Assertion Failure 'jcontext_has_pending_exception ()' failed at /jerryscript/jerry-core/vm/vm.c(vm_loop).

[JimWongM]

Hello, I found a crash in JerryScript.

JerryScript revision

5020015

Build platform

Ubuntu 22.04.3

Build steps

python3 tools/build.py --debug  --compile-flag=-fsanitize-coverage=trace-pc-guard --lto=off --compile-flag=-D_POSIX_C_SOURCE=200809 --compile-flag=-Wno-strict-prototypes --stack-limit=15 

Test case

BigInt.asIntN(1073741825, -9n);

Execution steps

./jerry test.js

Output

ICE: Assertion 'jcontext_has_pending_exception ()' failed at /jerryscript/jerry-core/vm/vm.c(vm_loop):4802.
Error: JERRY_FATAL_FAILED_ASSERTION
Aborted (core dumped)

Backtrace

(lldb) bt
* thread #1, name = 'jerry', stop reason = signal SIGABRT
  * frame #0: 0x00007ffff7c969fc libc.so.6`__GI___pthread_kill at pthread_kill.c:44:76
    frame #1: 0x00007ffff7c969b0 libc.so.6`__GI___pthread_kill [inlined] __pthread_kill_internal(signo=6, threadid=140737352689472) at pthread_kill.c:78:10
    frame #2: 0x00007ffff7c969b0 libc.so.6`__GI___pthread_kill(threadid=140737352689472, signo=6) at pthread_kill.c:89:10
    frame #3: 0x00007ffff7c42476 libc.so.6`__GI_raise(sig=6) at raise.c:26:13
    frame #4: 0x00007ffff7c287f3 libc.so.6`__GI_abort at abort.c:79:7
    frame #5: 0x00005555556cb400 jerry`jerry_port_fatal(code=JERRY_FATAL_FAILED_ASSERTION) at jerry-port-process.c:41:5
    frame #6: 0x00005555556c9090 jerry`jerryx_handler_assert(call_info_p=0x00007fffffffc198, args_p=0x00007fffffffc3e8, args_cnt=2) at handlers.c:95:3
    frame #7: 0x00005555555ed2c2 jerry`ecma_op_function_call_native(func_obj_p=0x00005555560798c8, this_arg_value=72, arguments_list_p=0x00007fffffffc3e8, arguments_list_len=2) at ecma-function-object.c:1262:28
    frame #8: 0x00005555555ec7f3 jerry`ecma_op_function_call(func_obj_p=0x00005555560798c8, this_arg_value=72, arguments_list_p=0x00007fffffffc3e8, arguments_list_len=2) at ecma-function-object.c:1485:16
    frame #9: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=323, this_arg_value=72, arguments_list_p=0x00007fffffffc3e8, arguments_list_len=2) at ecma-function-object.c:1428:10
    frame #10: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffc360) at vm.c:758:5
    frame #11: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffc360) at vm.c:5236:9
    frame #12: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffc4f0, this_binding_value=11, lex_env_p=0x000055555607a208) at vm.c:5331:10
    frame #13: 0x00005555555ecec7 jerry`ecma_op_function_call_simple(func_obj_p=0x0000555556079ac8, this_binding=11, arguments_list_p=0x00007fffffffc768, arguments_list_len=2) at ecma-function-object.c:1180:28
    frame #14: 0x00005555555ec753 jerry`ecma_op_function_call(func_obj_p=0x0000555556079ac8, this_arg_value=72, arguments_list_p=0x00007fffffffc768, arguments_list_len=2) at ecma-function-object.c:1463:16
    frame #15: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=835, this_arg_value=72, arguments_list_p=0x00007fffffffc768, arguments_list_len=2) at ecma-function-object.c:1428:10
    frame #16: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffc6e0) at vm.c:758:5
    frame #17: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffc6e0) at vm.c:5236:9
    frame #18: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffc870, this_binding_value=11, lex_env_p=0x0000555556079dc8) at vm.c:5331:10
    frame #19: 0x00005555555ecec7 jerry`ecma_op_function_call_simple(func_obj_p=0x0000555556079ac8, this_binding=11, arguments_list_p=0x00007fffffffcaa4, arguments_list_len=1) at ecma-function-object.c:1180:28
    frame #20: 0x00005555555ec753 jerry`ecma_op_function_call(func_obj_p=0x0000555556079ac8, this_arg_value=72, arguments_list_p=0x00007fffffffcaa4, arguments_list_len=1) at ecma-function-object.c:1463:16
    frame #21: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=835, this_arg_value=72, arguments_list_p=0x00007fffffffcaa4, arguments_list_len=1) at ecma-function-object.c:1428:10
    frame #22: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffca60) at vm.c:758:5
    frame #23: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffca60) at vm.c:5236:9
    frame #24: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffcba0, this_binding_value=11, lex_env_p=0x000055555607a158) at vm.c:5331:10
    frame #25: 0x00005555555ecec7 jerry`ecma_op_function_call_simple(func_obj_p=0x000055555607a2a0, this_binding=11, arguments_list_p=0x00007fffffffccb0, arguments_list_len=3) at ecma-function-object.c:1180:28
    frame #26: 0x00005555555ec753 jerry`ecma_op_function_call(func_obj_p=0x000055555607a2a0, this_arg_value=72, arguments_list_p=0x00007fffffffccb0, arguments_list_len=3) at ecma-function-object.c:1463:16
    frame #27: 0x00005555556675dc jerry`ecma_builtin_array_prototype_object_filter(arg1=2843, arg2=72, obj_p=0x0000555556089718, len=1024) at ecma-builtin-array-prototype.c:1980:33
    frame #28: 0x0000555555661248 jerry`ecma_builtin_array_prototype_dispatch_routine(builtin_routine_id='\x13', this_arg=65427, arguments_list_p=0x00007fffffffcdb8, arguments_number=1) at ecma-builtin-array-prototype.c:2952:19
    frame #29: 0x00005555555cee25 jerry`ecma_builtin_dispatch_routine(func_obj_p=0x000055555608b870, this_arg_value=65427, arguments_list_p=0x00007fffffffcdb8, arguments_list_len=1) at ecma-builtins.c:1460:10
    frame #30: 0x00005555555ceb5e jerry`ecma_builtin_dispatch_call(obj_p=0x000055555608b870, this_arg_value=65427, arguments_list_p=0x00007fffffffd0f0, arguments_list_len=1) at ecma-builtins.c:1489:12
    frame #31: 0x00005555555ed0b8 jerry`ecma_op_function_call_native_built_in(func_obj_p=0x000055555608b870, this_arg_value=65427, arguments_list_p=0x00007fffffffd0f0, arguments_list_len=1) at ecma-function-object.c:1223:5
    frame #32: 0x00005555555ec77e jerry`ecma_op_function_call(func_obj_p=0x000055555608b870, this_arg_value=65427, arguments_list_p=0x00007fffffffd0f0, arguments_list_len=1) at ecma-function-object.c:1468:16
    frame #33: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=73963, this_arg_value=65427, arguments_list_p=0x00007fffffffd0f0, arguments_list_len=1) at ecma-function-object.c:1428:10
    frame #34: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffd060) at vm.c:758:5
    frame #35: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffd060) at vm.c:5236:9
    frame #36: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffd1f0, this_binding_value=65427, lex_env_p=0x000055555607a158) at vm.c:5331:10
    frame #37: 0x00005555555ecec7 jerry`ecma_op_function_call_simple(func_obj_p=0x0000555556079ac8, this_binding=65427, arguments_list_p=0x00007fffffffd3ac, arguments_list_len=1) at ecma-function-object.c:1180:28
    frame #38: 0x00005555555ec753 jerry`ecma_op_function_call(func_obj_p=0x0000555556079ac8, this_arg_value=65427, arguments_list_p=0x00007fffffffd3ac, arguments_list_len=1) at ecma-function-object.c:1463:16
    frame #39: 0x0000555555672c48 jerry`ecma_builtin_function_prototype_object_call(func_obj_p=0x0000555556079ac8, arguments_list_p=0x00007fffffffd3a8, arguments_number=2) at ecma-builtin-function-prototype.c:288:10
    frame #40: 0x0000555555672a9d jerry`ecma_builtin_function_prototype_dispatch_routine(builtin_routine_id='\x02', this_arg=835, arguments_list_p=0x00007fffffffd3a8, arguments_number=2) at ecma-builtin-function-prototype.c:529:14
    frame #41: 0x00005555555cee25 jerry`ecma_builtin_dispatch_routine(func_obj_p=0x000055555607a128, this_arg_value=835, arguments_list_p=0x00007fffffffd3a8, arguments_list_len=2) at ecma-builtins.c:1460:10
    frame #42: 0x00005555555ceb5e jerry`ecma_builtin_dispatch_call(obj_p=0x000055555607a128, this_arg_value=835, arguments_list_p=0x00007fffffffd6b4, arguments_list_len=2) at ecma-builtins.c:1489:12
    frame #43: 0x00005555555ed0b8 jerry`ecma_op_function_call_native_built_in(func_obj_p=0x000055555607a128, this_arg_value=835, arguments_list_p=0x00007fffffffd6b4, arguments_list_len=2) at ecma-function-object.c:1223:5
    frame #44: 0x00005555555ec77e jerry`ecma_op_function_call(func_obj_p=0x000055555607a128, this_arg_value=835, arguments_list_p=0x00007fffffffd6b4, arguments_list_len=2) at ecma-function-object.c:1468:16
    frame #45: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=2467, this_arg_value=835, arguments_list_p=0x00007fffffffd6b4, arguments_list_len=2) at ecma-function-object.c:1428:10
    frame #46: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffd650) at vm.c:758:5
    frame #47: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffd650) at vm.c:5236:9
    frame #48: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffd7b0, this_binding_value=11, lex_env_p=0x0000555556079880) at vm.c:5331:10
    frame #49: 0x00005555555ecec7 jerry`ecma_op_function_call_simple(func_obj_p=0x0000555556079a88, this_binding=11, arguments_list_p=0x00007fffffffda28, arguments_list_len=3) at ecma-function-object.c:1180:28
    frame #50: 0x00005555555ec753 jerry`ecma_op_function_call(func_obj_p=0x0000555556079a88, this_arg_value=72, arguments_list_p=0x00007fffffffda28, arguments_list_len=3) at ecma-function-object.c:1463:16
    frame #51: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=771, this_arg_value=72, arguments_list_p=0x00007fffffffda28, arguments_list_len=3) at ecma-function-object.c:1428:10
    frame #52: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffd9a0) at vm.c:758:5
    frame #53: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffd9a0) at vm.c:5236:9
    frame #54: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffdb30, this_binding_value=11, lex_env_p=0x0000555556079d00) at vm.c:5331:10
    frame #55: 0x00005555555ecec7 jerry`ecma_op_function_call_simple(func_obj_p=0x0000555556079db8, this_binding=11, arguments_list_p=0x00007fffffffdd68, arguments_list_len=0) at ecma-function-object.c:1180:28
    frame #56: 0x00005555555ec753 jerry`ecma_op_function_call(func_obj_p=0x0000555556079db8, this_arg_value=72, arguments_list_p=0x00007fffffffdd68, arguments_list_len=0) at ecma-function-object.c:1463:16
    frame #57: 0x00005555555ec9b4 jerry`ecma_op_function_validated_call(callee=1587, this_arg_value=72, arguments_list_p=0x00007fffffffdd68, arguments_list_len=0) at ecma-function-object.c:1428:10
    frame #58: 0x000055555565d8a3 jerry`opfunc_call(frame_ctx_p=0x00007fffffffdd20) at vm.c:758:5
    frame #59: 0x000055555564dd63 jerry`vm_execute(frame_ctx_p=0x00007fffffffdd20) at vm.c:5236:9
    frame #60: 0x000055555564d22b jerry`vm_run(shared_p=0x00007fffffffde18, this_binding_value=11, lex_env_p=0x0000555556079880) at vm.c:5331:10
    frame #61: 0x000055555564d0e7 jerry`vm_run_global(bytecode_p=0x0000555556079ed0, function_object_p=0x0000555556079a08) at vm.c:286:25
    frame #62: 0x000055555558ebe1 jerry`jerry_run(script=643) at jerryscript.c:549:24
    frame #63: 0x00005555556ca604 jerry`jerryx_source_exec_script(path_p="test.js") at sources.c:68:14
    frame #64: 0x000055555558a402 jerry`main(argc=2, argv=0x00007fffffffe0a8) at main-desktop.c:162:20
    frame #65: 0x00007ffff7c29d90 libc.so.6`__libc_start_call_main(main=(jerry`main at main-desktop.c:113), argc=2, argv=0x00007fffffffe0a8) at libc_start_call_main.h:58:16
    frame #66: 0x00007ffff7c29e40 libc.so.6`__libc_start_main_impl(main=(jerry`main at main-desktop.c:113), argc=2, argv=0x00007fffffffe0a8, init=<unavailable>, fini=<unavailable>, rtld_fini=<unavailable>, stack_end=0x00007fffffffe098) at libc-start.c:392:3
    frame #67: 0x00005555555617f5 jerry`_start + 37