Assertion context_p->token.type != LEXER_RIGHT_PAREN in parser_parse_while_statement_start

[renatahodovan]

JerryScript revision

fbde788

Build platform

Linux-4.15.0-54-generic-x86_64-with-Ubuntu-18.04-bionic

Build steps

./tools/build.py --clean --debug --compile-flag=-fsanitize=address \
--compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer \
--compile-flag=-fno-common --compile-flag=-g \
--strip=off --system-allocator=on --logging=on \
--linker-flag=-fuse-ld=gold --error-messages=on --profile=es2015-subset

Test case

class $ {
  super ( ) {
    class B extends A {
      constructor ( ) {
        super ( )
        while ( 1 )

Output

ICE: Assertion 'context_p->token.type != LEXER_RIGHT_PAREN' failed at jerryscript/jerry-core/parser/js/js-parser-statm.c(parser_parse_while_statement_start):792.
Error: ERR_FAILED_INTERNAL_ASSERTION

Backtrace

bt
#0  0xf7fd5059 in __kernel_vsyscall ()
#1  0xf77fc832 in raise () from /lib/i386-linux-gnu/libc.so.6
#2  0xf77fdcc1 in abort () from /lib/i386-linux-gnu/libc.so.6
#3  0x5657984c in jerry_port_fatal (code=ERR_FAILED_INTERNAL_ASSERTION) at jerryscript/jerry-port/default/default-fatal.c:71
#4  0x566126c6 in jerry_fatal (code=ERR_FAILED_INTERNAL_ASSERTION) at jerryscript/jerry-core/jrt/jrt-fatals.c:58
#5  0x56612707 in jerry_assert_fail (assertion=0x566a2fc0 "context_p->token.type != LEXER_RIGHT_PAREN", file=0x566a2960 "jerryscript/jerry-core/parser/js/js-parser-statm.c", function=0x56692fc0 <__func__.5365.lto_priv.26> "parser_parse_while_statement_start", line=792) at jerryscript/jerry-core/jrt/jrt-fatals.c:82
#6  0x565ae71e in parser_parse_while_statement_start.lto_priv.180 (context_p=0xffffc5b0) at jerryscript/jerry-core/parser/js/js-parser-statm.c:792
#7  0x5656fcf8 in parser_parse_statements (context_p=0xffffc5b0) at jerryscript/jerry-core/parser/js/js-parser-statm.c:2407
#8  0x565d32ff in parser_parse_function (context_p=0xffffc5b0, status_flags=3146758) at jerryscript/jerry-core/parser/js/js-parser.c:2782
#9  0x5659ca52 in parser_parse_class_literal (context_p=0xffffc5b0) at jerryscript/jerry-core/parser/js/js-parser-expr.c:524
#10 0x5659d4a6 in parser_parse_class (context_p=0xffffc5b0, is_statement=true) at jerryscript/jerry-core/parser/js/js-parser-expr.c:659
#11 0x5656faaa in parser_parse_statements (context_p=0xffffc5b0) at jerryscript/jerry-core/parser/js/js-parser-statm.c:2350
#12 0x565d1323 in parser_parse_source (arg_list_p=0x0, arg_list_size=0, source_p=0x566ecae0 <buffer.lto_priv> "class A { constructor ( ) { this .a = 5 ; \n} f ( ) { return 10 ; \n} super ( ) { this .super = 10 ; \nreturn 15 ; \n} } \nclass B extends A { constructor ( ) { super ( ) ; \nwhile ( 1 ) { cnt ++ ; \nif ( cn"..., source_size=605, parse_opts=0, error_location_p=0xffffc7c0) at jerryscript/jerry-core/parser/js/js-parser.c:2530
#13 0x565d4089 in parser_parse_script (arg_list_p=0x0, arg_list_size=0, source_p=0x566ecae0 <buffer.lto_priv> "class A { constructor ( ) { this .a = 5 ; \n} f ( ) { return 10 ; \n} super ( ) { this .super = 10 ; \nreturn 15 ; \n} } \nclass B extends A { constructor ( ) { super ( ) ; \nwhile ( 1 ) { cnt ++ ; \nif ( cn"..., source_size=605, parse_opts=0, bytecode_data_p=0xffffc880) at jerryscript/jerry-core/parser/js/js-parser.c:2993
#14 0x56645fea in jerry_parse (resource_name_p=0xffffce8b "/home/reni/.fuzzinator_26530//jerryscript/picireny/73940511702335612187254617459470340328.js", resource_name_length=92, source_p=0x566ecae0 <buffer.lto_priv> "class A { constructor ( ) { this .a = 5 ; \n} f ( ) { return 10 ; \n} super ( ) { this .super = 10 ; \nreturn 15 ; \n} } \nclass B extends A { constructor ( ) { super ( ) ; \nwhile ( 1 ) { cnt ++ ; \nif ( cn"..., source_size=605, parse_opts=0) at jerryscript/jerry-core/api/jerry.c:420
#15 0x56642f3f in main (argc=3, argv=0xffffcc14) at jerryscript/jerry-main/main-unix.c:734

^{Found by Fuzzinator with grammarinator.}