Index: llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
===================================================================
--- llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
+++ llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -4165,6 +4165,10 @@
           popValue(Record, OpNum, NextValueNo, LHS->getType(), RHS))
         return error("Invalid record");
 
+      if (OpNum >= Record.size())
+        return error(
+            "Invalid record: operand number exceeded available operands");
+
       unsigned PredVal = Record[OpNum];
       bool IsFP = LHS->getType()->isFPOrFPVectorTy();
       FastMathFlags FMF;
Index: llvm/trunk/test/Bitcode/invalid.test
===================================================================
--- llvm/trunk/test/Bitcode/invalid.test
+++ llvm/trunk/test/Bitcode/invalid.test
@@ -235,3 +235,8 @@
 RUN:   FileCheck --check-prefix=NONPOINTER-ATOMICRMW %s
 
 NONPOINTER-ATOMICRMW: Invalid record
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-fcmp-opnum.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-FCMP-OPNUM %s
+
+INVALID-FCMP-OPNUM: Invalid record: operand number exceeded available operands