Assertion `this->match(PunctuatorKind::GuessDot)' failed in Escargot::esprima::Parser::parseLeftHandSideExpression
Ye0nny opened this issue · 5 comments
Ye0nny commented
Escargot
- OS: Ubuntu 20.04.5 LTS (Linux 5.4.0-144-generic x86_64)
- Revision : bd95de3
Build Steps
cmake -DESCARGOT_MODE=debug -DESCARGOT_OUTPUT=shell -GNinja
Describe the bug
Assertion failure
Test case
testcase
if ( isNaN ( true % null )!== true ) { throw new Test262Error ( " 1 : true % null === Not - a - Number. Actual : " + true % null ) ; }
if ( null % true!== 0 ) { throw new Test262Error ( " 2 : null % true === 0 Actual : " + null % true ) ; }
if ( isNaN ( new Boolean Number ( true ) % null )!== true ) { throw new Test262Error ( " 2 : new Boolean ( true ) % null === Not - a - Number. Actual : " + new Boolean ( true ) % null ) ; }
if ( null % new Boolean ( true )!== 0 ) { throw new Test262Error ( " 4 : null % new Boolean ( true ) === 0 Actual : " + null % new Boolean ( true ) ) ; }
// poc.js
if ( isNaN ( true % null )!== true ) { throw new Test262Error ( " 1 : true % null === Not - a - Number. Actual : " + true % null ) ; }
if ( null % true!== 0 ) { throw new Test262Error ( " 2 : null % true === 0 Actual : " + null % true ) ; }
if ( isNaN ( new Boolean Number ( true ) % null )!== true ) { throw new Test262Error ( " " ) ; }
Execution steps & Output
$ ./escargot/escargot poc.js
escargot: src/parser/esprima_cpp/esprima.cpp:2720: typename ASTBuilder::ASTNode Escargot::esprima::Parser::parseLeftHandSideExpression(ASTBuilder&) [with ASTBuilder = Escargot::NodeGenerator; typename ASTBuilder::ASTNode = Escargot::Node*]: Assertion `this->match(PunctuatorKind::GuessDot)' failed.
Aborted
Backtrace
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007ffff7a70859 in __GI_abort () at abort.c:79
#2 0x00007ffff7a70729 in __assert_fail_base (fmt=0x7ffff7c06588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x555555b2b840 "this->match(PunctuatorKind::GuessDot)", file=0x555555b1fca0 "src/parser/esprima_cpp/esprima.cpp", line=2720, function=<optimized out>) at assert.c:92
#3 0x00007ffff7a81fd6 in __GI___assert_fail (assertion=0x555555b2b840 "this->match(PunctuatorKind::GuessDot)", file=0x555555b1fca0 "src/parser/esprima_cpp/esprima.cpp", line=2720,
function=0x555555b2d208 "typename ASTBuilder::ASTNode Escargot::esprima::Parser::parseLeftHandSideExpression(ASTBuilder&) [with ASTBuilder = Escargot::NodeGenerator; typename ASTBuilder::ASTNode = Escargot::Node*]") at assert.c:101
#4 0x00005555558915e6 in Escargot::esprima::Parser::parseLeftHandSideExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2720
#5 0x000055555583bc81 in Escargot::esprima::Parser::isolateCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x555555890c98 <Escargot::esprima::Parser::parseLeftHandSideExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:989
#6 0x0000555555884a1f in Escargot::esprima::Parser::parseNewExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2359
#7 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x555555884770 <Escargot::esprima::Parser::parseNewExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#8 0x000055555586d3a3 in Escargot::esprima::Parser::parseLeftHandSideExpressionAllowCall<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2476
#9 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x55555586d0fa <Escargot::esprima::Parser::parseLeftHandSideExpressionAllowCall<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#10 0x000055555588acb1 in Escargot::esprima::Parser::parseUpdateExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2772
#11 0x0000555555873d5f in Escargot::esprima::Parser::parseUnaryExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2929
#12 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x5555558731c8 <Escargot::esprima::Parser::parseUnaryExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#13 0x000055555585ee45 in Escargot::esprima::Parser::parseExponentiationExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2937
#14 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x55555585ed22 <Escargot::esprima::Parser::parseExponentiationExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#15 0x000055555584a607 in Escargot::esprima::Parser::parseBinaryExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3035
#16 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x55555584a4c8 <Escargot::esprima::Parser::parseBinaryExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#17 0x000055555583c044 in Escargot::esprima::Parser::parseConditionalExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3186
#18 0x000055555583a199 in Escargot::esprima::Parser::parseAssignmentExpression<Escargot::NodeGenerator, false> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3228
#19 0x000055555583bc81 in Escargot::esprima::Parser::isolateCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x555555839eda <Escargot::esprima::Parser::parseAssignmentExpression<Escargot::NodeGenerator, false>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:989
#20 0x0000555555885937 in Escargot::esprima::Parser::parseArguments<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2287
#21 0x000055555586d62b in Escargot::esprima::Parser::parseLeftHandSideExpressionAllowCall<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2498
#22 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x55555586d0fa <Escargot::esprima::Parser::parseLeftHandSideExpressionAllowCall<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#23 0x000055555588acb1 in Escargot::esprima::Parser::parseUpdateExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2772
#24 0x0000555555873d5f in Escargot::esprima::Parser::parseUnaryExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2929
#25 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x5555558731c8 <Escargot::esprima::Parser::parseUnaryExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#26 0x000055555585ee45 in Escargot::esprima::Parser::parseExponentiationExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:2937
#27 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x55555585ed22 <Escargot::esprima::Parser::parseExponentiationExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#28 0x000055555584a607 in Escargot::esprima::Parser::parseBinaryExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3035
#29 0x000055555584aef7 in Escargot::esprima::Parser::inheritCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x55555584a4c8 <Escargot::esprima::Parser::parseBinaryExpression<Escargot::NodeGenerator>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:1013
#30 0x000055555583c044 in Escargot::esprima::Parser::parseConditionalExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3186
#31 0x000055555583a199 in Escargot::esprima::Parser::parseAssignmentExpression<Escargot::NodeGenerator, false> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3228
#32 0x000055555583bc81 in Escargot::esprima::Parser::isolateCoverGrammar<Escargot::NodeGenerator, Escargot::Node* (Escargot::esprima::Parser::*)(Escargot::NodeGenerator&)> (this=0x7fffffffd9a0, builder=..., parseFunction=
(class Escargot::Node *(Escargot::esprima::Parser::*)(class Escargot::esprima::Parser * const, class Escargot::NodeGenerator &)) 0x555555839eda <Escargot::esprima::Parser::parseAssignmentExpression<Escargot::NodeGenerator, false>(Escargot::NodeGenerator&)>) at src/parser/esprima_cpp/esprima.cpp:989
#33 0x0000555555850566 in Escargot::esprima::Parser::parseExpression<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3609
#34 0x0000555555858ccb in Escargot::esprima::Parser::parseIfStatement<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:4082
#35 0x0000555555845bc5 in Escargot::esprima::Parser::parseStatement<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=..., allowFunctionDeclaration=true, shouldTopLevelDeclaration=false) at src/parser/esprima_cpp/esprima.cpp:4924
#36 0x00005555558396bf in Escargot::esprima::Parser::parseStatementListItem<Escargot::NodeGenerator> (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:3662
#37 0x000055555582315e in Escargot::esprima::Parser::parseProgram (this=0x7fffffffd9a0, builder=...) at src/parser/esprima_cpp/esprima.cpp:6896
#38 0x00005555558244a4 in Escargot::esprima::parseProgram (ctx=0xa3af0, source=..., outerClassInfo=0x0, isModule=false, strictFromOutside=false, inWith=false, allowSuperCallFromOutside=false, allowSuperPropertyFromOutside=false, allowNewTargetFromOutside=false, allowArgumentsFromOutside=true) at src/parser/esprima_cpp/esprima.cpp:7122
#39 0x00005555557e5b56 in Escargot::ScriptParser::initializeScript (this=0x59f70, originSource=0x0, originLineOffset=0, source=0xabf70, srcName=0x7a390, parentCodeBlock=0x0, isModule=false, isEvalMode=false, isEvalCodeInFunction=false, inWithOperation=false, strictFromOutside=false, allowSuperCall=false, allowSuperProperty=false, allowNewTarget=false,
needByteCodeGeneration=true) at src/parser/ScriptParser.cpp:394
#40 0x000055555563bec4 in Escargot::ScriptParser::initializeScript (this=0x59f70, source=0xabf70, srcName=0x7a390, isModule=false) at src/parser/ScriptParser.h:57
#41 0x000055555564333d in Escargot::ScriptParserRef::initializeScript (this=0x59f70, source=0xabf70, srcName=0x7a390, isModule=false) at src/api/EscargotPublic.cpp:4626
#42 0x00005555559a3d07 in evalScript (context=0xa3af0, source=0xabf70, srcName=0x7a390, shouldPrintScriptResult=false, isModule=false) at src/shell/Shell.cpp:751
#43 0x00005555559a52bd in main (argc=2, argv=0x7fffffffe348) at src/shell/Shell.cpp:1130
Expected behavior
SyntaxError: Expected ')'
at code (poc.js:3:26)
clover2123 commented
Ye0nny commented
@clover2123
Thanks for your question. :)
These test cases have been generated based on our research results.
Additionally, the poc files are manually reduced ones.
clover2123 commented
These test cases have been generated based on our research results.
Could you share your research result with us?
Or lf there are research papers of yours, please let us know.
We may improve the Escargot engine's reliability/security based on your works :)
Ye0nny commented
@clover2123
It's an honor. Our paper is scheduled to be published soon.
We'll let you know as soon as it's published.
Thank you.
clover2123 commented
Fixed by #1327
Thanks for reporting bugs.