C++ Crash when accessing static function

[MrDoowie]

Version

All versions up starting from 16.9.0

Platform

Darwin Kernel Version 20.6.0

Subsystem

N/A

What steps will reproduce the bug?

I am unable to provide a clean repo as I am not the owner of the code.

As soon as the code attempts to trigger the static function, I get the error call stack which I posted below.
Note that this pseudo code is not crashing for me, but it's very similar to the code I'm dealing with.

'use strict';
// Static function crash example.
(function() {
    class CrashClass {
        static staticFunctionCrash(id) {
            console.log('CRASH TEST: Should not see this log in console.');
        }
    }
    class GrandChild {
        constructor() {
            this.messageInstance = null;
        }
        static staticCall() {
            let dest = new GrandChild();
            dest.instanceCall();
            return dest;
        }
        instanceCall() {
            this.messageInstance = CrashClass.staticFunctionCrash(183);
        }
    }
    class Child {
        constructor() {
            this.grandChild = null;
        }
        static staticCall() {
            let dest = new Child();
            dest.instanceCall();
            return dest;
        }
        instanceCall() {
            this.grandChild = GrandChild.staticCall();
        }
    }
    class Parent {
        constructor() {
            this.child = null;
        }
        static staticCall() {
            console.log('CRASH TEST: Start.');
            let dest = new Parent();
            dest.instanceCall();
            return dest;
        }
        instanceCall() {
            this.child = Child.staticCall();
        }
    }
    const exports = {
        CrashClass: CrashClass,
        GrandChild: GrandChild,
        Child: Child,
        Parent: Parent,
    };
    if (typeof module !== 'undefined' && typeof module.exports !== 'undefined') {
        module.exports = exports;
    } else {
        console.log('CRASH TEST: Unexpected.');
    }
})();

How often does it reproduce? Is there a required condition?

No issues found in;

• Any version prior to v16.9
• 100% from v16.9, all the way up to latest v17x

What is the expected behavior?

No crash.

What do you see instead?

#
# Fatal error in , line 0
# unreachable code
#
#
#
#FailureMessage Object: 0x7ffeed34a810
 1: 0x1029ea312 node::NodePlatform::GetStackTracePrinter()::$_3::__invoke() [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 2: 0x1039bf722 V8_Fatal(char const*, ...) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 3: 0x102dbb785 v8::internal::interpreter::ConstantArrayBuilder::InsertJumpTable(unsigned long) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 4: 0x102d93fd0 v8::internal::interpreter::BytecodeArrayBuilder::AllocateJumpTable(int, int) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 5: 0x102d9de41 v8::internal::interpreter::BytecodeGenerator::VisitSwitchStatement(v8::internal::SwitchStatement*) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 6: 0x102d9aa22 v8::internal::interpreter::BytecodeGenerator::GenerateBytecodeBody() [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 7: 0x102d9a17a v8::internal::interpreter::BytecodeGenerator::GenerateBytecode(unsigned long) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 8: 0x102dbd813 v8::internal::interpreter::InterpreterCompilationJob::ExecuteJobImpl() [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
 9: 0x102bbaff7 v8::internal::(anonymous namespace)::ExecuteSingleUnoptimizedCompilationJob(v8::internal::ParseInfo*, v8::internal::FunctionLiteral*, v8::internal::AccountingAllocator*, std::__1::vector<v8::internal::FunctionLiteral*, std::__1::allocator<v8::internal::FunctionLiteral*> >*, v8::internal::LocalIsolate*) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
10: 0x102bb3882 bool v8::internal::(anonymous namespace)::IterativelyExecuteAndFinalizeUnoptimizedCompilationJobs<v8::internal::Isolate>(v8::internal::Isolate*, v8::internal::Handle<v8::internal::SharedFunctionInfo>, v8::internal::Handle<v8::internal::Script>, v8::internal::ParseInfo*, v8::internal::AccountingAllocator*, v8::internal::IsCompiledScope*, std::__1::vector<v8::internal::FinalizeUnoptimizedCompilationData, std::__1::allocator<v8::internal::FinalizeUnoptimizedCompilationData> >*, std::__1::vector<v8::internal::DeferredFinalizationJobData, std::__1::allocator<v8::internal::DeferredFinalizationJobData> >*) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
11: 0x102bb3441 v8::internal::Compiler::Compile(v8::internal::Isolate*, v8::internal::Handle<v8::internal::SharedFunctionInfo>, v8::internal::Compiler::ClearExceptionFlag, v8::internal::IsCompiledScope*) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
12: 0x102bb458c v8::internal::Compiler::Compile(v8::internal::Isolate*, v8::internal::Handle<v8::internal::JSFunction>, v8::internal::Compiler::ClearExceptionFlag, v8::internal::IsCompiledScope*) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
13: 0x10303968b v8::internal::Runtime_CompileLazy(int, unsigned long*, v8::internal::Isolate*) [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]
14: 0x1033e1319 Builtins_CEntry_Return1_DontSaveFPRegs_ArgvOnStack_NoBuiltinExit [/Users/CurrentUser/.nvm/versions/node/v16.9.0/bin/node]

Process finished with exit code 133 (interrupted by signal 5: SIGTRAP)

Additional information

The code that triggered this crash has been around for many years, and only started throwing this error once I upgraded to version 16.9+.

[targos]

Likely fixed by #40882 (based on the stack trace)