90209 2012-06-28 14:33:23 -0700 Webkit crashes in DFG on Google Docs when creating a new document 2021-09-03 18:50:53 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Mac OS X 10.6 RESOLVED FIXED P1 Critical --- 1 esprehn fpizlo barraclough fpizlo glorija88 oldest_to_newest 659834 0 esprehn 2012-06-28 14:33:23 -0700 Process: WebProcess [18394] Path: /Applications/WebKit.app/Contents/Frameworks/10.6/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Identifier: com.apple.WebProcess Version: 537+ (537.1+) Code Type: X86-64 (Native) Parent Process: Safari [18389] Date/Time: 2012-06-28 14:31:45.456 -0700 OS Version: Mac OS X 10.6.8 (10K549) Report Version: 6 Interval Since Last Report: 110230 sec Crashes Since Last Report: 7 Per-App Interval Since Last Report: 191672 sec Per-App Crashes Since Last Report: 7 Anonymous UUID: ACBC7F66-38E8-4DED-AF6F-3F742A121163 Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000003922d26fe4 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x000000010123d5f5 JSC::DFG::CFGSimplificationPhase::mergeBlocks(unsigned int, unsigned int, unsigned int) + 1365 1 com.apple.JavaScriptCore 0x000000010123c9e5 JSC::DFG::CFGSimplificationPhase::run() + 389 2 com.apple.JavaScriptCore 0x000000010123c850 JSC::DFG::performCFGSimplification(JSC::DFG::Graph&) + 32 3 com.apple.JavaScriptCore 0x000000010105fb75 JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*) + 853 4 com.apple.JavaScriptCore 0x000000010105f81a JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr&) + 26 5 com.apple.JavaScriptCore 0x00000001010c5e94 JSC::jitCompileFunctionIfAppropriate(JSC::ExecState*, WTF::OwnPtr<JSC::FunctionCodeBlock>&, JSC::JITCode&, JSC::MacroAssemblerCodePtr&, JSC::SharedSymbolTable*&, JSC::JITCode::JITType, JSC::JITCompilationEffort) + 308 6 com.apple.JavaScriptCore 0x00000001010c4916 JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::ScopeChainNode*, JSC::JITCode::JITType) + 294 7 com.apple.JavaScriptCore 0x00000001011126b2 cti_optimize + 258 8 ??? 0x000037947cfa2edf 0 + 61110891458271 9 com.apple.JavaScriptCore 0x00000001010d0826 JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::ScopeChainNode*, int) + 1190 10 com.apple.JavaScriptCore 0x000000010113842f JSC::globalFuncEval(JSC::ExecState*) + 1231 11 ??? 0x000037947ca01265 0 + 61110885552741 12 com.apple.JavaScriptCore 0x00000001010d3701 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 913 13 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52 14 com.apple.JavaScriptCore 0x0000000101122600 JSC::boundFunctionCall(JSC::ExecState*) + 400 15 ??? 0x000037947ca01265 0 + 61110885552741 16 com.apple.JavaScriptCore 0x00000001010d3701 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 913 17 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52 18 com.apple.JavaScriptCore 0x0000000101122600 JSC::boundFunctionCall(JSC::ExecState*) + 400 19 ??? 0x000037947ca01265 0 + 61110885552741 20 com.apple.JavaScriptCore 0x00000001010d3701 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 913 21 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52 22 com.apple.JavaScriptCore 0x0000000101122600 JSC::boundFunctionCall(JSC::ExecState*) + 400 23 com.apple.JavaScriptCore 0x00000001010d3821 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1201 24 com.apple.JavaScriptCore 0x0000000101028d44 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 52 25 com.apple.WebCore 0x0000000101988ad5 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 901 26 com.apple.WebCore 0x0000000101690397 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 215 27 com.apple.WebCore 0x000000010169022d WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 141 28 com.apple.WebCore 0x0000000101fd1526 WebCore::XMLHttpRequestProgressEventThrottle::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 342 29 com.apple.WebCore 0x0000000101fd1598 WebCore::XMLHttpRequestProgressEventThrottle::dispatchReadyStateChangeEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ProgressEventAction) + 56 30 com.apple.WebCore 0x0000000101fcc7d2 WebCore::XMLHttpRequest::callReadyStateChangeListener() + 354 31 com.apple.WebCore 0x0000000101fd0306 WebCore::XMLHttpRequest::didFinishLoading(unsigned long, double) + 358 32 com.apple.WebCore 0x0000000101552547 WebCore::DocumentThreadableLoader::notifyFinished(WebCore::CachedResource*) + 423 33 com.apple.WebCore 0x000000010142788d WebCore::CachedResource::checkNotify() + 93 34 com.apple.WebCore 0x00000001014267e0 WebCore::CachedRawResource::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) + 448 35 com.apple.WebCore 0x0000000101e545df WebCore::SubresourceLoader::didFinishLoading(double) + 143 36 com.apple.Foundation 0x00007fff83d3786c _NSURLConnectionDidFinishLoading + 113 37 com.apple.CFNetwork 0x00007fff8117a0ea URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 174 38 com.apple.CFNetwork 0x00007fff811e022c URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 254 39 com.apple.CFNetwork 0x00007fff811e0498 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 874 40 com.apple.CFNetwork 0x00007fff811666d7 URLConnectionClient::processEvents() + 121 41 com.apple.CFNetwork 0x00007fff811664b2 MultiplexerSource::perform() + 160 42 com.apple.CoreFoundation 0x00007fff86c6327d __CFRunLoopDoSources0 + 1021 43 com.apple.CoreFoundation 0x00007fff86c615c9 __CFRunLoopRun + 873 44 com.apple.CoreFoundation 0x00007fff86c60d8f CFRunLoopRunSpecific + 575 45 com.apple.HIToolbox 0x00007fff81b7e7ee RunCurrentEventLoopInMode + 333 46 com.apple.HIToolbox 0x00007fff81b7e5f3 ReceiveNextEventCommon + 310 47 com.apple.HIToolbox 0x00007fff81b7e4ac BlockUntilNextEventMatchingListInMode + 59 48 com.apple.AppKit 0x00007fff89c86eb2 _DPSNextEvent + 708 49 com.apple.AppKit 0x00007fff89c86801 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155 50 com.apple.AppKit 0x00007fff89c4c68f -[NSApplication run] + 395 51 com.apple.WebCore 0x0000000101d8fd23 WebCore::RunLoop::run() + 67 52 com.apple.WebKit2 0x00000001002e1d4a WebKit::WebProcessMain(WebKit::CommandLine const&) + 700 53 com.apple.WebKit2 0x000000010029779b WebKitMain + 285 54 com.apple.WebProcess 0x0000000100000e5e main + 214 55 com.apple.WebProcess 0x0000000100000d80 start + 52 660948 1 fpizlo 2012-06-29 20:07:33 -0700 Nice catch, and thanks for the bug report. It appears that the control flow graph simplification phase (DFGCFGSimplificationPhase) was forgetting to check if a variable was captured when doing variable relinking. It was seeing IR like: a: GetLocal(stuff, r15*) b: Phantom(@a) Ordinarily, if merging two basic blocks with the second block having IR like the above, it should find the last access to local r15 and relink the Phantom to that access. But this is not true for captured variables, where the same basic block may have had a store to r15, and the previous block(s) had no mention of r15. This was true in this case, so its attempt to find an access to r15 in the previous block failed. Simple fix on the way. I will try to write a reduced test case as well. 660967 2 150300 fpizlo 2012-06-29 20:39:47 -0700 Created attachment 150300 the patch 661069 3 fpizlo 2012-06-30 12:29:09 -0700 Landed in http://trac.webkit.org/changeset/121629 150300 2012-06-29 20:39:47 -0700 2012-06-30 02:53:09 -0700 the patch fixgdocs_patch_1.diff text/plain 9906 fpizlo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTIxNjExKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE2IEBA CisyMDEyLTA2LTI5ICBGaWxpcCBQaXpsbyAgPGZwaXpsb0BhcHBsZS5jb20+CisKKyAgICAgICAg V2Via2l0IGNyYXNoZXMgaW4gREZHIG9uIEdvb2dsZSBEb2NzIHdoZW4gY3JlYXRpbmcgYSBuZXcg ZG9jdW1lbnQKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lk PTkwMjA5CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisgICAgICAgIAor ICAgICAgICBEb24ndCBhdHRlbXB0IHRvIHNob3J0LWNpcmN1aXQgUGhhbnRvbShHZXRMb2NhbCkg aWYgdGhlIEdldExvY2FsIGlzIGZvciBhCisgICAgICAgIGNhcHR1cmVkIHZhcmlhYmxlLgorCisg ICAgICAgICogZGZnL0RGR0NGR1NpbXBsaWZpY2F0aW9uUGhhc2UuY3BwOgorICAgICAgICAoSlND OjpERkc6OkNGR1NpbXBsaWZpY2F0aW9uUGhhc2U6Om1lcmdlQmxvY2tzKToKKwogMjAxMi0wNi0y OSAgTWFyayBIYWhuZW5iZXJnICA8bWhhaG5lbmJlcmdAYXBwbGUuY29tPgogCiAgICAgICAgIFJl bW92ZSB3YXJuaW5nIGFib3V0IHByb3RlY3RlZCB2YWx1ZXMgd2hlbiB0aGUgSGVhcCBpcyBiZWlu ZyBkZXN0cm95ZWQKSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHQ0ZHU2ltcGxp ZmljYXRpb25QaGFzZS5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2Rm Zy9ERkdDRkdTaW1wbGlmaWNhdGlvblBoYXNlLmNwcAkocmV2aXNpb24gMTIxNjA0KQorKysgU291 cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdDRkdTaW1wbGlmaWNhdGlvblBoYXNlLmNwcAkod29y a2luZyBjb3B5KQpAQCAtNjEzLDcgKzYxMyw3IEBAIHByaXZhdGU6CiAgICAgICAgICAgICAgICAg CiAgICAgICAgICAgICAgICAgQVNTRVJUKG5vZGUuc2hvdWxkR2VuZXJhdGUoKSk7CiAgICAgICAg ICAgICAgICAgTm9kZSYgcG9zc2libGVMb2NhbE9wID0gbV9ncmFwaFtub2RlLmNoaWxkMSgpXTsK LSAgICAgICAgICAgICAgICBpZiAocG9zc2libGVMb2NhbE9wLmhhc0xvY2FsKCkpIHsKKyAgICAg ICAgICAgICAgICBpZiAocG9zc2libGVMb2NhbE9wLmhhc0xvY2FsKCkgJiYgIXBvc3NpYmxlTG9j YWxPcC52YXJpYWJsZUFjY2Vzc0RhdGEoKS0+aXNDYXB0dXJlZCgpKSB7CiAgICAgICAgICAgICAg ICAgICAgIE5vZGVJbmRleCBzZXRMb2NhbEluZGV4ID0KICAgICAgICAgICAgICAgICAgICAgICAg IGZpcnN0QmxvY2stPnZhcmlhYmxlc0F0VGFpbC5vcGVyYW5kKHBvc3NpYmxlTG9jYWxPcC5sb2Nh bCgpKTsKICAgICAgICAgICAgICAgICAgICAgTm9kZSYgc2V0TG9jYWwgPSBtX2dyYXBoW3NldExv Y2FsSW5kZXhdOwpJbmRleDogTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExh eW91dFRlc3RzL0NoYW5nZUxvZwkocmV2aXNpb24gMTIxNjE3KQorKysgTGF5b3V0VGVzdHMvQ2hh bmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTggQEAKKzIwMTItMDYtMjkgIEZpbGlw IFBpemxvICA8ZnBpemxvQGFwcGxlLmNvbT4KKworICAgICAgICBXZWJraXQgY3Jhc2hlcyBpbiBE Rkcgb24gR29vZ2xlIERvY3Mgd2hlbiBjcmVhdGluZyBhIG5ldyBkb2N1bWVudAorICAgICAgICBo dHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9OTAyMDkKKworICAgICAgICBS ZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICAqIGZhc3QvanMvZGZnLWNmZy1z aW1wbGlmeS1waGFudG9tLWdldC1sb2NhbC1vbi1zYW1lLWJsb2NrLXNldC1sb2NhbC1leHBlY3Rl ZC50eHQ6IEFkZGVkLgorICAgICAgICAqIGZhc3QvanMvZGZnLWNmZy1zaW1wbGlmeS1waGFudG9t LWdldC1sb2NhbC1vbi1zYW1lLWJsb2NrLXNldC1sb2NhbC5odG1sOiBBZGRlZC4KKyAgICAgICAg KiBmYXN0L2pzL3NjcmlwdC10ZXN0cy9kZmctY2ZnLXNpbXBsaWZ5LXBoYW50b20tZ2V0LWxvY2Fs LW9uLXNhbWUtYmxvY2stc2V0LWxvY2FsLmpzOiBBZGRlZC4KKyAgICAgICAgKGJheik6CisgICAg ICAgIChzdHVmZik6CisgICAgICAgIChmb28pOgorICAgICAgICAoby5nKToKKwogMjAxMi0wNi0y OSAgRXJpayBBcnZpZHNzb24gIDxhcnZAY2hyb21pdW0ub3JnPgogCiAgICAgICAgIFtWOF0gSFRN TENvbGxlY3Rpb24gd3JhcHBlcnMgYXJlIG5vdCByZXRhaW5lZApJbmRleDogTGF5b3V0VGVzdHMv ZmFzdC9qcy9kZmctY2ZnLXNpbXBsaWZ5LXBoYW50b20tZ2V0LWxvY2FsLW9uLXNhbWUtYmxvY2st c2V0LWxvY2FsLWV4cGVjdGVkLnR4dAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9mYXN0L2pz L2RmZy1jZmctc2ltcGxpZnktcGhhbnRvbS1nZXQtbG9jYWwtb24tc2FtZS1ibG9jay1zZXQtbG9j YWwtZXhwZWN0ZWQudHh0CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvZmFzdC9qcy9kZmct Y2ZnLXNpbXBsaWZ5LXBoYW50b20tZ2V0LWxvY2FsLW9uLXNhbWUtYmxvY2stc2V0LWxvY2FsLWV4 cGVjdGVkLnR4dAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSwyMDkgQEAKK1Rlc3RzIHRoYXQgYXR0 ZW1wdHMgYnkgdGhlIERGRyBzaW1wbGlmaWNhdGlvbiB0byBzaG9ydC1jaXJjdWl0IGEgUGhhbnRv bSB0byBhIEdldExvY2FsIG9uIGEgdmFyaWFibGUgdGhhdCBpcyBTZXRMb2NhbCdkIGluIHRoZSBz YW1lIGJsb2NrLCBhbmQgd2hlcmUgdGhlIHByZWRlY2Vzc29yIGJsb2NrKHMpIG1ha2Ugbm8gbWVu dGlvbiBvZiB0aGF0IHZhcmlhYmxlLCBkbyBub3QgcmVzdWx0IGluIGNyYXNoZXMuCisKK09uIHN1 Y2Nlc3MsIHlvdSB3aWxsIHNlZSBhIHNlcmllcyBvZiAiUEFTUyIgbWVzc2FnZXMsIGZvbGxvd2Vk IGJ5ICJURVNUIENPTVBMRVRFIi4KKworCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGlu Z3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0Mgor UEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShv KSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNT IHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlz IDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhp bmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIK K1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3ko bykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFT UyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBp cyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRo aW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQy CitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5 KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BB U1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykg aXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0 aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0 MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5n eShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQ QVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8p IGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1Mg dGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMg NDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGlu Z3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0Mgor UEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShv KSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNT IHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlz IDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhp bmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIK K1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3ko bykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFT UyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBp cyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRo aW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQy CitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5 KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BB U1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykg aXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0 aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0 MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5n eShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQ QVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8p IGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1Mg dGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMg NDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGlu Z3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0Mgor UEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShv KSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNT IHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlz IDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhp bmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIK K1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3ko bykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFT UyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBp cyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRo aW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQy CitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5 KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BB U1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykg aXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0 aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0 MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5n eShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQ QVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8p IGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1Mg dGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMg NDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGlu Z3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0Mgor UEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShv KSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNT IHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlz IDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhp bmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIK K1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3ko bykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBpcyA0MgorUEFT UyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRoaW5neShvKSBp cyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1MgdGhpbmd5KG8pIGlzIDQyCitQQVNTIHRo aW5neShvKSBpcyA0MgorUEFTUyB0aGluZ3kobykgaXMgNDIKK1BBU1Mgc3VjY2Vzc2Z1bGx5UGFy c2VkIGlzIHRydWUKKworVEVTVCBDT01QTEVURQorCkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pz L2RmZy1jZmctc2ltcGxpZnktcGhhbnRvbS1nZXQtbG9jYWwtb24tc2FtZS1ibG9jay1zZXQtbG9j YWwuaHRtbAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9mYXN0L2pzL2RmZy1jZmctc2ltcGxp ZnktcGhhbnRvbS1nZXQtbG9jYWwtb24tc2FtZS1ibG9jay1zZXQtbG9jYWwuaHRtbAkocmV2aXNp b24gMCkKKysrIExheW91dFRlc3RzL2Zhc3QvanMvZGZnLWNmZy1zaW1wbGlmeS1waGFudG9tLWdl dC1sb2NhbC1vbi1zYW1lLWJsb2NrLXNldC1sb2NhbC5odG1sCShyZXZpc2lvbiAwKQpAQCAtMCww ICsxLDEwIEBACis8IURPQ1RZUEUgSFRNTCBQVUJMSUMgIi0vL0lFVEYvL0RURCBIVE1MLy9FTiI+ Cis8aHRtbD4KKzxoZWFkPgorPHNjcmlwdCBzcmM9InJlc291cmNlcy9qcy10ZXN0LXByZS5qcyI+ PC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keT4KKzxzY3JpcHQgc3JjPSJzY3JpcHQtdGVzdHMvZGZn LWNmZy1zaW1wbGlmeS1waGFudG9tLWdldC1sb2NhbC1vbi1zYW1lLWJsb2NrLXNldC1sb2NhbC5q cyI+PC9zY3JpcHQ+Cis8c2NyaXB0IHNyYz0icmVzb3VyY2VzL2pzLXRlc3QtcG9zdC5qcyI+PC9z Y3JpcHQ+Cis8L2JvZHk+Cis8L2h0bWw+CkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pzL3Njcmlw dC10ZXN0cy9kZmctY2ZnLXNpbXBsaWZ5LXBoYW50b20tZ2V0LWxvY2FsLW9uLXNhbWUtYmxvY2st c2V0LWxvY2FsLmpzCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zhc3QvanMvc2NyaXB0LXRl c3RzL2RmZy1jZmctc2ltcGxpZnktcGhhbnRvbS1nZXQtbG9jYWwtb24tc2FtZS1ibG9jay1zZXQt bG9jYWwuanMJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9mYXN0L2pzL3NjcmlwdC10ZXN0 cy9kZmctY2ZnLXNpbXBsaWZ5LXBoYW50b20tZ2V0LWxvY2FsLW9uLXNhbWUtYmxvY2stc2V0LWxv Y2FsLmpzCShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDQwIEBACitkZXNjcmlwdGlvbigKKyJUZXN0 cyB0aGF0IGF0dGVtcHRzIGJ5IHRoZSBERkcgc2ltcGxpZmljYXRpb24gdG8gc2hvcnQtY2lyY3Vp dCBhIFBoYW50b20gdG8gYSBHZXRMb2NhbCBvbiBhIHZhcmlhYmxlIHRoYXQgaXMgU2V0TG9jYWwn ZCBpbiB0aGUgc2FtZSBibG9jaywgYW5kIHdoZXJlIHRoZSBwcmVkZWNlc3NvciBibG9jayhzKSBt YWtlIG5vIG1lbnRpb24gb2YgdGhhdCB2YXJpYWJsZSwgZG8gbm90IHJlc3VsdCBpbiBjcmFzaGVz LiIKKyk7CisKK2Z1bmN0aW9uIGJheigpIHsKKyAgICAvLyBEbyBzb21ldGhpbmcgdGhhdCBwcmV2 ZW50cyBpbmxpbmluZy4KKyAgICByZXR1cm4gZnVuY3Rpb24oKSB7IH0KK30KKworZnVuY3Rpb24g c3R1ZmYoeikgeyB9CisKK2Z1bmN0aW9uIGZvbyh4LCB5KSB7CisgICAgdmFyIGEgPSBhcmd1bWVu dHM7IC8vIEZvcmNlIGFyZ3VtZW50cyB0byBiZSBjYXB0dXJlZCwgc28gdGhhdCB4IGlzIGNhcHR1 cmVkLgorICAgIGJheigpOworICAgIHZhciB6ID0geDsKKyAgICBzdHVmZih6KTsgLy8gRm9yY2Ug YSBGbHVzaCwgYW5kIHRoZW4gYSBQaGFudG9tIG9uIHRoZSBHZXRMb2NhbCBvZiB4LgorICAgIHJl dHVybiA0MjsKK30KKwordmFyIG8gPSB7CisgICAgZzogZnVuY3Rpb24oeCkgeyB9Cit9OworCitm dW5jdGlvbiB0aGluZ3kobykgeworICAgIHZhciBwID0ge307CisgICAgdmFyIHJlc3VsdDsKKyAg ICAvLyBUcmljayB0byBkZWxheSBjb250cm9sIGZsb3cgZ3JhcGggc2ltcGxpZmljYXRpb24gdW50 aWwgYWZ0ZXIgdGhlIGZsdXNoIG9mIHggYWJvdmUgZ2V0cyB0dXJuZWQgaW50byBhIHBoYW50b20u CisgICAgaWYgKG8uZykKKyAgICAgICAgcC5mID0gdHJ1ZTsKKyAgICBpZiAocC5mKSB7CisgICAg ICAgIC8vIEJhc2ljIGJsb2NrIHRoYXQgc3RvcmVzIHRvIHggaW4gZm9vKCksIHdoaWNoIGlzIGEg Y2FwdHVyZWQgdmFyaWFibGUsIHdpdGgKKyAgICAgICAgLy8gdGhlIHByZWRlY2Vzc29yIGJsb2Nr IG1ha2luZyBubyBtZW50aW9uIG9mIHguCisgICAgICAgIHJlc3VsdCA9IGZvbygiaGVsbG8iLCAy KTsKKyAgICB9CisgICAgcmV0dXJuIHJlc3VsdDsKK30KKworZm9yICh2YXIgaSA9IDA7IGkgPCAy MDA7ICsraSkKKyAgICBzaG91bGRCZSgidGhpbmd5KG8pIiwgIjQyIik7CisK