jerryscript-project/jerryscript

SEGV in parser_parse_class /jerryscript/jerry-core/parser/js/js-parser-expr.c:1107:38

Qbtly opened this issue · 0 comments

Qbtly commented
JerryScript revision

cefd391

Build platform

Ubuntu 22.04.3

Build steps
python ./tools/build.py --builddir=xxx --clean --compile-flag=-fsanitize=address --compile-flag=-g --strip=off --lto=off --logging=on --line-info=on --error-message=on --stack-limit=20
Test case
function f(){return}

switch (1) {
  case class extends c { static { } ; }:
    break}

while (false) {continue}
Execution steps
./xxx/bin/jerry poc.js
Output
Program received signal SIGSEGV, Segmentation fault.
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1654425==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x5615b924fb62 bp 0x7ffc42a950d0 sp 0x7ffc42a94f40 T0)
==1654425==The signal is caused by a WRITE memory access.
==1654425==Hint: address points to the zero page.
    #0 0x5615b924fb62 in parser_parse_class /jerryscript/jerry-core/parser/js/js-parser-expr.c:1107:38
    #1 0x5615b92536bf in parser_parse_unary_expression /jerryscript/jerry-core/parser/js/js-parser-expr.c:2217:7
    #2 0x5615b92536bf in parser_parse_expression /jerryscript/jerry-core/parser/js/js-parser-expr.c:4115:9
    #3 0x5615b927125e in parser_parse_case_statement /jerryscript/jerry-core/parser/js/js-parser-statm.c:2031:5
    #4 0x5615b927125e in parser_parse_statements /jerryscript/jerry-core/parser/js/js-parser-statm.c:2909:9
    #5 0x5615b9193185 in parser_parse_source /jerryscript/jerry-core/parser/js/js-parser.c:2280:5
    #6 0x5615b9191500 in parser_parse_script /jerryscript/jerry-core/parser/js/js-parser.c:3332:38
    #7 0x5615b90a43c9 in jerry_parse_common /jerryscript/jerry-core/api/jerryscript.c:418:21
    #8 0x5615b90a422b in jerry_parse /jerryscript/jerry-core/api/jerryscript.c:486:10
    #9 0x5615b9289ad1 in jerryx_source_parse_script /jerryscript/jerry-ext/util/sources.c:52:26
    #10 0x5615b9289cc3 in jerryx_source_exec_script /jerryscript/jerry-ext/util/sources.c:63:26
    #11 0x5615b909d0bb in main /jerryscript/jerry-main/main-desktop.c:156:20
    #12 0x7f9c86e91d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #13 0x7f9c86e91e3f in __libc_start_main csu/../csu/libc-start.c:392:3
    #14 0x5615b8fdced4 in _start (/jerryscript/0321/bin/jerry+0x71ed4) (BuildId: 8a43acc73309945f9adb42dcffdcdab746b9ecc5)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /jerryscript/jerry-core/parser/js/js-parser-expr.c:1107:38 in parser_parse_class
==1654425==ABORTING