-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getter/setter attribute on functions that take self causes memory access out of bounds. #2168
Labels
Comments
MashPlant
changed the title
Getter/setter attribute on functions that takes self causes memory access out of bounds.
Getter/setter attribute on functions that take self causes memory access out of bounds.
May 29, 2020
alexcrichton
added a commit
to alexcrichton/wasm-bindgen
that referenced
this issue
May 29, 2020
Make sure they reset their internal pointer to null after we call Rust since it invalidates the Rust pointer after being called! Closes rustwasm#2168
Thanks for the report! I've filed a fix for this at #2172 |
alexcrichton
added a commit
that referenced
this issue
May 29, 2020
Make sure they reset their internal pointer to null after we call Rust since it invalidates the Rust pointer after being called! Closes #2168
Perseus101
pushed a commit
to Perseus101/wasm-bindgen
that referenced
this issue
Jun 7, 2020
Make sure they reset their internal pointer to null after we call Rust since it invalidates the Rust pointer after being called! Closes rustwasm#2168
It seems this problem still alive |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps to Reproduce
It should be easy to reproduce in the simplest context. First create an normal empty
wasm-pack
project usingcargo generate
or write it by hand, then write the following code inlib.rs
:Then (after some configuration in
package.json
or something else) in your frontendindex.js
, write the following code:Start it and test in the browser.
Expected Behavior
Like when without
#[wasm_bindgen(getter)]
, reporting null pointer exception:Actual Behavior
You may actually get:
According to the experience of other static languages, such memory error cannot always be caught and reported. In another project of mine, I have succeed in fetching trash data using such method, but that context is quite complex and hard to reproduce.
Additional Context
Actually I have fully understood the reason of the bug, the related source code is located at
wasm-bindgen/crates/cli-support/src/js/mod.rs
Line 2193 in 87663c6
Here if the function is marked as a getter/setter, the generated JS won't assign 0 to
this.ptr
after the call, while the WASM side will free the memory, so here comes the memory access out of boundsThe text was updated successfully, but these errors were encountered: