Assertion 'new_bit_field_value < (1ull << width)' failed in jrt_set_bit_field_value

[renatahodovan]

Jerry version:

Checked revision: aaeec7f
Build: debug.linux

OS:

Ubuntu 14.04, x86_64

Test case:

function f_1() {
    f_1();
}
f_1();

Backtrace:

ICE: Assertion 'new_bit_field_value < (1ull << width)' failed at jerryscript/jerry-core/jrt/jrt-bit-fields.cpp(jrt_set_bit_field_value):55.
Error: ERR_FAILED_INTERNAL_ASSERTION
(gdb) bt
#0  0x0000000000455cf1 in jrt_set_bit_field_value (container=4611692615966851101, new_bit_field_value=1024, lsb=16, width=10)
    at jerryscript/jerry-core/jrt/jrt-bit-fields.cpp:55
#1  0x0000000000485117 in ecma_gc_set_object_refs(ecma_object_t*, unsigned int) [clone .24708] (object_p=0x7e9758 <_ZL13mem_heap_area.4015+24>, 
    refs=1024) at jerryscript/jerry-core/ecma/base/ecma-gc.cpp:98
#2  0x000000000047947c in ecma_ref_object (object_p=0x7e9758 <_ZL13mem_heap_area.4015+24>)
    at jerryscript/jerry-core/ecma/base/ecma-gc.cpp:193
#3  0x00000000004a69ec in ecma_builtin_get (builtin_id=ECMA_BUILTIN_ID_GLOBAL)
    at jerryscript/jerry-core/ecma/builtin-objects/ecma-builtins.cpp:80
#4  0x00000000004682c8 in ecma_op_function_call (func_obj_p=0x7e97b8 <_ZL13mem_heap_area.4015+120>, this_arg_value=4, arguments_list_p=0x0, 
    arguments_list_len=0) at jerryscript/jerry-core/ecma/operations/ecma-function-object.cpp:559
#5  0x000000000045ad16 in opfunc_call_n (opdata=..., int_data=0x7ffffff12450) at jerryscript/jerry-core/vm/opcodes.cpp:694
#6  0x00000000004bfa81 in run_int_loop (int_data=0x7ffffff12450) at jerryscript/jerry-core/vm/vm.cpp:440
#7  0x00000000004b67ae in run_int_from_pos (start_pos=3, this_binding_value=15, lex_env_p=0x7ede88 <_ZL13mem_heap_area.4015+18248>, is_strict=false, 
    is_eval_code=false) at jerryscript/jerry-core/vm/vm.cpp:513
#8  0x0000000000468701 in ecma_op_function_call (func_obj_p=0x7e97b8 <_ZL13mem_heap_area.4015+120>, this_arg_value=4, arguments_list_p=0x0, 
    arguments_list_len=0) at jerryscript/jerry-core/ecma/operations/ecma-function-object.cpp:586
#9  0x000000000045ad16 in opfunc_call_n (opdata=..., int_data=0x7ffffff12800) at jerryscript/jerry-core/vm/opcodes.cpp:694
#10 0x00000000004bfa81 in run_int_loop (int_data=0x7ffffff12800) at jerryscript/jerry-core/vm/vm.cpp:440
#11 0x00000000004b67ae in run_int_from_pos (start_pos=3, this_binding_value=15, lex_env_p=0x7ede78 <_ZL13mem_heap_area.4015+18232>, is_strict=false, 
    is_eval_code=false) at jerryscript/jerry-core/vm/vm.cpp:513
#12 0x0000000000468701 in ecma_op_function_call (func_obj_p=0x7e97b8 <_ZL13mem_heap_area.4015+120>, this_arg_value=4, arguments_list_p=0x0, 
    arguments_list_len=0) at jerryscript/jerry-core/ecma/operations/ecma-function-object.cpp:586
#13 0x000000000045ad16 in opfunc_call_n (opdata=..., int_data=0x7ffffff12bb0) at jerryscript/jerry-core/vm/opcodes.cpp:694
#14 0x00000000004bfa81 in run_int_loop (int_data=0x7ffffff12bb0) at jerryscript/jerry-core/vm/vm.cpp:440
#15 0x00000000004b67ae in run_int_from_pos (start_pos=3, this_binding_value=15, lex_env_p=0x7ede68 <_ZL13mem_heap_area.4015+18216>, is_strict=false, 
    is_eval_code=false) at jerryscript/jerry-core/vm/vm.cpp:513

#16 0x0000000000468701 in ecma_op_function_call (func_obj_p=0x7e97b8 <_ZL13mem_heap_area.4015+120>, this_arg_value=4, arguments_list_p=0x0, 
    arguments_list_len=0) at jerryscript/jerry-core/ecma/operations/ecma-function-object.cpp:586
#17 0x000000000045ad16 in opfunc_call_n (opdata=..., int_data=0x7ffffff12f60) at jerryscript/jerry-core/vm/opcodes.cpp:694
#18 0x00000000004bfa81 in run_int_loop (int_data=0x7ffffff12f60) at jerryscript/jerry-core/vm/vm.cpp:440
#19 0x00000000004b67ae in run_int_from_pos (start_pos=3, this_binding_value=15, lex_env_p=0x7ede58 <_ZL13mem_heap_area.4015+18200>, is_strict=false, 
    is_eval_code=false) at jerryscript/jerry-core/vm/vm.cpp:513

// ... The last 4 frames are repeated many times ...

#4084 0x0000000000468701 in ecma_op_function_call (func_obj_p=0x7e97b8 <_ZL13mem_heap_area.4015+120>, this_arg_value=4, arguments_list_p=0x0, 
    arguments_list_len=0) at jerryscript/jerry-core/ecma/operations/ecma-function-object.cpp:586
#4085 0x000000000045ad16 in opfunc_call_n (opdata=..., int_data=0x7fffffffd590) at jerryscript/jerry-core/vm/opcodes.cpp:694
#4086 0x00000000004bfa81 in run_int_loop (int_data=0x7fffffffd590) at jerryscript/jerry-core/vm/vm.cpp:440
#4087 0x00000000004b67ae in run_int_from_pos (start_pos=0, this_binding_value=15, lex_env_p=0x7e9770 <_ZL13mem_heap_area.4015+48>, is_strict=false, 
    is_eval_code=false) at jerryscript/jerry-core/vm/vm.cpp:513
#4088 0x00000000004bf84f in run_int () at jerryscript/jerry-core/vm/vm.cpp:381
#4089 0x00000000004bd4f1 in jerry_run () at jerryscript/jerry-core/jerry.cpp:1243
#4090 0x00000000004bbb20 in main (argc=2, argv=0x7fffffffd938) at jerryscript/main-linux.cpp:248

[egavrin]

Same on master (f17f785)

[LaszloLango]

Still fails on master (91a0514). @zherczeg, could you check this?

[zherczeg]

The issue is reaching the maximum reference count for objects. It has never been decided how such cases should be handled.

I propose the following: this is a similar case as an out-of-memory error, so jerry_fatal should be called with a special ID.