Segmentation fault in function mjs_getretvalpos (at mjs.c:7812)

[Vancir]

I found a segmentation fault bug while mjs (latest, b1b6eac) executes the PoC on Ubuntu 20.04.

Download the PoC: mjs_segv_mjs7812.zip

ASAN Report

==198941==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x0000004dd324 bp 0x7ffe444c3568 sp 0x7ffe444c3558 T0)
==198941==The signal is caused by a READ memory access.
==198941==Hint: this fault was caused by a dereference of a high value address (see register values below).  Disassemble the provided pc to learn which register was used.
    #0 0x4dd324 in mjs_getretvalpos /data/song/projects/latest-programs/mjs/BUILD/mjs.c:7812:3
    #1 0x4dd441 in mjs_return /data/song/projects/latest-programs/mjs/BUILD/mjs.c:7837:13
    #2 0x4dba66 in mjs_do_gc /data/song/projects/latest-programs/mjs/BUILD/mjs.c:7363:3
    #3 0x4dd8ee in mjs_exec_internal /data/song/projects/latest-programs/mjs/BUILD/mjs.c:9044:5
    #4 0x4ddaeb in mjs_exec_file /data/song/projects/latest-programs/mjs/BUILD/mjs.c:9067:11
    #5 0x4e1e65 in main /data/song/projects/latest-programs/mjs/BUILD/mjs.c:11423:11
    #6 0x7f7d37683d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #7 0x7f7d37683e3f in __libc_start_main csu/../csu/libc-start.c:392:3
    #8 0x41f344 in _start (/data/song/projects/latest-programs/mjs/mjs-bin+0x41f344)

Steps to reproduce

git clone https://github.com/cesanta/mjs.git
cd mjs
clang -g -O1 -fsanitize=address -fno-omit-frame-pointer -Wno-error -DMJS_MAIN mjs.c -dl -o mjs_asan
./mjs_asan -f PoC