Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault - js-parser-expr.c in parser_parse_class #5085

Closed
voidptr127 opened this issue Jun 8, 2023 · 0 comments · Fixed by #5093
Closed

Segmentation fault - js-parser-expr.c in parser_parse_class #5085

voidptr127 opened this issue Jun 8, 2023 · 0 comments · Fixed by #5093

Comments

@voidptr127
Copy link

JerryScript revision
05dbbd134c3b9e2482998f267857dd3722001cd7
Build platform
Linux-6.2.15-200.fc37.x86_64-x86_64-with-glibc2.34
clang version 14.0.6 (Red Hat 14.0.6-4.el9_1)
Build steps
CC=/usr/bin/clang python3 tools/build.py --clean \
    --debug \
    --strip=off \
    --compile-flag=-fsanitize=address \
    --lto=off \
    --compile-flag=-g \
    --error-messages=on \
    --promise-callback=on \
    --logging=on \
    --line-info=on \
    --stack-limit=128
Test case
class RegExp{

}

async () => {
Set;

}
await Symbol;
class Set{

}
Execution
./build/bin/jerry poc.js
Output
AddressSanitizer:DEADLYSIGNAL
=================================================================
==4093==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x00000072bb10 bp 0x7fffd82d4130 sp 0x7fffd82d3dc0 T0)
==4093==The signal is caused by a READ memory access.
==4093==Hint: address points to the zero page.
    #0 0x72bb10 in parser_parse_class /home/rocky/jerryscript/jerry-core/parser/js/js-parser-expr.c:1107:38
    #1 0x750031 in parser_parse_statements /home/rocky/jerryscript/jerry-core/parser/js/js-parser-statm.c:2787:9
    #2 0x64411b in parser_parse_source /home/rocky/jerryscript/jerry-core/parser/js/js-parser.c:2280:5
    #3 0x6408a2 in parser_parse_script /home/rocky/jerryscript/jerry-core/parser/js/js-parser.c:3326:38
    #4 0x53ce99 in jerry_parse_common /home/rocky/jerryscript/jerry-core/api/jerryscript.c:412:21
    #5 0x53ca07 in jerry_parse /home/rocky/jerryscript/jerry-core/api/jerryscript.c:480:10
    #6 0x77038c in jerryx_source_parse_script /home/rocky/jerryscript/jerry-ext/util/sources.c:52:26
    #7 0x7704b4 in jerryx_source_exec_script /home/rocky/jerryscript/jerry-ext/util/sources.c:63:26
    #8 0x536b9f in main /home/rocky/jerryscript/jerry-main/main-desktop.c:156:20
    #9 0x7fba61a87eaf in __libc_start_call_main (/lib64/libc.so.6+0x3feaf) (BuildId: 82f7ae28e16376aa97cc3bf50b40ab2d1043924a)
    #10 0x7fba61a87f5f in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x3ff5f) (BuildId: 82f7ae28e16376aa97cc3bf50b40ab2d1043924a)
    #11 0x43c604 in _start (/home/rocky/jerryscript/build/bin/jerry+0x43c604) (BuildId: 1da1efd61105afed74f3a1d623bc459cc93ece58)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/rocky/jerryscript/jerry-core/parser/js/js-parser-expr.c:1107:38 in parser_parse_class
==4093==ABORTING
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Aug 2, 2023
@matetokodi
Fix arrow function parsing
ebe1078 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Mate Tokodi matet@inf.u-szeged.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Aug 2, 2023
@matetokodi
Fix arrow function parsing
8da1145 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Mate Tokodi matet@inf.u-szeged.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Aug 2, 2023
@matetokodi
Fix arrow function parsing
80e8c9f 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Mate Tokodi matet@inf.u-szeged.hu
@matetokodi matetokodi mentioned this issue Aug 2, 2023
Merged
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Aug 2, 2023
@matetokodi
Fix arrow function parsing
78824da 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Mate Tokodi matet@inf.u-szeged.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Aug 3, 2023
@matetokodi
Fix arrow function parsing
43640ac 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Mate Tokodi matet@inf.u-szeged.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Jan 4, 2024
@matetokodi
Fix arrow function parsing
f577102 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Jan 4, 2024
@matetokodi
Fix arrow function parsing
ae50054 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Jan 4, 2024
@matetokodi
Fix arrow function parsing
0c6086e 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Jan 8, 2024
@matetokodi
Fix arrow function parsing
e912903 
This fixes jerryscript-project#5085

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
akosthekiss pushed a commit that referenced this issue Jan 31, 2024
@matetokodi
Fix arrow function parsing (#5093)
52debe8 
This fixes #5085

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix arrow function parsing matetokodi/jerryscript
1 participant
@voidptr127