12586 2007-02-04 11:00:00 -0800 PAC file: malloc deadlock sometimes causes a hang @ www.apple.com/pro/profiles/ (12586) 2007-03-07 07:50:54 -0800 1 1 1 Unclassified WebKit WebCore JavaScript 420+ Mac OS X 10.4 RESOLVED FIXED InRadar P1 Normal --- 1 mjs webkit-unassigned oldest_to_newest 28335 0 mjs 2007-02-04 11:00:00 -0800 2006-06-06 17:10:07 Geoff Garen: Reason for clone: Must fix in Leopard, although tcmalloc makes this issue less likely. <original text: begin> 6/5/06 12:46 PM Chris Petersen: * SUMMARY I have encountered a random hang with both 8J123 and 8J2122 when attempting to load http://www.apple.com/pro/profiles/ when I use a PAC file * STEPS TO REPRODUCE 1. Download the attached test.pac file 2. Go to System Prefs - Network -Built in Ethernet. Click Proxies tab and check "Automatic Proxy Configuration". Click Choose file button and select the test.pac file. Click Apply Now. 3. Go to http://www.apple.com/pro/profiles/ 4. As the page is loading, Safari will hang for me ( CPU usage shows 191.5 in TOP) This hang occurs for me on both a Dual G5 and MBP . * RESULTS Page should load and no hang should occur but does. * REGRESSION Yes in 10.4.7 * NOTES I have attached the shark sample for the hang. </original text: end> 2006-06-06 17:10:08 Cloned from problemID rdar://problem/4573918 by: Geoff Garen. 2006-06-06 17:10:07 Geoff Garen: <original text: begin> 2006-06-05 12:52:17 Geoff Garen: Am I right in thinking that szone_malloc and szone_free have deadlocked in the attached sample? 2006-06-05 13:03:00 Alice Liu: that does make sense since the problem is not always reproducible. 2006-06-05 13:08:43 Geoff Garen: You can also see that KJS::PropertyMap::mark has called KWQPtrDictImpl::remove on an alternate thread, which is independently bad, because (1) KJS::PropertyMap::mark doesn't call KWQPtrDictImpl::remove -- maybe something got inlined, though. (2) This is likely a modification to a global data structure. 2006-06-05 13:20:00 Geoff Garen: Alice, what I was really asking was, how can szone_malloc/free be to blame here -- wouldn't we see this problem across all threaded applications? 2006-06-05 13:52:37 Brenda Cicerone: does not hang for me. 2006-06-05 15:08:58 Chris Petersen: I can reproduce on 8J123 with 25 - 50% of the time with using the attached PAC file setting. To make the steps easier try this: 1) Add http://www.apple.com/pro/profiles/ to bookmark bar. 2) Reset Safari, quit and relaunch 3) After default page loads, click on bookmark 4) This page does take a few second to load. If hang does occur while it's loading, repeat Steps 2 -3. Like I said, this problem occurs anywhere from 25 - 50% of time for me with these steps under 8J123 on my Dual G5. 2006-06-05 15:23:24 Timothy Hatcher: This will be easier to reproduce on a multi-processor machine since it is a thread deadlock bug. 2006-06-05 15:57:58 Chris Petersen: FWIW, This isn't occur on TOT on the same Dual G5. 2006-06-05 16:45:00 Chris Petersen: Attaching samples from two separate hangs on my Dual G5. 2006-06-05 17:23:59 David Harrison: It looks to me like several threads are hung waiting for the lock that the first thread holds and will never relinquish because it is infinite-looping inside of szone_free. A plausible explanation for not leaving szone_free is that the heap is corrupt. Also, it turns out that DOMNode::mark() calls remove(), so it looks like Sample just missed including DOMNode::mark() in the backtrace. 2006-06-05 17:26:46 David Harrison: Chris' new samples show the first thread stuck in malloc rather than free. Does not otherwise change my comments. 2006-06-05 18:17:57 Geoff Garen: I'm going to try some MallocScribbling on my dual g5 machine tomorrow. If only Safari could run under libgmalloc... 2006-06-06 09:59:36 Timothy Hatcher: I have tried reproducing with MallocScribble, MallocCheckHeapStart and the GUI MallocDebug. The hang still happens in all of these cases, none caused a crash. MallocCheckHeapStart caused Safari to hang in szone_check called from malloc, lending to Harrison's trashed heap theory. I also tried libgmalloc a couple of times, but the hang never reproduced. Running MallocDebug with the "zero freed memory" option on, the hang never reproduces. Turning this option off and it will reproduce under MallocDebug, but never crashes. 2006-06-06 11:05:40 Geoff Garen: With the steps above on a dual g5, I actually got a crash in this function: void *KWQPtrDictImpl::find(void *key) const { return (void *)CFDictionaryGetValue(d->cfdict, key); } #3 0x907d8bc4 in __CFDictionaryFindBuckets1a () <--- crash #4 0x907cda10 in CFDictionaryGetValue () #5 0x01710738 in KWQPtrDictImpl::find (this=0x1c3e048, key=0xc8e1300) at /Volumes/Home/Users/ggaren/Labyrinth-Branch/WebCore/kwq/KWQPtrDictImpl.mm:150 #6 0x01ac0858 in QPtrDict<DOM::NodeImpl>::find (this=0x1c3e040, key=0xc8e1300) at /Volumes/Home/Users/ggaren/Labyrinth-Branch/WebCore/kwq/KWQPtrDict.h:51 #7 0x017a86c8 in KJS::DOMNode::mark (this=0xc4be070) at /Volumes/Home/Users/ggaren/Labyrinth-Branch/WebCore/khtml/ecma/kjs_dom.cpp:128 #8 0x01799788 in KJS::DOMObjectsMarker::markOnAlternateThread (this=0xc438c78) at /Volumes/Home/Users/ggaren/Labyrinth-Branch/WebCore/khtml/ecma/kjs_binding.cpp:190 CFShow(this->d->cfdict) made gdb very unhappy, which leads me to believe that the dictionary was either (1) corrupt or (2) uninitialized/prematurely destroyed. 2006-06-06 11:22:06 Geoff Garen: Got the crash above again. Both times, I quit Safari while the profiles page was loading. 2006-06-06 11:23:17 Geoff Garen: p this->d $1 = (KWQPtrDictPrivate *) 0xc5f5ac0 Current language: auto; currently objective-c++ (gdb) p *$ $2 = { cfdict = 0x0, del = 0, iterators = 0x0 } (gdb) p this $3 = (const KWQPtrDictImpl * const) 0x1c3e048 (gdb) p *$ $4 = { d = 0xc5f5ac0 } [ up one frame ] (gdb) p this $5 = (QPtrDict<DOM::NodeImpl> * const) 0x1c3e040 Current language: auto; currently c++ (gdb) p *$ $6 = { <QPtrCollection> = { _vptr$QPtrCollection = 0x1bbdb58, del_item = false }, members of QPtrDict<DOM::NodeImpl>: impl = { d = 0xbfffc7cc } } [ up one frame ] (gdb) p markingRoots $7 = { <QPtrCollection> = { _vptr$QPtrCollection = 0x1bbdb58, del_item = false }, members of QPtrDict<DOM::NodeImpl>: impl = { d = 0xc5f5ac0 } } (gdb) 2006-06-06 12:42:49 Geoff Garen: Despite the seeming absurdity, I've confirmed that in the crashing case, the QPtrDict (along with its KWQPtrDictImpl and KWQPtrDictPrivate) has been deallocated (and has not been reallocated at the same address). The QPtrDict is a function static, so that's pretty bizarre. 2006-06-06 14:00:47 Geoff Garen: We've seen a case of a crash here, where parent() has been deleted: void InlineBox::remove() { if (parent()) parent()->removeChild(this); } This may be the ultimate cause of the heap corruption. Or not. Yay. 2006-06-06 16:48:29 Geoff Garen: We have a fix. Yay. 2006-06-06 17:08:36 Geoff Garen: Committed revision 14752. 2006-06-06 17:09:28 Geoff Garen: 'patch.txt' attached. </original text: end> Reason for clone: Must fix in Leopard, although tcmalloc makes this issue less likely. 2006-06-06 17:10:42 Geoff Garen: Things to do on TOT: in malloc and other potentially locking functions, assert we're not marking search for instances of malloc in ::mark apply branch fix to tot 2006-06-20 10:17:20 Alice Liu: Safari Leopard BRB Reviewed 2006-06-20 11:14:39 Alice Liu: Safari WWDC BRB Reviewed <rdar://problem/4576242> 20223 1 13509 ggaren 2007-03-06 23:09:10 -0800 Created attachment 13509 patch 20196 2 mjs 2007-03-07 00:50:09 -0800 fastMallocLock / fastMallocUnlock could maybe use better names, like fastMallocAllowed / fastMallocForbidden or somethig - there's no actual locking going on. +public: + bool m_inSubtreeMark : 1; + It might be worth adding a comment that now no more flags can be added to Node now without increasing the size of all DOM nodes on 32-bit systems. (There would be 16 in the bitfield plus the short above). I also wonder if some of the current flags can be removed to give us breathing room again. r=me 20187 3 13509 mjs 2007-03-07 01:00:35 -0800 Comment on attachment 13509 patch r=me 20050 4 ggaren 2007-03-07 07:50:54 -0800 Added a comment to Node.h. Changed names to "fastMallocForbid" and "fastMallocAllow." Committed revision 20019. 13509 2007-03-06 23:09:10 -0800 2007-03-07 01:00:35 -0800 patch patch-pac2.txt text/plain 8807 ggaren SW5kZXg6IEphdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBKYXZhU2NyaXB0 Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDIwMDA4KQorKysgSmF2YVNjcmlwdENvcmUvQ2hhbmdl TG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMjggQEAKKzIwMDctMDMtMDYgIEdlb2ZmcmV5 IEdhcmVuICA8Z2dhcmVuQGFwcGxlLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkg KE9PUFMhKS4KKyAgICAgICAgCisgICAgICAgIEZpeGVkIDxyZGFyOi8vcHJvYmxlbS80NTc2MjQy PiB8IGh0dHA6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTEyNTg2CisgICAgICAg IFBBQyBmaWxlOiBtYWxsb2MgZGVhZGxvY2sgc29tZXRpbWVzIGNhdXNlcyBhIGhhbmcgQCB3d3cu YXBwbGUuY29tL3Byby9wcm9maWxlcy8gKDEyNTg2KQorICAgICAgICAKKyAgICAgICAgVGhpcyBp cyBhIG1vZGlmaWVkIHZlcnNpb24gb2YgcjE0NzUyIG9uIHRoZSBicmFuY2guCisgICAgICAgIAor ICAgICAgICBUaGVzZSBjaGFuZ2VzIGp1c3QgYWRkIGRlYnVnZ2luZyBmdW5jdGlvbmFsaXR5LiBU aGV5IEFTU0VSVCB0aGF0IHdlIGRvbid0IAorICAgICAgICBtYWxsb2MgZHVyaW5nIHRoZSBtYXJr IHBoYXNlIG9mIGEgZ2FyYmFnZSBjb2xsZWN0aW9uLCB3aGljaCBjYW4gY2F1c2UgYQorICAgICAg ICBkZWFkbG9jay4KKworICAgICAgICAqIGtqcy9jb2xsZWN0b3IuY3BwOgorICAgICAgICAoS0pT OjpDb2xsZWN0b3I6OmNvbGxlY3QpOgorICAgICAgICAqIHd0Zi9GYXN0TWFsbG9jLmNwcDoKKyAg ICAgICAgKFdURjo6ZmFzdE1hbGxvY0xvY2spOgorICAgICAgICAoV1RGOjpmYXN0TWFsbG9jVW5s b2NrKToKKyAgICAgICAgKFdURjo6ZmFzdE1hbGxvYyk6CisgICAgICAgIChXVEY6OmZhc3RDYWxs b2MpOgorICAgICAgICAoV1RGOjpmYXN0RnJlZSk6CisgICAgICAgIChXVEY6OmZhc3RSZWFsbG9j KToKKyAgICAgICAgKFdURjo6ZG9fbWFsbG9jKToKKyAgICAgICAgKiB3dGYvRmFzdE1hbGxvYy5o OgorCiAyMDA3LTAzLTA2ICBHZW9mZnJleSBHYXJlbiAgPGdnYXJlbkBhcHBsZS5jb20+CiAKICAg ICAgICAgUmV2aWV3ZWQgYnkgTWFjaWVqIFN0YWNob3dpYWsuCkluZGV4OiBKYXZhU2NyaXB0Q29y ZS9ranMvY29sbGVjdG9yLmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBKYXZhU2NyaXB0Q29yZS9ranMvY29s bGVjdG9yLmNwcAkocmV2aXNpb24gMjAwMDQpCisrKyBKYXZhU2NyaXB0Q29yZS9ranMvY29sbGVj dG9yLmNwcAkod29ya2luZyBjb3B5KQpAQCAtNTYyLDYgKzU2MiwxNSBAQCBib29sIENvbGxlY3Rv cjo6Y29sbGVjdCgpCiAgICAgYm9vbCBjdXJyZW50VGhyZWFkSXNNYWluVGhyZWFkID0gdHJ1ZTsK ICNlbmRpZgogICAgIAorICAvLyBNQVJLOiBmaXJzdCBtYXJrIGFsbCByZWZlcmVuY2VkIG9iamVj dHMgcmVjdXJzaXZlbHkgc3RhcnRpbmcgb3V0IGZyb20gdGhlIHNldCBvZiByb290IG9iamVjdHMK KworI2lmbmRlZiBOREVCVUcKKyAgLy8gUHJvaGliaXQgbWFsbG9jIGR1cmluZyB0aGUgbWFyayBw aGFzZS4gTWFya2luZyBhIHRocmVhZCBzdXNwZW5kcyBpdCwgc28gCisgIC8vIGEgbWFsbG9jIGlu c2lkZSBtYXJrKCkgd291bGQgcmlzayBhIGRlYWRsb2NrIHdpdGggYSB0aHJlYWQgdGhhdCBoYWQg YmVlbiAKKyAgLy8gc3VzcGVuZGVkIHdoaWxlIGhvbGRpbmcgdGhlIG1hbGxvYyBsb2NrLgorICBm YXN0TWFsbG9jTG9jaygpOworI2VuZGlmCisKICAgaWYgKEludGVycHJldGVyOjpzX2hvb2spIHsK ICAgICBJbnRlcnByZXRlciogc2NyID0gSW50ZXJwcmV0ZXI6OnNfaG9vazsKICAgICBkbyB7CkBA IC01NzAsMTQgKzU3OSwxNiBAQCBib29sIENvbGxlY3Rvcjo6Y29sbGVjdCgpCiAgICAgfSB3aGls ZSAoc2NyICE9IEludGVycHJldGVyOjpzX2hvb2spOwogICB9CiAKLSAgLy8gTUFSSzogZmlyc3Qg bWFyayBhbGwgcmVmZXJlbmNlZCBvYmplY3RzIHJlY3Vyc2l2ZWx5IHN0YXJ0aW5nIG91dCBmcm9t IHRoZSBzZXQgb2Ygcm9vdCBvYmplY3RzCi0KICAgbWFya1N0YWNrT2JqZWN0c0NvbnNlcnZhdGl2 ZWx5KCk7CiAgIG1hcmtQcm90ZWN0ZWRPYmplY3RzKCk7CiAgIExpc3Q6Om1hcmtQcm90ZWN0ZWRM aXN0cygpOwogICBpZiAoIWN1cnJlbnRUaHJlYWRJc01haW5UaHJlYWQpCiAgICAgbWFya01haW5U aHJlYWRPbmx5T2JqZWN0cygpOwogCisjaWZuZGVmIE5ERUJVRworICBmYXN0TWFsbG9jVW5sb2Nr KCk7CisjZW5kaWYKKwogICAvLyBTV0VFUDogZGVsZXRlIGV2ZXJ5dGhpbmcgd2l0aCBhIHplcm8g cmVmY291bnQgKGdhcmJhZ2UpIGFuZCB1bm1hcmsgZXZlcnl0aGluZyBlbHNlCiAgIAogICBzaXpl X3QgZW1wdHlCbG9ja3MgPSAwOwpJbmRleDogSmF2YVNjcmlwdENvcmUvd3RmL0Zhc3RNYWxsb2Mu Y3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT0KLS0tIEphdmFTY3JpcHRDb3JlL3d0Zi9GYXN0TWFsbG9jLmNwcAkocmV2 aXNpb24gMjAwMDMpCisrKyBKYXZhU2NyaXB0Q29yZS93dGYvRmFzdE1hbGxvYy5jcHAJKHdvcmtp bmcgY29weSkKQEAgLTY1LDYgKzY1LDggQEAKICNpbmNsdWRlICJjb25maWcuaCIKICNpbmNsdWRl ICJGYXN0TWFsbG9jLmgiCiAKKyNpbmNsdWRlICJBc3NlcnRpb25zLmgiCisKICNpZm5kZWYgVVNF X1NZU1RFTV9NQUxMT0MKICNpZm5kZWYgTkRFQlVHCiAjZGVmaW5lIFVTRV9TWVNURU1fTUFMTE9D IDEKQEAgLTczLDYgKzc1LDIzIEBACiAjZW5kaWYKICNlbmRpZgogCisjaWZuZGVmIE5ERUJVRwor bmFtZXNwYWNlIFdURiB7CisKK3N0YXRpYyBib29sIGlzTG9ja2VkID0gZmFsc2U7Cit2b2lkIGZh c3RNYWxsb2NMb2NrKCkKK3sKKyAgICBpc0xvY2tlZCA9IHRydWU7Cit9CisKK3ZvaWQgZmFzdE1h bGxvY1VubG9jaygpCit7CisgICAgaXNMb2NrZWQgPSBmYWxzZTsKK30KKworfSAvLyBuYW1lc3Bh Y2UgV1RGCisjZW5kaWYKKwogI2lmIFVTRV9TWVNURU1fTUFMTE9DCiAKICNpbmNsdWRlIDxzdGRs aWIuaD4KQEAgLTg0LDIxICsxMDMsMjUgQEAgbmFtZXNwYWNlIFdURiB7CiAgICAgCiB2b2lkICpm YXN0TWFsbG9jKHNpemVfdCBuKSAKIHsKKyAgICBBU1NFUlQoIWlzTG9ja2VkKTsKICAgICByZXR1 cm4gbWFsbG9jKG4pOwogfQogCiB2b2lkICpmYXN0Q2FsbG9jKHNpemVfdCBuX2VsZW1lbnRzLCBz aXplX3QgZWxlbWVudF9zaXplKQogeworICAgIEFTU0VSVCghaXNMb2NrZWQpOwogICAgIHJldHVy biBjYWxsb2Mobl9lbGVtZW50cywgZWxlbWVudF9zaXplKTsKIH0KIAogdm9pZCBmYXN0RnJlZSh2 b2lkKiBwKQogeworICAgIEFTU0VSVCghaXNMb2NrZWQpOwogICAgIGZyZWUocCk7CiB9CiAKIHZv aWQgKmZhc3RSZWFsbG9jKHZvaWQqIHAsIHNpemVfdCBuKQogeworICAgIEFTU0VSVCghaXNMb2Nr ZWQpOwogICAgIHJldHVybiByZWFsbG9jKHAsIG4pOwogfQogCkBAIC0xODgwLDYgKzE5MDMsNyBA QCBzdGF0aWMgQUxXQVlTX0lOTElORSB2b2lkKiBkb19tYWxsb2Moc2l6CiAKICNpZmRlZiBXVEZf Q0hBTkdFUwogICAgIEFTU0VSVChpc011bHRpVGhyZWFkZWQgfHwgcHRocmVhZF9tYWluX25wKCkp OworICAgIEFTU0VSVCghaXNMb2NrZWQpOwogI2VuZGlmCiAKICNpZm5kZWYgV1RGX0NIQU5HRVMK SW5kZXg6IEphdmFTY3JpcHRDb3JlL3d0Zi9GYXN0TWFsbG9jLmgKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gSmF2 YVNjcmlwdENvcmUvd3RmL0Zhc3RNYWxsb2MuaAkocmV2aXNpb24gMjAwMDMpCisrKyBKYXZhU2Ny aXB0Q29yZS93dGYvRmFzdE1hbGxvYy5oCSh3b3JraW5nIGNvcHkpCkBAIC0zNCw2ICszNCwxMSBA QCBuYW1lc3BhY2UgV1RGIHsKICAgICB2b2lkIGZhc3RGcmVlKHZvaWQqIHApOwogICAgIHZvaWQg KmZhc3RSZWFsbG9jKHZvaWQqIHAsIHNpemVfdCBuKTsKIAorI2lmbmRlZiBOREVCVUcgICAgCisg ICAgdm9pZCBmYXN0TWFsbG9jTG9jaygpOworICAgIHZvaWQgZmFzdE1hbGxvY1VubG9jaygpOwor I2VuZGlmCisKIH0gLy8gbmFtZXNwYWNlIFdURgogCiB1c2luZyBXVEY6OmZhc3RNYWxsb2M7CkBA IC00MSw2ICs0NiwxMSBAQCB1c2luZyBXVEY6OmZhc3RDYWxsb2M7CiB1c2luZyBXVEY6OmZhc3RS ZWFsbG9jOwogdXNpbmcgV1RGOjpmYXN0RnJlZTsKIAorI2lmbmRlZiBOREVCVUcgICAgCit1c2lu ZyBXVEY6OmZhc3RNYWxsb2NMb2NrOwordXNpbmcgV1RGOjpmYXN0TWFsbG9jVW5sb2NrOworI2Vu ZGlmCisKICNpZiBQTEFURk9STShHQ0MpICYmIFBMQVRGT1JNKERBUldJTikKICNkZWZpbmUgV1RG X1BSSVZBVEVfSU5MSU5FIF9fcHJpdmF0ZV9leHRlcm5fXyBpbmxpbmUgX19hdHRyaWJ1dGVfXygo YWx3YXlzX2lubGluZSkpCiAjZWxpZiBQTEFURk9STShHQ0MpCkluZGV4OiBXZWJDb3JlL0NoYW5n ZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09Ci0tLSBXZWJDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjAwMDgpCisr KyBXZWJDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI4IEBACisyMDA3 LTAzLTA2ICBHZW9mZnJleSBHYXJlbiAgPGdnYXJlbkBhcHBsZS5jb20+CisKKyAgICAgICAgUmV2 aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgRml4ZWQgPHJkYXI6Ly9wcm9ibGVt LzQ1NzYyNDI+IHwgaHR0cDovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTI1ODYK KyAgICAgICAgUEFDIGZpbGU6IG1hbGxvYyBkZWFkbG9jayBzb21ldGltZXMgY2F1c2VzIGEgaGFu ZyBAIHd3dy5hcHBsZS5jb20vcHJvL3Byb2ZpbGVzLyAoMTI1ODYpCisgICAgICAgIAorICAgICAg ICBObyB0ZXN0IGJlY2F1c2UgdGhpcyBpcyB2ZXJ5IGRpZmZpY3VsdCB0byByZXBybywgYW5kIHRo ZSBuZXcgQVNTRVJUcyBpbiAKKyAgICAgICAgSmF2YVNjcmlwdENvcmUgY2F0Y2ggdGhlIHVuZGVy bHlpbmcgY2F1c2Ugd2hpbGUgcnVubmluZyBub3JtYWwgbGF5b3V0IHRlc3RzLgorICAgICAgICAK KyAgICAgICAgVGhpcyBpcyBhIG1vZGlmaWVkIHZlcnNpb24gb2YgcjE0NzUyIG9uIHRoZSBicmFu Y2guCisgICAgICAgIAorICAgICAgICBUaGUgZml4IGlzIHRvIHVzZSBhIGJpdCBpbnNpZGUgZWFj aCBub2RlLCBpbnN0ZWFkIG9mIGEgaGFzaCB0YWJsZSwgdG8gdHJhY2sgCisgICAgICAgIHdoaWNo IG5vZGUgc3VidHJlZXMgYXJlIGluIHRoZSBwcm9jZXNzIG9mIGJlaW5nIG1hcmtlZC4gVGhpcyBh dm9pZHMgYSBjYWxsIAorICAgICAgICB0byBtYWxsb2MgaW5zaWRlIG1hcmsoKS4KKyAgICAgICAg CisgICAgICAgICogYmluZGluZ3MvanMva2pzX2JpbmRpbmcuY3BwOgorICAgICAgICAoS0pTOjpk b21PYmplY3RzKToKKyAgICAgICAgKEtKUzo6ZG9tTm9kZXNQZXJEb2N1bWVudCk6CisgICAgICAg ICogYmluZGluZ3MvanMva2pzX2RvbS5jcHA6CisgICAgICAgIChLSlM6OkRPTU5vZGU6Om1hcmsp OgorICAgICAgICAqIGRvbS9Ob2RlLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6Ok5vZGU6Ok5vZGUp OgorICAgICAgICAqIGRvbS9Ob2RlLmg6CisKIDIwMDctMDMtMDYgIEFsZXhleSBQcm9za3VyeWFr b3YgIDxhcEB3ZWJraXQub3JnPgogCiAgICAgICAgIFJldmlld2VkIGJ5IFNhbSBXZWluaWcuCklu ZGV4OiBXZWJDb3JlL2JpbmRpbmdzL2pzL2tqc19iaW5kaW5nLmNwcAo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBX ZWJDb3JlL2JpbmRpbmdzL2pzL2tqc19iaW5kaW5nLmNwcAkocmV2aXNpb24gMjAwMDQpCisrKyBX ZWJDb3JlL2JpbmRpbmdzL2pzL2tqc19iaW5kaW5nLmNwcAkod29ya2luZyBjb3B5KQpAQCAtMTEz LDYgKzExMyw3IEBAIERPTU9iamVjdDo6fkRPTU9iamVjdCgpCiAKIHN0YXRpYyBET01PYmplY3RN YXAmIGRvbU9iamVjdHMoKQogeyAKKyAgICAvLyBEb24ndCB1c2UgbWFsbG9jIGhlcmUuIENhbGxp bmcgbWFsbG9jIGZyb20gYSBtYXJrIGZ1bmN0aW9uIGNhbiBkZWFkbG9jay4KICAgICBzdGF0aWMg RE9NT2JqZWN0TWFwIHN0YXRpY0RPTU9iamVjdHM7CiAgICAgcmV0dXJuIHN0YXRpY0RPTU9iamVj dHM7CiB9CkBAIC0xMjAsMTAgKzEyMSwxMSBAQCBzdGF0aWMgRE9NT2JqZWN0TWFwJiBkb21PYmpl Y3RzKCkKIHN0YXRpYyBOb2RlUGVyRG9jTWFwJiBkb21Ob2Rlc1BlckRvY3VtZW50KCkKIHsKICAg ICAvLyBkb21Ob2Rlc1BlckRvY3VtZW50KCkgY2FsbGVycyBtdXN0IHN5bmNocm9uaXplIHVzaW5n IHRoZSBKU0xvY2sgYmVjYXVzZSAKLSAgICAvLyBkb21Ob2Rlc1BlckRvY3VtZW50KCkgaXMgY2Fs bGVkIGR1cmluZyBnYXJiYWdlIGNvbGxlY3Rpb24sIHdoaWNoIGNhbiBoYXBwZW4KKyAgICAvLyBk b21Ob2Rlc1BlckRvY3VtZW50KCkgaXMgY2FsbGVkIGZyb20gYSBtYXJrIGZ1bmN0aW9uLCB3aGlj aCBjYW4gcnVuCiAgICAgLy8gb24gYSBzZWNvbmRhcnkgdGhyZWFkLgogICAgIEFTU0VSVChKU0xv Y2s6OmxvY2tDb3VudCgpKTsKIAorICAgIC8vIERvbid0IHVzZSBtYWxsb2MgaGVyZS4gQ2FsbGlu ZyBtYWxsb2MgZnJvbSBhIG1hcmsgZnVuY3Rpb24gY2FuIGRlYWRsb2NrLgogICAgIHN0YXRpYyBO b2RlUGVyRG9jTWFwIHN0YXRpY0RPTU5vZGVzUGVyRG9jdW1lbnQ7CiAgICAgcmV0dXJuIHN0YXRp Y0RPTU5vZGVzUGVyRG9jdW1lbnQ7CiB9CkluZGV4OiBXZWJDb3JlL2JpbmRpbmdzL2pzL2tqc19k b20uY3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvYmluZGluZ3MvanMva2pzX2RvbS5jcHAJKHJl dmlzaW9uIDIwMDAzKQorKysgV2ViQ29yZS9iaW5kaW5ncy9qcy9ranNfZG9tLmNwcAkod29ya2lu ZyBjb3B5KQpAQCAtMTM5LDE3ICsxMzksMTUgQEAgdm9pZCBET01Ob2RlOjptYXJrKCkKICAgICBy b290ID0gY3VycmVudDsKICAgfQogCi0gIHN0YXRpYyBIYXNoU2V0PE5vZGUqPiBtYXJraW5nUm9v dHM7Ci0KICAgLy8gSWYgd2UncmUgYWxyZWFkeSBtYXJraW5nIHRoaXMgdHJlZSwgdGhlbiB3ZSBj YW4gc2ltcGx5IG1hcmsgdGhpcyB3cmFwcGVyCiAgIC8vIGJ5IGNhbGxpbmcgdGhlIGJhc2UgY2xh c3M7IG91ciBjYWxsZXIgaXMgaXRlcmF0aW5nIHRoZSB0cmVlLgotICBpZiAobWFya2luZ1Jvb3Rz LmNvbnRhaW5zKHJvb3QpKSB7CisgIGlmIChyb290LT5tX2luU3VidHJlZU1hcmspIHsKICAgICBE T01PYmplY3Q6Om1hcmsoKTsKICAgICByZXR1cm47CiAgIH0KIAogICAvLyBNYXJrIHRoZSB3aG9s ZSB0cmVlOyB1c2UgdGhlIGdsb2JhbCBzZXQgb2Ygcm9vdHMgdG8gYXZvaWQgcmVlbnRlcmluZy4K LSAgbWFya2luZ1Jvb3RzLmFkZChyb290KTsKKyAgcm9vdC0+bV9pblN1YnRyZWVNYXJrID0gdHJ1 ZTsKICAgZm9yIChOb2RlKiBub2RlVG9NYXJrID0gcm9vdDsgbm9kZVRvTWFyazsgbm9kZVRvTWFy ayA9IG5vZGVUb01hcmstPnRyYXZlcnNlTmV4dE5vZGUoKSkgewogICAgIERPTU5vZGUgKndyYXBw ZXIgPSBTY3JpcHRJbnRlcnByZXRlcjo6Z2V0RE9NTm9kZUZvckRvY3VtZW50KG1faW1wbC0+ZG9j dW1lbnQoKSwgbm9kZVRvTWFyayk7CiAgICAgaWYgKHdyYXBwZXIpIHsKQEAgLTE2NSw3ICsxNjMs NyBAQCB2b2lkIERPTU5vZGU6Om1hcmsoKQogICAgICAgICBtYXJrKCk7CiAgICAgfQogICB9Ci0g IG1hcmtpbmdSb290cy5yZW1vdmUocm9vdCk7CisgIHJvb3QtPm1faW5TdWJ0cmVlTWFyayA9IGZh bHNlOwogCiAgIC8vIERvdWJsZSBjaGVjayB0aGF0IHdlIGFjdHVhbGx5IGVuZGVkIHVwIG1hcmtl ZC4gVGhpcyBhc3NlcnQgY2F1Z2h0IHByb2JsZW1zIGluIHRoZSBwYXN0LgogICBhc3NlcnQobWFy a2VkKCkpOwpJbmRleDogV2ViQ29yZS9kb20vTm9kZS5jcHAKPT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gV2ViQ29y ZS9kb20vTm9kZS5jcHAJKHJldmlzaW9uIDIwMDA0KQorKysgV2ViQ29yZS9kb20vTm9kZS5jcHAJ KHdvcmtpbmcgY29weSkKQEAgLTE1NCw3ICsxNTQsOCBAQCBOb2RlOjpOb2RlKERvY3VtZW50ICpk b2MpCiAgICAgICBtX2hvdmVyZWQoZmFsc2UpLAogICAgICAgbV9pbkFjdGl2ZUNoYWluKGZhbHNl KSwKICAgICAgIG1faW1wbGljaXQoZmFsc2UpLAotICAgICAgbV9pbkRldGFjaChmYWxzZSkKKyAg ICAgIG1faW5EZXRhY2goZmFsc2UpLAorICAgICAgbV9pblN1YnRyZWVNYXJrKGZhbHNlKQogewog I2lmbmRlZiBOREVCVUcKICAgICBpZiAoc2hvdWxkSWdub3JlTGVha3MpCkluZGV4OiBXZWJDb3Jl L2RvbS9Ob2RlLmgKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PQotLS0gV2ViQ29yZS9kb20vTm9kZS5oCShyZXZpc2lvbiAy MDAwMykKKysrIFdlYkNvcmUvZG9tL05vZGUuaAkod29ya2luZyBjb3B5KQpAQCAtNDc3LDYgKzQ3 Nyw5IEBAIHByb3RlY3RlZDoKIAogICAgIGJvb2wgbV9pbkRldGFjaCA6IDE7CiAKK3B1YmxpYzoK KyAgICBib29sIG1faW5TdWJ0cmVlTWFyayA6IDE7CisKIHByaXZhdGU6CiAgICAgRWxlbWVudCog YW5jZXN0b3JFbGVtZW50KCkgY29uc3Q7CiB9Owo=