Closed
Bug 697741
Opened 14 years ago
Closed 13 years ago
Vector optimizations for float are miss using type information
Categories
(Tamarin Graveyard :: Baseline JIT (CodegenLIR), defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: brbaker, Assigned: virgilp)
References
Details
lhansen via IM: "i think what happens is that type information is misused when there's a local (parameter and/or local variable)"
Code:
var v:Vector.<float> = new <float> [1,1,1,1];
print(v[0]);
foo(v);
function foo(vec:Vector.<float>){ print(vec[0]); }
Expected Output -Ojit:
1
1
mac 32bit -Ojit:
1
1.1471720576222672e-16
mac 64bit -Ojit:
Reason: KERN_INVALID_ADDRESS at address: 0x00000000010101f2
0x00000001000a6963 in avmplus::ListImpl<float, avmplus::DataListHelper<float> >::length (this=0x1012a75b1) at avmplusList-inlines.h:441
441 return m_data->len;
Flags: in-testsuite?
Flags: flashplayer-triage+
Flags: flashplayer-qrb+
Flags: flashplayer-bug-
|
Reporter | |
Comment 1•14 years ago
|
||
More stack info from 64bit debug build:
#0 0x00000001000a6963 in avmplus::ListImpl<float, avmplus::DataListHelper<float> >::length (this=0x1012a75b1) at avmplusList-inlines.h:441
#1 0x000000010014b0b8 in avmplus::TypedVectorObject<avmplus::DataList<float> >::checkReadIndex_i (this=0x1012a7561, index=0) at VectorClass-inlines.h:273
#2 0x000000010014b0ef in avmplus::TypedVectorObject<avmplus::DataList<float> >::_getNativeIntProperty (this=0x1012a7561, index_i=0) at VectorClass-impl.h:458
#3 0x00000001012fc483 in ?? ()
#4 0x00000001000ef9ab in avmplus::BaseExecMgr::endCoerce (env=0x1011b1b98, argc=1, ap=0x7fff5fbfe1b0, ms=0x101268e50) at ../core/exec.cpp:877
#5 0x00000001000f0bd3 in avmplus::BaseExecMgr::invokeGeneric (env=0x1011b1b98, argc=1, atomv=0x7fff5fbfe4a8) at ../core/exec.cpp:1078
#6 0x00000001000f33d4 in avmplus::BaseExecMgr::jitInvokerNext (env=0x1011b1b98, argc=1, args=0x7fff5fbfe4a8) at ../core/exec-jit.cpp:221
#7 0x00000001000f1351 in avmplus::BaseExecMgr::verifyInvoke (env=0x1011b1b98, argc=1, args=0x7fff5fbfe4a8) at ../core/exec.cpp:365
#8 0x00000001000e0ef4 in avmplus::MethodEnv::coerceEnter (this=0x1011b1b98, argc=1, args=0x7fff5fbfe4a8) at MethodEnv-inlines.h:154
#9 0x00000001000fa654 in avmplus::FunctionObject::call (this=0x1011b49e0, argc=1, argv=0x7fff5fbfe4a8) at ../core/FunctionClass.cpp:179
...
...
...
|
|
||
Comment 2•14 years ago
|
||
Specifically I suspect that if vec is not a param but just a local, the same thing will happen, and that the reason is that there's confusion in the JIT about the layout of the vector because a float vector is not the same shape as an object vector, but the recent vector optimizations do not have a case for float vector and default to object vector.
It turned out not to be possible to insert asserts against this eventuality when I wrote the optimizations, or I would have. (Or, some more infrastructure is needed to make the asserts possible.) There's a certain amount of searching and checking necessary as a result.
If Vector.<float> is not important to have next week then I can look into it after the landing party, and also implement Vector.<float4> at that time.
|
|
||
Comment 3•13 years ago
|
||
I believe this is fixed now.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 4•13 years ago
|
||
Testmedia added to test/acceptance/as3/Types/Float/vector_float.as
changeset: 7039:6b9b12eecc9f
tag: tip
user: Brent Baker <brbaker@adobe.com>
date: Tue Dec 06 12:40:59 2011 -0500
summary: Bugs 698365, 697741: adding testmedia
Status: RESOLVED → VERIFIED
Flags: in-testsuite? → in-testsuite+
You need to log in
before you can comment on or make changes to this bug.
Description
•