Closed Bug 591999 Opened 14 years ago Closed 12 years ago

rememberedStackTop logic inversion

Categories

(Tamarin Graveyard :: Garbage Collection (mmGC), defect, P4)

Product:
Tamarin Graveyard
Component:
Garbage Collection (mmGC)
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
Q3 12 - Dolores

People

(Reporter: pnkfelix, Assigned: tony.printezis)

Details

(Whiteboard: loose-end)

Attachments

(1 file, 1 obsolete file)

Patch 1: fix for the bug (parent CL: 1078824)
1.47 KB, patch
pnkfelix
: review+
Details | Diff | Splinter Review
From Bug 568615, comment 14 and Bug 568615, comment 25 Look at changeset:1975 : http://hg.mozilla.org/tamarin-redux/rev/079b86c8954a#l1.131 It inverted the logic of the update to rememberedStackTop. I believe this was a mistake; stacks grow down, but for the state being maintained here, "Top" really does mean "the tip of the stack", so the original logic was correct. Tommy and I discussed this when he got back from his sabbatical; he and I agreed that the inversion introduced by changeset:1975 was probably a bug but I forgot to follow up on it afterwards. Opening this bug now to address it independently of Bug 568615, which I am about to close.
I insist that we come up with new terms for the stack limits - unless we go through the code and make sure that every single use of "stack top" and "stack base" refer to that, without any reference to the direction of growth, and do that as part of the work to fix this bug. Currently we assume that the stack grows down everywhere but I see no point in embedding that assumption more deeply than necessary, and it should be documented whereever we make use of it.
Assignee: nobody → fklockii
Status: NEW → ASSIGNED
OS: Mac OS X → All
Priority: -- → P3
Hardware: x86 → All
Target Milestone: --- → flash10.x - Serrano
Flags: flashplayer-bug+
Whiteboard: must-fix-candidate
Priority: P3 → P4
Whiteboard: must-fix-candidate
(In reply to comment #1) > I insist that we come up with new terms for the stack limits - unless we go > through the code and make sure that every single use of "stack top" and "stack > base" refer to that, without any reference to the direction of growth, and do > that as part of the work to fix this bug. Any suggestions for what the new terms should be? Up above, I went with "stack tip" for the edge of the most recently pushed frame. I would go with "stack base" for opposite end, but I'm inferring that that's not good enough (since its what we're already using). So, what then, "stack origin"? Or perhaps just getting rid of uses of the words "top" and "bottom" would suffice?
My previous comment presented a choice: either find new terms, or audit the code. A code audit would be fine with me--that may not have been clear from my phrasing--with "stack base" (oldest frame) and "stack top" (youngest frame) being the terms, clearly defined somewhere very visible. ("Stack oldest end" and "stack youngest end", or similar, would be more precise because they more closely approximate what is the case, but they're probably unfamiliar to many. On the other hand, given the confusion about "top" it might be worth trying. cc'ing Edwin.)
Priority: P4 → P3
Target Milestone: Q3 11 - Serrano → Q4 11 - Anza
Target Milestone: Q4 11 - Anza → Q1 12 - Brannan
Flags: flashplayer-qrb+
Flags: flashplayer-injection-
Bug scope creep: can we separate this fix from the terminology change or the code audit? The fix itself is easy -- might as well fix it now.
Whiteboard: loose-end
(In reply to Felix S Klock II from comment #0) > From Bug 568615, comment 14 and Bug 568615, comment 25 > > Look at changeset:1975 : > > http://hg.mozilla.org/tamarin-redux/rev/079b86c8954a#l1.131 > > It inverted the logic of the update to rememberedStackTop. I believe this > was a mistake; stacks grow down, but for the state being maintained here, > "Top" really does mean "the tip of the stack", so the original logic was > correct. I don't know where the line number in the above link came from. The correct line number to look at to see the context of the paragraph above is line 204 of the diff: http://hg.mozilla.org/tamarin-redux/rev/079b86c8954a#l1.204 1.204 - if(rememberedStackTop == 0 || rememberedStackTop > item.ptr) { 1.205 + if(rememberedStackTop < item.ptr) { 1.206 rememberedStackTop = item.ptr;
If there's a bug then yes, find and fix first.
Priority: P3 → P4
Assignee: fklockii → nobody
Target Milestone: Q1 12 - Brannan → Q3 12 - Dolores
Assignee: nobody → tony.printezis
Attached patch Patch 0: fix for the bug (obsolete) — Splinter Review
Attachment #632830 - Flags: review?(fklockii)
Comment on attachment 632830 [details] [diff] [review] Patch 0: fix for the bug Review of attachment 632830 [details] [diff] [review]: ----------------------------------------------------------------- R+. ship it!
Attachment #632830 - Flags: review?(fklockii) → review+
The fix is the same as the previous patch, I just added an extra assert (after consulting with Felix) to ensure that the stack grows "downwards". So, if that assumption is ever broken, we'll at least know about it. Testing: AVM acceptance tests, shelve build
Attachment #632830 - Attachment is obsolete: true
Attachment #634491 - Flags: review?(fklockii)
Attachment #634491 - Flags: review?(fklockii) → review+
changeset: 7448:3c0be1a38dac user: Antonios Printezis <printezi@adobe.com> summary: Bug 591999: Fixed the logic for rememberedStackTop (r=fklockii) http://hg.mozilla.org/tamarin-redux/rev/3c0be1a38dac
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: