203211 2019-10-21 14:10:28 -0700 Fix issues when setting public length on ArrayWithContiguous type butterflies. 2019-10-21 17:05:33 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 mark.lam mark.lam ews-watchlist keith_miller msaboff saam tzagallo webkit-bug-importer oldest_to_newest 1582026 0 mark.lam 2019-10-21 14:10:28 -0700 For ArrayWithContiguous type butterflies, SlotVisitor scans up to the public length of the butterfly. When setting a new public length, if the new public length is greater than the current, we should always writeBarrier after the setting of the new public length. Otherwise, there can be a race where the GC scans the butterfly after new values have been written to it but before the public length as been updated. As a result, the new values never get scanned. 1582028 1 webkit-bug-importer 2019-10-21 14:10:57 -0700 <rdar://problem/56476097> 1582086 2 381468 mark.lam 2019-10-21 15:42:18 -0700 Created attachment 381468 proposed patch. 1582124 3 381468 saam 2019-10-21 16:26:39 -0700 Comment on attachment 381468 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=381468&action=review > Source/JavaScriptCore/runtime/JSArray.cpp:887 > + // Our memmoving of values around in the array could have concealed some of them from > + // the collector. Let's make sure that the collector scans this object again. > + vm.heap.writeBarrier(this); how? > Source/JavaScriptCore/runtime/JSArray.cpp:948 > + if (indexingType == ArrayWithContiguous) > + vm.heap.writeBarrier(this); why? > Source/JavaScriptCore/runtime/JSArrayInlines.h:164 > + // It's not effective to set the value with a barrier because in a > + // race, the collector may scan this object right after we barrier > + // the object (after setting of the value), but before updating the > + // public length. As a result, the GC may not have scanned the newly > + // pushed value. this comment seems superfluous IMO > Source/JavaScriptCore/runtime/JSObject.cpp:898 > + // It's not effective to set the value with a barrier because in a > + // race, the collector may scan this object right after we barrier > + // the object (after setting of the value), but before updating the > + // public length. As a result, the GC may not have scanned the newly > + // set value. ditto > Source/JavaScriptCore/runtime/JSObject.h:416 > + // It's not effective to set the value with a barrier because in a > + // race, the collector may scan this object right after we barrier > + // the object (after setting of the value), but before updating the > + // public length. As a result, the GC may not have scanned the newly > + // set value. ditto 1582125 4 381468 saam 2019-10-21 16:27:10 -0700 Comment on attachment 381468 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=381468&action=review >> Source/JavaScriptCore/runtime/JSArray.cpp:948 >> + vm.heap.writeBarrier(this); > > why? ignore this. it's an ok optimization to do 1582127 5 381468 keith_miller 2019-10-21 16:28:33 -0700 Comment on attachment 381468 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=381468&action=review r=me with comment on an existing but (I think) > Source/JavaScriptCore/runtime/JSArray.cpp:946 > // Our memmoving of values around in the array could have concealed some of them from > // the collector. Let's make sure that the collector scans this object again. Doesn't memmove not guarantee anything about tearing while copying? That seems like a different bug though. 1582131 6 381468 saam 2019-10-21 16:30:22 -0700 Comment on attachment 381468 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=381468&action=review >> Source/JavaScriptCore/runtime/JSArray.cpp:887 >> + vm.heap.writeBarrier(this); > > how? Note: we're holding the cell lock here b/c array storage. So I don't see how this does anything 1582151 7 381468 mark.lam 2019-10-21 16:54:40 -0700 Comment on attachment 381468 proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=381468&action=review >>> Source/JavaScriptCore/runtime/JSArray.cpp:887 >>> + vm.heap.writeBarrier(this); >> >> how? > > Note: we're holding the cell lock here b/c array storage. So I don't see how this does anything Ok, I missed that detail. Will remove. >> Source/JavaScriptCore/runtime/JSArrayInlines.h:164 >> + // pushed value. > > this comment seems superfluous IMO OK ok. I added this comment because I didn't want the uninitiated reader to come along and naively reverse this change. However, if so, I suppose he/she would think it's strange that I did it this way, and would do the right thing and read the ChangeLog first to checkout my rationale for this. I'll remove the comment. 1582155 8 mark.lam 2019-10-21 17:05:33 -0700 Thanks for the reviews. Landed in r251399: <http://trac.webkit.org/r251399>. 381468 2019-10-21 15:42:18 -0700 2019-10-21 16:28:33 -0700 proposed patch. bug-203211.patch text/plain 7250 mark.lam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjUxMzg5KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDMzIEBA CisyMDE5LTEwLTIxICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBG aXggaXNzdWVzIHdoZW4gc2V0dGluZyBwdWJsaWMgbGVuZ3RoIG9uIEFycmF5V2l0aENvbnRpZ3Vv dXMgdHlwZSBidXR0ZXJmbGllcy4KKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hv d19idWcuY2dpP2lkPTIwMzIxMQorICAgICAgICA8cmRhcjovL3Byb2JsZW0vNTY0NzYwOTc+CisK KyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgRm9yIEFycmF5 V2l0aENvbnRpZ3VvdXMgdHlwZSBidXR0ZXJmbGllcywgU2xvdFZpc2l0b3Igc2NhbnMgdXAgdG8g dGhlIHB1YmxpYworICAgICAgICBsZW5ndGggb2YgdGhlIGJ1dHRlcmZseS4gIFdoZW4gc2V0dGlu ZyBhIG5ldyBwdWJsaWMgbGVuZ3RoLCBpZiB0aGUgbmV3IHB1YmxpYworICAgICAgICBsZW5ndGgg aXMgZ3JlYXRlciB0aGFuIHRoZSBjdXJyZW50LCB3ZSBzaG91bGQgYWx3YXlzIHdyaXRlQmFycmll ciBhZnRlciB0aGUKKyAgICAgICAgc2V0dGluZyBvZiB0aGUgbmV3IHB1YmxpYyBsZW5ndGguICBP dGhlcndpc2UsIHRoZXJlIGNhbiBiZSBhIHJhY2Ugd2hlcmUgdGhlIEdDCisgICAgICAgIHNjYW5z IHRoZSBidXR0ZXJmbHkgYWZ0ZXIgbmV3IHZhbHVlcyBoYXZlIGJlZW4gd3JpdHRlbiB0byBpdCBi dXQgYmVmb3JlIHRoZQorICAgICAgICBwdWJsaWMgbGVuZ3RoIGFzIGJlZW4gdXBkYXRlZC4gIEFz IGEgcmVzdWx0LCB0aGUgbmV3IHZhbHVlcyBuZXZlciBnZXQgc2Nhbm5lZC4KKworICAgICAgICBG b3IgdGhlIERGRyBhbmQgRlRMLCB0aGUgU3RvcmVCYXJyaWVySW5zZXJ0aW9uUGhhc2UgaXMgcmVz cG9uc2libGUgZm9yIGluc2VydGluZworICAgICAgICB0aGUgd3JpdGVCYXJyaWVycyBhZnRlciB0 aGUgbm9kZS4gIEhlbmNlLCB0aGUgd3JpdGVCYXJyaWVyIGlzIGd1YXJhbnRlZWQgdG8gYmUKKyAg ICAgICAgYWZ0ZXIgdGhlIHB1YmxpY0xlbmd0aCBoYXMgYmVlbiB1cGRhdGVkLgorCisgICAgICAg ICogcnVudGltZS9KU0FycmF5LmNwcDoKKyAgICAgICAgKEpTQzo6SlNBcnJheTo6c2hpZnRDb3Vu dFdpdGhBcnJheVN0b3JhZ2UpOgorICAgICAgICAoSlNDOjpKU0FycmF5OjpzaGlmdENvdW50V2l0 aEFueUluZGV4aW5nVHlwZSk6CisgICAgICAgICogcnVudGltZS9KU0FycmF5SW5saW5lcy5oOgor ICAgICAgICAoSlNDOjpKU0FycmF5OjpwdXNoSW5saW5lKToKKyAgICAgICAgKiBydW50aW1lL0pT T2JqZWN0LmNwcDoKKyAgICAgICAgKEpTQzo6SlNPYmplY3Q6OnB1dEJ5SW5kZXgpOgorICAgICAg ICAoSlNDOjpKU09iamVjdDo6cmVhbGxvY2F0ZUFuZFNocmlua0J1dHRlcmZseSk6CisgICAgICAg ICogcnVudGltZS9KU09iamVjdC5oOgorICAgICAgICAoSlNDOjpKU09iamVjdDo6c2V0SW5kZXhR dWlja2x5KToKKwogMjAxOS0xMC0yMSAgQmFzdWtlIFN1enVraSAgPEJhc3VrZS5TdXp1a2lAc29u eS5jb20+CiAKICAgICAgICAgW1dpbkNhaXJvXVtQbGF5U3RhdGlvbl0gQWRkIGF1dG9tYXRpb24g c3VwcG9ydCBmb3IgUmVtb3RlSW5zcGVjdG9yIFNvY2tldFNlcnZlciBpbXBsZW1lbnRhdGlvbi4K SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTQXJyYXkuY3BwCj09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTQXJyYXkuY3BwCShyZXZpc2lv biAyNTEzNzQpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9KU0FycmF5LmNwcAko d29ya2luZyBjb3B5KQpAQCAtODgxLDcgKzg4MSwxMSBAQCBib29sIEpTQXJyYXk6OnNoaWZ0Q291 bnRXaXRoQXJyYXlTdG9yYWdlCiAgICAgICAgIC8vIHBvcnRpb24gb2YgdGhlIHZlY3Rvci4gV2Ug YWxzbyBkb24ndCBtb2RpZnkgdGhlIHZlY3RvciBsZW5ndGggYmVjYXVzZSB3ZSdyZSBub3QgYWN0 dWFsbHkgY2hhbmdpbmcKICAgICAgICAgLy8gaXRzIGxlbmd0aDsgd2UncmUganVzdCB1c2luZyBs ZXNzIG9mIGl0LgogICAgIH0KLSAgICAKKworICAgIC8vIE91ciBtZW1tb3Zpbmcgb2YgdmFsdWVz IGFyb3VuZCBpbiB0aGUgYXJyYXkgY291bGQgaGF2ZSBjb25jZWFsZWQgc29tZSBvZiB0aGVtIGZy b20KKyAgICAvLyB0aGUgY29sbGVjdG9yLiBMZXQncyBtYWtlIHN1cmUgdGhhdCB0aGUgY29sbGVj dG9yIHNjYW5zIHRoaXMgb2JqZWN0IGFnYWluLgorICAgIHZtLmhlYXAud3JpdGVCYXJyaWVyKHRo aXMpOworCiAgICAgcmV0dXJuIHRydWU7CiB9CiAKQEAgLTg5NCw3ICs4OTgsOCBAQCBib29sIEpT QXJyYXk6OnNoaWZ0Q291bnRXaXRoQW55SW5kZXhpbmdUCiAKICAgICBCdXR0ZXJmbHkqIGJ1dHRl cmZseSA9IHRoaXMtPmJ1dHRlcmZseSgpOwogICAgIAotICAgIHN3aXRjaCAoaW5kZXhpbmdUeXBl KCkpIHsKKyAgICBhdXRvIGluZGV4aW5nVHlwZSA9IHRoaXMtPmluZGV4aW5nVHlwZSgpOworICAg IHN3aXRjaCAoaW5kZXhpbmdUeXBlKSB7CiAgICAgY2FzZSBBcnJheUNsYXNzOgogICAgICAgICBy ZXR1cm4gdHJ1ZTsKICAgICAgICAgCkBAIC05MzQsMTMgKzkzOSwxNCBAQCBib29sIEpTQXJyYXk6 OnNoaWZ0Q291bnRXaXRoQW55SW5kZXhpbmdUCiAKICAgICAgICAgZm9yICh1bnNpZ25lZCBpID0g ZW5kOyBpIDwgb2xkTGVuZ3RoOyArK2kpCiAgICAgICAgICAgICBidXR0ZXJmbHktPmNvbnRpZ3Vv dXMoKS5hdCh0aGlzLCBpKS5jbGVhcigpOwotICAgICAgICAKKwogICAgICAgICBidXR0ZXJmbHkt PnNldFB1YmxpY0xlbmd0aChvbGRMZW5ndGggLSBjb3VudCk7CiAKICAgICAgICAgLy8gT3VyIG1l bW1vdmluZyBvZiB2YWx1ZXMgYXJvdW5kIGluIHRoZSBhcnJheSBjb3VsZCBoYXZlIGNvbmNlYWxl ZCBzb21lIG9mIHRoZW0gZnJvbQogICAgICAgICAvLyB0aGUgY29sbGVjdG9yLiBMZXQncyBtYWtl IHN1cmUgdGhhdCB0aGUgY29sbGVjdG9yIHNjYW5zIHRoaXMgb2JqZWN0IGFnYWluLgotICAgICAg ICB2bS5oZWFwLndyaXRlQmFycmllcih0aGlzKTsKLSAgICAgICAgCisgICAgICAgIGlmIChpbmRl eGluZ1R5cGUgPT0gQXJyYXlXaXRoQ29udGlndW91cykKKyAgICAgICAgICAgIHZtLmhlYXAud3Jp dGVCYXJyaWVyKHRoaXMpOworCiAgICAgICAgIHJldHVybiB0cnVlOwogICAgIH0KICAgICAgICAg CkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9KU0FycmF5SW5saW5lcy5oCj09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTQXJyYXlJbmxpbmVz LmgJKHJldmlzaW9uIDI1MTM3NCkKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pT QXJyYXlJbmxpbmVzLmgJKHdvcmtpbmcgY29weSkKQEAgLTE1Nyw4ICsxNTcsMTQgQEAgQUxXQVlT X0lOTElORSB2b2lkIEpTQXJyYXk6OnB1c2hJbmxpbmUoRQogICAgICAgICB1bnNpZ25lZCBsZW5n dGggPSBidXR0ZXJmbHktPnB1YmxpY0xlbmd0aCgpOwogICAgICAgICBBU1NFUlQobGVuZ3RoIDw9 IGJ1dHRlcmZseS0+dmVjdG9yTGVuZ3RoKCkpOwogICAgICAgICBpZiAobGVuZ3RoIDwgYnV0dGVy Zmx5LT52ZWN0b3JMZW5ndGgoKSkgewotICAgICAgICAgICAgYnV0dGVyZmx5LT5jb250aWd1b3Vz KCkuYXQodGhpcywgbGVuZ3RoKS5zZXQodm0sIHRoaXMsIHZhbHVlKTsKKyAgICAgICAgICAgIC8v IEl0J3Mgbm90IGVmZmVjdGl2ZSB0byBzZXQgdGhlIHZhbHVlIHdpdGggYSBiYXJyaWVyIGJlY2F1 c2UgaW4gYQorICAgICAgICAgICAgLy8gcmFjZSwgdGhlIGNvbGxlY3RvciBtYXkgc2NhbiB0aGlz IG9iamVjdCByaWdodCBhZnRlciB3ZSBiYXJyaWVyCisgICAgICAgICAgICAvLyB0aGUgb2JqZWN0 IChhZnRlciBzZXR0aW5nIG9mIHRoZSB2YWx1ZSksIGJ1dCBiZWZvcmUgdXBkYXRpbmcgdGhlCisg ICAgICAgICAgICAvLyBwdWJsaWMgbGVuZ3RoLiBBcyBhIHJlc3VsdCwgdGhlIEdDIG1heSBub3Qg aGF2ZSBzY2FubmVkIHRoZSBuZXdseQorICAgICAgICAgICAgLy8gcHVzaGVkIHZhbHVlLgorICAg ICAgICAgICAgYnV0dGVyZmx5LT5jb250aWd1b3VzKCkuYXQodGhpcywgbGVuZ3RoKS5zZXRXaXRo b3V0V3JpdGVCYXJyaWVyKHZhbHVlKTsKICAgICAgICAgICAgIGJ1dHRlcmZseS0+c2V0UHVibGlj TGVuZ3RoKGxlbmd0aCArIDEpOworICAgICAgICAgICAgdm0uaGVhcC53cml0ZUJhcnJpZXIodGhp cywgdmFsdWUpOwogICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICB9CiAKSW5kZXg6IFNvdXJj ZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTT2JqZWN0LmNwcAo9PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3Vy Y2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9KU09iamVjdC5jcHAJKHJldmlzaW9uIDI1MTM3NCkK KysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTT2JqZWN0LmNwcAkod29ya2luZyBj b3B5KQpAQCAtODkxLDkgKzg5MSwxNSBAQCBib29sIEpTT2JqZWN0OjpwdXRCeUluZGV4KEpTQ2Vs bCogY2VsbCwgCiAgICAgICAgIEJ1dHRlcmZseSogYnV0dGVyZmx5ID0gdGhpc09iamVjdC0+YnV0 dGVyZmx5KCk7CiAgICAgICAgIGlmIChwcm9wZXJ0eU5hbWUgPj0gYnV0dGVyZmx5LT52ZWN0b3JM ZW5ndGgoKSkKICAgICAgICAgICAgIGJyZWFrOwotICAgICAgICBidXR0ZXJmbHktPmNvbnRpZ3Vv dXMoKS5hdCh0aGlzT2JqZWN0LCBwcm9wZXJ0eU5hbWUpLnNldCh2bSwgdGhpc09iamVjdCwgdmFs dWUpOworICAgICAgICAvLyBJdCdzIG5vdCBlZmZlY3RpdmUgdG8gc2V0IHRoZSB2YWx1ZSB3aXRo IGEgYmFycmllciBiZWNhdXNlIGluIGEKKyAgICAgICAgLy8gcmFjZSwgdGhlIGNvbGxlY3RvciBt YXkgc2NhbiB0aGlzIG9iamVjdCByaWdodCBhZnRlciB3ZSBiYXJyaWVyCisgICAgICAgIC8vIHRo ZSBvYmplY3QgKGFmdGVyIHNldHRpbmcgb2YgdGhlIHZhbHVlKSwgYnV0IGJlZm9yZSB1cGRhdGlu ZyB0aGUKKyAgICAgICAgLy8gcHVibGljIGxlbmd0aC4gQXMgYSByZXN1bHQsIHRoZSBHQyBtYXkg bm90IGhhdmUgc2Nhbm5lZCB0aGUgbmV3bHkKKyAgICAgICAgLy8gc2V0IHZhbHVlLgorICAgICAg ICBidXR0ZXJmbHktPmNvbnRpZ3VvdXMoKS5hdCh0aGlzT2JqZWN0LCBwcm9wZXJ0eU5hbWUpLnNl dFdpdGhvdXRXcml0ZUJhcnJpZXIodmFsdWUpOwogICAgICAgICBpZiAocHJvcGVydHlOYW1lID49 IGJ1dHRlcmZseS0+cHVibGljTGVuZ3RoKCkpCiAgICAgICAgICAgICBidXR0ZXJmbHktPnNldFB1 YmxpY0xlbmd0aChwcm9wZXJ0eU5hbWUgKyAxKTsKKyAgICAgICAgdm0uaGVhcC53cml0ZUJhcnJp ZXIodGhpc09iamVjdCwgdmFsdWUpOwogICAgICAgICByZXR1cm4gdHJ1ZTsKICAgICB9CiAgICAg ICAgIApAQCAtMzQyOSw2ICszNDM1LDcgQEAgdm9pZCBKU09iamVjdDo6cmVhbGxvY2F0ZUFuZFNo cmlua0J1dHRlcgogICAgIEFTU0VSVChsZW5ndGggPD0gTUFYX1NUT1JBR0VfVkVDVE9SX0xFTkdU SCk7CiAgICAgQVNTRVJUKGhhc0NvbnRpZ3VvdXMoaW5kZXhpbmdUeXBlKCkpIHx8IGhhc0ludDMy KGluZGV4aW5nVHlwZSgpKSB8fCBoYXNEb3VibGUoaW5kZXhpbmdUeXBlKCkpIHx8IGhhc1VuZGVj aWRlZChpbmRleGluZ1R5cGUoKSkpOwogICAgIEFTU0VSVChtX2J1dHRlcmZseS0+dmVjdG9yTGVu Z3RoKCkgPiBsZW5ndGgpOworICAgIEFTU0VSVChtX2J1dHRlcmZseS0+cHVibGljTGVuZ3RoKCkg Pj0gbGVuZ3RoKTsKICAgICBBU1NFUlQoIW1fYnV0dGVyZmx5LT5pbmRleGluZ0hlYWRlcigpLT5w cmVDYXBhY2l0eShzdHJ1Y3R1cmUodm0pKSk7CiAKICAgICBEZWZlckdDIGRlZmVyR0Modm0uaGVh cCk7CkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9KU09iamVjdC5oCj09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTT2JqZWN0LmgJKHJldmlz aW9uIDI1MTM3NCkKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL0pTT2JqZWN0LmgJ KHdvcmtpbmcgY29weSkKQEAgLTQwOSw5ICs0MDksMTUgQEAgcHVibGljOgogICAgICAgICB9CiAg ICAgICAgIGNhc2UgQUxMX0NPTlRJR1VPVVNfSU5ERVhJTkdfVFlQRVM6IHsKICAgICAgICAgICAg IEFTU0VSVChpIDwgYnV0dGVyZmx5LT52ZWN0b3JMZW5ndGgoKSk7Ci0gICAgICAgICAgICBidXR0 ZXJmbHktPmNvbnRpZ3VvdXMoKS5hdCh0aGlzLCBpKS5zZXQodm0sIHRoaXMsIHYpOworICAgICAg ICAgICAgLy8gSXQncyBub3QgZWZmZWN0aXZlIHRvIHNldCB0aGUgdmFsdWUgd2l0aCBhIGJhcnJp ZXIgYmVjYXVzZSBpbiBhCisgICAgICAgICAgICAvLyByYWNlLCB0aGUgY29sbGVjdG9yIG1heSBz Y2FuIHRoaXMgb2JqZWN0IHJpZ2h0IGFmdGVyIHdlIGJhcnJpZXIKKyAgICAgICAgICAgIC8vIHRo ZSBvYmplY3QgKGFmdGVyIHNldHRpbmcgb2YgdGhlIHZhbHVlKSwgYnV0IGJlZm9yZSB1cGRhdGlu ZyB0aGUKKyAgICAgICAgICAgIC8vIHB1YmxpYyBsZW5ndGguIEFzIGEgcmVzdWx0LCB0aGUgR0Mg bWF5IG5vdCBoYXZlIHNjYW5uZWQgdGhlIG5ld2x5CisgICAgICAgICAgICAvLyBzZXQgdmFsdWUu CisgICAgICAgICAgICBidXR0ZXJmbHktPmNvbnRpZ3VvdXMoKS5hdCh0aGlzLCBpKS5zZXRXaXRo b3V0V3JpdGVCYXJyaWVyKHYpOwogICAgICAgICAgICAgaWYgKGkgPj0gYnV0dGVyZmx5LT5wdWJs aWNMZW5ndGgoKSkKICAgICAgICAgICAgICAgICBidXR0ZXJmbHktPnNldFB1YmxpY0xlbmd0aChp ICsgMSk7CisgICAgICAgICAgICB2bS5oZWFwLndyaXRlQmFycmllcih0aGlzLCB2KTsKICAgICAg ICAgICAgIGJyZWFrOwogICAgICAgICB9CiAgICAgICAgIGNhc2UgQUxMX0RPVUJMRV9JTkRFWElO R19UWVBFUzogewo=