search

dart-lang / sdk

The Dart SDK, including the VM, JS and Wasm compilers, analysis, core libraries, and more.
https://dart.dev
BSD 3-Clause "New" or "Revised" License
10.2k stars 1.57k forks source link

analyzer fuzz crash: function interpolation in import string #38045

Open MichaelRFairhurst opened 5 years ago

MichaelRFairhurst commented 5 years ago

import "${(){}}";

Note: this fails in both summary1 and summary 2

ElementMismatchException: Element mismatch in /test/lib/test.dart at /test/lib/test.dart
Caused by NoSuchMethodError: The method 'visitFunctionExpression' was called on null.
Receiver: null                                                                   
Tried calling: visitFunctionExpression(Instance of 'FunctionExpressionImpl')     
#0      Object.noSuchMethod (dart:core-patch/object_patch.dart:50:5)             
#1      FunctionExpressionImpl.accept (package:analyzer/src/dart/ast/ast.dart:5079:49)
#2      DeclarationResolver.visitFunctionExpression (package:analyzer/src/generated/declaration_resolver.dart:252:12)
#3      FunctionExpressionImpl.accept (package:analyzer/src/dart/ast/ast.dart:5079:49)
#4      BinaryExpressionImpl.visitChildren (package:analyzer/src/dart/ast/ast.dart:1002:20)
#5      RecursiveAstVisitor.visitBinaryExpression (package:analyzer/dart/ast/visitor.dart:659:10)
#6      BinaryExpressionImpl.accept (package:analyzer/src/dart/ast/ast.dart:997:49)
#7      NodeListImpl.accept (package:analyzer/src/dart/ast/ast.dart:7670:20)     
#8      ArgumentListImpl.visitChildren (package:analyzer/src/dart/ast/ast.dart:377:16)
#9      RecursiveAstVisitor.visitArgumentList (package:analyzer/dart/ast/visitor.dart:623:10)
srawlins commented 5 years ago

This input crashes kernel as well:

Crash when compiling file:///Users/srawlins/code/dart-sdk/sdk/38045.dart,                                                                                  
at character offset null:                                                                                                                                  
RangeError: Value not in range: 1                                                                                                                          
#0      _StringBase.substring (dart:core-patch/string_patch.dart:390:7)                                                                                    
#1      unescapeString (package:front_end/src/fasta/quote.dart:140:14)                                                                                     
#2      DietListener.endImport (package:front_end/src/fasta/source/diet_listener.dart:470:9)                                                               
#3      Parser.parseImport (package:front_end/src/fasta/parser/parser.dart:679:16)                                                                         
#4      Parser.parseTopLevelKeywordDeclaration (package:front_end/src/fasta/parser/parser.dart:602:18)                                                     
#5      Parser.parseTopLevelDeclarationImpl (package:front_end/src/fasta/parser/parser.dart:468:14)                                                        
#6      Parser.parseUnit (package:front_end/src/fasta/parser/parser.dart:350:15)                                                                           
#7      SourceLoader.buildBody (package:front_end/src/fasta/source/source_loader.dart:296:14)                                                              
<asynchronous suspension>                                                                                                                                  
#8      Loader.buildBodies (package:front_end/src/fasta/loader.dart:218:15)                                                                                
<asynchronous suspension>                                                                                                                                  
#9      KernelTarget.buildComponent.<anonymous closure> (package:front_end/src/fasta/kernel/kernel_target.dart:298:20)                                     
<asynchronous suspension>                                                                                                                                  
#10     withCrashReporting (package:front_end/src/fasta/crash.dart:122:24)                                                                                 
<asynchronous suspension>                                                                                                                                  
#11     KernelTarget.buildComponent (package:front_end/src/fasta/kernel/kernel_target.dart:296:12)                                                         
<asynchronous suspension>                                                                                                                                  
#12     generateKernelInternal.<anonymous closure> (package:front_end/src/kernel_generator_impl.dart:158:38)                                               
<asynchronous suspension>                                                                                                                                  
#13     withCrashReporting (package:front_end/src/fasta/crash.dart:122:24)                                                                                 
<asynchronous suspension>                                                                                                                                  
#14     generateKernelInternal (package:front_end/src/kernel_generator_impl.dart:65:10)                                                                    
<asynchronous suspension>
#15     generateKernel.<anonymous closure> (package:front_end/src/kernel_generator_impl.dart:45:18)                                                        
<asynchronous suspension>
#16     CompilerContext.runWithOptions.<anonymous closure> (package:front_end/src/fasta/compiler_context.dart:134:20)                                      
<asynchronous suspension>
#17     CompilerContext.runInContext.<anonymous closure>.<anonymous closure> (package:front_end/src/fasta/compiler_context.dart:122:46)
#18     new Future.sync (dart:async/future.dart:224:31)
#19     CompilerContext.runInContext.<anonymous closure> (package:front_end/src/fasta/compiler_context.dart:122:19)
#20     _rootRun (dart:async/zone.dart:1124:13)
#21     _CustomZone.run (dart:async/zone.dart:1021:19)
#22     _runZoned (dart:async/zone.dart:1516:10)
#23     runZoned (dart:async/zone.dart:1463:12)
#24     CompilerContext.runInContext (package:front_end/src/fasta/compiler_context.dart:121:12)                                                            
#25     CompilerContext.runWithOptions (package:front_end/src/fasta/compiler_context.dart:132:10)
#26     generateKernel (package:front_end/src/kernel_generator_impl.dart:44:32)                                                                            
<asynchronous suspension>
#27     kernelForModule (package:front_end/src/api_prototype/kernel_generator.dart:97:17)                                                                 
<asynchronous suspension>                                                                                                                                 
#28     SingleShotCompilerWrapper.compileInternal (file:///b/s/w/ir/cache/builder/sdk/pkg/vm/bin/kernel_service.dart:317:17)                              
<asynchronous suspension>
#29     Compiler.compile.<anonymous closure> (file:///b/s/w/ir/cache/builder/sdk/pkg/vm/bin/kernel_service.dart:155:45)                                   
<asynchronous suspension>
#30     new Future.<anonymous closure> (dart:async/future.dart:176:37)
#31     _rootRun (dart:async/zone.dart:1120:38)
#32     _CustomZone.run (dart:async/zone.dart:1021:19)
#33     _CustomZone.runGuarded (dart:async/zone.dart:923:7)
#34     _CustomZone.bindCallbackGuarded.<anonymous closure> (dart:async/zone.dart:963:23)
#35     _rootRun (dart:async/zone.dart:1124:13)
#36     _CustomZone.run (dart:async/zone.dart:1021:19)
#37     _CustomZone.bindCallback.<anonymous closure> (dart:async/zone.dart:947:23)
#38     Timer._createTimer.<anonymous closure> (dart:async-patch/timer_patch.dart:21:15)
#39     _Timer._runTimers (dart:isolate-patch/timer_impl.dart:382:19)
#40     _Timer._handleMessage (dart:isolate-patch/timer_impl.dart:416:5)
#41     _RawReceivePortImpl._handleMessage (dart:isolate-patch/isolate_patch.dart:172:12)

#0      _StringBase.substring (dart:core-patch/string_patch.dart:390:7)
#1      unescapeString (package:front_end/src/fasta/quote.dart:140:14)
#2      DietListener.endImport (package:front_end/src/fasta/source/diet_listener.dart:470:9)
#3      Parser.parseImport (package:front_end/src/fasta/parser/parser.dart:679:16)
#4      Parser.parseTopLevelKeywordDeclaration (package:front_end/src/fasta/parser/parser.dart:602:18)
#5      Parser.parseTopLevelDeclarationImpl (package:front_end/src/fasta/parser/parser.dart:468:14)
#6      Parser.parseUnit (package:front_end/src/fasta/parser/parser.dart:350:15)
#7      SourceLoader.buildBody (package:front_end/src/fasta/source/source_loader.dart:296:14)                                                              
<asynchronous suspension>
#8      Loader.buildBodies (package:front_end/src/fasta/loader.dart:218:15)
<asynchronous suspension>
#9      KernelTarget.buildComponent.<anonymous closure> (package:front_end/src/fasta/kernel/kernel_target.dart:298:20)                                    
<asynchronous suspension>
#10     withCrashReporting (package:front_end/src/fasta/crash.dart:122:24)
<asynchronous suspension>
#11     KernelTarget.buildComponent (package:front_end/src/fasta/kernel/kernel_target.dart:296:12)                                                        
<asynchronous suspension>
#12     generateKernelInternal.<anonymous closure> (package:front_end/src/kernel_generator_impl.dart:158:38)                                              
<asynchronous suspension>
#13     withCrashReporting (package:front_end/src/fasta/crash.dart:122:24)
<asynchronous suspension>
#14     generateKernelInternal (package:front_end/src/kernel_generator_impl.dart:65:10)                                                                   
<asynchronous suspension>
#15     generateKernel.<anonymous closure> (package:front_end/src/kernel_generator_impl.dart:45:18)                                                       
<asynchronous suspension>
#16     CompilerContext.runWithOptions.<anonymous closure> (package:front_end/src/fasta/compiler_context.dart:134:20)                                     
<asynchronous suspension>
#17     CompilerContext.runInContext.<anonymous closure>.<anonymous closure> (package:front_end/src/fasta/compiler_context.dart:122:46)                   
#18     new Future.sync (dart:async/future.dart:224:31)
#19     CompilerContext.runInContext.<anonymous closure> (package:front_end/src/fasta/compiler_context.dart:122:19)                                       
#20     _rootRun (dart:async/zone.dart:1124:13)
#21     _CustomZone.run (dart:async/zone.dart:1021:19)
#22     _runZoned (dart:async/zone.dart:1516:10)
#23     runZoned (dart:async/zone.dart:1463:12)
#24     CompilerContext.runInContext (package:front_end/src/fasta/compiler_context.dart:121:12)                                                           
#25     CompilerContext.runWithOptions (package:front_end/src/fasta/compiler_context.dart:132:10)                                                         
#26     generateKernel (package:front_end/src/kernel_generator_impl.dart:44:32)                                                                           
<asynchronous suspension>
#27     kernelForModule (package:front_end/src/api_prototype/kernel_generator.dart:97:17)                                                                 
<asynchronous suspension>
#28     SingleShotCompilerWrapper.compileInternal (file:///b/s/w/ir/cache/builder/sdk/pkg/vm/bin/kernel_service.dart:317:17)                              
<asynchronous suspension>
#29     Compiler.compile.<anonymous closure> (file:///b/s/w/ir/cache/builder/sdk/pkg/vm/bin/kernel_service.dart:155:45)                                   
<asynchronous suspension>
#30     new Future.<anonymous closure> (dart:async/future.dart:176:37)
#31     _rootRun (dart:async/zone.dart:1120:38)
#32     _CustomZone.run (dart:async/zone.dart:1021:19)
#33     _CustomZone.runGuarded (dart:async/zone.dart:923:7)
#34     _CustomZone.bindCallbackGuarded.<anonymous closure> (dart:async/zone.dart:963:23)                                                                 
#35     _rootRun (dart:async/zone.dart:1124:13)
#36     _CustomZone.run (dart:async/zone.dart:1021:19)
#37     _CustomZone.bindCallback.<anonymous closure> (dart:async/zone.dart:947:23)                                                                        
#38     Timer._createTimer.<anonymous closure> (dart:async-patch/timer_patch.dart:21:15)                                                                  
#39     _Timer._runTimers (dart:isolate-patch/timer_impl.dart:382:19)
#40     _Timer._handleMessage (dart:isolate-patch/timer_impl.dart:416:5)
#41     _RawReceivePortImpl._handleMessage (dart:isolate-patch/isolate_patch.dart:172:12)