[Bug 258762] www/chromium: Serious typed array initialization problem 92.0.4515.159 (Official Build) (64-bit)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 28 Sep 2021 14:45:08 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258762
Bug ID: 258762
Summary: www/chromium: Serious typed array initialization
problem 92.0.4515.159 (Official Build) (64-bit)
Product: Ports & Packages
Version: Latest
Hardware: amd64
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: chromium@FreeBSD.org
Reporter: jschachter@spendata.com
Assignee: chromium@FreeBSD.org
Flags: maintainer-feedback?(chromium@FreeBSD.org)
Created attachment 228233
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=228233&action=edit
HTML file with javascrpt that reproduces the bug
Typed arrays are being initialized filled with garbage, not zeros.
For example:
var r = new Int32Array(38);
r
Int32Array(38) [-399179776, -1610579712, 399179775, 1610579711, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0]
See attached html file with javascript within for a test case.
To reproduce the bug, open Chromium, then open devtools. Load the attached
HTML page. It will give you instructions, which boil down to executing the
above two commands, then refreshing the page and repeating until you find that
the array "r" was initialized with garbage.
This is a show-stopping bug: My company's complex javascript application
completely fails to run because its data arrays get corrupted as above.
--
You are receiving this mail because:
You are the assignee for the bug.