Assertion '(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER' failed in lit_read_code_unit_from_utf8 #2073

renatahodovan · 2017-11-07T17:14:58Z

Jerry version:

Checked revision: bdcd2d8
Build command: ./tools/build.py --clean --debug

OS:

Ubuntu 17.10

Test case:

Date.parse("2015-01-01T01߄'a': 1}:01F");

Download test case

Backtrace:

ICE: Assertion '(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER' failed at jerryscript/jerry-core/lit/lit-strings.c(lit_read_code_unit_from_utf8):425.
Error: ERR_FAILED_INTERNAL_ASSERTION

Program received signal SIGABRT, Aborted.
0x00000000005ffda8 in raise ()
(gdb) bt
#0  0x00000000005ffda8 in raise ()
#1  0x00000000005fff5d in abort ()
#2  0x00000000005956c1 in jerry_port_fatal (code=ERR_FAILED_INTERNAL_ASSERTION)
    at jerryscript/jerry-port/default/default-fatal.c:71
#3  jerry_fatal (code=code@entry=ERR_FAILED_INTERNAL_ASSERTION) at jerryscript/jerry-core/jrt/jrt-fatals.c:58
#4  0x0000000000595db2 in jerry_assert_fail (assertion=assertion@entry=0x691be8 "(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER", 
    file=file@entry=0x67e9e0 "jerryscript/jerry-core/lit/lit-strings.c", 
    function=function@entry=0x693770 <__func__.2487> "lit_read_code_unit_from_utf8", line=line@entry=425)
    at jerryscript/jerry-core/jrt/jrt-fatals.c:82
#5  0x0000000000596e9f in lit_read_code_unit_from_utf8 (buf_p=<optimized out>, code_point=<optimized out>)
    at jerryscript/jerry-core/lit/lit-strings.c:425
#6  0x00000000005aede8 in lit_utf8_read_next (buf_p=0x7fffffffda08) at jerryscript/jerry-core/lit/lit-strings.c:467
#7  ecma_date_parse_date_chars (str_p=0x7fffffffda08, str_end_p=0x9c5f9a <jerry_global_heap+506> "", num_of_chars=1)
    at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-date.c:60
#8  0x00000000005b523f in ecma_builtin_date_parse.isra.1.lto_priv.312 (arg=<optimized out>)
    at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-date.c:269
#9  0x0000000000457051 in ecma_builtin_date_dispatch_routine (this_arg_value=219, arguments_number=1, arguments_list=0x7fffffffdc2c, 
    builtin_routine_id=<optimized out>) at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtin-date.inc.h:33
#10 ecma_builtin_dispatch_routine (builtin_object_id=<optimized out>, builtin_routine_id=<optimized out>, 
    this_arg_value=this_arg_value@entry=219, arguments_list=arguments_list@entry=0x7fffffffdc2c, arguments_number=arguments_number@entry=1)
    at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.inc.h:153
#11 0x000000000045a95e in ecma_builtin_dispatch_call (obj_p=0x9c5e88 <jerry_global_heap+232>, this_arg_value=219, 
    arguments_list_p=0x7fffffffdc2c, arguments_list_len=1)
    at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.c:844
#12 0x00000000004ac44d in ecma_op_function_call (func_obj_p=0x9c5e88 <jerry_global_heap+232>, this_arg_value=<optimized out>, 
    arguments_list_p=0x7fffffffdc2c, arguments_list_len=1)
    at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:343
#13 0x00000000005ca5ab in opfunc_call.isra.1 () at jerryscript/jerry-core/vm/vm.c:424
#14 vm_execute (frame_ctx_p=frame_ctx_p@entry=0x7fffffffdc40, arg_p=<optimized out>, arg_list_len=<optimized out>)
    at jerryscript/jerry-core/vm/vm.c:2803
#15 0x00000000005dc396 in vm_run (bytecode_header_p=<optimized out>, this_binding_value=<optimized out>, lex_env_p=<optimized out>, 
    is_eval_code=<optimized out>, arg_list_p=<optimized out>, arg_list_len=<optimized out>)
    at jerryscript/jerry-core/vm/vm.c:2883
#16 0x000000000040b5eb in vm_run_global (bytecode_p=<optimized out>) at jerryscript/jerry-core/vm/vm.c:231
#17 jerry_run (func_val=203) at jerryscript/jerry-core/api/jerry.c:558
#18 main (argc=<optimized out>, argv=<optimized out>) at jerryscript/jerry-main/main-unix.c:758

^{Found by Fuzzinator with grammarinator.}

The text was updated successfully, but these errors were encountered:

Fixes issue jerryscript-project#2073, which introduced an error caused by Date.parse() The problem was that the function didn't properly check if there was a ':' after the hours. If any UTF8 character was inserted there which got decoded into multiple characters, it caused the pointer to point at a wrong character. JerryScript-DCO-1.0-Signed-off-by: Daniel Balla [email protected]

Fixes issue #2073, which introduced an error caused by Date.parse() The problem was that the function didn't properly check if there was a ':' after the hours. If any UTF8 character was inserted there which got decoded into multiple characters, it caused the pointer to point at a wrong character. JerryScript-DCO-1.0-Signed-off-by: Daniel Balla [email protected]

DanielBallaSZTE · 2017-11-14T23:45:26Z

I think this issue can be closed now.

akosthekiss added bug Undesired behaviour ecma builtins Related to ECMA built-in routines ecma core Related to core ECMA functionality labels Nov 7, 2017

DanielBallaSZTE mentioned this issue Nov 9, 2017

Fix Date.parse() in ecma-builtin-date.c #2081

Merged

LaszloLango closed this as completed Nov 15, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Assertion '(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER' failed in lit_read_code_unit_from_utf8 #2073

Assertion '(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER' failed in lit_read_code_unit_from_utf8 #2073

renatahodovan commented Nov 7, 2017

DanielBallaSZTE commented Nov 14, 2017

Assertion '(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER' failed in lit_read_code_unit_from_utf8 #2073

Assertion '(c & LIT_UTF8_3_BYTE_MASK) == LIT_UTF8_3_BYTE_MARKER' failed in lit_read_code_unit_from_utf8 #2073

Comments

renatahodovan commented Nov 7, 2017

Jerry version:

OS:

Test case:

Backtrace:

DanielBallaSZTE commented Nov 14, 2017