<html>
    <head>
      <base href="https://bugs.llvm.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Assertion failure in clang::ento::CXXInstanceCall::getInitialStackFrameContents"
   href="https://bugs.llvm.org/show_bug.cgi?id=36408">36408</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>Assertion failure in clang::ento::CXXInstanceCall::getInitialStackFrameContents
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>clang
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>PC
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>enhancement
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>Static Analyzer
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>dcoughlin@apple.com
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>alexfh@google.com
          </td>
        </tr>

        <tr>
          <th>CC</th>
          <td>ekarpenkov@apple.com, llvm-bugs@lists.llvm.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>$ cat test-CXXInstanceCall__getInitialStackFrameContents.cc
void *operator new(unsigned long, void *);
class a;
class b {
 public:
  a *operator->() {
    a *c = reinterpret_cast<a *>(&d);
    return c;
  }
  template <class e>
  void f() {
    new (&d) e;
  }
  int d;
};
class a {
 public:
  virtual char *g();
};
class j : a {
  char *g() {}
};
void h() {
  b i;
  i.f<j>();
  i->g();
}
$ clang-tidy -checks=-*,clang-analyzer*
test-CXXInstanceCall__getInitialStackFrameContents.cc -- -std=c++11
assert.h assertion failed at
llvm/tools/clang/lib/StaticAnalyzer/Core/CallEvent.cpp:590 in virtual void
clang::ento::CXXInstanceCall::getInitialStackFrameContents(const
clang::StackFrameContext *, clang::ento::CallEvent::BindingsTy &) const:
!Failed && "Calling an incorrectly devirtualized method"
    @     0x559e50d78806  __assert_fail
    @     0x559e4f84fada 
clang::ento::CXXInstanceCall::getInitialStackFrameContents()
    @     0x559e4f7d8b62  clang::ento::StoreManager::enterStackFrame()
    @     0x559e4f821464  clang::ento::ProgramState::enterStackFrame()
    @     0x559e4f8a143f  clang::ento::ExprEngine::inlineCall()
    @     0x559e4f8a2e7b  clang::ento::ExprEngine::defaultEvalCall()
    @     0x559e4f8642d7  clang::ento::CheckerManager::runCheckersForEvalCall()
    @     0x559e4f8a1b03  clang::ento::ExprEngine::evalCall()
    @     0x559e4f8a1892  clang::ento::ExprEngine::VisitCallExpr()
    @     0x559e4f8712ca  clang::ento::ExprEngine::Visit()
    @     0x559e4f86d79e  clang::ento::ExprEngine::ProcessStmt()
    @     0x559e4f86d49b  clang::ento::ExprEngine::processCFGElement()
    @     0x559e4f88e625  clang::ento::CoreEngine::HandlePostStmt()
    @     0x559e4f88d8dd  clang::ento::CoreEngine::ExecuteWorkList()
    @     0x559e4e8b8dc3  (anonymous
namespace)::AnalysisConsumer::ActionExprEngine()</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are on the CC list for the bug.</li>
      </ul>
    </body>
</html>