Assertion ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value) in ecma_check_value_type_is_spec_defined

[renatahodovan]

JerryScript revision

0d496966

Build platform

Linux-5.4.0-104-generic-x86_64-with-glibc2.29

Build steps

./tools/build.py --clean --debug --profile=es.next  --error-messages=ON --logging=ON

Test case

class A { }
class B extends A { constructor(a,b,c,d){ eval("eval ('super (a, b, c, d)')"); super.__proto__} } 
var a = new B();

Output

ICE: Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c(ecma_check_value_type_is_spec_defined):432.
Error: JERRY_FATAL_FAILED_ASSERTION
AddressSanitizer:DEADLYSIGNAL
=================================================================
==698630==ERROR: AddressSanitizer: ABRT on unknown address 0x03e9000aa906 (pc 0x7f00a4d4203b bp 0x7ffee59ac660 sp 0x7ffee59ac3f0 T0)
    #0 0x7f00a4d4203b in raise /build/glibc-sMfBJT/glibc-2.31/signal/../sysdeps/unix/sysv/linux/raise.c:51:1
    #1 0x7f00a4d21858 in abort /build/glibc-sMfBJT/glibc-2.31/stdlib/abort.c:79:7
    #2 0x806f07 in jerry_port_fatal jerryscript/jerry-port/common/jerry-port-process.c:29:5
    #3 0x6281ca in jerry_fatal jerryscript/jerry-core/jrt/jrt-fatals.c:63:3
    #4 0x627f7a in jerry_assert_fail jerryscript/jerry-core/jrt/jrt-fatals.c:83:3
    #5 0x53101d in ecma_check_value_type_is_spec_defined jerryscript/jerry-core/ecma/base/ecma-helpers-value.c:430:3
    #6 0x5a92ea in ecma_op_require_object_coercible jerryscript/jerry-core/ecma/operations/ecma-conversion.c:61:3
    #7 0x73fbd3 in ecma_builtin_object_object_set_proto jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-object.c:253:8
    #8 0x73d7de in ecma_builtin_object_prototype_dispatch_routine jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-object-prototype.c:448:12
    #9 0x56f39d in ecma_builtin_dispatch_routine jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1460:10
    #10 0x56ead1 in ecma_builtin_dispatch_call jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1489:12
    #11 0x5b9af2 in ecma_op_function_call_native_built_in jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1217:5
    #12 0x5b8640 in ecma_op_function_call jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1411:16
    #13 0x5dad85 in ecma_op_object_put_with_receiver jerryscript/jerry-core/ecma/operations/ecma-objects.c:1615:5
    #14 0x6b1dd6 in opfunc_assign_super_reference jerryscript/jerry-core/vm/opcodes.c:2073:5
    #15 0x6d4f07 in vm_loop jerryscript/jerry-core/vm/vm.c:2852:20
    #16 0x6bb8f1 in vm_execute jerryscript/jerry-core/vm/vm.c:5211:37
    #17 0x6b975b in vm_run jerryscript/jerry-core/vm/vm.c:5312:10
    #18 0x5bf4c8 in ecma_op_function_call_constructor jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1036:15
    #19 0x5b8f30 in ecma_op_function_call_simple jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1116:14
    #20 0x5bac78 in ecma_op_function_construct_simple jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1492:28
    #21 0x5ba7eb in ecma_op_function_construct jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1713:14
    #22 0x6f20b5 in opfunc_construct jerryscript/jerry-core/vm/vm.c:840:7
    #23 0x6bba38 in vm_execute jerryscript/jerry-core/vm/vm.c:5236:9
    #24 0x6b975b in vm_run jerryscript/jerry-core/vm/vm.c:5312:10
    #25 0x6b91b7 in vm_run_global jerryscript/jerry-core/vm/vm.c:286:25
    #26 0x4ce357 in jerry_run jerryscript/jerry-core/api/jerryscript.c:548:24
    #27 0x8052c9 in jerryx_source_exec_script jerryscript/jerry-ext/util/sources.c:68:14
    #28 0x4c4cb6 in main jerryscript/jerry-main/main-desktop.c:156:20
    #29 0x7f00a4d230b2 in __libc_start_main /build/glibc-sMfBJT/glibc-2.31/csu/../csu/libc-start.c:308:16
    #30 0x41c53d in _start (jerryscript/build/bin/jerry+0x41c53d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: ABRT /build/glibc-sMfBJT/glibc-2.31/signal/../sysdeps/unix/sysv/linux/raise.c:51:1 in raise
==698630==ABORTING

Backtrace

bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff7c33859 in __GI_abort () at abort.c:79
#2  0x0000000000806f08 in jerry_port_fatal (code=JERRY_FATAL_FAILED_ASSERTION) at jerryscript/jerry-port/common/jerry-port-process.c:29
#3  0x00000000006281cb in jerry_fatal (code=JERRY_FATAL_FAILED_ASSERTION) at jerryscript/jerry-core/jrt/jrt-fatals.c:63
#4  0x0000000000627f7b in jerry_assert_fail (assertion=0x82d0a0 <str> "ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_i"..., file=0x82d1c0 <str> "jerryscript/jerry-core/ecma/base/ecma-helpers-value.c", function=0x82d240 <__func__.ecma_check_value_type_is_spec_defined> "ecma_check_value_type_is_spec_defined", line=432) at jerryscript/jerry-core/jrt/jrt-fatals.c:83
#5  0x000000000053101e in ecma_check_value_type_is_spec_defined (value=104) at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c:430
#6  0x00000000005a92eb in ecma_op_require_object_coercible (value=104) at jerryscript/jerry-core/ecma/operations/ecma-conversion.c:61
#7  0x000000000073fbd4 in ecma_builtin_object_object_set_proto (arg1=104, arg2=160) at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-object.c:253
#8  0x000000000073d7df in ecma_builtin_object_prototype_dispatch_routine (builtin_routine_id=8 '\b', this_arg=104, arguments_list_p=0x7fffffff6920, arguments_number=1) at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-object-prototype.c:448
#9  0x000000000056f39e in ecma_builtin_dispatch_routine (func_obj_p=0x11dfeb0 <jerry_global_heap+1968>, this_arg_value=104, arguments_list_p=0x7fffffff6920, arguments_list_len=1) at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1460
#10 0x000000000056ead2 in ecma_builtin_dispatch_call (obj_p=0x11dfeb0 <jerry_global_heap+1968>, this_arg_value=104, arguments_list_p=0x7fffffff6d20, arguments_list_len=1) at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:1489
#11 0x00000000005b9af3 in ecma_op_function_call_native_built_in (func_obj_p=0x11dfeb0 <jerry_global_heap+1968>, this_arg_value=104, arguments_list_p=0x7fffffff6d20, arguments_list_len=1) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1217
#12 0x00000000005b8641 in ecma_op_function_call (func_obj_p=0x11dfeb0 <jerry_global_heap+1968>, this_arg_value=104, arguments_list_p=0x7fffffff6d20, arguments_list_len=1) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1411
#13 0x00000000005dad86 in ecma_op_object_put_with_receiver (object_p=0x11dfa90 <jerry_global_heap+912>, property_name_p=0x1f6d, value=160, receiver=104, is_throw=true) at jerryscript/jerry-core/ecma/operations/ecma-objects.c:1615
#14 0x00000000006b1dd7 in opfunc_assign_super_reference (vm_stack_top_p=0x7fffffff74a0, frame_ctx_p=0x7fffffffc840, opcode_data=168) at jerryscript/jerry-core/vm/opcodes.c:2073
#15 0x00000000006d4f08 in vm_loop (frame_ctx_p=0x7fffffffc840) at jerryscript/jerry-core/vm/vm.c:2852
#16 0x00000000006bb8f2 in vm_execute (frame_ctx_p=0x7fffffffc840) at jerryscript/jerry-core/vm/vm.c:5211
#17 0x00000000006b975c in vm_run (shared_p=0x7fffffffcb80, this_binding_value=104, lex_env_p=0x11dfb68 <jerry_global_heap+1128>) at jerryscript/jerry-core/vm/vm.c:5312
#18 0x00000000005bf4c9 in ecma_op_function_call_constructor (shared_args_p=0x7fffffffcb80, scope_p=0x11dfb68 <jerry_global_heap+1128>, this_binding=104) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1036
#19 0x00000000005b8f31 in ecma_op_function_call_simple (func_obj_p=0x11dfbb0 <jerry_global_heap+1200>, this_binding=72, arguments_list_p=0x7fffffffd288, arguments_list_len=6) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1116
#20 0x00000000005bac79 in ecma_op_function_construct_simple (func_obj_p=0x11dfbb0 <jerry_global_heap+1200>, new_target_p=0x11dfbb0 <jerry_global_heap+1200>, arguments_list_p=0x7fffffffd288, arguments_list_len=6) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1492
#21 0x00000000005ba7ec in ecma_op_function_construct (func_obj_p=0x11dfbb0 <jerry_global_heap+1200>, new_target_p=0x11dfbb0 <jerry_global_heap+1200>, arguments_list_p=0x7fffffffd288, arguments_list_len=6) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1713
#22 0x00000000006f20b6 in opfunc_construct (frame_ctx_p=0x7fffffffd240) at jerryscript/jerry-core/vm/vm.c:840
#23 0x00000000006bba39 in vm_execute (frame_ctx_p=0x7fffffffd240) at jerryscript/jerry-core/vm/vm.c:5236
#24 0x00000000006b975c in vm_run (shared_p=0x7fffffffd460, this_binding_value=11, lex_env_p=0x11df9f0 <jerry_global_heap+752>) at jerryscript/jerry-core/vm/vm.c:5312
#25 0x00000000006b91b8 in vm_run_global (bytecode_p=0x11dfe08 <jerry_global_heap+1800>, function_object_p=0x11df9e0 <jerry_global_heap+736>) at jerryscript/jerry-core/vm/vm.c:286
#26 0x00000000004ce358 in jerry_run (script=739) at jerryscript/jerry-core/api/jerryscript.c:548
#27 0x00000000008052ca in jerryx_source_exec_script (path_p=0x7fffffffde38 "/run/user/1001/fuzzinator/697673/698628-FileWriterDecorator-51cb32bd94fc469c9f02930f2319071c/0.js") at jerryscript/jerry-ext/util/sources.c:68
#28 0x00000000004c4cb7 in main (argc=2, argv=0x7fffffffdb08) at jerryscript/jerry-main/main-desktop.c:156

^{Found by Fuzzinator with grammarinator.}