Assertion isRegExpObject() failed in Escargot::Object::asRegExpObject

[renatahodovan]

Escargot version:

Checked revision: cd03a08

Build command: cmake -H. -Bout -DESCARGOT_HOST=linux -DESCARGOT_ARCH=x64 -DESCARGOT_MODE=debug -DESCARGOT_OUTPUT=bin -GNinja && ninja -C out

OS:

Linux-4.15.0-48-generic-x86_64-with-Ubuntu-18.04-bionic

Test case:

var obj = { };
RegExp.prototype.compile.call(obj);

Backtrace:

escargot: ../src/runtime/Object.h:555: Escargot::RegExpObject* Escargot::Object::asRegExpObject(): Assertion `isRegExpObject()' failed.

bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007ffff6466801 in __GI_abort () at abort.c:79
#2  0x00007ffff645639a in __assert_fail_base (fmt=0x7ffff65dd7d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x55555584e87e "isRegExpObject()", file=file@entry=0x55555584e7ce "../src/runtime/Object.h", line=line@entry=555, function=function@entry=0x55555584eb80 <Escargot::Object::asRegExpObject()::__PRETTY_FUNCTION__> "Escargot::RegExpObject* Escargot::Object::asRegExpObject()") at assert.c:92
#3  0x00007ffff6456412 in __GI___assert_fail (assertion=0x55555584e87e "isRegExpObject()", file=0x55555584e7ce "../src/runtime/Object.h", line=555, function=0x55555584eb80 <Escargot::Object::asRegExpObject()::__PRETTY_FUNCTION__> "Escargot::RegExpObject* Escargot::Object::asRegExpObject()") at assert.c:101
#4  0x000055555575ccb6 in Escargot::Object::asRegExpObject (this=0x7ffff45d6250) at ../src/runtime/Object.h:555
#5  0x000055555575e084 in Escargot::builtinRegExpCompile (state=..., thisValue=..., argc=1, argv=0x7fffffffbdc0, isNewExpression=false) at ../src/runtime/GlobalObjectBuiltinRegExp.cpp:140
#6  0x00005555556cca22 in Escargot::FunctionObject::processCall (this=0x7ffff4664330, state=..., receiverSrc=..., argc=1, argv=0x7fffffffbdc0, isNewExpression=false) at ../src/runtime/FunctionObject.cpp:357
#7  0x00005555555ca3af in Escargot::FunctionObject::call (this=0x7ffff4664330, state=..., receiver=..., argc=1, argv=0x7fffffffc050) at ../src/runtime/FunctionObject.h:103
#8  0x00005555556fc8c8 in Escargot::builtinFunctionCall (state=..., thisValue=..., argc=2, argv=0x7fffffffcae8, isNewExpression=false) at ../src/runtime/GlobalObjectBuiltinFunction.cpp:197
#9  0x00005555556cca22 in Escargot::FunctionObject::processCall (this=0x7ffff46653e0, state=..., receiverSrc=..., argc=2, argv=0x7fffffffcae8, isNewExpression=false) at ../src/runtime/FunctionObject.cpp:357
#10 0x00005555555f4f02 in Escargot::FunctionObject::call (state=..., callee=..., receiver=..., argc=2, argv=0x7fffffffcae8, isNewExpression=false) at ../src/runtime/FunctionObject.h:111
#11 0x00005555555f812a in Escargot::ByteCodeInterpreter::interpret (state=..., byteCodeBlock=0x7ffff4676bb0, programCounter=93824999009200, registerFile=0x7fffffffcad0, initAddressFiller=0x0) at ../src/interpreter/ByteCodeInterpreter.cpp:540
#12 0x00005555556cdc72 in Escargot::FunctionObject::processCall (this=0x7ffff4638b70, state=..., receiverSrc=..., argc=1, argv=0x7fffffffd530, isNewExpression=false) at ../src/runtime/FunctionObject.cpp:536
#13 0x00005555555f4f02 in Escargot::FunctionObject::call (state=..., callee=..., receiver=..., argc=1, argv=0x7fffffffd530, isNewExpression=false) at ../src/runtime/FunctionObject.h:111
#14 0x00005555555f803d in Escargot::ByteCodeInterpreter::interpret (state=..., byteCodeBlock=0x7ffff4676cd0, programCounter=93824999003936, registerFile=0x7fffffffd520, initAddressFiller=0x0) at ../src/interpreter/ByteCodeInterpreter.cpp:529
#15 0x0000555555625aed in Escargot::Script::execute (this=0x7ffff45f8190, state=..., isEvalMode=false, needNewEnv=false, isOnGlobal=true) at ../src/parser/Script.cpp:79
#16 0x0000555555625c3f in Escargot::Script::<lambda()>::operator()(void) const (__closure=0x7fffffffd8a0) at ../src/parser/Script.cpp:92
#17 0x0000555555626c48 in std::_Function_handler<Escargot::Value(), Escargot::Script::sandboxExecute(Escargot::ExecutionState&)::<lambda()> >::_M_invoke(const std::_Any_data &) (__functor=...) at /usr/include/c++/7/bits/std_function.h:302
#18 0x00005555557be90c in std::function<Escargot::Value ()>::operator()() const (this=0x7fffffffd8a0) at /usr/include/c++/7/bits/std_function.h:706
#19 0x00005555557bd4bf in Escargot::SandBox::run(std::function<Escargot::Value ()> const&) (this=0x7fffffffd810, scriptRunner=...) at ../src/runtime/SandBox.cpp:36
#20 0x0000555555625d1c in Escargot::Script::sandboxExecute (this=0x7ffff45f8190, state=...) at ../src/parser/Script.cpp:93
#21 0x00005555557daeb0 in eval (context=0x7ffff4666ed0, str=0x7ffff45e97f0, fileName=0x7ffff45e96b0, shouldPrintScriptResult=false) at ../src/shell/Shell.cpp:47
#22 0x00005555557db7d5 in main (argc=2, argv=0x7fffffffdbc8) at ../src/shell/Shell.cpp:128

^{Found by Fuzzinator with grammarinator.}