jerryscript-project/jerryscript

SEGV in scanner_seek /jerryscript/jerry-core/parser/js/js-scanner-util.c:372:17

Opened this issue · 0 comments

Qbtly commented
JerryScript revision

cefd391

Build platform

Ubuntu 22.04.3

Build steps
python ./tools/build.py --builddir=xxx --clean --compile-flag=-fsanitize=address --compile-flag=-g --strip=off --lto=off --logging=on --line-info=on --error-message=on --stack-limit=20
Test case
function f(){return}

switch (class extends c { static { } ; }) {
  case 1:
    break}

while (false) {continue}
Execution steps
./xxx/bin/jerry poc.js
Output
Release:
Program received signal SIGSEGV, Segmentation fault.
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1362976==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x55e5d2682005 bp 0x7ffe140aa670 sp 0x7ffe140aa540 T0)
==1362976==The signal is caused by a READ memory access.
==1362976==Hint: address points to the zero page.
    #0 0x55e5d2682005 in scanner_seek /jerryscript/jerry-core/parser/js/js-scanner-util.c:372:17
    #1 0x55e5d273667e in parser_parse_switch_statement_start /jerryscript/jerry-core/parser/js/js-parser-statm.c:1714:5
    #2 0x55e5d272d2d1 in parser_parse_statements /jerryscript/jerry-core/parser/js/js-parser-statm.c:2821:9
    #3 0x55e5d267fdfd in parser_parse_source /jerryscript/jerry-core/parser/js/js-parser.c:2280:5
    #4 0x55e5d267e924 in parser_parse_script /jerryscript/jerry-core/parser/js/js-parser.c:3332:38
    #5 0x55e5d25dbf38 in jerry_parse_common /jerryscript/jerry-core/api/jerryscript.c:418:21
    #6 0x55e5d25dbd34 in jerry_parse /jerryscript/jerry-core/api/jerryscript.c:486:10
    #7 0x55e5d274176f in jerryx_source_parse_script /jerryscript/jerry-ext/util/sources.c:52:26
    #8 0x55e5d274192f in jerryx_source_exec_script /jerryscript/jerry-ext/util/sources.c:63:26
    #9 0x55e5d25d75b2 in main /jerryscript/jerry-main/main-desktop.c:156:20
    #10 0x7f39cdf6ed8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #11 0x7f39cdf6ee3f in __libc_start_main csu/../csu/libc-start.c:392:3
    #12 0x55e5d2517424 in _start (/jerryscript/0323re/bin/jerry+0x41424) (BuildId: efa40b4121fb9ed9276f89fc661eef85c730ab65)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /jerryscript/jerry-core/parser/js/js-scanner-util.c:372:17 in scanner_seek
==1362976==ABORTING
Debug:
ICE: Assertion 'context_p->next_scanner_info_p->source_p == context_p->source_p && context_p->next_scanner_info_p->type == SCANNER_TYPE_SWITCH' failed at /jerryscript/jerry-core/parser/js/js-parser-statm.c(parser_parse_switch_statement_start):1666.
Error: JERRY_FATAL_FAILED_ASSERTION

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=0, signo=6, threadid=140737350406336) at ./nptl/pthread_kill.c:44
44	./nptl/pthread_kill.c: No such file or directory.