112106 2013-03-11 23:27:56 -0700 REGRESSION(r144131): It made fast/js/regress/string-repeat-arith.html assert on 32 bit 2013-03-26 16:48:27 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) All All RESOLVED FIXED Qt, QtTriaged P1 Normal --- 79668 110433 1 ossy mhahnenberg fpizlo kadam mhahnenberg oliver ossy zarvai oldest_to_newest 853113 0 ossy 2013-03-11 23:27:56 -0700 r144131 made fast/js/regress/string-repeat-arith.html assert on 32 bit, for example on Qt 32 bit debug bot. Here is a GDB backtrace to help fixing the regression: $ gdb WebKitBuild/Debug/bin/DumpRenderTree GNU gdb (Ubuntu/Linaro 7.4-2012.02-0ubuntu2) 7.4-2012.02 Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-linux-gnu". For bug reporting instructions, please see: <http://bugs.launchpad.net/gdb-linaro/>... Reading symbols from /home/oszi/WebKit/WebKitBuild/Debug/bin/DumpRenderTree...done. (gdb) run LayoutTests/fast/js/regress/string-repeat-arith.html Starting program: /home/oszi/WebKit/WebKitBuild/Debug/bin/DumpRenderTree LayoutTests/fast/js/regress/string-repeat-arith.html [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1". [New Thread 0xf00cab40 (LWP 16009)] [New Thread 0xef6ffb40 (LWP 16011)] [Thread 0xef6ffb40 (LWP 16011) exited] [New Thread 0xef6ffb40 (LWP 16012)] [New Thread 0xee860b40 (LWP 16013)] ASSERTION FAILED: m_isCheckingArgumentTypes || m_canExit /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp(308) : void JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution(JSC::ExitKind, JSC::DFG::JSValueRegs, JSC::DFG::Node*) 1 0xf608ce7e /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b97e7e) [0xf608ce7e] 2 0xf6094354 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b9f354) [0xf6094354] 3 0xf60945e1 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b9f5e1) [0xf60945e1] 4 0xf60be070 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1bc9070) [0xf60be070] 5 0xf60925e2 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b9d5e2) [0xf60925e2] 6 0xf6092ce6 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b9dce6) [0xf6092ce6] 7 0xf605e757 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b69757) [0xf605e757] 8 0xf605f641 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b6a641) [0xf605f641] 9 0xf60508a3 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b5b8a3) [0xf60508a3] 10 0xf605009e /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b5b09e) [0xf605009e] 11 0xf61e4e48 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cefe48) [0xf61e4e48] 12 0xf61e527b /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cf027b) [0xf61e527b] 13 0xf61e1145 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cec145) [0xf61e1145] 14 0xf61e0e15 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cebe15) [0xf61e0e15] 15 0xf5f4cf3a /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1a57f3a) [0xf5f4cf3a] 16 0xf6136696 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1c41696) [0xf6136696] 17 0xf61334fe /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1c3e4fe) [0xf61334fe] 18 0x81735b0 [0x81735b0] 19 0xf60fdc27 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1c08c27) [0xf60fdc27] 20 0xf60fb4d5 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1c064d5) [0xf60fb4d5] 21 0xf61d7d64 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(_ZN3JSC8evaluateEPNS_9ExecStateERKNS_10SourceCodeENS_7JSValueEPS5_+0x213) [0xf61d7d64] 22 0xf4af6112 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x601112) [0xf4af6112] 23 0xf4b13459 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x61e459) [0xf4b13459] 24 0xf4b1356a /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x61e56a) [0xf4b1356a] 25 0xf4e134c6 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x91e4c6) [0xf4e134c6] 26 0xf4fb456a /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xabf56a) [0xf4fb456a] 27 0xf4fb43c8 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xabf3c8) [0xf4fb43c8] 28 0xf4fb48d5 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xabf8d5) [0xf4fb48d5] 29 0xf4fb489c /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xabf89c) [0xf4fb489c] 30 0xf4fa46e7 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xaaf6e7) [0xf4fa46e7] 31 0xf4fa47e6 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xaaf7e6) [0xf4fa47e6] Program received signal SIGSEGV, Segmentation fault. 0xf608ce88 in JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution (this=0xffffa1e8, kind=Uncountable, jsValueRegs=..., node=0x0) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:308 308 ASSERT(m_isCheckingArgumentTypes || m_canExit); (gdb) bt #0 0xf608ce88 in JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution (this=0xffffa1e8, kind=Uncountable, jsValueRegs=..., node=0x0) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:308 #1 0xf6094354 in JSC::DFG::SpeculativeJIT::checkGeneratedTypeForToInt32 (this=0xffffa1e8, node=0xede20984) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:2102 #2 0xf60945e1 in JSC::DFG::SpeculativeJIT::compileValueToInt32 (this=0xffffa1e8, node=0xede20f6c) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:2152 #3 0xf60be070 in JSC::DFG::SpeculativeJIT::compile(JSC::DFG::Node*) () at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:2187 #4 0xf60925e2 in JSC::DFG::SpeculativeJIT::compile (this=0xffffa1e8, block=0x8196a00) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:1757 #5 0xf6092ce6 in JSC::DFG::SpeculativeJIT::compile (this=0xffffa1e8) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:1875 #6 0xf605e757 in JSC::DFG::JITCompiler::compileBody (this=0xffffb454, speculative=0xffffa1e8) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp:108 #7 0xf605f641 in JSC::DFG::JITCompiler::compile (this=0xffffb454, entry=0xedeaeb4c) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp:250 #8 0xf60508a3 in JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*, unsigned int) () at /home/oszi/WebKit/Source/WTF/wtf/PrintStream.h:58 #9 0xf605009e in JSC::DFG::tryCompile (exec=0xee900058, codeBlock=0x8178340, jitCode=0xedeaeb4c, bytecodeIndex=<unknown type>) at /home/oszi/WebKit/Source/JavaScriptCore/dfg/DFGDriver.cpp:172 #10 0xf61e4e48 in bool JSC::jitCompileIfAppropriate<JSC::ProgramCodeBlock>(JSC::ExecState*, WTF::OwnPtr<JSC::ProgramCodeBlock>&, JSC::JITCode&, JSC::JITCode::JITType, unsigned int, JSC::JITCompilationEffort) () at /home/oszi/WebKit/Source/JavaScriptCore/bytecode/SpeculatedType.h:260 #11 0xf61e527b in bool JSC::prepareForExecution<JSC::ProgramCodeBlock>(JSC::ExecState*, WTF::OwnPtr<JSC::ProgramCodeBlock>&, JSC::JITCode&, JSC::JITCode::JITType, unsigned int) () at /home/oszi/WebKit/Source/JavaScriptCore/bytecode/SpeculatedType.h:260 #12 0xf61e1145 in JSC::ProgramExecutable::compileInternal (this=0xedeaeb38, exec=0xee900058, scope=0xeee5f838, jitType=DFGJIT, bytecodeIndex=<unknown type>) at /home/oszi/WebKit/Source/JavaScriptCore/runtime/Executable.cpp:327 #13 0xf61e0e15 in JSC::ProgramExecutable::compileOptimized (this=0xedeaeb38, exec=0xee900058, scope=0xeee5f838, bytecodeIndex=<unknown type>) at /home/oszi/WebKit/Source/JavaScriptCore/runtime/Executable.cpp:295 #14 0xf5f4cf3a in JSC::ProgramCodeBlock::compileOptimized (this=0x818fa38, exec=0xee900058, scope=0xeee5f838, bytecodeIndex=<unknown type>) at /home/oszi/WebKit/Source/JavaScriptCore/bytecode/CodeBlock.cpp:2860 #15 0xf6136696 in cti_optimize (args=0xffffba20) at /home/oszi/WebKit/Source/JavaScriptCore/jit/JITStubs.cpp:1899 #16 0xf61334fe in JSC::tryCacheGetByID (callFrame=0xee8dd300, codeBlock=0x8105a38, returnAddress=..., baseValue=..., propertyName=0x80fc300, slot=0xffffbaa8, stubInfo=0xf60fdf5b) at /home/oszi/WebKit/Source/JavaScriptCore/jit/JITStubs.cpp:996 #17 0x081735b0 in ?? () #18 0xf60fdc27 in JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::JSGlobalData*) () at /home/oszi/WebKit/Source/WTF/wtf/PrintStream.h:58 #19 0xf60fb4d5 in JSC::Interpreter::execute (this=0x8105a30, program=0xedeaeb38, callFrame=0xeee5f994, thisObj=0xeee9ffd8) at /home/oszi/WebKit/Source/JavaScriptCore/interpreter/Interpreter.cpp:987 #20 0xf61d7d64 in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () at /home/oszi/WebKit/Source/JavaScriptCore/runtime/Completion.cpp:75 #21 0xf4af6112 in WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () at /home/oszi/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83 #22 0xf4b13459 in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) () at /home/oszi/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83 #23 0xf4b1356a in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () at /home/oszi/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83 #24 0xf4e134c6 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #25 0xf4fb456a in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 ---Type <return> to continue, or q <return> to quit--- #26 0xf4fb43c8 in WebCore::HTMLScriptRunner::executeParsingBlockingScript() () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #27 0xf4fb48d5 in WebCore::HTMLScriptRunner::executeParsingBlockingScripts() () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #28 0xf4fb489c in WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #29 0xf4fa46e7 in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #30 0xf4fa47e6 in WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #31 0xf4fa4e17 in WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #32 0xf4fa4613 in WebCore::HTMLDocumentParser::resumeParsingAfterYield() () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #33 0xf4fb1c2b in WebCore::HTMLParserScheduler::continueNextChunkTimerFired(WebCore::Timer<WebCore::HTMLParserScheduler>*) () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #34 0xf4fb1ec2 in WebCore::Timer<WebCore::HTMLParserScheduler>::fired() () at /home/oszi/WebKit/Source/WTF/wtf/MemoryInstrumentation.h:109 #35 0xf532e8a7 in WebCore::ThreadTimers::sharedTimerFiredInternal() () at /usr/include/c++/4.6/bits/stl_algobase.h:218 #36 0xf532e7c3 in WebCore::ThreadTimers::sharedTimerFired() () at /usr/include/c++/4.6/bits/stl_algobase.h:218 #37 0xf561571e in WebCore::SharedTimerQt::timerEvent(QTimerEvent*) () at /usr/include/c++/4.6/bits/stl_algobase.h:218 #38 0xf379dec4 in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #39 0xf3fd1e34 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5 #40 0xf3fd5844 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5 #41 0xf3773eee in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #42 0xf37c06a2 in QTimerInfoList::activateTimers() () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #43 0xf37c0fe8 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #44 0xf2a5ccda in g_main_context_dispatch () from /lib/i386-linux-gnu/libglib-2.0.so.0 #45 0xf2a5d0e5 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0 #46 0xf2a5d1c1 in g_main_context_iteration () from /lib/i386-linux-gnu/libglib-2.0.so.0 #47 0xf37c16d8 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #48 0xf01de036 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.1/plugins/platforms/libqxcb.so #49 0xf3772726 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #50 0xf3772b64 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #51 0xf37766b2 in QCoreApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5 #52 0xf3a29984 in QGuiApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Gui.so.5 #53 0xf3fccfe4 in QApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5 #54 0x0806e14d in main () at /usr/include/c++/4.6/bits/move.h:130 #55 0xf328f4d3 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6 #56 0x08056bf1 in _start () (gdb) 858151 1 ossy 2013-03-19 04:16:50 -0700 ping? 863487 2 ossy 2013-03-26 02:26:02 -0700 ping? 863756 3 mhahnenberg 2013-03-26 10:04:25 -0700 I can repro this running 32-bit DumpRenderTree on Mac. 863783 4 mhahnenberg 2013-03-26 10:19:27 -0700 Looks like we're trying to compile a ValueToInt32 node, the node thinks it's a constant (isConstant() == true), but the internal JSValue says that it's a cell. Given the revision that caused the regression, looks like we're unboxing incorrectly somewhere. 863809 5 mhahnenberg 2013-03-26 10:35:55 -0700 I think this has to do with alwaysUnboxSimplePrimitives introduced in this change and the fact that we always assume in our fixup of ValueToInt32 that if it's not speculated as Integer, Number, or Boolean, then we speculate NotCell, which seems wrong. 863920 6 mhahnenberg 2013-03-26 12:31:29 -0700 Nevermind all that. The issue is that we get an empty type for the value during CFA, which guarantees that we're going to exit before we get to this later node (ValueToInt32). Because of this, ValueToInt32 is calling terminateSpeculativeExecution because it doesn't know what to do, when instead it should just abandon compilation of the current basic block. 863930 7 195144 mhahnenberg 2013-03-26 12:41:07 -0700 Created attachment 195144 Patch 863936 8 195144 fpizlo 2013-03-26 12:45:54 -0700 Comment on attachment 195144 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=195144&action=review > Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:2107 > - terminateSpeculativeExecution(Uncountable, JSValueRegs(), 0); > + m_compileOkay = false; I think this is wrong. What if this is the first node to type check the child? Then with your change, we'll tell the compiler that we stopped compiling even though the code is totally reachable. 864102 9 mhahnenberg 2013-03-26 16:48:27 -0700 Committed r146945: <http://trac.webkit.org/changeset/146945> 195144 2013-03-26 12:41:07 -0700 2013-03-26 12:45:53 -0700 Patch bug-112106-20130326123649.patch text/plain 2128 mhahnenberg SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTQ2OTE4KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE1IEBA CisyMDEzLTAzLTI2ICBNYXJrIEhhaG5lbmJlcmcgIDxtaGFobmVuYmVyZ0BhcHBsZS5jb20+CisK KyAgICAgICAgUkVHUkVTU0lPTihyMTQ0MTMxKTogSXQgbWFkZSBmYXN0L2pzL3JlZ3Jlc3Mvc3Ry aW5nLXJlcGVhdC1hcml0aC5odG1sIGFzc2VydCBvbiAzMiBiaXQKKyAgICAgICAgaHR0cHM6Ly9i dWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTExMjEwNgorCisgICAgICAgIFJldmlld2Vk IGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgICogZGZnL0RGR1NwZWN1bGF0aXZlSklULmNw cDoKKyAgICAgICAgKEpTQzo6REZHOjpTcGVjdWxhdGl2ZUpJVDo6Y2hlY2tHZW5lcmF0ZWRUeXBl Rm9yVG9JbnQzMik6IFdlIG5vdyBqdXN0IHNldCBtX2NvbXBpbGVPa2F5IHRvIGZhbHNlIGFuZCBy ZXR1cm4uCisgICAgICAgICogZGZnL0RGR1NwZWN1bGF0aXZlSklUMzJfNjQuY3BwOgorICAgICAg ICAoSlNDOjpERkc6OlNwZWN1bGF0aXZlSklUOjpmaWxsU3BlY3VsYXRlQm9vbGVhbik6IEZpeGVk IGEgcmFuZG9tIGNvbXBpbGUgZXJyb3Igd2l0aCB0aGlzIGZsYWcgZW5hYmxlZC4KKwogMjAxMy0w My0yNSAgRmlsaXAgUGl6bG8gIDxmcGl6bG9AYXBwbGUuY29tPgogCiAgICAgICAgIEFycmF5TW9k ZSBzaG91bGQgbm90IGNvbnNpZGVyIFNwZWNPdGhlciB3aGVuIHJlZmluaW5nIHRoZSBiYXNlCklu ZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1NwZWN1bGF0aXZlSklUMzJfNjQuY3Bw Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHU3BlY3VsYXRpdmVK SVQzMl82NC5jcHAJKHJldmlzaW9uIDE0Njg5NSkKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9k ZmcvREZHU3BlY3VsYXRpdmVKSVQzMl82NC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTExNzMsNyAr MTE3Myw3IEBAIEdQUlJlZyBTcGVjdWxhdGl2ZUpJVDo6ZmlsbFNwZWN1bGF0ZUNlbGwKIEdQUlJl ZyBTcGVjdWxhdGl2ZUpJVDo6ZmlsbFNwZWN1bGF0ZUJvb2xlYW4oRWRnZSBlZGdlKQogewogI2lm IERGR19FTkFCTEUoREVCVUdfVkVSQk9TRSkKLSAgICBkYXRhTG9nRigiU3BlY0Jvb2xAJWQgICAi LCBub2RlLT5pbmRleCgpKTsKKyAgICBkYXRhTG9nRigiU3BlY0Jvb2xAJWQgICAiLCBlZGdlLm5v ZGUoKS0+aW5kZXgoKSk7CiAjZW5kaWYKICAgICBBYnN0cmFjdFZhbHVlJiB2YWx1ZSA9IG1fc3Rh dGUuZm9yTm9kZShlZGdlKTsKICAgICBTcGVjdWxhdGVkVHlwZSB0eXBlID0gdmFsdWUubV90eXBl OwpJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdTcGVjdWxhdGl2ZUpJVC5jcHAK PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdTcGVjdWxhdGl2ZUpJ VC5jcHAJKHJldmlzaW9uIDE0Njg5NSkKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZH U3BlY3VsYXRpdmVKSVQuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC0yMTA0LDcgKzIxMDQsNyBAQCBH ZW5lcmF0ZWRPcGVyYW5kVHlwZSBTcGVjdWxhdGl2ZUpJVDo6Y2hlCiAgICAgICAgICAgICBpZiAo aXNOdW1iZXJDb25zdGFudChub2RlKSkKICAgICAgICAgICAgICAgICByZXR1cm4gR2VuZXJhdGVk T3BlcmFuZERvdWJsZTsKIAotICAgICAgICAgICAgdGVybWluYXRlU3BlY3VsYXRpdmVFeGVjdXRp b24oVW5jb3VudGFibGUsIEpTVmFsdWVSZWdzKCksIDApOworICAgICAgICAgICAgbV9jb21waWxl T2theSA9IGZhbHNlOwogICAgICAgICAgICAgcmV0dXJuIEdlbmVyYXRlZE9wZXJhbmRUeXBlVW5r bm93bjsKICAgICAgICAgfQogCg==