22634 2008-12-03 13:57:32 -0800 Safari crashes when I try to do a drag-and-drop of selected text in Google presentations 2009-03-12 13:29:45 -0700 1 1 1 Unclassified WebKit New Bugs 528+ (Nightly build) PC Windows XP RESOLVED FIXED P1 Normal --- 19066 24302 1 anantha webkit-unassigned eric justin.garcia mal sky oldest_to_newest 101259 0 anantha 2008-12-03 13:57:32 -0800 Steps: 1. Login into google docs and open a Presently with text. 2. Highlight some text. 3. Try to drag and drop it to a new location in the slide (a small plus-sign icon appears next to the mouse pointer) Issue: Browser crashes. Nightly tested: 38794 111848 1 eric 2009-03-02 10:29:00 -0800 Should be easy find and to fix. I'll investigate today. 111862 2 sky 2009-03-02 11:21:32 -0800 Things seem to get confused in ReplaceSelectionCommand::doApply. Specifically the second time through we end up here: if (shouldMergeStart(selectionStartWasStartOfParagraph, fragment.hasInterchangeNewlineAtStart())) { .... if (startOfParagraph(endOfInsertedContent) == startOfParagraphToMove) insertNodeAt(createBreakElement(document()).get(), endOfInsertedContent.deepEquivalent()); The problem is with insertNodeAt. The page has some javascript such that when insertNodeAt is invoked the script ends up calling back with the command "delete" to delete the text we're trying to insert at. Here's the trace showing the remove being invoked: chrome.dll!WebCore::ContainerNode::removeChild(WebCore::Node * oldChild=0x064cc4c8, int & ec=-858993460) Line 308 C++ chrome.dll!WebCore::Node::remove(int & ec=-858993460) Line 521 + 0x17 bytes C++ chrome.dll!WebCore::RemoveNodeCommand::doApply() Line 53 C++ chrome.dll!WebCore::EditCommand::apply() Line 92 + 0xf bytes C++ chrome.dll!WebCore::CompositeEditCommand::applyCommandToComposite(WTF::PassRefPtr<WebCore::EditCommand> cmd={...}) Line 99 C++ chrome.dll!WebCore::CompositeEditCommand::removeNode(WTF::PassRefPtr<WebCore::Node> node={...}) Line 199 + 0x28 bytes C++ chrome.dll!WebCore::DeleteSelectionCommand::removeNode(WTF::PassRefPtr<WebCore::Node> node={...}) Line 377 C++ chrome.dll!WebCore::DeleteSelectionCommand::handleGeneralDelete() Line 472 C++ chrome.dll!WebCore::DeleteSelectionCommand::doApply() Line 766 C++ chrome.dll!WebCore::EditCommand::apply() Line 92 + 0xf bytes C++ chrome.dll!WebCore::CompositeEditCommand::applyCommandToComposite(WTF::PassRefPtr<WebCore::EditCommand> cmd={...}) Line 99 C++ chrome.dll!WebCore::CompositeEditCommand::deleteSelection(const WebCore::VisibleSelection & selection={...}, bool smartDelete=false, bool mergeBlocksAfterDelete=true, bool replace=false, bool expandForSpecialElements=true) Line 351 + 0x30 bytes C++ chrome.dll!WebCore::TypingCommand::deleteKeyPressed(WebCore::TextGranularity granularity=CharacterGranularity, bool killRing=false) Line 448 C++ chrome.dll!WebCore::TypingCommand::doApply() Line 256 C++ chrome.dll!WebCore::EditCommand::apply() Line 92 + 0xf bytes C++ chrome.dll!WebCore::TypingCommand::deleteKeyPressed(WebCore::Document * document=0x07f9a378, bool smartDelete=false, WebCore::TextGranularity granularity=CharacterGranularity, bool killRing=false) Line 97 C++ chrome.dll!WebCore::executeDelete(WebCore::Frame * frame=0x07f99ce0, WebCore::Event * __formal=0x00000000, WebCore::EditorCommandSource source=CommandFromDOM, WebCore::Event * __formal=0x00000000) Line 289 + 0x21 bytes C++ chrome.dll!WebCore::Editor::Command::execute(const WebCore::String & parameter={...}, WebCore::Event * triggeringEvent=0x00000000) Line 1450 + 0x24 bytes C++ > chrome.dll!WebCore::Document::execCommand(const WebCore::String & commandName={...}, bool userInterface=false, const WebCore::String & value={...}) Line 3386 + 0x25 bytes C++ chrome.dll!WebCore::DocumentInternal::execCommandCallback(const v8::Arguments & args={...}) Line 657 + 0x14 bytes C++ chrome.dll!v8::internal::Builtin_HandleApiCall(int __argc__=4, v8::internal::Object * * __argv__=0x052fe740) Line 380 + 0xe bytes C++ 0598016c() chrome.dll!v8::internal::Invoke(bool construct=false, v8::internal::Handle<v8::internal::JSFunction> func={...}, v8::internal::Handle<v8::internal::Object> receiver={...}, int argc=1, v8::internal::Object * * * args=0x052fe9dc, bool * has_pending_exception=0x052fe96b) Line 90 + 0x34 bytes C++ chrome.dll!v8::internal::Execution::Call(v8::internal::Handle<v8::internal::JSFunction> func={...}, v8::internal::Handle<v8::internal::Object> receiver={...}, int argc=1, v8::internal::Object * * * args=0x052fe9dc, bool * pending_exception=0x052fe96b) Line 116 + 0x1f bytes C++ chrome.dll!v8::Function::Call(v8::Handle<v8::Object> recv={...}, int argc=1, v8::Handle<v8::Value> * argv=0x052fe9dc) Line 1939 + 0x1d bytes C++ chrome.dll!WebCore::V8Proxy::CallFunction(v8::Handle<v8::Function> function={...}, v8::Handle<v8::Object> receiver={...}, int argc=1, v8::Handle<v8::Value> * args=0x052fe9dc) Line 1460 + 0x1f bytes C++ chrome.dll!WebCore::V8EventListener::CallListenerFunction(v8::Handle<v8::Value> jsevent={...}, WebCore::Event * event=0x07ccea80, bool isWindowEvent=false) Line 225 + 0x26 bytes C++ chrome.dll!WebCore::V8AbstractEventListener::handleEvent(WebCore::Event * event=0x07ccea80, bool isWindowEvent=false) Line 111 + 0x22 bytes C++ chrome.dll!WebCore::Node::handleLocalEvents(WebCore::Event * event=0x07ccea80, bool useCapture=false) Line 2312 + 0x20 bytes C++ chrome.dll!WebCore::Node::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event> prpEvent={...}) Line 2445 + 0x1d bytes C++ chrome.dll!WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event> e={...}, int & ec=0) Line 2366 + 0x12 bytes C++ chrome.dll!WebCore::dispatchChildInsertionEvents(WebCore::Node * child=0x063ce8b0, int & ec=0) Line 890 + 0x74 bytes C++ chrome.dll!WebCore::ContainerNode::appendChild(WTF::PassRefPtr<WebCore::Node> newChild={...}, int & ec=0, bool shouldLazyAttach=false) Line 490 + 0x12 bytes C++ chrome.dll!WebCore::AppendNodeCommand::doApply() Line 49 C++ chrome.dll!WebCore::EditCommand::apply() Line 92 + 0xf bytes C++ chrome.dll!WebCore::CompositeEditCommand::applyCommandToComposite(WTF::PassRefPtr<WebCore::EditCommand> cmd={...}) Line 99 C++ chrome.dll!WebCore::CompositeEditCommand::appendNode(WTF::PassRefPtr<WebCore::Node> node={...}, WTF::PassRefPtr<WebCore::Element> parent={...}) Line 182 + 0x34 bytes C++ chrome.dll!WebCore::CompositeEditCommand::insertNodeAfter(WTF::PassRefPtr<WebCore::Node> insertChild={...}, WTF::PassRefPtr<WebCore::Node> refChild={...}) Line 147 C++ chrome.dll!WebCore::CompositeEditCommand::insertNodeAt(WTF::PassRefPtr<WebCore::Node> insertChild={...}, const WebCore::Position & editingPosition={...}) Line 177 C++ chrome.dll!WebCore::ReplaceSelectionCommand::doApply() Line 900 + 0x43 bytes C++ chrome.dll!WebCore::EditCommand::apply() Line 92 + 0xf bytes C++ chrome.dll!WebCore::applyCommand(WTF::PassRefPtr<WebCore::EditCommand> command={...}) Line 228 C++ chrome.dll!WebCore::DragController::concludeEditDrag(WebCore::DragData * dragData=0x052ff6b4) Line 410 + 0x4a bytes C++ chrome.dll!WebCore::DragController::performDrag(WebCore::DragData * dragData=0x052ff6b4) Line 192 + 0x17 bytes C++ chrome.dll!WebViewImpl::DragTargetDrop(int client_x=353, int client_y=526, int screen_x=1789, int screen_y=1093) Line 1522 C++ chrome.dll!RenderView::OnDragTargetDrop(const gfx::Point & client_pt={...}, const gfx::Point & screen_pt={...}) Line 2631 + 0x41 bytes C++ chrome.dll!DispatchToMethod<RenderView,void (__thiscall RenderView::*)(gfx::Point const &,gfx::Point const &),gfx::Point,gfx::Point>(RenderView * obj=0x06365198, void (const gfx::Point &, const gfx::Point &)* method=0x010513f0, const Tuple2<gfx::Point,gfx::Point> & arg={...}) Line 398 + 0x26 bytes C++ chrome.dll!IPC::MessageWithTuple<Tuple2<gfx::Point,gfx::Point> >::Dispatch<RenderView,void (__thiscall RenderView::*)(gfx::Point const &,gfx::Point const &)>(const IPC::Message * msg=0x07ccfdb0, RenderView * obj=0x06365198, void (const gfx::Point &, const gfx::Point &)* func=0x010513f0) Line 1157 + 0x23 bytes C++ chrome.dll!RenderView::OnMessageReceived(const IPC::Message & message={...}) Line 383 + 0x4a bytes C++ chrome.dll!MessageRouter::RouteMessage(const IPC::Message & msg={...}) Line 39 + 0x13 bytes C++ chrome.dll!MessageRouter::OnMessageReceived(const IPC::Message & msg={...}) Line 30 + 0x13 bytes C++ chrome.dll!ChildThread::OnMessageReceived(const IPC::Message & msg={...}) Line 64 + 0x17 bytes C++ chrome.dll!IPC::ChannelProxy::Context::OnDispatchMessage(const IPC::Message & message={...}) Line 174 + 0x1b bytes C++ chrome.dll!DispatchToMethod<IPC::ChannelProxy::Context,void (__thiscall IPC::ChannelProxy::Context::*)(IPC::Message const &),IPC::Message>(IPC::ChannelProxy::Context * obj=0x04d75e18, void (const IPC::Message &)* method=0x010d5930, const Tuple1<IPC::Message> & arg={...}) Line 393 + 0xf bytes C++ chrome.dll!RunnableMethod<IPC::ChannelProxy::Context,void (__thiscall IPC::ChannelProxy::Context::*)(IPC::Message const &),Tuple1<IPC::Message> >::Run() Line 308 + 0x1e bytes C++ chrome.dll!MessageLoop::RunTask(Task * task=0x07ccfd88) Line 308 + 0xf bytes C++ chrome.dll!MessageLoop::DeferOrRunPendingTask(const MessageLoop::PendingTask & pending_task={...}) Line 319 C++ chrome.dll!MessageLoop::DoWork() Line 408 + 0xc bytes C++ chrome.dll!base::MessagePumpForUI::DoRunLoop() Line 208 + 0x1d bytes C++ chrome.dll!base::MessagePumpWin::RunWithDispatcher(base::MessagePump::Delegate * delegate=0x052ffeb4, base::MessagePumpWin::Dispatcher * dispatcher=0x00000000) Line 52 + 0xf bytes C++ chrome.dll!base::MessagePumpWin::Run(base::MessagePump::Delegate * delegate=0x052ffeb4) Line 78 + 0x1c bytes C++ chrome.dll!MessageLoop::RunInternal() Line 197 + 0x2a bytes C++ chrome.dll!MessageLoop::RunHandler() Line 181 C++ chrome.dll!MessageLoop::Run() Line 155 C++ chrome.dll!base::Thread::ThreadMain() Line 159 C++ chrome.dll!`anonymous namespace'::ThreadFunc(void * closure=0x04d7582c) Line 26 + 0xf bytes C++ kernel32.dll!7c80b713() [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll] Once the node has been deleted everything gets confused. Perhaps we should bail after insertNodeAt if the parent is null. 111876 3 eric 2009-03-02 12:49:22 -0800 This may be the same as bug 19066. Marking it as "depends on" even though it might not actually "depend on" fixing that bug. Investigating both today. 111879 4 sky 2009-03-02 12:54:52 -0800 Adding: if (!startOfParagraphToMove.deepEquivalent().node()->parent()) { // Inserting the break resulted in deleting the node we're going to move. return; } Right after: if (startOfParagraph(endOfInsertedContent) == startOfParagraphToMove) { insertNodeAt(createBreakElement(document()).get(), endOfInsertedContent.deepEquivalent()); In ReplaceSelectionCommand fixes the bug, but when attempting to drag the third time a different crash occurs. Seems to me any place in ReplaceSelectionCommand that does mutation needs to make sure the document is sane before continuing. This is based on my limited knowledge of webkit though, so I could of course be completely wrong. 111880 5 eric 2009-03-02 12:55:20 -0800 Here is the stack trace of when we hit the first ASSERT: ASSERT(isStartOfParagraph(startOfParagraphToMove)); startOfParagraphToMove is a CharacterData node (or a TextNode?) which is not in any document. It's got a null parent and null document. #0 0x035cbe2e in WebCore::CompositeEditCommand::moveParagraph at CompositeEditCommand.cpp:732 #1 0x03bb009e in WebCore::ReplaceSelectionCommand::doApply at ReplaceSelectionCommand.cpp:904 #2 0x0370073d in WebCore::EditCommand::apply at EditCommand.cpp:92 #3 0x037007b5 in WebCore::applyCommand at EditCommand.cpp:227 #4 0x036fd1ab in WebCore::DragController::concludeEditDrag at DragController.cpp:410 #5 0x036fd699 in WebCore::DragController::performDrag at DragController.cpp:192 #6 0x00385891 in -[WebView performDragOperation:] at WebView.mm:3196 #7 0x93957931 in NSCoreDragReceiveProc #8 0x9001a1b0 in DoDropMessage #9 0x9001a126 in SendDropMessage #10 0x9001748e in DragInApplication #11 0x90015f32 in CoreDragStartDragging #12 0x939557b5 in -[NSCoreDragManager _dragUntilMouseUp:accepted:] #13 0x939546d6 in -[NSCoreDragManager dragImage:fromWindow:at:offset:event:pasteboard:source:slideBack:] #14 0x93954120 in -[NSWindow(NSDrag) dragImage:at:offset:event:pasteboard:source:slideBack:] #15 0x00318235 in -[WebHTMLView dragImage:at:offset:event:pasteboard:source:slideBack:] at WebHTMLView.mm:3262 #16 0x002f06fb in WebDragClient::startDrag at WebDragClient.mm:116 #17 0x036fa7cb in WebCore::DragController::doSystemDrag at DragController.cpp:751 #18 0x036fb9f2 in WebCore::DragController::startDrag at DragController.cpp:686 #19 0x037208cd in WebCore::EventHandler::handleDrag at EventHandler.cpp:2098 #20 0x037209bc in WebCore::EventHandler::handleMouseDraggedEvent at EventHandler.cpp:394 #21 0x03721386 in WebCore::EventHandler::handleMouseMoveEvent at EventHandler.cpp:1271 #22 0x03725a50 in WebCore::EventHandler::mouseDragged at EventHandlerMac.mm:505 #23 0x0031bc10 in -[WebHTMLView mouseDragged:] at WebHTMLView.mm:3275 111881 6 eric 2009-03-02 12:57:07 -0800 I'm a little surprised at the code path taken by this code: if (dragIsMove(innerFrame->selection())) { bool smartMove = innerFrame->selectionGranularity() == WordGranularity && innerFrame->editor()->smartInsertDeleteEnabled() && dragData->canSmartReplace(); applyCommand(MoveSelectionCommand::create(fragment, dragCaret.base(), smartMove)); } else { if (setSelectionToDragCaret(innerFrame, dragCaret, range, point)) applyCommand(ReplaceSelectionCommand::create(m_document, fragment, true, dragData->canSmartReplace(), chosePlainText)); // WE TAKE THIS PATH } I would have expected that the drag would be a "move" since I just dragged and dropped from the rich text field to the same rich text field. return m_document == m_dragInitiator && selection->isContentEditable() && !isCopyKeyDown(); Maybe presently (Google presentations) is doing something funny with the drag events. 111882 7 eric 2009-03-02 12:58:48 -0800 (gdb) p m_document $1 = (class WebCore::Document *) 0x754ca00 (gdb) p m_dragInitiator $2 = (class WebCore::Document *) 0x7459800 Yup, clearly we're dragging and dropping between separate documents in presently, even though it doesn't appear that way to the user. 111890 8 sky 2009-03-02 13:28:49 -0800 This fixes the crashers I'm seeing: Index: WebCore/editing/ReplaceSelectionCommand.cpp =================================================================== --- WebCore/editing/ReplaceSelectionCommand.cpp (revision 10629) +++ WebCore/editing/ReplaceSelectionCommand.cpp (working copy) @@ -839,6 +839,11 @@ fragment.removeNode(refNode); insertNodeAtAndUpdateNodesInserted(refNode, insertionPos); + + if (!refNode->parent()) { + // Inserting the node resulted in deleting the node we're going to move. + return; + } while (node) { Node* next = node->nextSibling(); @@ -896,8 +901,13 @@ // Insert a line break just after the inserted content to separate it from what // comes after and prevent that from happening. VisiblePosition endOfInsertedContent = positionAtEndOfInsertedContent(); - if (startOfParagraph(endOfInsertedContent) == startOfParagraphToMove) + if (startOfParagraph(endOfInsertedContent) == startOfParagraphToMove) { insertNodeAt(createBreakElement(document()).get(), endOfInsertedContent.deepEquivalent()); + if (!startOfParagraphToMove.deepEquivalent().node()->parent()) { + // Inserting the break resulted in deleting the node we're going to move. + return; + } + } // FIXME: Maintain positions for the start and end of inserted content instead of keeping nodes. The nodes are // only ever used to create positions where inserted content starts/ends. Eric, if you think this is the right approach and looks good I'll clean it up, try and create a layout test and submit a proper fix. What do you think? 111894 9 eric 2009-03-02 13:42:08 -0800 I'm not able to reproduce this in "writely" (docs.google.com, the word-like Documents portion) 111904 10 eric 2009-03-02 14:31:50 -0800 Ok, found out that Presently is creating an overlay iframe, which snags the drag. So the drag does go cross-document. Also, in this fancy iframe, they're signing up for the DOMNodeInserted and calling: document.execCommand("SelectAll"); document.execCommand("Delete"); document.execCommand("SelectAll"); from within their DOMNodeInserted handler. :) No wonder WebKit is having kittens here. 111905 11 28197 eric 2009-03-02 14:41:52 -0800 Created attachment 28197 manual test case This test case could possibly be reduced further. But it shows what presently is doing at least. 111920 12 28201 eric 2009-03-02 16:01:16 -0800 Created attachment 28201 Total hack, but it works WebCore/editing/CompositeEditCommand.cpp | 4 ++++ WebCore/editing/ReplaceSelectionCommand.cpp | 19 ++++++++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) 111922 13 eric 2009-03-02 16:02:11 -0800 This is not a fix I'm proud of. But I don't know of a more elegant way to do this yet. We need to find a nice way to re-write large chunks of the editing code to be mutation event safe! 111927 14 eric 2009-03-02 16:30:21 -0800 The attached fix seems to fix bug 24302 as well. I'll dupe them. 111929 15 eric 2009-03-02 16:30:45 -0800 *** Bug 24302 has been marked as a duplicate of this bug. *** 111936 16 28205 eric 2009-03-02 17:23:50 -0800 Created attachment 28205 Fix this crash by adding ugly null checks LayoutTests/ChangeLog | 11 +++++ ...crash-on-drag-with-mutation-events-expected.txt | 1 + .../crash-on-drag-with-mutation-events.html | 47 ++++++++++++++++++++ WebCore/ChangeLog | 19 ++++++++ WebCore/editing/CompositeEditCommand.cpp | 4 ++ WebCore/editing/ReplaceSelectionCommand.cpp | 19 +++++++- 6 files changed, 98 insertions(+), 3 deletions(-) 113128 17 28205 fishd 2009-03-11 00:02:48 -0700 Comment on attachment 28205 Fix this crash by adding ugly null checks This patch looks safe and reasonable to me. Were you hoping for a more expert opinion on the editor changes? 113129 18 justin.garcia 2009-03-11 00:08:41 -0700 looks fine to me, r=me2 113465 19 eric 2009-03-12 13:29:45 -0700 Committing to http://svn.webkit.org/repository/webkit/trunk ... M LayoutTests/ChangeLog A LayoutTests/editing/selection/crash-on-drag-with-mutation-events-expected.txt A LayoutTests/editing/selection/crash-on-drag-with-mutation-events.html M WebCore/ChangeLog M WebCore/editing/CompositeEditCommand.cpp M WebCore/editing/ReplaceSelectionCommand.cpp Committed r41645 28197 2009-03-02 14:41:52 -0800 2009-03-02 14:41:52 -0800 manual test case crazytalk.html text/html 785 eric PGRpdj5NYWtlIHN1cmUgV2ViS2l0IGRvZXNuJ3QgY3Jhc2ggd2hlbiB3ZWIgYXV0aG9ycyBibGFz dCBhd2F5IGV2ZXJ5dGhpbmcgaW4gRE9NTm9kZUluc2VydGVkIGhhbmRsZXIhIGh0dHBzOi8vYnVn cy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMjYzNDwvZGl2Pgo8ZGl2IGNvbnRlbnRFZGl0 YWJsZT5EcmFnIHNvbWV0aGluZyBmcm9tIGhlcmUgdG8gdGhlIGRvY3VtZW50IGJlbG93PC9kaXY+ CjxpZnJhbWUgc3JjPSJhYm91dDpibGFuayIgaWQ9ImlmcmFtZSI+PC9pZnJhbWU+CjxzY3JpcHQ+ CnZhciBpZnJhbWUgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiaWZyYW1lIik7CnZhciBkb2Mg PSBpZnJhbWUuY29udGVudERvY3VtZW50Owp2YXIgZGl2Rm9yRHJvcCA9IGRvY3VtZW50LmNyZWF0 ZUVsZW1lbnQoImRpdiIpOwpkaXZGb3JEcm9wLmNvbnRlbnRFZGl0YWJsZSA9IHRydWU7CmRvYy5i b2R5LmFwcGVuZENoaWxkKGRpdkZvckRyb3ApOwpkaXZGb3JEcm9wLmFwcGVuZENoaWxkKGRvY3Vt ZW50LmNyZWF0ZVRleHROb2RlKCJEcm9wIG9uIHRoaXMgbGluZSEiKSk7CgpmdW5jdGlvbiBjbGVh ckRpdkR1cmluZ0luc2VydGlvbigpCnsKICAgIGRvYy5leGVjQ29tbWFuZCgic2VsZWN0YWxsIik7 CiAgICBkb2MuZXhlY0NvbW1hbmQoImRlbGV0ZSIpOwogICAgZG9jLmV4ZWNDb21tYW5kKCJzZWxl Y3RhbGwiKTsKfQoKZGl2Rm9yRHJvcC5hZGRFdmVudExpc3RlbmVyKCJET01Ob2RlSW5zZXJ0ZWQi LCBjbGVhckRpdkR1cmluZ0luc2VydGlvbiwgdHJ1ZSk7Cjwvc2NyaXB0Pgo= 28201 2009-03-02 16:01:16 -0800 2009-03-02 17:23:59 -0800 Total hack, but it works Total-hack-but-it-works.patch text/plain 2848 eric NDRmZDlhM2ZiOWYwYmI5ZjRiZjcxMGM0NDJjODdkNTliOWIwMzY1NwpkaWZmIC0tZ2l0IGEvV2Vi Q29yZS9lZGl0aW5nL0NvbXBvc2l0ZUVkaXRDb21tYW5kLmNwcCBiL1dlYkNvcmUvZWRpdGluZy9D b21wb3NpdGVFZGl0Q29tbWFuZC5jcHAKaW5kZXggNzNkMWM0MS4uODgwNTBhYyAxMDA2NDQKLS0t IGEvV2ViQ29yZS9lZGl0aW5nL0NvbXBvc2l0ZUVkaXRDb21tYW5kLmNwcAorKysgYi9XZWJDb3Jl L2VkaXRpbmcvQ29tcG9zaXRlRWRpdENvbW1hbmQuY3BwCkBAIC0xNzEsNiArMTcxLDEwIEBAIHZv aWQgQ29tcG9zaXRlRWRpdENvbW1hbmQ6Omluc2VydE5vZGVBdChQYXNzUmVmUHRyPE5vZGU+IGlu c2VydENoaWxkLCBjb25zdCBQb3NpCiAgICAgICAgIGluc2VydE5vZGVCZWZvcmUoaW5zZXJ0Q2hp bGQsIHJlZkNoaWxkKTsKICAgICBlbHNlIGlmIChyZWZDaGlsZC0+aXNUZXh0Tm9kZSgpICYmIGNh cmV0TWF4T2Zmc2V0KHJlZkNoaWxkKSA+IG9mZnNldCkgewogICAgICAgICBzcGxpdFRleHROb2Rl KHN0YXRpY19jYXN0PFRleHQgKj4ocmVmQ2hpbGQpLCBvZmZzZXQpOworCisgICAgICAgIC8vIE11 dGF0aW9uIGV2ZW50cyAoYnVnIDIyNjM0KSBmcm9tIHRoZSB0ZXh0IG5vZGUgaW5zZXJ0aW9uIG1h eSBoYXZlIHJlbW92ZWQgdGhlIHJlZkNoaWxkCisgICAgICAgIGlmICghcmVmQ2hpbGQtPmluRG9j dW1lbnQoKSkKKyAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgaW5zZXJ0Tm9kZUJlZm9yZShp bnNlcnRDaGlsZCwgcmVmQ2hpbGQpOwogICAgIH0gZWxzZQogICAgICAgICBpbnNlcnROb2RlQWZ0 ZXIoaW5zZXJ0Q2hpbGQsIHJlZkNoaWxkKTsKZGlmZiAtLWdpdCBhL1dlYkNvcmUvZWRpdGluZy9S ZXBsYWNlU2VsZWN0aW9uQ29tbWFuZC5jcHAgYi9XZWJDb3JlL2VkaXRpbmcvUmVwbGFjZVNlbGVj dGlvbkNvbW1hbmQuY3BwCmluZGV4IGExNmM0OWEuLmM0MjgyMDYgMTAwNjQ0Ci0tLSBhL1dlYkNv cmUvZWRpdGluZy9SZXBsYWNlU2VsZWN0aW9uQ29tbWFuZC5jcHAKKysrIGIvV2ViQ29yZS9lZGl0 aW5nL1JlcGxhY2VTZWxlY3Rpb25Db21tYW5kLmNwcApAQCAtODM5LDExICs4MzksMjAgQEAgdm9p ZCBSZXBsYWNlU2VsZWN0aW9uQ29tbWFuZDo6ZG9BcHBseSgpCiAgICAgCiAgICAgZnJhZ21lbnQu cmVtb3ZlTm9kZShyZWZOb2RlKTsKICAgICBpbnNlcnROb2RlQXRBbmRVcGRhdGVOb2Rlc0luc2Vy dGVkKHJlZk5vZGUsIGluc2VydGlvblBvcyk7Ci0gICAgCisKKyAgICAvLyBNdXRhdGlvbiBldmVu dHMgKGJ1ZyAyMjYzNCkgbWF5IGhhdmUgYWxyZWFkeSByZW1vdmVkIHRoZSBpbnNlcnRlZCBjb250 ZW50CisgICAgaWYgKCFyZWZOb2RlLT5pbkRvY3VtZW50KCkpCisgICAgICAgIHJldHVybjsKKwog ICAgIHdoaWxlIChub2RlKSB7CiAgICAgICAgIE5vZGUqIG5leHQgPSBub2RlLT5uZXh0U2libGlu ZygpOwogICAgICAgICBmcmFnbWVudC5yZW1vdmVOb2RlKG5vZGUpOwogICAgICAgICBpbnNlcnRO b2RlQWZ0ZXJBbmRVcGRhdGVOb2Rlc0luc2VydGVkKG5vZGUsIHJlZk5vZGUuZ2V0KCkpOworCisg ICAgICAgIC8vIE11dGF0aW9uIGV2ZW50cyAoYnVnIDIyNjM0KSBtYXkgaGF2ZSBhbHJlYWR5IHJl bW92ZWQgdGhlIGluc2VydGVkIGNvbnRlbnQKKyAgICAgICAgaWYgKCFub2RlLT5pbkRvY3VtZW50 KCkpCisgICAgICAgICAgICByZXR1cm47CisKICAgICAgICAgcmVmTm9kZSA9IG5vZGU7CiAgICAg ICAgIG5vZGUgPSBuZXh0OwogICAgIH0KQEAgLTg5Niw5ICs5MDUsMTMgQEAgdm9pZCBSZXBsYWNl U2VsZWN0aW9uQ29tbWFuZDo6ZG9BcHBseSgpCiAgICAgICAgIC8vIEluc2VydCBhIGxpbmUgYnJl YWsganVzdCBhZnRlciB0aGUgaW5zZXJ0ZWQgY29udGVudCB0byBzZXBhcmF0ZSBpdCBmcm9tIHdo YXQgCiAgICAgICAgIC8vIGNvbWVzIGFmdGVyIGFuZCBwcmV2ZW50IHRoYXQgZnJvbSBoYXBwZW5p bmcuCiAgICAgICAgIFZpc2libGVQb3NpdGlvbiBlbmRPZkluc2VydGVkQ29udGVudCA9IHBvc2l0 aW9uQXRFbmRPZkluc2VydGVkQ29udGVudCgpOwotICAgICAgICBpZiAoc3RhcnRPZlBhcmFncmFw aChlbmRPZkluc2VydGVkQ29udGVudCkgPT0gc3RhcnRPZlBhcmFncmFwaFRvTW92ZSkKKyAgICAg ICAgaWYgKHN0YXJ0T2ZQYXJhZ3JhcGgoZW5kT2ZJbnNlcnRlZENvbnRlbnQpID09IHN0YXJ0T2ZQ YXJhZ3JhcGhUb01vdmUpIHsKICAgICAgICAgICAgIGluc2VydE5vZGVBdChjcmVhdGVCcmVha0Vs ZW1lbnQoZG9jdW1lbnQoKSkuZ2V0KCksIGVuZE9mSW5zZXJ0ZWRDb250ZW50LmRlZXBFcXVpdmFs ZW50KCkpOwotICAgICAgICAKKyAgICAgICAgICAgIC8vIE11dGF0aW9uIGV2ZW50cyAoYnVnIDIy NjM0KSB0cmlnZ2VyZWQgYnkgaW5zZXJ0aW5nIHRoZSA8YnI+IG1pZ2h0IGhhdmUgcmVtb3ZlZCB0 aGUgY29udGVudCB3ZSdyZSBhYm91dCB0byBtb3ZlCisgICAgICAgICAgICBpZiAoIXN0YXJ0T2ZQ YXJhZ3JhcGhUb01vdmUuZGVlcEVxdWl2YWxlbnQoKS5ub2RlKCktPmluRG9jdW1lbnQoKSkKKyAg ICAgICAgICAgICAgICByZXR1cm47CisgICAgICAgIH0KKwogICAgICAgICAvLyBGSVhNRTogTWFp bnRhaW4gcG9zaXRpb25zIGZvciB0aGUgc3RhcnQgYW5kIGVuZCBvZiBpbnNlcnRlZCBjb250ZW50 IGluc3RlYWQgb2Yga2VlcGluZyBub2Rlcy4gIFRoZSBub2RlcyBhcmUKICAgICAgICAgLy8gb25s eSBldmVyIHVzZWQgdG8gY3JlYXRlIHBvc2l0aW9ucyB3aGVyZSBpbnNlcnRlZCBjb250ZW50IHN0 YXJ0cy9lbmRzLgogICAgICAgICBtb3ZlUGFyYWdyYXBoKHN0YXJ0T2ZQYXJhZ3JhcGhUb01vdmUs IGVuZE9mUGFyYWdyYXBoKHN0YXJ0T2ZQYXJhZ3JhcGhUb01vdmUpLCBkZXN0aW5hdGlvbik7Cg== 28205 2009-03-02 17:23:50 -0800 2009-03-11 00:02:48 -0700 Fix this crash by adding ugly null checks Fix-this-crash-by-adding-ugly-null-checks.patch text/plain 6806 eric M2Y3OWQxMmJlYjcwMGIzZmU3OTYxY2I5NjE0YzAxMWZkNmQyYTRiMwpkaWZmIC0tZ2l0IGEvTGF5 b3V0VGVzdHMvQ2hhbmdlTG9nIGIvTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCmluZGV4IDQxYTA0NGYu LmVkOGNlZmUgMTAwNjQ0Ci0tLSBhL0xheW91dFRlc3RzL0NoYW5nZUxvZworKysgYi9MYXlvdXRU ZXN0cy9DaGFuZ2VMb2cKQEAgLTEsMyArMSwxNCBAQAorMjAwOS0wMy0wMiAgRXJpYyBTZWlkZWwg IDxlcmljQHdlYmtpdC5vcmc+CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISku CisKKyAgICAgICAgU2FmYXJpIGNyYXNoZXMgZHVyaW5nIGRyYWcgYW5kIGRyb3AgaW4gR29vZ2xl IHByZXNlbnRhdGlvbnMKKyAgICAgICAgZHVlIHRvIG11dGF0aW9uIGV2ZW50IGhhbmRsZXJzIHJl bW92aW5nIERPTSBjb250ZW50IGR1cmluZyBpbnNlcnROb2RlCisgICAgICAgIGh0dHBzOi8vYnVn cy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMjYzNAorCisgICAgICAgICogZWRpdGluZy9z ZWxlY3Rpb24vY3Jhc2gtb24tZHJhZy13aXRoLW11dGF0aW9uLWV2ZW50cy1leHBlY3RlZC50eHQ6 IEFkZGVkLgorICAgICAgICAqIGVkaXRpbmcvc2VsZWN0aW9uL2NyYXNoLW9uLWRyYWctd2l0aC1t dXRhdGlvbi1ldmVudHMuaHRtbDogQWRkZWQuCisKIDIwMDktMDMtMDEgIERhdmlkIExldmluICA8 bGV2aW5AY2hyb21pdW0ub3JnPgogCiAgICAgICAgIFJldmlld2VkIGJ5IEFsZXhleSBQcm9za3Vy eWFrb3YuCmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9lZGl0aW5nL3NlbGVjdGlvbi9jcmFzaC1v bi1kcmFnLXdpdGgtbXV0YXRpb24tZXZlbnRzLWV4cGVjdGVkLnR4dCBiL0xheW91dFRlc3RzL2Vk aXRpbmcvc2VsZWN0aW9uL2NyYXNoLW9uLWRyYWctd2l0aC1tdXRhdGlvbi1ldmVudHMtZXhwZWN0 ZWQudHh0Cm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAuLmI0NTcyOGYKLS0tIC9k ZXYvbnVsbAorKysgYi9MYXlvdXRUZXN0cy9lZGl0aW5nL3NlbGVjdGlvbi9jcmFzaC1vbi1kcmFn LXdpdGgtbXV0YXRpb24tZXZlbnRzLWV4cGVjdGVkLnR4dApAQCAtMCwwICsxIEBACitQQVNTRUQs IG5vIGNyYXNoCmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9lZGl0aW5nL3NlbGVjdGlvbi9jcmFz aC1vbi1kcmFnLXdpdGgtbXV0YXRpb24tZXZlbnRzLmh0bWwgYi9MYXlvdXRUZXN0cy9lZGl0aW5n L3NlbGVjdGlvbi9jcmFzaC1vbi1kcmFnLXdpdGgtbXV0YXRpb24tZXZlbnRzLmh0bWwKbmV3IGZp bGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMC4uZTNjNjI3NwotLS0gL2Rldi9udWxsCisrKyBi L0xheW91dFRlc3RzL2VkaXRpbmcvc2VsZWN0aW9uL2NyYXNoLW9uLWRyYWctd2l0aC1tdXRhdGlv bi1ldmVudHMuaHRtbApAQCAtMCwwICsxLDQ3IEBACis8Ym9keSBzdHlsZT0ibWFyZ2luOiAwcHgi PgorPGRpdj5NYWtlIHN1cmUgV2ViS2l0IGRvZXNuJ3QgY3Jhc2ggd2hlbiB3ZWIgYXV0aG9ycyBi bGFzdCBhd2F5IGV2ZXJ5dGhpbmcgaW4gRE9NTm9kZUluc2VydGVkIGhhbmRsZXIhIGh0dHBzOi8v YnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMjYzNDwvZGl2PgorPGRpdiBpZD0iZHJh Z3N0YXJ0IiBjb250ZW50RWRpdGFibGU+RHJhZyBzb21ldGhpbmcgZnJvbSBoZXJlIHRvIHRoZSBk b2N1bWVudCBiZWxvdzwvZGl2PgorPGlmcmFtZSBzcmM9ImFib3V0OmJsYW5rIiBpZD0iaWZyYW1l Ij48L2lmcmFtZT4KKzxzY3JpcHQ+Cit2YXIgaWZyYW1lID0gZG9jdW1lbnQuZ2V0RWxlbWVudEJ5 SWQoImlmcmFtZSIpOworaWZyYW1lLnN0eWxlLmhlaWdodCA9ICIyMHB4IjsKK3ZhciBkb2MgPSBp ZnJhbWUuY29udGVudERvY3VtZW50OworZG9jLmJvZHkuc3R5bGUubWFyZ2luID0gIjBweCI7Cit2 YXIgZGl2Rm9yRHJvcCA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImRpdiIpOworZGl2Rm9yRHJv cC5jb250ZW50RWRpdGFibGUgPSB0cnVlOworZG9jLmJvZHkuYXBwZW5kQ2hpbGQoZGl2Rm9yRHJv cCk7CitkaXZGb3JEcm9wLmFwcGVuZENoaWxkKGRvY3VtZW50LmNyZWF0ZVRleHROb2RlKCJEcm9w IG9uIHRoaXMgbGluZSEiKSk7CisKK2Z1bmN0aW9uIGNsZWFyRGl2RHVyaW5nSW5zZXJ0aW9uKCkK K3sKKyAgICBkb2MuZXhlY0NvbW1hbmQoInNlbGVjdGFsbCIpOworICAgIGRvYy5leGVjQ29tbWFu ZCgiZGVsZXRlIik7CisgICAgZG9jLmV4ZWNDb21tYW5kKCJzZWxlY3RhbGwiKTsKK30KKworZGl2 Rm9yRHJvcC5hZGRFdmVudExpc3RlbmVyKCJET01Ob2RlSW5zZXJ0ZWQiLCBjbGVhckRpdkR1cmlu Z0luc2VydGlvbiwgdHJ1ZSk7CisKK2lmICh3aW5kb3cuZXZlbnRTZW5kZXIpIHsKKyAgICBsYXlv dXRUZXN0Q29udHJvbGxlci5kdW1wQXNUZXh0KCk7CisKKyAgICB2YXIgc3RhcnREaXYgPSBkb2N1 bWVudC5nZXRFbGVtZW50QnlJZCgiZHJhZ3N0YXJ0Iik7CisgICAgc3RhcnREaXYuZm9jdXMoKTsK KyAgICBkb2N1bWVudC5leGVjQ29tbWFuZCgic2VsZWN0YWxsIik7CisKKyAgICB2YXIgc3RhcnRY ID0gc3RhcnREaXYub2Zmc2V0TGVmdCArIDEwOworICAgIHZhciBzdGFydFkgPSBzdGFydERpdi5v ZmZzZXRUb3AgKyAxMDsKKworICAgIHZhciBlbmRYID0gaWZyYW1lLm9mZnNldExlZnQgKyBkaXZG b3JEcm9wLm9mZnNldExlZnQgKyAxMDsKKyAgICB2YXIgZW5kWSA9IGlmcmFtZS5vZmZzZXRUb3Ag KyBkaXZGb3JEcm9wLm9mZnNldFRvcCArIDEwOworCisgICAgZXZlbnRTZW5kZXIubW91c2VNb3Zl VG8oc3RhcnRYLCBzdGFydFkpOworICAgIGV2ZW50U2VuZGVyLm1vdXNlRG93bigpOworICAgIGV2 ZW50U2VuZGVyLmxlYXBGb3J3YXJkKDEwMDApOworCisgICAgZXZlbnRTZW5kZXIubW91c2VNb3Zl VG8oZW5kWCwgZW5kWSk7CisgICAgZXZlbnRTZW5kZXIubW91c2VVcCgpOworICAgIAorICAgIGRv Y3VtZW50LmJvZHkuaW5uZXJIVE1MID0gIlBBU1NFRCwgbm8gY3Jhc2giOworfQorCis8L3Njcmlw dD4KZGlmZiAtLWdpdCBhL1dlYkNvcmUvQ2hhbmdlTG9nIGIvV2ViQ29yZS9DaGFuZ2VMb2cKaW5k ZXggNTFhOWQ4ZS4uY2U1NmJkZSAxMDA2NDQKLS0tIGEvV2ViQ29yZS9DaGFuZ2VMb2cKKysrIGIv V2ViQ29yZS9DaGFuZ2VMb2cKQEAgLTEsMyArMSwyMiBAQAorMjAwOS0wMy0wMiAgRXJpYyBTZWlk ZWwgIDxlcmljQHdlYmtpdC5vcmc+CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BT ISkuCisKKyAgICAgICAgU2FmYXJpIGNyYXNoZXMgZHVyaW5nIGRyYWcgYW5kIGRyb3AgaW4gR29v Z2xlIHByZXNlbnRhdGlvbnMKKyAgICAgICAgZHVlIHRvIG11dGF0aW9uIGV2ZW50IGhhbmRsZXJz IHJlbW92aW5nIERPTSBjb250ZW50IGR1cmluZyBpbnNlcnROb2RlCisgICAgICAgIGh0dHBzOi8v YnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMjYzNAorCisgICAgICAgIEFkZGVkIGEg YnVuY2ggb2YgIm51bGwiIGNoZWNrcyB0byBtYWtlIHN1cmUgbm9kZXMgYXJlIHN0aWxsCisgICAg ICAgIGluIHRoZSBkb2N1bWVudCBiZWZvcmUgd2Ugb3BlcmF0ZSBvbiB0aGVtLiAgVGhpcyBpcyBh bgorICAgICAgICBpbmVsZWdhbnQgc29sdXRpb24sIGJ1dCBpdCdzIHRoZSBiZXN0IHdlIGhhdmUg Zm9yIG5vdy4KKyAgICAgICAgCisgICAgICAgIFRlc3Q6IGVkaXRpbmcvc2VsZWN0aW9uL2NyYXNo LW9uLWRyYWctd2l0aC1tdXRhdGlvbi1ldmVudHMuaHRtbAorCisgICAgICAgICogZWRpdGluZy9D b21wb3NpdGVFZGl0Q29tbWFuZC5jcHA6CisgICAgICAgIChXZWJDb3JlOjpDb21wb3NpdGVFZGl0 Q29tbWFuZDo6aW5zZXJ0Tm9kZUF0KToKKyAgICAgICAgKiBlZGl0aW5nL1JlcGxhY2VTZWxlY3Rp b25Db21tYW5kLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OlJlcGxhY2VTZWxlY3Rpb25Db21tYW5k Ojpkb0FwcGx5KToKKwogMjAwOS0wMy0wMiAgS2V2aW4gT2xsaXZpZXIgIDxrZXZpbm9AdGhlb2xs aXZpZXJzLmNvbT4KIAogICAgICAgICBCdWlsZCBmaXhlcyBmb3Igd3hXaWRnZXRzIE1hYyB0cnVu ayBidWlsZC4KZGlmZiAtLWdpdCBhL1dlYkNvcmUvZWRpdGluZy9Db21wb3NpdGVFZGl0Q29tbWFu ZC5jcHAgYi9XZWJDb3JlL2VkaXRpbmcvQ29tcG9zaXRlRWRpdENvbW1hbmQuY3BwCmluZGV4IDcz ZDFjNDEuLjg4MDUwYWMgMTAwNjQ0Ci0tLSBhL1dlYkNvcmUvZWRpdGluZy9Db21wb3NpdGVFZGl0 Q29tbWFuZC5jcHAKKysrIGIvV2ViQ29yZS9lZGl0aW5nL0NvbXBvc2l0ZUVkaXRDb21tYW5kLmNw cApAQCAtMTcxLDYgKzE3MSwxMCBAQCB2b2lkIENvbXBvc2l0ZUVkaXRDb21tYW5kOjppbnNlcnRO b2RlQXQoUGFzc1JlZlB0cjxOb2RlPiBpbnNlcnRDaGlsZCwgY29uc3QgUG9zaQogICAgICAgICBp bnNlcnROb2RlQmVmb3JlKGluc2VydENoaWxkLCByZWZDaGlsZCk7CiAgICAgZWxzZSBpZiAocmVm Q2hpbGQtPmlzVGV4dE5vZGUoKSAmJiBjYXJldE1heE9mZnNldChyZWZDaGlsZCkgPiBvZmZzZXQp IHsKICAgICAgICAgc3BsaXRUZXh0Tm9kZShzdGF0aWNfY2FzdDxUZXh0ICo+KHJlZkNoaWxkKSwg b2Zmc2V0KTsKKworICAgICAgICAvLyBNdXRhdGlvbiBldmVudHMgKGJ1ZyAyMjYzNCkgZnJvbSB0 aGUgdGV4dCBub2RlIGluc2VydGlvbiBtYXkgaGF2ZSByZW1vdmVkIHRoZSByZWZDaGlsZAorICAg ICAgICBpZiAoIXJlZkNoaWxkLT5pbkRvY3VtZW50KCkpCisgICAgICAgICAgICByZXR1cm47CiAg ICAgICAgIGluc2VydE5vZGVCZWZvcmUoaW5zZXJ0Q2hpbGQsIHJlZkNoaWxkKTsKICAgICB9IGVs c2UKICAgICAgICAgaW5zZXJ0Tm9kZUFmdGVyKGluc2VydENoaWxkLCByZWZDaGlsZCk7CmRpZmYg LS1naXQgYS9XZWJDb3JlL2VkaXRpbmcvUmVwbGFjZVNlbGVjdGlvbkNvbW1hbmQuY3BwIGIvV2Vi Q29yZS9lZGl0aW5nL1JlcGxhY2VTZWxlY3Rpb25Db21tYW5kLmNwcAppbmRleCBhMTZjNDlhLi5j NDI4MjA2IDEwMDY0NAotLS0gYS9XZWJDb3JlL2VkaXRpbmcvUmVwbGFjZVNlbGVjdGlvbkNvbW1h bmQuY3BwCisrKyBiL1dlYkNvcmUvZWRpdGluZy9SZXBsYWNlU2VsZWN0aW9uQ29tbWFuZC5jcHAK QEAgLTgzOSwxMSArODM5LDIwIEBAIHZvaWQgUmVwbGFjZVNlbGVjdGlvbkNvbW1hbmQ6OmRvQXBw bHkoKQogICAgIAogICAgIGZyYWdtZW50LnJlbW92ZU5vZGUocmVmTm9kZSk7CiAgICAgaW5zZXJ0 Tm9kZUF0QW5kVXBkYXRlTm9kZXNJbnNlcnRlZChyZWZOb2RlLCBpbnNlcnRpb25Qb3MpOwotICAg IAorCisgICAgLy8gTXV0YXRpb24gZXZlbnRzIChidWcgMjI2MzQpIG1heSBoYXZlIGFscmVhZHkg cmVtb3ZlZCB0aGUgaW5zZXJ0ZWQgY29udGVudAorICAgIGlmICghcmVmTm9kZS0+aW5Eb2N1bWVu dCgpKQorICAgICAgICByZXR1cm47CisKICAgICB3aGlsZSAobm9kZSkgewogICAgICAgICBOb2Rl KiBuZXh0ID0gbm9kZS0+bmV4dFNpYmxpbmcoKTsKICAgICAgICAgZnJhZ21lbnQucmVtb3ZlTm9k ZShub2RlKTsKICAgICAgICAgaW5zZXJ0Tm9kZUFmdGVyQW5kVXBkYXRlTm9kZXNJbnNlcnRlZChu b2RlLCByZWZOb2RlLmdldCgpKTsKKworICAgICAgICAvLyBNdXRhdGlvbiBldmVudHMgKGJ1ZyAy MjYzNCkgbWF5IGhhdmUgYWxyZWFkeSByZW1vdmVkIHRoZSBpbnNlcnRlZCBjb250ZW50CisgICAg ICAgIGlmICghbm9kZS0+aW5Eb2N1bWVudCgpKQorICAgICAgICAgICAgcmV0dXJuOworCiAgICAg ICAgIHJlZk5vZGUgPSBub2RlOwogICAgICAgICBub2RlID0gbmV4dDsKICAgICB9CkBAIC04OTYs OSArOTA1LDEzIEBAIHZvaWQgUmVwbGFjZVNlbGVjdGlvbkNvbW1hbmQ6OmRvQXBwbHkoKQogICAg ICAgICAvLyBJbnNlcnQgYSBsaW5lIGJyZWFrIGp1c3QgYWZ0ZXIgdGhlIGluc2VydGVkIGNvbnRl bnQgdG8gc2VwYXJhdGUgaXQgZnJvbSB3aGF0IAogICAgICAgICAvLyBjb21lcyBhZnRlciBhbmQg cHJldmVudCB0aGF0IGZyb20gaGFwcGVuaW5nLgogICAgICAgICBWaXNpYmxlUG9zaXRpb24gZW5k T2ZJbnNlcnRlZENvbnRlbnQgPSBwb3NpdGlvbkF0RW5kT2ZJbnNlcnRlZENvbnRlbnQoKTsKLSAg ICAgICAgaWYgKHN0YXJ0T2ZQYXJhZ3JhcGgoZW5kT2ZJbnNlcnRlZENvbnRlbnQpID09IHN0YXJ0 T2ZQYXJhZ3JhcGhUb01vdmUpCisgICAgICAgIGlmIChzdGFydE9mUGFyYWdyYXBoKGVuZE9mSW5z ZXJ0ZWRDb250ZW50KSA9PSBzdGFydE9mUGFyYWdyYXBoVG9Nb3ZlKSB7CiAgICAgICAgICAgICBp bnNlcnROb2RlQXQoY3JlYXRlQnJlYWtFbGVtZW50KGRvY3VtZW50KCkpLmdldCgpLCBlbmRPZklu c2VydGVkQ29udGVudC5kZWVwRXF1aXZhbGVudCgpKTsKLSAgICAgICAgCisgICAgICAgICAgICAv LyBNdXRhdGlvbiBldmVudHMgKGJ1ZyAyMjYzNCkgdHJpZ2dlcmVkIGJ5IGluc2VydGluZyB0aGUg PGJyPiBtaWdodCBoYXZlIHJlbW92ZWQgdGhlIGNvbnRlbnQgd2UncmUgYWJvdXQgdG8gbW92ZQor ICAgICAgICAgICAgaWYgKCFzdGFydE9mUGFyYWdyYXBoVG9Nb3ZlLmRlZXBFcXVpdmFsZW50KCku bm9kZSgpLT5pbkRvY3VtZW50KCkpCisgICAgICAgICAgICAgICAgcmV0dXJuOworICAgICAgICB9 CisKICAgICAgICAgLy8gRklYTUU6IE1haW50YWluIHBvc2l0aW9ucyBmb3IgdGhlIHN0YXJ0IGFu ZCBlbmQgb2YgaW5zZXJ0ZWQgY29udGVudCBpbnN0ZWFkIG9mIGtlZXBpbmcgbm9kZXMuICBUaGUg bm9kZXMgYXJlCiAgICAgICAgIC8vIG9ubHkgZXZlciB1c2VkIHRvIGNyZWF0ZSBwb3NpdGlvbnMg d2hlcmUgaW5zZXJ0ZWQgY29udGVudCBzdGFydHMvZW5kcy4KICAgICAgICAgbW92ZVBhcmFncmFw aChzdGFydE9mUGFyYWdyYXBoVG9Nb3ZlLCBlbmRPZlBhcmFncmFwaChzdGFydE9mUGFyYWdyYXBo VG9Nb3ZlKSwgZGVzdGluYXRpb24pOwo=