From: stephan <stephan@noemail.net>
Date: Fri, 4 Aug 2023 08:45:25 +0000 (+0000)
Subject: Resolve the timing/ordering issue of a JS-to-WASM-converted xDestroy() function being... 
X-Git-Tag: version-3.43.0~69
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a24769454e2ddd05d543d9b3cf20401cf6c43bdb;p=thirdparty%2Fsqlite.git

Resolve the timing/ordering issue of a JS-to-WASM-converted xDestroy() function being uninstalled from WASM right before the underlying native call tries to call it. This has been a long-unnoticed bug which appears only when removing such functions or replacing them.

FossilOrigin-Name: 031c9a76b6ad1572e7a88f4d2d62f206b0d37bd1170e2c8a24248c5ec628f2f5
---

diff --git a/ext/wasm/common/whwasmutil.js b/ext/wasm/common/whwasmutil.js
index 4a6934f71b..0437ef35d8 100644
--- a/ext/wasm/common/whwasmutil.js
+++ b/ext/wasm/common/whwasmutil.js
@@ -613,8 +613,6 @@ globalThis.WhWasmUtilInstaller = function(target){
   target.installFunction = (func, sig)=>__installFunction(func, sig, false);
 
   /**
-     EXPERIMENTAL! DO NOT USE IN CLIENT CODE!
-
      Works exactly like installFunction() but requires that a
      scopedAllocPush() is active and uninstalls the given function
      when that alloc scope is popped via scopedAllocPop().
@@ -1722,7 +1720,18 @@ globalThis.WhWasmUtilInstaller = function(target){
               FuncPtrAdapter.debugOut("FuncPtrAdapter uninstalling", this,
                                       this.contextKey(argv,argIndex), '@'+pair[1], v);
             }
-            try{target.uninstallFunction(pair[1])}
+            try{
+              /* Because the pending native call might rely on the
+                 pointer we're replacing, e.g. as is normally the case
+                 with sqlite3's xDestroy() methods, we don't
+                 immediately uninstall but instead add its pointer to
+                 the scopedAlloc stack, which will be cleared when the
+                 xWrap() mechanism is done calling the native
+                 function. We're relying very much here on xWrap()
+                 having pushed an alloc scope.
+              */
+              cache.scopedAlloc[cache.scopedAlloc.length-1].push(pair[1]);
+            }
             catch(e){/*ignored*/}
           }
           pair[0] = v;
diff --git a/manifest b/manifest
index 8653f8ede4..61c082d24f 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Part\s2\sof\sthe\sfix\sfrom\s[a0f808363318c00fd1db78b].
-D 2023-08-04T08:41:55.716
+C Resolve\sthe\stiming/ordering\sissue\sof\sa\sJS-to-WASM-converted\sxDestroy()\sfunction\sbeing\suninstalled\sfrom\sWASM\sright\sbefore\sthe\sunderlying\snative\scall\stries\sto\scall\sit.\sThis\shas\sbeen\sa\slong-unnoticed\sbug\swhich\sappears\sonly\swhen\sremoving\ssuch\sfunctions\sor\sreplacing\sthem.
+D 2023-08-04T08:45:25.667
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -518,7 +518,7 @@ F ext/wasm/c-pp.c 6d80d8569d85713effe8b0818a3cf51dc779e3f0bf8dc88771b8998552ee25
 F ext/wasm/common/SqliteTestUtil.js 7adaeffef757d8708418dc9190f72df22367b531831775804b31598b44f6aa51
 F ext/wasm/common/emscripten.css 11bd104b6c0d597c67d40cc8ecc0a60dae2b965151e3b6a37fa5708bac3acd15
 F ext/wasm/common/testing.css e97549bab24126c24e0daabfe2de9bb478fb0a69fdb2ddd0a73a992c091aad6f
-F ext/wasm/common/whwasmutil.js d7e07b1fc92ac19d341ef9522b1f5059bce1e7f5ee53381c66fda8d2f09803ae
+F ext/wasm/common/whwasmutil.js 4c64594eecc7af4ae64259e95a71ba2a7edf118881aaff0bba86d0c7164e78e4
 F ext/wasm/demo-123-worker.html a0b58d9caef098a626a1a1db567076fca4245e8d60ba94557ede8684350a81ed
 F ext/wasm/demo-123.html 8c70a412ce386bd3796534257935eb1e3ea5c581e5d5aea0490b8232e570a508
 F ext/wasm/demo-123.js 38aa8faec4d0ace1c973bc8a7a1533584463ebeecd4c420daa7d9687beeb9cb5
@@ -2049,9 +2049,9 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 65a8716d8a1b7c5cffe9cdd25e4cbfa6528fcb146ff0fe67b0ce771b0537473d
-Q +ce0674b1925138f8f878b11aae0f8420bd968df0959f6dd7e208fb84bcbad07e
-R f31eaa202d402d0cb9f28c3fcacef5ec
+P 5c3104228d75c8fafbe24e46623777f3a8647f1b50267af61d46f7fad0e0434e
+Q +a0f808363318c00fd1db78b4271cef8d05a046a36aab1a383e731e40603c6e2a
+R 43f2275aafa347432491f9b0d0f83ec3
 U stephan
-Z ae593bdf056165949851304ee1f109ec
+Z 2651c93f688aecea6ca1abbac25973e2
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index 41889df033..ebcb9a470e 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-5c3104228d75c8fafbe24e46623777f3a8647f1b50267af61d46f7fad0e0434e
\ No newline at end of file
+031c9a76b6ad1572e7a88f4d2d62f206b0d37bd1170e2c8a24248c5ec628f2f5
\ No newline at end of file