It should be easy to reproduce in the simplest context. First create an normal empty wasm-pack project using cargo generate or write it by hand, then write the following code in lib.rs:
Then (after some configuration in package.json or something else) in your frontend index.js, write the following code:
import { Answer } from '<the project name>';
let answer = Answer.new();
console.log(answer.the_answer);
console.log(answer.the_answer);
Start it and test in the browser.
Expected Behavior
Like when without #[wasm_bindgen(getter)], reporting null pointer exception:
Error importing `index.js`: Error: null pointer passed to rust
Actual Behavior
You may actually get:
Error importing `index.js`: RuntimeError: memory access out of bounds
According to the experience of other static languages, such memory error cannot always be caught and reported. In another project of mine, I have succeed in fetching trash data using such method, but that context is quite complex and hard to reproduce.
Here if the function is marked as a getter/setter, the generated JS won't assign 0 to this.ptr after the call, while the WASM side will free the memory, so here comes the memory access out of bounds
Steps to Reproduce
It should be easy to reproduce in the simplest context. First create an normal empty
wasm-pack
project usingcargo generate
or write it by hand, then write the following code inlib.rs
:Then (after some configuration in
package.json
or something else) in your frontendindex.js
, write the following code:Start it and test in the browser.
Expected Behavior
Like when without
#[wasm_bindgen(getter)]
, reporting null pointer exception:Actual Behavior
You may actually get:
According to the experience of other static languages, such memory error cannot always be caught and reported. In another project of mine, I have succeed in fetching trash data using such method, but that context is quite complex and hard to reproduce.
Additional Context
Actually I have fully understood the reason of the bug, the related source code is located at https://github.com/rustwasm/wasm-bindgen/blob/87663c6d2a442d98b3d8ea6242f20c5c21fc0174/crates/cli-support/src/js/mod.rs#L2193 .
Here if the function is marked as a getter/setter, the generated JS won't assign 0 to
this.ptr
after the call, while the WASM side will free the memory, so here comes the memory access out of bounds