This is a problem that surfaced in IWYU recently.
I'm pretty sure it's difficult to provoke it in the compiler proper, since CastExpr::getConversionFunction is only called in a single place, for diagnostics. Tools built on Clang tooling and the recursive AST visitor can fall victim to it, however.
I have only been able to reproduce it on plain source code (not preprocessed), and only in conjunction with the fmt library (https://github.com/fmtlib/fmt). Attached is a minimal RAV tool and instructions to reproduce.
What makes me think this is somewhat critical is that CastExpr::getConversionFunction returns an AccessSpecDecl in this scenario, which breaks all sorts of AST and LLVM RTTI invariants. I suspect we're looking at garbage data for some reason. I have tried building ubsan+asan-instrumented LLVM/Clang, but without being able to track anything down.
Repro project: ravrepro.tar.gz.
Thankful for any ideas, let me know if I can add more information.
References:
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4