search

Moddable-OpenSource / moddable

Tools for developers to create truly open IoT products using standard JavaScript on low cost microcontrollers.
http://www.moddable.com
1.34k stars 236 forks source link

SEGV xsGlobal.c:323 in fx_Enumerator #814

Closed jessysaurusrex closed 2 years ago

jessysaurusrex commented 2 years ago

Version:

eecb298fb1d9019854591515664e369ad9cf5b53

poc.js

function main() {
const v0 = 525708681;
const v1 = 129n;
const v2 = "symbol";
const v3 = "byteOffset";
const v4 = {};
const v5 = [v4,v4,v4];
const v6 = 9419;
const v7 = Compartment;
let v8 = 0;
const v9 = 2;
function* v10(v11,v12) {
}
const v14 = Array.of();
for (const v15 in v14) {
}
const v16 = 0.0;
const v19 = new Int32Array(36251);
try {
    const v20 = v19.reduce(v10);
} catch(v21) {
    const v22 = {};
    let {"POSITIVE_INFINITY":v23,"__proto__":v24,"caller":v25,"d":v26,"matchAll":v27,} = v22;
    v24.length = 9007199254740993;
}
const v29 = {};
const v30 = [v29,v29];
let v31 = 2157069075;
let v33 = "symbol";
let v34 = Int32Array;
let v35 = {};
let v36 = /\W\S/g;
for (let v37 = 36251; v37 >= 36251; v37 = v37 + v31) {
    ({"EPSILON":v33,"e":v37,"flags":v35,"multiline":v31,"source":v34,"unicode":v36,} = v36);
}
function v38(v39,v40) {
    for (const v41 in v30) {
    }
    const v42 = v8++;
    const v43 = Int8Array;
    const v44 = Array;
    async function v45(v46,v47,v48,v49,v50) {
    }
    const v51 = "b";
    const v52 = {"constructor":v45};
    const v53 = Object;
}
const v55 = new Promise(v38);
const v56 = 2157069075;
const v57 = -3184988496;
const v59 = [1567026793];
const v60 = [v59];
const v61 = -536870912;
const v62 = /4\Dp+/sig;
}
main();

Invocation xst poc.js

STDERR: 
/Users/amulet/moddable/xs/sources/xsScript.c:203:16: runtime error: left shift of 1327365517 by 1 places cannot be represented in type 'txSize' (aka 'int')
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /Users/amulet/moddable/xs/sources/xsScript.c:203:16 in 
/Users/amulet/moddable/xs/sources/xsLexical.c:333:21: runtime error: 9.0072e+15 is outside the range of representable values of type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /Users/amulet/moddable/xs/sources/xsLexical.c:333:21 in 
/Users/amulet/moddable/xs/sources/xsDataView.c:1439:42: runtime error: left shift of 3 by 30 places cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /Users/amulet/moddable/xs/sources/xsDataView.c:1439:42 in 
AddressSanitizer:DEADLYSIGNAL
=================================================================
==90876==ERROR: AddressSanitizer: SEGV on unknown address 0x000c00000097 (pc 0x00010276ec68 bp 0x00010276e870 sp 0x00016d88cfb0 T0)
==90876==The signal is caused by a UNKNOWN memory access.
    #0 0x10276ec68 in fx_Enumerator xsGlobal.c:323

==90876==Register values:
 x[0] = 0x000000010bb14360   x[1] = 0x00000000ffffffff   x[2] = 0x0000000000000000   x[3] = 0x0000000000000000  
 x[4] = 0x000000000000000e   x[5] = 0x000000000000000e   x[6] = 0x0000000000000000   x[7] = 0x0000000000000001  
 x[8] = 0x0000000c0000003f   x[9] = 0x0000000c00000097  x[10] = 0x0000000000000000  x[11] = 0x0000000000000125  
x[12] = 0x0000000000000000  x[13] = 0x000000016d8b1f78  x[14] = 0x000000016d88d620  x[15] = 0x0000000077f1052a  
x[16] = 0x00000001c41ec110  x[17] = 0x00000001037dc5b8  x[18] = 0x0000000000000000  x[19] = 0x0000000103358060  
x[20] = 0x0000000102d8ea58  x[21] = 0x0000000103304070  x[22] = 0x0000000000000000  x[23] = 0x0000000000000000  
x[24] = 0x0000000000000000  x[25] = 0x0000000000000000  x[26] = 0x0000000000000000  x[27] = 0x0000000000000000  
x[28] = 0x0000000000000000     fp = 0x000000016d88d710     lr = 0x000000010276e870     sp = 0x000000016d88cfb0  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV xsGlobal.c:323 in fx_Enumerator
==90876==ABORTING

Status: 
pid 90876 SIGABRT (signal 6)
phoddie commented 2 years ago

duplicate of #792