Closed
Description
JerryScript revision
Build platform
Linux-5.4.0-33-generic-x86_64-with-glibc2.29
Build steps
./tools/build.py --clean --debug --compile-flag=-fsanitize=address \
--compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer \
--compile-flag=-fno-common --compile-flag=-g \
--strip=off --system-allocator=on --logging=on \
--linker-flag=-fuse-ld=gold --error-messages=on --profile=es2015-subset \
--builddir=build --stack-limit=16
Test case
function i(id_0, b = (eval("var x"))) {
function x() {}
eval(!eval("var x = {}; x instanceof assert;"))
}
i()Output
ICE: Assertion 'ecma_find_named_property (prev_lex_env_p, name_p) == NULL' failed at jerryscript/jerry-core/vm/vm.c(vm_loop):1424.
Error: ERR_FAILED_INTERNAL_ASSERTION
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1710529==ERROR: AddressSanitizer: ABRT on unknown address 0x001a19c1 (pc 0xf7efcb49 bp 0xff90df2c sp 0xff90df10 T0)
#0 0xf7efcb48 (linux-gate.so.1+0xb48)
#1 0xf76ef4c5 in raise (/lib/i386-linux-gnu/libc.so.6+0x354c5)
#2 0xf76d73f6 in abort (/lib/i386-linux-gnu/libc.so.6+0x1d3f6)
#3 0x566b96d2 in jerry_port_fatal jerryscript/jerry-port/default/default-fatal.c:30
#4 0x565f19db in jerry_fatal jerryscript/jerry-core/jrt/jrt-fatals.c:63
#5 0x565f1a1c in jerry_assert_fail jerryscript/jerry-core/jrt/jrt-fatals.c:87
#6 0x5662ef1d in vm_loop jerryscript/jerry-core/vm/vm.c:1424
#7 0x5663ee3a in vm_execute jerryscript/jerry-core/vm/vm.c:4304
#8 0x5663f445 in vm_run jerryscript/jerry-core/vm/vm.c:4412
#9 0x566298b9 in vm_run_eval jerryscript/jerry-core/vm/vm.c:411
#10 0x565c128f in ecma_op_eval_chars_buffer jerryscript/jerry-core/ecma/operations/ecma-eval.c:116
#11 0x565c0fca in ecma_op_eval jerryscript/jerry-core/ecma/operations/ecma-eval.c:58
#12 0x5665b810 in ecma_builtin_global_object_eval jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-global.c:111
#13 0x5665d853 in ecma_builtin_global_dispatch_routine jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-global.c:792
#14 0x565a7416 in ecma_builtin_dispatch_routine jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1195
#15 0x565a75e8 in ecma_builtin_dispatch_call jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1219
#16 0x565c3dfc in ecma_op_function_call_simple jerryscript/jerry-core/ecma/operations/ecma-function-object.c:830
#17 0x565c4b2f in ecma_op_function_call jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1133
#18 0x5662af6d in opfunc_call jerryscript/jerry-core/vm/vm.c:781
#19 0x5663ee9e in vm_execute jerryscript/jerry-core/vm/vm.c:4310
#20 0x5663f445 in vm_run jerryscript/jerry-core/vm/vm.c:4412
#21 0x565c4241 in ecma_op_function_call_simple jerryscript/jerry-core/ecma/operations/ecma-function-object.c:934
#22 0x565c4b2f in ecma_op_function_call jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1133
#23 0x5662af6d in opfunc_call jerryscript/jerry-core/vm/vm.c:781
#24 0x5663ee9e in vm_execute jerryscript/jerry-core/vm/vm.c:4310
#25 0x5663f445 in vm_run jerryscript/jerry-core/vm/vm.c:4412
#26 0x56629683 in vm_run_global jerryscript/jerry-core/vm/vm.c:338
#27 0x5656f33e in jerry_run jerryscript/jerry-core/api/jerry.c:595
#28 0x5656e2fa in main jerryscript/jerry-main/jerry-loop.c:30
#29 0xf76d8ee4 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x1eee4)
#30 0x5656e104 in _start (jerryscript/build/bin/jerry-loop+0x18104)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: ABRT (linux-gate.so.1+0xb48)
==1710529==ABORTING
Found by Fuzzinator with grammarinator.