209585 2020-03-26 00:31:35 -0700 Crash in RadioButtonGroups::requiredStateChanged 2020-03-26 14:26:14 -0700 1 1 1 Unclassified WebKit Forms WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=206337 InRadar P2 Normal --- 1 rniwa rniwa cdumez darin esprehn+autocc ews-watchlist kangil.han koivisto webkit-bug-importer wenson_hsieh zalan oldest_to_newest 1634230 0 rniwa 2020-03-26 00:31:35 -0700 e.g. 1 0x6aa089a19 WTFCrash 2 0x68d1959bb WTFCrashWithInfo(int, char const*, char const*, int) 3 0x68fcb94f7 WebCore::RadioButtonGroups::requiredStateChanged(WebCore::HTMLInputElement&) 4 0x68fff8024 WebCore::HTMLInputElement::requiredStateChanged() 5 0x68ffafa87 WebCore::HTMLFormControlElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomString const&) 6 0x6900eec5e WebCore::HTMLTextFormControlElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomString const&) 7 0x68fff43f0 WebCore::HTMLInputElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomString const&) 8 0x68fb8ccf4 WebCore::Element::attributeChanged(WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&, WebCore::Element::AttributeModificationReason) 9 0x68fd1accc WebCore::StyledElement::attributeChanged(WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&, WebCore::Element::AttributeModificationReason) 10 0x68fb934b2 WebCore::Element::didAddAttribute(WebCore::QualifiedName const&, WTF::AtomString const&) 11 0x68fb93400 WebCore::Element::addAttributeInternal(WebCore::QualifiedName const&, WTF::AtomString const&, WebCore::Element::SynchronizationOfLazyAttribute) 12 0x68fb8c3f5 WebCore::Element::setAttributeInternal(unsigned int, WebCore::QualifiedName const&, WTF::AtomString const&, WebCore::Element::SynchronizationOfLazyAttribute) 13 0x68fb859c2 WebCore::Element::setAttribute(WebCore::QualifiedName const&, WTF::AtomString const&) 14 0x68fb85925 WebCore::Element::setBooleanAttribute(WebCore::QualifiedName const&, bool) 15 0x68ddda3be WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)::'lambda'()::operator()() const 16 0x68ddda34d std::__1::enable_if<std::is_same<void, decltype(fp1())>::value, void>::type WebCore::AttributeSetter::call<WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)::'lambda'()>(JSC::JSGlobalObject&, JSC::ThrowScope&, WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)::'lambda'()&&) 17 0x68ddda30a WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&) 18 0x68dd2c854 bool WebCore::IDLAttribute<WebCore::JSHTMLInputElement>::set<&(WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)0>(JSC::JSGlobalObject&, long long, long long, char const*) 19 0x68dd2c6fc WebCore::setJSHTMLInputElementRequired(JSC::JSGlobalObject*, long long, long long) 20 0x6ab74414e JSC::callCustomSetter(JSC::JSGlobalObject*, bool (*)(JSC::JSGlobalObject*, long long, long long), bool, JSC::JSValue, JSC::JSValue) 21 0x6ab744222 JSC::callCustomSetter(JSC::JSGlobalObject*, JSC::JSValue, bool, JSC::JSObject*, JSC::JSValue, JSC::JSValue) 22 0x6ab8c72de JSC::JSObject::putInlineSlow(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) 23 0x6ab8c6c8e JSC::JSObject::putInlineForJSObject(JSC::JSCell*, JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) 1634234 1 394584 rniwa 2020-03-26 00:55:28 -0700 Created attachment 394584 Fixes the bug 1634399 2 394584 darin 2020-03-26 10:26:43 -0700 Comment on attachment 394584 Fixes the bug View in context: https://bugs.webkit.org/attachment.cgi?id=394584&action=review > Source/WebCore/dom/RadioButtonGroups.cpp:241 > + return; // FIXME: Update the radio button group before author script had a chance to run in didFinishInsertingNode(). I know this code pretty well, and I at least don’t understand what this comment asks us to fix. 1634400 3 394584 darin 2020-03-26 10:26:44 -0700 Comment on attachment 394584 Fixes the bug View in context: https://bugs.webkit.org/attachment.cgi?id=394584&action=review > Source/WebCore/dom/RadioButtonGroups.cpp:241 > + return; // FIXME: Update the radio button group before author script had a chance to run in didFinishInsertingNode(). I know this code pretty well, and I at least don’t understand what this comment asks us to fix. 1634477 4 rniwa 2020-03-26 12:10:22 -0700 (In reply to Darin Adler from comment #3) > Comment on attachment 394584 [details] > Fixes the bug > > View in context: > https://bugs.webkit.org/attachment.cgi?id=394584&action=review > > > Source/WebCore/dom/RadioButtonGroups.cpp:241 > > + return; // FIXME: Update the radio button group before author script had a chance to run in didFinishInsertingNode(). > > I know this code pretty well, and I at least don’t understand what this > comment asks us to fix. So the issue is that radio button groups are updated in didFinishInsertingNode() overrides but didFinishInsertingNode() calls on a node which appears earlier in the tree order could have ran arbitrary scripts and accessed this function. This FIXME can go away if we could update the radio button groups before running any author scripts in didFinishInsertingNode() somehow. e.g. #34 0x00000001166055c8 in WebCore::JSExecState::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) at /Volumes/Data/webkit/Source/WebCore/bindings/js/JSExecState.h:73 #35 0x000000011662232b in WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&) at /Volumes/Data/webkit/Source/WebCore/bindings/js/JSEventListener.cpp:180 #36 0x0000000116ce4ee7 in WebCore::EventTarget::innerInvokeEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener, WTF::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, WebCore::EventTarget::EventInvokePhase) at /Volumes/Data/webkit/Source/WebCore/dom/EventTarget.cpp:325 #37 0x0000000116ce1104 in WebCore::EventTarget::fireEventListeners(WebCore::Event&, WebCore::EventTarget::EventInvokePhase) at /Volumes/Data/webkit/Source/WebCore/dom/EventTarget.cpp:257 #38 0x0000000116d6c442 in WebCore::Node::handleLocalEvents(WebCore::Event&, WebCore::EventTarget::EventInvokePhase) at /Volumes/Data/webkit/Source/WebCore/dom/Node.cpp:2364 #39 0x0000000116ccc281 in WebCore::EventContext::handleLocalEvents(WebCore::Event&, WebCore::EventTarget::EventInvokePhase) const at /Volumes/Data/webkit/Source/WebCore/dom/EventContext.cpp:55 #40 0x0000000116cccd6f in WebCore::dispatchEventInDOM(WebCore::Event&, WebCore::EventPath const&) at /Volumes/Data/webkit/Source/WebCore/dom/EventDispatcher.cpp:100 #41 0x0000000116ccc8a7 in WebCore::EventDispatcher::dispatchEvent(WebCore::Node&, WebCore::Event&) at /Volumes/Data/webkit/Source/WebCore/dom/EventDispatcher.cpp:154 #42 0x0000000116d6c49d in WebCore::Node::dispatchEvent(WebCore::Event&) at /Volumes/Data/webkit/Source/WebCore/dom/Node.cpp:2374 #43 0x0000000117933b65 in WebCore::DOMWindow::dispatchLoadEvent() at /Volumes/Data/webkit/Source/WebCore/page/DOMWindow.cpp:2205 #44 0x0000000116bca998 in WebCore::Document::dispatchWindowLoadEvent() at /Volumes/Data/webkit/Source/WebCore/dom/Document.cpp:4762 #45 0x0000000116bca4f5 in WebCore::Document::implicitClose() at /Volumes/Data/webkit/Source/WebCore/dom/Document.cpp:3056 #46 0x000000011778037b in WebCore::FrameLoader::checkCallImplicitClose() at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:957 #47 0x000000011777fe8a in WebCore::FrameLoader::checkCompleted() at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:898 #48 0x000000011777e187 in WebCore::FrameLoader::finishedParsing() at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:808 #49 0x0000000116bdd7e6 in WebCore::Document::finishedParsing() at /Volumes/Data/webkit/Source/WebCore/dom/Document.cpp:5823 #50 0x000000011735c418 in WebCore::HTMLConstructionSite::finishedParsing() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLConstructionSite.cpp:419 #51 0x00000001173a4597 in WebCore::HTMLTreeBuilder::finished() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2843 #52 0x0000000117363808 in WebCore::HTMLDocumentParser::end() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:449 #53 0x00000001173616b8 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:458 #54 0x00000001173613e7 in WebCore::HTMLDocumentParser::prepareToStopParsing() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:153 #55 0x0000000117363872 in WebCore::HTMLDocumentParser::attemptToEnd() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:470 #56 0x0000000117363949 in WebCore::HTMLDocumentParser::finish() at /Volumes/Data/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:498 #57 0x00000001177185c2 in WebCore::DocumentWriter::end() at /Volumes/Data/webkit/Source/WebCore/loader/DocumentWriter.cpp:288 #58 0x000000011771756f in WebCore::DocumentLoader::finishedLoading() at /Volumes/Data/webkit/Source/WebCore/loader/DocumentLoader.cpp:449 #59 0x0000000117722c64 in WebCore::DocumentLoader::maybeLoadEmpty() at /Volumes/Data/webkit/Source/WebCore/loader/DocumentLoader.cpp:1793 #60 0x0000000117722df5 in WebCore::DocumentLoader::startLoadingMainResource() at /Volumes/Data/webkit/Source/WebCore/loader/DocumentLoader.cpp:1807 #61 0x00000001177b366c in WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WebCore::FormState*, WebCore::NavigationPolicyDecision, WebCore::AllowNavigationToInvalidURL)::$_11::operator()() at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:3547 #62 0x00000001177b2f7e in WTF::Detail::CallableWrapper<WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WebCore::FormState*, WebCore::NavigationPolicyDecision, WebCore::AllowNavigationToInvalidURL)::$_11, void>::call() at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/Function.h:52 #63 0x00000001142a2362 in WTF::Function<void ()>::operator()() const at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/Function.h:84 #64 0x00000001143056ee in WTF::CompletionHandler<void ()>::operator()() at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/CompletionHandler.h:62 #65 0x0000000117789cba in WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WebCore::FormState*, WebCore::NavigationPolicyDecision, WebCore::AllowNavigationToInvalidURL) at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:3551 #66 0x00000001177b0830 in WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WebCore::AllowNavigationToInvalidURL, WebCore::ShouldTreatAsContinuingLoad, WTF::CompletionHandler<void ()>&&)::$_8::operator()(WebCore::ResourceRequest const&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision) at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:1647 #67 0x00000001177b06ec in WTF::Detail::CallableWrapper<WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WebCore::AllowNavigationToInvalidURL, WebCore::ShouldTreatAsContinuingLoad, WTF::CompletionHandler<void ()>&&)::$_8, void, WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision>::call(WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision) at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/Function.h:52 #68 0x00000001177eb9e1 in WTF::Function<void (WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision)>::operator()(WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision) const at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/Function.h:84 #69 0x00000001177de1d7 in WTF::CompletionHandler<void (WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision)>::operator()(WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision) at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/CompletionHandler.h:62 #70 0x00000001177eef3a in WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WebCore::DocumentLoader*, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision)>&&, WebCore::PolicyDecisionMode)::$_7::operator()(WebCore::PolicyAction, WebCore::PolicyCheckIdentifier) at /Volumes/Data/webkit/Source/WebCore/loader/PolicyChecker.cpp:237 #71 0x00000001177edcd7 in WTF::Detail::CallableWrapper<WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WebCore::DocumentLoader*, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision)>&&, WebCore::PolicyDecisionMode)::$_7, void, WebCore::PolicyAction, WebCore::PolicyCheckIdentifier>::call(WebCore::PolicyAction, WebCore::PolicyCheckIdentifier) at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/Function.h:52 #72 0x000000011777c078 in WTF::Function<void (WebCore::PolicyAction, WebCore::PolicyCheckIdentifier)>::operator()(WebCore::PolicyAction, WebCore::PolicyCheckIdentifier) const at /Volumes/Data/webkit/WebKitBuild/Debug/usr/local/include/wtf/Function.h:84 #73 0x00000001177ddc64 in WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WebCore::DocumentLoader*, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&, WTF::WeakPtr<WebCore::FormState>&&, WebCore::NavigationPolicyDecision)>&&, WebCore::PolicyDecisionMode) at /Volumes/Data/webkit/Source/WebCore/loader/PolicyChecker.cpp:245 #74 0x0000000117788ad1 in WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WebCore::AllowNavigationToInvalidURL, WebCore::ShouldTreatAsContinuingLoad, WTF::CompletionHandler<void ()>&&) at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:1646 #75 0x0000000117786b1e in WebCore::FrameLoader::loadWithNavigationAction(WebCore::ResourceRequest const&, WebCore::NavigationAction&&, WebCore::LockHistory, WebCore::FrameLoadType, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WebCore::AllowNavigationToInvalidURL, WTF::String const&, WTF::CompletionHandler<void ()>&&) at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:1515 #76 0x0000000117782e07 in WebCore::FrameLoader::loadURL(WebCore::FrameLoadRequest&&, WTF::String const&, WebCore::FrameLoadType, WebCore::Event*, WTF::RefPtr<WebCore::FormState, WTF::DumbPtrTraits<WebCore::FormState> >&&, WTF::Optional<WebCore::AdClickAttribution>&&, WTF::CompletionHandler<void ()>&&) at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:1423 #77 0x0000000117780d09 in WebCore::FrameLoader::loadURLIntoChildFrame(WTF::URL const&, WTF::String const&, WebCore::Frame*) at /Volumes/Data/webkit/Source/WebCore/loader/FrameLoader.cpp:990 #78 0x00000001132eaad7 in WebFrameLoaderClient::createFrame(WTF::URL const&, WTF::String const&, WebCore::HTMLFrameOwnerElement&, WTF::String const&) at /Volumes/Data/webkit/Source/WebKitLegacy/mac/WebCoreSupport/WebFrameLoaderClient.mm:1641 #79 0x0000000117800e48 in WebCore::SubframeLoader::loadSubframe(WebCore::HTMLFrameOwnerElement&, WTF::URL const&, WTF::String const&, WTF::String const&) at /Volumes/Data/webkit/Source/WebCore/loader/SubframeLoader.cpp:343 #80 0x00000001177ff743 in WebCore::SubframeLoader::loadOrRedirectSubframe(WebCore::HTMLFrameOwnerElement&, WTF::URL const&, WTF::AtomString const&, WebCore::LockHistory, WebCore::LockBackForwardList) at /Volumes/Data/webkit/Source/WebCore/loader/SubframeLoader.cpp:310 #81 0x00000001177ff1b0 in WebCore::SubframeLoader::requestFrame(WebCore::HTMLFrameOwnerElement&, WTF::String const&, WTF::AtomString const&, WebCore::LockHistory, WebCore::LockBackForwardList) at /Volumes/Data/webkit/Source/WebCore/loader/SubframeLoader.cpp:99 #82 0x00000001170cc6c8 in WebCore::HTMLFrameElementBase::openURL(WebCore::LockHistory, WebCore::LockBackForwardList) at /Volumes/Data/webkit/Source/WebCore/html/HTMLFrameElementBase.cpp:102 #83 0x00000001170cc8f2 in WebCore::HTMLFrameElementBase::didFinishInsertingNode() at /Volumes/Data/webkit/Source/WebCore/html/HTMLFrameElementBase.cpp:142 1634502 5 rniwa 2020-03-26 12:53:53 -0700 (In reply to Ryosuke Niwa from comment #4) > (In reply to Darin Adler from comment #3) > > Comment on attachment 394584 [details] > > Fixes the bug > > > > View in context: > > https://bugs.webkit.org/attachment.cgi?id=394584&action=review > > > > > Source/WebCore/dom/RadioButtonGroups.cpp:241 > > > + return; // FIXME: Update the radio button group before author script had a chance to run in didFinishInsertingNode(). > > > > I know this code pretty well, and I at least don’t understand what this > > comment asks us to fix. > > So the issue is that radio button groups are updated in > didFinishInsertingNode() overrides but didFinishInsertingNode() calls on a > node which appears earlier in the tree order could have ran arbitrary > scripts and accessed this function. This FIXME can go away if we could > update the radio button groups before running any author scripts in > didFinishInsertingNode() somehow. Maybe we can rephrase it like this: FIXME: Update the radio button groups before didFinishInsertingNode() on other nodes which appear earlier in the tree order could have ran scripts and mutated DOM WDYT? 1634505 6 darin 2020-03-26 13:02:53 -0700 I don’t think this null check requires a FIXME. It makes total sense that if there’s no group we don’t update it, and doesn’t really "raise my eyebrows" much. I do think we might want to add an assertion if we could resolve the FIXME. But this doesn’t seem super-important to me. Not sure we need to record it in the code at all. What we do need is a test case that exercises this! 1634508 7 rniwa 2020-03-26 13:05:50 -0700 (In reply to Darin Adler from comment #6) > I don’t think this null check requires a FIXME. It makes total sense that if > there’s no group we don’t update it, and doesn’t really "raise my eyebrows" > much. > > I do think we might want to add an assertion if we could resolve the FIXME. > But this doesn’t seem super-important to me. Not sure we need to record it > in the code at all. What we do need is a test case that exercises this! Sure. The newly added test does exercise this code path. 1634509 8 rniwa 2020-03-26 13:06:38 -0700 I'm gonna land the patch without FIXME. 1634565 9 rniwa 2020-03-26 14:25:23 -0700 Committed r259079: <https://trac.webkit.org/changeset/259079> 1634566 10 webkit-bug-importer 2020-03-26 14:26:14 -0700 <rdar://problem/60936486> 394584 2020-03-26 00:55:28 -0700 2020-03-26 07:37:49 -0700 Fixes the bug bug-209585-20200326005527.patch text/plain 4247 rniwa SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDI1OTAzNikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE3IEBACisyMDIwLTAzLTI2ICBSeW9zdWtl IE5pd2EgIDxybml3YUB3ZWJraXQub3JnPgorCisgICAgICAgIENyYXNoIGluIFJhZGlvQnV0dG9u R3JvdXBzOjpyZXF1aXJlZFN0YXRlQ2hhbmdlZAorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0 Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjA5NTg1CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZ IChPT1BTISkuCisKKyAgICAgICAgTGlrZSByMjU0NzIyLCByYWRpbyBncm91cCBjb3VsZCBiZSBu dWxsIGluIFJhZGlvQnV0dG9uR3JvdXBzOjpyZXF1aXJlZFN0YXRlQ2hhbmdlZC4gQWRkZWQgYSBu dWxsIGNoZWNrLgorCisgICAgICAgIFRlc3Q6IGZhc3QvZm9ybXMvdXBkYXRlLXJlcXVpcmVkLXN0 YXRlLW9uLXJhZGlvLWJlZm9yZS1maW5hbGl6aW5nLXRyZWUtaW5zZXJ0aW9uLWNyYXNoLmh0bWwK KworICAgICAgICAqIGRvbS9SYWRpb0J1dHRvbkdyb3Vwcy5jcHA6CisgICAgICAgIChXZWJDb3Jl OjpSYWRpb0J1dHRvbkdyb3Vwczo6cmVxdWlyZWRTdGF0ZUNoYW5nZWQpOgorCiAyMDIwLTAzLTI2 ICBSb2IgQnVpcyAgPHJidWlzQGlnYWxpYS5jb20+CiAKICAgICAgICAgVGFrZSBpbnRvIGFjY291 bnQgcmVmZXJyZXItcG9saWN5IGluIGFwcGVuZCBPcmlnaW4gaGVhZGVyIGFsZ29yaXRobQpJbmRl eDogU291cmNlL1dlYkNvcmUvZG9tL1JhZGlvQnV0dG9uR3JvdXBzLmNwcAo9PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0t LSBTb3VyY2UvV2ViQ29yZS9kb20vUmFkaW9CdXR0b25Hcm91cHMuY3BwCShyZXZpc2lvbiAyNTg4 MjUpCisrKyBTb3VyY2UvV2ViQ29yZS9kb20vUmFkaW9CdXR0b25Hcm91cHMuY3BwCSh3b3JraW5n IGNvcHkpCkBAIC0yMzcsNyArMjM3LDggQEAgdm9pZCBSYWRpb0J1dHRvbkdyb3Vwczo6cmVxdWly ZWRTdGF0ZUNoYQogICAgIGlmIChlbGVtZW50Lm5hbWUoKS5pc0VtcHR5KCkpCiAgICAgICAgIHJl dHVybjsKICAgICBhdXRvKiBncm91cCA9IG1fbmFtZVRvR3JvdXBNYXAuZ2V0KGVsZW1lbnQubmFt ZSgpLmltcGwoKSk7Ci0gICAgQVNTRVJUKGdyb3VwKTsKKyAgICBpZiAoIWdyb3VwKQorICAgICAg ICByZXR1cm47IC8vIEZJWE1FOiBVcGRhdGUgdGhlIHJhZGlvIGJ1dHRvbiBncm91cCBiZWZvcmUg YXV0aG9yIHNjcmlwdCBoYWQgYSBjaGFuY2UgdG8gcnVuIGluIGRpZEZpbmlzaEluc2VydGluZ05v ZGUoKS4KICAgICBncm91cC0+cmVxdWlyZWRTdGF0ZUNoYW5nZWQoZWxlbWVudCk7CiB9CiAKSW5k ZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9DaGFu Z2VMb2cJKHJldmlzaW9uIDI1ODgyNSkKKysrIExheW91dFRlc3RzL0NoYW5nZUxvZwkod29ya2lu ZyBjb3B5KQpAQCAtMSwzICsxLDE1IEBACisyMDIwLTAzLTI2ICBSeW9zdWtlIE5pd2EgIDxybml3 YUB3ZWJraXQub3JnPgorCisgICAgICAgIENyYXNoIGluIFJhZGlvQnV0dG9uR3JvdXBzOjpyZXF1 aXJlZFN0YXRlQ2hhbmdlZAorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1 Zy5jZ2k/aWQ9MjA5NTg1CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisK KyAgICAgICAgQWRkZWQgYSByZWdyZXNzaW9uIHRlc3QuCisKKyAgICAgICAgKiBmYXN0L2Zvcm1z L3VwZGF0ZS1yZXF1aXJlZC1zdGF0ZS1vbi1yYWRpby1iZWZvcmUtZmluYWxpemluZy10cmVlLWlu c2VydGlvbi1jcmFzaC1leHBlY3RlZC50eHQ6IEFkZGVkLgorICAgICAgICAqIGZhc3QvZm9ybXMv dXBkYXRlLXJlcXVpcmVkLXN0YXRlLW9uLXJhZGlvLWJlZm9yZS1maW5hbGl6aW5nLXRyZWUtaW5z ZXJ0aW9uLWNyYXNoLmh0bWw6IEFkZGVkLgorCiAyMDIwLTAzLTIyICBBbnRvaW5lIFF1aW50ICA8 Z3Jhb3V0c0BhcHBsZS5jb20+CiAKICAgICAgICAgWyBNYWMgXSBpbXBvcnRlZC93M2Mvd2ViLXBs YXRmb3JtLXRlc3RzL3dlYi1hbmltYXRpb25zL3RpbWluZy1tb2RlbC90aW1lbGluZXMvdXBkYXRl LWFuZC1zZW5kLWV2ZW50cy1yZXBsYWNlbWVudC5odG1sIGlzIGZsYWt5IGZhaWxpbmcuCkluZGV4 OiBMYXlvdXRUZXN0cy9mYXN0L2Zvcm1zL3VwZGF0ZS1yZXF1aXJlZC1zdGF0ZS1vbi1yYWRpby1i ZWZvcmUtZmluYWxpemluZy10cmVlLWluc2VydGlvbi1jcmFzaC1leHBlY3RlZC50eHQKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gTGF5b3V0VGVzdHMvZmFzdC9mb3Jtcy91cGRhdGUtcmVxdWlyZWQtc3RhdGUtb24t cmFkaW8tYmVmb3JlLWZpbmFsaXppbmctdHJlZS1pbnNlcnRpb24tY3Jhc2gtZXhwZWN0ZWQudHh0 CShub25leGlzdGVudCkKKysrIExheW91dFRlc3RzL2Zhc3QvZm9ybXMvdXBkYXRlLXJlcXVpcmVk LXN0YXRlLW9uLXJhZGlvLWJlZm9yZS1maW5hbGl6aW5nLXRyZWUtaW5zZXJ0aW9uLWNyYXNoLWV4 cGVjdGVkLnR4dAkod29ya2luZyBjb3B5KQpAQCAtMCwwICsxLDUgQEAKK1RoaXMgdGVzdHMgdXBk YXRpbmcgdGhlIHJlcXVpcmVkIHN0YXRlIG9mIGEgcmFkaW8gYnV0dG9uIGluIHRoZSBtaWRkbGUg b2Ygbm9kZSBpbnNlcnRpb25zLgorVGhlIHRlc3QgcGFzc2VzIGlmIFdlYktpdCBkb2VzIG5vdCBj cmFzaCBvciBoaXQgYSBkZWJ1ZyBhc3NlcnRpb24uCisKKworCkluZGV4OiBMYXlvdXRUZXN0cy9m YXN0L2Zvcm1zL3VwZGF0ZS1yZXF1aXJlZC1zdGF0ZS1vbi1yYWRpby1iZWZvcmUtZmluYWxpemlu Zy10cmVlLWluc2VydGlvbi1jcmFzaC5odG1sCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zh c3QvZm9ybXMvdXBkYXRlLXJlcXVpcmVkLXN0YXRlLW9uLXJhZGlvLWJlZm9yZS1maW5hbGl6aW5n LXRyZWUtaW5zZXJ0aW9uLWNyYXNoLmh0bWwJKG5vbmV4aXN0ZW50KQorKysgTGF5b3V0VGVzdHMv ZmFzdC9mb3Jtcy91cGRhdGUtcmVxdWlyZWQtc3RhdGUtb24tcmFkaW8tYmVmb3JlLWZpbmFsaXpp bmctdHJlZS1pbnNlcnRpb24tY3Jhc2guaHRtbAkod29ya2luZyBjb3B5KQpAQCAtMCwwICsxLDM3 IEBACis8IURPQ1RZUEUgaHRtbD4KKzxodG1sPgorPGJvZHk+Cis8cD5UaGlzIHRlc3RzIHVwZGF0 aW5nIHRoZSByZXF1aXJlZCBzdGF0ZSBvZiBhIHJhZGlvIGJ1dHRvbiBpbiB0aGUgbWlkZGxlIG9m IG5vZGUgaW5zZXJ0aW9ucy48YnI+CitUaGUgdGVzdCBwYXNzZXMgaWYgV2ViS2l0IGRvZXMgbm90 IGNyYXNoIG9yIGhpdCBhIGRlYnVnIGFzc2VydGlvbi48L3A+Cis8ZGl2IGlkPSJyZXN1bHQiPjwv ZGl2PgorPHN0eWxlPgorOmluZGV0ZXJtaW5hdGUgeyBjb2xvcjogZ3JlZW47IH0KKzwvc3R5bGU+ Cis8c2NyaXB0PgorCitpZiAod2luZG93LnRlc3RSdW5uZXIpCisgICAgdGVzdFJ1bm5lci5kdW1w QXNUZXh0KCk7CisKK2NvbnN0IGRpdiA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ2RpdicpOwor Citjb25zdCBzY3JpcHQgPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTsKK3Njcmlw dC50ZXh0Q29udGVudCA9ICdpbnB1dC5yZXF1aXJlZCA9IHRydWUnOworZGl2LmFwcGVuZENoaWxk KHNjcmlwdCk7CisKK2NvbnN0IGlucHV0ID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnaW5wdXQn KTsKK2lucHV0LnR5cGUgPSAncmFkaW8nOworaW5wdXQubmFtZSA9ICdiYXonOworaW5wdXQuZm9y bSA9ICdmb28nOworZGl2LmFwcGVuZENoaWxkKGlucHV0KTsKKworY29uc3QgaW5wdXQyID0gZG9j dW1lbnQuY3JlYXRlRWxlbWVudCgnaW5wdXQnKTsKK2lucHV0Mi50eXBlID0gJ3JhZGlvJzsKK2lu cHV0Mi5uYW1lID0gJ2Jhcic7CitpbnB1dDIuZm9ybSA9ICdmb28nOworZG9jdW1lbnQuYm9keS5h cHBlbmRDaGlsZChpbnB1dDIpOworCitkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGRpdik7CisK Kzwvc2NyaXB0PgorPC9ib2R5PgorPC9odG1sPgo=