Bug 258762 - www/chromium: Serious typed array initialization problem 92.0.4515.159 (Official Build) (64-bit)
Summary: www/chromium: Serious typed array initialization problem 92.0.4515.159 (Offi...
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: freebsd-chromium (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-28 14:45 UTC by jschachter@spendata.com
Modified: 2022-03-28 20:40 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (chromium)

Attachments
HTML file with javascrpt that reproduces the bug (777 bytes, text/html)
2021-09-28 14:45 UTC, jschachter@spendata.com 		no flags Details
Same repro rewritten for convenience (953 bytes, text/html)
2021-10-02 04:37 UTC, Alex S 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jschachter@spendata.com 2021-09-28 14:45:08 UTC 
Created attachment 228233 [details]
HTML file with javascrpt that reproduces the bug

Typed arrays are being initialized filled with garbage, not zeros.

For example:

var r = new Int32Array(38);
r
Int32Array(38) [-399179776, -1610579712, 399179775, 1610579711, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]


See attached html file with javascript within for a test case.

To reproduce the bug, open Chromium, then open devtools.  Load the attached HTML page.  It will give you instructions, which boil down to executing the above two commands, then refreshing the page and repeating until you find that the array "r" was initialized with garbage.

This is a show-stopping bug:  My company's complex javascript application completely fails to run because its data arrays get corrupted as above.
Comment 1 jschachter@spendata.com 2021-09-28 14:50:21 UTC 
uname -a 

FreeBSD [machine.name] 12.2-RELEASE-p10 FreeBSD 12.2-RELEASE-p10 #2 r367038M: Tue Sep 28 08:28:54 EDT 2021     root@[machine.name]:/usr/obj/usr/src/amd64.amd64/sys/GENERIC  amd64
Comment 2 jschachter@spendata.com 2021-09-28 20:27:13 UTC 
Sorry that was typed in haste... "It will give you instructions..." means "Please see the console log".
Comment 3 Alex S 2021-10-02 04:37:21 UTC 
Created attachment 228345 [details]
Same repro rewritten for convenience

This should be a bit more appropriate.
Comment 4 Matthias Wolf 2021-10-04 16:31:48 UTC 
Seems to be reproducible in v92, will test it with v94 when porting is done, and try to chase it there.
Comment 5 jschachter@spendata.com 2021-11-12 18:45:45 UTC 
Any update on this?
Comment 6 Robert Nagy 2022-03-16 12:21:55 UTC 
(In reply to jschachter@spendata.com from comment #5)

Unable to reproduce anymore with the reproducer.
Please re-test.
Comment 7 jschachter@spendata.com 2022-03-28 20:40:34 UTC 
I can confirm that Chromium 99.0.4844.82 works fine now.  Not only does the bug no longer happen in Alex's repro code, but my company's javascript application works 100% again.

Thanks to whomever fixed this!