Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assertion 'ecma_is_value_object (value)' failed #5089

Closed
voidptr127 opened this issue Jun 8, 2023 · 0 comments · Fixed by #5126
Closed

Assertion 'ecma_is_value_object (value)' failed #5089

voidptr127 opened this issue Jun 8, 2023 · 0 comments · Fixed by #5126

Comments

@voidptr127
Copy link

This bug report leads to the same error message as in #4936 but 4936 is fixed whereas this is present on the most recent version.

JerryScript revision
05dbbd134c3b9e2482998f267857dd3722001cd7
Build platform
Linux-6.2.15-200.fc37.x86_64-x86_64-with-glibc2.34
clang version 14.0.6 (Red Hat 14.0.6-4.el9_1)
Build steps
CC=/usr/bin/clang python3 tools/build.py --clean \
    --debug \
    --strip=off \
    --compile-flag=-fsanitize=address \
    --lto=off \
    --compile-flag=-g \
    --error-messages=on \
    --promise-callback=on \
    --logging=on \
    --line-info=on \
    --stack-limit=128
Test case
void Symbol();
async function Symbol(undefined, Function){
void (Int32Array=[Date=[]=[], Date=[]=[], Date=Symbol(), Date=await [], []]=[]+[]);

}
Execution
./build/bin/jerry poc.js
Output
ICE: Assertion 'ecma_is_value_object (value)' failed at /home/rocky/jerryscript/jerry-core/ecma/base/ecma-helpers-value.c(ecma_get_object_from_value):821.
Error: JERRY_FATAL_FAILED_ASSERTION
Aborted (core dumped)
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 2, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
46863c2 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 5, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
0412511 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 5, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
848591c 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
@matetokodi matetokodi mentioned this issue Feb 5, 2024
Merged
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 5, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
cd79318 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
akosthekiss pushed a commit that referenced this issue Feb 6, 2024
@matetokodi
Fix gc of async destructuring assignments of strings (#5126)
bac7ee3 
This fixes #5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix gc of async destructuring assignments of strings matetokodi/jerryscript
1 participant
@voidptr127