267147 2024-01-05 12:23:14 -0800 (REGRESSION 271818@main) Crash in RenderTextControlSingleLine::layout 2024-01-11 11:20:57 -0800 1 1 1 Unclassified WebKit Layout and Rendering WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=266085 InRadar P2 Normal --- 1 ajuma zalan beidson bfulgham changseok esprehn+autocc ews-watchlist fpizlo glenn koivisto kondapallykalyan msaboff pdr rniwa simon.fraser webkit-bug-importer zalan oldest_to_newest 2003237 0 469301 ajuma 2024-01-05 12:23:14 -0800 Created attachment 469301 Minimized test case Filing this as a security bug since it was found using a fuzzer; there's no disclosure deadline for this bug. This reproduces in an ASan build of WebKitTestRunner at https://commits.webkit.org/272509@main Stack: ================================================================= ====ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0001d6a592ee bp 0x7ff7bf2efdb0 sp 0x7ff7bf2efdb0 T0) ====The signal is caused by a READ memory access. ====Hint: address points to the zero page. #0 0x1d6a592ee in WebCore::RenderLayoutState::isPaginated() const+0x1e (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x538e2ee) #1 0x1d7c10428 in WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)+0x4d8 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6545428) #2 0x1d7f521a1 in WebCore::RenderTextControlSingleLine::layout()+0x441 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x68871a1) #3 0x1d7cd0e14 in WebCore::RenderElement::layoutIfNeeded()+0x64 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6605e14) #4 0x1d7d4e288 in WebCore::RenderGrid::performGridItemsPreLayout(WebCore::GridTrackSizingAlgorithm const&, WebCore::RenderGrid::ShouldUpdateGridAreaLogicalSize) const+0x68 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6683288) #5 0x1d7d506da in WebCore::RenderGrid::computeIntrinsicLogicalWidths(WebCore::LayoutUnit&, WebCore::LayoutUnit&) const+0x20a (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x66856da) #6 0x1d7bf244f in WebCore::RenderBlock::computePreferredLogicalWidths()+0x3cf (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x652744f) #7 0x1d7c4f17e in WebCore::RenderBox::minPreferredLogicalWidth() const+0xfe (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x658417e) #8 0x1d7bf3fd4 in WebCore::RenderBlock::computeChildIntrinsicLogicalWidths(WebCore::RenderObject&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) const+0x54 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6528fd4) #9 0x1d7bf3cb5 in WebCore::RenderBlock::computeChildPreferredLogicalWidths(WebCore::RenderObject&, WebCore::LayoutUnit&, WebCore::LayoutUnit&) const+0x2c5 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6528cb5) #10 0x1d7c0c365 in WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths(WebCore::LayoutUnit&, WebCore::LayoutUnit&) const+0x1375 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6541365) #11 0x1d7c0ac0b in WebCore::RenderBlockFlow::computeIntrinsicLogicalWidths(WebCore::LayoutUnit&, WebCore::LayoutUnit&) const+0x1fb (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x653fc0b) #12 0x1d7bf244f in WebCore::RenderBlock::computePreferredLogicalWidths()+0x3cf (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x652744f) #13 0x1d7c4f31e in WebCore::RenderBox::maxPreferredLogicalWidth() const+0xfe (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x658431e) #14 0x1d7e823ad in WebCore::RenderMarquee::computePosition(WebCore::MarqueeDirection, bool)+0x1bd (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x67b73ad) #15 0x1d7e8375e in WebCore::RenderMarquee::updateMarqueePosition()+0x9e (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x67b875e) #16 0x1d7e3bfbb in WebCore::RenderLayerScrollableArea::updateMarqueePosition()+0x5b (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x6770fbb) #17 0x1d7d8adbf in WebCore::RenderLayer::recursiveUpdateLayerPositions(WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)+0x69f (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x66bfdbf) #18 0x1d7d8ad76 in WebCore::RenderLayer::recursiveUpdateLayerPositions(WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)+0x656 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x66bfd76) #19 0x1d7d8ad76 in WebCore::RenderLayer::recursiveUpdateLayerPositions(WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)+0x656 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x66bfd76) #20 0x1d7d8b1d2 in WebCore::RenderLayer::updateLayerPositionsAfterLayout(bool, bool)+0xe2 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x66c01d2) #21 0x1d6e1354b in WebCore::LocalFrameView::didLayout(WTF::WeakPtr<WebCore::RenderElement, WTF::SingleThreadWeakPtrImpl, WTF::RawPtrTraits<WTF::SingleThreadWeakPtrImpl>>)+0x10b (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x574854b) #22 0x1d6e3c95e in WebCore::LocalFrameViewLayoutContext::performLayout()+0x7de (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x577195e) #23 0x1d6e06781 in WebCore::LocalFrameViewLayoutContext::layout()+0xd1 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x573b781) #24 0x1d6e26199 in WebCore::LocalFrameView::updateContentsSize()+0x49 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x575b199) #25 0x1d71797f9 in WebCore::ScrollView::updateScrollbars(WebCore::IntPoint const&)+0xba9 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5aae7f9) #26 0x1d717cf4e in WebCore::ScrollView::setContentsSize(WebCore::IntSize const&)+0x1ce (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5ab1f4e) #27 0x1d6e0c249 in WebCore::LocalFrameView::setContentsSize(WebCore::IntSize const&)+0x109 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5741249) #28 0x1d6e01435 in WebCore::LocalFrameView::adjustViewSize()+0x235 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5736435) #29 0x1d6e3c854 in WebCore::LocalFrameViewLayoutContext::performLayout()+0x6d4 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5771854) #30 0x1d6e06781 in WebCore::LocalFrameViewLayoutContext::layout()+0xd1 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x573b781) #31 0x1d5b0c1e1 in WebCore::Document::implicitClose()+0x681 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x44411e1) #32 0x1d6b0dbcc in WebCore::FrameLoader::checkCallImplicitClose()+0x1ac (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5442bcc) #33 0x1d6b0cbe4 in WebCore::FrameLoader::checkCompleted()+0x3d4 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x5441be4) #34 0x1d6b087cf in WebCore::FrameLoader::finishedParsing()+0x1bf (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x543d7cf) #35 0x1d5b3862d in WebCore::Document::finishedParsing()+0x3ad (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x446d62d) #36 0x1d650f776 in WebCore::HTMLConstructionSite::finishedParsing()+0xc6 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4e44776) #37 0x1d659336d in WebCore::HTMLTreeBuilder::finished()+0x1d (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4ec836d) #38 0x1d6518417 in WebCore::HTMLDocumentParser::end()+0x17 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4e4d417) #39 0x1d6516118 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd()+0x38 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4e4b118) #40 0x1d6516030 in WebCore::HTMLDocumentParser::prepareToStopParsing()+0x110 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4e4b030) #41 0x1d651845f in WebCore::HTMLDocumentParser::attemptToEnd()+0x3f (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4e4d45f) #42 0x1d65184fc in WebCore::HTMLDocumentParser::finish()+0x2c (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x4e4d4fc) #43 0x1d6a9382a in WebCore::DocumentWriter::end()+0x20a (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x53c882a) #44 0x1d6a9213d in WebCore::DocumentLoader::finishedLoading()+0x2fd (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x53c713d) #45 0x1d6a91a9b in WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&, WebCore::NetworkLoadMetrics const&)+0x41b (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x53c6a9b) #46 0x1d6c93a0f in WebCore::CachedResource::checkNotify(WebCore::NetworkLoadMetrics const&)+0x17f (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x55c8a0f) #47 0x1d6c8e226 in WebCore::CachedResource::finishLoading(WebCore::FragmentedSharedBuffer const*, WebCore::NetworkLoadMetrics const&)+0x56 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x55c3226) #48 0x1d6c8fddd in WebCore::CachedRawResource::finishLoading(WebCore::FragmentedSharedBuffer const*, WebCore::NetworkLoadMetrics const&)+0x26d (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x55c4ddd) #49 0x1d6bf54b0 in WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&)+0x650 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebCore.framework/Versions/A/WebCore:x86_64+0x552a4b0) #50 0x183a28047 in WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics&&)+0x307 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x2fc5047) #51 0x1847ee6ff in auto void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...)::operator()<WebCore::NetworkLoadMetrics>(auto&&...) const+0x8f (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d8b6ff) #52 0x1847ee658 in decltype(static_cast<WebKit::WebResourceLoader>(fp)(static_cast<WebCore::NetworkLoadMetrics>(fp0))) std::__1::__invoke_constexpr<void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...), WebCore::NetworkLoadMetrics>(WebKit::WebResourceLoader&&, WebCore::NetworkLoadMetrics&&)+0x8 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d8b658) #53 0x1847ee63b in decltype(auto) std::__1::__apply_tuple_impl<void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader&&, WebKit::WebResourceLoader&&, std::__1::__tuple_indices<0ul>)+0x1b (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d8b63b) #54 0x1847ee618 in decltype(auto) std::__1::apply<void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader&&, WebKit::WebResourceLoader&&)+0x8 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d8b618) #55 0x1847ee51c in void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)+0x15c (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d8b51c) #56 0x1847e7372 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&)>(IPC::Connection&, IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&))+0x152 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d84372) #57 0x1847e6579 in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&)+0x1f9 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3d83579) #58 0x183a0ecf5 in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&)+0x165 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x2fabcf5) #59 0x184983295 in IPC::Connection::dispatchMessage(IPC::Decoder&)+0x2a5 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3f20295) #60 0x1849837d6 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder>>)+0x2e6 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3f207d6) #61 0x184984154 in IPC::Connection::dispatchOneIncomingMessage()+0x184 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3f21154) #62 0x18499e860 in IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder>>)::$_17::operator()() const+0x10 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3f3b860) #63 0x18499e7ec in WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder>>)::$_17, void>::call()+0xc (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3f3b7ec) #64 0x1a8543dbe in WTF::Function<void ()>::operator()() const+0x3e (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/JavaScriptCore.framework/Versions/A/JavaScriptCore:x86_64+0x3cf9dbe) #65 0x1a497a0e7 in WTF::RunLoop::performWork()+0x317 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/JavaScriptCore.framework/Versions/A/JavaScriptCore:x86_64+0x1300e7) #66 0x1a497dcaa in WTF::RunLoop::performWork(void*)+0xba (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/JavaScriptCore.framework/Versions/A/JavaScriptCore:x86_64+0x133caa) #67 0x7ff80efdfeb9 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__+0x10 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation:x86_64h+0x7ceb9) #68 0x7ff80efdfe5b in __CFRunLoopDoSource0+0x9c (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation:x86_64h+0x7ce5b) #69 0x7ff80efdfc34 in __CFRunLoopDoSources0+0xd8 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation:x86_64h+0x7cc34) #70 0x7ff80efde8be in __CFRunLoopRun+0x393 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation:x86_64h+0x7b8be) #71 0x7ff80efddec0 in CFRunLoopRunSpecific+0x22f (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation:x86_64h+0x7aec0) #72 0x7ff80fe6a272 in -[NSRunLoop(NSRunLoop) runMode:beforeDate:]+0xd7 (/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation:x86_64+0x5f272) #73 0x7ff80feecc67 in -[NSRunLoop(NSRunLoop) run]+0x4b (/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation:x86_64+0xe1c67) #74 0x7ff80ec567f2 in _xpc_objc_main+0x304 (/usr/lib/system/libxpc.dylib:x86_64+0x157f2) #75 0x7ff80ec561f6 in xpc_main+0x5f (/usr/lib/system/libxpc.dylib:x86_64+0x151f6) #76 0x181e797f5 in WebKit::XPCServiceMain(int, char const**)+0xf5 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x14167f5) #77 0x184901c48 in WKXPCServiceMain+0x8 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/WebKit.framework/Versions/A/WebKit:x86_64+0x3e9ec48) #78 0x100c0cec8 in main+0x8 (/Users/chrome-bot/clusterfuzz/bot/builds/chrome-ios-webkit-to-fuzz_ios-webkit-to-fuzz_cb292771138f3c7c4bb12f2df778e2b1c42b4cd7/revisions/WebKitMacOS/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development:x86_64+0x100003ec8) #79 0x7ff80ebaa41e (<unknown module>) ====Register values: rax = 0x0000000000000000 rbx = 0x00007ff7bf2f01a0 rcx = 0x0000100000000000 rdx = 0x00001c3e0000a3b1 rdi = 0x0000000000000000 rsi = 0x0000000000000000 rbp = 0x00007ff7bf2efdb0 rsp = 0x00007ff7bf2efdb0 r8 = 0x0000100000000000 r9 = 0x0000000000000000 r10 = 0x00007ff7bf2efd04 r11 = 0x0000000000000200 r12 = 0x00001ffef7e5dfb8 r13 = 0x00007ff7bf2efe70 r14 = 0x00007ff7bf2efdc0 r15 = 0x00006110001b64c0 2003238 1 webkit-bug-importer 2024-01-05 12:23:25 -0800 <rdar://problem/120556213> 2004431 2 469374 zalan 2024-01-11 07:38:12 -0800 Created attachment 469374 Test reduction 2004437 3 zalan 2024-01-11 08:00:39 -0800 Let's use <rdar://119618951> instead 2004441 4 469375 zalan 2024-01-11 08:15:24 -0800 Created attachment 469375 [fast-cq]Patch 2004510 5 ews-feeder 2024-01-11 11:20:53 -0800 Committed 272929@main (6250fe9ecef4): <https://commits.webkit.org/272929@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 469375. 469301 2024-01-05 12:23:14 -0800 2024-01-05 12:23:14 -0800 Minimized test case renderTextControlSingleLineLayout.html text/html 1259 ajuma PHN0eWxlPgojaHRtbHZhcjAwMDA2IHsgZ3JpZC10ZW1wbGF0ZTogLTFweCAyNjg0MzU0NTZweCAv IDY1NTM1cHggMzZweDsgZm9udC1mYWNlOiBBcmlhbDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNl OyBsZWZ0OiAxMGVtOyBiYWNrZ3JvdW5kLXJlcGVhdC15OiBuby1yZXBlYXQ7IG1zby1nZW5lcmlj LWZvbnQtZmFtaWx5OiBhdXRvOyAtd2Via2l0LW1hcmdpbi10b3AtY29sbGFwc2U6IHNlcGFyYXRl OyBib3JkZXItaW1hZ2Utd2lkdGg6IGluaGVyaXQ7IC13ZWJraXQtd3JpdGluZy1tb2RlOiB2ZXJ0 aWNhbC1scjsgYm9yZGVyLWNvbG9yOiByZ2IoMTkxLCAyMTYsIDIyOCk7IC13ZWJraXQtbWFzay1i b3gtaW1hZ2U6IG5vbmU7IHVzZXItc2VsZWN0OiBub25lOyBoZWlnaHQ6IDBjaDsgdmlzaWJsaXR5 OiB2aXNpYmxlOyBib3JkZXItY29sb3I6IGJsYWNrOyBjbGVhcjogYm90aDsgZ3JpZC1yb3ctZW5k OiAwIGRlZmF1bHQ7IC13ZWJraXQtYm9yZGVyLWJvdHRvbS1yaWdodC1yYWRpdXM6IC0xcHg7IHN0 cm9rZS1kYXNoYXJyYXk6IG5vbmU7IGltYWdlLW9yaWVudGF0aW9uOiBmcm9tLWltYWdlIH0NCiNo dG1sdmFyMDAwMDQgeyAtd2Via2l0LWJvcmRlci1hZnRlci13aWR0aDogMHB4OyBpbWFnZS1vcmll bnRhdGlvbjogZnJvbS1pbWFnZTsgLXdlYmtpdC1tYXNrLWNsaXA6IHBhZGRpbmctYm94OyB0ZXh0 LXVuZGVybGluZS1wb3NpdGlvbjogdW5kZXI7IGJvcmRlci1yYWRpdXM6IDYyJTsgcGFnZS1icmVh ay1iZWZvcmU6IGxlZnQ7IGJvcmRlci1ib3R0b20tcmlnaHQtcmFkaXVzOiAwcHg7IC13ZWJraXQt dGV4dC1zdHJva2UtY29sb3I6ICNkM2Y7IHRleHQtanVzdGlmeTogYXV0bzsgdGV4dC1pbmRlbnQ6 IDQ3ZW07IGdyaWQ6IGNvbHVtbiA3MHB4LzBweDsgb2Zmc2V0LWRpc3RhbmNlOiA0NiU7IHRleHQt anVzdGlmeTogZGlzdHJpYnV0ZTsgYm9yZGVyLXRvcC1yaWdodC1yYWRpdXM6IDF2aDsgdGV4dC1z aGFkb3c6IGJsYWNrIDEgMjBweCAwOyBvYmplY3QtcG9zaXRpb246IDBweCA0NSU7IGFsaWduLWl0 ZW1zOiBmbGV4LXN0YXJ0IHVuc2FmZTsgc2Nyb2xsLXNuYXAtZGVzdGluYXRpb246IDg5JSAxOCU7 IGRpc3BsYXk6IGlubGluZS1ncmlkOyB3aWR0aDogbWluLWNvbnRlbnQgfQ0KPC9zdHlsZT4KPG1h cnF1ZWUgbm93cmFwPSJub3dyYXAiPg0KPGZvcm0gaWQ9Imh0bWx2YXIwMDAwNCIgZW5jdHlwZT0i bXVsdGlwYXJ0L2Zvcm0tZGF0YSIidHdxIj4NCjxpbnB1dCBpZD0iaHRtbHZhcjAwMDA2IiBsb3c9 IjEiPg0= 469374 2024-01-11 07:38:12 -0800 2024-01-11 07:38:12 -0800 Test reduction 267147.html text/html 150 zalan PHN0eWxlPgpzcGFuIHsKICB3cml0aW5nLW1vZGU6IHZlcnRpY2FsLWxyOwp9CmRpdiB7CiAgZGlz cGxheTogZ3JpZDsKICB3aWR0aDogbWF4LWNvbnRlbnQ7Cn0KPC9zdHlsZT4KPG1hcnF1ZWU+PGRp dj48c3Bhbj5QQVNTIGlmIG5vIGNyYXNoIG9yIGFzc2VydC4K 469375 2024-01-11 08:15:24 -0800 2024-01-11 11:20:55 -0800 [fast-cq]Patch bug-267147-20240111081523.patch text/plain 3206 zalan RnJvbSA1MzkyN2JkNjEyYTIxNDljYmYwNDk1ZTQ2MmYyY2VjM2YwOGMyNWZjIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBBbGFuIEJhcmFkbGF5IDx6YWxhbkBhcHBsZS5jb20+CkRhdGU6 IFRodSwgMTEgSmFuIDIwMjQgMDg6MDk6MzggLTA4MDAKU3ViamVjdDogW1BBVENIXSBMYXlvdXRT dGF0ZSBpcyBvbmx5IGF2YWlsYWJsZSBkdXJpbmcgbGF5b3V0LgogaHR0cHM6Ly9idWdzLndlYmtp dC5vcmcvc2hvd19idWcuY2dpP2lkPTI2NzE0NyA8cmRhcjovLzExOTYxODk1MT4KClJldmlld2Vk IGJ5IE5PQk9EWSAoT09QUyEpLgoKR3JpZCAoZXJyb25lb3VzbHkpIG1heSBjYWxsIGxheW91dCBv biBvcnRob2dvbmFsIGNoaWxkIG91dHNpZGUgb2YgdGhlIHJlZ3VsYXIgbGF5b3V0IHBoYXNlIChk dXJpbmcgcHJlZmVycmVkIHdpZHRoIGNvbXB1dGF0aW9uKS4KCiogTGF5b3V0VGVzdHMvZmFzdC9k eW5hbWljL21hcnF1ZWUtd2l0aC1ncmlkLWFuZC12ZXJ0aWNhbC1jaGlsZC1jcmFzaC1leHBlY3Rl ZC50eHQ6IEFkZGVkLgoqIExheW91dFRlc3RzL2Zhc3QvZHluYW1pYy9tYXJxdWVlLXdpdGgtZ3Jp ZC1hbmQtdmVydGljYWwtY2hpbGQtY3Jhc2guaHRtbDogQWRkZWQuCiogU291cmNlL1dlYkNvcmUv cmVuZGVyaW5nL1JlbmRlckJsb2NrRmxvdy5jcHA6CihXZWJDb3JlOjpSZW5kZXJCbG9ja0Zsb3c6 OmxheW91dEJsb2NrKToKLS0tCiBTb3VyY2UvV2ViQ29yZS9yZW5kZXJpbmcvUmVuZGVyQmxvY2tG bG93LmNwcCAgICAgICB8ICA3ICsrKysrKy0KIC4uLndpdGgtZ3JpZC1hbmQtdmVydGljYWwtY2hp bGQtY3Jhc2gtZXhwZWN0ZWQudHh0IHwgIDEgKwogLi4ubWFycXVlZS13aXRoLWdyaWQtYW5kLXZl cnRpY2FsLWNoaWxkLWNyYXNoLmh0bWwgfCAxNCArKysrKysrKysrKysrKwogMyBmaWxlcyBjaGFu Z2VkLCAyMSBpbnNlcnRpb25zKCspLCAxIGRlbGV0aW9uKC0pCiBjcmVhdGUgbW9kZSAxMDA2NDQg TGF5b3V0VGVzdHMvZmFzdC9keW5hbWljL21hcnF1ZWUtd2l0aC1ncmlkLWFuZC12ZXJ0aWNhbC1j aGlsZC1jcmFzaC1leHBlY3RlZC50eHQKIGNyZWF0ZSBtb2RlIDEwMDY0NCBMYXlvdXRUZXN0cy9m YXN0L2R5bmFtaWMvbWFycXVlZS13aXRoLWdyaWQtYW5kLXZlcnRpY2FsLWNoaWxkLWNyYXNoLmh0 bWwKCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9yZW5kZXJpbmcvUmVuZGVyQmxvY2tGbG93 LmNwcCBiL1NvdXJjZS9XZWJDb3JlL3JlbmRlcmluZy9SZW5kZXJCbG9ja0Zsb3cuY3BwCmluZGV4 IDgwNmNhOGQyYTJiOC4uNDBjOTdjOWJjZGZjIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9y ZW5kZXJpbmcvUmVuZGVyQmxvY2tGbG93LmNwcAorKysgYi9Tb3VyY2UvV2ViQ29yZS9yZW5kZXJp bmcvUmVuZGVyQmxvY2tGbG93LmNwcApAQCAtNTE0LDcgKzUxNCwxMiBAQCB2b2lkIFJlbmRlckJs b2NrRmxvdzo6bGF5b3V0QmxvY2soYm9vbCByZWxheW91dENoaWxkcmVuLCBMYXlvdXRVbml0IHBh Z2VMb2dpY2FsSAogICAgIExheW91dFVuaXQgcmVwYWludExvZ2ljYWxCb3R0b207CiAgICAgTGF5 b3V0VW5pdCBtYXhGbG9hdExvZ2ljYWxCb3R0b207CiAgICAgTGF5b3V0VW5pdCBwYWdlUmVtYWlu aW5nOwotICAgIGJvb2wgaXNQYWdpbmF0ZWQgPSB2aWV3KCkuZnJhbWVWaWV3KCkubGF5b3V0Q29u dGV4dCgpLmxheW91dFN0YXRlKCktPmlzUGFnaW5hdGVkKCk7CisgICAgYXV0byBpc1BhZ2luYXRl ZCA9IFsmXSB7CisgICAgICAgIC8vIEZJWE1FOiBHcmlkIGNhbGxzIGludG8gbGF5b3V0IG91dHNp ZGUgb2YgcmVndWxhciBsYXlvdXQgcGhhc2UgKGR1cmluZyBwcmVmZXJyZWQgd2lkdGggY29tcHV0 YXRpb24pLgorICAgICAgICBpZiAoYXV0byogbGF5b3V0U3RhdGUgPSB2aWV3KCkuZnJhbWVWaWV3 KCkubGF5b3V0Q29udGV4dCgpLmxheW91dFN0YXRlKCkpCisgICAgICAgICAgICByZXR1cm4gbGF5 b3V0U3RhdGUtPmlzUGFnaW5hdGVkKCk7CisgICAgICAgIHJldHVybiBmYWxzZTsKKyAgICB9KCk7 CiAgICAgY29uc3QgUmVuZGVyU3R5bGUmIHN0eWxlVG9Vc2UgPSBzdHlsZSgpOwogICAgIGRvIHsK ICAgICAgICAgTGF5b3V0U3RhdGVNYWludGFpbmVyIHN0YXRlUHVzaGVyKCp0aGlzLCBsb2NhdGlv bk9mZnNldCgpLCBpc1RyYW5zZm9ybWVkKCkgfHwgaGFzUmVmbGVjdGlvbigpIHx8IHN0eWxlVG9V c2UuaXNGbGlwcGVkQmxvY2tzV3JpdGluZ01vZGUoKSwgcGFnZUxvZ2ljYWxIZWlnaHQsIHBhZ2VM b2dpY2FsSGVpZ2h0Q2hhbmdlZCk7CmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9mYXN0L2R5bmFt aWMvbWFycXVlZS13aXRoLWdyaWQtYW5kLXZlcnRpY2FsLWNoaWxkLWNyYXNoLWV4cGVjdGVkLnR4 dCBiL0xheW91dFRlc3RzL2Zhc3QvZHluYW1pYy9tYXJxdWVlLXdpdGgtZ3JpZC1hbmQtdmVydGlj YWwtY2hpbGQtY3Jhc2gtZXhwZWN0ZWQudHh0Cm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAw MDAwMDAwMDAwMC4uZTkyZmNlOGQ1ZWE0Ci0tLSAvZGV2L251bGwKKysrIGIvTGF5b3V0VGVzdHMv ZmFzdC9keW5hbWljL21hcnF1ZWUtd2l0aC1ncmlkLWFuZC12ZXJ0aWNhbC1jaGlsZC1jcmFzaC1l eHBlY3RlZC50eHQKQEAgLTAsMCArMSBAQAorUEFTUyBpZiBubyBjcmFzaCBvciBhc3NlcnQuCmRp ZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9mYXN0L2R5bmFtaWMvbWFycXVlZS13aXRoLWdyaWQtYW5k LXZlcnRpY2FsLWNoaWxkLWNyYXNoLmh0bWwgYi9MYXlvdXRUZXN0cy9mYXN0L2R5bmFtaWMvbWFy cXVlZS13aXRoLWdyaWQtYW5kLXZlcnRpY2FsLWNoaWxkLWNyYXNoLmh0bWwKbmV3IGZpbGUgbW9k ZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwLi45NDc1M2Q2ZmQ4MmUKLS0tIC9kZXYvbnVsbAor KysgYi9MYXlvdXRUZXN0cy9mYXN0L2R5bmFtaWMvbWFycXVlZS13aXRoLWdyaWQtYW5kLXZlcnRp Y2FsLWNoaWxkLWNyYXNoLmh0bWwKQEAgLTAsMCArMSwxNCBAQAorPHN0eWxlPgorZGl2IHsKKyAg ZGlzcGxheTogZ3JpZDsKKyAgd2lkdGg6IG1heC1jb250ZW50OworfQorc3BhbiB7CisgIHdyaXRp bmctbW9kZTogdmVydGljYWwtbHI7Cit9Cis8L3N0eWxlPgorPG1hcnF1ZWU+PGRpdj48c3Bhbj5Q QVNTIGlmIG5vIGNyYXNoIG9yIGFzc2VydC4KKzxzY3JpcHQ+CitpZiAod2luZG93LnRlc3RSdW5u ZXIpCisgIHRlc3RSdW5uZXIuZHVtcEFzVGV4dCgpOworPC9zY3JpcHQ+ClwgTm8gbmV3bGluZSBh dCBlbmQgb2YgZmlsZQo=