Open
Description
JerryScript revision
Commit: 05dbbd1
Version: v3.0.0
Build platform
Ubuntu 20.04.5 LTS (Linux 5.4.0-144-generic x86_64)
Build steps
python ./tools/build.py --clean --debug --compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer --compile-flag=-fno-common --compile-flag=-fsanitize=address --compile-flag=-g --strip=off --lto=off --error-messages=on --system-allocator=on --logging=on --line-info=on --stack-limit=20Test case
// poc.js
var t = Function ( ) ;
t [ Symbol . species ] = Object ;
var e = new Proxy ( { constructor : t } , { set : function ( ) { } } ) ;
RegExp . prototype [ Symbol . matchAll ] . call ( e ) ; Execution steps & Output
$ ./jerryscript/build/bin/jerry poc.js
ICE: Assertion '!jcontext_has_pending_exception ()' failed at /jerryscript/jerry-core/jcontext/jcontext.c(jcontext_raise_exception):88.
Error: JERRY_FATAL_FAILED_ASSERTION
Aborted (core dumped)Backtrace
(gdb) #0 0xf7f40d99 in __kernel_vsyscall ()
#1 0xf7c15276 in raise () from /lib32/libc.so.6
#2 0xf7bfd3f7 in abort () from /lib32/libc.so.6
#3 0x083ecca3 in jerry_port_fatal (code=JERRY_FATAL_FAILED_ASSERTION)
at /jerryscript/jerry-port/common/jerry-port-process.c:29
#4 0x08260d02 in jerry_fatal (code=JERRY_FATAL_FAILED_ASSERTION)
at /jerryscript/jerry-core/jrt/jrt-fatals.c:63
#5 0x08260d64 in jerry_assert_fail (
assertion=0x8434bc0 <str> "!jcontext_has_pending_exception ()",
file=0x8434b00 <str> "/jerryscript/jerry-core/jcontext/jcontext.c",
function=0x8434c20 <__func__.jcontext_raise_exception> "jcontext_raise_exception", line=88)
at /jerryscript/jerry-core/jrt/jrt-fatals.c:83
#6 0x0825e7b0 in jcontext_raise_exception (error=4115661203)
at /jerryscript/jerry-core/jcontext/jcontext.c:88
#7 0x081f52e5 in ecma_raise_standard_error (error_type=JERRY_ERROR_SYNTAX, [0/1762]
msg=ECMA_ERR_INVALID_REGEXP_FLAGS) at /jerryscript/jerry-core/ecma/operations/ecma-exceptions.c:315#8 0x081f5a91 in ecma_raise_syntax_error (msg=ECMA_ERR_INVALID_REGEXP_FLAGS)
at /jerryscript/jerry-core/ecma/operations/ecma-exceptions.c:456
#9 0x08234ac7 in ecma_regexp_parse_flags (flags_str_p=<optimized out>,
flags_p=<optimized out>)
at /jerryscript/jerry-core/ecma/operations/ecma-regexp-object.c:115
#10 0x0835e0d2 in ecma_builtin_regexp_prototype_match_all (
regexp_obj_p=0xffcd35c0, string_arg=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-regexp-prototype.c:504
#11 ecma_builtin_regexp_prototype_dispatch_routine (
builtin_routine_id=<optimized out>, this_arg=<optimized out>,
arguments_list_p=<optimized out>, arguments_number=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-regexp-prototype.c:598
#12 0x081b94a5 in ecma_builtin_dispatch_routine (func_obj_p=<optimized out>,
this_arg_value=<optimized out>, arguments_list_p=0xffcd3690,
arguments_list_len=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1460
#13 ecma_builtin_dispatch_call (obj_p=<optimized out>,
this_arg_value=<optimized out>, arguments_list_p=<optimized out>,
arguments_list_len=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1489
#14 0x081fb6b8 in ecma_op_function_call_native_built_in (
func_obj_p=0xf55004c0, this_arg_value=4115662259,
arguments_list_p=0xffcd38d4, arguments_list_len=0)
at /jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1217
#15 0x081fa81d in ecma_op_function_call (func_obj_p=0xf55004c0,
this_arg_value=4115662259, arguments_list_p=0xffcd38d4,
arguments_list_len=0)
at /jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1411
#16 0x0833172e in ecma_builtin_function_prototype_object_call (
func_obj_p=0xf55004c0, arguments_list_p=0xffcd38d0,
arguments_number=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-function-prototype.c:288
#17 ecma_builtin_function_prototype_dispatch_routine (
builtin_routine_id=<optimized out>, this_arg=<optimized out>,
arguments_list_p=<optimized out>, arguments_number=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-function-prototype.c:529
#18 0x081b94a5 in ecma_builtin_dispatch_routine (func_obj_p=<optimized out>,
this_arg_value=<optimized out>, arguments_list_p=0xffcd38d0,
arguments_list_len=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1460
#19 ecma_builtin_dispatch_call (obj_p=<optimized out>,
this_arg_value=<optimized out>, arguments_list_p=<optimized out>,
arguments_list_len=<optimized out>)
at /jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1489
#20 0x081fb6b8 in ecma_op_function_call_native_built_in (
func_obj_p=0xf5500460, this_arg_value=4115662019,
arguments_list_p=0xffcd3af4, arguments_list_len=1)
at /jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1217
#21 0x081fa81d in ecma_op_function_call (func_obj_p=0xf5500460,
this_arg_value=4115662019, arguments_list_p=0xffcd3af4,
arguments_list_len=1)
at /jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1411
#22 0x081fa5cf in ecma_op_function_validated_call (callee=4115661923,
this_arg_value=4115662019, arguments_list_p=0xffcd3af4,
arguments_list_len=1)
at /jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1371
#23 0x082d7631 in opfunc_call (frame_ctx_p=<optimized out>)
at /jerryscript/jerry-core/vm/vm.c:758
#24 vm_execute (frame_ctx_p=0xffcd3ac0)
at /jerryscript/jerry-core/vm/vm.c:5217
#25 0x082d4f62 in vm_run (shared_p=0xffcd3bb0, this_binding_value=4119870595,
lex_env_p=0xf57007b0)
at /jerryscript/jerry-core/vm/vm.c:5312
#26 0x082d4c39 in vm_run_global (bytecode_p=<optimized out>,
function_object_p=<optimized out>)
at /jerryscript/jerry-core/vm/vm.c:286
#27 0x0812a4e5 in jerry_run (script=4115663075)
at /jerryscript/jerry-core/api/jerryscript.c:548
#28 0x083eac3f in jerryx_source_exec_script (path_p=0xffcd5235 "test.js")
at /jerryscript/jerry-ext/util/sources.c:68
#29 0x0812162d in main (argc=<optimized out>, argv=<optimized out>)
at /jerryscript/jerry-main/main-desktop.c:156
(gdb) quit