Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Assertion 'ecma_is_value_object (value)' failed #5089

Closed
voidptr127 opened this issue Jun 8, 2023 · 0 comments · Fixed by #5126
Closed

Assertion 'ecma_is_value_object (value)' failed #5089

voidptr127 opened this issue Jun 8, 2023 · 0 comments · Fixed by #5126

Comments

@voidptr127
Copy link

This bug report leads to the same error message as in #4936 but 4936 is fixed whereas this is present on the most recent version.

JerryScript revision
05dbbd134c3b9e2482998f267857dd3722001cd7
Build platform
Linux-6.2.15-200.fc37.x86_64-x86_64-with-glibc2.34
clang version 14.0.6 (Red Hat 14.0.6-4.el9_1)
Build steps
CC=/usr/bin/clang python3 tools/build.py --clean \
    --debug \
    --strip=off \
    --compile-flag=-fsanitize=address \
    --lto=off \
    --compile-flag=-g \
    --error-messages=on \
    --promise-callback=on \
    --logging=on \
    --line-info=on \
    --stack-limit=128
Test case
void Symbol();
async function Symbol(undefined, Function){
void (Int32Array=[Date=[]=[], Date=[]=[], Date=Symbol(), Date=await [], []]=[]+[]);

}
Execution
./build/bin/jerry poc.js
Output
ICE: Assertion 'ecma_is_value_object (value)' failed at /home/rocky/jerryscript/jerry-core/ecma/base/ecma-helpers-value.c(ecma_get_object_from_value):821.
Error: JERRY_FATAL_FAILED_ASSERTION
Aborted (core dumped)
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 2, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
46863c2 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 5, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
0412511 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 5, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
848591c 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
@matetokodi matetokodi mentioned this issue Feb 5, 2024
Merged
matetokodi added a commit to matetokodi/jerryscript that referenced this issue Feb 5, 2024
@matetokodi
Fix gc of async destructuring assignments of strings
cd79318 
This fixes jerryscript-project#5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
akosthekiss pushed a commit that referenced this issue Feb 6, 2024
@matetokodi
Fix gc of async destructuring assignments of strings (#5126)
bac7ee3 
This fixes #5089

When garbage collection is running on a paused async function that
includes destructuring assignments of strings, the string can be a
direct string, and not an object, which cannot be marked as visited, as
it does not have a visited flag.

JerryScript-DCO-1.0-Signed-off-by: Máté Tokodi mate.tokodi@szteszoftver.hu
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix gc of async destructuring assignments of strings matetokodi/jerryscript
1 participant
@voidptr127