100464 2012-10-25 22:43:40 -0700 MathML fuzzing bugs - 2 2012-12-13 11:17:41 -0800 1 1 1 Unclassified WebKit MathML 528+ (Nightly build) Unspecified Unspecified RESOLVED DUPLICATE 99796 P2 Normal --- 1 inferno webkit-unassigned dbarton eric fred.wang mitz simon.fraser oldest_to_newest 751558 0 170817 inferno 2012-10-25 22:43:40 -0700 Created attachment 170817 Testcase - 2 ==21356== ERROR: AddressSanitizer crashed on unknown address 0x000000000001 (pc 0x7f81358e4aac sp 0x7fff34118c00 bp 0x7fff34118cd0 T0) AddressSanitizer can not provide additional info. #0 0x7f81358e4aab in WebCore::LayoutState::isPaginated() const third_party/WebKit/Source/WebCore/rendering/LayoutState.h:78 #1 0x7f8135af39fd in WebCore::RenderView::pushLayoutState(WebCore::RenderBox*, WebCore::FractionalLayoutSize const&, WebCore::FractionalLayoutUnit, bool, WebCore::ColumnInfo*) third_party/WebKit/Source/WebCore/rendering/RenderView.h:229 #2 0x7f8135af33b5 in WebCore::LayoutStateMaintainer::push(WebCore::RenderBox*, WebCore::FractionalLayoutSize, WebCore::FractionalLayoutUnit, bool, WebCore::ColumnInfo*) third_party/WebKit/Source/WebCore/rendering/RenderView.h:377 #3 0x7f8135af2df6 in LayoutStateMaintainer third_party/WebKit/Source/WebCore/rendering/RenderView.h:355 #4 0x7f81359d254a in LayoutStateMaintainer third_party/WebKit/Source/WebCore/rendering/RenderView.h:356 #5 0x7f813628c2ec in WebCore::RenderTable::layout() third_party/WebKit/Source/WebCore/rendering/RenderTable.cpp:353 #6 0x7f81357d7630 in WebCore::RenderObject::layoutIfNeeded() third_party/WebKit/Source/WebCore/rendering/RenderObject.h:672 #7 0x7f813652f06e in WebCore::RenderMathMLBlock::computeChildrenPreferredLogicalHeights() third_party/WebKit/Source/WebCore/rendering/mathml/RenderMathMLBlock.cpp:183 #8 0x7f813654881b in WebCore::RenderMathMLRow::computePreferredLogicalWidths() third_party/WebKit/Source/WebCore/rendering/mathml/RenderMathMLRow.cpp:57 #9 0x7f8135bcb094 in WebCore::RenderBox::maxPreferredLogicalWidth() const third_party/WebKit/Source/WebCore/rendering/RenderBox.cpp:673 #10 0x7f81360a0889 in WebCore::RenderMarquee::computePosition(WebCore::EMarqueeDirection, bool) third_party/WebKit/Source/WebCore/rendering/RenderMarquee.cpp:119 #11 0x7f81360a34b4 in WebCore::RenderMarquee::updateMarqueePosition() third_party/WebKit/Source/WebCore/rendering/RenderMarquee.cpp:202 #12 0x7f8135edf9b1 in WebCore::RenderLayer::updateLayerPositionsAfterScroll(unsigned int) third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:553 #13 0x7f8135ef8072 in WebCore::RenderLayer::scrollTo(int, int) third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:1724 #14 0x7f8135f04fe4 in WebCore::RenderLayer::setScrollOffset(WebCore::IntPoint const&) third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:2061 #15 0x7f8130de4d34 in WebCore::ScrollableArea::scrollPositionChanged(WebCore::IntPoint const&) third_party/WebKit/Source/WebCore/platform/ScrollableArea.cpp:147 #16 0x7f8130de612c in WebCore::ScrollableArea::setScrollOffsetFromAnimation(WebCore::IntPoint const&) third_party/WebKit/Source/WebCore/platform/ScrollableArea.cpp:192 #17 0x7f8130d84e73 in WebCore::ScrollAnimator::notifyPositionChanged() third_party/WebKit/Source/WebCore/platform/ScrollAnimator.cpp:149 #18 0x7f8130d81cb0 in WebCore::ScrollAnimator::scrollToOffsetWithoutAnimation(WebCore::FloatPoint const&) third_party/WebKit/Source/WebCore/platform/ScrollAnimator.cpp:79 #19 0x7f8130de417b in WebCore::ScrollableArea::scrollToOffsetWithoutAnimation(WebCore::FloatPoint const&) third_party/WebKit/Source/WebCore/platform/ScrollableArea.cpp:126 #20 0x7f8135ef6668 in WebCore::RenderLayer::scrollToOffset(WebCore::IntSize const&, WebCore::RenderLayer::ScrollOffsetClamping) third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:1697 #21 0x7f8135c3b50b in WebCore::RenderLayer::scrollToXOffset(int, WebCore::RenderLayer::ScrollOffsetClamping) third_party/WebKit/Source/WebCore/rendering/RenderLayer.h:328 #22 0x7f8135bbcf2d in WebCore::RenderBox::styleDidChange(WebCore::StyleDifference, WebCore::RenderStyle const*) third_party/WebKit/Source/WebCore/rendering/RenderBox.cpp:232 #23 0x7f81358f4845 in WebCore::RenderBlock::styleDidChange(WebCore::StyleDifference, WebCore::RenderStyle const*) third_party/WebKit/Source/WebCore/rendering/RenderBlock.cpp:328 #24 0x7f81361804ec in WebCore::RenderObject::setStyle(WTF::PassRefPtr<WebCore::RenderStyle>) third_party/WebKit/Source/WebCore/rendering/RenderObject.cpp:1774 #25 0x7f813617e6a8 in WebCore::RenderObject::setAnimatableStyle(WTF::PassRefPtr<WebCore::RenderStyle>) third_party/WebKit/Source/WebCore/rendering/RenderObject.cpp:1675 #26 0x7f812f02f094 in WebCore::Node::setRenderStyle(WTF::PassRefPtr<WebCore::RenderStyle>) third_party/WebKit/Source/WebCore/dom/Node.cpp:1427 #27 0x7f812edfdba9 in WebCore::Element::recalcStyle(WebCore::Node::StyleChange) third_party/WebKit/Source/WebCore/dom/Element.cpp:1169 #28 0x7f812edfec0c in WebCore::Element::recalcStyle(WebCore::Node::StyleChange) third_party/WebKit/Source/WebCore/dom/Element.cpp:1223 #29 0x7f812edfec0c in WebCore::Element::recalcStyle(WebCore::Node::StyleChange) third_party/WebKit/Source/WebCore/dom/Element.cpp:1223 #30 0x7f812eab4f19 in WebCore::Document::recalcStyle(WebCore::Node::StyleChange) third_party/WebKit/Source/WebCore/dom/Document.cpp:1856 #31 0x7f812eab6870 in WebCore::Document::updateStyleIfNeeded() third_party/WebKit/Source/WebCore/dom/Document.cpp:1904 #32 0x7f812eab6f1e in WebCore::Document::updateLayout() third_party/WebKit/Source/WebCore/dom/Document.cpp:1927 #33 0x7f8135f34c70 in WebCore::RenderLayer::hitTest(WebCore::HitTestRequest const&, WebCore::HitTestLocation const&, WebCore::HitTestResult&) third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:3511 #34 0x7f813644c964 in WebCore::RenderView::hitTest(WebCore::HitTestRequest const&, WebCore::HitTestLocation const&, WebCore::HitTestResult&) third_party/WebKit/Source/WebCore/rendering/RenderView.cpp:96 #35 0x7f813644c62c in WebCore::RenderView::hitTest(WebCore::HitTestRequest const&, WebCore::HitTestResult&) third_party/WebKit/Source/WebCore/rendering/RenderView.cpp:91 #36 0x7f812eacc4af in WebCore::Document::prepareMouseEvent(WebCore::HitTestRequest const&, WebCore::FractionalLayoutPoint const&, WebCore::PlatformMouseEvent const&) third_party/WebKit/Source/WebCore/dom/Document.cpp:3073 #37 0x7f8134ec1ecf in WebCore::EventHandler::prepareMouseEvent(WebCore::HitTestRequest const&, WebCore::PlatformMouseEvent const&) third_party/WebKit/Source/WebCore/page/EventHandler.cpp:2146 #38 0x7f8134ec4158 in WebCore::EventHandler::handleMouseMoveEvent(WebCore::PlatformMouseEvent const&, WebCore::HitTestResult*, bool) third_party/WebKit/Source/WebCore/page/EventHandler.cpp:1785 #39 0x7f8134ec248a in WebCore::EventHandler::mouseMoved(WebCore::PlatformMouseEvent const&) third_party/WebKit/Source/WebCore/page/EventHandler.cpp:1707 #40 0x7f8129c5c6ff in WebKit::PageWidgetEventHandler::handleMouseMove(WebCore::Frame&, WebKit::WebMouseEvent const&) third_party/WebKit/Source/WebKit/chromium/src/PageWidgetDelegate.cpp:197 #41 0x7f8129c5afcf in WebKit::PageWidgetDelegate::handleInputEvent(WebCore::Page*, WebKit::PageWidgetEventHandler&, WebKit::WebInputEvent const&) third_party/WebKit/Source/WebKit/chromium/src/PageWidgetDelegate.cpp:118 #42 0x7f812a183a36 in WebKit::WebViewImpl::handleInputEvent(WebKit::WebInputEvent const&) third_party/WebKit/Source/WebKit/chromium/src/WebViewImpl.cpp:1990 #43 0x7f814c52922e in content::RenderWidget::OnHandleInputEvent(IPC::Message const&) content/renderer/render_widget.cc:583 #44 0x7f814c55587e in bool IPC::Message::Dispatch<content::RenderWidget, content::RenderWidget>(IPC::Message const*, content::RenderWidget*, content::RenderWidget*, void (content::RenderWidget::*)(IPC::Message const&)) ./ipc/ipc_message.h:170 #45 0x7f814c522a4b in content::RenderWidget::OnMessageReceived(IPC::Message const&) content/renderer/render_widget.cc:244 #46 0x7f814c3852c3 in content::RenderViewImpl::OnMessageReceived(IPC::Message const&) content/renderer/render_view_impl.cc:1064 #47 0x7f814b9821fa in MessageRouter::RouteMessage(IPC::Message const&) content/common/message_router.cc:47 #48 0x7f814b981dcb in MessageRouter::OnMessageReceived(IPC::Message const&) content/common/message_router.cc:39 #49 0x7f814acf5773 in ChildThread::OnMessageReceived(IPC::Message const&) content/common/child_thread.cc:275 #50 0x7f8146936322 in IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) ipc/ipc_channel_proxy.cc:261 #51 0x7f814695d5b1 in base::internal::RunnableAdapter<void (IPC::ChannelProxy::Context::*)(IPC::Message const&)>::Run(IPC::ChannelProxy::Context*, IPC::Message const&) ./base/bind_internal.h:190 #52 0x7f814695d147 in base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (IPC::ChannelProxy::Context::*)(IPC::Message const&)>, void (IPC::ChannelProxy::Context* const&, IPC::Message const&)>::MakeItSo(base::internal::RunnableAdapter<void (IPC::ChannelProxy::Context::*)(IPC::Message const&)>, IPC::ChannelProxy::Context* const&, IPC::Message const&) ./base/bind_internal.h:898 #53 0x7f814695cd74 in base::internal::Invoker<2, base::internal::BindState<base::internal::RunnableAdapter<void (IPC::ChannelProxy::Context::*)(IPC::Message const&)>, void (IPC::ChannelProxy::Context*, IPC::Message const&), void (IPC::ChannelProxy::Context*, IPC::Message)>, void (IPC::ChannelProxy::Context*, IPC::Message const&)>::Run(base::internal::BindStateBase*) ./base/bind_internal.h:1256 #54 0x7f815a8805ac in base::Callback<void ()>::Run() const ./base/callback.h:391 #55 0x7f815aa9c76d in MessageLoop::RunTask(base::PendingTask const&) base/message_loop.cc:470 #56 0x7f815aa9e5da in MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop.cc:482 #57 0x7f815aa9ec95 in MessageLoop::DoWork() base/message_loop.cc:661 #58 0x7f815aaf08eb in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_pump_default.cc:28 #59 0x7f815aa9a999 in MessageLoop::RunInternal() base/message_loop.cc:427 #60 0x7f815aa9a426 in MessageLoop::RunHandler() base/message_loop.cc:400 #61 0x7f815ac662b1 in base::RunLoop::Run() base/run_loop.cc:45 #62 0x7f815aa980aa in MessageLoop::Run() base/message_loop.cc:307 #63 0x7f814c5ed591 in content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:241 #64 0x7f8148ef5669 in content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:402 #65 0x7f8148ef687d in content::RunNamedProcessTypeMain(std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:456 #66 0x7f8148efbbcb in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:741 #67 0x7f8148ef30cd in content::ContentMain(int, char const**, content::ContentMainDelegate*) content/app/content_main.cc:35 #68 0x7f815be03abd in ChromeMain chrome/app/chrome_main.cc:32 #69 0x7f815be0378a in main chrome/app/chrome_exe_main_gtk.cc:31 #70 0x7f811bd6876c in __libc_start_main /build/buildd/eglibc-2.15/csu/libc-start.c:226 Stats: 7M malloced (34M for red zones) by 33069 calls Stats: 0M realloced by 99 calls Stats: 4M freed by 15578 calls Stats: 0M really freed by 0 calls Stats: 44M (11286 full pages) mmaped in 88 calls mmaps by size class: 10:32193; 11:765; 12:256; 13:128; 14:160; 15:48; 16:16; 17:16; 18:4; 19:2; mallocs by size class: 10:32056; 11:558; 12:179; 13:78; 14:129; 15:37; 16:14; 17:13; 18:3; 19:2; frees by size class: 10:14830; 11:453; 12:69; 13:63; 14:114; 15:29; 16:8; 17:8; 18:2; 19:2; rfrees by size class: Stats: malloc large: 69 small slow: 1149 ==21356== ABORTING 751573 1 eric 2012-10-25 23:05:01 -0700 Ah, RenderMarquee. :) bool pushLayoutState(RenderBox* renderer, const LayoutSize& offset, LayoutUnit pageHeight = 0, bool pageHeightChanged = false, ColumnInfo* colInfo = 0) Assumes that there is already a LayoutState when it's called. Presumaly RenderTable assumes that its parent has always created a layout state for it. I guess this is an artifact of re-using the RenderTable renderer for MathML. 751574 2 eric 2012-10-25 23:05:41 -0700 To be clear. RenderView::m_layoutState is null when pushLayoutState is being called. That code seems to find that unexpected. 751578 3 eric 2012-10-25 23:12:48 -0700 This is just systemic from our use of RenderTable in an environment it's not expecting. It's easy to add LayoutState support to RenderMathMLBlock, or to add an early return to the push function. I'm not sure which is a better approach. Simon or Mitz may have an opinion (both have worked on LayoutState, iirc.) 752276 4 dbarton 2012-10-26 12:20:59 -0700 I'm guessing this is a dup of bug 99796, which I'm going to upload a patch for soon. 790777 5 dbarton 2012-12-13 11:17:41 -0800 This definitely looks to me like a duplicate of bug 99796, and the fix for that bug does appear to fix this one. Actually, I could never get Abhishek's test case to file in DRT, which is why I'm not adding any tests to layout-tests. However, it did fail for me in Chrome Canary before the fix for bug 99796 landed, and it doesn't fail for me in Chrome Canary any more. So I'm marking this bug as a duplicate, and maybe Abhishek can confirm this if his fuzzer doesn't fail any more. If anyone disagrees, please re-open this bug. (I don't believe you require extra tests for duplicate bug reports.) *** This bug has been marked as a duplicate of bug 99796 *** 170817 2012-10-25 22:43:40 -0700 2012-10-25 22:43:40 -0700 Testcase - 2 fuzz-twister-items_2_titles1350819568.92.xml text/xml 3227 inferno PGh0bWwgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGh0bWwiPjxoZWFkPjwvaGVhZD48 Ym9keSBpZD0idENGMSI+PWggNiouIDV5IEl9b0soIHVrJV8ldXBLWQo8aXRlbT48dGl0bGU+Pjwv dGl0bGU+CjxzdHlsZT48IVtDREFUQVsKKiB7IG92ZXJmbG93OiAtd2Via2l0LW1hcnF1ZWU7IH0K LmM1IHsgem9vbTogNzg7IH0KLmMyMSB7IG1hcmdpbi1yaWdodDogLXdlYmtpdC1jYWxjKDE1MyUp OyB9XV0+PC9zdHlsZT48c2NyaXB0PjwhW0NEQVRBWwogZG9jRWxlbWVudCA9IGRvY3VtZW50LmJv ZHkgPyBkb2N1bWVudC5ib2R5IDpkb2NFbGVtZW50LmNvbnRlbnRFZGl0YWJsZSA9ICJ0cnVlIjsK ZnVuY3Rpb24gcmVmZXJlbmNlKGRvbU5vZGUpIHt9IGZ1bmN0aW9uIHdhbGsoYSwgZG9tTm9kZSkg eyBpZihkb21Ob2RlID09IGRvbU5vZGUuZmlyc3RDaGlsZCk7IGFbbmV3UHJlZml4XSA9IHdhbGso YSwgZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50KTsgZm9yKGtleSBpbiBhKSB7YVtrZXldLmRvbU5v ZGUucGFyZW50Tm9kZS5yZW1vdmVDaGlsZChhW2tleV0uZG9tTm9kZSk7IH19CmZ1bmN0aW9uIFoo aSkgeyByZXR1cm4gZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoaSkgfQp0Q0YwID10Q0YxID0gWigi dENGMSIpOwp0Q0YzID0gWigidENGNyIpOwpmdW5jdGlvbiBpbml0Q0YoKSB7CnRyeSB7IH0gY2F0 Y2goZSkge30KdHJ5IHsgdENGOC5zZXRBdHRyaWJ1dGUoImNsYXNzIiwgImMxNSIpOyB9IGNhdGNo KGUpIHt9CnRyeSB7IH0gY2F0Y2goZSkge30KdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkgeyB0Q0Yy MyA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnROUygiaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRt bCIsICJ1Iik7IH0gY2F0Y2goZSkge30KdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkgeyBkb2NFbGVt ZW50LmFwcGVuZENoaWxkKHRDRjIzKTsgfSBjYXRjaChlKSB7fQp0cnkgeyB9IGNhdGNoKGUpIHt9 CnRyeSB7IHRDRjQwID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudE5TKCJodHRwOi8vd3d3LnczLm9y Zy8yMDAwLzAyL3N2Zy90ZXN0c3VpdGUvZGVzY3JpcHRpb24vIiwgInBhc3Njcml0ZXJpYSIpOyB9 IGNhdGNoKGUpIHt9CnRyeSB7IH0gY2F0Y2goZSkge30KdHJ5IHsgdENGNDAuc2V0QXR0cmlidXRl KCJ4bWxucyIsICJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIik7IH0gY2F0Y2goZSkge30K dHJ5IHsgdENGNDEgPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50TlMoImh0dHA6Ly93d3cudzMub3Jn LzE5OTkveGh0bWwiLCAidGFibGUiKTsgfSBjYXRjaChlKSB7fQp0cnkgeyB9IGNhdGNoKGUpIHt9 CnRyeSB7IH0gY2F0Y2goZSkge30KdHJ5IHsgdENGNDEuc2V0QXR0cmlidXRlKCJoc3BhY2UiLCAi NzYiKTsgfSBjYXRjaChlKSB7fQp0cnkgeyB0Q0Y1MyA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnRO UygiaHR0cDovL3d3dy53My5vcmcvMTk5OC9NYXRoL01hdGhNTCIsICJtYXRoIik7IH0gY2F0Y2go ZSkge30KdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkgeyB9IGNhdGNoKGUpIHt9CnRyeSB7IH0gY2F0 Y2goZSkge30KdHJ5IHsgZG9jRWxlbWVudC5hcHBlbmRDaGlsZCh0Q0Y1Myk7IH0gY2F0Y2goZSkg e30KdHJ5IHsgdENGNTcgPSBkb2N1bWVudC5jcmVhdGVUZXh0Tm9kZSgiWFMgdDBGOVRjCUJaYGRK eiApODFxMiBjLXR0NG9Qf30henY5UlFzZTFMSiB/dXYsCSA4WUggMCozNiIpOyB9IGNhdGNoKGUp IHt9CnRyeSB7IGRvY0VsZW1lbnQuYXBwZW5kQ2hpbGQodENGNTcpOyB9IGNhdGNoKGUpIHt9CnNl dFRpbWVvdXQoIkNGY3Jhc2goKSIsIDgpOwp9CmRvY3VtZW50LmFkZEV2ZW50TGlzdGVuZXIoIkRP TUNvbnRlbnRMb2FkZWQiLCBpbml0Q0YsIGZhbHNlKTsKZnVuY3Rpb24gc2VsZWN0UmFuZ2VOb2Rl Q29udGVudHMociwgbm9kZSkgeyB9CmZ1bmN0aW9uIGVkaXRGdXp6KCkgewp0cnkgeyB9IGNhdGNo KGUpIHt9Cn0KZnVuY3Rpb24gQ0ZjcmFzaCgpIHsKdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkgeyBk b2NFbGVtZW50Lmluc2VydEJlZm9yZSh0Q0YwLCBkb2NFbGVtZW50LmNoaWxkTm9kZXNbMjkgJSBk b2NFbGVtZW50LmNoaWxkTm9kZXMubGVuZ3RoXSk7IH0gY2F0Y2goZSkgeyB0cnkgeyB9IGNhdGNo KGUpIHt9IH0KdHJ5IHsgdENGMjYuc2V0QXR0cmlidXRlKCJyb3dzcGFuIiwgIjEwNiIpOyB9IGNh dGNoKGUpIHt9CnRyeSB7IH0gY2F0Y2goZSkge30KdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkgeyB0 Q0Y1My5hcHBlbmRDaGlsZCh0Q0Y0MSk7IH0gY2F0Y2goZSkge30KdHJ5IHsgfSBjYXRjaChlKSB7 fQp0cnkgeyBpZiAodENGMzMgIT0gZG9jRWxlbWVudCkgeyBpZiAodHlwZW9mICJ1bmRlZmluZWQi KSB0Q0Y0NjsgfX0gY2F0Y2goZSkge30KdHJ5IHsgdENGMjMuc2V0QXR0cmlidXRlKCJjbGFzcyIs ICJjMjEiKTsgfSBjYXRjaChlKSB7fQp0cnkgeyB9IGNhdGNoKGUpIHt9CnRyeSB7IH0gY2F0Y2go ZSkge30KIGRvY0VsZW1lbnQub2Zmc2V0VG9wOwp0cnkgeyB0Q0YzMS5zZXRBdHRyaWJ1dGUoImFs dCIsICJUZXN0SW1hZ2UiKTsgfSBjYXRjaChlKSB7fQp0cnkgeyB0Q0Y1NC5yZXBsYWNlQ2hpbGQo dENGMzUsIHRDRjU0LmNoaWxkTm9kZXNbNyAlIHRDRjU0LmNoaWxkTm9kZXMubGVuZ3RoXSk7IH0g Y2F0Y2goZSkgeyB0cnkgeyB9IGNhdGNoKGUpIHt9IH0KdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkg eyB9IGNhdGNoKGUpIHt9CnNldFRpbWVvdXQoJ3RyeSB7IHRDRjQ4Lmluc2VydEJlZm9yZSh0Q0Yy MCwgdENGNDguY2hpbGROb2Rlc1s0NyAlIHRDRjQ4LmNoaWxkTm9kZXMubGVuZ3RoXSk7IH0gY2F0 Y2goZSkge30gfScsIDEyNSk7CnRyeSB7IH0gY2F0Y2goZSkge30KdHJ5IHsgaWYgKHRDRjEwICE9 IGRvY0VsZW1lbnQpIHsgaWYgKHR5cGVvZiAidW5kZWZpbmVkIikgdENGMTAgfX0gY2F0Y2goZSkg e30KdHJ5IHsgfSBjYXRjaChlKSB7fQp0cnkgeyB0Q0YxMS5zZXRBdHRyaWJ1dGUoIngiLCAiOCwz NTM0Myw1MCw1NSIpOyB9IGNhdGNoKGUpIHt9CnRyeSB7IHRDRjEuc2V0QXR0cmlidXRlKCJjbGFz cyIsICJjNSIpOyB9IGNhdGNoKGUpIHt9CnRyeSB7IGRvY3VtZW50LmltcG9ydE5vZGUodENGMTcs IHRydWUpOyB9IGNhdGNoKGUpIHt9CnRyeSB7IHRDRjIucmVwbGFjZUNoaWxkKHRDRjExLCB0Q0Yy LmNoaWxkTm9kZXNbMzMgJSB0Q0YyLmNoaWxkTm9kZXMubGVuZ3RoXSk7IH0gY2F0Y2goZSkgeyB0 cnkgeyB9IGNhdGNoKGUpIHt9IH0KfV1dPjwvc2NyaXB0Pj4=