |
|
|
| |
llvm-svn: 235735
|
| |
|
|
|
|
|
|
|
|
| |
insert/extract/shuffle
Added some additional checking for vector types + tests.
Bug found with AFL fuzz.
llvm-svn: 235710
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: Bug found with AFL fuzz.
Reviewers: rafael
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9016
llvm-svn: 235596
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Make sure the abbrev operands are valid and that we can read/skip them
afterwards.
Bug found with AFL fuzz.
Reviewers: rafael
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9030
llvm-svn: 235595
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: Bug found with AFL.
Reviewers: rafael, bkramer
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9015
llvm-svn: 235489
|
| |
|
|
|
|
|
|
|
|
| |
Use an extra bit in the CCInfo to flag the newer version of the
instructiont hat includes the type explicitly.
Tested the newer error cases I added, but didn't add tests for the finer
granularity improvements to existing error paths.
llvm-svn: 235160
|
| |
|
|
|
|
|
| |
This reverts r234984 since it seems to break some bots (most of them
seemed arm*-selfhost).
llvm-svn: 234998
|
| |
|
|
|
|
| |
Also added an assert to ReadVBR64.
llvm-svn: 234984
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Without this check the following case failed:
Skip a SubBlock which is not a MODULE_BLOCK_ID nor a BLOCKINFO_BLOCK_ID
Got to end of file
TheModule would still be == nullptr, and we would subsequentially fail
when materializing the Module (assert at the start of
BitcodeReader::MaterializeModule).
Bug found with AFL.
Reviewers: dexonsmith, rafael
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9014
llvm-svn: 234887
|
| |
|
|
|
|
| |
bitcode
llvm-svn: 232427
|
| |
|
|
|
|
| |
from bitcode
llvm-svn: 232424
|
| |
|
|
|
|
|
|
| |
(turns out I had regressed this when sinking handling of this type down
into GetElementPtrInst::Create - since that asserted before the error
handling was performed)
llvm-svn: 232420
|
| |
|
|
|
|
|
|
|
|
| |
While fuzzing LLVM bitcode files, I discovered that (1) the bitcode reader doesn't check that alignments are no larger than 2**29; (2) downstream code doesn't check the range; and (3) for values out of range, corresponding large memory requests (based on alignment size) will fail. This code fixes the bitcode reader to check for valid alignments, fixing this problem.
This CL fixes alignment value on global variables, functions, and instructions: alloca, load, load atomic, store, store atomic.
Patch by Karl Schimpf (kschimpf@google.com).
llvm-svn: 230180
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
When creating {insert,extract}value instructions from a BitcodeReader, we
weren't verifying the fields were valid.
Bugs found with afl-fuzz
Reviewers: rafael
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7325
llvm-svn: 229345
|
| |
|
|
|
|
|
|
|
| |
Added a test case for it.
Also added run lines for the test case in r227566.
Bugs found with afl-fuzz
llvm-svn: 227589
|
| |
|
|
|
|
| |
Bug found with afl-fuzz
llvm-svn: 227566
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Eventually we can make some of these pass the error along to the caller.
Reports a fatal error if:
We find an invalid abbrev record
We try to get an invalid abbrev number
We can't fill the current word due to an EOF
Fixed an invalid bitcode test to check for output with FileCheck
Bugs found with afl-fuzz
llvm-svn: 226986
|
|
|
user input
llvm-svn: 226248
|
