Open anbu1024 opened 1 year ago
ChakraCore version: commit c3ead3f
Build cmd:
./build.sh --debug --static
Test case:
function foo() { function bar(v1,v2,v3) { } function* baz(v5,v6) { } const a = baz(); bar.__proto__ = a; delete bar.length; for (const i in bar) { z = v14; } bar.length = 0; } for(let i=0; i<0x300; i++) { foo(); }
Execute
./ch --bgjit --oopjit ./test.js
Error msg:
ASSERTION 2624246: (ChakraCore/lib/Runtime/Types/SimpleTypeHandler.cpp, line 570) !GetIsLocked() Failure: (!GetIsLocked()) Illegal instruction (core dumped)
ChakraCore version: commit c3ead3f
Build cmd:
Test case:
Execute
Error msg: