From d1ec11a850843bd7afff1c939b29c9d18527e966 Mon Sep 17 00:00:00 2001
From: Johnny Chen <johnny.chen@apple.com>
Date: Wed, 14 Apr 2010 22:37:17 +0000
Subject: [PATCH] Fixed another assert exposed by fuzzing.  Now, the
 DisassembleVFPLdStMulFrm() function checks whether we have a valid submode
 for VLDM/VSTM (must be either "ia" or "db") before calling
 ARM_AM::getAM5Opc(AMSubMode, unsigned char).

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@101306 91177308-0d34-0410-b5e6-96231b3b80d8
---
 lib/Target/ARM/Disassembler/ARMDisassemblerCore.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/Target/ARM/Disassembler/ARMDisassemblerCore.cpp b/lib/Target/ARM/Disassembler/ARMDisassemblerCore.cpp
index eb9c2cd7a2b..0f3a67db8fa 100644
--- a/lib/Target/ARM/Disassembler/ARMDisassemblerCore.cpp
+++ b/lib/Target/ARM/Disassembler/ARMDisassemblerCore.cpp
@@ -1909,6 +1909,12 @@ static bool DisassembleVFPLdStMulFrm(MCInst &MI, unsigned Opcode, uint32_t insn,
 
   // Next comes the AM5 Opcode.
   ARM_AM::AMSubMode SubMode = getAMSubModeForBits(getPUBits(insn));
+  // Must be either "ia" or "db" submode.
+  if (SubMode != ARM_AM::ia && SubMode != ARM_AM::db) {
+    errs() << "Illegal addressing mode 5 sub-mode!\n";
+    return false;
+  }
+
   unsigned char Imm8 = insn & 0xFF;
   MI.addOperand(MCOperand::CreateImm(ARM_AM::getAM5Opc(SubMode, Imm8)));
 
-- 
2.11.0