Assertion 'ecma_find_named_property (func_obj_p, ecma_get_magic_string (LIT_MAGIC_STRING_NAME)) == NULL' failed at /jerryscript/jerry-core/vm/vm.c(vm_loop):2173.

[EJueon]

JerryScript revision

Commit: 05dbbd1
Version: v3.0.0

Build platform

Ubuntu 20.04.5 LTS (Linux 5.4.0-144-generic x86_64)

Build steps

python ./tools/build.py --clean --debug --compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer --compile-flag=-fno-common --compile-flag=-fsanitize=address --compile-flag=-g --strip=off --lto=off --error-messages=on --system-allocator=on --logging=on --line-info=on --stack-limit=20

Test case

testcase

class s { 0 = class { } ; [ 1 ] = class { constructor ( ) { } static name ( s ) { } } ; } new s ( ) ;  gc ( ) ; new s ( ) ( e ) ; let t = 32 ;

// poc.js
class s { [ 1 ] = class { constructor ( ) { } static name ( s ) { } } ; } 
new s ( ) ; 

Execution steps & Output

$ ./jerryscript/build/bin/jerry poc.js
ICE: Assertion 'ecma_find_named_property (func_obj_p, ecma_get_magic_string (LIT_MAGIC_STRING_NAME)) == NULL' failed at /jerryscript/jerry-core/vm/vm.c(vm_loop):2173.
Error: JERRY_FATAL_FAILED_ASSERTION
Aborted

credits: @EJueon, @Ye0nny of the seclab-yonsei.