ChakraCore icon indicating copy to clipboard operation
ChakraCore copied to clipboard
verified publisher icon chakra-core

Assertion failure in /IntlEngineInterfaceExtensionObject.cpp

Open zhunki opened this issue 3 years ago • 2 comments

the following poc cause a assertion failure in "debug" build on ubuntu.

function v0(v1,v2) {
    try {
        const v3 = v0();
    } catch(v4) {
        const v7 = "65537".localeCompare;
        const v8 = Reflect.apply(v7,"65537",v4);
    } finally {
    }
}
const v9 = v0();

zhunki avatar Dec 24 '21 11:12 zhunki

Seems to have the same effect:

$ 6773.js 
function v0(v1,v2) {
    try {
        const v3 = v0();
    } catch(v4) {
        const v7 = String.prototype.localeCompare;
        const v8 = Reflect.apply(v7,"65537",v4);
    }
}
const v9 = v0();
$ ch 6773.js 
ASSERTION 553548: (../lib/Runtime/Library/IntlEngineInterfaceExtensionObject.cpp, line 372) propertyValue && VarIs<T>(propertyValue)
 Failure: (propertyValue && VarIs<T>(propertyValue))
Illegal instruction (core dumped)

ppenzin avatar Feb 03 '22 07:02 ppenzin