fix: avoid crash when reopening db with stale cloudsync_table_settings

Dropping a table and its <table>_cloudsync meta-table without calling
cloudsync_cleanup left stale rows in cloudsync_table_settings. On the
next connection, loading the extension crashed with a double-free.

Two bugs:
- cloudsync_dbversion_rebuild returned DBRES_NOMEM when the build query
  yielded NULL (no *_cloudsync tables in sqlite_master), failing init.
  Treat NULL the same as count == 0: no prepared stmt, rebuilt later.
- On init failure, dbsync_register_functions manually freed the context
  that SQLite already owns via the cloudsync_version destructor, causing
  a double-free on sqlite3_close. Let SQLite release it instead.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: andinux

src/cloudsync.c

@@ -397,9 +397,14 @@ int cloudsync_dbversion_rebuild (cloudsync_context *data) {
     int64_t count = dbutils_table_settings_count_tables(data);
     if (count == 0) return DBRES_OK;
     else if (count == -1) return cloudsync_set_dberror(data);
-    
+
     char *sql = cloudsync_dbversion_build_query(data);
-    if (!sql) return DBRES_NOMEM;
+    // A NULL result here means sqlite_master has no *_cloudsync meta-tables
+    // (for example, the user dropped the base table and its meta-table without
+    // calling cloudsync_cleanup, leaving stale cloudsync_table_settings rows).
+    // Treat this the same as count == 0: no prepared statement, db_version
+    // stays at the minimum and will be rebuilt on the next cloudsync_init.
+    if (!sql) return DBRES_OK;
     DEBUG_SQL("db_version_stmt: %s", sql);
 
     int rc = databasevm_prepare(data, sql, (void **)&data->db_version_stmt, DBFLAG_PERSISTENT);

src/sqlite/cloudsync_sqlite.c

@@ -1470,7 +1470,10 @@ int dbsync_register_functions (sqlite3 *db, char **pzErrMsg) {
     // load config, if exists
     if (cloudsync_config_exists(data)) {
         if (cloudsync_context_init(data) == NULL) {
-            cloudsync_context_free(data);
+            // Do not free ctx here: it is already owned by the cloudsync_version
+            // function (registered above with cloudsync_context_free as its
+            // destructor). SQLite will release it when the connection is closed.
+            // Freeing it manually would cause a double-free on sqlite3_close.
             if (pzErrMsg) *pzErrMsg = sqlite3_mprintf("An error occurred while trying to initialize context");
             return SQLITE_ERROR;
         }

test/unit.c

@@ -2401,6 +2401,84 @@ bool do_test_stale_table_settings(bool cleanup_databases) {
     return result;
 }
 
+// Same as do_test_stale_table_settings, but also drops the <table>_cloudsync
+// meta-table before reopening. With a stale cloudsync_table_settings row and
+// no matching *_cloudsync meta-table in sqlite_master, the dbversion query
+// builder produces an empty (NULL) SQL string, causing sqlite3_cloudsync_init
+// to fail on reopen — previously crashing in some environments.
+bool do_test_stale_table_settings_dropped_meta(bool cleanup_databases) {
+    bool result = false;
+    char dbpath[256];
+    time_t timestamp = time(NULL);
+
+    #ifdef __ANDROID__
+    snprintf(dbpath, sizeof(dbpath), "%s/cloudsync-test-stale-meta-%ld.sqlite", ".", timestamp);
+    #else
+    snprintf(dbpath, sizeof(dbpath), "%s/cloudsync-test-stale-meta-%ld.sqlite", getenv("HOME"), timestamp);
+    #endif
+
+    // Phase 1: create database, table, and init cloudsync
+    sqlite3 *db = NULL;
+    int rc = sqlite3_open(dbpath, &db);
+    if (rc != SQLITE_OK) return false;
+    sqlite3_exec(db, "PRAGMA journal_mode=WAL;", NULL, NULL, NULL);
+    sqlite3_cloudsync_init(db, NULL, NULL);
+
+    rc = sqlite3_exec(db, "CREATE TABLE cloud (id TEXT PRIMARY KEY NOT NULL, value TEXT, extra INTEGER);", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+
+    rc = sqlite3_exec(db, "SELECT cloudsync_init('cloud');", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+
+    // Phase 2: drop both the base table AND the meta-table without calling
+    // cloudsync_cleanup. This leaves stale entries in cloudsync_table_settings
+    // with no matching *_cloudsync table in sqlite_master.
+    sqlite3_exec(db, "SELECT cloudsync_terminate();", NULL, NULL, NULL);
+    sqlite3_close(db);
+    db = NULL;
+
+    rc = sqlite3_open(dbpath, &db);
+    if (rc != SQLITE_OK) goto cleanup;
+    rc = sqlite3_exec(db, "DROP TABLE IF EXISTS cloud;", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+    rc = sqlite3_exec(db, "DROP TABLE IF EXISTS cloud_cloudsync;", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+    sqlite3_close(db);
+    db = NULL;
+
+    // Phase 3: reopen the database and load the extension — must succeed.
+    rc = sqlite3_open(dbpath, &db);
+    if (rc != SQLITE_OK) goto cleanup;
+    rc = sqlite3_cloudsync_init(db, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+
+    // Sanity check: we can still call cloudsync_version and create a new table.
+    rc = sqlite3_exec(db, "SELECT cloudsync_version();", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+
+    rc = sqlite3_exec(db, "CREATE TABLE cloud2 (id TEXT PRIMARY KEY NOT NULL, v TEXT);", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+    rc = sqlite3_exec(db, "SELECT cloudsync_init('cloud2');", NULL, NULL, NULL);
+    if (rc != SQLITE_OK) goto cleanup;
+
+    result = true;
+
+cleanup:
+    if (db) {
+        sqlite3_exec(db, "SELECT cloudsync_terminate();", NULL, NULL, NULL);
+        sqlite3_close(db);
+    }
+    if (cleanup_databases) {
+        file_delete_internal(dbpath);
+        char walpath[280];
+        snprintf(walpath, sizeof(walpath), "%s-wal", dbpath);
+        file_delete_internal(walpath);
+        snprintf(walpath, sizeof(walpath), "%s-shm", dbpath);
+        file_delete_internal(walpath);
+    }
+    return result;
+}
+
 // Authorizer state for do_test_context_cb_error_cleanup.
 // Denies INSERT on a specific table after allowing a set number of INSERTs.
 static const char *g_deny_insert_table = NULL;
@@ -12268,6 +12346,7 @@ int main (int argc, const char * argv[]) {
     result += test_report("Large Composite PK Test:", do_test_large_composite_pk(2, print_result, cleanup_databases));
     result += test_report("Schema Hash Mismatch:", do_test_schema_hash_mismatch(2, print_result, cleanup_databases));
     result += test_report("Stale Table Settings:", do_test_stale_table_settings(cleanup_databases));
+    result += test_report("Stale Table Settings Dropped Meta:", do_test_stale_table_settings_dropped_meta(cleanup_databases));
     result += test_report("Block LWW Existing Data:", do_test_block_lww_existing_data(cleanup_databases));
     result += test_report("Block Column Reload:", do_test_block_column_reload(cleanup_databases));
     result += test_report("CB Error Cleanup:", do_test_context_cb_error_cleanup());