Passing a string to wasm fails if the allocated pointer is above 2GB

[nornagon]

Describe the Bug

In passStringToWasm, the value returned from malloc is assumed to be positive. However, if malloc returns a pointer to memory at an address higher than 0x7fffffff (2 GB), the returned value will be negative, because JavaScript interprets the integer as unsigned. This results in out-of-bounds errors.

Steps to Reproduce

Self-contained repro: repro.tar.gz

mkdir repro-wasm-bindgen-2gb-limit && cd repro-wasm-bindgen-2gb-limit
curl -L https://github.com/rustwasm/wasm-bindgen/files/10749253/repro.tar.gz | tar xv
wasm-pack build --target nodejs
node test.cjs

test.cjs:

const wasm = require('./pkg/tmp2')

wasm.allocate(1 * 1024 * 1024 * 1024)
console.log(wasm.give_me_strings('aoeu')) // Prints 97
wasm.allocate(1 * 1024 * 1024 * 1024 - 1024 * 1024)
console.log(wasm.give_me_strings('aoeu')) // Prints 0

Expected Behavior

give_me_strings should print 97 both times

Actual Behavior

$ node test.cjs
97
0

Additional Context

Relevant blog post: https://v8.dev/blog/4gb-wasm-memory

Editing the passStringToWasm0 binding code to run the malloc return value through >>> 0 to force it to be unsigned fixes the issue.

[daxpedda]

I believe this was fixed by #3310.