Closed
Bug 695652
Opened 13 years ago
Closed 13 years ago
Float4 addition across function boundary looses type information when jitted
Categories
(Tamarin Graveyard :: Virtual Machine, defect)
Tamarin Graveyard
Virtual Machine
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: brbaker, Assigned: virgilp)
References
Details
I am not really sure how to describe this bug or what the title should be but here is the code that is not working correctly. Code: var typedFoo:float4 = new float4(0f); var untypedFoo = new float4(0f); function fooAdd(val) { return val+=float4(1f); } print(fooAdd(typedFoo)); print(fooAdd(untypedFoo)); Output with rev 224 -Dinterp 1,1,1,1 1,1,1,1 rev 224 -Ojit 0,0,1.401298464324817e-45,0 2.9428725101224056e-38,1.401298464324817e-45,27660106156705055000,4.591634678053128e-41 rev 223 -Dinterp and -Ojit 1,1,1,1 1,1,1,1
Flags: in-testsuite+
Flags: flashplayer-triage+
Flags: flashplayer-qrb?
Flags: flashplayer-bug-
Reporter | ||
Comment 1•13 years ago
|
||
Running this sample code in a debug build produces the following assert: Assertion failed: "((type == (core->traits.object_itraits) || type == (core->traits.numeric_itraits)))" ("../core/CodegenLIR.cpp":2533) #0 0x00007fff80c080b6 in __kill () #1 0x000000010000abde in VMPI_debugBreak () at ../VMPI/MacDebugUtils.cpp:55 #2 0x000000010000aa4c in avmplus::AvmDebugMsg (p=0x10022e4e8 "Assertion failed: \"((type == (core->traits.object_itraits) || type == (core->traits.numeric_itraits)))\" (\"../core/CodegenLIR.cpp\":2533)\n", debugBreak=true) at ../AVMPI/AvmAssert.cpp:69 #3 0x000000010000316e in avmplus::AvmAssertFail (message=0x10022e4e8 "Assertion failed: \"((type == (core->traits.object_itraits) || type == (core->traits.numeric_itraits)))\" (\"../core/CodegenLIR.cpp\":2533)\n") at AvmAssert.h:66 #4 0x000000010000318e in avmplus::_AvmAssertMsg (condition=0, message=0x10022e4e8 "Assertion failed: \"((type == (core->traits.object_itraits) || type == (core->traits.numeric_itraits)))\" (\"../core/CodegenLIR.cpp\":2533)\n") at AvmAssert.h:72 #5 0x00000001000d22c8 in avmplus::CodegenLIR::emitAdd (this=0x7fff5fbfe620, i=3, j=4, type=0x1010b1b68) at ../core/CodegenLIR.cpp:2533 #6 0x00000001000d4564 in avmplus::CodegenLIR::write (this=0x7fff5fbfe620, state=0x1010473b0, pc=0x1012419a2 "?*ւ??\b\002H", opcode=avmplus::ActionBlockConstants::OP_add, type=0x1010b1b68) at ../core/CodegenLIR.cpp:2874 #7 0x000000010015fa79 in avmplus::ScopeWriter::write (this=0x7fff5fbfe330, state=0x1010473b0, pc=0x1012419a2 "?*ւ??\b\002H", opcode=avmplus::ActionBlockConstants::OP_add, type=0x1010b1b68) at ../core/Verifier.cpp:142 #8 0x000000010015cdd0 in avmplus::Verifier::verifyBlock (this=0x7fff5fbfe4b0, start_pos=0x10124199f "?T\001?*ւ??\b\002H") at ../core/Verifier.cpp:2296 #9 0x000000010015eabb in avmplus::Verifier::verify (this=0x7fff5fbfe4b0, emitter=0x7fff5fbfe620) at ../core/Verifier.cpp:862 #10 0x00000001000f0025 in avmplus::BaseExecMgr::verifyCommon (this=0x10103a098, m=0x1012355e8, ms=0x1012cb128, toplevel=0x10100c068, abc_env=0x10126e0a8, coder=0x7fff5fbfe620) at ../core/exec.cpp:459 #11 0x00000001000f2dc6 in avmplus::BaseExecMgr::verifyJit (this=0x10103a098, m=0x1012355e8, ms=0x1012cb128, toplevel=0x10100c068, abc_env=0x10126e0a8, osr=0x0) at ../core/exec-jit.cpp:253 #12 0x00000001000f042e in avmplus::BaseExecMgr::verifyMethod (this=0x10103a098, m=0x1012355e8, toplevel=0x10100c068, abc_env=0x10126e0a8) at ../core/exec.cpp:399 #13 0x00000001000f04c3 in avmplus::BaseExecMgr::verifyOnCall (env=0x1012dfe28) at ../core/exec.cpp:376 #14 0x00000001000f0504 in avmplus::BaseExecMgr::verifyInvoke (env=0x1012dfe28, argc=1, args=0x7fff5fbfeb28) at ../core/exec.cpp:361 #15 0x00000001000dff9c in avmplus::MethodEnv::coerceEnter (this=0x1012dfe28, argc=1, args=0x7fff5fbfeb28) at MethodEnv-inlines.h:154 #16 0x00000001000f971c in avmplus::FunctionObject::call (this=0x1012bfb88, argc=1, argv=0x7fff5fbfeb28) at ../core/FunctionClass.cpp:179 #17 0x00000001000de47f in avmplus::op_call<avmplus::MethodEnv*> (env=0x101220fb8, func=4314626953, argc=1, atomv=0x7fff5fbfeb28) at instr-inlines.h:116 #18 0x00000001012fee8d in ?? () #19 0x00000001000eeb77 in avmplus::BaseExecMgr::endCoerce (env=0x101220fb8, argc=0, ap=0x7fff5fbfecd0, ms=0x10126c408) at ../core/exec.cpp:852 #20 0x00000001000efd9f in avmplus::BaseExecMgr::invokeGeneric (env=0x101220fb8, argc=0, atomv=0x7fff5fbfedd0) at ../core/exec.cpp:1053 ... ...
Assignee | ||
Comment 2•13 years ago
|
||
Fixed in changelist 228:95ea6249e9c7; you were right after all to reopen the previous bug (this one is caused by an incomplete bugfix)
Reporter | ||
Comment 3•13 years ago
|
||
Virgil, it looks like change 228 is NOT the correct fix, if I rolback to 227 then things work correctly. Code: var flt4:float4 = new float4(1.125f); var flt4_plus_1:float4 = flt4 + float4(1.0f); Results -Dinterp and -Ojit: -Dinterp: VerifyError: Error #1024: Stack underflow occurred.
Assignee | ||
Comment 4•13 years ago
|
||
Fixed in changeset 229:4606f22c5396
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 5•13 years ago
|
||
Looks like we are back to normal, marking verified fixed.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•