RESOLVED WONTFIX 174454
jsc crashes with Unexpected identifier 
https://bugs.webkit.org/show_bug.cgi?id=174454
Summary jsc crashes with Unexpected identifier
Qirun Zhang
Reported 2017-07-12 20:35:26 PDT
I have built a recent version using the instructions at https://trac.webkit.org/wiki/BuildingGtk The hashtag of my build is: commit 3f7415a21a3fd7220b07b74654bee687fafa7134 JSC crashes on the following testcase. $ ~/jsc/WebKit/WebKitBuild/Release/bin/jsc abc.js Error compiling builtin: Unexpected identifier 'caller' Fatal error compiling builtin function 'foo': Unexpected identifier 'caller'1 0x7fd61460e377 /home/absozero/jsc/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x17) [0x7fd61460e377] 2 0x7fd613c5bc0e /home/absozero/jsc/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(_ZN3JSC18BuiltinExecutables16createExecutableERNS_2VMERKNS_10SourceCodeERKNS_10IdentifierENS_15ConstructorKindENS_16ConstructAbilityE+0x4be) [0x7fd613c5bc0e] 3 0x423840 /home/absozero/jsc/WebKit/WebKitBuild/Release/bin/jsc() [0x423840] 4 0x7fd5ce1ff028 [0x7fd5ce1ff028] Segmentation fault (core dumped) $ cat abc.js function tryGetByIdText(propertyName) { return ` template ${ propertyName } template `; } { let get = createBuiltin( tryGetByIdText('caller')); }
Attachments
Add attachment proposed patch, testcase, etc.
Yusuke Suzuki
Comment 1 2017-07-13 08:51:55 PDT
Thank you for filing this issue. This createBuiltin function is introduced to test internal functionality in JSC: testing builtin (with some privilege) functions in JSC. We do not expose it to user-space. For example, WebKit does not expose it in web pages. Only jsc shell has this because of testing purpose. This crash is intended behavior to prevent us from writing unresolved reference in builtin JS.
Note You need to log in before you can comment on or make changes to this bug.