From: Filipe Cabecinhas <me@filcab.net>
Date: Thu, 29 Oct 2015 23:37:28 +0000 (+0000)
Subject: Don't assert if materializing before seeing any function bodies
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=b0ed17be63fa9f1af6b5367b65b398d3331845da;p=oota-llvm.git

Don't assert if materializing before seeing any function bodies

This assert was reachable from user input. A minimized test case (no
FUNCTION_BLOCK_ID record) is attached.

Bug found with afl-fuzz

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251667 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Bitcode/Reader/BitcodeReader.cpp b/lib/Bitcode/Reader/BitcodeReader.cpp
index e23f8176330..d2cbe9e85a4 100644
--- a/lib/Bitcode/Reader/BitcodeReader.cpp
+++ b/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -3054,7 +3054,9 @@ std::error_code BitcodeReader::rememberAndSkipFunctionBodies() {
 
   if (Stream.AtEndOfStream()) return error("Could not find function in stream");
 
-  assert(SeenFirstFunctionBody);
+  if (!SeenFirstFunctionBody)
+    return error("Trying to materialize functions before seeing function blocks");
+
   // An old bitcode file with the symbol table at the end would have
   // finished the parse greedily.
   assert(SeenValueSymbolTable);
diff --git a/test/Bitcode/Inputs/invalid-no-function-block.bc b/test/Bitcode/Inputs/invalid-no-function-block.bc
new file mode 100644
index 00000000000..52b65588e4a
Binary files /dev/null and b/test/Bitcode/Inputs/invalid-no-function-block.bc differ
diff --git a/test/Bitcode/invalid.test b/test/Bitcode/invalid.test
index 69104046df2..24ccd8bccd5 100644
--- a/test/Bitcode/invalid.test
+++ b/test/Bitcode/invalid.test
@@ -207,3 +207,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-alias-type-mismatch.bc 2>&1
 RUN:   FileCheck --check-prefix=ALIAS-TYPE-MISMATCH %s
 
 ALIAS-TYPE-MISMATCH: Alias and aliasee types don't match
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-no-function-block.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=NO-FUNCTION-BLOCK %s
+
+NO-FUNCTION-BLOCK: Trying to materialize functions before seeing function blocks