Closed Bug 610306 Opened 14 years ago Closed 14 years ago

MarkStackRangeConservatively in jsgc.cpp marked wrong objects on big endian system.

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
Sun
Solaris
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: leon.sha, Assigned: luke)

Details

(Whiteboard: fixed-in-tracemonkey)

Attachments

(2 files)

patch
624 bytes, patch
gal
: review+
Details | Diff | Splinter Review
patch
1.61 KB, patch
gal
: review+
Details | Diff | Splinter Review 
"jsvals" have different layout on big endian system. We need to provide the real payload to scan.
Attached patch patchSplinter Review 
Assignee: general → leon.sha
Status: NEW → ASSIGNED

        Attachment #488806 -
        Flags: review?(gal)

    
  

        Attachment #488806 -
        Flags: review?(gal) → review+

    
    

    
  
It really feels to me like this should somehow live in Value...

    
    

    
  
Probably not a bad idea. Luke, want to do some magic here?

    
    

    
  
Whoa, this code has been 'optimized' since I touched it.  Skipping every other word is only valid if every jsval on the stack is 64-bit aligned.  I had an assert in js::Value accessors that 'this' was aligned, but I had to take it out since the compiler was misaligning jsvals (parameters in MSVC and temporaries in GCC, IIRC).  jsvals aren't even declared to be aligned on MSVC.  Thus, unless I'm missing something, I think the real fix is to mark every word.

    
    

    
  
I think this was intended for scanning the JIT stack, which is guaranteed to be aligned. At the very least there should always be a version that scans aligned memory.

    
    

    
  
(In reply to comment #5)
> I think this was intended for scanning the JIT stack

D'oh!  I assumed this was in the C-stack scanner.

    
    

    
  

      
      
      
      

        Attached patch
          
          
        patchSplinter Review
      

    


  
This encapsulates the value representation a bit more.
Assignee: leon.sha → lw

        Attachment #488886 -
        Flags: review?(gal)

    
  

        Attachment #488886 -
        Flags: review?(gal) → review+

    
    

    
  
http://hg.mozilla.org/tracemonkey/rev/18d56745c3e6
Whiteboard: fixed-in-tracemonkey

    
    

    
  
http://hg.mozilla.org/mozilla-central/rev/18d56745c3e6
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: