Turn an assert into report_fatal_error since it's reachable based on user input

Bug found with AFL fuzz.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@236076 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Bitcode/Reader/BitstreamReader.cpp b/lib/Bitcode/Reader/BitstreamReader.cpp
index 2f34532ae9357f7ec391a130cdcc6440515a10c5..dff6d181486a5320fa1f34a8fea063ed73036b24 100644 (file)
--- a/lib/Bitcode/Reader/BitstreamReader.cpp
+++ b/lib/Bitcode/Reader/BitstreamReader.cpp
@@ -199,7 +199,8 @@ unsigned BitstreamCursor::readRecord(unsigned AbbrevID,
       unsigned NumElts = ReadVBR(6);
 
       // Get the element encoding.
-      assert(i+2 == e && "array op not second to last?");
+      if (i+2 != e)
+       report_fatal_error("Array op not second to last");
       const BitCodeAbbrevOp &EltEnc = Abbv->getOperandInfo(++i);
       if (EltEnc.getEncoding() == BitCodeAbbrevOp::Array ||
           EltEnc.getEncoding() == BitCodeAbbrevOp::Blob)

diff --git a/test/Bitcode/Inputs/invalid-array-op-not-2nd-to-last.bc b/test/Bitcode/Inputs/invalid-array-op-not-2nd-to-last.bc
new file mode 100644 (file)
index 0000000..a4b94f8
Binary files /dev/null and b/test/Bitcode/Inputs/invalid-array-op-not-2nd-to-last.bc differ

diff --git a/test/Bitcode/invalid.test b/test/Bitcode/invalid.test
index 6dfab58375e8ddd081affed1e60ed13975737d24..41173d17e5df76a471238428c20f04a0a01454b7 100644 (file)
--- a/test/Bitcode/invalid.test
+++ b/test/Bitcode/invalid.test
@@ -105,3 +105,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-vector-element-type.bc 2>&1
 RUN:   FileCheck --check-prefix=ELEMENT-TYPE %s
 
 ELEMENT-TYPE: Invalid type
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-op-not-2nd-to-last.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=ARRAY-NOT-2LAST %s
+
+ARRAY-NOT-2LAST: Array op not second to last