137014 2014-09-22 16:12:09 -0700 NSButtonCell leak allocated under WebCore::paintToggleButton 2015-01-13 17:36:10 -0800 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 joepeck joepeck ap bdakin dbates joepeck oldest_to_newest 1036618 0 joepeck 2014-09-22 16:12:09 -0700 Saw this leak in Safari. Leak: 0x6000000f2080 size=128 zone: DefaultMallocZone_0x10921a000 NSButtonCell ObjC AppKit 0x7bccb8c8 0x00007fff 0x00000000 0x00000000 ...{............ 0x80000010 0x08080000 0x00a87120 0x00006000 ........ q...`.. 0x00000000 0x00000000 0x00000000 0x00000000 ................ 0x00000000 0x00000000 0x00000000 0x00000000 ................ 0x00000000 0x00000000 0x00000000 0x00000000 ................ 0x7baa6910 0x00007fff 0x00000080 0x004b0190 .i.{..........K. 0x483c5100 0x00000000 0x00c69a40 0x00006080 .Q<H....@....`.. 0x00471500 0x00006000 0x00000000 0x00000000 ..G..`.......... Call stack: [thread 0x7fff7b1d4300]: | start | NSApplicationMain | -[NSApplication run] | -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] | -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] | _DPSNextEvent | _BlockUntilNextEventMatchingListInModeWithFilter | ReceiveNextEventCommon | RunCurrentEventLoopInMode | CFRunLoopRunSpecific | __CFRunLoopRun | __CFRunLoopDoObservers | __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ | __83-[NSWindow _postWindowNeedsDisplayOrLayoutOrUpdateConstraintsUnlessPostingDisabled]_block_invoke1523 | _handleWindowNeedsDisplayOrLayoutOrUpdateConstraints | -[NSWindow displayIfNeeded] | -[NSView displayIfNeeded] | -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] | -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[WebHTMLView(WebPrivate) _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] | -[NSView _drawRect:clip:] | -[WebHTMLView drawRect:] | -[WebHTMLView drawSingleRect:] | -[WebFrame(WebInternal) _drawRect:contentsOnly:] | WebCore::FrameView::paintContents(WebCore::GraphicsContext*, WebCore::IntRect const&) | WebCore::RenderLayer::paint(WebCore::GraphicsContext*, WebCore::LayoutRect const&, unsigned int, WebCore::RenderObject*, unsigned int) | WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) | WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) | WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) | WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) | WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) | WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) | WebCore::RenderLayer::paintForegroundForFragments(WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow> const&, WebCore::GraphicsContext*, WebCore::GraphicsContext*, WebCore::LayoutRect const&, bool, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int, WebCore::RenderObject*, bool, bool) | WebCore::RenderLayer::paintForegroundForFragmentsWithPhase(WebCore::PaintPhase, WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow> const&, WebCore::GraphicsContext*, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int, WebCore::RenderObject*) | WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paintContents(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paintChildren(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool) | WebCore::RenderBlock::paintChild(WebCore::RenderBox&, WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool) | WebCore::RenderTable::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderTable::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderTableSection::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderTableSection::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderTableSection::paintCell(WebCore::RenderTableCell*, WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paintContents(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderLineBoxList::paint(WebCore::RenderBoxModelObject*, WebCore::PaintInfo&, WebCore::LayoutPoint const&) const | WebCore::RootInlineBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) | WebCore::InlineFlowBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) | WebCore::InlineElementBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) | WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderBox::paintBoxDecorations(WebCore::PaintInfo&, WebCore::LayoutPoint const&) | WebCore::RenderTheme::paint(WebCore::RenderObject const&, WebCore::ControlStates*, WebCore::PaintInfo const&, WebCore::LayoutRect const&) | WebCore::ThemeMac::paint(WebCore::ControlPart, WebCore::ControlStates*, WebCore::GraphicsContext*, WebCore::FloatRect const&, float, WebCore::ScrollView*) | WebCore::paintToggleButton(WebCore::ControlPart, WebCore::ControlStates*, WebCore::GraphicsContext*, WebCore::FloatRect const&, float, WebCore::ScrollView*) | _objc_rootAlloc | class_createInstance | calloc | malloc_zone_calloc 1036619 1 238502 joepeck 2014-09-22 16:14:07 -0700 Created attachment 238502 [PATCH] Proposed Fix Proposed fix. I haven't tested yet though. 1036651 2 238502 ap 2014-09-22 20:12:04 -0700 Comment on attachment 238502 [PATCH] Proposed Fix View in context: https://bugs.webkit.org/attachment.cgi?id=238502&action=review > Source/WebCore/platform/mac/ThemeMac.mm:397 > + toggleButtonCell = [createToggleButtonCell(buttonType) autorelease]; Can we adoptNS it into a RetainPtr? That's better in every way than an autorelease: - releasing is faster; - avoids mysterious crashes in autorelease pool drain function. 1036740 3 238502 darin 2014-09-23 09:26:48 -0700 Comment on attachment 238502 [PATCH] Proposed Fix View in context: https://bugs.webkit.org/attachment.cgi?id=238502&action=review >> Source/WebCore/platform/mac/ThemeMac.mm:397 >> + toggleButtonCell = [createToggleButtonCell(buttonType) autorelease]; > > Can we adoptNS it into a RetainPtr? That's better in every way than an autorelease: > > - releasing is faster; > - avoids mysterious crashes in autorelease pool drain function. Even better, the create function itself should return a RetainPtr. Generally speaking we’d like to put objects into RetainPtr as close to their allocation as possible. The adopt call should in the same expression as the alloc method call, or as close to that as we can get. 1036782 4 238557 joepeck 2014-09-23 12:06:13 -0700 Created attachment 238557 [PATCH] Proposed Fix - RetainPtr 1036886 5 238557 ap 2014-09-23 18:58:41 -0700 Comment on attachment 238557 [PATCH] Proposed Fix - RetainPtr View in context: https://bugs.webkit.org/attachment.cgi?id=238557&action=review > Source/WebCore/platform/mac/ThemeMac.mm:366 > static NSButtonCell *radioCell; > if (!radioCell) > - radioCell = createToggleButtonCell(RadioPart); > + radioCell = createToggleButtonCell(RadioPart).leakRef(); A simpler way to write this is: static NSButtonCell *radioCell = createToggleButtonCell(RadioPart).leakRef(); > Source/WebCore/platform/mac/ThemeMac.mm:376 > static NSButtonCell *checkboxCell; > if (!checkboxCell) > - checkboxCell = createToggleButtonCell(CheckboxPart); > + checkboxCell = createToggleButtonCell(CheckboxPart).leakRef(); Ditto. > Source/WebCore/platform/mac/ThemeMac.mm:392 > + RetainPtr<NSButtonCell> toggleButtonCell = static_cast<NSButtonCell*>(controlStates->platformControl()); Misplaced star, should be static_cast<NSButtonCell *>. Looking at the function as a whole, I suspect that there is a better way to write it (not something for this patch). What happens now: - controlStates object may or may not have an NSButtonCell; - when it does, we use it; - when it doesn't, we create a new one; - and at the end, we sometimes put the new cell into controlStates, and sometimes don't. This is mysterious. 1061014 6 joepeck 2015-01-13 17:36:10 -0800 Heh, finally landed this. https://trac.webkit.org/r178397 238502 2014-09-22 16:14:07 -0700 2014-09-23 12:06:13 -0700 [PATCH] Proposed Fix leak-fix.patch text/plain 1453 joepeck ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0No YW5nZUxvZwppbmRleCA0NTE4YzQ1Li44YzI2NjIyNCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNv cmUvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDE1 IEBACisyMDE0LTA5LTIyICBKb3NlcGggUGVjb3Jhcm8gIDxwZWNvcmFyb0BhcHBsZS5jb20+CisK KyAgICAgICAgTlNCdXR0b25DZWxsIGxlYWsgYWxsb2NhdGVkIHVuZGVyIFdlYkNvcmU6OnBhaW50 VG9nZ2xlQnV0dG9uCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNn aT9pZD0xMzcwMTQKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAg ICAgICAqIHBsYXRmb3JtL21hYy9UaGVtZU1hYy5tbToKKyAgICAgICAgKFdlYkNvcmU6OnBhaW50 VG9nZ2xlQnV0dG9uKToKKyAgICAgICAgVGhlIGNyZWF0ZSBtZXRob2QgcmV0dXJucyBhICsxLCBi dXQgd2UgZXhwZWN0IGEgbmV1dHJhbAorICAgICAgICByZXRhaW4gY291bnQgaW4gdGhlIGxvY2Fs IHZhcmlhYmxlLCBzbyBhdXRvcmVsZWFzZS4KKwogMjAxNC0wOS0xOCAgSm9zZXBoIFBlY29yYXJv ICA8cGVjb3Jhcm9AYXBwbGUuY29tPgogCiAgICAgICAgIFdlYiBJbnNwZWN0b3I6IFNob3VsZCBi ZSBhYmxlIHRvIGF0dGFjaCBhIGRlYnVnZ2VyIHRvIGEgSlNDb250ZXh0IGJlZm9yZSBhbnl0aGlu ZyBpcyBleGVjdXRlZApkaWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbWFjL1Ro ZW1lTWFjLm1tIGIvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbWFjL1RoZW1lTWFjLm1tCmluZGV4 IDNmOTRjMGQuLjBmOTAyNzggMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL21h Yy9UaGVtZU1hYy5tbQorKysgYi9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9tYWMvVGhlbWVNYWMu bW0KQEAgLTM5NCw3ICszOTQsNyBAQCBzdGF0aWMgdm9pZCBwYWludFRvZ2dsZUJ1dHRvbihDb250 cm9sUGFydCBidXR0b25UeXBlLCBDb250cm9sU3RhdGVzKiBjb250cm9sU3RhdAogCiAgICAgaWYg KGNvbnRyb2xTdGF0ZXMtPmlzRGlydHkoKSkgewogICAgICAgICBpZiAoIXRvZ2dsZUJ1dHRvbkNl bGwpCi0gICAgICAgICAgICB0b2dnbGVCdXR0b25DZWxsID0gY3JlYXRlVG9nZ2xlQnV0dG9uQ2Vs bChidXR0b25UeXBlKTsKKyAgICAgICAgICAgIHRvZ2dsZUJ1dHRvbkNlbGwgPSBbY3JlYXRlVG9n Z2xlQnV0dG9uQ2VsbChidXR0b25UeXBlKSBhdXRvcmVsZWFzZV07CiAgICAgICAgIGNvbmZpZ3Vy ZVRvZ2dsZUJ1dHRvbih0b2dnbGVCdXR0b25DZWxsLCBidXR0b25UeXBlLCBjb250cm9sU3RhdGVz LCB6b29tZWRSZWN0U2l6ZSwgem9vbUZhY3RvciwgdHJ1ZSk7CiAgICAgfSBlbHNlIHsKICAgICAg ICAgaWYgKCF0b2dnbGVCdXR0b25DZWxsKSB7Cg== 238557 2014-09-23 12:06:13 -0700 2015-01-13 17:34:49 -0800 [PATCH] Proposed Fix - RetainPtr take2.patch text/plain 4948 joepeck ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0No YW5nZUxvZwppbmRleCA0NTE4YzQ1Li5hOWUxNDJkIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29y ZS9DaGFuZ2VMb2cKKysrIGIvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMjEg QEAKKzIwMTQtMDktMjMgIEpvc2VwaCBQZWNvcmFybyAgPHBlY29yYXJvQGFwcGxlLmNvbT4KKwor ICAgICAgICBOU0J1dHRvbkNlbGwgbGVhayBhbGxvY2F0ZWQgdW5kZXIgV2ViQ29yZTo6cGFpbnRU b2dnbGVCdXR0b24KKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dp P2lkPTEzNzAxNAorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAg ICAgICogcGxhdGZvcm0vbWFjL1RoZW1lTWFjLm1tOgorICAgICAgICAoV2ViQ29yZTo6Y3JlYXRl VG9nZ2xlQnV0dG9uQ2VsbCk6CisgICAgICAgIEltbWVkaWF0ZWx5IGFkb3B0IHRoZSBOU0J1dHRv bkNlbGwgYWxsb2NhdGlvbi4KKworICAgICAgICAoV2ViQ29yZTo6c2hhcmVkUmFkaW9DZWxsKToK KyAgICAgICAgKFdlYkNvcmU6OnNoYXJlZENoZWNrYm94Q2VsbCk6CisgICAgICAgIE1vdmUgZnJv bSB0aGUgUmV0YWluUHRyIGludG8gdGhlIHN0YXRpYyB2YXJpYWJsZS4KKworICAgICAgICAoV2Vi Q29yZTo6cGFpbnRUb2dnbGVCdXR0b24pOgorICAgICAgICBVc2UgUmV0YWluUHRyIGxvZ2ljIHRv IGJldHRlciBtYW5hZ2UgbGlmZXRpbWVzLgorCiAyMDE0LTA5LTE4ICBKb3NlcGggUGVjb3Jhcm8g IDxwZWNvcmFyb0BhcHBsZS5jb20+CiAKICAgICAgICAgV2ViIEluc3BlY3RvcjogU2hvdWxkIGJl IGFibGUgdG8gYXR0YWNoIGEgZGVidWdnZXIgdG8gYSBKU0NvbnRleHQgYmVmb3JlIGFueXRoaW5n IGlzIGV4ZWN1dGVkCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9tYWMvVGhl bWVNYWMubW0gYi9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9tYWMvVGhlbWVNYWMubW0KaW5kZXgg M2Y5NGMwZC4uOThhMTA4ZiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbWFj L1RoZW1lTWFjLm1tCisrKyBiL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL21hYy9UaGVtZU1hYy5t bQpAQCAtMzIsNyArMzIsNyBAQAogI2ltcG9ydCAiU2Nyb2xsVmlldy5oIgogI2ltcG9ydCAiV2Vi Q29yZVN5c3RlbUludGVyZmFjZS5oIgogI2ltcG9ydCA8Q2FyYm9uL0NhcmJvbi5oPgotI2luY2x1 ZGUgPHd0Zi9TdGRMaWJFeHRyYXMuaD4KKyNpbXBvcnQgPHd0Zi9TdGRMaWJFeHRyYXMuaD4KIAog I2lmIF9fTUFDX09TX1hfVkVSU0lPTl9NSU5fUkVRVUlSRUQgPj0gMTAxMDAwCiBAaW50ZXJmYWNl IE5TQnV0dG9uQ2VsbChEZXRhaWxzKQpAQCAtMzQyLDkgKzM0Miw5IEBAIHN0YXRpYyB2b2lkIGNv bmZpZ3VyZVRvZ2dsZUJ1dHRvbihOU0NlbGwqIGNlbGwsIENvbnRyb2xQYXJ0IGJ1dHRvblR5cGUs IGNvbnN0IENvCiAgICAgdXBkYXRlU3RhdGVzKGNlbGwsIHN0YXRlcywgaXNTdGF0ZUNoYW5nZSk7 CiB9CiAgICAgCi1zdGF0aWMgTlNCdXR0b25DZWxsICpjcmVhdGVUb2dnbGVCdXR0b25DZWxsKENv bnRyb2xQYXJ0IGJ1dHRvblR5cGUpCitzdGF0aWMgUmV0YWluUHRyPE5TQnV0dG9uQ2VsbD4gY3Jl YXRlVG9nZ2xlQnV0dG9uQ2VsbChDb250cm9sUGFydCBidXR0b25UeXBlKQogewotICAgIE5TQnV0 dG9uQ2VsbCAqdG9nZ2xlQnV0dG9uQ2VsbCA9IFtbTlNCdXR0b25DZWxsIGFsbG9jXSBpbml0XTsK KyAgICBSZXRhaW5QdHI8TlNCdXR0b25DZWxsPiB0b2dnbGVCdXR0b25DZWxsID0gYWRvcHROUyhb W05TQnV0dG9uQ2VsbCBhbGxvY10gaW5pdF0pOwogICAgIAogICAgIGlmIChidXR0b25UeXBlID09 IENoZWNrYm94UGFydCkgewogICAgICAgICBbdG9nZ2xlQnV0dG9uQ2VsbCBzZXRCdXR0b25UeXBl Ok5TU3dpdGNoQnV0dG9uXTsKQEAgLTM2Myw3ICszNjMsNyBAQCBzdGF0aWMgTlNCdXR0b25DZWxs ICpzaGFyZWRSYWRpb0NlbGwoY29uc3QgQ29udHJvbFN0YXRlcyogc3RhdGVzLCBjb25zdCBJbnRT aXplJgogewogICAgIHN0YXRpYyBOU0J1dHRvbkNlbGwgKnJhZGlvQ2VsbDsKICAgICBpZiAoIXJh ZGlvQ2VsbCkKLSAgICAgICAgcmFkaW9DZWxsID0gY3JlYXRlVG9nZ2xlQnV0dG9uQ2VsbChSYWRp b1BhcnQpOworICAgICAgICByYWRpb0NlbGwgPSBjcmVhdGVUb2dnbGVCdXR0b25DZWxsKFJhZGlv UGFydCkubGVha1JlZigpOwogCiAgICAgY29uZmlndXJlVG9nZ2xlQnV0dG9uKHJhZGlvQ2VsbCwg UmFkaW9QYXJ0LCBzdGF0ZXMsIHpvb21lZFNpemUsIHpvb21GYWN0b3IsIGZhbHNlKTsKICAgICBy ZXR1cm4gcmFkaW9DZWxsOwpAQCAtMzczLDcgKzM3Myw3IEBAIHN0YXRpYyBOU0J1dHRvbkNlbGwg KnNoYXJlZENoZWNrYm94Q2VsbChjb25zdCBDb250cm9sU3RhdGVzKiBzdGF0ZXMsIGNvbnN0IElu dFNpCiB7CiAgICAgc3RhdGljIE5TQnV0dG9uQ2VsbCAqY2hlY2tib3hDZWxsOwogICAgIGlmICgh Y2hlY2tib3hDZWxsKQotICAgICAgICBjaGVja2JveENlbGwgPSBjcmVhdGVUb2dnbGVCdXR0b25D ZWxsKENoZWNrYm94UGFydCk7CisgICAgICAgIGNoZWNrYm94Q2VsbCA9IGNyZWF0ZVRvZ2dsZUJ1 dHRvbkNlbGwoQ2hlY2tib3hQYXJ0KS5sZWFrUmVmKCk7CiAKICAgICBjb25maWd1cmVUb2dnbGVC dXR0b24oY2hlY2tib3hDZWxsLCBDaGVja2JveFBhcnQsIHN0YXRlcywgem9vbWVkU2l6ZSwgem9v bUZhY3RvciwgZmFsc2UpOwogICAgIHJldHVybiBjaGVja2JveENlbGw7CkBAIC0zODksMTMgKzM4 OSwxMyBAQCBzdGF0aWMgdm9pZCBwYWludFRvZ2dsZUJ1dHRvbihDb250cm9sUGFydCBidXR0b25U eXBlLCBDb250cm9sU3RhdGVzKiBjb250cm9sU3RhdAogewogICAgIEJFR0lOX0JMT0NLX09CSkNf RVhDRVBUSU9OUwogCi0gICAgTlNCdXR0b25DZWxsICp0b2dnbGVCdXR0b25DZWxsID0gc3RhdGlj X2Nhc3Q8TlNCdXR0b25DZWxsKj4oY29udHJvbFN0YXRlcy0+cGxhdGZvcm1Db250cm9sKCkpOwor ICAgIFJldGFpblB0cjxOU0J1dHRvbkNlbGw+IHRvZ2dsZUJ1dHRvbkNlbGwgPSBzdGF0aWNfY2Fz dDxOU0J1dHRvbkNlbGwqPihjb250cm9sU3RhdGVzLT5wbGF0Zm9ybUNvbnRyb2woKSk7CiAgICAg SW50U2l6ZSB6b29tZWRSZWN0U2l6ZSA9IEludFNpemUoem9vbWVkUmVjdC5zaXplKCkpOwogCiAg ICAgaWYgKGNvbnRyb2xTdGF0ZXMtPmlzRGlydHkoKSkgewogICAgICAgICBpZiAoIXRvZ2dsZUJ1 dHRvbkNlbGwpCiAgICAgICAgICAgICB0b2dnbGVCdXR0b25DZWxsID0gY3JlYXRlVG9nZ2xlQnV0 dG9uQ2VsbChidXR0b25UeXBlKTsKLSAgICAgICAgY29uZmlndXJlVG9nZ2xlQnV0dG9uKHRvZ2ds ZUJ1dHRvbkNlbGwsIGJ1dHRvblR5cGUsIGNvbnRyb2xTdGF0ZXMsIHpvb21lZFJlY3RTaXplLCB6 b29tRmFjdG9yLCB0cnVlKTsKKyAgICAgICAgY29uZmlndXJlVG9nZ2xlQnV0dG9uKHRvZ2dsZUJ1 dHRvbkNlbGwuZ2V0KCksIGJ1dHRvblR5cGUsIGNvbnRyb2xTdGF0ZXMsIHpvb21lZFJlY3RTaXpl LCB6b29tRmFjdG9yLCB0cnVlKTsKICAgICB9IGVsc2UgewogICAgICAgICBpZiAoIXRvZ2dsZUJ1 dHRvbkNlbGwpIHsKICAgICAgICAgICAgIGlmIChidXR0b25UeXBlID09IENoZWNrYm94UGFydCkK QEAgLTQwNSw3ICs0MDUsNyBAQCBzdGF0aWMgdm9pZCBwYWludFRvZ2dsZUJ1dHRvbihDb250cm9s UGFydCBidXR0b25UeXBlLCBDb250cm9sU3RhdGVzKiBjb250cm9sU3RhdAogICAgICAgICAgICAg ICAgIHRvZ2dsZUJ1dHRvbkNlbGwgPSBzaGFyZWRSYWRpb0NlbGwoY29udHJvbFN0YXRlcywgem9v bWVkUmVjdFNpemUsIHpvb21GYWN0b3IpOwogICAgICAgICAgICAgfQogICAgICAgICB9Ci0gICAg ICAgIGNvbmZpZ3VyZVRvZ2dsZUJ1dHRvbih0b2dnbGVCdXR0b25DZWxsLCBidXR0b25UeXBlLCBj b250cm9sU3RhdGVzLCB6b29tZWRSZWN0U2l6ZSwgem9vbUZhY3RvciwgZmFsc2UpOworICAgICAg ICBjb25maWd1cmVUb2dnbGVCdXR0b24odG9nZ2xlQnV0dG9uQ2VsbC5nZXQoKSwgYnV0dG9uVHlw ZSwgY29udHJvbFN0YXRlcywgem9vbWVkUmVjdFNpemUsIHpvb21GYWN0b3IsIGZhbHNlKTsKICAg ICB9CiAgICAgY29udHJvbFN0YXRlcy0+c2V0RGlydHkoZmFsc2UpOwogCkBAIC00NDksNyArNDQ5 LDcgQEAgc3RhdGljIHZvaWQgcGFpbnRUb2dnbGVCdXR0b24oQ29udHJvbFBhcnQgYnV0dG9uVHlw ZSwgQ29udHJvbFN0YXRlcyogY29udHJvbFN0YXQKICNlbmRpZgogCiAgICAgaWYgKCFpc0FuaW1h dGluZyAmJiAoY29udHJvbFN0YXRlcy0+c3RhdGVzKCkgJiBDb250cm9sU3RhdGVzOjpGb2N1c1N0 YXRlKSkKLSAgICAgICAgbmVlZHNSZXBhaW50ID0gZHJhd0NlbGxGb2N1c1JpbmcodG9nZ2xlQnV0 dG9uQ2VsbCwgaW5mbGF0ZWRSZWN0LCB2aWV3KTsKKyAgICAgICAgbmVlZHNSZXBhaW50ID0gZHJh d0NlbGxGb2N1c1JpbmcodG9nZ2xlQnV0dG9uQ2VsbC5nZXQoKSwgaW5mbGF0ZWRSZWN0LCB2aWV3 KTsKICAgICBbdG9nZ2xlQnV0dG9uQ2VsbCBzZXRDb250cm9sVmlldzpuaWxdOwogCiAjaWYgX19N QUNfT1NfWF9WRVJTSU9OX01JTl9SRVFVSVJFRCA+PSAxMDEwMDAKQEAgLTQ1Nyw3ICs0NTcsNyBA QCBzdGF0aWMgdm9pZCBwYWludFRvZ2dsZUJ1dHRvbihDb250cm9sUGFydCBidXR0b25UeXBlLCBD b250cm9sU3RhdGVzKiBjb250cm9sU3RhdAogI2VuZGlmCiAgICAgY29udHJvbFN0YXRlcy0+c2V0 TmVlZHNSZXBhaW50KG5lZWRzUmVwYWludCk7CiAgICAgaWYgKG5lZWRzUmVwYWludCkKLSAgICAg ICAgY29udHJvbFN0YXRlcy0+c2V0UGxhdGZvcm1Db250cm9sKHRvZ2dsZUJ1dHRvbkNlbGwpOwor ICAgICAgICBjb250cm9sU3RhdGVzLT5zZXRQbGF0Zm9ybUNvbnRyb2wodG9nZ2xlQnV0dG9uQ2Vs bC5nZXQoKSk7CiAKICAgICBFTkRfQkxPQ0tfT0JKQ19FWENFUFRJT05TCiB9Cg==