19044 2008-05-14 05:19:18 -0700 SquirrelFish: Bogus values enter evaluation when closing over scope with parameter and var with same name 2008-05-16 02:52:49 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Mac OS X 10.5 RESOLVED FIXED http://blog.wired.com/games/2008/05/for-wiiware-nin.html P1 Blocker --- 1 oliver mjs ggaren mjs zwarich oldest_to_newest 80344 0 oliver 2008-05-14 05:19:18 -0700 Crash occurs with back trace #0 0x00505437 in KJS::JSValue::toObject (this=0x0, exec=0xbfffde14) at value.h:523 #1 0x00491273 in functionProtoFuncApply (exec=0xbfffde14, thisObj=0x1a7dc220, args=@0xbfffd090) at function_object.cpp:91 #2 0x0046a8ea in KJS::PrototypeFunction::callAsFunction (this=0x1a4b00a0, exec=0xbfffde14, thisObj=0x1a7dc220, args=@0xbfffd090) at function.cpp:747 #3 0x00520f12 in KJS::Machine::privateExecute (this=0x572960, flag=KJS::Machine::Normal, exec=0xbfffde14, registerFile=0x1a6d9530, r=0x1c73a450, scopeChain=0x1a622820, codeBlock=0x1a9f6a90, exception=0xbfffdecc) at /Volumes/Data/git/WebKit/OpenSource/JavaScriptCore/VM/Machine.cpp:1764 #4 0x005228fd in KJS::Machine::execute (this=0x572960, functionBodyNode=0x1a634c80, exec=0x1915e1e0, function=0x1a7dc180, thisObj=0x1a7dc340, args=@0xbfffdf64, registerFileStack=0x1919c218, scopeChain=0x1a622820, exception=0xbfffdecc) at /Volumes/Data/git/WebKit/OpenSource/JavaScriptCore/VM/Machine.cpp:663 #5 0x004766fb in KJS::FunctionImp::callAsFunction (this=0x1a7dc180, exec=0x1915e1e0, thisObj=0x1a7dc340, args=@0xbfffdf64) at function.cpp:90 #6 0x0048f1eb in KJS::JSObject::call (this=0x1a7dc180, exec=0x1915e1e0, thisObj=0x1a7dc340, args=@0xbfffdf64) at object.cpp:99 #7 0x02c75162 in WebCore::JSAbstractEventListener::handleEvent (this=0x1a64fd40, ele=0x1c7bd0e0, isWindowEvent=false) at /Volumes/Data/git/WebKit/OpenSource/WebCore/bindings/js/kjs_events.cpp:100 ... 21 instructions; 320 bytes at 0x1a9f6a90; 2 locals (2 parameters); 42 temporaries [ 0] resolve tr0, __method(@id0) [ 3] get_by_id tr1, tr0, apply(@id1) [ 7] resolve tr13, object(@id2) [ 10] new_array tr15 [ 12] mov tr16, lr1 [ 15] jtrue tr16, 8(->25) [ 18] resolve tr17, window(@id3) [ 21] get_by_id tr16, tr17, event(@id4) [ 25] put_by_index tr15, 0, tr16 [ 29] load tr16, 1(@k0) [ 32] put_by_id tr15, length(@id5), tr16 [ 36] get_by_id tr16, tr15, concat(@id6) [ 40] resolve tr28, args(@id7) [ 43] call tr15, tr16, tr15, 27, 2 [ 49] get_by_id tr16, tr15, concat(@id6) [ 53] resolve_func tr28, tr29, $A(@id8) [ 57] resolve tr41, arguments(@id9) [ 60] call tr28, tr29, tr28, 40, 2 [ 66] call tr14, tr16, tr15, 27, 2 [ 72] call tr0, tr1, tr0, 12, 3 [ 78] ret tr0 Identifiers: id0 = __method id1 = apply id2 = object id3 = window id4 = event id5 = length id6 = concat id7 = args id8 = $A id9 = arguments Constants: k0 = 1 Register frame: ---------------------------------------- use | address | value ---------------------------------------- [call frame] | 0x1c73a420 | 0x0 [call frame] | 0x1c73a424 | 0x4 [call frame] | 0x1c73a428 | 0x0 [call frame] | 0x1c73a42c | 0x0 [call frame] | 0x1c73a430 | 0x0 [call frame] | 0x1c73a434 | 0xa [call frame] | 0x1c73a438 | 0x2 [call frame] | 0x1c73a43c | 0x0 [call frame] | 0x1c73a440 | 0x1a7dc180 [call frame] | 0x1c73a444 | 0x1a4be840 ---------------------------------------- [param] | 0x1c73a448 | 0x1a7dc340 [param] | 0x1c73a44c | 0x1a4be860 ---------------------------------------- [temp] | 0x1c73a450 | 0x1a7dc220 [temp] | 0x1c73a454 | 0x1a4b00a0 [temp] | 0x1c73a458 | 0x0 [temp] | 0x1c73a45c | 0x0 [temp] | 0x1c73a460 | 0x0 [temp] | 0x1c73a464 | 0x0 [temp] | 0x1c73a468 | 0x0 [temp] | 0x1c73a46c | 0x0 [temp] | 0x1c73a470 | 0x0 [temp] | 0x1c73a474 | 0x0 [temp] | 0x1c73a478 | 0x0 [temp] | 0x1c73a47c | 0x0 [temp] | 0x1c73a480 | 0x1a7dc220 [temp] | 0x1c73a484 | 0x0 [temp] | 0x1c73a488 | 0x1a4be500 [temp] | 0x1c73a48c | 0x1a4be780 [temp] | 0x1c73a490 | 0x1a4be7a0 [temp] | 0x1c73a494 | 0x0 [temp] | 0x1c73a498 | 0x0 [temp] | 0x1c73a49c | 0x0 [temp] | 0x1c73a4a0 | 0x0 [temp] | 0x1c73a4a4 | 0x0 [temp] | 0x1c73a4a8 | 0x0 [temp] | 0x1c73a4ac | 0x0 [temp] | 0x1c73a4b0 | 0x0 [temp] | 0x1c73a4b4 | 0x0 [temp] | 0x1c73a4b8 | 0x0 [temp] | 0x1c73a4bc | 0x1a4be780 [temp] | 0x1c73a4c0 | 0x1a4be520 [temp] | 0x1c73a4c4 | 0x1a4b49a0 [temp] | 0x1c73a4c8 | 0x1a9f6a90 [temp] | 0x1c73a4cc | 0x1c7a25b8 [temp] | 0x1c73a4d0 | 0x1a622820 [temp] | 0x1c73a4d4 | 0xc [temp] | 0x1c73a4d8 | 0x1c [temp] | 0x1c73a4dc | 0x28 [temp] | 0x1c73a4e0 | 0x2 [temp] | 0x1c73a4e4 | 0x0 [temp] | 0x1c73a4e8 | 0x1a4b49a0 [temp] | 0x1c73a4ec | 0x0 [temp] | 0x1c73a4f0 | 0x1a4b0000 [temp] | 0x1c73a4f4 | 0x1a4be760 $10 = void 80347 1 21124 oliver 2008-05-14 06:05:55 -0700 Created attachment 21124 Testcase 80354 2 ggaren 2008-05-14 09:12:14 -0700 I believe the error is in JSActivation::copyRegisters: int numRegisters = symbolTable().size(); In the case of duplicate entries, the symbol table's size will not equal the number of local registers. I believe the correct behavior is to set numRegisters to CodeBlock::numLocals instead. There are other, more complicated ways to fix this. For example, codegen changes could ensure exact local register allocation, such that we packed all duplicates into the same slot. I had a patch to do that a while back. 80368 3 zwarich 2008-05-14 10:36:21 -0700 (In reply to comment #2) > I believe the error is in JSActivation::copyRegisters: > > int numRegisters = symbolTable().size(); > > In the case of duplicate entries, the symbol table's size will not equal the > number of local registers. I believe the correct behavior is to set > numRegisters to CodeBlock::numLocals instead. > > There are other, more complicated ways to fix this. For example, codegen > changes could ensure exact local register allocation, such that we packed all > duplicates into the same slot. I had a patch to do that a while back. I think the solution is simpler than this. We just shouldn't make a local variable for an identifier that also appears as a parameter. 80369 4 ggaren 2008-05-14 11:06:33 -0700 > > There are other, more complicated ways to fix this. For example, codegen > > changes could ensure exact local register allocation, such that we packed all > > duplicates into the same slot. I had a patch to do that a while back. > > I think the solution is simpler than this. We just shouldn't make a local > variable for an identifier that also appears as a parameter. That's the more complicated solution I mentioned above: codegen changes to ensure exact register allocation. Seems much easier just to change > > int numRegisters = symbolTable().size(); to > > int numRegisters = codeBlock->numLocals. 80374 5 zwarich 2008-05-14 11:36:25 -0700 (In reply to comment #4) > > > There are other, more complicated ways to fix this. For example, codegen > > > changes could ensure exact local register allocation, such that we packed all > > > duplicates into the same slot. I had a patch to do that a while back. > > > > I think the solution is simpler than this. We just shouldn't make a local > > variable for an identifier that also appears as a parameter. > > That's the more complicated solution I mentioned above: codegen changes to > ensure exact register allocation. > > Seems much easier just to change > > > > int numRegisters = symbolTable().size(); > > to > > > > int numRegisters = codeBlock->numLocals. Except that's wrong, because it still has the wrong behaviour with f.arguments. 80375 6 ggaren 2008-05-14 11:44:11 -0700 > Except that's wrong, because it still has the wrong behaviour with f.arguments. Can you elaborate on this? 80376 7 zwarich 2008-05-14 11:57:42 -0700 (In reply to comment #6) > > Except that's wrong, because it still has the wrong behaviour with f.arguments. > > Can you elaborate on this? I thought that something like this would go wrong: function f() { g.arguments[0] = "PASS"; } function g(a) { var a = "FAIL"; f(); print(a); } g("PASS"); However, it seems that it doesn't cause a problem, so my apologies. Anyways, I have a patch that fixes the problem by changing codegen, so I'll post it. 80377 8 21129 zwarich 2008-05-14 12:00:58 -0700 Created attachment 21129 Proposed patch 80396 9 ggaren 2008-05-14 13:32:14 -0700 This algorithm is O(MxN), where M is the number of vars and N is the number of parameters. We try really hard to avoid algorithms like that, even in code that doesn't seem performance-critical, because such algorithms often come back to bite us. I would worry especially about pages generated by obfuscaters, cross-compilers, and/or server-side scripts triggering pathological behavior at compile time. If you want to go with the codegen solution, I think you should use a hashing technique instead. 80398 10 zwarich 2008-05-14 13:38:55 -0700 (In reply to comment #9) > This algorithm is O(MxN), where M is the number of vars and N is the number of > parameters. We try really hard to avoid algorithms like that, even in code that > doesn't seem performance-critical, because such algorithms often come back to > bite us. > > I would worry especially about pages generated by obfuscaters, cross-compilers, > and/or server-side scripts triggering pathological behavior at compile time. > > If you want to go with the codegen solution, I think you should use a hashing > technique instead. Yeah, I was worried about that. I guess it makes more sense to with the local storage resizing, at least for now. Is it always going to be correct? 80408 11 zwarich 2008-05-14 15:05:12 -0700 I tried using a HashSet<UString::Rep*>, but for some reason it causes an intermittent timeout in/js/gmail-re-re.html. 80559 12 ggaren 2008-05-15 14:58:38 -0700 > I guess it makes more sense to with the local > storage resizing, at least for now. Is it always going to be correct? Yes, I think so. JSActivation knows how to talk to a block of registers in order to get/set locals. copyRegisters() just moves the block of registers to a new location in memory: the behavior remains the same. 80609 13 mjs 2008-05-16 01:16:00 -0700 I realized a similar bug can happen with duplicate parameter names, and only Geoff's suggestion, not Cameron's patch, will fix that case. 80613 14 21199 mjs 2008-05-16 02:15:07 -0700 Created attachment 21199 geoff's suggested fix plus tests 80614 15 21199 oliver 2008-05-16 02:16:23 -0700 Comment on attachment 21199 geoff's suggested fix plus tests r=me, assuming perf is good. 80617 16 oliver 2008-05-16 02:52:49 -0700 Landed r33516 21124 2008-05-14 06:05:55 -0700 2008-05-14 06:05:55 -0700 Testcase wiredtest.html text/html 202 oliver PHNjcmlwdD4KZnVuY3Rpb24gaXJrc29tZShvYmplY3QpIHsKICB2YXIgX19tZXRob2QgPSB0aGlz LCBvYmplY3QgPSAiZm9vIjsKICByZXR1cm4gZnVuY3Rpb24oZXZlbnQpIHsKICAgIC8vIG9iamVj dCBpcyBzb21laG93IGludmFsaWQgYXQgdGhpcyBwb2ludCA6LS8KICAgIGFsZXJ0KG9iamVjdCk7 CiAgfQp9Cgppcmtzb21lKCkoKTsKPC9zY3JpcHQ+Cg== 21129 2008-05-14 12:00:58 -0700 2008-05-14 13:32:24 -0700 Proposed patch local.diff text/plain 1614 zwarich SW5kZXg6IENoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBDaGFuZ2VMb2cJKHJldmlzaW9uIDMzNDQ3 KQorKysgQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTcgQEAKKzIwMDgtMDUt MTQgIENhbWVyb24gWndhcmljaCAgPGN3endhcmljaEB1d2F0ZXJsb28uY2E+CisKKyAgICAgICAg UmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgQnVnIDE5MDQ0OiBTcXVpcnJl bEZpc2g6IEJvZ3VzIHZhbHVlcyBlbnRlciBldmFsdWF0aW9uIHdoZW4gY2xvc2luZworICAgICAg ICBvdmVyIHNjb3BlIHdpdGggcGFyYW1ldGVyIGFuZCB2YXIgd2l0aCBzYW1lIG5hbWUKKyAgICAg ICAgPGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xOTA0ND4KKworICAg ICAgICBEbyBub3QgYWxsb3cgYSBsb2NhbCB2YXJpYWJsZSB0byBiZSBtYWRlIGlmIHRoZXJlIGlz IGFscmVhZHkgYQorICAgICAgICBmdW5jdGlvbiBwYXJhbWV0ZXIgd2l0aCB0aGUgc2FtZSBuYW1l LgorCisgICAgICAgICogVk0vQ29kZUdlbmVyYXRvci5jcHA6CisgICAgICAgIChLSlM6OkNvZGVH ZW5lcmF0b3I6OkNvZGVHZW5lcmF0b3IpOgorCiAyMDA4LTA1LTE0ICBPbGl2ZXIgSHVudCAgPG9s aXZlckBhcHBsZS5jb20+CiAKICAgICAgICAgUmV2aWV3ZWQgYnkgTWFjaWVqLgpJbmRleDogVk0v Q29kZUdlbmVyYXRvci5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gVk0vQ29kZUdlbmVyYXRvci5jcHAJKHJl dmlzaW9uIDMzNDQzKQorKysgVk0vQ29kZUdlbmVyYXRvci5jcHAJKHdvcmtpbmcgY29weSkKQEAg LTI0OCw5ICsyNDgsMjAgQEAgQ29kZUdlbmVyYXRvcjo6Q29kZUdlbmVyYXRvcihGdW5jdGlvbkJv ZAogCiAgICAgZm9yIChzaXplX3QgaSA9IDA7IGkgPCB2YXJTdGFjay5zaXplKCk7ICsraSkgewog ICAgICAgICBjb25zdCBJZGVudGlmaWVyJiBpZGVudCA9IHZhclN0YWNrW2ldLmZpcnN0OworICAg ICAgICAKICAgICAgICAgaWYgKGlkZW50ID09IG1fcHJvcGVydHlOYW1lcy0+YXJndW1lbnRzKQog ICAgICAgICAgICAgY29udGludWU7CiAgICAgICAgIAorICAgICAgICBib29sIHNob3VsZENvbnRp bnVlID0gZmFsc2U7CisgICAgICAgIGZvciAoc2l6ZV90IGogPSAwOyBqIDwgcGFyYW1ldGVycy5z aXplKCk7ICsraikgeworICAgICAgICAgICAgaWYgKGlkZW50ID09IHBhcmFtZXRlcnNbal0pIHsK KyAgICAgICAgICAgICAgICBzaG91bGRDb250aW51ZSA9IHRydWU7CisgICAgICAgICAgICAgICAg YnJlYWs7CisgICAgICAgICAgICB9CisgICAgICAgIH0KKyAgICAgICAgaWYgKHNob3VsZENvbnRp bnVlKQorICAgICAgICAgICAgY29udGludWU7CisgICAgICAgIAogICAgICAgICBSZWdpc3RlcklE KiByMDsKICAgICAgICAgaWYgKGFkZFZhcihpZGVudCwgcjAsIHZhclN0YWNrW2ldLnNlY29uZCAm IERlY2xhcmF0aW9uU3RhY2tzOjpJc0NvbnN0YW50KSkKICAgICAgICAgICAgIGVtaXRMb2FkKHIw LCBqc1VuZGVmaW5lZCgpKTsK 21199 2008-05-16 02:15:07 -0700 2008-05-16 02:16:23 -0700 geoff's suggested fix plus tests activation-crash.patch.txt text/plain 6332 mjs SW5kZXg6IEphdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBKYXZhU2NyaXB0 Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDMzNTE1KQorKysgSmF2YVNjcmlwdENvcmUvQ2hhbmdl TG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTggQEAKKzIwMDgtMDUtMTYgIE1hY2llaiBT dGFjaG93aWFrICA8bWpzQGFwcGxlLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkg KE9PUFMhKS4KKyAgICAgICAgCisgICAgICAgIC0gZml4ZWQgQnVnIDE5MDQ0OiBTcXVpcnJlbEZp c2g6IEJvZ3VzIHZhbHVlcyBlbnRlciBldmFsdWF0aW9uIHdoZW4gY2xvc2luZyBvdmVyIHNjb3Bl IHdpdGggcGFyYW1ldGVyIGFuZCB2YXIgd2l0aCBzYW1lIG5hbWUKKyAgICAgICAgaHR0cHM6Ly9i dWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE5MDQ0CisKKyAgICAgICAgKiBranMvSlNB Y3RpdmF0aW9uLmNwcDoKKyAgICAgICAgKEtKUzo6SlNBY3RpdmF0aW9uOjpjb3B5UmVnaXN0ZXJz KTogVXNlIG51bUxvY2FscyBmcm9tIHRoZSBjb2RlCisgICAgICAgIGJsb2NrIHJhdGhlciB0aGFu IHRoZSBzaXplIG9mIHRoZSBzeW1ib2wgdGFibGUgZm9yIHRoZSBudW1iZXIgb2YKKyAgICAgICAg cmVnaXN0ZXJzIHRvIGNvcHksIHRvIGFjY291bnQgZm9yIGR1cGxpY2F0ZSBwYXJhbWV0ZXJzIGFu ZCB2YXJzCisgICAgICAgIHdpdGggdGhlIHNhbWUgbmFtZSBhcyBwYXJhbWV0ZXJzICh3ZSBzdGls bCBoYXZlIHBvdGVudGlhbGx5CisgICAgICAgIHN1Ym9wdGltYWwgY29kZWdlbiBpbiB0aGF0IHdl IGFsbG9jYXRlIGEgbG9jYWwgcmVnaXN0ZXIgZm9yIHRoZQorICAgICAgICB2YXIgaW4gdGhlIGxh dHRlciBjYXNlIGJ1dCBpdCBpcyBuZXZlciB1c2VkKS4KKyAgICAgICAgCiAyMDA4LTA1LTE1ICBH ZW9mZnJleSBHYXJlbiAgPGdnYXJlbkBhcHBsZS5jb20+CiAKICAgICAgICAgTm90IHJldmlld2Vk LgpJbmRleDogSmF2YVNjcmlwdENvcmUva2pzL0pTQWN0aXZhdGlvbi5jcHAKPT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQot LS0gSmF2YVNjcmlwdENvcmUva2pzL0pTQWN0aXZhdGlvbi5jcHAJKHJldmlzaW9uIDMzNTEwKQor KysgSmF2YVNjcmlwdENvcmUva2pzL0pTQWN0aXZhdGlvbi5jcHAJKHdvcmtpbmcgY29weSkKQEAg LTUxLDcgKzUxLDcgQEAgSlNBY3RpdmF0aW9uOjp+SlNBY3RpdmF0aW9uKCkKIAogdm9pZCBKU0Fj dGl2YXRpb246OmNvcHlSZWdpc3RlcnMoKQogewotICAgIGludCBudW1SZWdpc3RlcnMgPSBzeW1i b2xUYWJsZSgpLnNpemUoKTsKKyAgICBpbnQgbnVtUmVnaXN0ZXJzID0gZCgpLT5mdW5jdGlvbkJv ZHktPmdlbmVyYXRlZENvZGUoKS5udW1Mb2NhbHM7CiAgICAgaWYgKCFudW1SZWdpc3RlcnMpCiAg ICAgICAgIHJldHVybjsKIApJbmRleDogTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCj09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0K LS0tIExheW91dFRlc3RzL0NoYW5nZUxvZwkocmV2aXNpb24gMzM1MTUpCisrKyBMYXlvdXRUZXN0 cy9DaGFuZ2VMb2cJKHdvcmtpbmcgY29weSkKQEAgLTEsMyArMSwxNyBAQAorMjAwOC0wNS0xNiAg TWFjaWVqIFN0YWNob3dpYWsgIDxtanNAYXBwbGUuY29tPgorCisgICAgICAgIFJldmlld2VkIGJ5 IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIC0gZml4ZWQgQnVnIDE5MDQ0OiBTcXVpcnJlbEZp c2g6IEJvZ3VzIHZhbHVlcyBlbnRlciBldmFsdWF0aW9uIHdoZW4gY2xvc2luZyBvdmVyIHNjb3Bl IHdpdGggcGFyYW1ldGVyIGFuZCB2YXIgd2l0aCBzYW1lIG5hbWUKKyAgICAgICAgaHR0cHM6Ly9i dWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE5MDQ0CisKKyAgICAgICAgKiBmYXN0L2pz L2R1cGxpY2F0ZS1wYXJhbS1jcmFzaC1leHBlY3RlZC50eHQ6IEFkZGVkLgorICAgICAgICAqIGZh c3QvanMvZHVwbGljYXRlLXBhcmFtLWNyYXNoLmh0bWw6IEFkZGVkLgorICAgICAgICAqIGZhc3Qv anMvcmVzb3VyY2VzL2R1cGxpY2F0ZS1wYXJhbS1jcmFzaC5qczogQWRkZWQuCisgICAgICAgICog ZmFzdC9qcy9yZXNvdXJjZXMvdmFyLXNoYWRvd3MtYXJnLWNyYXNoLmpzOiBBZGRlZC4KKyAgICAg ICAgKiBmYXN0L2pzL3Zhci1zaGFkb3dzLWFyZy1jcmFzaC1leHBlY3RlZC50eHQ6IEFkZGVkLgor ICAgICAgICAqIGZhc3QvanMvdmFyLXNoYWRvd3MtYXJnLWNyYXNoLmh0bWw6IEFkZGVkLgorCiAy MDA4LTA1LTE0ICBPbGl2ZXIgSHVudCAgPG9saXZlckBhcHBsZS5jb20+CiAKICAgICAgICAgUmV2 aWV3ZWQgYnkgTWFjaWVqLgpJbmRleDogTGF5b3V0VGVzdHMvZmFzdC9qcy9kdXBsaWNhdGUtcGFy YW0tY3Jhc2gtZXhwZWN0ZWQudHh0Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zhc3QvanMv ZHVwbGljYXRlLXBhcmFtLWNyYXNoLWV4cGVjdGVkLnR4dAkocmV2aXNpb24gMCkKKysrIExheW91 dFRlc3RzL2Zhc3QvanMvZHVwbGljYXRlLXBhcmFtLWNyYXNoLWV4cGVjdGVkLnR4dAkocmV2aXNp b24gMCkKQEAgLTAsMCArMSwxMSBAQAorVGVzdHMgdG8gZW5zdXJlIHRoYXQgYWN0aXZhdGlvbnMg YXJlIGJ1aWx0IGNvcnJlY3RseSBpbiB0aGUgZmFjZSBvZiBkdXBsaWNhdGUgcGFyYW1ldGVyIG5h bWVzIGFuZCBkbyBub3QgY2F1c2UgY3Jhc2hlcy4KKworT24gc3VjY2VzcywgeW91IHdpbGwgc2Vl IGEgc2VyaWVzIG9mICJQQVNTIiBtZXNzYWdlcywgZm9sbG93ZWQgYnkgIlRFU1QgQ09NUExFVEUi LgorCisKK1BBU1MgdGVzdDEoInN1Y2Nlc3MiKSgpIGlzICJzdWNjZXNzIgorUEFTUyB0ZXN0Migi c3VjY2VzcyIsICJzdWNjZXNzIiwgInN1Y2Nlc3MiLCAic3VjY2VzcyIsICJzdWNjZXNzIiwgInN1 Y2Nlc3MiLCAic3VjY2VzcyIpKCkgaXMgInN1Y2Nlc3MiCitQQVNTIHN1Y2Nlc3NmdWxseVBhcnNl ZCBpcyB0cnVlCisKK1RFU1QgQ09NUExFVEUKKwpJbmRleDogTGF5b3V0VGVzdHMvZmFzdC9qcy9k dXBsaWNhdGUtcGFyYW0tY3Jhc2guaHRtbAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9mYXN0 L2pzL2R1cGxpY2F0ZS1wYXJhbS1jcmFzaC5odG1sCShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVz dHMvZmFzdC9qcy9kdXBsaWNhdGUtcGFyYW0tY3Jhc2guaHRtbAkocmV2aXNpb24gMCkKQEAgLTAs MCArMSwxMyBAQAorPCFET0NUWVBFIGh0bWw+Cis8aHRtbD4KKzxoZWFkPgorPGxpbmsgcmVsPSJz dHlsZXNoZWV0IiBocmVmPSJyZXNvdXJjZXMvanMtdGVzdC1zdHlsZS5jc3MiPgorPHNjcmlwdCBz cmM9InJlc291cmNlcy9qcy10ZXN0LXByZS5qcyI+PC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keT4K KzxwIGlkPSJkZXNjcmlwdGlvbiI+PC9wPgorPGRpdiBpZD0iY29uc29sZSI+PC9kaXY+Cis8c2Ny aXB0IHNyYz0icmVzb3VyY2VzL2R1cGxpY2F0ZS1wYXJhbS1jcmFzaC5qcyI+PC9zY3JpcHQ+Cis8 c2NyaXB0IHNyYz0icmVzb3VyY2VzL2pzLXRlc3QtcG9zdC5qcyI+PC9zY3JpcHQ+Cis8L2JvZHk+ Cis8L2h0bWw+CkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pzL3Zhci1zaGFkb3dzLWFyZy1jcmFz aC1leHBlY3RlZC50eHQKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMvZmFzdC9qcy92YXItc2hh ZG93cy1hcmctY3Jhc2gtZXhwZWN0ZWQudHh0CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMv ZmFzdC9qcy92YXItc2hhZG93cy1hcmctY3Jhc2gtZXhwZWN0ZWQudHh0CShyZXZpc2lvbiAwKQpA QCAtMCwwICsxLDEwIEBACitUZXN0cyB0byBlbnN1cmUgdGhhdCBhY3RpdmF0aW9ucyBhcmUgYnVp bHQgY29ycmVjdGx5IGluIHRoZSBmYWNlIG9mIGR1cGxpY2F0ZSBwYXJhbWV0ZXIgbmFtZXMgYW5k IGRvIG5vdCBjYXVzZSBjcmFzaGVzLgorCitPbiBzdWNjZXNzLCB5b3Ugd2lsbCBzZWUgYSBzZXJp ZXMgb2YgIlBBU1MiIG1lc3NhZ2VzLCBmb2xsb3dlZCBieSAiVEVTVCBDT01QTEVURSIuCisKKwor UEFTUyB0ZXN0KCkoKSBpcyAic3VjY2VzcyIKK1BBU1Mgc3VjY2Vzc2Z1bGx5UGFyc2VkIGlzIHRy dWUKKworVEVTVCBDT01QTEVURQorCkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pzL3Zhci1zaGFk b3dzLWFyZy1jcmFzaC5odG1sCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zhc3QvanMvdmFy LXNoYWRvd3MtYXJnLWNyYXNoLmh0bWwJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9mYXN0 L2pzL3Zhci1zaGFkb3dzLWFyZy1jcmFzaC5odG1sCShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDEz IEBACis8IURPQ1RZUEUgaHRtbD4KKzxodG1sPgorPGhlYWQ+Cis8bGluayByZWw9InN0eWxlc2hl ZXQiIGhyZWY9InJlc291cmNlcy9qcy10ZXN0LXN0eWxlLmNzcyI+Cis8c2NyaXB0IHNyYz0icmVz b3VyY2VzL2pzLXRlc3QtcHJlLmpzIj48L3NjcmlwdD4KKzwvaGVhZD4KKzxib2R5PgorPHAgaWQ9 ImRlc2NyaXB0aW9uIj48L3A+Cis8ZGl2IGlkPSJjb25zb2xlIj48L2Rpdj4KKzxzY3JpcHQgc3Jj PSJyZXNvdXJjZXMvdmFyLXNoYWRvd3MtYXJnLWNyYXNoLmpzIj48L3NjcmlwdD4KKzxzY3JpcHQg c3JjPSJyZXNvdXJjZXMvanMtdGVzdC1wb3N0LmpzIj48L3NjcmlwdD4KKzwvYm9keT4KKzwvaHRt bD4KSW5kZXg6IExheW91dFRlc3RzL2Zhc3QvanMvcmVzb3VyY2VzL2R1cGxpY2F0ZS1wYXJhbS1j cmFzaC5qcwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9mYXN0L2pzL3Jlc291cmNlcy9kdXBs aWNhdGUtcGFyYW0tY3Jhc2guanMJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9mYXN0L2pz L3Jlc291cmNlcy9kdXBsaWNhdGUtcGFyYW0tY3Jhc2guanMJKHJldmlzaW9uIDApCkBAIC0wLDAg KzEsMjEgQEAKK2Rlc2NyaXB0aW9uKAorJ1Rlc3RzIHRvIGVuc3VyZSB0aGF0IGFjdGl2YXRpb25z IGFyZSBidWlsdCBjb3JyZWN0bHkgaW4gdGhlIGZhY2Ugb2YgZHVwbGljYXRlIHBhcmFtZXRlciBu YW1lcyBhbmQgZG8gbm90IGNhdXNlIGNyYXNoZXMuJworKTsKKworZnVuY3Rpb24gdGVzdDEoYSwg YiwgYiwgYiwgYiwgYiwgYikgeworICAgIHJldHVybiBmdW5jdGlvbigpIHsKKyAgICAgICAgcmV0 dXJuIGE7CisgICAgfQorfQorCitzaG91bGRCZSgndGVzdDEoInN1Y2Nlc3MiKSgpJywgJyJzdWNj ZXNzIicpOworCitmdW5jdGlvbiB0ZXN0MihhLCBhLCBhLCBhLCBhLCBhLCBiKSB7CisgICAgcmV0 dXJuIGZ1bmN0aW9uKCkgeworICAgICAgICByZXR1cm4gYjsKKyAgICB9Cit9CisKK3Nob3VsZEJl KCd0ZXN0Migic3VjY2VzcyIsICJzdWNjZXNzIiwgInN1Y2Nlc3MiLCAic3VjY2VzcyIsICJzdWNj ZXNzIiwgInN1Y2Nlc3MiLCAic3VjY2VzcyIpKCknLCAnInN1Y2Nlc3MiJyk7CisKK3ZhciBzdWNj ZXNzZnVsbHlQYXJzZWQgPSB0cnVlOwpJbmRleDogTGF5b3V0VGVzdHMvZmFzdC9qcy9yZXNvdXJj ZXMvdmFyLXNoYWRvd3MtYXJnLWNyYXNoLmpzCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zh c3QvanMvcmVzb3VyY2VzL3Zhci1zaGFkb3dzLWFyZy1jcmFzaC5qcwkocmV2aXNpb24gMCkKKysr IExheW91dFRlc3RzL2Zhc3QvanMvcmVzb3VyY2VzL3Zhci1zaGFkb3dzLWFyZy1jcmFzaC5qcwko cmV2aXNpb24gMCkKQEAgLTAsMCArMSwxNSBAQAorZGVzY3JpcHRpb24oCisnVGVzdHMgdG8gZW5z dXJlIHRoYXQgYWN0aXZhdGlvbnMgYXJlIGJ1aWx0IGNvcnJlY3RseSBpbiB0aGUgZmFjZSBvZiBk dXBsaWNhdGUgcGFyYW1ldGVyIG5hbWVzIGFuZCBkbyBub3QgY2F1c2UgY3Jhc2hlcy4nCispOwor CisKK2Z1bmN0aW9uIHRlc3QoYSkgeworICAgIHZhciBiLCBhID0gInN1Y2Nlc3MiOworICAgIHJl dHVybiBmdW5jdGlvbigpIHsKKyAgICAgICAgcmV0dXJuIGE7CisgICAgfQorfQorCitzaG91bGRC ZSgndGVzdCgpKCknLCAnInN1Y2Nlc3MiJyk7CisKK3ZhciBzdWNjZXNzZnVsbHlQYXJzZWQgPSB0 cnVlOwo=