18551 2008-04-17 12:40:20 -0700 REGRESSION (r31801?): Crash in ContainerNode::removedFromDocument on many SVG tests 2008-04-18 15:21:03 -0700 1 1 1 Unclassified WebKit SVG 528+ (Nightly build) All All RESOLVED FIXED LayoutTestFailure P2 Normal --- 1 aroben webkit-unassigned koivisto oldest_to_newest 77969 0 aroben 2008-04-17 12:40:20 -0700 Many SVG regression tests are crashing on Windows. I believe they all contain SVG animation. 77970 1 aroben 2008-04-17 12:41:06 -0700 One set of failing tests: svg/W3C-SVG-1.1/animate-elem-03-t.svg svg/W3C-SVG-1.1/animate-elem-05-t.svg svg/W3C-SVG-1.1/animate-elem-09-t.svg svg/W3C-SVG-1.1/animate-elem-11-t.svg svg/W3C-SVG-1.1/animate-elem-13-t.svg svg/W3C-SVG-1.1/animate-elem-15-t.svg svg/W3C-SVG-1.1/animate-elem-17-t.svg svg/W3C-SVG-1.1/animate-elem-19-t.svg svg/W3C-SVG-1.1/animate-elem-23-t.svg svg/W3C-SVG-1.1/animate-elem-29-b.svg svg/W3C-SVG-1.1/animate-elem-31-t.svg svg/W3C-SVG-1.1/animate-elem-33-t.svg svg/W3C-SVG-1.1/animate-elem-36-t.svg svg/W3C-SVG-1.1/animate-elem-40-t.svg svg/W3C-SVG-1.1/animate-elem-44-t.svg svg/W3C-SVG-1.1/animate-elem-52-t.svg svg/W3C-SVG-1.1/animate-elem-61-t.svg svg/W3C-SVG-1.1/animate-elem-65-t.svg svg/W3C-SVG-1.1/animate-elem-67-t.svg svg/W3C-SVG-1.1/animate-elem-69-t.svg svg/W3C-SVG-1.1/animate-elem-77-t.svg svg/W3C-SVG-1.1/animate-elem-80-t.svg svg/W3C-SVG-1.1/animate-elem-82-t.svg svg/W3C-SVG-1.1/color-prof-01-f.svg svg/W3C-SVG-1.1/pservers-pattern-01-b.svg These all crash with the following backtrace. It seems that `this` has been deleted. WebKit_debug.dll!WebCore::ContainerNode::removedFromDocument() Line 672 WebKit_debug.dll!WebCore::Element::removedFromDocument() Line 714 WebKit_debug.dll!WebCore::ContainerNode::addChildNodesToDeletionQueue(WebCore::Node * & head=0x06f99b28, WebCore::Node * & tail=0x01fa16a8, WebCore::ContainerNode * container=0x06f66650) Line 82 WebKit_debug.dll!WebCore::ContainerNode::removeAllChildren() Line 109 WebKit_debug.dll!WebCore::Document::removedLastRef() Line 381 WebKit_debug.dll!WebCore::TreeShared<WebCore::Node>::deref() Line 69 WebKit_debug.dll!WTF::RefPtr<WebCore::Document>::operator=(const WTF::PassRefPtr<WebCore::Document> & o={...}) Line 121 WebKit_debug.dll!WebCore::Frame::setDocument(WTF::PassRefPtr<WebCore::Document> newDoc={...}) Line 257 WebKit_debug.dll!WebCore::FrameLoader::clear(bool clearWindowProperties=true, bool clearScriptObjects=true) Line 840 WebKit_debug.dll!WebCore::FrameLoader::begin(const WebCore::KURL & url={...}, bool dispatch=false, WebCore::SecurityOrigin * origin=0x00000000) Line 913 WebKit_debug.dll!WebCore::FrameLoader::receivedFirstData() Line 864 WebKit_debug.dll!WebCore::FrameLoader::setEncoding(const WebCore::String & name={...}, bool userChosen=false) Line 1833 WebKit_debug.dll!WebFrameLoaderClient::receivedData(const char * data=0x07037e50, int length=8526, const WebCore::String & textEncoding={...}) Line 411 WebKit_debug.dll!WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader * loader=0x06eeb188, const char * data=0x07037e50, int length=8526) Line 383 WebKit_debug.dll!WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader * loader=0x06eeb188, const char * data=0x07037e50, int length=8526) Line 3332 WebKit_debug.dll!WebCore::DocumentLoader::commitLoad(const char * data=0x07037e50, int length=8526) Line 343 WebKit_debug.dll!WebCore::DocumentLoader::receivedData(const char * data=0x07037e50, int length=8526) Line 355 WebKit_debug.dll!WebCore::FrameLoader::receivedData(const char * data=0x07037e50, int length=8526) Line 2287 WebKit_debug.dll!WebCore::MainResourceLoader::addData(const char * data=0x07037e50, int length=8526, bool allAtOnce=false) Line 139 WebKit_debug.dll!WebCore::ResourceLoader::didReceiveData(const char * data=0x07037e50, int length=8526, __int64 lengthReceived=8526, bool allAtOnce=false) Line 244 WebKit_debug.dll!WebCore::MainResourceLoader::didReceiveData(const char * data=0x07037e50, int length=8526, __int64 lengthReceived=8526, bool allAtOnce=false) Line 297 WebKit_debug.dll!WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle * __formal=0x06faaa78, const char * data=0x07037e50, int length=8526, int lengthReceived=8526) Line 375 WebKit_debug.dll!WebCore::didReceiveData(_CFURLConnection * conn=0x01fd9a98, const __CFData * data=0x07037e38, long originalLength=8526, const void * clientInfo=0x06faaa78) Line 107 77971 2 aroben 2008-04-17 12:41:40 -0700 This test: svg/W3C-SVG-1.1/animate-elem-63-t.svg crashes with a similar but different backtrace. It also seems that `this` has been deleted. WebKit_debug.dll!WebCore::ContainerNode::removedFromDocument() Line 672 WebKit_debug.dll!WebCore::Element::removedFromDocument() Line 714 WebKit_debug.dll!WebCore::ContainerNode::addChildNodesToDeletionQueue(WebCore::Node * & head=0x020c7398, WebCore::Node * & tail=0x020c8078, WebCore::ContainerNode * container=0x020c7448) Line 82 WebKit_debug.dll!WebCore::ContainerNode::removeAllChildren() Line 94 WebKit_debug.dll!WebCore::ContainerNode::~ContainerNode() Line 118 WebKit_debug.dll!WebCore::Element::~Element() Line 119 WebKit_debug.dll!WebCore::StyledElement::~StyledElement() Line 111 WebKit_debug.dll!WebCore::SVGElement::~SVGElement() Line 58 WebKit_debug.dll!WebCore::SVGStyledElement::~SVGStyledElement() Line 55 WebKit_debug.dll!WebCore::SVGStyledLocatableElement::~SVGStyledLocatableElement() Line 43 WebKit_debug.dll!WebCore::SVGStyledTransformableElement::~SVGStyledTransformableElement() Line 47 WebKit_debug.dll!WebCore::SVGGElement::~SVGGElement() Line 42 WebKit_debug.dll!WebCore::SVGGElement::`vbase destructor'() + 0x16 bytes C++ WebKit_debug.dll!WebCore::SVGGElement::`scalar deleting destructor'() + 0x16 bytes C++ WebKit_debug.dll!WebCore::TreeShared<WebCore::Node>::removedLastRef() Line 99 WebKit_debug.dll!WebCore::TreeShared<WebCore::Node>::deref() Line 69 WebKit_debug.dll!WTF::RefPtr<WebCore::SVGElement>::operator=(WebCore::SVGElement * optr=0x00000000) Line 112 WebKit_debug.dll!WebCore::SVGSMILElement::removedFromDocument() Line 128 WebKit_debug.dll!WebCore::ContainerNode::removedFromDocument() Line 672 WebKit_debug.dll!WebCore::Element::removedFromDocument() Line 714 WebKit_debug.dll!WebCore::ContainerNode::addChildNodesToDeletionQueue(WebCore::Node * & head=0x020cf3c0, WebCore::Node * & tail=0x020c7298, WebCore::ContainerNode * container=0x020b8600) Line 82 WebKit_debug.dll!WebCore::ContainerNode::removeAllChildren() Line 109 WebKit_debug.dll!WebCore::Document::removedLastRef() Line 381 WebKit_debug.dll!WebCore::TreeShared<WebCore::Node>::deref() Line 69 WebKit_debug.dll!WTF::RefPtr<WebCore::Document>::operator=(const WTF::PassRefPtr<WebCore::Document> & o={...}) Line 121 WebKit_debug.dll!WebCore::Frame::setDocument(WTF::PassRefPtr<WebCore::Document> newDoc={...}) Line 257 WebKit_debug.dll!WebCore::FrameLoader::clear(bool clearWindowProperties=true, bool clearScriptObjects=true) Line 840 WebKit_debug.dll!WebCore::FrameLoader::begin(const WebCore::KURL & url={...}, bool dispatch=false, WebCore::SecurityOrigin * origin=0x00000000) Line 913 WebKit_debug.dll!WebCore::FrameLoader::receivedFirstData() Line 864 WebKit_debug.dll!WebCore::FrameLoader::setEncoding(const WebCore::String & name={...}, bool userChosen=false) Line 1833 WebKit_debug.dll!WebFrameLoaderClient::receivedData(const char * data=0x02121350, int length=8919, const WebCore::String & textEncoding={...}) Line 411 WebKit_debug.dll!WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader * loader=0x01fccca8, const char * data=0x02121350, int length=8919) Line 383 WebKit_debug.dll!WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader * loader=0x01fccca8, const char * data=0x02121350, int length=8919) Line 3332 WebKit_debug.dll!WebCore::DocumentLoader::commitLoad(const char * data=0x02121350, int length=8919) Line 343 WebKit_debug.dll!WebCore::DocumentLoader::receivedData(const char * data=0x02121350, int length=8919) Line 355 WebKit_debug.dll!WebCore::FrameLoader::receivedData(const char * data=0x02121350, int length=8919) Line 2287 WebKit_debug.dll!WebCore::MainResourceLoader::addData(const char * data=0x02121350, int length=8919, bool allAtOnce=false) Line 139 WebKit_debug.dll!WebCore::ResourceLoader::didReceiveData(const char * data=0x02121350, int length=8919, __int64 lengthReceived=8919, bool allAtOnce=false) Line 244 WebKit_debug.dll!WebCore::MainResourceLoader::didReceiveData(const char * data=0x02121350, int length=8919, __int64 lengthReceived=8919, bool allAtOnce=false) Line 297 WebKit_debug.dll!WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle * __formal=0x01fb2440, const char * data=0x02121350, int length=8919, int lengthReceived=8919) Line 375 WebKit_debug.dll!WebCore::didReceiveData(_CFURLConnection * conn=0x01fbd7e8, const __CFData * data=0x02121330, long originalLength=8919, const void * clientInfo=0x01fb2440) Line 107 77979 3 aroben 2008-04-17 13:05:10 -0700 It seems every other test is failing. In comment 1, I said that tests 1, 3, 5, 7, 9, 11, etc. were failing. I disabled those and now tests 4, 8, 12, 16, etc., are failing. So it seems to be every other animation test that fails. 77985 4 aroben 2008-04-17 13:31:13 -0700 This seems to only affect debug builds. It's possible it would happen on Mac as well if run under GuardMalloc. 77995 5 aroben 2008-04-17 14:16:08 -0700 Antti got the crash to reproduce under GuardMalloc on Mac. 78039 6 koivisto 2008-04-17 18:05:33 -0700 Sending WebCore/ChangeLog Sending WebCore/svg/animation/SVGSMILElement.cpp Sending WebCore/svg/animation/SVGSMILElement.h Transmitting file data ... Committed revision 32039. 78103 7 aroben 2008-04-18 07:27:15 -0700 I just got this crash again while running svg/W3C-SVG-1.1/animate-elem-63-t.svg (though presumably it's the previous test that triggered the problem). 78104 8 aroben 2008-04-18 07:28:22 -0700 I should note that I was running r32206. 78133 9 20672 koivisto 2008-04-18 10:55:53 -0700 Created attachment 20672 patch 78174 10 20672 oliver 2008-04-18 14:05:59 -0700 Comment on attachment 20672 patch Need new lines before unregister and handleEvent Otherwise this looks sane. r=me 78186 11 koivisto 2008-04-18 15:21:03 -0700 Sending WebCore/ChangeLog Sending WebCore/svg/animation/SVGSMILElement.cpp Sending WebCore/svg/animation/SVGSMILElement.h Transmitting file data ... Committed revision 32230. 20672 2008-04-18 10:55:53 -0700 2008-04-18 14:05:59 -0700 patch event-base-crash.patch text/plain 7282 koivisto SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiAzMjIxOCkKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMzAgQEAKKzIwMDgtMDQtMTggIEFudHRpIEtvaXZpc3RvICA8YW50dGlAYXBwbGUu Y29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIGh0 dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xODU1MQorICAgICAgICBSRUdS RVNTSU9OIChyMzE4MDE/KTogQ3Jhc2ggaW4gQ29udGFpbmVyTm9kZTo6cmVtb3ZlZEZyb21Eb2N1 bWVudCBvbiBtYW55IFNWRyB0ZXN0cworICAgICAgICAKKyAgICAgICAgRml4IGZvciB0ZXN0IHN2 Zy9XM0MtU1ZHLTEuMS9hbmltYXRlLWVsZW0tNjItdC5zdmcgd2hpY2ggd2FzIHN0aWxsCisgICAg ICAgIGNyYXNoaW5nIHVuZGVyIGd1YXJkIG1hbGxvYyBhZnRlciB0aGUgcHJldmlvdXMgZml4Lgor ICAgICAgICAKKyAgICAgICAgSWYgdGhlIGV2ZW50IGJhc2UgZWxlbWVudCB3YXMgYSBwYXJlbnQg b2YgdGhlIGN1cnJlbnQgZWxlbWVudCwgZGVyZWZmaW5nIGl0IGR1cmluZyAKKyAgICAgICAgcmVt b3ZlZEZyb21Eb2N1bWVudCgpIHdvdWxkIGNhdXNlIHByb2JsZW1zLiBBdm9pZCB0aGlzIGJ5IG5v dCBob2xkaW5nIHJlZiBwb2ludGVyCisgICAgICAgIHRvIHRoZSBldmVudCBiYXNlIGJ1dCBpbnN0 ZWFkIGNoZWNraW5nIGZyb20gdGhlIHJlZiBjb3VudCBvZiB0aGUgZXZlbnQgbGlzdGVuZXIgd2hl dGhlcgorICAgICAgICBpdCBpcyBzdGlsbCBhbGl2ZSBhbmQgaW4gbmVlZCBmb3IgdW5yZWdpc3Rl cmluZy4KKyAgICAgICAgCisgICAgICAgIFRoaXMgc2hvbGQgbm90IGJlIGEgcHJvYmxlbSBmb3Ig c3luY2Jhc2UgcG9pbnRlcnMgc2luY2UgdGhvc2UgYXJlIGFsd2F5cyBhbmltYXRpb24gZWxlbWVu dHMKKyAgICAgICAgYW5kIGxlYWYgbm9kZXMuCisKKyAgICAgICAgKiBzdmcvYW5pbWF0aW9uL1NW R1NNSUxFbGVtZW50LmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OkNvbmRpdGlvbkV2ZW50TGlzdGVu ZXI6OkNvbmRpdGlvbkV2ZW50TGlzdGVuZXIpOgorICAgICAgICAoV2ViQ29yZTo6Q29uZGl0aW9u RXZlbnRMaXN0ZW5lcjo6dW5yZWdpc3Rlcik6CisgICAgICAgIChXZWJDb3JlOjpDb25kaXRpb25F dmVudExpc3RlbmVyOjpoYW5kbGVFdmVudCk6CisgICAgICAgIChXZWJDb3JlOjpTVkdTTUlMRWxl bWVudDo6Y29ubmVjdENvbmRpdGlvbnMpOgorICAgICAgICAoV2ViQ29yZTo6U1ZHU01JTEVsZW1l bnQ6OmRpc2Nvbm5lY3RDb25kaXRpb25zKToKKyAgICAgICAgKFdlYkNvcmU6OlNWR1NNSUxFbGVt ZW50OjpjcmVhdGVJbnN0YW5jZVRpbWVzRnJvbVN5bmNiYXNlKToKKyAgICAgICAgKiBzdmcvYW5p bWF0aW9uL1NWR1NNSUxFbGVtZW50Lmg6CisKIDIwMDgtMDQtMTggIEFkYW0gUm9iZW4gIDxhcm9i ZW5AYXBwbGUuY29tPgogCiAgICAgICAgIE1hYyBidWlsZCBmaXgKSW5kZXg6IFdlYkNvcmUvc3Zn L2FuaW1hdGlvbi9TVkdTTUlMRWxlbWVudC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gV2ViQ29yZS9zdmcv YW5pbWF0aW9uL1NWR1NNSUxFbGVtZW50LmNwcAkocmV2aXNpb24gMzIwNDQpCisrKyBXZWJDb3Jl L3N2Zy9hbmltYXRpb24vU1ZHU01JTEVsZW1lbnQuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC01Mywx NSArNTMsMjcgQEAgc3RhdGljIGNvbnN0IGRvdWJsZSBpbnZhbGlkQ2FjaGVkVGltZSA9IAogICAg IAogY2xhc3MgQ29uZGl0aW9uRXZlbnRMaXN0ZW5lciA6IHB1YmxpYyBFdmVudExpc3RlbmVyIHsK IHB1YmxpYzoKLSAgICBDb25kaXRpb25FdmVudExpc3RlbmVyKFNWR1NNSUxFbGVtZW50KiBhbmlt YXRpb24sIFNWR1NNSUxFbGVtZW50OjpDb25kaXRpb24qIGNvbmRpdGlvbikgCisgICAgQ29uZGl0 aW9uRXZlbnRMaXN0ZW5lcihTVkdTTUlMRWxlbWVudCogYW5pbWF0aW9uLCBFbGVtZW50KiBldmVu dEJhc2UsIFNWR1NNSUxFbGVtZW50OjpDb25kaXRpb24qIGNvbmRpdGlvbikgCiAgICAgICAgIDog bV9hbmltYXRpb24oYW5pbWF0aW9uKQotICAgICAgICAsIG1fY29uZGl0aW9uKGNvbmRpdGlvbikg e30KLSAgICB2aXJ0dWFsIHZvaWQgaGFuZGxlRXZlbnQoRXZlbnQqIGV2ZW50LCBib29sIGlzV2lu ZG93RXZlbnQpIHsKKyAgICAgICAgLCBtX2NvbmRpdGlvbihjb25kaXRpb24pIAorICAgICAgICAs IG1fZXZlbnRCYXNlKGV2ZW50QmFzZSkKKyAgICB7CisgICAgICAgIG1fZXZlbnRCYXNlLT5hZGRF dmVudExpc3RlbmVyKG1fY29uZGl0aW9uLT5tX25hbWUsIHRoaXMsIGZhbHNlKTsKKyAgICB9Cisg ICAgdm9pZCB1bnJlZ2lzdGVyKCkKKyAgICB7CisgICAgICAgIC8vIElmIHRoaXMgaGFzIG9ubHkg b25lIHJlZiB0aGVuIHRoZSBldmVudCBiYXNlIGlzIGRlYWQgYWxyZWFkeSBhbmQgd2UgZG9uJ3Qg bmVlZCB0byByZW1vdmUgb3Vyc2VsZi4KKyAgICAgICAgaWYgKCFoYXNPbmVSZWYoKSkKKyAgICAg ICAgICAgIG1fZXZlbnRCYXNlLT5yZW1vdmVFdmVudExpc3RlbmVyKG1fY29uZGl0aW9uLT5tX25h bWUsIHRoaXMsIGZhbHNlKTsKKyAgICB9CisgICAgdmlydHVhbCB2b2lkIGhhbmRsZUV2ZW50KEV2 ZW50KiBldmVudCwgYm9vbCBpc1dpbmRvd0V2ZW50KSAKKyAgICB7CiAgICAgICAgIG1fYW5pbWF0 aW9uLT5oYW5kbGVDb25kaXRpb25FdmVudChldmVudCwgbV9jb25kaXRpb24pOwogICAgIH0KIHBy aXZhdGU6CiAgICAgU1ZHU01JTEVsZW1lbnQqIG1fYW5pbWF0aW9uOwogICAgIFNWR1NNSUxFbGVt ZW50OjpDb25kaXRpb24qIG1fY29uZGl0aW9uOworICAgIEVsZW1lbnQqIG1fZXZlbnRCYXNlOwog fTsKICAgICAKIFNWR1NNSUxFbGVtZW50OjpDb25kaXRpb246OkNvbmRpdGlvbihUeXBlIHR5cGUs IEJlZ2luT3JFbmQgYmVnaW5PckVuZCwgU3RyaW5nIGJhc2VJRCwgY29uc3QgU3RyaW5nJiBuYW1l LCBTTUlMVGltZSBvZmZzZXQsIGludCByZXBlYXRzKQpAQCAtMzU4LDIxICszNzAsMjAgQEAgdm9p ZCBTVkdTTUlMRWxlbWVudDo6Y29ubmVjdENvbmRpdGlvbnMoKQogICAgIGZvciAodW5zaWduZWQg biA9IDA7IG4gPCBtX2NvbmRpdGlvbnMuc2l6ZSgpOyArK24pIHsKICAgICAgICAgQ29uZGl0aW9u JiBjb25kaXRpb24gPSBtX2NvbmRpdGlvbnNbbl07CiAgICAgICAgIGlmIChjb25kaXRpb24ubV90 eXBlID09IENvbmRpdGlvbjo6RXZlbnRCYXNlKSB7Ci0gICAgICAgICAgICBBU1NFUlQoIWNvbmRp dGlvbi5tX2Jhc2UpOwotICAgICAgICAgICAgY29uZGl0aW9uLm1fYmFzZSA9IGNvbmRpdGlvbi5t X2Jhc2VJRC5pc0VtcHR5KCkgPyB0YXJnZXRFbGVtZW50KCkgOiBkb2N1bWVudCgpLT5nZXRFbGVt ZW50QnlJZChjb25kaXRpb24ubV9iYXNlSUQpOwotICAgICAgICAgICAgaWYgKCFjb25kaXRpb24u bV9iYXNlKQorICAgICAgICAgICAgQVNTRVJUKCFjb25kaXRpb24ubV9zeW5jYmFzZSk7CisgICAg ICAgICAgICBFbGVtZW50KiBldmVudEJhc2UgPSBjb25kaXRpb24ubV9iYXNlSUQuaXNFbXB0eSgp ID8gdGFyZ2V0RWxlbWVudCgpIDogZG9jdW1lbnQoKS0+Z2V0RWxlbWVudEJ5SWQoY29uZGl0aW9u Lm1fYmFzZUlEKTsKKyAgICAgICAgICAgIGlmICghZXZlbnRCYXNlKQogICAgICAgICAgICAgICAg IGNvbnRpbnVlOwogICAgICAgICAgICAgQVNTRVJUKCFjb25kaXRpb24ubV9ldmVudExpc3RlbmVy KTsKLSAgICAgICAgICAgIGNvbmRpdGlvbi5tX2V2ZW50TGlzdGVuZXIgPSBuZXcgQ29uZGl0aW9u RXZlbnRMaXN0ZW5lcih0aGlzLCAmY29uZGl0aW9uKTsKLSAgICAgICAgICAgIGNvbmRpdGlvbi5t X2Jhc2UtPmFkZEV2ZW50TGlzdGVuZXIoY29uZGl0aW9uLm1fbmFtZSwgY29uZGl0aW9uLm1fZXZl bnRMaXN0ZW5lciwgZmFsc2UpOworICAgICAgICAgICAgY29uZGl0aW9uLm1fZXZlbnRMaXN0ZW5l ciA9IG5ldyBDb25kaXRpb25FdmVudExpc3RlbmVyKHRoaXMsIGV2ZW50QmFzZSwgJmNvbmRpdGlv bik7CiAgICAgICAgIH0gZWxzZSBpZiAoY29uZGl0aW9uLm1fdHlwZSA9PSBDb25kaXRpb246OlN5 bmNiYXNlKSB7CiAgICAgICAgICAgICBBU1NFUlQoIWNvbmRpdGlvbi5tX2Jhc2VJRC5pc0VtcHR5 KCkpOwotICAgICAgICAgICAgY29uZGl0aW9uLm1fYmFzZSA9IGRvY3VtZW50KCktPmdldEVsZW1l bnRCeUlkKGNvbmRpdGlvbi5tX2Jhc2VJRCk7Ci0gICAgICAgICAgICBpZiAoIWlzU01JTEVsZW1l bnQoY29uZGl0aW9uLm1fYmFzZS5nZXQoKSkpIHsKLSAgICAgICAgICAgICAgICBjb25kaXRpb24u bV9iYXNlID0gMDsKKyAgICAgICAgICAgIGNvbmRpdGlvbi5tX3N5bmNiYXNlID0gZG9jdW1lbnQo KS0+Z2V0RWxlbWVudEJ5SWQoY29uZGl0aW9uLm1fYmFzZUlEKTsKKyAgICAgICAgICAgIGlmICgh aXNTTUlMRWxlbWVudChjb25kaXRpb24ubV9zeW5jYmFzZS5nZXQoKSkpIHsKKyAgICAgICAgICAg ICAgICBjb25kaXRpb24ubV9zeW5jYmFzZSA9IDA7CiAgICAgICAgICAgICAgICAgY29udGludWU7 CiAgICAgICAgICAgICB9Ci0gICAgICAgICAgICBTVkdTTUlMRWxlbWVudCogc3luY2Jhc2UgPSBz dGF0aWNfY2FzdDxTVkdTTUlMRWxlbWVudCo+KGNvbmRpdGlvbi5tX2Jhc2UuZ2V0KCkpOworICAg ICAgICAgICAgU1ZHU01JTEVsZW1lbnQqIHN5bmNiYXNlID0gc3RhdGljX2Nhc3Q8U1ZHU01JTEVs ZW1lbnQqPihjb25kaXRpb24ubV9zeW5jYmFzZS5nZXQoKSk7CiAgICAgICAgICAgICBzeW5jYmFz ZS0+YWRkVGltZURlcGVuZGVudCh0aGlzKTsKICAgICAgICAgfQogICAgIH0KQEAgLTM4NiwxNiAr Mzk3LDE4IEBAIHZvaWQgU1ZHU01JTEVsZW1lbnQ6OmRpc2Nvbm5lY3RDb25kaXRpb24KICAgICBm b3IgKHVuc2lnbmVkIG4gPSAwOyBuIDwgbV9jb25kaXRpb25zLnNpemUoKTsgKytuKSB7CiAgICAg ICAgIENvbmRpdGlvbiYgY29uZGl0aW9uID0gbV9jb25kaXRpb25zW25dOwogICAgICAgICBpZiAo Y29uZGl0aW9uLm1fdHlwZSA9PSBDb25kaXRpb246OkV2ZW50QmFzZSkgewotICAgICAgICAgICAg aWYgKGNvbmRpdGlvbi5tX2Jhc2UpCi0gICAgICAgICAgICAgICAgY29uZGl0aW9uLm1fYmFzZS0+ cmVtb3ZlRXZlbnRMaXN0ZW5lcihjb25kaXRpb24ubV9uYW1lLCBjb25kaXRpb24ubV9ldmVudExp c3RlbmVyLmdldCgpLCBmYWxzZSk7Ci0gICAgICAgICAgICBjb25kaXRpb24ubV9ldmVudExpc3Rl bmVyID0gMDsKKyAgICAgICAgICAgIEFTU0VSVCghY29uZGl0aW9uLm1fc3luY2Jhc2UpOworICAg ICAgICAgICAgaWYgKGNvbmRpdGlvbi5tX2V2ZW50TGlzdGVuZXIpIHsKKyAgICAgICAgICAgICAg ICBjb25kaXRpb24ubV9ldmVudExpc3RlbmVyLT51bnJlZ2lzdGVyKCk7CisgICAgICAgICAgICAg ICAgY29uZGl0aW9uLm1fZXZlbnRMaXN0ZW5lciA9IDA7CisgICAgICAgICAgICB9CiAgICAgICAg IH0gZWxzZSBpZiAoY29uZGl0aW9uLm1fdHlwZSA9PSBDb25kaXRpb246OlN5bmNiYXNlKSB7Ci0g ICAgICAgICAgICBpZiAoY29uZGl0aW9uLm1fYmFzZSkgewotICAgICAgICAgICAgICAgIEFTU0VS VChpc1NNSUxFbGVtZW50KGNvbmRpdGlvbi5tX2Jhc2UuZ2V0KCkpKTsKLSAgICAgICAgICAgICAg ICBzdGF0aWNfY2FzdDxTVkdTTUlMRWxlbWVudCo+KGNvbmRpdGlvbi5tX2Jhc2UuZ2V0KCkpLT5y ZW1vdmVUaW1lRGVwZW5kZW50KHRoaXMpOworICAgICAgICAgICAgaWYgKGNvbmRpdGlvbi5tX3N5 bmNiYXNlKSB7CisgICAgICAgICAgICAgICAgQVNTRVJUKGlzU01JTEVsZW1lbnQoY29uZGl0aW9u Lm1fc3luY2Jhc2UuZ2V0KCkpKTsKKyAgICAgICAgICAgICAgICBzdGF0aWNfY2FzdDxTVkdTTUlM RWxlbWVudCo+KGNvbmRpdGlvbi5tX3N5bmNiYXNlLmdldCgpKS0+cmVtb3ZlVGltZURlcGVuZGVu dCh0aGlzKTsKICAgICAgICAgICAgIH0KICAgICAgICAgfQotICAgICAgICBjb25kaXRpb24ubV9i YXNlID0gMDsKKyAgICAgICAgY29uZGl0aW9uLm1fc3luY2Jhc2UgPSAwOwogICAgIH0KIH0KIApA QCAtODYwLDcgKzg3Myw3IEBAIHZvaWQgU1ZHU01JTEVsZW1lbnQ6OmNyZWF0ZUluc3RhbmNlVGlt ZXMKICAgICAvLyB0aGUgYXNzb2NpYXRlZCB0aW1lcyBpbnN0ZWFkIG9mIGNyZWF0aW5nIG5ldyBv bmVzLgogICAgIGZvciAodW5zaWduZWQgbiA9IDA7IG4gPCBtX2NvbmRpdGlvbnMuc2l6ZSgpOyAr K24pIHsKICAgICAgICAgQ29uZGl0aW9uJiBjb25kaXRpb24gPSBtX2NvbmRpdGlvbnNbbl07Ci0g ICAgICAgIGlmIChjb25kaXRpb24ubV90eXBlID09IENvbmRpdGlvbjo6U3luY2Jhc2UgJiYgY29u ZGl0aW9uLm1fYmFzZSA9PSBzeW5jYmFzZSkgeworICAgICAgICBpZiAoY29uZGl0aW9uLm1fdHlw ZSA9PSBDb25kaXRpb246OlN5bmNiYXNlICYmIGNvbmRpdGlvbi5tX3N5bmNiYXNlID09IHN5bmNi YXNlKSB7CiAgICAgICAgICAgICBBU1NFUlQoY29uZGl0aW9uLm1fbmFtZSA9PSAiYmVnaW4iIHx8 IGNvbmRpdGlvbi5tX25hbWUgPT0gImVuZCIpOwogICAgICAgICAgICAgLy8gTm8gbmVzdGVkIHRp bWUgY29udGFpbmVycyBpbiBTVkcsIG5vIG5lZWQgZm9yIGNyYXp5IHRpbWUgc3BhY2UgY29udmVy c2lvbnMuIFBoZXchCiAgICAgICAgICAgICBTTUlMVGltZSB0aW1lID0gMDsKSW5kZXg6IFdlYkNv cmUvc3ZnL2FuaW1hdGlvbi9TVkdTTUlMRWxlbWVudC5oCj09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUv c3ZnL2FuaW1hdGlvbi9TVkdTTUlMRWxlbWVudC5oCShyZXZpc2lvbiAzMjA0NCkKKysrIFdlYkNv cmUvc3ZnL2FuaW1hdGlvbi9TVkdTTUlMRWxlbWVudC5oCSh3b3JraW5nIGNvcHkpCkBAIC0xMjks NyArMTI5LDcgQEAgcHJpdmF0ZToKICAgICAgICAgICAgIFN0cmluZyBtX25hbWU7CiAgICAgICAg ICAgICBTTUlMVGltZSBtX29mZnNldDsKICAgICAgICAgICAgIGludCBtX3JlcGVhdHM7Ci0gICAg ICAgICAgICBSZWZQdHI8RWxlbWVudD4gbV9iYXNlOworICAgICAgICAgICAgUmVmUHRyPEVsZW1l bnQ+IG1fc3luY2Jhc2U7CiAgICAgICAgICAgICBSZWZQdHI8Q29uZGl0aW9uRXZlbnRMaXN0ZW5l cj4gbV9ldmVudExpc3RlbmVyOwogICAgICAgICB9OwogICAgICAgICBib29sIHBhcnNlQ29uZGl0 aW9uKGNvbnN0IFN0cmluZyYsIEJlZ2luT3JFbmQgYmVnaW5PckVuZCk7Cg==