<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/56174>56174</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            Memory Corruptions in Clang frontend
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          elManto
      </td>
    </tr>
</table>

<pre>
    I found some ASAN violations in the clang frontend. The easiest way to reproduce is:

git checkout 6ab1ed43f5ebef581c 
cmake ../llvm -G 'Unix Makefiles' -DCMAKE_C_COMPILER=clang-14 -DCMAKE_CXX_COMPILER=clang++-14     -LLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address '-DLLVM_ENABLE_PROJECTS=llvm;clang;clang-tools-extra'   -DCMAKE_BUILD_TYPE=Release -DLLVM_TARGETS_TO_BUILD:STRING=Hexagon 
make clang-fuzzer
./clang-fuzzer path/to/poc (attaching the POCs in this issue)

Here I report a summary of the ASAN violations:

AddressSanitizer: heap-use-after-free on address 0x6060000067c0 at pc 0x55c60bf0231c bp 0x7fffde3200b0 sp 0x7fffde3200a8                                                                                                   READ of size 4 at 0x6060000067c0 thread T0                                                                                                                                                                                                       #0 0x55c60bf0231b in hasInvalidName /local/mnt/workspace/Repositories/llvm-project/clang/include/clang/Sema/ParsedTemplate.h:230:42 

AddressSanitizer: heap-use-after-free on address 0x6060000067c0 at pc 0x55c0663a23c8 bp 0x7ffe80d0ad30 sp 0x7ffe80d0ad28                                                                                                   READ of size 4 at 0x6060000067c0 thread T0                                                                                                                                                                                                       #0 0x55c0663a23c7 in clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, bool&, clang::Parser::TypeCastState, bool, bool*) /local/mnt/workspace/Repositories/llvm-project/clang/lib/Parse/ParseExpr.cpp:1610:21 

AddressSanitizer: heap-use-after-free on address 0x6060000067b8 at pc 0x558ffc503e04 bp 0x7ffebc7a6c50 sp 0x7ffebc7a6c48                                                                                                   READ of size 8 at 0x6060000067b8 thread T0                                                                                                                                                                                                       #0 0x558ffc503e03 in get /local/mnt/workspace/Repositories/llvm-project/clang/include/clang/Sema/Ownership.h:81:41

AddressSanitizer: heap-buffer-overflow on address 0x603000001ee0 at pc 0x55f496ca9ea5 bp 0x7ffde28ff9b0 sp 0x7ffde28ff9a8                                                                                                  READ of size 8 at 0x603000001ee0 thread T0                                                                                                                                                                                                       #0 0x55f496ca9ea4 in getTokenID /local/mnt/workspace/Repositories/llvm-project/clang/include/clang/Basic/IdentifierTable.h:261:62

AddressSanitizer: SEGV on unknown address 0x0000000000a0 (pc 0x561cf29d5c28 bp 0x7fff459b2570 sp 0x7fff459b2540 T0)
The signal is caused by a READ memory access. 
SEGV /local/mnt/workspace/Repositories/llvm-project/clang/lib/Lex/Lexer.cpp:3295:7 in clang::Lexer::Lex(clang::Token&)

For the complete stacktrace and the triggering input, please checkout the attached archive
[crashes.zip](https://github.com/llvm/llvm-project/files/8966308/crashes.zip)



</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJztl0tv4zYQgH-NfCFs0NTD8sEHx3aybvOC7V3s9hJQ1MhiI4sCSeWxv75DSX4k6aItsMlhUcIg5SElDmc-DjmJSp8nS5KpukyJUTsg0_X0mjxIVXArVWmILInNgYiCl1uSaVVaKNMB2aAMuJFgLHnkz8QqoqHSKq0FEGk8f-rRuUe7eistETmIe1VbEvFkCGngZyEkkIXxUJB2lNjxeyCDgcfOi-JhR_oXxGOjz6V8IlfYk8kCDApIfz67mv6-uJvdzW6ubpeXi5XnzxsF-8Pg2Pv165t-j53hz41ypX95-eXq7vN6cYdrXm6Wf-BLN18Wq-nFAl_4tljjt94Mcd-apqkGY5x23YjF9fTscnF3u7r5bTHbrHGMW4Hnn7XTdm3fKlWYPjxZzd1CyEHZs8_Ly_nd5tutm3kFBZoW9rNvpquLxWZ9t7lph6Ft15vV8voCh36CJ75VZWfAxn7tTFn9_TvoVuwMeiolFbc5yqzCqlJofhZza7nIJfrYefv2ZtZ5XmJrTA0eG5869BNoIEvncqUt4cTUux3Xz0RlzfuvIHpFQ2e-NS-llU5Lf0py4FW_NtDnmQXdzzQAwXXxztL0KaIRdSUaCUq4JZVAYRiKiCYZZT5ClFQoGWVZloLPKE0oMS8lPCbvX1aL6dyZweDKSOA0faW7zTXwlGzoByjzEcVjPn3pisShk3OzLB94IdNrjmHF7WkleIHtrrRYPyp9byoukKzzFWJkpFVaug3ebP4-xpI_Qdg9utjKUhR1CieSNexwH53fcm0g3cCuQt5gkCNPqBPWASPvxh2NIp8zX8QH7iCmKeWpf-Suk7D_uXuHcuRu74qR464LuFP8NVzok-cZN3bxVDnPYljCqPeDwW5c8_93WaYem5EE4_axjdzjD17dPFfNNGuLKL59dYpx9GfshUIme_D3rVvYQFQVKjGMhg5_NvyZ-CfxCf5xlomQ-kCDI_6JGPEIpUf8W0nw4fjHr_FH3X9Z_A-u8B3-W7DvGmtvHkvQJpdVE2bjoYuyw39FWVIjEbqvHkBnhXp8jZnfuGoIcBpls2AcCT4GHh4wS4Hhiscnp3sn-YjT_e8pO1H9l6Xs4Imgo2yj7qFczt8HtjPMLAS2yxRKKzMJesOTojvaIwddxP4JuvXi4ouDrC7vS_V4Chs9FE7d3beFLRqKjI3TULDjkZ4F4Thh4ejkKtlKAoo-PtyJXTJk5LbkBV6WieAYUFOSPOO9uAFmBzuFd2MuBM4_6GJyo95POwku4amtYX8G-GwcYvP6TGyGHB5fHoGNS5vj7cVd_1zpNgVUeMECi0vFVOEeUxjM9Dimja7Parndgnb5gyyr2roTr2qzmEPe58a1aQZah2vMNh6gmyc8E5qbHMzgu6y8cI565dZWTeLAzvGHCWReJwNUobPEW4N06eF5PMbrAI2diU6--XJJbd1LJ3469se8Z6UtYHLV-mmmtK6rQ_Y7e5H59mpdTP6zbk0K5ZRDykZBL5-kYeYHfjqi8RjC8QhYOKZRLOKMxniPTmmv4AkUZoKW8Rgr4XGfhTG0Tk9OGGWMRnjXpmxIR4NgFA9pNBz6dCSymHMvoBiuZTFwegyU3vb0pFEpqbcGOwtprDl2cuPoBWimw-_z2uZKT6C44qVVvWbqSaP6XxjpZnU">