iOS 12 Safari Array reverse bug
I can also see the bug on macOS with Safari 12.0.
I find it quite worrying that devs already wrote a lib to fix the issue but didn't fill a bug report to Apple and shared it on SO. Anyway, a trendy HN post might be enough to get the attention of some Apple devs and I've pinged a dev just in case: https://twitter.com/ArmandGrillet/status/1042339847384518656
And now we'll have array-reverse-polyfill showing up as a 6th-level npm dependency on our projects for years to come.
It appears this was already reported and fixed in WebKit - https://bugs.webkit.org/show_bug.cgi?id=188794 but not specifically for the Safari browser.
This bug is very much like the most common mistake I see on Common Lisp stack overflow where one tries to mutate constant (quoted) data.
However JavaScript has no similar notion of constant data but implementations try to infer it as an optimisation. In this case that inference was wrong.
I think the memory structure looks something like:
arr -> box1 -> 1,2,3,4
arr -> box1 -> 4,3,2,1
arr -> box2 -> 4,3,2,1
1. arr -> box1 -> loc1: 1,2,3,4
2. Reverse
3. arr -> box1 -> loc2: 4,3,2,1
4. Refresh
5. arr -> box2 -> loc1: 1,2,3,4
The weirdest thing about this is the fact that the bug occurs after a page reload. Does safari cache jit code and the javascript heap/objects between pageloads?
I think Apple has to consider separating Safari (and other bundled apps) from the iOS release so that users can update a quick fix through the App Store without waiting for a new iOS update.
There was a serious WebAssembly regression in iOS 11.2 that makes wasm effectively useless [1]. Devs had to disable wasm and wait for months until iOS 11.3 is released.
Apple never releases a iOS hot fix just for a single Safari bug. Then why Apple don't let users to update Safari separately?
Bug does not trigger on "Safari Technology Preview Release 65 (Safari 12.1, WebKit 13607.1.5.2)" on macOS 10.13.6. Fixed already, or not yet introduced?
This sounds like a very bad bug, I wonder how bad it is "in the wild".
I wonder if `splice`, `shift`, `unshift` and other methods that modify arrays in-place are also affected.
Woah. I think I ran into this last night after updating to Safari 12 on macOS. I was typing my message into messenger.com (facebook messenger), and all of my typing was reversed. I even took a photo of it
I'm not seeing Safari 12 in the App Store (macOS 10.13.6). I wonder if they pulled the update because of this? I have Safari 11 still but my colleague got Safari 12 through the App Store.
Isn't this part of the faster loading that some Web browsers do? Essentially the idea is that the browser muddies the idea of a closed page in favour of being able to restore it faster.
Should we hold off on updating then?
>I wrote a lib to fix the bug. https://www.npmjs.com/package/array-reverse-polyfill
everyday we stray further from god
Fixed. Scheduled. Coming to iOS 15 in 2022...
Does Apple not believe in unit tests or something? This and the password login bug from a few months ago make me pretty concerned.
Now they will release iOS 13 for this :)
Ironically, I got an ad banner for Apple at the top of this page. Saying "Engineer in Europe. Innovate at Apple."
However, this bug sounds pretty serious! :-S
Finally we've discovered why people are asked in interviews to reverse an array.