238442 – SharedArrayBuffers do not get cloned on some messaging APIs

Bug 238442 - SharedArrayBuffers do not get cloned on some messaging APIs

Summary: SharedArrayBuffers do not get cloned on some messaging APIs

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	Safari 15
Hardware:	Mac (Intel) macOS 11

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-03-28 03:31 PDT by roberto.vidal
Modified:	2023-03-17 09:38 PDT (History)
CC List:	7 users (show)

See Also:

Attachments
reproduction with visible console and Safari version (379.82 KB, image/png) 2022-03-28 03:31 PDT, roberto.vidal	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description roberto.vidal 2022-03-28 03:31:51 PDT

Created attachment 455893 [details]
reproduction with visible console and Safari version

Example repro: https://github.com/jrvidal/message-port-repro/tree/master/clone
Working deployment: https://sab-clone.herokuapp.com/

When sending a message containing a `SharedArrayBuffer`, the receiving end sometimes receives a regular, deep copied `ArrayBuffer` instead of a proper clone pointing to the same bytes.

In the example provided, it can be consistently reproduced when posting a message through a `MessagePort` or a `BroadcastChannel`.

Comment 1 Radar WebKit Bug Importer 2022-03-28 06:39:49 PDT

<rdar://problem/90919367>

Comment 2 Ahmad Saleem 2022-09-13 15:58:21 PDT

All browsers result:

*** Safari 16 on macOS 12.6 ***

from worker - SharedArrayBuffer (length 10)
from broadcast - ArrayBuffer (length 10)
from port - ArrayBuffer (length 10)

*** Safari Technology Preview 153 ***

from worker - SharedArrayBuffer (length 10)
from broadcast - ArrayBuffer (length 10)
from port - ArrayBuffer (length 10)

*** Chrome Canary 107 ***

from worker - SharedArrayBuffer (length 10)
from broadcast - null
from port - SharedArrayBuffer (length 10)

*** Firefox Nightly 106 ***

Did not get anything in Console

_______

Just wanted to share updated status. Thanks!

Comment 3 Sam Verschueren 2023-03-17 03:16:40 PDT

I've just tested this again in Safari Technology Preview and this seems to be fixed.

from worker - SharedArrayBuffer (length 10)
from broadcast - SharedArrayBuffer (length 10)
from port - SharedArrayBuffer (length 10)

However, it's weird that Safari sends the SAB over a broadcast channel while Chrome receives `null`. So maybe that's still a bug.

Comment 4 Yusuke Suzuki 2023-03-17 09:35:32 PDT

(In reply to Sam Verschueren from comment #3)
> I've just tested this again in Safari Technology Preview and this seems to
> be fixed.
> 
> from worker - SharedArrayBuffer (length 10)
> from broadcast - SharedArrayBuffer (length 10)
> from port - SharedArrayBuffer (length 10)
> 
> However, it's weird that Safari sends the SAB over a broadcast channel while
> Chrome receives `null`. So maybe that's still a bug.

Isn't it a Chrome bug?
CC @Chris.

Comment 5 Sam Verschueren 2023-03-17 09:38:23 PDT

Yes this might be on Chrome actually. In Firefox it’s also a SharedArrayBuffer. Not sure what the spec says about it, but my assumption is that it should be a SAB instead of null.