200989 2019-08-21 11:55:13 -0700 Crash under StringImpl::~StringImpl() in IDBServer::computeSpaceUsedForOrigin() 2019-08-21 15:32:31 -0700 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=200990 InRadar P2 Normal --- 1 cdumez cdumez achristensen alecflett beidson commit-queue ews-watchlist ggaren jsbell sihui_liu webkit-bug-importer youennf oldest_to_newest 1563594 0 cdumez 2019-08-21 11:55:13 -0700 Crash under StringImpl::~StringImpl() in IDBServer::computeSpaceUsedForOrigin(): Thread[5] EXC_BAD_ACCESS (SIGSEGV) (KERN_INVALID_ADDRESS at 0x6f697463656e6e6f -> 0x00000063656e6e6f (possible pointer authentication failure)) [ 0] 0x0000000195c88438 JavaScriptCore`WTF::StringImpl::~StringImpl() [inlined] WTF::StringImpl::deref() at StringImpl.h:1074:29 0x0000000195c88428: ldp x29, x30, [sp, #0x10] 0x0000000195c8842c: ldp x20, x19, [sp], #0x20 0x0000000195c88430: retab 0x0000000195c88434: ldr x0, [x19, #0x18] -> 0x0000000195c88438: ldr w8, [x0] 0x0000000195c8843c: subs w8, w8, #0x2 ; =0x2 0x0000000195c88440: b.eq 0x3d458 ; <+272> [inlined] WTF::StringImpl::~StringImpl() at StringImpl.cpp:150 0x0000000195c88444: str w8, [x0] 0x0000000195c88448: mov x0, x19 [ 0] 0x0000000195c88438 JavaScriptCore`WTF::StringImpl::~StringImpl() + 240 at StringImpl.cpp:145 141 } 142 143 ASSERT(ownership == BufferSubstring); 144 ASSERT(substringBuffer()); -> 145 substringBuffer()->deref(); 146 } 147 148 void StringImpl::destroy(StringImpl* stringImpl) 149 { [ 1] 0x0000000195c8849f JavaScriptCore`WTF::StringImpl::destroy(WTF::StringImpl*) [inlined] WTF::StringImpl::~StringImpl() + 3 at StringImpl.cpp:108:1 104 105 StringImpl::StaticStringImpl StringImpl::s_emptyAtomString("", StringImpl::StringAtom); 106 107 StringImpl::~StringImpl() -> 108 { 109 ASSERT(!isStatic()); 110 111 StringView::invalidate(*this); 112 [ 1] 0x0000000195c8849c JavaScriptCore`WTF::StringImpl::destroy(WTF::StringImpl*) + 12 at StringImpl.cpp:150 146 } 147 148 void StringImpl::destroy(StringImpl* stringImpl) 149 { -> 150 stringImpl->~StringImpl(); 151 fastFree(stringImpl); 152 } 153 154 Ref<StringImpl> StringImpl::createFromLiteral(const char* characters, unsigned length) [ 2] 0x0000000195c8849f JavaScriptCore`WTF::StringImpl::destroy(WTF::StringImpl*) [inlined] WTF::StringImpl::~StringImpl() + 3 at StringImpl.cpp:108:1 104 105 StringImpl::StaticStringImpl StringImpl::s_emptyAtomString("", StringImpl::StringAtom); 106 107 StringImpl::~StringImpl() -> 108 { 109 ASSERT(!isStatic()); 110 111 StringView::invalidate(*this); 112 [ 2] 0x0000000195c8849c JavaScriptCore`WTF::StringImpl::destroy(WTF::StringImpl*) + 12 at StringImpl.cpp:150 146 } 147 148 void StringImpl::destroy(StringImpl* stringImpl) 149 { -> 150 stringImpl->~StringImpl(); 151 fastFree(stringImpl); 152 } 153 154 Ref<StringImpl> StringImpl::createFromLiteral(const char* characters, unsigned length) [ 3] 0x0000000195c68703 JavaScriptCore`WTF::FileSystemImpl::pathByAppendingComponent(WTF::String const&, WTF::String const&) + 563 at FileSystemPOSIX.cpp:0 1 /* 2 * Copyright (C) 2007-2017 Apple Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. ok [ 4] 0x000000018f3c9b77 WebCore`WebCore::IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(WebCore::SecurityOriginData const&, WebCore::SecurityOriginData const&, WTF::String const&, WTF::String const&) + 51 at IDBDatabaseIdentifier.cpp:65:31 61 } 62 63 String IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(const SecurityOriginData& topLevelOrigin, const SecurityOriginData& openingOrigin, const String& rootDirectory, const String& versionString) 64 { -> 65 String versionDirectory = FileSystem::pathByAppendingComponent(rootDirectory, versionString); 66 String mainFrameDirectory = FileSystem::pathByAppendingComponent(versionDirectory, topLevelOrigin.databaseIdentifier()); 67 68 // If the opening origin and main frame origins are the same, there is no partitioning. 69 if (openingOrigin == topLevelOrigin) [ 5] 0x000000018f40a687 WebCore`WebCore::IDBServer::IDBServer::computeSpaceUsedForOrigin(WebCore::ClientOrigin const&) + 79 at IDBServer.cpp:778:38 774 void IDBServer::computeSpaceUsedForOrigin(const ClientOrigin& origin) 775 { 776 ASSERT(!isMainThread()); 777 -> 778 auto oldVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, m_databaseDirectoryPath, "v0"); 779 auto newVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, m_databaseDirectoryPath, "v1"); 780 auto size = SQLiteIDBBackingStore::databasesSizeForFolder(oldVersionOriginDirectory) + SQLiteIDBBackingStore::databasesSizeForFolder(newVersionOriginDirectory); 781 782 postDatabaseTaskReply(createCrossThreadTask(*this, &IDBServer::finishComputingSpaceUsedForOrigin, origin, size)); [ 6] 0x000000018f4172db WebCore`WTF::Detail::CallableWrapper<WTF::CrossThreadTask WTF::createCrossThreadTask<WebCore::IDBServer::IDBServer, 0, WebCore::ClientOrigin const&, WebCore::ClientOrigin>(WebCore::IDBServer::IDBServer&, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), WebCore::ClientOrigin const&)::'lambda'(), void>::call() [inlined] void WTF::callMemberFunctionForCrossThreadTaskImpl<WebCore::IDBServer::IDBServer, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), std::__1::tuple<WebCore::ClientOrigin>, 0ul>(WebCore::IDBServer::IDBServer*, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), std::__1::tuple<WebCore::ClientOrigin>&&, std::__1::integer_sequence<unsigned long, 0ul>) + 63 at CrossThreadTask.h:78:5 [ 6] 0x000000018f41729c WebCore`WTF::Detail::CallableWrapper<WTF::CrossThreadTask WTF::createCrossThreadTask<WebCore::IDBServer::IDBServer, 0, WebCore::ClientOrigin const&, WebCore::ClientOrigin>(WebCore::IDBServer::IDBServer&, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), WebCore::ClientOrigin const&)::'lambda'(), void>::call() [inlined] void WTF::callMemberFunctionForCrossThreadTask<WebCore::IDBServer::IDBServer, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), std::__1::tuple<WebCore::ClientOrigin>, std::__1::integer_sequence<unsigned long, 0ul> >(WebCore::IDBServer::IDBServer*, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), std::__1::tuple<WebCore::ClientOrigin>&&) at CrossThreadTask.h:84 [ 6] 0x000000018f41729c WebCore`WTF::Detail::CallableWrapper<WTF::CrossThreadTask WTF::createCrossThreadTask<WebCore::IDBServer::IDBServer, 0, WebCore::ClientOrigin const&, WebCore::ClientOrigin>(WebCore::IDBServer::IDBServer&, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), WebCore::ClientOrigin const&)::'lambda'(), void>::call() [inlined] WTF::CrossThreadTask WTF::createCrossThreadTask<WebCore::IDBServer::IDBServer, 0, WebCore::ClientOrigin const&, WebCore::ClientOrigin>(WebCore::IDBServer::IDBServer&, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), WebCore::ClientOrigin const&)::'lambda'()::operator()() + 8 at CrossThreadTask.h:99 [ 6] 0x000000018f417294 WebCore`WTF::Detail::CallableWrapper<WTF::CrossThreadTask WTF::createCrossThreadTask<WebCore::IDBServer::IDBServer, 0, WebCore::ClientOrigin const&, WebCore::ClientOrigin>(WebCore::IDBServer::IDBServer&, void (WebCore::IDBServer::IDBServer::*)(WebCore::ClientOrigin const&), WebCore::ClientOrigin const&)::'lambda'(), void>::call() at Function.h:52 [ 7] 0x0000000195c5d9a3 JavaScriptCore`WTF::CrossThreadTaskHandler::taskRunLoop() [inlined] WTF::Function<void ()>::operator()() const + 19 at Function.h:79:35 [ 7] 0x0000000195c5d990 JavaScriptCore`WTF::CrossThreadTaskHandler::taskRunLoop() [inlined] WTF::CrossThreadTask::performTask() at CrossThreadTask.h:48 [ 7] 0x0000000195c5d990 JavaScriptCore`WTF::CrossThreadTaskHandler::taskRunLoop() + 236 at CrossThreadTaskHandler.cpp:78 1563595 1 webkit-bug-importer 2019-08-21 11:55:32 -0700 <rdar://problem/54565546> 1563601 2 376901 cdumez 2019-08-21 12:09:27 -0700 Created attachment 376901 Patch 1563620 3 376901 achristensen 2019-08-21 12:27:14 -0700 Comment on attachment 376901 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=376901&action=review > Source/WebCore/Modules/indexeddb/server/IDBServer.h:133 > + String databaseDirectoryPath() const { return m_databaseDirectoryPath.isolatedCopy(); } There's nothing obvious about this code location that indicates it's going to be sent to another thread. 1563621 4 cdumez 2019-08-21 12:28:44 -0700 (In reply to Alex Christensen from comment #3) > Comment on attachment 376901 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=376901&action=review > > > Source/WebCore/Modules/indexeddb/server/IDBServer.h:133 > > + String databaseDirectoryPath() const { return m_databaseDirectoryPath.isolatedCopy(); } > > There's nothing obvious about this code location that indicates it's going > to be sent to another thread. What's the concern here? Performance? I doubt this is hot. Also, this is private and mostly called from background threads. 1563622 5 achristensen 2019-08-21 12:29:45 -0700 My concern is, "are there other strings that are being passed to other threads with this string?" is a hard question to answer by looking at this change. 1563623 6 cdumez 2019-08-21 12:30:14 -0700 (In reply to Chris Dumez from comment #4) > (In reply to Alex Christensen from comment #3) > > Comment on attachment 376901 [details] > > Patch > > > > View in context: > > https://bugs.webkit.org/attachment.cgi?id=376901&action=review > > > > > Source/WebCore/Modules/indexeddb/server/IDBServer.h:133 > > > + String databaseDirectoryPath() const { return m_databaseDirectoryPath.isolatedCopy(); } > > > > There's nothing obvious about this code location that indicates it's going > > to be sent to another thread. > > What's the concern here? Performance? I doubt this is hot. Also, this is > private and mostly called from background threads. Also, we already use this pattern in network cache code at least: String Storage::basePath() const { return m_basePath.isolatedCopy(); } String Storage::versionPath() const { return makeVersionedDirectoryPath(basePath()); } String Storage::recordsPath() const { return m_recordsPath.isolatedCopy(); } 1563624 7 cdumez 2019-08-21 12:32:11 -0700 (In reply to Alex Christensen from comment #5) > My concern is, "are there other strings that are being passed to other > threads with this string?" is a hard question to answer by looking at this > change. You can see in the bug description the crash trace: auto oldVersionOriginDirectory = IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot(origin.topOrigin, origin.clientOrigin, m_databaseDirectoryPath, "v0"); and then: String versionDirectory = FileSystem::pathByAppendingComponent(rootDirectory, versionString); So issue is either with m_databaseDirectoryPath or "v0". It cannot be "v0" so it must be m_databaseDirectoryPath. origin is properly isolated copied: postDatabaseTask(createCrossThreadTask(*this, &IDBServer::computeSpaceUsedForOrigin, origin)); 1563733 8 376901 commit-queue 2019-08-21 15:32:29 -0700 Comment on attachment 376901 Patch Clearing flags on attachment: 376901 Committed r248969: <https://trac.webkit.org/changeset/248969> 1563734 9 commit-queue 2019-08-21 15:32:31 -0700 All reviewed patches have been landed. Closing bug. 376901 2019-08-21 12:09:27 -0700 2019-08-21 15:32:29 -0700 Patch bug-200989-20190821120926.patch text/plain 9212 cdumez U3VidmVyc2lvbiBSZXZpc2lvbjogMjQ4OTUzCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggZDk5MTMwYTE4MmM3MWFj YTQyMDQxZmYzMWM1YjJlOTY2ZDAwZjg1Ni4uMWYxOGZhOGQ0ZDgwYWU5OGQ0ZDg3OTFkNWE2MDY3 ZGEyZjBmZWExZCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDI2IEBACisyMDE5LTA4LTIxICBDaHJp cyBEdW1leiAgPGNkdW1lekBhcHBsZS5jb20+CisKKyAgICAgICAgQ3Jhc2ggdW5kZXIgU3RyaW5n SW1wbDo6flN0cmluZ0ltcGwoKSBpbiBJREJTZXJ2ZXI6OmNvbXB1dGVTcGFjZVVzZWRGb3JPcmln aW4oKQorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjAw OTg5CisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS81NDU2NTU0Nj4KKworICAgICAgICBSZXZpZXdl ZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBNYWtlIHN1cmUgd2UgY2FsbCBpc29sYXRl ZENvcHkoKSBvbiBJREJTZXJ2ZXI6Om1fZGF0YWJhc2VEaXJlY3RvcnlQYXRoIGJlZm9yZSB1c2lu ZyBpdCBmcm9tCisgICAgICAgIGJhY2tncm91bmQgdGhyZWFkcy4KKworICAgICAgICAqIE1vZHVs ZXMvaW5kZXhlZGRiL3NlcnZlci9JREJTZXJ2ZXIuY3BwOgorICAgICAgICAoV2ViQ29yZTo6SURC U2VydmVyOjpJREJTZXJ2ZXI6OmNyZWF0ZUJhY2tpbmdTdG9yZSk6CisgICAgICAgIChXZWJDb3Jl OjpJREJTZXJ2ZXI6OklEQlNlcnZlcjo6cGVyZm9ybUdldEFsbERhdGFiYXNlTmFtZXMpOgorICAg ICAgICAoV2ViQ29yZTo6SURCU2VydmVyOjpJREJTZXJ2ZXI6OnJlbW92ZURhdGFiYXNlc01vZGlm aWVkU2luY2VGb3JWZXJzaW9uKToKKyAgICAgICAgKFdlYkNvcmU6OklEQlNlcnZlcjo6SURCU2Vy dmVyOjpwZXJmb3JtQ2xvc2VBbmREZWxldGVEYXRhYmFzZXNNb2RpZmllZFNpbmNlKToKKyAgICAg ICAgKFdlYkNvcmU6OklEQlNlcnZlcjo6SURCU2VydmVyOjpyZW1vdmVEYXRhYmFzZXNXaXRoT3Jp Z2luc0ZvclZlcnNpb24pOgorICAgICAgICAoV2ViQ29yZTo6SURCU2VydmVyOjpJREJTZXJ2ZXI6 OnBlcmZvcm1DbG9zZUFuZERlbGV0ZURhdGFiYXNlc0Zvck9yaWdpbnMpOgorICAgICAgICAoV2Vi Q29yZTo6SURCU2VydmVyOjpJREJTZXJ2ZXI6OmNvbXB1dGVTcGFjZVVzZWRGb3JPcmlnaW4pOgor ICAgICAgICAoV2ViQ29yZTo6SURCU2VydmVyOjpJREJTZXJ2ZXI6OnVwZ3JhZGVGaWxlc0lmTmVj ZXNzYXJ5KToKKyAgICAgICAgKiBNb2R1bGVzL2luZGV4ZWRkYi9zZXJ2ZXIvSURCU2VydmVyLmg6 CisgICAgICAgIChXZWJDb3JlOjpJREJTZXJ2ZXI6OklEQlNlcnZlcjo6ZGF0YWJhc2VEaXJlY3Rv cnlQYXRoIGNvbnN0KToKKwogMjAxOS0wOC0yMSAgSmVyIE5vYmxlICA8amVyLm5vYmxlQGFwcGxl LmNvbT4KIAogICAgICAgICBbaU9TXSBITFMgc3RyZWFtcyBkaXNhcHBlYXIgZnJvbSBOb3cgUGxh eWluZyB3aGVuIHBhdXNlZCBvbiB0aGUgbG9jayBzY3JlZW4KZGlmZiAtLWdpdCBhL1NvdXJjZS9X ZWJDb3JlL01vZHVsZXMvaW5kZXhlZGRiL3NlcnZlci9JREJTZXJ2ZXIuY3BwIGIvU291cmNlL1dl YkNvcmUvTW9kdWxlcy9pbmRleGVkZGIvc2VydmVyL0lEQlNlcnZlci5jcHAKaW5kZXggYjhkMGE2 NzQ1ODI5YzI3YzRlYTdiMWNiMTcyNGQ5MWQ5NjVlZmFmNi4uZWMwZTc3YTI3Yzc2Y2RiYmE4ZDRk OGQzZmRiNzFiZGUwM2IxNjI5ZCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvTW9kdWxlcy9p bmRleGVkZGIvc2VydmVyL0lEQlNlcnZlci5jcHAKKysrIGIvU291cmNlL1dlYkNvcmUvTW9kdWxl cy9pbmRleGVkZGIvc2VydmVyL0lEQlNlcnZlci5jcHAKQEAgLTEzMiwxMCArMTMyLDExIEBAIHN0 ZDo6dW5pcXVlX3B0cjxJREJCYWNraW5nU3RvcmU+IElEQlNlcnZlcjo6Y3JlYXRlQmFja2luZ1N0 b3JlKGNvbnN0IElEQkRhdGFiYXNlCiB7CiAgICAgQVNTRVJUKCFpc01haW5UaHJlYWQoKSk7CiAK LSAgICBpZiAobV9kYXRhYmFzZURpcmVjdG9yeVBhdGguaXNFbXB0eSgpKQorICAgIGF1dG8gZGF0 YWJhc2VEaXJlY3RvcnlQYXRoID0gdGhpcy0+ZGF0YWJhc2VEaXJlY3RvcnlQYXRoKCk7CisgICAg aWYgKGRhdGFiYXNlRGlyZWN0b3J5UGF0aC5pc0VtcHR5KCkpCiAgICAgICAgIHJldHVybiBNZW1v cnlJREJCYWNraW5nU3RvcmU6OmNyZWF0ZShtX3Nlc3Npb25JRCwgaWRlbnRpZmllcik7CiAKLSAg ICByZXR1cm4gbWFrZVVuaXF1ZTxTUUxpdGVJREJCYWNraW5nU3RvcmU+KG1fc2Vzc2lvbklELCBp ZGVudGlmaWVyLCBtX2RhdGFiYXNlRGlyZWN0b3J5UGF0aCwgbV9iYWNraW5nU3RvcmVUZW1wb3Jh cnlGaWxlSGFuZGxlcik7CisgICAgcmV0dXJuIG1ha2VVbmlxdWU8U1FMaXRlSURCQmFja2luZ1N0 b3JlPihtX3Nlc3Npb25JRCwgaWRlbnRpZmllciwgZGF0YWJhc2VEaXJlY3RvcnlQYXRoLCBtX2Jh Y2tpbmdTdG9yZVRlbXBvcmFyeUZpbGVIYW5kbGVyKTsKIH0KIAogdm9pZCBJREJTZXJ2ZXI6Om9w ZW5EYXRhYmFzZShjb25zdCBJREJSZXF1ZXN0RGF0YSYgcmVxdWVzdERhdGEpCkBAIC00NjYsNyAr NDY3LDggQEAgdm9pZCBJREJTZXJ2ZXI6OmdldEFsbERhdGFiYXNlTmFtZXModWludDY0X3Qgc2Vy dmVyQ29ubmVjdGlvbklkZW50aWZpZXIsIGNvbnN0IFMKIAogdm9pZCBJREJTZXJ2ZXI6OnBlcmZv cm1HZXRBbGxEYXRhYmFzZU5hbWVzKHVpbnQ2NF90IHNlcnZlckNvbm5lY3Rpb25JZGVudGlmaWVy LCBjb25zdCBTZWN1cml0eU9yaWdpbkRhdGEmIG1haW5GcmFtZU9yaWdpbiwgY29uc3QgU2VjdXJp dHlPcmlnaW5EYXRhJiBvcGVuaW5nT3JpZ2luLCB1aW50NjRfdCBjYWxsYmFja0lEKQogewotICAg IFN0cmluZyBvbGREaXJlY3RvcnkgPSBJREJEYXRhYmFzZUlkZW50aWZpZXI6OmRhdGFiYXNlRGly ZWN0b3J5UmVsYXRpdmVUb1Jvb3QobWFpbkZyYW1lT3JpZ2luLCBvcGVuaW5nT3JpZ2luLCBtX2Rh dGFiYXNlRGlyZWN0b3J5UGF0aCwgInYwIik7CisgICAgYXV0byBkYXRhYmFzZURpcmVjdG9yeVBh dGggPSB0aGlzLT5kYXRhYmFzZURpcmVjdG9yeVBhdGgoKTsKKyAgICBTdHJpbmcgb2xkRGlyZWN0 b3J5ID0gSURCRGF0YWJhc2VJZGVudGlmaWVyOjpkYXRhYmFzZURpcmVjdG9yeVJlbGF0aXZlVG9S b290KG1haW5GcmFtZU9yaWdpbiwgb3BlbmluZ09yaWdpbiwgZGF0YWJhc2VEaXJlY3RvcnlQYXRo LCAidjAiKTsKICAgICBWZWN0b3I8U3RyaW5nPiBmaWxlcyA9IEZpbGVTeXN0ZW06Omxpc3REaXJl Y3Rvcnkob2xkRGlyZWN0b3J5LCAiKiJfcyk7CiAgICAgVmVjdG9yPFN0cmluZz4gZGF0YWJhc2Vz OwogICAgIGZvciAoYXV0byYgZmlsZSA6IGZpbGVzKSB7CkBAIC00NzQsNyArNDc2LDcgQEAgdm9p ZCBJREJTZXJ2ZXI6OnBlcmZvcm1HZXRBbGxEYXRhYmFzZU5hbWVzKHVpbnQ2NF90IHNlcnZlckNv bm5lY3Rpb25JZGVudGlmaWVyLAogICAgICAgICBkYXRhYmFzZXMuYXBwZW5kKFNRTGl0ZUlEQkJh Y2tpbmdTdG9yZTo6ZGF0YWJhc2VOYW1lRnJvbUVuY29kZWRGaWxlbmFtZShlbmNvZGVkTmFtZSkp OwogICAgIH0KIAotICAgIFN0cmluZyBkaXJlY3RvcnkgPSBJREJEYXRhYmFzZUlkZW50aWZpZXI6 OmRhdGFiYXNlRGlyZWN0b3J5UmVsYXRpdmVUb1Jvb3QobWFpbkZyYW1lT3JpZ2luLCBvcGVuaW5n T3JpZ2luLCBtX2RhdGFiYXNlRGlyZWN0b3J5UGF0aCwgInYxIik7CisgICAgU3RyaW5nIGRpcmVj dG9yeSA9IElEQkRhdGFiYXNlSWRlbnRpZmllcjo6ZGF0YWJhc2VEaXJlY3RvcnlSZWxhdGl2ZVRv Um9vdChtYWluRnJhbWVPcmlnaW4sIG9wZW5pbmdPcmlnaW4sIGRhdGFiYXNlRGlyZWN0b3J5UGF0 aCwgInYxIik7CiAgICAgZmlsZXMgPSBGaWxlU3lzdGVtOjpsaXN0RGlyZWN0b3J5KGRpcmVjdG9y eSwgIioiX3MpOwogICAgIGZvciAoYXV0byYgZmlsZSA6IGZpbGVzKSB7CiAgICAgICAgIGF1dG8g ZGF0YWJhc2VOYW1lID0gU1FMaXRlSURCQmFja2luZ1N0b3JlOjpkYXRhYmFzZU5hbWVGcm9tRmls ZShTUUxpdGVJREJCYWNraW5nU3RvcmU6OmZ1bGxEYXRhYmFzZVBhdGhGb3JEaXJlY3RvcnkoZmls ZSkpOwpAQCAtNjM5LDcgKzY0MSw3IEBAIHN0YXRpYyB2b2lkIHJlbW92ZUFsbERhdGFiYXNlc0Zv ck9yaWdpblBhdGgoY29uc3QgU3RyaW5nJiBvcmlnaW5QYXRoLCBXYWxsVGltZSBtCiAKIHZvaWQg SURCU2VydmVyOjpyZW1vdmVEYXRhYmFzZXNNb2RpZmllZFNpbmNlRm9yVmVyc2lvbihXYWxsVGlt ZSBtb2RpZmllZFNpbmNlLCBjb25zdCBTdHJpbmcmIHZlcnNpb24pCiB7Ci0gICAgU3RyaW5nIHZl cnNpb25QYXRoID0gRmlsZVN5c3RlbTo6cGF0aEJ5QXBwZW5kaW5nQ29tcG9uZW50KG1fZGF0YWJh c2VEaXJlY3RvcnlQYXRoLCB2ZXJzaW9uKTsKKyAgICBTdHJpbmcgdmVyc2lvblBhdGggPSBGaWxl U3lzdGVtOjpwYXRoQnlBcHBlbmRpbmdDb21wb25lbnQoZGF0YWJhc2VEaXJlY3RvcnlQYXRoKCks IHZlcnNpb24pOwogICAgIGZvciAoYXV0byYgb3JpZ2luUGF0aCA6IEZpbGVTeXN0ZW06Omxpc3RE aXJlY3RvcnkodmVyc2lvblBhdGgsICIqIikpIHsKICAgICAgICAgU3RyaW5nIGRhdGFiYXNlSWRl bnRpZmllciA9IEZpbGVTeXN0ZW06Omxhc3RDb21wb25lbnRPZlBhdGhJZ25vcmluZ1RyYWlsaW5n U2xhc2gob3JpZ2luUGF0aCk7CiAgICAgICAgIGlmIChhdXRvIHNlY3VyaXR5T3JpZ2luID0gU2Vj dXJpdHlPcmlnaW5EYXRhOjpmcm9tRGF0YWJhc2VJZGVudGlmaWVyKGRhdGFiYXNlSWRlbnRpZmll cikpCkBAIC02NDksNyArNjUxLDcgQEAgdm9pZCBJREJTZXJ2ZXI6OnJlbW92ZURhdGFiYXNlc01v ZGlmaWVkU2luY2VGb3JWZXJzaW9uKFdhbGxUaW1lIG1vZGlmaWVkU2luY2UsIGMKIAogdm9pZCBJ REJTZXJ2ZXI6OnBlcmZvcm1DbG9zZUFuZERlbGV0ZURhdGFiYXNlc01vZGlmaWVkU2luY2UoV2Fs bFRpbWUgbW9kaWZpZWRTaW5jZSwgdWludDY0X3QgY2FsbGJhY2tJRCkKIHsKLSAgICBpZiAoIW1f ZGF0YWJhc2VEaXJlY3RvcnlQYXRoLmlzRW1wdHkoKSkgeworICAgIGlmICghZGF0YWJhc2VEaXJl Y3RvcnlQYXRoKCkuaXNFbXB0eSgpKSB7CiAgICAgICAgIHJlbW92ZURhdGFiYXNlc01vZGlmaWVk U2luY2VGb3JWZXJzaW9uKG1vZGlmaWVkU2luY2UsICJ2MCIpOwogICAgICAgICByZW1vdmVEYXRh YmFzZXNNb2RpZmllZFNpbmNlRm9yVmVyc2lvbihtb2RpZmllZFNpbmNlLCAidjEiKTsKICAgICB9 CkBAIC02NTksNyArNjYxLDcgQEAgdm9pZCBJREJTZXJ2ZXI6OnBlcmZvcm1DbG9zZUFuZERlbGV0 ZURhdGFiYXNlc01vZGlmaWVkU2luY2UoV2FsbFRpbWUgbW9kaWZpZWRTaW4KIAogdm9pZCBJREJT ZXJ2ZXI6OnJlbW92ZURhdGFiYXNlc1dpdGhPcmlnaW5zRm9yVmVyc2lvbihjb25zdCBWZWN0b3I8 U2VjdXJpdHlPcmlnaW5EYXRhPiAmb3JpZ2lucywgY29uc3QgU3RyaW5nJiB2ZXJzaW9uKQogewot ICAgIFN0cmluZyB2ZXJzaW9uUGF0aCA9IEZpbGVTeXN0ZW06OnBhdGhCeUFwcGVuZGluZ0NvbXBv bmVudChtX2RhdGFiYXNlRGlyZWN0b3J5UGF0aCwgdmVyc2lvbik7CisgICAgU3RyaW5nIHZlcnNp b25QYXRoID0gRmlsZVN5c3RlbTo6cGF0aEJ5QXBwZW5kaW5nQ29tcG9uZW50KGRhdGFiYXNlRGly ZWN0b3J5UGF0aCgpLCB2ZXJzaW9uKTsKICAgICBmb3IgKGNvbnN0IGF1dG8mIG9yaWdpbiA6IG9y aWdpbnMpIHsKICAgICAgICAgU3RyaW5nIG9yaWdpblBhdGggPSBGaWxlU3lzdGVtOjpwYXRoQnlB cHBlbmRpbmdDb21wb25lbnQodmVyc2lvblBhdGgsIG9yaWdpbi5kYXRhYmFzZUlkZW50aWZpZXIo KSk7CiAgICAgICAgIHJlbW92ZUFsbERhdGFiYXNlc0Zvck9yaWdpblBhdGgob3JpZ2luUGF0aCwg LVdhbGxUaW1lOjppbmZpbml0eSgpKTsKQEAgLTY3Myw3ICs2NzUsNyBAQCB2b2lkIElEQlNlcnZl cjo6cmVtb3ZlRGF0YWJhc2VzV2l0aE9yaWdpbnNGb3JWZXJzaW9uKGNvbnN0IFZlY3RvcjxTZWN1 cml0eU9yaWdpbgogICAgIAogdm9pZCBJREJTZXJ2ZXI6OnBlcmZvcm1DbG9zZUFuZERlbGV0ZURh dGFiYXNlc0Zvck9yaWdpbnMoY29uc3QgVmVjdG9yPFNlY3VyaXR5T3JpZ2luRGF0YT4mIG9yaWdp bnMsIHVpbnQ2NF90IGNhbGxiYWNrSUQpCiB7Ci0gICAgaWYgKCFtX2RhdGFiYXNlRGlyZWN0b3J5 UGF0aC5pc0VtcHR5KCkpIHsKKyAgICBpZiAoIWRhdGFiYXNlRGlyZWN0b3J5UGF0aCgpLmlzRW1w dHkoKSkgewogICAgICAgICByZW1vdmVEYXRhYmFzZXNXaXRoT3JpZ2luc0ZvclZlcnNpb24ob3Jp Z2lucywgInYwIik7CiAgICAgICAgIHJlbW92ZURhdGFiYXNlc1dpdGhPcmlnaW5zRm9yVmVyc2lv bihvcmlnaW5zLCAidjEiKTsKICAgICB9CkBAIC03NjcsOCArNzY5LDkgQEAgdm9pZCBJREJTZXJ2 ZXI6OmNvbXB1dGVTcGFjZVVzZWRGb3JPcmlnaW4oY29uc3QgQ2xpZW50T3JpZ2luJiBvcmlnaW4p CiB7CiAgICAgQVNTRVJUKCFpc01haW5UaHJlYWQoKSk7CiAKLSAgICBhdXRvIG9sZFZlcnNpb25P cmlnaW5EaXJlY3RvcnkgPSBJREJEYXRhYmFzZUlkZW50aWZpZXI6OmRhdGFiYXNlRGlyZWN0b3J5 UmVsYXRpdmVUb1Jvb3Qob3JpZ2luLnRvcE9yaWdpbiwgb3JpZ2luLmNsaWVudE9yaWdpbiwgbV9k YXRhYmFzZURpcmVjdG9yeVBhdGgsICJ2MCIpOwotICAgIGF1dG8gbmV3VmVyc2lvbk9yaWdpbkRp cmVjdG9yeSA9IElEQkRhdGFiYXNlSWRlbnRpZmllcjo6ZGF0YWJhc2VEaXJlY3RvcnlSZWxhdGl2 ZVRvUm9vdChvcmlnaW4udG9wT3JpZ2luLCBvcmlnaW4uY2xpZW50T3JpZ2luLCBtX2RhdGFiYXNl RGlyZWN0b3J5UGF0aCwgInYxIik7CisgICAgYXV0byBkYXRhYmFzZURpcmVjdG9yeVBhdGggPSB0 aGlzLT5kYXRhYmFzZURpcmVjdG9yeVBhdGgoKTsKKyAgICBhdXRvIG9sZFZlcnNpb25PcmlnaW5E aXJlY3RvcnkgPSBJREJEYXRhYmFzZUlkZW50aWZpZXI6OmRhdGFiYXNlRGlyZWN0b3J5UmVsYXRp dmVUb1Jvb3Qob3JpZ2luLnRvcE9yaWdpbiwgb3JpZ2luLmNsaWVudE9yaWdpbiwgZGF0YWJhc2VE aXJlY3RvcnlQYXRoLCAidjAiKTsKKyAgICBhdXRvIG5ld1ZlcnNpb25PcmlnaW5EaXJlY3Rvcnkg PSBJREJEYXRhYmFzZUlkZW50aWZpZXI6OmRhdGFiYXNlRGlyZWN0b3J5UmVsYXRpdmVUb1Jvb3Qo b3JpZ2luLnRvcE9yaWdpbiwgb3JpZ2luLmNsaWVudE9yaWdpbiwgZGF0YWJhc2VEaXJlY3RvcnlQ YXRoLCAidjEiKTsKICAgICBhdXRvIHNpemUgPSBTUUxpdGVJREJCYWNraW5nU3RvcmU6OmRhdGFi YXNlc1NpemVGb3JGb2xkZXIob2xkVmVyc2lvbk9yaWdpbkRpcmVjdG9yeSkgKyBTUUxpdGVJREJC YWNraW5nU3RvcmU6OmRhdGFiYXNlc1NpemVGb3JGb2xkZXIobmV3VmVyc2lvbk9yaWdpbkRpcmVj dG9yeSk7CiAKICAgICBwb3N0RGF0YWJhc2VUYXNrUmVwbHkoY3JlYXRlQ3Jvc3NUaHJlYWRUYXNr KCp0aGlzLCAmSURCU2VydmVyOjpmaW5pc2hDb21wdXRpbmdTcGFjZVVzZWRGb3JPcmlnaW4sIG9y aWdpbiwgc2l6ZSkpOwpAQCAtODEzLDEwICs4MTYsMTEgQEAgdm9pZCBJREJTZXJ2ZXI6OmRlY3Jl YXNlUG90ZW50aWFsU3BhY2VVc2VkKGNvbnN0IENsaWVudE9yaWdpbiYgb3JpZ2luLCB1aW50NjRf dAogCiB2b2lkIElEQlNlcnZlcjo6dXBncmFkZUZpbGVzSWZOZWNlc3NhcnkoKQogewotICAgIGlm IChtX2RhdGFiYXNlRGlyZWN0b3J5UGF0aC5pc0VtcHR5KCkgfHwgIUZpbGVTeXN0ZW06OmZpbGVF eGlzdHMobV9kYXRhYmFzZURpcmVjdG9yeVBhdGgpKQorICAgIGF1dG8gZGF0YWJhc2VEaXJlY3Rv cnlQYXRoID0gdGhpcy0+ZGF0YWJhc2VEaXJlY3RvcnlQYXRoKCk7CisgICAgaWYgKGRhdGFiYXNl RGlyZWN0b3J5UGF0aC5pc0VtcHR5KCkgfHwgIUZpbGVTeXN0ZW06OmZpbGVFeGlzdHMoZGF0YWJh c2VEaXJlY3RvcnlQYXRoKSkKICAgICAgICAgcmV0dXJuOwogCi0gICAgU3RyaW5nIG5ld1ZlcnNp b25EaXJlY3RvcnkgPSBGaWxlU3lzdGVtOjpwYXRoQnlBcHBlbmRpbmdDb21wb25lbnQobV9kYXRh YmFzZURpcmVjdG9yeVBhdGgsICJ2MSIpOworICAgIFN0cmluZyBuZXdWZXJzaW9uRGlyZWN0b3J5 ID0gRmlsZVN5c3RlbTo6cGF0aEJ5QXBwZW5kaW5nQ29tcG9uZW50KGRhdGFiYXNlRGlyZWN0b3J5 UGF0aCwgInYxIik7CiAgICAgaWYgKCFGaWxlU3lzdGVtOjpmaWxlRXhpc3RzKG5ld1ZlcnNpb25E aXJlY3RvcnkpKQogICAgICAgICBGaWxlU3lzdGVtOjptYWtlQWxsRGlyZWN0b3JpZXMobmV3VmVy c2lvbkRpcmVjdG9yeSk7CiB9CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9Nb2R1bGVzL2lu ZGV4ZWRkYi9zZXJ2ZXIvSURCU2VydmVyLmggYi9Tb3VyY2UvV2ViQ29yZS9Nb2R1bGVzL2luZGV4 ZWRkYi9zZXJ2ZXIvSURCU2VydmVyLmgKaW5kZXggOWU2YTQ1ZDJjY2Q1OGI0ZTEzOWUyN2Q5NDc4 YTFkNmU5MTJkNmE5Yi4uYzY1M2RmZDNlNGY3M2I0MmQzNzhkOGQwNDM2NjYzYjkwYWE3MGUxNCAx MDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvTW9kdWxlcy9pbmRleGVkZGIvc2VydmVyL0lEQlNl cnZlci5oCisrKyBiL1NvdXJjZS9XZWJDb3JlL01vZHVsZXMvaW5kZXhlZGRiL3NlcnZlci9JREJT ZXJ2ZXIuaApAQCAtMTI5LDYgKzEyOSw4IEBAIHByaXZhdGU6CiAgICAgSURCU2VydmVyKFBBTDo6 U2Vzc2lvbklELCBjb25zdCBTdHJpbmcmIGRhdGFiYXNlRGlyZWN0b3J5UGF0aCwgSURCQmFja2lu Z1N0b3JlVGVtcG9yYXJ5RmlsZUhhbmRsZXImLCBRdW90YU1hbmFnZXJHZXR0ZXImJik7CiAKICAg ICBVbmlxdWVJREJEYXRhYmFzZSYgZ2V0T3JDcmVhdGVVbmlxdWVJREJEYXRhYmFzZShjb25zdCBJ REJEYXRhYmFzZUlkZW50aWZpZXImKTsKKyAgICAKKyAgICBTdHJpbmcgZGF0YWJhc2VEaXJlY3Rv cnlQYXRoKCkgY29uc3QgeyByZXR1cm4gbV9kYXRhYmFzZURpcmVjdG9yeVBhdGguaXNvbGF0ZWRD b3B5KCk7IH0KIAogICAgIHZvaWQgcGVyZm9ybUdldEFsbERhdGFiYXNlTmFtZXModWludDY0X3Qg c2VydmVyQ29ubmVjdGlvbklkZW50aWZpZXIsIGNvbnN0IFNlY3VyaXR5T3JpZ2luRGF0YSYgbWFp bkZyYW1lT3JpZ2luLCBjb25zdCBTZWN1cml0eU9yaWdpbkRhdGEmIG9wZW5pbmdPcmlnaW4sIHVp bnQ2NF90IGNhbGxiYWNrSUQpOwogICAgIHZvaWQgZGlkR2V0QWxsRGF0YWJhc2VOYW1lcyh1aW50 NjRfdCBzZXJ2ZXJDb25uZWN0aW9uSWRlbnRpZmllciwgdWludDY0X3QgY2FsbGJhY2tJRCwgY29u c3QgVmVjdG9yPFN0cmluZz4mIGRhdGFiYXNlTmFtZXMpOwo=