121001 2013-09-08 02:00:59 -0700 [Win] Javascript crash with DFG JIT enabled. 2013-10-25 14:59:59 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) PC Unspecified RESOLVED FIXED PlatformOnly P2 Normal --- 120998 0 peavo webkit-unassigned bfulgham commit-queue fpizlo ggaren mhahnenberg szkarlen oldest_to_newest 926411 0 peavo 2013-09-08 02:00:59 -0700 When I run with DFG JIT enabled on Windows, I'm frequently getting a NULL pointer access violation crash (writing). The offending assembler instruction is: 07273082 movsd mmword ptr ds:[0],xmm0 I have traced this down to the code generation in the function osrExitGenerationThunkGenerator in DFGThunks.cpp. The problem seems to be that using register GPRInfo::regT0 as parameter (e.g. JIT::storeDouble(..., GPRInfo::regT0)), results in a call to JIT::storeDouble(FPRegisterID src, const void* address) on Windows, where the address parameter gets the value of GPRInfo::regT0, which is 0 (eax on Windows). This causes the register to be written to address 0, hence the crash. I assume the intention here is to write the register to the address in regT0. This is the stacktrace of the crash: 07273082() JavaScriptCore.dll!JSC::JITCode::execute(JSC::JSStack * stack, JSC::ExecState * callFrame, JSC::VM * vm) Line 46 + 0x1e bytes C++ JavaScriptCore.dll!JSC::Interpreter::execute(JSC::ProgramExecutable * program, JSC::ExecState * callFrame, JSC::JSObject * thisObj) Line 844 + 0x36 bytes C++ JavaScriptCore.dll!JSC::evaluate(JSC::ExecState * exec, const JSC::SourceCode & source, JSC::JSValue thisValue, JSC::JSValue * returnedException) Line 85 C++ WebKit.dll!WebCore::JSMainThreadExecState::evaluate(JSC::ExecState * exec, const JSC::SourceCode & source, JSC::JSValue thisValue, JSC::JSValue * exception) Line 61 + 0x20 bytes C++ WebKit.dll!WebCore::ScriptController::evaluateInWorld(const WebCore::ScriptSourceCode & sourceCode, WebCore::DOMWrapperWorld * world) Line 142 + 0x23 bytes C++ WebKit.dll!WebCore::ScriptController::evaluate(const WebCore::ScriptSourceCode & sourceCode) Line 158 + 0x16 bytes C++ WebKit.dll!WebCore::ScriptElement::executeScript(const WebCore::ScriptSourceCode & sourceCode) Line 315 + 0x17 bytes C++ WebKit.dll!WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript & pendingScript) Line 151 C++ WebKit.dll!WebCore::HTMLScriptRunner::executeParsingBlockingScript() Line 123 C++ WebKit.dll!WebCore::HTMLScriptRunner::executeParsingBlockingScripts() Line 201 + 0x8 bytes C++ WebKit.dll!WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element> scriptElement, const WTF::TextPosition & scriptStartPosition) Line 191 C++ WebKit.dll!WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() Line 273 C++ WebKit.dll!WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode mode, WebCore::PumpSession & session) Line 292 C++ WebKit.dll!WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode mode) Line 536 + 0x10 bytes C++ WebKit.dll!WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode mode) Line 237 C++ WebKit.dll!WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() Line 899 C++ WebKit.dll!WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource * cachedResource) Line 939 C++ WebKit.dll!WebCore::CachedResource::checkNotify() Line 369 + 0x13 bytes C++ WebKit.dll!WebCore::CachedResource::finishLoading(WebCore::ResourceBuffer * __formal) Line 385 + 0xf bytes C++ WebKit.dll!WebCore::CachedScript::finishLoading(WebCore::ResourceBuffer * data) Line 90 C++ WebKit.dll!WebCore::SubresourceLoader::didFinishLoading(double finishTime) Line 283 + 0x26 bytes C++ WebKit.dll!WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle * __formal, double finishTime) Line 489 + 0x18 bytes C++ WebKit.dll!WebCore::ResourceHandleManager::downloadTimerCallback(WebCore::Timer<WebCore::ResourceHandleManager> * __formal) Line 570 + 0x35 bytes C++ WebKit.dll!WebCore::Timer<WebCore::ResourceLoadScheduler>::fired() Line 114 + 0x23 bytes C++ WebKit.dll!WebCore::ThreadTimers::sharedTimerFiredInternal() Line 129 + 0xf bytes C++ WebKit.dll!WebCore::ThreadTimers::sharedTimerFired() Line 106 C++ WebKit.dll!WebCore::TimerWindowWndProc(HWND__ * hWnd, unsigned int message, unsigned int wParam, long lParam) Line 110 + 0x8 bytes C++ 926412 1 210972 peavo 2013-09-08 02:06:19 -0700 Created attachment 210972 Patch 926437 2 210972 fpizlo 2013-09-08 08:34:33 -0700 Comment on attachment 210972 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=210972&action=review > Source/JavaScriptCore/dfg/DFGThunks.cpp:56 > + jit.storeDouble(FPRInfo::toRegister(i), MacroAssembler::ImplicitAddress(GPRInfo::regT0)); Use Address not ImplicitAddres. 926586 3 211012 peavo 2013-09-08 23:55:25 -0700 Created attachment 211012 Patch 931760 4 szkarlen 2013-09-21 01:56:37 -0700 (In reply to comment #3) > Created an attachment (id=211012) [details] > Patch Hi! Provided patch resolves some issues, but there still crash behavior - using loops (with iteration > 100) JSC just crashes. 941492 5 214651 peavo 2013-10-19 05:18:47 -0700 Created attachment 214651 Patch 941493 6 peavo 2013-10-19 05:21:10 -0700 Upgraded the patch with changes in trunk. The same fix was also needed in dfg/DFGOSRExitCompiler32_64.cpp. I also added an assert if we try to generate code which writes to a null pointer. 943758 7 214651 ggaren 2013-10-25 14:35:18 -0700 Comment on attachment 214651 Patch r=me Would be nice to make the GPRInfo::regT0 type incompatible with void*, so this became a compile error. 943777 8 214651 commit-queue 2013-10-25 14:59:56 -0700 Comment on attachment 214651 Patch Clearing flags on attachment: 214651 Committed r158057: <http://trac.webkit.org/changeset/158057> 943778 9 commit-queue 2013-10-25 14:59:59 -0700 All reviewed patches have been landed. Closing bug. 210972 2013-09-08 02:06:19 -0700 2013-09-08 23:55:18 -0700 Patch bug-121001-20130908110601.patch text/plain 2517 peavo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTU1MjkzKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDEzIEBA CisyMDEzLTA5LTA4ICBwZWF2b0BvdXRsb29rLmNvbSAgPHBlYXZvQG91dGxvb2suY29tPgorCisg ICAgICAgIFtXaW5dIEphdmFzY3JpcHQgY3Jhc2ggd2l0aCBERkcgSklUIGVuYWJsZWQuCisgICAg ICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xMjEwMDEKKworICAg ICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICAqIGRmZy9ERkdUaHVu a3MuY3BwOgorICAgICAgICAoSlNDOjpERkc6Om9zckV4aXRHZW5lcmF0aW9uVGh1bmtHZW5lcmF0 b3IpOiBVc2UgaW1wbGljaXQgYWRkcmVzcy4KKwogMjAxMy0wOS0wNyAgRmlsaXAgUGl6bG8gIDxm cGl6bG9AYXBwbGUuY29tPgogCiAgICAgICAgIEZUTCBzaG91bGQgc3VwcG9ydCB0eXBlZCBhcnJh eSBQdXRCeVZhbApJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdUaHVua3MuY3Bw Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHVGh1bmtzLmNwcAko cmV2aXNpb24gMTU1MjQ3KQorKysgU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdUaHVua3Mu Y3BwCSh3b3JraW5nIGNvcHkpCkBAIC01MywxMiArNTMsMTIgQEAgTWFjcm9Bc3NlbWJsZXJDb2Rl UmVmIG9zckV4aXRHZW5lcmF0aW9uVAogICAgIH0KICAgICBmb3IgKHVuc2lnbmVkIGkgPSAwOyBp IDwgRlBSSW5mbzo6bnVtYmVyT2ZSZWdpc3RlcnM7ICsraSkgewogICAgICAgICBqaXQubW92ZShN YWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZEltbVB0cihidWZmZXIgKyBHUFJJbmZvOjpudW1iZXJPZlJl Z2lzdGVycyArIGkpLCBHUFJJbmZvOjpyZWdUMCk7Ci0gICAgICAgIGppdC5zdG9yZURvdWJsZShG UFJJbmZvOjp0b1JlZ2lzdGVyKGkpLCBHUFJJbmZvOjpyZWdUMCk7CisgICAgICAgIGppdC5zdG9y ZURvdWJsZShGUFJJbmZvOjp0b1JlZ2lzdGVyKGkpLCBNYWNyb0Fzc2VtYmxlcjo6SW1wbGljaXRB ZGRyZXNzKEdQUkluZm86OnJlZ1QwKSk7CiAgICAgfQogICAgIAogICAgIC8vIFRlbGwgR0MgbWFy ayBwaGFzZSBob3cgbXVjaCBvZiB0aGUgc2NyYXRjaCBidWZmZXIgaXMgYWN0aXZlIGR1cmluZyBj YWxsLgogICAgIGppdC5tb3ZlKE1hY3JvQXNzZW1ibGVyOjpUcnVzdGVkSW1tUHRyKHNjcmF0Y2hC dWZmZXItPmFjdGl2ZUxlbmd0aFB0cigpKSwgR1BSSW5mbzo6cmVnVDApOwotICAgIGppdC5zdG9y ZVB0cihNYWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZEltbVB0cihzY3JhdGNoU2l6ZSksIEdQUkluZm86 OnJlZ1QwKTsKKyAgICBqaXQuc3RvcmVQdHIoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIo c2NyYXRjaFNpemUpLCBNYWNyb0Fzc2VtYmxlcjo6SW1wbGljaXRBZGRyZXNzKEdQUkluZm86OnJl Z1QwKSk7CiAKICAgICAvLyBTZXQgdXAgb25lIGFyZ3VtZW50LgogI2lmIENQVShYODYpCkBAIC03 MCwxMSArNzAsMTEgQEAgTWFjcm9Bc3NlbWJsZXJDb2RlUmVmIG9zckV4aXRHZW5lcmF0aW9uVAog ICAgIE1hY3JvQXNzZW1ibGVyOjpDYWxsIGZ1bmN0aW9uQ2FsbCA9IGppdC5jYWxsKCk7CiAKICAg ICBqaXQubW92ZShNYWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZEltbVB0cihzY3JhdGNoQnVmZmVyLT5h Y3RpdmVMZW5ndGhQdHIoKSksIEdQUkluZm86OnJlZ1QwKTsKLSAgICBqaXQuc3RvcmVQdHIoTWFj cm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoMCksIEdQUkluZm86OnJlZ1QwKTsKKyAgICBqaXQu c3RvcmVQdHIoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoMCksIE1hY3JvQXNzZW1ibGVy OjpJbXBsaWNpdEFkZHJlc3MoR1BSSW5mbzo6cmVnVDApKTsKIAogICAgIGZvciAodW5zaWduZWQg aSA9IDA7IGkgPCBGUFJJbmZvOjpudW1iZXJPZlJlZ2lzdGVyczsgKytpKSB7CiAgICAgICAgIGpp dC5tb3ZlKE1hY3JvQXNzZW1ibGVyOjpUcnVzdGVkSW1tUHRyKGJ1ZmZlciArIEdQUkluZm86Om51 bWJlck9mUmVnaXN0ZXJzICsgaSksIEdQUkluZm86OnJlZ1QwKTsKLSAgICAgICAgaml0LmxvYWRE b3VibGUoR1BSSW5mbzo6cmVnVDAsIEZQUkluZm86OnRvUmVnaXN0ZXIoaSkpOworICAgICAgICBq aXQubG9hZERvdWJsZShNYWNyb0Fzc2VtYmxlcjo6SW1wbGljaXRBZGRyZXNzKEdQUkluZm86OnJl Z1QwKSwgRlBSSW5mbzo6dG9SZWdpc3RlcihpKSk7CiAgICAgfQogICAgIGZvciAodW5zaWduZWQg aSA9IDA7IGkgPCBHUFJJbmZvOjpudW1iZXJPZlJlZ2lzdGVyczsgKytpKSB7CiAjaWYgVVNFKEpT VkFMVUU2NCkK 211012 2013-09-08 23:55:25 -0700 2013-10-19 05:18:38 -0700 Patch bug-121001-20130909085522.patch text/plain 2498 peavo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTU1MjkzKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDEzIEBA CisyMDEzLTA5LTA4ICBwZWF2b0BvdXRsb29rLmNvbSAgPHBlYXZvQG91dGxvb2suY29tPgorCisg ICAgICAgIFtXaW5dIEphdmFzY3JpcHQgY3Jhc2ggd2l0aCBERkcgSklUIGVuYWJsZWQuCisgICAg ICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xMjEwMDEKKworICAg ICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICAqIGRmZy9ERkdUaHVu a3MuY3BwOgorICAgICAgICAoSlNDOjpERkc6Om9zckV4aXRHZW5lcmF0aW9uVGh1bmtHZW5lcmF0 b3IpOiBVc2UgYWRkcmVzcyBpbiByZWdUMCBhcyBwYXJhbWV0ZXIuCisKIDIwMTMtMDktMDcgIEZp bGlwIFBpemxvICA8ZnBpemxvQGFwcGxlLmNvbT4KIAogICAgICAgICBGVEwgc2hvdWxkIHN1cHBv cnQgdHlwZWQgYXJyYXkgUHV0QnlWYWwKSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcv REZHVGh1bmtzLmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RG R1RodW5rcy5jcHAJKHJldmlzaW9uIDE1NTI0NykKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9k ZmcvREZHVGh1bmtzLmNwcAkod29ya2luZyBjb3B5KQpAQCAtNTMsMTIgKzUzLDEyIEBAIE1hY3Jv QXNzZW1ibGVyQ29kZVJlZiBvc3JFeGl0R2VuZXJhdGlvblQKICAgICB9CiAgICAgZm9yICh1bnNp Z25lZCBpID0gMDsgaSA8IEZQUkluZm86Om51bWJlck9mUmVnaXN0ZXJzOyArK2kpIHsKICAgICAg ICAgaml0Lm1vdmUoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoYnVmZmVyICsgR1BSSW5m bzo6bnVtYmVyT2ZSZWdpc3RlcnMgKyBpKSwgR1BSSW5mbzo6cmVnVDApOwotICAgICAgICBqaXQu c3RvcmVEb3VibGUoRlBSSW5mbzo6dG9SZWdpc3RlcihpKSwgR1BSSW5mbzo6cmVnVDApOworICAg ICAgICBqaXQuc3RvcmVEb3VibGUoRlBSSW5mbzo6dG9SZWdpc3RlcihpKSwgTWFjcm9Bc3NlbWJs ZXI6OkFkZHJlc3MoR1BSSW5mbzo6cmVnVDApKTsKICAgICB9CiAgICAgCiAgICAgLy8gVGVsbCBH QyBtYXJrIHBoYXNlIGhvdyBtdWNoIG9mIHRoZSBzY3JhdGNoIGJ1ZmZlciBpcyBhY3RpdmUgZHVy aW5nIGNhbGwuCiAgICAgaml0Lm1vdmUoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoc2Ny YXRjaEJ1ZmZlci0+YWN0aXZlTGVuZ3RoUHRyKCkpLCBHUFJJbmZvOjpyZWdUMCk7Ci0gICAgaml0 LnN0b3JlUHRyKE1hY3JvQXNzZW1ibGVyOjpUcnVzdGVkSW1tUHRyKHNjcmF0Y2hTaXplKSwgR1BS SW5mbzo6cmVnVDApOworICAgIGppdC5zdG9yZVB0cihNYWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZElt bVB0cihzY3JhdGNoU2l6ZSksIE1hY3JvQXNzZW1ibGVyOjpBZGRyZXNzKEdQUkluZm86OnJlZ1Qw KSk7CiAKICAgICAvLyBTZXQgdXAgb25lIGFyZ3VtZW50LgogI2lmIENQVShYODYpCkBAIC03MCwx MSArNzAsMTEgQEAgTWFjcm9Bc3NlbWJsZXJDb2RlUmVmIG9zckV4aXRHZW5lcmF0aW9uVAogICAg IE1hY3JvQXNzZW1ibGVyOjpDYWxsIGZ1bmN0aW9uQ2FsbCA9IGppdC5jYWxsKCk7CiAKICAgICBq aXQubW92ZShNYWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZEltbVB0cihzY3JhdGNoQnVmZmVyLT5hY3Rp dmVMZW5ndGhQdHIoKSksIEdQUkluZm86OnJlZ1QwKTsKLSAgICBqaXQuc3RvcmVQdHIoTWFjcm9B c3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoMCksIEdQUkluZm86OnJlZ1QwKTsKKyAgICBqaXQuc3Rv cmVQdHIoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoMCksIE1hY3JvQXNzZW1ibGVyOjpB ZGRyZXNzKEdQUkluZm86OnJlZ1QwKSk7CiAKICAgICBmb3IgKHVuc2lnbmVkIGkgPSAwOyBpIDwg RlBSSW5mbzo6bnVtYmVyT2ZSZWdpc3RlcnM7ICsraSkgewogICAgICAgICBqaXQubW92ZShNYWNy b0Fzc2VtYmxlcjo6VHJ1c3RlZEltbVB0cihidWZmZXIgKyBHUFJJbmZvOjpudW1iZXJPZlJlZ2lz dGVycyArIGkpLCBHUFJJbmZvOjpyZWdUMCk7Ci0gICAgICAgIGppdC5sb2FkRG91YmxlKEdQUklu Zm86OnJlZ1QwLCBGUFJJbmZvOjp0b1JlZ2lzdGVyKGkpKTsKKyAgICAgICAgaml0LmxvYWREb3Vi bGUoTWFjcm9Bc3NlbWJsZXI6OkFkZHJlc3MoR1BSSW5mbzo6cmVnVDApLCBGUFJJbmZvOjp0b1Jl Z2lzdGVyKGkpKTsKICAgICB9CiAgICAgZm9yICh1bnNpZ25lZCBpID0gMDsgaSA8IEdQUkluZm86 Om51bWJlck9mUmVnaXN0ZXJzOyArK2kpIHsKICNpZiBVU0UoSlNWQUxVRTY0KQo= 214651 2013-10-19 05:18:47 -0700 2013-10-25 14:59:56 -0700 Patch bug-121001-20131019141801.patch text/plain 4302 peavo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTU3NjY0KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIyIEBA CisyMDEzLTEwLTE5ICBwZWF2b0BvdXRsb29rLmNvbSAgPHBlYXZvQG91dGxvb2suY29tPgorCisg ICAgICAgIFtXaW5dIEphdmFzY3JpcHQgY3Jhc2ggd2l0aCBERkcgSklUIGVuYWJsZWQuCisgICAg ICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xMjEwMDEKKworICAg ICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBPbiB3aW5kb3dzLCB1 c2luZyByZWdpc3RlciBHUFJJbmZvOjpyZWdUMCBhcyBwYXJhbWV0ZXIgdG8gZS5nLiBKSVQ6OnN0 b3JlRG91YmxlKC4uLiwgR1BSSW5mbzo6cmVnVDApKSwKKyAgICAgICAgcmVzdWx0cyBpbiBhIGNh bGwgdG8gSklUOjpzdG9yZURvdWJsZShGUFJlZ2lzdGVySUQgc3JjLCBjb25zdCB2b2lkKiBhZGRy ZXNzKSwKKyAgICAgICAgd2hlcmUgdGhlIGFkZHJlc3MgcGFyYW1ldGVyIGdldHMgdGhlIHZhbHVl IG9mIEdQUkluZm86OnJlZ1QwLCB3aGljaCBpcyAwIChlYXggb24gV2luZG93cykuCisgICAgICAg IFRoaXMgY2F1c2VzIHRoZSByZWdpc3RlciB0byBiZSB3cml0dGVuIHRvIGFkZHJlc3MgMCwgaGVu Y2UgdGhlIGNyYXNoLgorICAKKyAgICAgICAgKiBhc3NlbWJsZXIvTWFjcm9Bc3NlbWJsZXJYODYu aDoKKyAgICAgICAgKEpTQzo6TWFjcm9Bc3NlbWJsZXJYODY6OnN0b3JlRG91YmxlKTogQXNzZXJ0 IGlmIHdlIHRyeSB0byBnZW5lcmF0ZSBjb2RlIHdoaWNoIHdyaXRlcyB0byBhIG51bGwgcG9pbnRl ci4KKyAgICAgICAgKiBkZmcvREZHT1NSRXhpdENvbXBpbGVyMzJfNjQuY3BwOgorICAgICAgICAo SlNDOjpERkc6Ok9TUkV4aXRDb21waWxlcjo6Y29tcGlsZUV4aXQpOiBVc2UgYWRkcmVzcyBpbiBy ZWdUMCBhcyBwYXJhbWV0ZXIuCisgICAgICAgICogZGZnL0RGR1RodW5rcy5jcHA6CisgICAgICAg IChKU0M6OkRGRzo6b3NyRXhpdEdlbmVyYXRpb25UaHVua0dlbmVyYXRvcik6IERpdHRvLgorCiAy MDEzLTEwLTE4ICBGaWxpcCBQaXpsbyAgPGZwaXpsb0BhcHBsZS5jb20+CiAKICAgICAgICAgVW5y ZXZpZXdlZCwgZml4IEZUTCBidWlsZC4KSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9hc3Nl bWJsZXIvTWFjcm9Bc3NlbWJsZXJYODYuaAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlw dENvcmUvYXNzZW1ibGVyL01hY3JvQXNzZW1ibGVyWDg2LmgJKHJldmlzaW9uIDE1NzY2MykKKysr IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9hc3NlbWJsZXIvTWFjcm9Bc3NlbWJsZXJYODYuaAkod29y a2luZyBjb3B5KQpAQCAtMTE5LDYgKzExOSw3IEBAIHB1YmxpYzoKICAgICB2b2lkIHN0b3JlRG91 YmxlKEZQUmVnaXN0ZXJJRCBzcmMsIGNvbnN0IHZvaWQqIGFkZHJlc3MpCiAgICAgewogICAgICAg ICBBU1NFUlQoaXNTU0UyUHJlc2VudCgpKTsKKyAgICAgICAgQVNTRVJUKGFkZHJlc3MpOwogICAg ICAgICBtX2Fzc2VtYmxlci5tb3ZzZF9ybShzcmMsIGFkZHJlc3MpOwogICAgIH0KIApJbmRleDog U291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdPU1JFeGl0Q29tcGlsZXIzMl82NC5jcHAKPT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdPU1JFeGl0Q29tcGlsZXIz Ml82NC5jcHAJKHJldmlzaW9uIDE1NzY2MykKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcv REZHT1NSRXhpdENvbXBpbGVyMzJfNjQuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC0yMzAsNyArMjMw LDcgQEAgdm9pZCBPU1JFeGl0Q29tcGlsZXI6OmNvbXBpbGVFeGl0KGNvbnN0CiAgICAgICAgIHN3 aXRjaCAocmVjb3ZlcnkudGVjaG5pcXVlKCkpIHsKICAgICAgICAgY2FzZSBJbkZQUjoKICAgICAg ICAgICAgIG1faml0Lm1vdmUoQXNzZW1ibHlIZWxwZXJzOjpUcnVzdGVkSW1tUHRyKHNjcmF0Y2gg KyBpbmRleCksIEdQUkluZm86OnJlZ1QwKTsKLSAgICAgICAgICAgIG1faml0LnN0b3JlRG91Ymxl KHJlY292ZXJ5LmZwcigpLCBHUFJJbmZvOjpyZWdUMCk7CisgICAgICAgICAgICBtX2ppdC5zdG9y ZURvdWJsZShyZWNvdmVyeS5mcHIoKSwgTWFjcm9Bc3NlbWJsZXI6OkFkZHJlc3MoR1BSSW5mbzo6 cmVnVDApKTsKICAgICAgICAgICAgIGJyZWFrOwogICAgICAgICAgICAgCiAgICAgICAgIGRlZmF1 bHQ6CkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1RodW5rcy5jcHAKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdUaHVua3MuY3BwCShyZXZpc2lv biAxNTc2NjMpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1RodW5rcy5jcHAJKHdv cmtpbmcgY29weSkKQEAgLTUzLDEyICs1MywxMiBAQCBNYWNyb0Fzc2VtYmxlckNvZGVSZWYgb3Ny RXhpdEdlbmVyYXRpb25UCiAgICAgfQogICAgIGZvciAodW5zaWduZWQgaSA9IDA7IGkgPCBGUFJJ bmZvOjpudW1iZXJPZlJlZ2lzdGVyczsgKytpKSB7CiAgICAgICAgIGppdC5tb3ZlKE1hY3JvQXNz ZW1ibGVyOjpUcnVzdGVkSW1tUHRyKGJ1ZmZlciArIEdQUkluZm86Om51bWJlck9mUmVnaXN0ZXJz ICsgaSksIEdQUkluZm86OnJlZ1QwKTsKLSAgICAgICAgaml0LnN0b3JlRG91YmxlKEZQUkluZm86 OnRvUmVnaXN0ZXIoaSksIEdQUkluZm86OnJlZ1QwKTsKKyAgICAgICAgaml0LnN0b3JlRG91Ymxl KEZQUkluZm86OnRvUmVnaXN0ZXIoaSksIE1hY3JvQXNzZW1ibGVyOjpBZGRyZXNzKEdQUkluZm86 OnJlZ1QwKSk7CiAgICAgfQogICAgIAogICAgIC8vIFRlbGwgR0MgbWFyayBwaGFzZSBob3cgbXVj aCBvZiB0aGUgc2NyYXRjaCBidWZmZXIgaXMgYWN0aXZlIGR1cmluZyBjYWxsLgogICAgIGppdC5t b3ZlKE1hY3JvQXNzZW1ibGVyOjpUcnVzdGVkSW1tUHRyKHNjcmF0Y2hCdWZmZXItPmFjdGl2ZUxl bmd0aFB0cigpKSwgR1BSSW5mbzo6cmVnVDApOwotICAgIGppdC5zdG9yZVB0cihNYWNyb0Fzc2Vt Ymxlcjo6VHJ1c3RlZEltbVB0cihzY3JhdGNoU2l6ZSksIEdQUkluZm86OnJlZ1QwKTsKKyAgICBq aXQuc3RvcmVQdHIoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW1QdHIoc2NyYXRjaFNpemUpLCBN YWNyb0Fzc2VtYmxlcjo6QWRkcmVzcyhHUFJJbmZvOjpyZWdUMCkpOwogCiAgICAgLy8gU2V0IHVw IG9uZSBhcmd1bWVudC4KICNpZiBDUFUoWDg2KQpAQCAtNzAsMTEgKzcwLDExIEBAIE1hY3JvQXNz ZW1ibGVyQ29kZVJlZiBvc3JFeGl0R2VuZXJhdGlvblQKICAgICBNYWNyb0Fzc2VtYmxlcjo6Q2Fs bCBmdW5jdGlvbkNhbGwgPSBqaXQuY2FsbCgpOwogCiAgICAgaml0Lm1vdmUoTWFjcm9Bc3NlbWJs ZXI6OlRydXN0ZWRJbW1QdHIoc2NyYXRjaEJ1ZmZlci0+YWN0aXZlTGVuZ3RoUHRyKCkpLCBHUFJJ bmZvOjpyZWdUMCk7Ci0gICAgaml0LnN0b3JlUHRyKE1hY3JvQXNzZW1ibGVyOjpUcnVzdGVkSW1t UHRyKDApLCBHUFJJbmZvOjpyZWdUMCk7CisgICAgaml0LnN0b3JlUHRyKE1hY3JvQXNzZW1ibGVy OjpUcnVzdGVkSW1tUHRyKDApLCBNYWNyb0Fzc2VtYmxlcjo6QWRkcmVzcyhHUFJJbmZvOjpyZWdU MCkpOwogCiAgICAgZm9yICh1bnNpZ25lZCBpID0gMDsgaSA8IEZQUkluZm86Om51bWJlck9mUmVn aXN0ZXJzOyArK2kpIHsKICAgICAgICAgaml0Lm1vdmUoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJ bW1QdHIoYnVmZmVyICsgR1BSSW5mbzo6bnVtYmVyT2ZSZWdpc3RlcnMgKyBpKSwgR1BSSW5mbzo6 cmVnVDApOwotICAgICAgICBqaXQubG9hZERvdWJsZShHUFJJbmZvOjpyZWdUMCwgRlBSSW5mbzo6 dG9SZWdpc3RlcihpKSk7CisgICAgICAgIGppdC5sb2FkRG91YmxlKE1hY3JvQXNzZW1ibGVyOjpB ZGRyZXNzKEdQUkluZm86OnJlZ1QwKSwgRlBSSW5mbzo6dG9SZWdpc3RlcihpKSk7CiAgICAgfQog ICAgIGZvciAodW5zaWduZWQgaSA9IDA7IGkgPCBHUFJJbmZvOjpudW1iZXJPZlJlZ2lzdGVyczsg KytpKSB7CiAjaWYgVVNFKEpTVkFMVUU2NCkK