Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assertion '((jmem_cpointer_t) uint_ptr) == uint_ptr' failed in jmem_decompress_pointer #2528

Closed
renatahodovan opened this issue Sep 16, 2018 · 0 comments
Closed

Assertion '((jmem_cpointer_t) uint_ptr) == uint_ptr' failed in jmem_decompress_pointer #2528

renatahodovan opened this issue Sep 16, 2018 · 0 comments
Labels
bug Undesired behaviour ES2015 Related to ES2015 features

Comments

@renatahodovan
Copy link
Contributor

Jerry version:
Checked revision: 2d83d8ed
Build command: ./tools/build.py --clean --debug --error-messages=on --profile=es2015-subset --logging=on
OS:
Ubuntu 18.04, x86_64
Test case:
for ( /a/ in yield => { } , yield => { } , yield => { } ) throw 1
Backtrace:
ICE: Assertion '((jmem_cpointer_t) uint_ptr) == uint_ptr' failed at jerryscript/jerry-core/jmem/jmem-allocator.c(jmem_decompress_pointer):219.
Error: ERR_FAILED_INTERNAL_ASSERTION

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51  ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007ffff6e43801 in __GI_abort () at abort.c:79
#2  0x00000000006ce0c5 in jerry_port_fatal (code=ERR_FAILED_INTERNAL_ASSERTION) at jerryscript/jerry-port/default/default-fatal.c:71
#3  0x00000000005c40de in jerry_fatal (code=ERR_FAILED_INTERNAL_ASSERTION) at jerryscript/jerry-core/jrt/jrt-fatals.c:63
#4  0x00000000005c4136 in jerry_assert_fail (assertion=0x71de20 <.str.7> "((jmem_cpointer_t) uint_ptr) == uint_ptr", 
    file=0x71dbc0 <.str.1> "jerryscript/jerry-core/jmem/jmem-allocator.c", function=0x71dde0 <__func__.jmem_decompress_pointer> "jmem_decompress_pointer", line=219)
    at jerryscript/jerry-core/jrt/jrt-fatals.c:87
#5  0x00000000005c0abd in jmem_decompress_pointer (compressed_pointer=4325382) at jerryscript/jerry-core/jmem/jmem-allocator.c:219
#6  0x000000000059db93 in ecma_op_function_get_compiled_code (function_p=0x1559098 <jerry_global_heap+248>) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:299
#7  ecma_op_function_list_lazy_property_names (object_p=0x1559098 <jerry_global_heap+248>, separate_enumerable=true, main_collection_p=0x15590b8 <jerry_global_heap+280>, 
    non_enum_collection_p=0x15590b0 <jerry_global_heap+272>) at jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1122
#8  0x00000000005b34c2 in ecma_op_object_get_property_names (obj_p=0x1559098 <jerry_global_heap+248>, is_array_indices_only=false, is_enumerable_only=true, is_with_prototype_chain=true)
    at jerryscript/jerry-core/ecma/operations/ecma-objects.c:1399
#9  0x00000000006c4df8 in opfunc_for_in (left_value=251, result_obj_p=0x7fffffffaf40) at jerryscript/jerry-core/vm/opcodes.c:259
#10 0x00000000006044f7 in vm_loop (frame_ctx_p=0x7fffffffd500) at jerryscript/jerry-core/vm/vm.c:2385
#11 0x00000000005f42e3 in vm_execute (frame_ctx_p=0x7fffffffd500, arg_p=0x0, arg_list_len=0) at jerryscript/jerry-core/vm/vm.c:3051
#12 0x00000000005f37d0 in vm_run (bytecode_header_p=0x15592e8 <jerry_global_heap+840>, this_binding_value=27, lex_env_p=0x1558fd0 <jerry_global_heap+48>, parse_opts=0, arg_list_p=0x0, arg_list_len=0)
    at jerryscript/jerry-core/vm/vm.c:3144
#13 0x00000000005f2c2d in vm_run_global (bytecode_p=0x15592e8 <jerry_global_heap+840>) at jerryscript/jerry-core/vm/vm.c:227
#14 0x000000000051c2d3 in jerry_run (func_val=203) at jerryscript/jerry-core/api/jerry.c:534
#15 0x000000000051514d in main (argc=3, argv=0x7fffffffe058) at jerryscript/jerry-main/main-unix.c:676

Found by Fuzzinator with grammarinator.

@LaszloLango LaszloLango added bug Undesired behaviour ES2015 Related to ES2015 features labels Sep 17, 2018
rerobika added a commit to rerobika/jerryscript that referenced this issue Sep 17, 2018
@rerobika
Fix ecma_op_function_list_lazy_property_names in case of arrow function
fecda9e 
Fixes jerryscript-project#2528.

JerryScript-DCO-1.0-Signed-off-by: Robert Fancsik frobert@inf.u-szeged.hu
@rerobika rerobika mentioned this issue Sep 17, 2018
Merged
rerobika added a commit to rerobika/jerryscript that referenced this issue Sep 17, 2018
@rerobika
Fix ecma_op_function_list_lazy_property_names in case of arrow function
b721f53 
Fixes jerryscript-project#2528.

JerryScript-DCO-1.0-Signed-off-by: Robert Fancsik frobert@inf.u-szeged.hu
robertsipka pushed a commit that referenced this issue Sep 17, 2018
@rerobika @robertsipka
Fix ecma_op_function_list_lazy_property_names in case of arrow functi…
6c21c08 
…on (#2529)

Fixes #2528.

JerryScript-DCO-1.0-Signed-off-by: Robert Fancsik frobert@inf.u-szeged.hu
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Undesired behaviour ES2015 Related to ES2015 features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@renatahodovan @LaszloLango