From: stephan <stephan@noemail.net>
Date: Thu, 3 Aug 2023 18:46:44 +0000 (+0000)
Subject: Resolve the timing/ordering issue of a JS-to-WASM-converted xDestroy() function being... 
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e5af3c1cc5103ffd78d6fc54a1ce860c9ea0f7e3;p=thirdparty%2Fsqlite.git

Resolve the timing/ordering issue of a JS-to-WASM-converted xDestroy() function being uninstalled from WASM right before the underlying native call tries to call it. This has been a long-unnoticed bug which appears only when removing such functions or replacing then.

FossilOrigin-Name: a0f808363318c00fd1db78b4271cef8d05a046a36aab1a383e731e40603c6e2a
---

diff --git a/ext/wasm/common/whwasmutil.js b/ext/wasm/common/whwasmutil.js
index 4b0a78582f..8e69132d5c 100644
--- a/ext/wasm/common/whwasmutil.js
+++ b/ext/wasm/common/whwasmutil.js
@@ -613,8 +613,6 @@ globalThis.WhWasmUtilInstaller = function(target){
   target.installFunction = (func, sig)=>__installFunction(func, sig, false);
 
   /**
-     EXPERIMENTAL! DO NOT USE IN CLIENT CODE!
-
      Works exactly like installFunction() but requires that a
      scopedAllocPush() is active and uninstalls the given function
      when that alloc scope is popped via scopedAllocPop().
@@ -1723,7 +1721,18 @@ globalThis.WhWasmUtilInstaller = function(target){
               FuncPtrAdapter.debugOut("FuncPtrAdapter uninstalling", this,
                                       this.contextKey(argv,argIndex), '@'+pair[1], v);
             }
-            try{target.uninstallFunction(pair[1])}
+            try{
+              /* Because the pending native call might rely on the
+                 pointer we're replacing, e.g. as is normally the case
+                 with sqlite3's xDestroy() methods, we don't
+                 immediately uninstall but instead add its pointer to
+                 the scopedAlloc stack, which will be cleared when the
+                 xWrap() mechanism is done calling the native
+                 function. We're relying very much here on xWrap()
+                 having pushed an alloc scope.
+              */
+              cache.scopedAlloc[cache.scopedAlloc.length-1].push(pair[1]);
+            }
             catch(e){/*ignored*/}
           }
           pair[0] = v;
diff --git a/manifest b/manifest
index f1cc885586..183bde6fb0 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C More\sinfrastructure\stowards\sbinding\sFTS5\scustomization\ssupport\sto\sWASM.
-D 2023-08-03T16:21:24.022
+C Resolve\sthe\stiming/ordering\sissue\sof\sa\sJS-to-WASM-converted\sxDestroy()\sfunction\sbeing\suninstalled\sfrom\sWASM\sright\sbefore\sthe\sunderlying\snative\scall\stries\sto\scall\sit.\sThis\shas\sbeen\sa\slong-unnoticed\sbug\swhich\sappears\sonly\swhen\sremoving\ssuch\sfunctions\sor\sreplacing\sthen.
+D 2023-08-03T18:46:44.153
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -520,7 +520,7 @@ F ext/wasm/c-pp.c 6d80d8569d85713effe8b0818a3cf51dc779e3f0bf8dc88771b8998552ee25
 F ext/wasm/common/SqliteTestUtil.js 7adaeffef757d8708418dc9190f72df22367b531831775804b31598b44f6aa51
 F ext/wasm/common/emscripten.css 11bd104b6c0d597c67d40cc8ecc0a60dae2b965151e3b6a37fa5708bac3acd15
 F ext/wasm/common/testing.css e97549bab24126c24e0daabfe2de9bb478fb0a69fdb2ddd0a73a992c091aad6f
-F ext/wasm/common/whwasmutil.js 1dcce8bc4f90cdc80f1bc0256b44b24f043301968d9ed7cdcd32a16e87babe00
+F ext/wasm/common/whwasmutil.js b9667f34bd2b6c6a7055d37da586f3ad7757ff758407322e23694894519ca5c5
 F ext/wasm/demo-123-worker.html a0b58d9caef098a626a1a1db567076fca4245e8d60ba94557ede8684350a81ed
 F ext/wasm/demo-123.html 8c70a412ce386bd3796534257935eb1e3ea5c581e5d5aea0490b8232e570a508
 F ext/wasm/demo-123.js 38aa8faec4d0ace1c973bc8a7a1533584463ebeecd4c420daa7d9687beeb9cb5
@@ -2051,8 +2051,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 16658b3c64d7f9690b097d999a8fbdc49dedf484f72174059718a768f61e875b
-R b3278d833ca5b1cc70c3ac9bdfedd32f
+P 163e3e44b16caa7ceb2805d29a76d8975e66fe429a911995b1c2f8429b080645
+R 9cf774edaace5bcb1466b82cf288cd32
 U stephan
-Z 9a202e887806dd7f5eca1a911834ce23
+Z c5c78ad6190e3b9e6cdf7cb5e63b5a37
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index df88a92142..447fec4a36 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-163e3e44b16caa7ceb2805d29a76d8975e66fe429a911995b1c2f8429b080645
\ No newline at end of file
+a0f808363318c00fd1db78b4271cef8d05a046a36aab1a383e731e40603c6e2a
\ No newline at end of file