Closed Bug 547782 Opened 15 years ago Closed 15 years ago

GCWeakRef would be handier if it remembered Atom types

Categories

(Tamarin Graveyard :: Garbage Collection (mmGC), defect, P3)

Product:
Tamarin Graveyard
Component:
Garbage Collection (mmGC)
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED WONTFIX
Milestone:
Q3 11 - Serrano

People

(Reporter: stejohns, Unassigned)

Details

Attachments

(1 file, 1 obsolete file)

WeakAtom v2
14.53 KB, patch
lhansen
: review+
Details | Diff | Splinter Review
GCWeakRef is handy for making weak references to objects where the type is known, but if you want a weak reference to an Atom, we lose the Atom type, limiting what the caller can safely do. It looks like we could (optionally) safely preserve Atom type in the lower three bits of GCWeakRef::m_obj, thus allowing for a safe WeakAtom.
FYI, the specific place this would be useful is in WeakKeyHashtable and WeakValueHashtable; currently we store the Weak values by masquerading them as kDoubleType Atoms. This is fine as long as the caller always know how to properly reconstitute the value to its original type, but doesn't allow for safely mixing multiple Atom types.
Flags: flashplayer-qrb+
Target Milestone: --- → Future
Bumping this for reconsideration, as this would have a nice cascade effect: it would allow us to remove the AvmPlusScriptableObject::toAtom() virtual method, which is needed in exactly two places (Sampler and WeakValueHashtable), and would also simplify some hashtable refactoring I'm experimenting with; basically, the ability to have a WeakRef properly remember (and reconstitue) an Atom would make life safer.
Priority: -- → P3
Target Milestone: Future → flash10.2
Attached patch WeakAtom implementation (obsolete) — Splinter Review
Here's a rough attempt. Comments on general approach welcome; I tried to avoid modifying existing WeakRef code except as minimally necessary.
Attachment #446815 - Flags: review?(lhansen)
Attachment #446815 - Flags: feedback?(fklockii)
any self tests already made? (or a reason that I should not attempt to make some myself?)
Comment on attachment 446815 [details] [diff] [review] WeakAtom implementation Minor point, in GC::ClearWeakRef, the masking is unnecessary on this line: itemptr = GetRealPointer((void*)(uintptr_t(itemptr) & ~7)) because itemptr has already been stripped of its tag. More seriously the new comments in the MMgc files are incorrect and misleading. The input value to these functions may not be an atom, it may only be an atom of a pointer type. (Otherwise an integer atom and a pointer could clash, since the tag bits are ignored during comparison.) This needs to be clarified and there needs to be guards in the GC routines that the tags are pointer tags. In debug builds it's probably the case that we should check that the WeakAtom API is not being misused. R- for above reasons but I don't see any fundamental problems with the approach.
Attachment #446815 - Flags: review?(lhansen) → review-
(In reply to comment #4) > any self tests already made? (or a reason that I should not attempt to make > some myself?) No and no. (In reply to comment #5) > (From update of attachment 446815 [details] [diff] [review]) > Minor point, in GC::ClearWeakRef, the masking is unnecessary on this line: Actually I think I added that as a result of finding such a case... but I don't recall where. I'll recheck and change to an assert if appropriate. > More seriously the new comments in the MMgc files are incorrect and misleading. > The input value to these functions may not be an atom, it may only be an atom > of a pointer type. (Otherwise an integer atom and a pointer could clash, since > the tag bits are ignored during comparison.) This needs to be clarified and > there needs to be guards in the GC routines that the tags are pointer tags. Good catch. I'll do so and repost. > In debug builds it's probably the case that we should check that the WeakAtom > API is not being misused. Yep.
(In reply to comment #5) > This needs to be clarified and > there needs to be guards in the GC routines that the tags are pointer tags. I agree that the comments need to be clarified, but I think the checking needs to be done in WeakAtom itself (not in GC), as IMHO we want GC to remain as ignorant of specific Atom type meanings as possible. (IOW, it should preserve the tag bits but not otherwise attempt to interpret them.)
Attached patch WeakAtom v2Splinter Review
Tweaked per Lars suggestions (mostly).
Attachment #446815 - Attachment is obsolete: true
Attachment #447124 - Flags: review?(lhansen)
Attachment #447124 - Flags: feedback?(fklockii)
Attachment #446815 - Flags: feedback?(fklockii)
(In reply to comment #7) > (In reply to comment #5) > > This needs to be clarified and > > there needs to be guards in the GC routines that the tags are pointer tags. > > I agree that the comments need to be clarified, but I think the checking needs > to be done in WeakAtom itself (not in GC), as IMHO we want GC to remain as > ignorant of specific Atom type meanings as possible. (IOW, it should preserve > the tag bits but not otherwise attempt to interpret them.) I will consider your new patch in the morning, but generally speaking I do not agree with this. The GC's ignorance of tags is not a feature, and this is an excellent case in point: error checking that could be done and which would add significant defense in depth can't be done where it must be done because of information hiding. I've been hoping to come across a case that would force that issue to be resolved and I may just have found it :-)
(In reply to comment #9) > The GC's ignorance of tags is not a feature, and this is an > excellent case in point If there is already motivation to add this knowledge, then don't let me stand in the way -- it didn't strike me that this one tweak was worthy of dragging in said knowledge, but if that was already on the table...
(In reply to comment #6) > (In reply to comment #4) > > any self tests already made? (or a reason that I should not attempt to make > > some myself?) > > No and no. Hmm. I started working on making a self-test (since I want to acquaint myself with that part of the infrastructure anyway). But while reviewing existing GCWeakRef clients, I encountered bug 472852. Here be tygers...
(In reply to comment #10) > (In reply to comment #9) > > The GC's ignorance of tags is not a feature, and this is an > > excellent case in point > > If there is already motivation to add this knowledge, then don't let me stand > in the way -- it didn't strike me that this one tweak was worthy of dragging in > said knowledge, but if that was already on the table... Lars: so would you like me to rework this patch with this in mind? It's not urgent but I would like to land this as groundwork for other work...
My inclination was 'yes' but then I started thinking about AS2. But then AS2 has tags in the high bits, does it not? Mumble.
I need to think about it but I'll attempt to get to it tomorrow.
Here's what we should do. We should not worry about which tags are pointer tags and which tags are not, but we should assert that if we 'get' a weak reference object then the tag bits must match. That's good enough. And your patch already does that.
Attachment #447124 - Flags: review?(lhansen) → review+
http://hg.mozilla.org/tamarin-redux/rev/8207de3b1ce9 (Note that no code actually uses WeakAtom yet; some Hashtable changes I have in the works will do so soon.)
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Reopening as further use reveals a flaw: this patch continues to allow for only one WeakRef to exist per object, but this can cause misbehavior if the same object is requested both with and without tag bits, triggering this assert: GCAssert(ref->get() == item); // all bits should match, including lower 3
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Upon reflection, I may have a better solution for the problem I originally intended this for -- I might end up backing this out entirely, as fixing the semantic issue above may be nontrivial.
(In reply to comment #18) > Upon reflection, I may have a better solution for the problem I originally > intended this for -- I might end up backing this out entirely, as fixing the > semantic issue above may be nontrivial. You might be able to fix it if you knew which tags were pointer tags, since you could allow a 0 tag to be used on items already tagged with a pointer tag, but that would break down when we get around to fixing something we need to fix: the integer tag needs to be '0'.
(In reply to comment #19) > You might be able to fix it if you knew which tags were pointer tags, since you > could allow a 0 tag to be used on items already tagged with a pointer tag, but > that would break down when we get around to fixing something we need to fix: > the integer tag needs to be '0'. Yep. I've found an alternate way to solve my problem, so I'll be backing this out unless someone really wants it fixed.
Backed out as http://hg.mozilla.org/tamarin-redux/rev/9f861af18528
Status: REOPENED → RESOLVED
Closed: 15 years ago15 years ago
Resolution: --- → WONTFIX
Comment on attachment 447124 [details] [diff] [review] WeakAtom v2 (clearing self from feedback; I was inspired by this bug to try to make weakref selftests. Its tricky.)
Attachment #447124 - Flags: feedback?(fklockii)
bulk verifying resolved !fixed issues
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: