Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' failed at jerryscript/jerry-core/parser/js/js-parser-expr.c(parser_parse_expression):4522.

[SwtWld]

JerryScript revision

Commit: a6ab5e9

Version: v3.0.0

Build platform

Ubuntu 18.04.5 LTS (Linux 4.19.128-microsoft-standard x86_64)

Ubuntu 18.04.5 LTS (Linux 5.4.0-44-generic x86_64)

Build steps

python ./tools/build.py --clean --debug --compile-flag=-fsanitize=address --compile-flag=-m32 --compile-flag=-g --strip=off --lto=off --logging=on --line-info=on --error-message=on --system-allocator=on --stack-limit=20

Test case

poc.js

function JSEtest() {
    function o() {}
    function k() {
        for (i = 0; i < this.depth; ++i) {}
    }
    for (const i = 0; i < 10; i++)
        (i) = {o: o, k: k};
}
JSEtest();

​

Execution steps & Output

$ ./jerryscript/build/bin/jerry poc.js

ICE: Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' failed at jerryscript/jerry-core/parser/js/js-parser-expr.c(parser_parse_expression):4522.
Error: ERR_FAILED_INTERNAL_ASSERTION
[1]    30029 abort      jerry poc.js

Credits: Found by OWL337 team.