chakra-core
Assertion failure in in BackwardPass::ProcessBailOutInfo
the following poc cause a assertion failure in "debug" build on ubuntu.
function v0(v1,v2) {
const v3 = v0 != v0;
try {
const v5 = Object();
do {
} while (v5 > 4);
} finally {
}
const v7 = v0();
}
const v8 = v0();
#0 0x0000555556d3d49a in BackwardPass::ProcessBailOutInfo (this=0x7ff7ef7fbc10, instr=0x7ff7f428dba0, bailOutInfo=0x7ff7f428da80)
at /home/zhunki/workspace/ChakraCore-master/lib/Backend/BackwardPass.cpp:2696
#1 0x0000555556d3d084 in BackwardPass::ProcessBailOutInfo (this=0x7ff7ef7fbc10, instr=0x7ff7f428dba0) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/BackwardPass.cpp:2195
#2 0x0000555556d381fa in BackwardPass::ProcessBlock (this=0x7ff7ef7fbc10, block=0x7ff7f4287288) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/BackwardPass.cpp:3024
#3 0x0000555556d30c5b in BackwardPass::OptBlock (this=0x7ff7ef7fbc10, block=0x7ff7f4287288) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/BackwardPass.cpp:1711
#4 0x0000555556d306bf in BackwardPass::Optimize (this=0x7ff7ef7fbc10) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/BackwardPass.cpp:430
#5 0x0000555556b47094 in GlobOpt::BackwardPass (this=0x7ff7ef7fc8f0, tag=Js::DeadStorePhase) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/GlobOpt.cpp:159
#6 0x0000555556b473b9 in GlobOpt::Optimize (this=0x7ff7ef7fc8f0) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/GlobOpt.cpp:212
#7 0x0000555556b28afb in Func::TryCodegen (this=0x7ff7ef7fcfa0) at /home/zhunki/workspace/ChakraCore-master/lib/Backend/Func.cpp:457
#8 0x0000555556b28330 in Func::Codegen (alloc=0x7ff7ef7fd560, workItem=0x7ff7f4271030, threadContextInfo=0x555557ebee58, scriptContextInfo=0x555557ef0cb8, outputData=0x7ff7ef7fd9a0, epInfo=
0x7ff7f43c8120, runtimeInfo=0x0, polymorphicInlineCacheInfo=0x7ff7f4348d20, codeGenAllocators=0x555557ef5288, codeGenProfiler=0x0, isBackgroundJIT=true)
at /home/zhunki/workspace/ChakraCore-master/lib/Backend/Func.cpp:325
#9 0x000055555694bdc0 in NativeCodeGenerator::CodeGen (this=0x555557ef2488, pageAllocator=0x555557ef39a8, workItemData=0x555557f055b0, jitWriteData=..., foreground=false, epInfo=0x7ff7f43c8120)
at /home/zhunki/workspace/ChakraCore-master/lib/Backend/NativeCodeGenerator.cpp:890
#10 0x000055555694da58 in NativeCodeGenerator::CodeGen (this=0x555557ef2488, pageAllocator=0x555557ef39a8, workItem=0x555557f05588, foreground=false)
at /home/zhunki/workspace/ChakraCore-master/lib/Backend/NativeCodeGenerator.cpp:1007
#11 0x0000555556950854 in NativeCodeGenerator::Process (this=0x555557ef2488, job=0x555557f05590, threadData=0x555557ef3988)
at /home/zhunki/workspace/ChakraCore-master/lib/Backend/NativeCodeGenerator.cpp:1907
#12 0x00005555569bc7a1 in JsUtil::BackgroundJobProcessor::Process (this=0x555557ef2608, job=0x555557f05590, threadData=0x555557ef3988)
at /home/zhunki/workspace/ChakraCore-master/lib/Common/Common/Jobs.cpp:1037
#13 0x00005555569bcda4 in JsUtil::BackgroundJobProcessor::Run (this=0x555557ef2608, threadData=0x555557ef3988) at /home/zhunki/workspace/ChakraCore-master/lib/Common/Common/Jobs.cpp:1135
#14 0x00005555569ba351 in JsUtil::BackgroundJobProcessor::StaticThreadProc (lpParam=0x555557ef3988) at /home/zhunki/workspace/ChakraCore-master/lib/Common/Common/Jobs.cpp:1319
#15 0x00005555558308d0 in CorUnix::CPalThread::ThreadEntry (pvParam=0x555557ef3d80) at /home/zhunki/workspace/ChakraCore-master/pal/src/thread/pal_thread.cpp:1605
#16 0x00007ffff7aa2609 in start_thread (arg=
