Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV /jerryscript/jerry-core/parser/js/js-parser-expr.c:1997:11 in parser_parse_unary_expression #5150

Open
Qbtly opened this issue Aug 5, 2024 · 0 comments
Labels
bug Undesired behaviour fuzzing Related to fuzz testing of the engine parser Related to the JavaScript parser

Comments

@Qbtly
Copy link

Qbtly commented Aug 5, 2024

Commit ID

2dbb6f7

Build platform

Ubuntu 22.04.3

Build steps
python3 ./tools/build.py --builddir=xxx --clean --compile-flag=-fsanitize=address --compile-flag=-g --strip=off --lto=off --logging=on --line-info=on --error-message=on --stack-limit=20
Test case
class JSEtest {
    #async #async(x = 1) { "use strict" }
  }
Execution steps
./jerry poc.js
Output
AddressSanitizer:DEADLYSIGNAL
=================================================================
==200353==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x0000007afb58 bp 0x7fffe0b4a1b0 sp 0x7fffe0b49e80 T0)
==200353==The signal is caused by a READ memory access.
==200353==Hint: address points to the zero page.
    #0 0x7afb58 in parser_parse_unary_expression /jerryscript/jerry-core/parser/js/js-parser-expr.c:1997:11
    #1 0x7afb58 in parser_parse_expression /jerryscript/jerry-core/parser/js/js-parser-expr.c:4118:9
    #2 0x64ad0d in parser_parse_function_arguments /jerryscript/jerry-core/parser/js/js-parser.c:1797:7
    #3 0x647b83 in parser_parse_function /jerryscript/jerry-core/parser/js/js-parser.c:2685:3
    #4 0x79eec2 in lexer_construct_function_object /jerryscript/jerry-core/parser/js/js-lexer.c:2695:23
    #5 0x7aa79e in parser_parse_class_body /jerryscript/jerry-core/parser/js/js-parser-expr.c:911:39
    #6 0x7aa79e in parser_parse_class /jerryscript/jerry-core/parser/js/js-parser-expr.c:1113:27
    #7 0x7dabc6 in parser_parse_statements /jerryscript/jerry-core/parser/js/js-parser-statm.c:2787:9
    #8 0x663433 in parser_parse_source /jerryscript/jerry-core/parser/js/js-parser.c:2280:5
    #9 0x6611ca in parser_parse_script /jerryscript/jerry-core/parser/js/js-parser.c:3332:38
    #10 0x4ec611 in jerry_parse_common /jerryscript/jerry-core/api/jerryscript.c:418:21
    #11 0x4ec23e in jerry_parse /jerryscript/jerry-core/api/jerryscript.c:486:10
    #12 0x80402d in jerryx_source_parse_script /jerryscript/jerry-ext/util/sources.c:52:26
    #13 0x80432c in jerryx_source_exec_script /jerryscript/jerry-ext/util/sources.c:63:26
    #14 0x4e0160 in main /jerryscript/jerry-main/main-desktop.c:156:20
    #15 0x7fc0d0047d8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)
    #16 0x7fc0d0047e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f)
    #17 0x427fd4 in _start (/jerryscript/0805/bin/jerry+0x427fd4)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /jerryscript/jerry-core/parser/js/js-parser-expr.c:1997:11 in parser_parse_unary_expression
==200353==ABORTIN
@LaszloLango LaszloLango added bug Undesired behaviour parser Related to the JavaScript parser fuzzing Related to fuzz testing of the engine labels Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Undesired behaviour fuzzing Related to fuzz testing of the engine parser Related to the JavaScript parser
Projects
None yet
Development

No branches or pull requests

2 participants