Index: lib/Bitcode/Reader/BitcodeReader.cpp
===================================================================
--- lib/Bitcode/Reader/BitcodeReader.cpp
+++ lib/Bitcode/Reader/BitcodeReader.cpp
@@ -1701,8 +1701,10 @@
         if (Ty->isMetadataTy())
           Elts.push_back(MDValueList.getValueFwdRef(Record[i+1]));
         else if (!Ty->isVoidTy()) {
-          auto *MD =
-              ValueAsMetadata::get(ValueList.getValueFwdRef(Record[i + 1], Ty));
+          Value *Val = ValueList.getValueFwdRef(Record[i + 1], Ty);
+          if (Val == nullptr)
+            return error("Invalid record");
+          auto *MD = ValueAsMetadata::get(Val);
           assert(isa<ConstantAsMetadata>(MD) &&
                  "Expected non-function-local metadata");
           Elts.push_back(MD);
@@ -1720,9 +1722,10 @@
       if (Ty->isMetadataTy() || Ty->isVoidTy())
         return error("Invalid record");
 
-      MDValueList.assignValue(
-          ValueAsMetadata::get(ValueList.getValueFwdRef(Record[1], Ty)),
-          NextMDValueNo++);
+      Value *Val = ValueList.getValueFwdRef(Record[1], Ty);
+      if (Val == nullptr)
+        return error("Invalid record");
+      MDValueList.assignValue(ValueAsMetadata::get(Val), NextMDValueNo++);
       break;
     }
     case bitc::METADATA_DISTINCT_NODE:
Index: test/Bitcode/invalid.test
===================================================================
--- test/Bitcode/invalid.test
+++ test/Bitcode/invalid.test
@@ -202,3 +202,8 @@
 RUN:   FileCheck --check-prefix=ALIAS-TYPE-MISMATCH %s
 
 ALIAS-TYPE-MISMATCH: Alias and aliasee types don't match
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-meta-old-node-ref.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=BAD-META-OLD-NODE-REF %s
+
+BAD-META-OLD-NODE-REF: Invalid record