Closed
Description
Revision
Build
./tools/build.py --clean --debug --compile-flag=-fsanitize=address
--compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer
--compile-flag=-fno-common --compile-flag=-g
--strip=off --system-allocator=on --logging=on
--error-messages=on --profile=es2015-subset
OS
Linux 4.15.0-58-generic #64-Ubuntu x86_64 GNU/Linux
Test case
var arr = [0, Infinity];
Object.defineProperties(arr, {
length: {
value: 1,
}
});Backtrace
Run with jerry --abort-on-fail poc.js
ICE: Assertion 'JERRY_CONTEXT (jmem_heap_allocated_size) == 0' failed at /jerryscript/jerry-core/jmem/jmem-heap.c(jmem_heap_finalize):106.
Error: ERR_FAILED_INTERNAL_ASSERTION
Program received signal SIGABRT, Aborted.
0xf7fd5059 in __kernel_vsyscall ()
(gdb) bt
#0 0xf7fd5059 in __kernel_vsyscall ()
#1 0xf7841452 in raise () from /lib32/libc.so.6
#2 0xf7842871 in abort () from /lib32/libc.so.6
#3 0x566bdc6b in jerry_port_fatal (code=ERR_FAILED_INTERNAL_ASSERTION) at /jerryscript/jerry-port/default/default-fatal.c:71
#4 0x5665136f in jerry_fatal (code=ERR_FAILED_INTERNAL_ASSERTION) at /jerryscript/jerry-core/jrt/jrt-fatals.c:58
#5 0x566513b0 in jerry_assert_fail (assertion=0x566e43e0 "JERRY_CONTEXT (jmem_heap_allocated_size) == 0", file=0x566e4380 "/jerryscript/jerry-core/jmem/jmem-heap.c",
function=0x566fdb20 <__func__.18313> "jmem_heap_finalize", line=106) at /jerryscript/jerry-core/jrt/jrt-fatals.c:82
#6 0x56650a75 in jmem_heap_finalize () at /jerryscript/jerry-core/jmem/jmem-heap.c:106
#7 0x566508cb in jmem_finalize () at /jerryscript/jerry-core/jmem/jmem-allocator.c:170
#8 0x5656fd59 in jerry_cleanup () at /jerryscript/jerry-core/api/jerry.c:231
#9 0x5656db7e in main (argc=3, argv=0xffffd3f4) at /jerryscript/jerry-main/main-unix.c:941