clang CRASH parsing c++11 literal operator

Heads up!
Its easy to crash clang 3.2 with this input:

template<...>
int operator"" _b();
int main() { return 0_b; }

Output:

user-defined-literals-crash.cc:1:13: error: expected template parameter
template<...>
            ^
user-defined-literals-crash.cc:2:5: error: no function template matches
function template specialization 'operator "" _b'
int operator"" _b();
    ^
0 clang 0x00000000019ede2f
1 clang 0x00000000019ee2182 libpthread.so.0 0x00007f9266cfc030
3 clang 0x0000000000a8ab27
clang::Sema::LookupLiteralOperator(clang::Scope*, clang::LookupResult&,
llvm::ArrayRef<clang::QualType>, bool) + 151
4 clang 0x0000000000a02953
clang::Sema::ActOnNumericConstant(clang::Token const&, clang::Scope*) + 851
5 clang 0x00000000008c61f3
clang::Parser::ParseCastExpression(bool, bool, bool&,
clang::Parser::TypeCastState) + 259
6 clang 0x00000000008c3876
clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) + 118
7 clang 0x00000000008c37ec
clang::Parser::ParseExpression(clang::Parser::TypeCastState) + 12
8 clang 0x00000000008ef3dc
clang::Parser::ParseReturnStatement() + 412
9 clang 0x00000000008eafa2
clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*,
32u>&, bool, clang::SourceLocation*,
clang::Parser::ParsedAttributesWithRange&) + 1618
10 clang 0x00000000008ea8ea
clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*,
32u>&, bool, clang::SourceLocation*) + 154
11 clang 0x00000000008f0b59
clang::Parser::ParseCompoundStatementBody(bool) + 569
12 clang 0x00000000008f2951
clang::Parser::ParseFunctionStatementBody(clang::Decl*,
clang::Parser::ParseScope&) + 161
13 clang 0x000000000089cc88
clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&,
clang::Parser::ParsedTemplateInfo const&,
clang::Parser::LateParsedAttrList*) + 2440
14 clang 0x00000000008a9002
clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, unsigned int,
bool, clang::SourceLocation*, clang::Parser::ForRangeInit*) + 1442
15 clang 0x000000000089c2ef
clang::Parser::ParseDeclOrFunctionDefInternal(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec&, clang::AccessSpecifier) + 831
16 clang 0x000000000089bd61
clang::Parser::ParseDeclarationOrFunctionDefinition(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec*, clang::AccessSpecifier) + 241
17 clang 0x000000000089b485
clang::Parser::ParseExternalDeclaration(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec*) + 2357
18 clang 0x000000000089aaca
clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&)
+ 314
19 clang 0x0000000000897bc6 clang::ParseAST(clang::Sema&,
bool, bool) + 326
20 clang 0x0000000000795694
clang::CodeGenAction::ExecuteAction() + 996
21 clang 0x0000000000664823 clang::FrontendAction::Execute() + 83
22 clang 0x000000000064ae3d
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 909
23 clang 0x0000000000634842
clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 3602
24 clang 0x000000000062c53b cc1_main(char const**, char
const**, char const*, void*) + 795
25 clang 0x00000000006308c8 main + 696
26 libc.so.6 0x00007f9265dd1ead __libc_start_main + 253
27 clang 0x000000000062c159
Stack dump:
0. Program arguments: /opt/bin/clang -cc1 -triple
x86_64-unknown-linux-gnu -emit-obj -mrelax-all -disable-free
-disable-llvm-verifier -main-file-name user-defined-literals-crash.cc
-mrelocation-model static -mdisable-fp-elim -fmath-errno -masm-verbose
-mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu
x86-64 -target-linker-version 2.22 -momit-leaf-frame-pointer
-resource-dir /opt/bin/../lib/clang/3.2 -fmodule-cache-path
/var/tmp/clang-module-cache -internal-isystem
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../include/c++/4.7
-internal-isystem
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../include/c++/4.7/x86_64-linux-gnu
-internal-isystem
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../include/c++/4.7/backward
-internal-isystem /usr/local/include -internal-isystem
/opt/bin/../lib/clang/3.2/include -internal-externc-isystem
/usr/include/x86_64-linux-gnu -internal-externc-isystem /include
-internal-externc-isystem /usr/include -std=c++11 -fdeprecated-macro
-fdebug-compilation-dir /home/kal/devel/user-defined-literals
-ferror-limit 19 -fmessage-length 190 -mstackrealign -fobjc-runtime=gcc
-fcxx-exceptions -fexceptions -fdiagnostics-show-option
-fcolor-diagnostics -o /tmp/user-defined-literals-crash-jccQn7.o -x c++
user-defined-literals-crash.cc
1. user-defined-literals-crash.cc:3:21: current parser token '0_b'
2. user-defined-literals-crash.cc:3:12: parsing function body 'main'
3. user-defined-literals-crash.cc:3:12: in compound statement ('{}')
clang: error: unable to execute command: Segmentation fault
clang: error: clang frontend command failed due to signal (use -v to see
invocation)
clang version 3.2 (tags/RELEASE_32/final 170703)
Target: x86_64-unknown-linux-gnu
Thread model: posix
clang: note: diagnostic msg: PLEASE submit a bug report to
http://llvm.org/bugs/ and include the crash backtrace, preprocessed
source, and associated run script.
clang: note: diagnostic msg:

Heads up!
Its easy to crash clang 3.2 with this input:

template<…>
int operator"" _b();
int main() { return 0_b; }

Output:

user-defined-literals-crash.cc:1:13: error: expected template parameter
template<…>
^
user-defined-literals-crash.cc:2:5: error: no function template matches
function template specialization ‘operator “” _b’
int operator"" _b();
^
0 clang 0x00000000019ede2f
1 clang 0x00000000019ee2182 libpthread.so.0 0x00007f9266cfc030
3 clang 0x0000000000a8ab27
clang::Sema::LookupLiteralOperator(clang::Scope*, clang::LookupResult&,
llvm::ArrayRefclang::QualType, bool) + 151
4 clang 0x0000000000a02953
clang::Sema::ActOnNumericConstant(clang::Token const&, clang::Scope*) + 851
5 clang 0x00000000008c61f3
clang::Parser::ParseCastExpression(bool, bool, bool&,
clang::Parser::TypeCastState) + 259
6 clang 0x00000000008c3876
clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) + 118
7 clang 0x00000000008c37ec
clang::Parser::ParseExpression(clang::Parser::TypeCastState) + 12
8 clang 0x00000000008ef3dc
clang::Parser::ParseReturnStatement() + 412
9 clang 0x00000000008eafa2
clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*,
32u>&, bool, clang::SourceLocation*,
clang::Parser::ParsedAttributesWithRange&) + 1618
10 clang 0x00000000008ea8ea
clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*,
32u>&, bool, clang::SourceLocation*) + 154
11 clang 0x00000000008f0b59
clang::Parser::ParseCompoundStatementBody(bool) + 569
12 clang 0x00000000008f2951
clang::Parser::ParseFunctionStatementBody(clang::Decl*,
clang::Parser::ParseScope&) + 161
13 clang 0x000000000089cc88
clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&,
clang::Parser::ParsedTemplateInfo const&,
clang::Parser::LateParsedAttrList*) + 2440
14 clang 0x00000000008a9002
clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, unsigned int,
bool, clang::SourceLocation*, clang::Parser::ForRangeInit*) + 1442
15 clang 0x000000000089c2ef
clang::Parser::ParseDeclOrFunctionDefInternal(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec&, clang::AccessSpecifier) + 831
16 clang 0x000000000089bd61
clang::Parser::ParseDeclarationOrFunctionDefinition(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec*, clang::AccessSpecifier) + 241
17 clang 0x000000000089b485
clang::Parser::ParseExternalDeclaration(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec*) + 2357
18 clang 0x000000000089aaca
clang::Parser::ParseTopLevelDecl(clang::OpaquePtrclang::DeclGroupRef&)

  • 314
    19 clang 0x0000000000897bc6 clang::ParseAST(clang::Sema&,
    bool, bool) + 326
    20 clang 0x0000000000795694
    clang::CodeGenAction::ExecuteAction() + 996
    21 clang 0x0000000000664823 clang::FrontendAction::Execute() + 83
    22 clang 0x000000000064ae3d
    clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 909
    23 clang 0x0000000000634842
    clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 3602
    24 clang 0x000000000062c53b cc1_main(char const**, char
    const**, char const*, void*) + 795
    25 clang 0x00000000006308c8 main + 696
    26 libc.so.6 0x00007f9265dd1ead __libc_start_main + 253
    27 clang 0x000000000062c159
    Stack dump:
  1. Program arguments: /opt/bin/clang -cc1 -triple
    x86_64-unknown-linux-gnu -emit-obj -mrelax-all -disable-free
    -disable-llvm-verifier -main-file-name user-defined-literals-crash.cc
    -mrelocation-model static -mdisable-fp-elim -fmath-errno -masm-verbose
    -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu
    x86-64 -target-linker-version 2.22 -momit-leaf-frame-pointer
    -resource-dir /opt/bin/…/lib/clang/3.2 -fmodule-cache-path
    /var/tmp/clang-module-cache -internal-isystem
    /usr/lib/gcc/x86_64-linux-gnu/4.7/…/…/…/…/include/c++/4.7
    -internal-isystem
    /usr/lib/gcc/x86_64-linux-gnu/4.7/…/…/…/…/include/c++/4.7/x86_64-linux-gnu
    -internal-isystem
    /usr/lib/gcc/x86_64-linux-gnu/4.7/…/…/…/…/include/c++/4.7/backward
    -internal-isystem /usr/local/include -internal-isystem
    /opt/bin/…/lib/clang/3.2/include -internal-externc-isystem
    /usr/include/x86_64-linux-gnu -internal-externc-isystem /include
    -internal-externc-isystem /usr/include -std=c++11 -fdeprecated-macro
    -fdebug-compilation-dir /home/kal/devel/user-defined-literals
    -ferror-limit 19 -fmessage-length 190 -mstackrealign -fobjc-runtime=gcc
    -fcxx-exceptions -fexceptions -fdiagnostics-show-option
    -fcolor-diagnostics -o /tmp/user-defined-literals-crash-jccQn7.o -x c++
    user-defined-literals-crash.cc
  2. user-defined-literals-crash.cc:3:21: current parser token ‘0_b’
  3. user-defined-literals-crash.cc:3:12: parsing function body ‘main’
  4. user-defined-literals-crash.cc:3:12: in compound statement (‘{}’)
    clang: error: unable to execute command: Segmentation fault
    clang: error: clang frontend command failed due to signal (use -v to see
    invocation)
    clang version 3.2 (tags/RELEASE_32/final 170703)
    Target: x86_64-unknown-linux-gnu
    Thread model: posix
    clang: note: diagnostic msg: PLEASE submit a bug report to
    http://llvm.org/bugs/ and include the crash backtrace, preprocessed
    source, and associated run script.

As per these instructions, please file a bug at llvm.org/bugs