[HARMONY][JIT][OPTIMIZER] Assumption in array base address load asscoiated symbolic analysis of dabce caused bug

In function code:
void DynamicABCE::fillTemplate(ArrayAccessTemplate* arrayAccess, Inst* checkInst) {
....
Node* node = checkInst->getNode()->getUnconditionalEdgeTarget();
for (Inst* inst = (Inst*)node->getFirstInst(); inst != NULL; inst = inst->getNextInst())

{ ... }

else if (opcode == Op_AddScaledIndex &&
arrayAccess->index == inst->getSrc(1) && arrayAccess->array == NULL)

{ assert(ldBaseInst == NULL); ldBaseInst = inst->getSrc(0)->asSsaOpnd()->getInst(); assert(ldBaseInst->getOpcode() == Op_LdArrayBaseAddr); arrayAccess->array = ldBaseInst->getSrc(0)->asSsaOpnd(); break; }

}
...
}

The code "assert(ldBaseInst->getOpcode() == Op_LdArrayBaseAddr);" assumes that after bound checking, the direct target block will access array immediately, and the array access instruction in it will use "Op_LdArrayBaseAddr" instruction to access the array base. However, this kind assumption is very tender.

In server: scimark.sor.small.
After loop peeling, phi instruction is generated for LDBASE instruction, this time LDVAR instruction will be used to get the variable from Phi. The assertion will fail and bug will happen.

There may be two kind solutions:
1. In IR building, record the array access information.
2. Or more accurate symbolic is used to find the array base load instruction.

Thanks!

Buqi