[clang-format] Crash in LeftRightQualifierAlignmentFixer for trailing return type

[mellery451]

source (main.cpp):

template <class T>
inline auto clamp(bool& saturated, T const v, T const lo, T const hi) -> const T
{
    if (v < lo)
    {
        saturated = true;
        return lo;
    }
    else if (v > hi)
    {
        saturated = true;
        return hi;
    }
    else
    {
        saturated = false;
    }
    return v;
}

config file (format-config):\

Language: Cpp
Standard: c++14
BraceWrapping:
  AfterClass: true
  AfterCaseLabel: true
  AfterControlStatement: true
  AfterEnum: true
  AfterFunction: true
  AfterNamespace: true
  AfterStruct: true
  AfterUnion: true
  BeforeCatch: true
  BeforeElse: true
  IndentBraces: false
BreakBeforeBraces: Custom
QualifierAlignment: Custom
QualifierOrder: ['static', 'inline', 'friend', 'constexpr', 'type', 'const', 'volatile', 'restrict']

cmd:

clang-format --style="file:format-config" main.cpp

crash:

Stack dump:
0.      Program arguments: clang-format --style=file:format-config2 main.cpp
 #0 0x00007fd3ae89d370 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/../lib/libLLVM.so.19.1+0xee0370)
 #1 0x00007fd3ae89a2ce SignalHandler(int) Signals.cpp:0:0
 #2 0x00007fd3ad4cb520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #3 0x00007fd3b7a6bd33 clang::format::LeftRightQualifierAlignmentFixer::analyzeRight(clang::SourceManager const&, clang::format::AdditionalKeywords const&, clang::tooling::Replacements&, clang::format::FormatToken const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, clang::tok::TokenKind) (.cold) QualifierAlignmentFixer.cpp:0:0
 #4 0x00007fd3bac52e12 clang::format::LeftRightQualifierAlignmentFixer::fixQualifierAlignment(llvm::SmallVectorImpl<clang::format::AnnotatedLine*>&, clang::format::FormatTokenLexer&, clang::tooling::Replacements&) (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/../lib/libclang-cpp.so.19.1+0x3d8ae12)
 #5 0x00007fd3bac52e9a clang::format::LeftRightQualifierAlignmentFixer::analyze(clang::format::TokenAnnotator&, llvm::SmallVectorImpl<clang::format::AnnotatedLine*>&, clang::format::FormatTokenLexer&) (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/../lib/libclang-cpp.so.19.1+0x3d8ae9a)
 #6 0x00007fd3bac65305 clang::format::TokenAnalyzer::process(bool) (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/../lib/libclang-cpp.so.19.1+0x3d9d305)
 #7 0x00007fd3bac55156 clang::format::addQualifierAlignmentFixerPasses(clang::format::FormatStyle const&, llvm::SmallVectorImpl<std::function<std::pair<clang::tooling::Replacements, unsigned int> (clang::format::Environment const&)>>&)::'lambda0'(clang::format::Environment const&)::operator()(clang::format::Environment const&) const QualifierAlignmentFixer.cpp:0:0
 #8 0x00007fd3bac55b05 std::_Function_handler<std::pair<clang::tooling::Replacements, unsigned int> (clang::format::Environment const&), clang::format::addQualifierAlignmentFixerPasses(clang::format::FormatStyle const&, llvm::SmallVectorImpl<std::function<std::pair<clang::tooling::Replacements, unsigned int> (clang::format::Environment const&)>>&)::'lambda0'(clang::format::Environment const&)>::_M_invoke(std::_Any_data const&, clang::format::Environment const&) QualifierAlignmentFixer.cpp:0:0
 #9 0x00007fd3bac1f0e6 clang::format::internal::reformat(clang::format::FormatStyle const&, llvm::StringRef, llvm::ArrayRef<clang::tooling::Range>, unsigned int, unsigned int, unsigned int, llvm::StringRef, clang::format::FormattingAttemptStatus*) (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/../lib/libclang-cpp.so.19.1+0x3d570e6)
#10 0x00007fd3bac20fa1 clang::format::reformat(clang::format::FormatStyle const&, llvm::StringRef, llvm::ArrayRef<clang::tooling::Range>, llvm::StringRef, clang::format::FormattingAttemptStatus*) (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/../lib/libclang-cpp.so.19.1+0x3d58fa1)
#11 0x000055956f4ca402 clang::format::format(llvm::StringRef, bool) ClangFormat.cpp:0:0
#12 0x000055956f4c15a0 main (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/clang-format+0xc5a0)
#13 0x00007fd3ad4b2d90 __libc_start_call_main ./csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#14 0x00007fd3ad4b2e40 call_init ./csu/../csu/libc-start.c:128:20
#15 0x00007fd3ad4b2e40 __libc_start_main ./csu/../csu/libc-start.c:379:5
#16 0x000055956f4c2715 _start (/home/linuxbrew/.linuxbrew/Cellar/llvm/19.1.6/bin/clang-format+0xd715)
Segmentation fault (core dumped)

version:

$ clang-format --version
Homebrew clang-format version 19.1.6

..but I have also repro'd with a non-homebrew version as well (v19 still)

seems to be associated with the trailing return type, but I didn't experiment much.