Bug Description
Calling hermes JS engine with --commonjs flag leads to a segmentation fault.
ASAN stacktrace output:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2930775==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000148 (pc 0x7bd58d988ae2 bp 0x7ffd9fe7ca90 sp 0x7ffd9fe7c248 T0)
==2930775==The signal is caused by a READ memory access.
==2930775==Hint: address points to the zero page.
#0 0x7bd58d988ae2 in __memcpy_avx_unaligned_erms string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:342
#1 0x555700981d96 in __asan_memcpy (/home/lie/autofuzz-hermes/hermes-src/build-asan/bin/hermes+0x1b0d96) (BuildId: a5d626fb8633ceb263d5c3aa987a410564128c54)
#2 0x555700bb6e43 in hermes::irgen::ESTreeIRGen::genBasicFunction(hermes::Identifier, hermes::ESTree::FunctionLikeNode*, hermes::VariableScope*, hermes::ESTree::Node*, hermes::Function::DefinitionKind, hermes::Variable*, hermes::ESTree::Node*) /home/lie/autofuzz-hermes-open2/hermes-src/lib/IRGen/ESTreeIRGen-func.cpp:390:43
#3 0x555700b76044 in hermes::irgen::ESTreeIRGen::doCJSModule(hermes::sema::SemContext&, unsigned int, unsigned int, llvh::StringRef) /home/lie/autofuzz-hermes-open2/hermes-src/lib/IRGen/ESTreeIRGen.cpp:317:23
#4 0x555700b71653 in hermes::generateIRForCJSModule(hermes::sema::SemContext&, hermes::ESTree::FunctionExpressionNode*, unsigned int, unsigned int, llvh::StringRef, hermes::Module*) /home/lie/autofuzz-hermes-open2/hermes-src/lib/IRGen/IRGen.cpp:52:20
#5 0x5557009cf1dc in (anonymous namespace)::generateIRForSourcesAsCJSModules(hermes::Module&, hermes::sema::SemContext&, std::vector<hermes::ESTree::ProgramNode*, std::allocator<hermes::ESTree::ProgramNode*>> const&, std::map<unsigned int, std::vector<(anonymous namespace)::ModuleInSegment, std::allocator<(anonymous namespace)::ModuleInSegment>>, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::vector<(anonymous namespace)::ModuleInSegment, std::allocator<(anonymous namespace)::ModuleInSegment>>>>>, hermes::SourceMapGenerator*) /home/lie/autofuzz-hermes-open2/hermes-src/lib/CompilerDriver/CompilerDriver.cpp:1755:7
#6 0x5557009cf1dc in (anonymous namespace)::processSourceFiles(std::shared_ptr<hermes::Context>, std::map<unsigned int, std::vector<(anonymous namespace)::ModuleInSegment, std::allocator<(anonymous namespace)::ModuleInSegment>>, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::vector<(anonymous namespace)::ModuleInSegment, std::allocator<(anonymous namespace)::ModuleInSegment>>>>>) /home/lie/autofuzz-hermes-open2/hermes-src/lib/CompilerDriver/CompilerDriver.cpp:2018:10
#7 0x5557009c66bf in hermes::driver::compileFromCommandLineOptions() /home/lie/autofuzz-hermes-open2/hermes-src/lib/CompilerDriver/CompilerDriver.cpp:2382:12
#8 0x555700a059b2 in main /home/lie/autofuzz-hermes-open2/hermes-src/tools/hermes/hermes.cpp:460:31
#9 0x7bd58d82a1c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#10 0x7bd58d82a28a in __libc_start_main csu/../csu/libc-start.c:360:3
#11 0x5557008eb0a4 in _start (/home/lie/autofuzz-hermes/hermes-src/build-asan/bin/hermes+0x11a0a4) (BuildId: a5d626fb8633ceb263d5c3aa987a410564128c54)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:342 in __memcpy_avx_unaligned_erms
==2930775==ABORTING
Hermes git revision (if applicable): 6d4e362 (static_h branch)
React Native version: N/A
OS: Linux 6.8.0-107-generic #107 SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64 x86_64 x86_64 GNU/Linux
Platform (most likely one of arm64-v8a, armeabi-v7a, x86, x86_64): x86_64
Steps To Reproduce
Regardless of the script, passing the --commonjs flag leads to a segmentation fault
code example:
echo 'a=1' | ./hermes --commonjs /dev/stdin
The Expected Behavior
we should not get a segmentation fault.
Bug Description
Calling hermes JS engine with --commonjs flag leads to a segmentation fault.
ASAN stacktrace output:
Hermes git revision (if applicable): 6d4e362 (static_h branch)
React Native version: N/A
OS: Linux 6.8.0-107-generic #107 SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64 x86_64 x86_64 GNU/Linux
Platform (most likely one of arm64-v8a, armeabi-v7a, x86, x86_64): x86_64
Steps To Reproduce
Regardless of the script, passing the --commonjs flag leads to a segmentation fault
code example:
echo 'a=1' | ./hermes --commonjs /dev/stdinThe Expected Behavior
we should not get a segmentation fault.