148564 2015-08-27 23:29:20 -0700 ScratchRegisterAllocator::preserveReusedRegistersByPushing() should allow room for C helper calls and keep sp properly aligned. 2015-09-09 19:58:15 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Local Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 149030 1 mark.lam mark.lam benjamin fpizlo ggaren keith_miller msaboff saam webkit-bug-importer oldest_to_newest 1121615 0 mark.lam 2015-08-27 23:29:20 -0700 ScratchRegisterAllocator::preserveReusedRegistersByPushing() pushes registers on the stack in order to preserve them. But emitPutTransitionStub() which uses preserveReusedRegistersByPushing() may also emit a call to a C helper function to flush the heap write barrier buffer. The code for emitting C helper calls expects the stack pointer (sp) to already be pointing to a location on the stack where there's adequate space reserved for storing the arguments that the C helper expects, and that space is expected to be at the top of the stack. Hence, there is a conflict of expectations. As a result, the arguments for the C helper will overwrite and corrupt the values that are pushed on the stack by preserveReusedRegistersByPushing(). In addition, JIT compiled functions always position the sp such that it will be aligned (according to platform ABI dictates) after a C call is made (i.e. after the frame pointer and return address is pushed on to the stack). preserveReusedRegistersByPushing()'s arbitrary pushing of a number of saved register values may mess up this alignment. The fix is to have preserveReusedRegistersByPushing(), after it has pushed the saved register values, adjust the sp to reserve an additional amount of stack space needed for C call helpers plus any padding needed to restore proper sp alignment. The stack's ReservedZone will ensure that we have enough stack space for this. ScratchRegisterAllocator::restoreReusedRegistersByPopping() also needs to updated to perform the complement of this behavior. 1121629 1 260136 mark.lam 2015-08-28 01:16:57 -0700 Created attachment 260136 the fix. 1121632 2 mark.lam 2015-08-28 01:24:50 -0700 <rdar://problem/22218598> 1121744 3 260136 saam 2015-08-28 10:48:32 -0700 Comment on attachment 260136 the fix. View in context: https://bugs.webkit.org/attachment.cgi?id=260136&action=review r=me > Source/JavaScriptCore/jit/ScratchRegisterAllocator.cpp:121 > + jit.subPtr(MacroAssembler::TrustedImm32(numberOfPaddingBytes + maxFrameExtentForSlowPathCall), MacroAssembler::stackPointerRegister); You're adding maxFrameExtenetFowSlowPathCall twice: here and line 117. > Source/JavaScriptCore/jit/ScratchRegisterAllocator.cpp:131 > + jit.addPtr(MacroAssembler::TrustedImm32(numberOfPaddingBytes + maxFrameExtentForSlowPathCall), MacroAssembler::stackPointerRegister); ditto. I think this should just be numberOfPaddingBytes. 1121749 4 mark.lam 2015-08-28 10:53:45 -0700 (In reply to comment #3) > You're adding maxFrameExtenetFowSlowPathCall twice: here and line 117. Thanks for catching that bug. Fixed locally and landed in r189103: <http://trac.webkit.org/r189103>. 1121784 5 260136 fpizlo 2015-08-28 12:01:01 -0700 Comment on attachment 260136 the fix. View in context: https://bugs.webkit.org/attachment.cgi?id=260136&action=review > Source/JavaScriptCore/tests/stress/regress-148564.js:1 > +//@ run("regress", "--enableAccessInlining=false") You shouldn't use the run() method directly, since doing so disables the FTL and enables concurrent JIT. That means you're not guaranteed that "test()" will actually get compiled by the DFG, and it guarantees that it won't get compiled by the FTL. It would have been better to use the existing "runNoCJITNoAccessInlining" method in this case, if you don't want FTL testing (which I'm assuming you don't). 1121793 6 mark.lam 2015-08-28 12:51:17 -0700 (In reply to comment #5) > It would have been better to use the existing "runNoCJITNoAccessInlining" > method in this case, if you don't want FTL testing (which I'm assuming you > don't). Applied this in a follow up patch in r189120: <http://trac.webkit.org/r189120>. 1124817 7 fpizlo 2015-09-09 19:56:13 -0700 I think that this was the wrong fix. The bug here is that the barrier slow path isn't calling restoreReusedRegistersByPopping() prior to preserveUsedRegistersToScratchBufferForCall() the way that the allocation slow path does. 260136 2015-08-28 01:16:57 -0700 2015-08-28 10:48:32 -0700 the fix. bug-148564.patch text/plain 12368 mark.lam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTg5MDg4KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDQ4IEBA CisyMDE1LTA4LTI4ICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBT Y3JhdGNoUmVnaXN0ZXJBbGxvY2F0b3I6OnByZXNlcnZlUmV1c2VkUmVnaXN0ZXJzQnlQdXNoaW5n KCkgc2hvdWxkIGFsbG93IHJvb20gZm9yIEMgaGVscGVyIGNhbGxzIGFuZCBrZWVwIHNwIHByb3Bl cmx5IGFsaWduZWQuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNn aT9pZD0xNDg1NjQKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAg ICAgICBTY3JhdGNoUmVnaXN0ZXJBbGxvY2F0b3I6OnByZXNlcnZlUmV1c2VkUmVnaXN0ZXJzQnlQ dXNoaW5nKCkgcHVzaGVzIHJlZ2lzdGVycyBvbgorICAgICAgICB0aGUgc3RhY2sgaW4gb3JkZXIg dG8gcHJlc2VydmUgdGhlbS4gIEJ1dCBlbWl0UHV0VHJhbnNpdGlvblN0dWIoKSAod2hpY2ggdXNl cworICAgICAgICBwcmVzZXJ2ZVJldXNlZFJlZ2lzdGVyc0J5UHVzaGluZygpKSBtYXkgYWxzbyBl bWl0IGEgY2FsbCB0byBhIEMgaGVscGVyIGZ1bmN0aW9uCisgICAgICAgIHRvIGZsdXNoIHRoZSBo ZWFwIHdyaXRlIGJhcnJpZXIgYnVmZmVyLiAgVGhlIGNvZGUgZm9yIGVtaXR0aW5nIGEgQyBoZWxw ZXIgY2FsbAorICAgICAgICBleHBlY3RzIHRoZSBzdGFjayBwb2ludGVyIChzcCkgdG8gYWxyZWFk eSBiZSBwb2ludGluZyB0byBhIGxvY2F0aW9uIG9uIHRoZSBzdGFjaworICAgICAgICB3aGVyZSB0 aGVyZSdzIGFkZXF1YXRlIHNwYWNlIHJlc2VydmVkIGZvciBzdG9yaW5nIHRoZSBhcmd1bWVudHMg dG8gdGhlIEMgaGVscGVyLAorICAgICAgICBhbmQgdGhhdCBzcGFjZSBpcyBleHBlY3RlZCB0byBi ZSBhdCB0aGUgdG9wIG9mIHRoZSBzdGFjay4gIEhlbmNlLCB0aGVyZSBpcyBhCisgICAgICAgIGNv bmZsaWN0IG9mIGV4cGVjdGF0aW9ucy4gIEFzIGEgcmVzdWx0LCB0aGUgYXJndW1lbnRzIGZvciB0 aGUgQyBoZWxwZXIgd2lsbAorICAgICAgICBvdmVyd3JpdGUgYW5kIGNvcnJ1cHQgdGhlIHZhbHVl cyB0aGF0IGFyZSBwdXNoZWQgb24gdGhlIHN0YWNrIGJ5CisgICAgICAgIHByZXNlcnZlUmV1c2Vk UmVnaXN0ZXJzQnlQdXNoaW5nKCkuCisKKyAgICAgICAgSW4gYWRkaXRpb24sIEpJVCBjb21waWxl ZCBmdW5jdGlvbnMgYWx3YXlzIHBvc2l0aW9uIHRoZSBzcCBzdWNoIHRoYXQgaXQgd2lsbCBiZQor ICAgICAgICBhbGlnbmVkIChhY2NvcmRpbmcgdG8gcGxhdGZvcm0gQUJJIGRpY3RhdGVzKSBhZnRl ciBhIEMgY2FsbCBpcyBtYWRlIChpLmUuIGFmdGVyCisgICAgICAgIHRoZSBmcmFtZSBwb2ludGVy IGFuZCByZXR1cm4gYWRkcmVzcyBpcyBwdXNoZWQgb24gdG8gdGhlIHN0YWNrKS4KKyAgICAgICAg cHJlc2VydmVSZXVzZWRSZWdpc3RlcnNCeVB1c2hpbmcoKSdzIGFyYml0cmFyeSBwdXNoaW5nIG9m IGEgbnVtYmVyIG9mIHNhdmVkCisgICAgICAgIHJlZ2lzdGVyIHZhbHVlcyBtYXkgbWVzcyB1cCB0 aGlzIGFsaWdubWVudC4KKworICAgICAgICBUaGUgZml4IGlzIHRvIGhhdmUgcHJlc2VydmVSZXVz ZWRSZWdpc3RlcnNCeVB1c2hpbmcoKSwgYWZ0ZXIgaXQgaGFzIHB1c2hlZCB0aGUKKyAgICAgICAg c2F2ZWQgcmVnaXN0ZXIgdmFsdWVzLCBhZGp1c3QgdGhlIHNwIHRvIHJlc2VydmUgYW4gYWRkaXRp b25hbCBhbW91bnQgb2Ygc3RhY2sKKyAgICAgICAgc3BhY2UgbmVlZGVkIGZvciBDIGNhbGwgaGVs cGVycyBwbHVzIGFueSBwYWRkaW5nIG5lZWRlZCB0byByZXN0b3JlIHByb3BlciBzcAorICAgICAg ICBhbGlnbm1lbnQuICBUaGUgc3RhY2sncyBSZXNlcnZlZFpvbmUgd2lsbCBlbnN1cmUgdGhhdCB3 ZSBoYXZlIGVub3VnaCBzdGFjayBzcGFjZQorICAgICAgICBmb3IgdGhpcy4gIFNjcmF0Y2hSZWdp c3RlckFsbG9jYXRvcjo6cmVzdG9yZVJldXNlZFJlZ2lzdGVyc0J5UG9wcGluZygpIGFsc28KKyAg ICAgICAgbmVlZHMgdG8gYmUgdXBkYXRlZCB0byBwZXJmb3JtIHRoZSBjb21wbGVtZW50IG9mIHRo aXMgYmVoYXZpb3IuCisKKyAgICAgICAgKiBqaXQvUmVwYXRjaC5jcHA6CisgICAgICAgIChKU0M6 OmVtaXRQdXRSZXBsYWNlU3R1Yik6CisgICAgICAgIChKU0M6OmVtaXRQdXRUcmFuc2l0aW9uU3R1 Yik6CisgICAgICAgICogaml0L1NjcmF0Y2hSZWdpc3RlckFsbG9jYXRvci5jcHA6CisgICAgICAg IChKU0M6OlNjcmF0Y2hSZWdpc3RlckFsbG9jYXRvcjo6YWxsb2NhdGVTY3JhdGNoR1BSKToKKyAg ICAgICAgKEpTQzo6U2NyYXRjaFJlZ2lzdGVyQWxsb2NhdG9yOjphbGxvY2F0ZVNjcmF0Y2hGUFIp OgorICAgICAgICAoSlNDOjpTY3JhdGNoUmVnaXN0ZXJBbGxvY2F0b3I6OnByZXNlcnZlUmV1c2Vk UmVnaXN0ZXJzQnlQdXNoaW5nKToKKyAgICAgICAgKEpTQzo6U2NyYXRjaFJlZ2lzdGVyQWxsb2Nh dG9yOjpyZXN0b3JlUmV1c2VkUmVnaXN0ZXJzQnlQb3BwaW5nKToKKyAgICAgICAgKiBqaXQvU2Ny YXRjaFJlZ2lzdGVyQWxsb2NhdG9yLmg6CisgICAgICAgIChKU0M6OlNjcmF0Y2hSZWdpc3RlckFs bG9jYXRvcjo6bnVtYmVyT2ZSZXVzZWRSZWdpc3RlcnMpOgorICAgICAgICAqIHRlc3RzL3N0cmVz cy9yZWdyZXNzLTE0ODU2NC5qczogQWRkZWQuCisgICAgICAgICh0ZXN0KToKKyAgICAgICAgKHJ1 blRlc3QpOgorCiAyMDE1LTA4LTI3ICBZdXN1a2UgU3V6dWtpICA8dXRhdGFuZS50ZWFAZ21haWwu Y29tPgogCiAgICAgICAgIFtFUzZdIEltcGxlbWVudCBNb2R1bGUgZXhlY3V0aW9uIGFuZCBMb2Fk ZXIncyByZWFkeSAvIGxpbmsgcGhhc2UKSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9qaXQv UmVwYXRjaC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2ppdC9SZXBh dGNoLmNwcAkocmV2aXNpb24gMTg5MDg2KQorKysgU291cmNlL0phdmFTY3JpcHRDb3JlL2ppdC9S ZXBhdGNoLmNwcAkod29ya2luZyBjb3B5KQpAQCAtOTE2LDcgKzkxNiw3IEBAIHN0YXRpYyBib29s IGVtaXRQdXRSZXBsYWNlU3R1YigKIAogICAgIENDYWxsSGVscGVycyBzdHViSml0KHZtLCBleGVj LT5jb2RlQmxvY2soKSk7CiAKLSAgICBhbGxvY2F0b3IucHJlc2VydmVSZXVzZWRSZWdpc3RlcnNC eVB1c2hpbmcoc3R1YkppdCk7CisgICAgc2l6ZV90IG51bWJlck9mUGFkZGluZ0J5dGVzID0gYWxs b2NhdG9yLnByZXNlcnZlUmV1c2VkUmVnaXN0ZXJzQnlQdXNoaW5nKHN0dWJKaXQpOwogCiAgICAg TWFjcm9Bc3NlbWJsZXI6Okp1bXAgYmFkU3RydWN0dXJlID0gYnJhbmNoU3RydWN0dXJlKHN0dWJK aXQsCiAgICAgICAgIE1hY3JvQXNzZW1ibGVyOjpOb3RFcXVhbCwKQEAgLTk0NSwxMSArOTQ1LDEx IEBAIHN0YXRpYyBib29sIGVtaXRQdXRSZXBsYWNlU3R1YigKICAgICBNYWNyb0Fzc2VtYmxlcjo6 SnVtcCBmYWlsdXJlOwogICAgIAogICAgIGlmIChhbGxvY2F0b3IuZGlkUmV1c2VSZWdpc3RlcnMo KSkgewotICAgICAgICBhbGxvY2F0b3IucmVzdG9yZVJldXNlZFJlZ2lzdGVyc0J5UG9wcGluZyhz dHViSml0KTsKKyAgICAgICAgYWxsb2NhdG9yLnJlc3RvcmVSZXVzZWRSZWdpc3RlcnNCeVBvcHBp bmcoc3R1YkppdCwgbnVtYmVyT2ZQYWRkaW5nQnl0ZXMpOwogICAgICAgICBzdWNjZXNzID0gc3R1 YkppdC5qdW1wKCk7CiAgICAgICAgIAogICAgICAgICBiYWRTdHJ1Y3R1cmUubGluaygmc3R1Ykpp dCk7Ci0gICAgICAgIGFsbG9jYXRvci5yZXN0b3JlUmV1c2VkUmVnaXN0ZXJzQnlQb3BwaW5nKHN0 dWJKaXQpOworICAgICAgICBhbGxvY2F0b3IucmVzdG9yZVJldXNlZFJlZ2lzdGVyc0J5UG9wcGlu ZyhzdHViSml0LCBudW1iZXJPZlBhZGRpbmdCeXRlcyk7CiAgICAgICAgIGZhaWx1cmUgPSBzdHVi Sml0Lmp1bXAoKTsKICAgICB9IGVsc2UgewogICAgICAgICBzdWNjZXNzID0gc3R1YkppdC5qdW1w KCk7CkBAIC0xMDUzLDcgKzEwNTMsNyBAQCBzdGF0aWMgYm9vbCBlbWl0UHV0VHJhbnNpdGlvblN0 dWIoCiAgICAgfSBlbHNlCiAgICAgICAgIHNjcmF0Y2hHUFIzID0gSW52YWxpZEdQUlJlZzsKICAg ICAKLSAgICBhbGxvY2F0b3IucHJlc2VydmVSZXVzZWRSZWdpc3RlcnNCeVB1c2hpbmcoc3R1Ykpp dCk7CisgICAgc2l6ZV90IG51bWJlck9mUGFkZGluZ0J5dGVzID0gYWxsb2NhdG9yLnByZXNlcnZl UmV1c2VkUmVnaXN0ZXJzQnlQdXNoaW5nKHN0dWJKaXQpOwogCiAgICAgTWFjcm9Bc3NlbWJsZXI6 Okp1bXBMaXN0IGZhaWx1cmVDYXNlczsKICAgICAgICAgICAgIApAQCAtMTE2OSwxMSArMTE2OSwx MSBAQCBzdGF0aWMgYm9vbCBlbWl0UHV0VHJhbnNpdGlvblN0dWIoCiAgICAgTWFjcm9Bc3NlbWJs ZXI6Okp1bXAgZmFpbHVyZTsKICAgICAgICAgICAgIAogICAgIGlmIChhbGxvY2F0b3IuZGlkUmV1 c2VSZWdpc3RlcnMoKSkgewotICAgICAgICBhbGxvY2F0b3IucmVzdG9yZVJldXNlZFJlZ2lzdGVy c0J5UG9wcGluZyhzdHViSml0KTsKKyAgICAgICAgYWxsb2NhdG9yLnJlc3RvcmVSZXVzZWRSZWdp c3RlcnNCeVBvcHBpbmcoc3R1YkppdCwgbnVtYmVyT2ZQYWRkaW5nQnl0ZXMpOwogICAgICAgICBz dWNjZXNzID0gc3R1YkppdC5qdW1wKCk7CiAKICAgICAgICAgZmFpbHVyZUNhc2VzLmxpbmsoJnN0 dWJKaXQpOwotICAgICAgICBhbGxvY2F0b3IucmVzdG9yZVJldXNlZFJlZ2lzdGVyc0J5UG9wcGlu ZyhzdHViSml0KTsKKyAgICAgICAgYWxsb2NhdG9yLnJlc3RvcmVSZXVzZWRSZWdpc3RlcnNCeVBv cHBpbmcoc3R1YkppdCwgbnVtYmVyT2ZQYWRkaW5nQnl0ZXMpOwogICAgICAgICBmYWlsdXJlID0g c3R1YkppdC5qdW1wKCk7CiAgICAgfSBlbHNlCiAgICAgICAgIHN1Y2Nlc3MgPSBzdHViSml0Lmp1 bXAoKTsKQEAgLTExODQsNyArMTE4NCw3IEBAIHN0YXRpYyBib29sIGVtaXRQdXRUcmFuc2l0aW9u U3R1YigKICAgICBpZiAoc3RydWN0dXJlLT5vdXRPZkxpbmVDYXBhY2l0eSgpICE9IG9sZFN0cnVj dHVyZS0+b3V0T2ZMaW5lQ2FwYWNpdHkoKSkgewogICAgICAgICBzbG93UGF0aC5saW5rKCZzdHVi Sml0KTsKICAgICAgICAgCi0gICAgICAgIGFsbG9jYXRvci5yZXN0b3JlUmV1c2VkUmVnaXN0ZXJz QnlQb3BwaW5nKHN0dWJKaXQpOworICAgICAgICBhbGxvY2F0b3IucmVzdG9yZVJldXNlZFJlZ2lz dGVyc0J5UG9wcGluZyhzdHViSml0LCBudW1iZXJPZlBhZGRpbmdCeXRlcyk7CiAgICAgICAgIGlm ICghc2NyYXRjaEJ1ZmZlcikKICAgICAgICAgICAgIHNjcmF0Y2hCdWZmZXIgPSB2bS0+c2NyYXRj aEJ1ZmZlckZvclNpemUoYWxsb2NhdG9yLmRlc2lyZWRTY3JhdGNoQnVmZmVyU2l6ZUZvckNhbGwo KSk7CiAgICAgICAgIGFsbG9jYXRvci5wcmVzZXJ2ZVVzZWRSZWdpc3RlcnNUb1NjcmF0Y2hCdWZm ZXJGb3JDYWxsKHN0dWJKaXQsIHNjcmF0Y2hCdWZmZXIsIHNjcmF0Y2hHUFIxKTsKSW5kZXg6IFNv dXJjZS9KYXZhU2NyaXB0Q29yZS9qaXQvU2NyYXRjaFJlZ2lzdGVyQWxsb2NhdG9yLmNwcAo9PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaml0L1NjcmF0Y2hSZWdpc3RlckFsbG9j YXRvci5jcHAJKHJldmlzaW9uIDE4OTA4NikKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9qaXQv U2NyYXRjaFJlZ2lzdGVyQWxsb2NhdG9yLmNwcAkod29ya2luZyBjb3B5KQpAQCAtMjksNiArMjks NyBAQAogI2lmIEVOQUJMRShKSVQpCiAKICNpbmNsdWRlICJKU0NJbmxpbmVzLmgiCisjaW5jbHVk ZSAiTWF4RnJhbWVFeHRlbnRGb3JTbG93UGF0aENhbGwuaCIKICNpbmNsdWRlICJWTS5oIgogCiBu YW1lc3BhY2UgSlNDIHsKQEAgLTkxLDI4ICs5Miw0NCBAQCB0eXBlbmFtZSBCYW5rSW5mbzo6UmVn aXN0ZXJUeXBlIFNjcmF0Y2hSCiBHUFJSZWcgU2NyYXRjaFJlZ2lzdGVyQWxsb2NhdG9yOjphbGxv Y2F0ZVNjcmF0Y2hHUFIoKSB7IHJldHVybiBhbGxvY2F0ZVNjcmF0Y2g8R1BSSW5mbz4oKTsgfQog RlBSUmVnIFNjcmF0Y2hSZWdpc3RlckFsbG9jYXRvcjo6YWxsb2NhdGVTY3JhdGNoRlBSKCkgeyBy ZXR1cm4gYWxsb2NhdGVTY3JhdGNoPEZQUkluZm8+KCk7IH0KIAotdm9pZCBTY3JhdGNoUmVnaXN0 ZXJBbGxvY2F0b3I6OnByZXNlcnZlUmV1c2VkUmVnaXN0ZXJzQnlQdXNoaW5nKE1hY3JvQXNzZW1i bGVyJiBqaXQpCitzaXplX3QgU2NyYXRjaFJlZ2lzdGVyQWxsb2NhdG9yOjpwcmVzZXJ2ZVJldXNl ZFJlZ2lzdGVyc0J5UHVzaGluZyhNYWNyb0Fzc2VtYmxlciYgaml0KQogewogICAgIGlmICghZGlk UmV1c2VSZWdpc3RlcnMoKSkKLSAgICAgICAgcmV0dXJuOwotICAgICAgICAKKyAgICAgICAgcmV0 dXJuIDA7CisKKyAgICBzaXplX3QgbnVtYmVyT2ZCeXRlc1B1c2hlZCA9IDA7CisKICAgICBmb3Ig KHVuc2lnbmVkIGkgPSAwOyBpIDwgRlBSSW5mbzo6bnVtYmVyT2ZSZWdpc3RlcnM7ICsraSkgewog ICAgICAgICBGUFJSZWcgcmVnID0gRlBSSW5mbzo6dG9SZWdpc3RlcihpKTsKLSAgICAgICAgaWYg KG1fc2NyYXRjaFJlZ2lzdGVycy5nZXRGUFJCeUluZGV4KGkpICYmIG1fdXNlZFJlZ2lzdGVycy5n ZXQocmVnKSkKKyAgICAgICAgaWYgKG1fc2NyYXRjaFJlZ2lzdGVycy5nZXRGUFJCeUluZGV4KGkp ICYmIG1fdXNlZFJlZ2lzdGVycy5nZXQocmVnKSkgewogICAgICAgICAgICAgaml0LnB1c2hUb1Nh dmUocmVnKTsKKyAgICAgICAgICAgIG51bWJlck9mQnl0ZXNQdXNoZWQgKz0gc2l6ZW9mKGRvdWJs ZSk7CisgICAgICAgIH0KICAgICB9CiAgICAgZm9yICh1bnNpZ25lZCBpID0gMDsgaSA8IEdQUklu Zm86Om51bWJlck9mUmVnaXN0ZXJzOyArK2kpIHsKICAgICAgICAgR1BSUmVnIHJlZyA9IEdQUklu Zm86OnRvUmVnaXN0ZXIoaSk7Ci0gICAgICAgIGlmIChtX3NjcmF0Y2hSZWdpc3RlcnMuZ2V0R1BS QnlJbmRleChpKSAmJiBtX3VzZWRSZWdpc3RlcnMuZ2V0KHJlZykpCisgICAgICAgIGlmIChtX3Nj cmF0Y2hSZWdpc3RlcnMuZ2V0R1BSQnlJbmRleChpKSAmJiBtX3VzZWRSZWdpc3RlcnMuZ2V0KHJl ZykpIHsKICAgICAgICAgICAgIGppdC5wdXNoVG9TYXZlKHJlZyk7CisgICAgICAgICAgICBudW1i ZXJPZkJ5dGVzUHVzaGVkICs9IHNpemVvZih1aW50cHRyX3QpOworICAgICAgICB9CiAgICAgfQor CisgICAgc2l6ZV90IHRvdGFsU3RhY2tBZGp1c3RtZW50Qnl0ZXMgPSBudW1iZXJPZkJ5dGVzUHVz aGVkICsgbWF4RnJhbWVFeHRlbnRGb3JTbG93UGF0aENhbGw7CisgICAgdG90YWxTdGFja0FkanVz dG1lbnRCeXRlcyA9IFdURjo6cm91bmRVcFRvTXVsdGlwbGVPZihzdGFja0FsaWdubWVudEJ5dGVz KCksIHRvdGFsU3RhY2tBZGp1c3RtZW50Qnl0ZXMpOworCisgICAgc2l6ZV90IG51bWJlck9mUGFk ZGluZ0J5dGVzID0gdG90YWxTdGFja0FkanVzdG1lbnRCeXRlcyAtIG51bWJlck9mQnl0ZXNQdXNo ZWQ7CisgICAgaml0LnN1YlB0cihNYWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZEltbTMyKG51bWJlck9m UGFkZGluZ0J5dGVzICsgbWF4RnJhbWVFeHRlbnRGb3JTbG93UGF0aENhbGwpLCBNYWNyb0Fzc2Vt Ymxlcjo6c3RhY2tQb2ludGVyUmVnaXN0ZXIpOworCisgICAgcmV0dXJuIG51bWJlck9mUGFkZGlu Z0J5dGVzOwogfQogCi12b2lkIFNjcmF0Y2hSZWdpc3RlckFsbG9jYXRvcjo6cmVzdG9yZVJldXNl ZFJlZ2lzdGVyc0J5UG9wcGluZyhNYWNyb0Fzc2VtYmxlciYgaml0KQordm9pZCBTY3JhdGNoUmVn aXN0ZXJBbGxvY2F0b3I6OnJlc3RvcmVSZXVzZWRSZWdpc3RlcnNCeVBvcHBpbmcoTWFjcm9Bc3Nl bWJsZXImIGppdCwgc2l6ZV90IG51bWJlck9mUGFkZGluZ0J5dGVzKQogewogICAgIGlmICghZGlk UmV1c2VSZWdpc3RlcnMoKSkKICAgICAgICAgcmV0dXJuOwotICAgICAgICAKKworICAgIGppdC5h ZGRQdHIoTWFjcm9Bc3NlbWJsZXI6OlRydXN0ZWRJbW0zMihudW1iZXJPZlBhZGRpbmdCeXRlcyAr IG1heEZyYW1lRXh0ZW50Rm9yU2xvd1BhdGhDYWxsKSwgTWFjcm9Bc3NlbWJsZXI6OnN0YWNrUG9p bnRlclJlZ2lzdGVyKTsKKwogICAgIGZvciAodW5zaWduZWQgaSA9IEdQUkluZm86Om51bWJlck9m UmVnaXN0ZXJzOyBpLS07KSB7CiAgICAgICAgIEdQUlJlZyByZWcgPSBHUFJJbmZvOjp0b1JlZ2lz dGVyKGkpOwogICAgICAgICBpZiAobV9zY3JhdGNoUmVnaXN0ZXJzLmdldEdQUkJ5SW5kZXgoaSkg JiYgbV91c2VkUmVnaXN0ZXJzLmdldChyZWcpKQpJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3Jl L2ppdC9TY3JhdGNoUmVnaXN0ZXJBbGxvY2F0b3IuaAo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2 YVNjcmlwdENvcmUvaml0L1NjcmF0Y2hSZWdpc3RlckFsbG9jYXRvci5oCShyZXZpc2lvbiAxODkw ODYpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaml0L1NjcmF0Y2hSZWdpc3RlckFsbG9jYXRv ci5oCSh3b3JraW5nIGNvcHkpCkBAIC02Miw4ICs2MiwxMiBAQCBwdWJsaWM6CiAgICAgICAgIHJl dHVybiBtX251bWJlck9mUmV1c2VkUmVnaXN0ZXJzOwogICAgIH0KICAgICAKLSAgICB2b2lkIHBy ZXNlcnZlUmV1c2VkUmVnaXN0ZXJzQnlQdXNoaW5nKE1hY3JvQXNzZW1ibGVyJiBqaXQpOwotICAg IHZvaWQgcmVzdG9yZVJldXNlZFJlZ2lzdGVyc0J5UG9wcGluZyhNYWNyb0Fzc2VtYmxlciYgaml0 KTsKKyAgICAvLyBwcmVzZXJ2ZVJldXNlZFJlZ2lzdGVyc0J5UHVzaGluZygpIHJldHVybnMgdGhl IG51bWJlciBvZiBwYWRkaW5nIGJ5dGVzIHVzZWQgdG8ga2VlcCB0aGUgc3RhY2sKKyAgICAvLyBw b2ludGVyIHByb3Blcmx5IGFsaWduZWQgYW5kIHRvIHJlc2VydmUgcm9vbSBmb3IgY2FsbGluZyBh IEMgaGVscGVyLiBUaGlzIG51bWJlciBvZiBwYWRkaW5nCisgICAgLy8gYnl0ZXMgbXVzdCBiZSBw cm92aWRlZCB0byByZXN0b3JlUmV1c2VkUmVnaXN0ZXJzQnlQb3BwaW5nKCkgaW4gb3JkZXIgdG8g cmV2ZXJzZSB0aGUgd29yayBkb25lCisgICAgLy8gYnkgcHJlc2VydmVSZXVzZWRSZWdpc3RlcnNC eVB1c2hpbmcoKS4KKyAgICBzaXplX3QgcHJlc2VydmVSZXVzZWRSZWdpc3RlcnNCeVB1c2hpbmco TWFjcm9Bc3NlbWJsZXImIGppdCk7CisgICAgdm9pZCByZXN0b3JlUmV1c2VkUmVnaXN0ZXJzQnlQ b3BwaW5nKE1hY3JvQXNzZW1ibGVyJiBqaXQsIHNpemVfdCBudW1iZXJPZlBhZGRpbmdCeXRlcyk7 CiAgICAgCiAgICAgUmVnaXN0ZXJTZXQgdXNlZFJlZ2lzdGVyc0ZvckNhbGwoKSBjb25zdDsKICAg ICAKSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS90ZXN0cy9zdHJlc3MvcmVncmVzcy0xNDg1 NjQuanMKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL3Rlc3RzL3N0cmVzcy9y ZWdyZXNzLTE0ODU2NC5qcwkocmV2aXNpb24gMCkKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS90 ZXN0cy9zdHJlc3MvcmVncmVzcy0xNDg1NjQuanMJKHdvcmtpbmcgY29weSkKQEAgLTAsMCArMSw3 MiBAQAorLy9AIHJ1bigicmVncmVzcyIsICItLWVuYWJsZUFjY2Vzc0lubGluaW5nPWZhbHNlIikK KworLy8gUmVncmVzc2lvbiB0ZXN0IGZvciBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1 Zy5jZ2k/aWQ9MTQ4NTQyCisvLworLy8gSW4gb3JkZXIgdG8gbWFuaWZlc3QsIHRoZSBidWcgYmVp bmcgdGVzdGVkIHJlcXVpcmVzIGFsbCB0aGVzZSBjb25kaXRpb25zIHRvIGJlIHRydWU6CisvLyAx LiBBIHB1dCBvcGVyYXRpb24gbXVzdCBub3QgYmVpbmcgb3B0aW1pemVkIGJ5IHRoZSBERkcgaW50 byBhIFB1dEJ5T2Zmc2V0LgorLy8gICAgSXQgbmVlZHMgdG8gYmUgYSBQdXRCeUlkIG5vZGUgaW5z dGVhZCBzbyB0aGF0IGl0IHdpbGwgdXNlIHRoZSBpbmxpbmUgY2FjaGUuCisvLyAgICBUaGlzIGlz IHNhdGlzZmllZCBieSB1c2luZyB0aGUgLS1lbmFibGVBY2Nlc3NJbmxpbmluZz1mYWxzZSBvcHRp b24gYWJvdmUuCisvLworLy8gMi4gVGhlIFB1dEJ5SWQncyBleGVjdXRpb24gbXVzdCBnbyB0aHJv dWdoIGl0cyB0cmFuc2l0aW9uIHN0dWIuCisvLworLy8gMy4gSW4gdGhlIHRyYW5zaXRpb24gc3R1 YiwgdGhlIG9iamVjdCBiZWluZyBwdXQgaW50byBtdXN0IHJlcXVpcmUgYSByZWFsbG9jYXRpb24g b2YgaXRzCisvLyAgICBzdG9yYWdlIGJ1dHRlcmZseS4gVGhpcyBjYXVzZXMgdGhlIHN0dWIgdG8g Z2VuZXJhdGUgY29kZSB0byBzYXZlIHNvbWUgcmVnaXN0ZXJzLgorLy8KKy8vIDQuIFRoZSB0cmFu c2l0aW9uIHN0dWIgbmVlZHMgdG8gY2FsbCB0aGUgc2xvdyBwYXRoIGZvciBmbHVzaGluZyB0aGUg aGVhcCB3cml0ZSBiYXJyaWVyCisvLyAgICBidWZmZXIuCisvLworLy8gNS4gVGhlIGNhbGxlciBv ZiB0aGUgdGVzdCBtdXN0IG5vdCBiZSBERkcgY29tcGlsZWQuIFRoaXMgd2FzIG5vdCBhIHN0cmlj dGx5IG5lZWRlZAorLy8gICAgY29uZGl0aW9uIG9mIHRoZSBidWcsIGJ1dCBhbGxvd2luZyB0aGUg Y2FsbGVyIHRvIGNvbXBpbGUgc2VlbXMgdG8gaW50ZXJmZXJlIHdpdGgKKy8vICAgIG91ciBtZXRo b2QgYmVsb3cgb2YgYWNoaWV2aW5nIGNvbmRpdGlvbiAzLgorLy8KKy8vIFdpdGggdGhlIGJ1ZyBm aXhlZCwgdGhpcyB0ZXN0IHNob3VsZCBub3QgY3Jhc2guCisKK3ZhciB2YWwgPSB7IGE6IDUsIGI6 IDEwIH0KKworZnVuY3Rpb24gdGVzdChvYmosIHZhbCwgaiwgeCwgeSwgeikgeworICAgIG9iai5h ID0gdmFsLmE7IC8vIFB1dEJ5SWQgYWZ0ZXIgR2V0QnlJZAorICAgIGlmICh2YWwuYikgICAgIC8v IEdldEJ5SWQgdG8gYWNjZXNzIHZhbCBpbiBhIHJlZ2lzdGVyIGFnYWluLgorICAgICAgICB2YWwu YisrOworfQorCitub0lubGluZSh0ZXN0KTsKKworZnVuY3Rpb24gcnVuVGVzdCgpIHsKKyAgICBm b3IgKHZhciBqID0gMDsgaiA8IDUwOyBqKyspIHsKKyAgICAgICAgdmFyIG9ianMgPSBbXTsKKwor ICAgICAgICBsZXQgbnVtYmVyT2ZPYmplY3RzID0gMjAwOworICAgICAgICBmb3IgKHZhciBrID0g MDsgayA8IG51bWJlck9mT2JqZWN0czsgaysrKSB7IAorICAgICAgICAgICAgdmFyIG9iaiA9IHsg fTsKKworICAgICAgICAgICAgLy8gQ29uZGl0aW9uIDMuCisgICAgICAgICAgICAvLyBGdXp6aW5n IHRoZSBhbW91bnQgb2YgcHJvcGVydHkgc3RvcmFnZSB1c2VkIHNvIHRoYXQgd2UgY2FuIGdldCB0 aGUKKyAgICAgICAgICAgIC8vIHJlcGF0Y2ggc3R1YiBnZW5lcmF0b3IgdG8gcmVzaXplIHRoZSBv YmplY3Qgb3V0IG9mIGxpbmUgc3RvcmFnZSwgYW5kCisgICAgICAgICAgICAvLyBjcmVhdGUgbW9y ZSByZWdpc3RlciBwcmVzc3VyZSB0byBkbyB0aGF0IHdvcmsuIFRoaXMgaW4gdHVybiBjYXVzZXMg aXQgdG8KKyAgICAgICAgICAgIC8vIG5lZWQgdG8gcHJlc2VydmUgcmVnaXN0ZXJzIG9uIHRoZSBz dGFjay4KKyAgICAgICAgICAgIHZhciBudW1Jbml0aWFsUHJvcHMgPSBqICUgMjA7CisgICAgICAg ICAgICBmb3IgKHZhciBpID0gMDsgaSA8IG51bUluaXRpYWxQcm9wczsgaSsrKQorICAgICAgICAg ICAgICAgIG9ialsiaSIgKyBpXSA9IGk7CisKKyAgICAgICAgICAgIG9ianNba10gPSBvYmo7Cisg ICAgICAgIH0KKworICAgICAgICAvLyBDb25kaXRpb24gNC4KKyAgICAgICAgLy8gUHV0IGFsbCB0 aGUgb2JqZWN0cyBpbiB0aGUgR0MncyBvbGRHZW4gc28gdGhhdCB3ZSBjYW4gZXhlcmNpc2UgdGhl IHdyaXRlCisgICAgICAgIC8vIGJhcnJpZXIgd2hlbiB3ZSBleGVyY2lzZSB0aGUgUHV0QnlJZC4K KyAgICAgICAgZ2MoKTsKKworICAgICAgICBmb3IgKHZhciBrID0gMDsgayA8IG51bWJlck9mT2Jq ZWN0czsgaysrKSB7CisgICAgICAgICAgICAvLyBDb25kaXRpb24gMi4KKyAgICAgICAgICAgIC8v IEV2ZW50dWFsbHksIHRoZSBJQyB3aWxsIGNvbnZlcmdlIG9uIHRoZSBzbG93IHBhdGguIE5lZWQg dG8gZ2MoKQorICAgICAgICAgICAgLy8gcGVyaW9kaWNhbGx5IHRvIHJlcGF0Y2ggYW5ldy4KKyAg ICAgICAgICAgIGlmIChrICUgOTcgPT0gMSAmJiBqICUgNSA9PSAxKQorICAgICAgICAgICAgICAg IGdjKCk7CisKKyAgICAgICAgICAgIHRlc3Qob2Jqc1trXSwgdmFsLCBqKTsKKyAgICAgICAgfQor ICAgIH0KK30KKworbm9ERkcocnVuVGVzdCk7IC8vIENvbmRpdGlvbiA1LgorcnVuVGVzdCgpOwo=