-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wasm_valtype_delete causes double-free crash #3949
Comments
Look like it's first freed in a rust map iterator. |
Can you share how your embedding calls the C API? Some methods are documented as taking ownership of their arguments which means that the free is done for you and would cause a double-free if you otherwise try to free again. |
The code is used there: Do you mean wasm_valtype_vec_new or wasm_functype_new will take the ownership? |
Looks like the documentation here is lacking but as the function indicates the |
Thanks for your reply. Would you mind me updating the doc? wasmtime/crates/c-api/include/doc-wasm.h Line 358 in e68aa99
|
Thanks for filing a bug report! Please fill out the TODOs below.
Note: if you want to report a security issue, please read our security policy!
Test Case
When I upgraded wasmtime from v0.30.0 to 0.35.1, the ci of wasm-nginx-module failed because of a double-free error:
https://github.com/api7/wasm-nginx-module/runs/5624165257?check_suite_focus=true
Steps to Reproduce
The double-free error is caused by
wasm_valtype_delete
a valtype returned bywasm_valtype_new
. After I remove thewasm_valtype_delete
, everything works again.However, according to the doc,
wasmtime/crates/c-api/include/doc-wasm.h
Lines 292 to 296 in e68aa99
So look like I should keep the call of
wasm_valtype_delete
?The call of
wasm_valtype_delete
is fine under 0.30.0.Not sure if it is a break change during 0.30.0 to 0.35.1.
Expected Results
The same code works well with 0.35.1
Actual Results
Here is the full backtrace of double-free crash:
Versions and Environment
Wasmtime version or commit: 0.35.1
Operating system: Ubuntu 20.04
Architecture: x86
The text was updated successfully, but these errors were encountered: