ChakraCore icon indicating copy to clipboard operation
ChakraCore copied to clipboard
verified publisher icon chakra-core

ASSERTION Failure "scopeSlotCount != 0" in ChakraCore/lib/Runtime/Language/InterpreterStackFrame.cpp, line 7592

Open 1789120321 opened this issue 3 years ago • 1 comments 

commit : 41ad58a
Engine version : ch version 1.13.0.0-beta
Build platform : Ubuntu 18.04
Clang version : 6.0.0
Build steps : ./build.sh --sanitize=address --static -j -d

POC

cat da5c7dd74b3349db93bbbd5f9340f241.js
-----------------------------------------------------
try {
  (function TestFunc() {
    var a;

    (function outer() {
      (function inner() {
        outer();
        a;
      })();

      with ({}) {
        outer();
        outer();
        TestFunc();
        TestFunc();
        TestFunc();
      }
    })();
  })();
} catch (ex) {
  if (ex.message == "Out of stack space") {
    print("PASSED");
  }
}

Assert Log

./ch da5c7dd74b3349db93bbbd5f9340f241.js
ASSERTION 3930: (/data/WYC/engines/ChakraCore-master/lib/Runtime/Language/InterpreterStackFrame.cpp, line 7592) scopeSlotCount != 0
 Failure: (scopeSlotCount != 0)
Illegal instruction

Hi, Richard, could you please help check this issue?

@rhuanjl

1789120321 avatar Mar 12 '22 15:03 1789120321

I can reproduce this in debug mode (sanitizer off), in release mode it crashes without printing "PASSED".

ppenzin avatar Mar 26 '22 00:03 ppenzin