From 1dde5382246c95c92d5d3253ab12e4f163dd16e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?L=C3=A1szl=C3=B3=20Lang=C3=B3?=
 <llango.u-szeged@partner.samsung.com>
Date: Thu, 11 Feb 2016 15:14:40 +0000
Subject: [PATCH] Check reference count of objects
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Throw an error if the object reference count reached the limit.
Related issue: #118

JerryScript-DCO-1.0-Signed-off-by: László Langó llango.u-szeged@partner.samsung.com
---
 jerry-core/config.h                 |  2 ++
 jerry-core/ecma/base/ecma-gc.c      | 11 ++++++++++-
 jerry-core/ecma/base/ecma-helpers.c |  5 ++---
 jerry-core/jerry.h                  |  1 +
 jerry-core/jrt/jrt-fatals.c         |  5 +++++
 5 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/jerry-core/config.h b/jerry-core/config.h
index 37178ffa8..7d79dff01 100644
--- a/jerry-core/config.h
+++ b/jerry-core/config.h
@@ -82,6 +82,8 @@
  */
 #define CONFIG_ECMA_REFERENCE_COUNTER_WIDTH (10)
 
+#define CONFIG_ECMA_REFERENCE_COUNTER_LIMIT ((1u << CONFIG_ECMA_REFERENCE_COUNTER_WIDTH) - 1u)
+
 /**
  * Maximum length of strings' concatenation
  */
diff --git a/jerry-core/ecma/base/ecma-gc.c b/jerry-core/ecma/base/ecma-gc.c
index fb2ab7cc8..e319bbe9e 100644
--- a/jerry-core/ecma/base/ecma-gc.c
+++ b/jerry-core/ecma/base/ecma-gc.c
@@ -211,7 +211,16 @@ ecma_init_gc_info (ecma_object_t *object_p) /**< object */
 void
 ecma_ref_object (ecma_object_t *object_p) /**< object */
 {
-  ecma_gc_set_object_refs (object_p, ecma_gc_get_object_refs (object_p) + 1);
+  uint32_t ref_cnt = ecma_gc_get_object_refs (object_p);
+
+  if (ref_cnt < (uint32_t) CONFIG_ECMA_REFERENCE_COUNTER_LIMIT)
+  {
+    ecma_gc_set_object_refs (object_p, ref_cnt + 1);
+  }
+  else
+  {
+    jerry_fatal (ERR_REF_COUNT_LIMIT);
+  }
 } /* ecma_ref_object */
 
 /**
diff --git a/jerry-core/ecma/base/ecma-helpers.c b/jerry-core/ecma/base/ecma-helpers.c
index f8f34bbbf..5e83f4baa 100644
--- a/jerry-core/ecma/base/ecma-helpers.c
+++ b/jerry-core/ecma/base/ecma-helpers.c
@@ -1334,11 +1334,10 @@ ecma_get_property_descriptor_from_property (ecma_property_t *prop_p) /**< proper
 void
 ecma_bytecode_ref (ecma_compiled_code_t *bytecode_p) /**< byte code pointer */
 {
-  /* Abort program if maximum reference number is reached.
-   * Note: This is not tested for objects. */
+  /* Abort program if maximum reference number is reached. */
   if ((bytecode_p->status_flags >> ECMA_BYTECODE_REF_SHIFT) >= 0x3ff)
   {
-    jerry_fatal (ERR_UNIMPLEMENTED_CASE);
+    jerry_fatal (ERR_REF_COUNT_LIMIT);
   }
 
   bytecode_p->status_flags = (uint16_t) (bytecode_p->status_flags + (1 << ECMA_BYTECODE_REF_SHIFT));
diff --git a/jerry-core/jerry.h b/jerry-core/jerry.h
index 4551e7d57..f73530350 100644
--- a/jerry-core/jerry.h
+++ b/jerry-core/jerry.h
@@ -50,6 +50,7 @@ typedef enum
 {
   ERR_OUT_OF_MEMORY = 10,
   ERR_SYSCALL = 11,
+  ERR_REF_COUNT_LIMIT = 12,
   ERR_UNIMPLEMENTED_CASE = 118,
   ERR_FAILED_INTERNAL_ASSERTION = 120
 } jerry_fatal_code_t;
diff --git a/jerry-core/jrt/jrt-fatals.c b/jerry-core/jrt/jrt-fatals.c
index b4af3acf0..6eeae55bf 100644
--- a/jerry-core/jrt/jrt-fatals.c
+++ b/jerry-core/jrt/jrt-fatals.c
@@ -47,6 +47,11 @@ jerry_fatal (jerry_fatal_code_t code) /**< status code */
       /* print nothing as it may invoke syscall recursively */
       break;
     }
+    case ERR_REF_COUNT_LIMIT:
+    {
+      printf ("ERR_REF_COUNT_LIMIT\n");
+      break;
+    }
     case ERR_UNIMPLEMENTED_CASE:
     {
       printf ("ERR_UNIMPLEMENTED_CASE\n");