[llvm] r230934 - Fix a crash in the LL parser where it failed to validate that the pointer operand of a GEP was valid.

[Owen Anderson]

Author: resistor
Date: Sun Mar  1 23:25:06 2015
New Revision: 230934

URL: http://llvm.org/viewvc/llvm-project?rev=230934&view=rev
Log:
Fix a crash in the LL parser where it failed to validate that the pointer operand of a GEP was valid.

This manifested as an assertion failure in +Asserts builds, and a hard crash in -Asserts builds.  Found by fuzzing the LL parser.

Added:
    llvm/trunk/test/Assembler/getelementptr_invalid_ptr.ll
Modified:
    llvm/trunk/lib/AsmParser/LLParser.cpp

Modified: llvm/trunk/lib/AsmParser/LLParser.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/AsmParser/LLParser.cpp?rev=230934&r1=230933&r2=230934&view=diff
==============================================================================
--- llvm/trunk/lib/AsmParser/LLParser.cpp (original)
+++ llvm/trunk/lib/AsmParser/LLParser.cpp Sun Mar  1 23:25:06 2015
@@ -5458,6 +5458,8 @@ int LLParser::ParseGetElementPtr(Instruc
     return true;
 
   Type *PtrTy = Ptr->getType();
+  if (!isa<SequentialType>(PtrTy))
+    return Error(Loc, "pointer type is not valid");
   if (VectorType *VT = dyn_cast<VectorType>(PtrTy))
     PtrTy = VT->getElementType();
   if (Ty != cast<SequentialType>(PtrTy)->getElementType())

Added: llvm/trunk/test/Assembler/getelementptr_invalid_ptr.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Assembler/getelementptr_invalid_ptr.ll?rev=230934&view=auto
==============================================================================
--- llvm/trunk/test/Assembler/getelementptr_invalid_ptr.ll (added)
+++ llvm/trunk/test/Assembler/getelementptr_invalid_ptr.ll Sun Mar  1 23:25:06 2015
@@ -0,0 +1,11 @@
+; RUN: not llvm-as < %s >/dev/null 2> %t
+; RUN: FileCheck %s < %t
+; Test the case of an invalid pointer type on a GEP
+
+; CHECK: pointer type is not valid
+
+define i32* @foo(i32 %a) {
+  %gep = getelementptr i32, i32 %a, i32 1
+  return i32* %gep
+}
+