125876 2013-12-17 15:18:48 -0800 DelayedReleaseScope is in the wrong place 2014-01-23 14:40:41 -0800 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 mhahnenberg mhahnenberg commit-queue ggaren joepeck oldest_to_newest 960683 0 mhahnenberg 2013-12-17 15:18:48 -0800 Since it could be in the middle of lazy sweeping (and therefore allocation), we can't allow other threads to start executing in the current VM. Thus, we need to hold onto the API lock. 961121 1 219572 mhahnenberg 2013-12-18 14:51:43 -0800 Created attachment 219572 Patch 961137 2 219572 ggaren 2013-12-18 15:17:51 -0800 Comment on attachment 219572 Patch Mark has a better idea. We think this patch would not have solved reentrancy. 961170 3 mhahnenberg 2013-12-18 16:33:02 -0800 It needs to be just around the free list sweeping in MarkedAllocator::tryAllocateHelper. This location gives us a good safe point between getting ready to allocate (i.e. identifying a non-empty free list) and doing the actual allocation (popping the free list). 961176 4 219587 mhahnenberg 2013-12-18 16:37:05 -0800 Created attachment 219587 Patch 961186 5 219587 ggaren 2013-12-18 17:04:02 -0800 Comment on attachment 219587 Patch r=me 961253 6 219587 commit-queue 2013-12-18 20:26:43 -0800 Comment on attachment 219587 Patch Clearing flags on attachment: 219587 Committed r160822: <http://trac.webkit.org/changeset/160822> 961254 7 commit-queue 2013-12-18 20:26:45 -0800 All reviewed patches have been landed. Closing bug. 961269 8 ggaren 2013-12-18 21:43:35 -0800 Can we API test for this? 961311 9 joepeck 2013-12-19 00:48:49 -0800 Thanks for the quick fix! 961498 10 joepeck 2013-12-19 12:20:41 -0800 Hmm, I'm still seeing a related issue: ASSERTION FAILED: m_operationInProgress == NoOperation /Volumes/Data/Code/safari/OpenSource/Source/JavaScriptCore/heap/Heap.cpp(759) : void JSC::Heap::collect(JSC::Heap::SweepToggle) 1 0x1006a33d0 WTFCrash 2 0x1003310a6 JSC::Heap::collect(JSC::Heap::SweepToggle) 3 0x100326310 JSC::DefaultGCActivityCallback::doWork() 4 0x100340172 JSC::HeapTimer::timerDidFire(__CFRunLoopTimer*, void*) 5 0x7fff88f5b724 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ 6 0x7fff88f5b25f __CFRunLoopDoTimer 7 0x7fff88fcc76a __CFRunLoopDoTimers 8 0x7fff88f16aa5 __CFRunLoopRun 9 0x7fff88f16275 CFRunLoopRunSpecific 10 0x7fff942abf0d RunCurrentEventLoopInMode 11 0x7fff942abcb7 ReceiveNextEventCommon 12 0x7fff942ababc _BlockUntilNextEventMatchingListInModeWithFilter 13 0x7fff8db6f28e _DPSNextEvent 14 0x7fff8db6e8db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] 15 0x7fff8db629cc -[NSApplication run] 16 0x7fff8db4d803 NSApplicationMain 17 0x100002022 main 18 0x7fff89c225fd start 19 0x3 (lldb) thread backtrace all * thread #1: tid = 0xd83a4a, 0x00000001006a33da JavaScriptCore`WTFCrash + 42 at Assertions.cpp:341, queue = 'com.apple.main-thread, stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef) frame #0: 0x00000001006a33da JavaScriptCore`WTFCrash + 42 at Assertions.cpp:341 frame #1: 0x00000001003310a6 JavaScriptCore`JSC::Heap::collect(this=0x0000000101859218, sweepToggle=DoNotSweep) + 502 at Heap.cpp:759 frame #2: 0x0000000100326310 JavaScriptCore`JSC::DefaultGCActivityCallback::doWork(this=0x000060800012d200) + 208 at GCActivityCallback.cpp:98 frame #3: 0x0000000100340172 JavaScriptCore`JSC::HeapTimer::timerDidFire(timer=0x000060800016b880, context=0x00006080000d62d0) + 338 at HeapTimer.cpp:97 frame #4: 0x00007fff88f5b724 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 frame #5: 0x00007fff88f5b25f CoreFoundation`__CFRunLoopDoTimer + 1151 frame #6: 0x00007fff88fcc76a CoreFoundation`__CFRunLoopDoTimers + 298 frame #7: 0x00007fff88f16aa5 CoreFoundation`__CFRunLoopRun + 1525 frame #8: 0x00007fff88f16275 CoreFoundation`CFRunLoopRunSpecific + 309 frame #9: 0x00007fff942abf0d HIToolbox`RunCurrentEventLoopInMode + 226 frame #10: 0x00007fff942abcb7 HIToolbox`ReceiveNextEventCommon + 479 frame #11: 0x00007fff942ababc HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 65 frame #12: 0x00007fff8db6f28e AppKit`_DPSNextEvent + 1434 frame #13: 0x00007fff8db6e8db AppKit`-[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122 frame #14: 0x00007fff8db629cc AppKit`-[NSApplication run] + 553 frame #15: 0x00007fff8db4d803 AppKit`NSApplicationMain + 940 frame #16: 0x0000000100002022 JSContextTester`main(argc=3, argv=0x00007fff5fbffb50) + 34 at main.m:13 frame #17: 0x00007fff89c225fd libdyld.dylib`start + 1 thread #2: tid = 0xd83a8f, 0x00007fff8ee7ae6a libsystem_kernel.dylib`__workq_kernreturn + 10 frame #0: 0x00007fff8ee7ae6a libsystem_kernel.dylib`__workq_kernreturn + 10 frame #1: 0x00007fff92325f08 libsystem_pthread.dylib`_pthread_wqthread + 330 frame #2: 0x00007fff92328fb9 libsystem_pthread.dylib`start_wqthread + 13 thread #3: tid = 0xd83a90, 0x00007fff8ee7b662 libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager frame #0: 0x00007fff8ee7b662 libsystem_kernel.dylib`kevent64 + 10 frame #1: 0x00007fff926e543d libdispatch.dylib`_dispatch_mgr_invoke + 239 frame #2: 0x00007fff926e5152 libdispatch.dylib`_dispatch_mgr_thread + 52 thread #4: tid = 0xd83a91, 0x00007fff8ee7a746 libsystem_kernel.dylib`__psynch_mutexwait + 10, queue = 'com.apple.JavaScriptCore.remote-inspector-xpc-connection frame #0: 0x00007fff8ee7a746 libsystem_kernel.dylib`__psynch_mutexwait + 10 frame #1: 0x00007fff92327779 libsystem_pthread.dylib`_pthread_mutex_lock + 372 frame #2: 0x00000001006f2095 JavaScriptCore`WTF::Mutex::lock(this=0x00006080000d62d8) + 21 at ThreadingPthreads.cpp:343 frame #3: 0x0000000100400e8f JavaScriptCore`JSC::JSLock::lock(this=0x00006080000d62d0) + 191 at JSLock.cpp:117 frame #4: 0x0000000100401387 JavaScriptCore`JSC::JSLock::grabAllLocks(this=0x00006080000d62d0, lockCount=2, spinLock=0x00006080000d62d4) + 55 at JSLock.cpp:277 frame #5: 0x0000000100401706 JavaScriptCore`JSC::JSLock::DropAllLocks::~DropAllLocks(this=0x000000010227f9b0) + 150 at JSLock.cpp:323 frame #6: 0x0000000100401665 JavaScriptCore`JSC::JSLock::DropAllLocks::~DropAllLocks(this=0x000000010227f9b0) + 21 at JSLock.cpp:316 frame #7: 0x000000010033d06d JavaScriptCore`JSC::APICallbackShim::~APICallbackShim(this=0x000000010227f9b0) + 61 at APIShims.h:102 frame #8: 0x000000010033cce5 JavaScriptCore`JSC::APICallbackShim::~APICallbackShim(this=0x000000010227f9b0) + 21 at APIShims.h:100 frame #9: 0x000000010033cc55 JavaScriptCore`JSC::DelayedReleaseScope::~DelayedReleaseScope(this=0x000000010227fa40) + 149 at DelayedReleaseScope.h:52 frame #10: 0x00000001003339e5 JavaScriptCore`JSC::DelayedReleaseScope::~DelayedReleaseScope(this=0x000000010227fa40) + 21 at DelayedReleaseScope.h:46 frame #11: 0x00000001004d8623 JavaScriptCore`JSC::MarkedAllocator::tryAllocateHelper(this=0x000000010185fbe8, bytes=88) + 451 at MarkedAllocator.cpp:65 frame #12: 0x00000001004d6f82 JavaScriptCore`JSC::MarkedAllocator::tryAllocate(this=0x000000010185fbe8, bytes=88) + 114 at MarkedAllocator.cpp:78 frame #13: 0x00000001004d69f5 JavaScriptCore`JSC::MarkedAllocator::allocateSlowCase(this=0x000000010185fbe8, bytes=88) + 245 at MarkedAllocator.cpp:96 frame #14: 0x000000010001931f JavaScriptCore`JSC::MarkedAllocator::allocate(this=0x000000010185fbe8, bytes=88) + 79 at MarkedAllocator.h:91 frame #15: 0x00000001000191b9 JavaScriptCore`JSC::MarkedSpace::allocateWithoutDestructor(this=0x00000001018594c8, bytes=88) + 41 at MarkedSpace.h:219 frame #16: 0x00000001000190c6 JavaScriptCore`JSC::Heap::allocateWithoutDestructor(this=0x0000000101859218, bytes=88) + 118 at Heap.h:443 frame #17: 0x00000001000c5067 JavaScriptCore`void* JSC::allocateCell<JSC::JSActivation>(heap=0x0000000101859218, size=88) + 151 at JSCellInlines.h:97 frame #18: 0x00000001000c4f75 JavaScriptCore`JSC::JSActivation::create(vm=0x0000000101859200, callFrame=0x000000010ae47e30, registers=0x000000010ae47e30, codeBlock=0x000000010250a610) + 133 at JSActivation.h:57 frame #19: 0x00000001000add64 JavaScriptCore`JSC::JSActivation::create(vm=0x0000000101859200, callFrame=0x000000010ae47e30, codeBlock=0x000000010250a610) + 68 at JSActivation.h:66 frame #20: 0x00000001004ad826 JavaScriptCore`llint_slow_path_create_activation(exec=0x000000010ae47e30, pc=0x000000010481b820) + 134 at LLIntSlowPaths.cpp:446 frame #21: 0x00000001004b8055 JavaScriptCore`llint_op_create_activation + 32 thread.... 961520 11 mhahnenberg 2013-12-19 13:15:28 -0800 (In reply to comment #10) > Hmm, I'm still seeing a related issue: > > ASSERTION FAILED: m_operationInProgress == NoOperation > /Volumes/Data/Code/safari/OpenSource/Source/JavaScriptCore/heap/Heap.cpp(759) : void JSC::Heap::collect(JSC::Heap::SweepToggle) > 1 0x1006a33d0 WTFCrash > 2 0x1003310a6 JSC::Heap::collect(JSC::Heap::SweepToggle) > 3 0x100326310 JSC::DefaultGCActivityCallback::doWork() > 4 0x100340172 JSC::HeapTimer::timerDidFire(__CFRunLoopTimer*, void*) > 5 0x7fff88f5b724 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ > 6 0x7fff88f5b25f __CFRunLoopDoTimer > 7 0x7fff88fcc76a __CFRunLoopDoTimers > 8 0x7fff88f16aa5 __CFRunLoopRun > 9 0x7fff88f16275 CFRunLoopRunSpecific > 10 0x7fff942abf0d RunCurrentEventLoopInMode > 11 0x7fff942abcb7 ReceiveNextEventCommon > 12 0x7fff942ababc _BlockUntilNextEventMatchingListInModeWithFilter > 13 0x7fff8db6f28e _DPSNextEvent > 14 0x7fff8db6e8db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] > 15 0x7fff8db629cc -[NSApplication run] > 16 0x7fff8db4d803 NSApplicationMain > 17 0x100002022 main > 18 0x7fff89c225fd start > 19 0x3 > > > (lldb) thread backtrace all > * thread #1: tid = 0xd83a4a, 0x00000001006a33da JavaScriptCore`WTFCrash + 42 at Assertions.cpp:341, queue = 'com.apple.main-thread, stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef) > frame #0: 0x00000001006a33da JavaScriptCore`WTFCrash + 42 at Assertions.cpp:341 > frame #1: 0x00000001003310a6 JavaScriptCore`JSC::Heap::collect(this=0x0000000101859218, sweepToggle=DoNotSweep) + 502 at Heap.cpp:759 > frame #2: 0x0000000100326310 JavaScriptCore`JSC::DefaultGCActivityCallback::doWork(this=0x000060800012d200) + 208 at GCActivityCallback.cpp:98 > frame #3: 0x0000000100340172 JavaScriptCore`JSC::HeapTimer::timerDidFire(timer=0x000060800016b880, context=0x00006080000d62d0) + 338 at HeapTimer.cpp:97 > frame #4: 0x00007fff88f5b724 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 > frame #5: 0x00007fff88f5b25f CoreFoundation`__CFRunLoopDoTimer + 1151 > frame #6: 0x00007fff88fcc76a CoreFoundation`__CFRunLoopDoTimers + 298 > frame #7: 0x00007fff88f16aa5 CoreFoundation`__CFRunLoopRun + 1525 > frame #8: 0x00007fff88f16275 CoreFoundation`CFRunLoopRunSpecific + 309 > frame #9: 0x00007fff942abf0d HIToolbox`RunCurrentEventLoopInMode + 226 > frame #10: 0x00007fff942abcb7 HIToolbox`ReceiveNextEventCommon + 479 > frame #11: 0x00007fff942ababc HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 65 > frame #12: 0x00007fff8db6f28e AppKit`_DPSNextEvent + 1434 > frame #13: 0x00007fff8db6e8db AppKit`-[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122 > frame #14: 0x00007fff8db629cc AppKit`-[NSApplication run] + 553 > frame #15: 0x00007fff8db4d803 AppKit`NSApplicationMain + 940 > frame #16: 0x0000000100002022 JSContextTester`main(argc=3, argv=0x00007fff5fbffb50) + 34 at main.m:13 > frame #17: 0x00007fff89c225fd libdyld.dylib`start + 1 > > thread #2: tid = 0xd83a8f, 0x00007fff8ee7ae6a libsystem_kernel.dylib`__workq_kernreturn + 10 > frame #0: 0x00007fff8ee7ae6a libsystem_kernel.dylib`__workq_kernreturn + 10 > frame #1: 0x00007fff92325f08 libsystem_pthread.dylib`_pthread_wqthread + 330 > frame #2: 0x00007fff92328fb9 libsystem_pthread.dylib`start_wqthread + 13 > > thread #3: tid = 0xd83a90, 0x00007fff8ee7b662 libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager > frame #0: 0x00007fff8ee7b662 libsystem_kernel.dylib`kevent64 + 10 > frame #1: 0x00007fff926e543d libdispatch.dylib`_dispatch_mgr_invoke + 239 > frame #2: 0x00007fff926e5152 libdispatch.dylib`_dispatch_mgr_thread + 52 > > thread #4: tid = 0xd83a91, 0x00007fff8ee7a746 libsystem_kernel.dylib`__psynch_mutexwait + 10, queue = 'com.apple.JavaScriptCore.remote-inspector-xpc-connection > frame #0: 0x00007fff8ee7a746 libsystem_kernel.dylib`__psynch_mutexwait + 10 > frame #1: 0x00007fff92327779 libsystem_pthread.dylib`_pthread_mutex_lock + 372 > frame #2: 0x00000001006f2095 JavaScriptCore`WTF::Mutex::lock(this=0x00006080000d62d8) + 21 at ThreadingPthreads.cpp:343 > frame #3: 0x0000000100400e8f JavaScriptCore`JSC::JSLock::lock(this=0x00006080000d62d0) + 191 at JSLock.cpp:117 > frame #4: 0x0000000100401387 JavaScriptCore`JSC::JSLock::grabAllLocks(this=0x00006080000d62d0, lockCount=2, spinLock=0x00006080000d62d4) + 55 at JSLock.cpp:277 > frame #5: 0x0000000100401706 JavaScriptCore`JSC::JSLock::DropAllLocks::~DropAllLocks(this=0x000000010227f9b0) + 150 at JSLock.cpp:323 > frame #6: 0x0000000100401665 JavaScriptCore`JSC::JSLock::DropAllLocks::~DropAllLocks(this=0x000000010227f9b0) + 21 at JSLock.cpp:316 > frame #7: 0x000000010033d06d JavaScriptCore`JSC::APICallbackShim::~APICallbackShim(this=0x000000010227f9b0) + 61 at APIShims.h:102 > frame #8: 0x000000010033cce5 JavaScriptCore`JSC::APICallbackShim::~APICallbackShim(this=0x000000010227f9b0) + 21 at APIShims.h:100 > frame #9: 0x000000010033cc55 JavaScriptCore`JSC::DelayedReleaseScope::~DelayedReleaseScope(this=0x000000010227fa40) + 149 at DelayedReleaseScope.h:52 > frame #10: 0x00000001003339e5 JavaScriptCore`JSC::DelayedReleaseScope::~DelayedReleaseScope(this=0x000000010227fa40) + 21 at DelayedReleaseScope.h:46 > frame #11: 0x00000001004d8623 JavaScriptCore`JSC::MarkedAllocator::tryAllocateHelper(this=0x000000010185fbe8, bytes=88) + 451 at MarkedAllocator.cpp:65 > frame #12: 0x00000001004d6f82 JavaScriptCore`JSC::MarkedAllocator::tryAllocate(this=0x000000010185fbe8, bytes=88) + 114 at MarkedAllocator.cpp:78 > frame #13: 0x00000001004d69f5 JavaScriptCore`JSC::MarkedAllocator::allocateSlowCase(this=0x000000010185fbe8, bytes=88) + 245 at MarkedAllocator.cpp:96 > frame #14: 0x000000010001931f JavaScriptCore`JSC::MarkedAllocator::allocate(this=0x000000010185fbe8, bytes=88) + 79 at MarkedAllocator.h:91 > frame #15: 0x00000001000191b9 JavaScriptCore`JSC::MarkedSpace::allocateWithoutDestructor(this=0x00000001018594c8, bytes=88) + 41 at MarkedSpace.h:219 > frame #16: 0x00000001000190c6 JavaScriptCore`JSC::Heap::allocateWithoutDestructor(this=0x0000000101859218, bytes=88) + 118 at Heap.h:443 > frame #17: 0x00000001000c5067 JavaScriptCore`void* JSC::allocateCell<JSC::JSActivation>(heap=0x0000000101859218, size=88) + 151 at JSCellInlines.h:97 > frame #18: 0x00000001000c4f75 JavaScriptCore`JSC::JSActivation::create(vm=0x0000000101859200, callFrame=0x000000010ae47e30, registers=0x000000010ae47e30, codeBlock=0x000000010250a610) + 133 at JSActivation.h:57 > frame #19: 0x00000001000add64 JavaScriptCore`JSC::JSActivation::create(vm=0x0000000101859200, callFrame=0x000000010ae47e30, codeBlock=0x000000010250a610) + 68 at JSActivation.h:66 > frame #20: 0x00000001004ad826 JavaScriptCore`llint_slow_path_create_activation(exec=0x000000010ae47e30, pc=0x000000010481b820) + 134 at LLIntSlowPaths.cpp:446 > frame #21: 0x00000001004b8055 JavaScriptCore`llint_op_create_activation + 32 > > thread.... Grr, looks like that ASSERT is now in the wrong place. As a work-around you can comment it out for now. 971335 12 joepeck 2014-01-23 14:06:54 -0800 > Grr, looks like that ASSERT is now in the wrong place. As a work-around you can comment it out for now. Should I file a new bug to get this addressed? I still see it happening. 971345 13 ggaren 2014-01-23 14:40:41 -0800 Yes, I think so. 219572 2013-12-18 14:51:43 -0800 2013-12-18 16:37:03 -0800 Patch bug-125876-20131218145136.patch text/plain 1551 mhahnenberg SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTYwNzk2KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE2IEBA CisyMDEzLTEyLTE4ICBNYXJrIEhhaG5lbmJlcmcgIDxtaGFobmVuYmVyZ0BhcHBsZS5jb20+CisK KyAgICAgICAgRGVsYXllZFJlbGVhc2VTY29wZSBzaG91bGRuJ3QgZHJvcCBhbGwgbG9ja3MKKyAg ICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTEyNTg3NgorCisg ICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFNpbmNlIHdlIGNv dWxkIGJlIGluIHRoZSBtaWRkbGUgb2YgbGF6eSBzd2VlcGluZyAoYW5kIHRoZXJlZm9yZSBhbGxv Y2F0aW9uKSwgd2UgY2FuJ3QgYWxsb3cgb3RoZXIgdGhyZWFkcyAKKyAgICAgICAgdG8gc3RhcnQg ZXhlY3V0aW5nIGluIHRoZSBjdXJyZW50IFZNLiBUaHVzLCB3ZSBuZWVkIHRvIGhvbGQgb250byB0 aGUgQVBJIGxvY2suCisKKyAgICAgICAgKiBoZWFwL0RlbGF5ZWRSZWxlYXNlU2NvcGUuaDoKKyAg ICAgICAgKEpTQzo6RGVsYXllZFJlbGVhc2VTY29wZTo6fkRlbGF5ZWRSZWxlYXNlU2NvcGUpOgor CiAyMDEzLTEyLTE4ICBNYXJrIEhhaG5lbmJlcmcgIDxtaGFobmVuYmVyZ0BhcHBsZS5jb20+CiAK ICAgICAgICAgREZHIHNob3VsZCBoYXZlIGEgc2VwYXJhdGUgU3RvcmVCYXJyaWVyIG5vZGUKSW5k ZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9oZWFwL0RlbGF5ZWRSZWxlYXNlU2NvcGUuaAo9PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaGVhcC9EZWxheWVkUmVsZWFzZVNjb3Bl LmgJKHJldmlzaW9uIDE2MDc5NikKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9oZWFwL0RlbGF5 ZWRSZWxlYXNlU2NvcGUuaAkod29ya2luZyBjb3B5KQpAQCAtMjYsNyArMjYsNiBAQAogI2lmbmRl ZiBEZWxheWVkUmVsZWFzZVNjb3BlX2gKICNkZWZpbmUgRGVsYXllZFJlbGVhc2VTY29wZV9oCiAK LSNpbmNsdWRlICJBUElTaGltcy5oIgogI2luY2x1ZGUgIk1hcmtlZFNwYWNlLmgiCiAKIG5hbWVz cGFjZSBKU0MgewpAQCAtNDYsOCArNDUsNiBAQCBwdWJsaWM6CiAgICAgewogICAgICAgICBBU1NF UlQobV9tYXJrZWRTcGFjZS5tX2N1cnJlbnREZWxheWVkUmVsZWFzZVNjb3BlID09IHRoaXMpOwog ICAgICAgICBtX21hcmtlZFNwYWNlLm1fY3VycmVudERlbGF5ZWRSZWxlYXNlU2NvcGUgPSBudWxs cHRyOwotCi0gICAgICAgIEFQSUNhbGxiYWNrU2hpbSBjYWxsYmFja1NoaW0oKm1fbWFya2VkU3Bh Y2UubV9oZWFwLT52bSgpKTsKICAgICAgICAgbV9kZWxheWVkUmVsZWFzZU9iamVjdHMuY2xlYXIo KTsKICAgICB9CiAK 219587 2013-12-18 16:37:05 -0800 2013-12-18 20:26:43 -0800 Patch bug-125876-20131218163655.patch text/plain 3979 mhahnenberg SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTYwODA2KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIxIEBA CisyMDEzLTEyLTE4ICBNYXJrIEhhaG5lbmJlcmcgIDxtaGFobmVuYmVyZ0BhcHBsZS5jb20+CisK KyAgICAgICAgRGVsYXllZFJlbGVhc2VTY29wZSBpcyBpbiB0aGUgd3JvbmcgcGxhY2UKKyAgICAg ICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTEyNTg3NgorCisgICAg ICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoZSBEZWxheWVkUmVs ZWFzZVNjb3BlIG5lZWRzIHRvIGJlIGFyb3VuZCB0aGUgZnJlZSBsaXN0IHN3ZWVwaW5nIGluIE1h cmtlZEFsbG9jYXRvcjo6dHJ5QWxsb2NhdGVIZWxwZXIuIAorICAgICAgICBUaGlzIGxvY2F0aW9u IGdpdmVzIHVzIGEgZ29vZCBzYWZlIHBvaW50IGJldHdlZW4gZ2V0dGluZyByZWFkeSB0byBhbGxv Y2F0ZSAgKGkuZS4gaWRlbnRpZnlpbmcgYSBub24tZW1wdHkgCisgICAgICAgIGZyZWUgbGlzdCkg YW5kIGRvaW5nIHRoZSBhY3R1YWwgYWxsb2NhdGlvbiAocG9wcGluZyB0aGUgZnJlZSBsaXN0KS4K KworICAgICAgICAqIGhlYXAvTWFya2VkQWxsb2NhdG9yLmNwcDoKKyAgICAgICAgKEpTQzo6TWFy a2VkQWxsb2NhdG9yOjp0cnlBbGxvY2F0ZUhlbHBlcik6CisgICAgICAgIChKU0M6Ok1hcmtlZEFs bG9jYXRvcjo6YWxsb2NhdGVTbG93Q2FzZSk6CisgICAgICAgIChKU0M6Ok1hcmtlZEFsbG9jYXRv cjo6YWRkQmxvY2spOgorICAgICAgICAqIHJ1bnRpbWUvSlNDZWxsSW5saW5lcy5oOgorICAgICAg ICAoSlNDOjphbGxvY2F0ZUNlbGwpOgorCiAyMDEzLTEyLTE4ICBCZW5qYW1pbiBQb3VsYWluICA8 YmVuamFtaW5Ad2Via2l0Lm9yZz4KIAogICAgICAgICBBZGQgYSBzaW1wbGUgc3RhY2sgYWJzdHJh Y3Rpb24gZm9yIHg4Nl82NApJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3JlL2hlYXAvTWFya2Vk QWxsb2NhdG9yLmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaGVhcC9N YXJrZWRBbGxvY2F0b3IuY3BwCShyZXZpc2lvbiAxNjA3OTYpCisrKyBTb3VyY2UvSmF2YVNjcmlw dENvcmUvaGVhcC9NYXJrZWRBbGxvY2F0b3IuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC0zMCw3ICsz MCwxMSBAQCBib29sIE1hcmtlZEFsbG9jYXRvcjo6aXNQYWdlZE91dChkb3VibGUgCiAKIGlubGlu ZSB2b2lkKiBNYXJrZWRBbGxvY2F0b3I6OnRyeUFsbG9jYXRlSGVscGVyKHNpemVfdCBieXRlcykK IHsKLSAgICBpZiAoIW1fZnJlZUxpc3QuaGVhZCkgeworICAgIC8vIFdlIG5lZWQgYSB3aGlsZSBs b29wIHRvIGNoZWNrIHRoZSBmcmVlIGxpc3QgYmVjYXVzZSB0aGUgRGVsYXllZFJlbGVhc2VTY29w ZSAKKyAgICAvLyBjb3VsZCBjYXVzZSBhcmJpdHJhcnkgY29kZSB0byBleGVjdXRlIGFuZCBleGhh dXN0IHRoZSBmcmVlIGxpc3QgdGhhdCB3ZSAKKyAgICAvLyB0aG91Z2h0IGhhZCBlbGVtZW50cyBp biBpdC4KKyAgICB3aGlsZSAoIW1fZnJlZUxpc3QuaGVhZCkgeworICAgICAgICBEZWxheWVkUmVs ZWFzZVNjb3BlIGRlbGF5ZWRSZWxlYXNlU2NvcGUoKm1fbWFya2VkU3BhY2UpOwogICAgICAgICBp ZiAobV9jdXJyZW50QmxvY2spIHsKICAgICAgICAgICAgIEFTU0VSVChtX2N1cnJlbnRCbG9jayA9 PSBtX2Jsb2Nrc1RvU3dlZXApOwogICAgICAgICAgICAgbV9jdXJyZW50QmxvY2stPmRpZENvbnN1 bWVGcmVlTGlzdCgpOwpAQCAtNTksNyArNjMsOCBAQCBpbmxpbmUgdm9pZCogTWFya2VkQWxsb2Nh dG9yOjp0cnlBbGxvY2F0CiAgICAgICAgICAgICByZXR1cm4gMDsKICAgICAgICAgfQogICAgIH0K LSAgICAKKworICAgIEFTU0VSVChtX2ZyZWVMaXN0LmhlYWQpOwogICAgIE1hcmtlZEJsb2NrOjpG cmVlQ2VsbCogaGVhZCA9IG1fZnJlZUxpc3QuaGVhZDsKICAgICBtX2ZyZWVMaXN0LmhlYWQgPSBo ZWFkLT5uZXh0OwogICAgIEFTU0VSVChoZWFkKTsKQEAgLTc4LDcgKzgzLDYgQEAgaW5saW5lIHZv aWQqIE1hcmtlZEFsbG9jYXRvcjo6dHJ5QWxsb2NhdAogdm9pZCogTWFya2VkQWxsb2NhdG9yOjph bGxvY2F0ZVNsb3dDYXNlKHNpemVfdCBieXRlcykKIHsKICAgICBBU1NFUlQobV9oZWFwLT52bSgp LT5jdXJyZW50VGhyZWFkSXNIb2xkaW5nQVBJTG9jaygpKTsKLSAgICBEZWxheWVkUmVsZWFzZVNj b3BlIGRlbGF5ZWRSZWxlYXNlU2NvcGUoKm1fbWFya2VkU3BhY2UpOwogI2lmIENPTExFQ1RfT05f RVZFUllfQUxMT0NBVElPTgogICAgIGlmICghbV9oZWFwLT5pc0RlZmVycmVkKCkpCiAgICAgICAg IG1faGVhcC0+Y29sbGVjdEFsbEdhcmJhZ2UoKTsKQEAgLTEyNiw2ICsxMzAsOCBAQCBNYXJrZWRC bG9jayogTWFya2VkQWxsb2NhdG9yOjphbGxvY2F0ZUJsCiAKIHZvaWQgTWFya2VkQWxsb2NhdG9y OjphZGRCbG9jayhNYXJrZWRCbG9jayogYmxvY2spCiB7CisgICAgLy8gU2F0aXNmeSB0aGUgQVNT RVJUIGluIE1hcmtlZEJsb2NrOjpzd2VlcC4KKyAgICBEZWxheWVkUmVsZWFzZVNjb3BlIGRlbGF5 ZWRSZWxlYXNlU2NvcGUoKm1fbWFya2VkU3BhY2UpOwogICAgIEFTU0VSVCghbV9jdXJyZW50Qmxv Y2spOwogICAgIEFTU0VSVCghbV9mcmVlTGlzdC5oZWFkKTsKICAgICAKSW5kZXg6IFNvdXJjZS9K YXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTQ2VsbElubGluZXMuaAo9PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3Vy Y2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9KU0NlbGxJbmxpbmVzLmgJKHJldmlzaW9uIDE2MDc5 NikKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTQ2VsbElubGluZXMuaAkod29y a2luZyBjb3B5KQpAQCAtODgsMTAgKzg4LDYgQEAgdm9pZCogYWxsb2NhdGVDZWxsKEhlYXAmIGhl YXAsIHNpemVfdCBzaQogewogICAgIEFTU0VSVCghRGlzYWxsb3dHQzo6aXNHQ0Rpc2FsbG93ZWRP bkN1cnJlbnRUaHJlYWQoKSk7CiAgICAgQVNTRVJUKHNpemUgPj0gc2l6ZW9mKFQpKTsKLSNpZiBF TkFCTEUoR0NfVkFMSURBVElPTikKLSAgICBBU1NFUlQoIWhlYXAudm0oKS0+aXNJbml0aWFsaXpp bmdPYmplY3QoKSk7Ci0gICAgaGVhcC52bSgpLT5zZXRJbml0aWFsaXppbmdPYmplY3RDbGFzcyhU OjppbmZvKCkpOwotI2VuZGlmCiAgICAgSlNDZWxsKiByZXN1bHQgPSAwOwogICAgIGlmIChUOjpu ZWVkc0Rlc3RydWN0aW9uICYmIFQ6Omhhc0ltbW9ydGFsU3RydWN0dXJlKQogICAgICAgICByZXN1 bHQgPSBzdGF0aWNfY2FzdDxKU0NlbGwqPihoZWFwLmFsbG9jYXRlV2l0aEltbW9ydGFsU3RydWN0 dXJlRGVzdHJ1Y3RvcihzaXplKSk7CkBAIC05OSw2ICs5NSwxMCBAQCB2b2lkKiBhbGxvY2F0ZUNl bGwoSGVhcCYgaGVhcCwgc2l6ZV90IHNpCiAgICAgICAgIHJlc3VsdCA9IHN0YXRpY19jYXN0PEpT Q2VsbCo+KGhlYXAuYWxsb2NhdGVXaXRoTm9ybWFsRGVzdHJ1Y3RvcihzaXplKSk7CiAgICAgZWxz ZSAKICAgICAgICAgcmVzdWx0ID0gc3RhdGljX2Nhc3Q8SlNDZWxsKj4oaGVhcC5hbGxvY2F0ZVdp dGhvdXREZXN0cnVjdG9yKHNpemUpKTsKKyNpZiBFTkFCTEUoR0NfVkFMSURBVElPTikKKyAgICBB U1NFUlQoIWhlYXAudm0oKS0+aXNJbml0aWFsaXppbmdPYmplY3QoKSk7CisgICAgaGVhcC52bSgp LT5zZXRJbml0aWFsaXppbmdPYmplY3RDbGFzcyhUOjppbmZvKCkpOworI2VuZGlmCiAgICAgcmVz dWx0LT5jbGVhclN0cnVjdHVyZSgpOwogICAgIHJldHVybiByZXN1bHQ7CiB9Cg==