|
|
@@ -233,7 +233,7 @@ extern "C" {
|
|
|
*/
|
|
|
#define SQLITE_VERSION "3.8.8"
|
|
|
#define SQLITE_VERSION_NUMBER 3008008
|
|
|
-#define SQLITE_SOURCE_ID "2014-11-20 02:58:10 2d7c8da5f16e64eaa7b0c2d66898682ea3d102a0"
|
|
|
+#define SQLITE_SOURCE_ID "2014-11-27 11:36:36 f095cde579e7417306e11b5c1d2dd90b6bb547d5"
|
|
|
|
|
|
/*
|
|
|
** CAPI3REF: Run-Time Library Version Numbers
|
|
|
@@ -6065,34 +6065,34 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
|
|
|
**
|
|
|
** The SQLite source code contains multiple implementations
|
|
|
** of these mutex routines. An appropriate implementation
|
|
|
-** is selected automatically at compile-time. ^(The following
|
|
|
+** is selected automatically at compile-time. The following
|
|
|
** implementations are available in the SQLite core:
|
|
|
**
|
|
|
** <ul>
|
|
|
** <li> SQLITE_MUTEX_PTHREADS
|
|
|
** <li> SQLITE_MUTEX_W32
|
|
|
** <li> SQLITE_MUTEX_NOOP
|
|
|
-** </ul>)^
|
|
|
+** </ul>
|
|
|
**
|
|
|
-** ^The SQLITE_MUTEX_NOOP implementation is a set of routines
|
|
|
+** The SQLITE_MUTEX_NOOP implementation is a set of routines
|
|
|
** that does no real locking and is appropriate for use in
|
|
|
-** a single-threaded application. ^The SQLITE_MUTEX_PTHREADS and
|
|
|
+** a single-threaded application. The SQLITE_MUTEX_PTHREADS and
|
|
|
** SQLITE_MUTEX_W32 implementations are appropriate for use on Unix
|
|
|
** and Windows.
|
|
|
**
|
|
|
-** ^(If SQLite is compiled with the SQLITE_MUTEX_APPDEF preprocessor
|
|
|
+** If SQLite is compiled with the SQLITE_MUTEX_APPDEF preprocessor
|
|
|
** macro defined (with "-DSQLITE_MUTEX_APPDEF=1"), then no mutex
|
|
|
** implementation is included with the library. In this case the
|
|
|
** application must supply a custom mutex implementation using the
|
|
|
** [SQLITE_CONFIG_MUTEX] option of the sqlite3_config() function
|
|
|
** before calling sqlite3_initialize() or any other public sqlite3_
|
|
|
-** function that calls sqlite3_initialize().)^
|
|
|
+** function that calls sqlite3_initialize().
|
|
|
**
|
|
|
** ^The sqlite3_mutex_alloc() routine allocates a new
|
|
|
-** mutex and returns a pointer to it. ^If it returns NULL
|
|
|
-** that means that a mutex could not be allocated. ^SQLite
|
|
|
-** will unwind its stack and return an error. ^(The argument
|
|
|
-** to sqlite3_mutex_alloc() is one of these integer constants:
|
|
|
+** mutex and returns a pointer to it. ^The sqlite3_mutex_alloc()
|
|
|
+** routine returns NULL if it is unable to allocate the requested
|
|
|
+** mutex. The argument to sqlite3_mutex_alloc() must one of these
|
|
|
+** integer constants:
|
|
|
**
|
|
|
** <ul>
|
|
|
** <li> SQLITE_MUTEX_FAST
|
|
|
@@ -6105,7 +6105,8 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
|
|
|
** <li> SQLITE_MUTEX_STATIC_PMEM
|
|
|
** <li> SQLITE_MUTEX_STATIC_APP1
|
|
|
** <li> SQLITE_MUTEX_STATIC_APP2
|
|
|
-** </ul>)^
|
|
|
+** <li> SQLITE_MUTEX_STATIC_APP3
|
|
|
+** </ul>
|
|
|
**
|
|
|
** ^The first two constants (SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE)
|
|
|
** cause sqlite3_mutex_alloc() to create
|
|
|
@@ -6113,14 +6114,14 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
|
|
|
** is used but not necessarily so when SQLITE_MUTEX_FAST is used.
|
|
|
** The mutex implementation does not need to make a distinction
|
|
|
** between SQLITE_MUTEX_RECURSIVE and SQLITE_MUTEX_FAST if it does
|
|
|
-** not want to. ^SQLite will only request a recursive mutex in
|
|
|
-** cases where it really needs one. ^If a faster non-recursive mutex
|
|
|
+** not want to. SQLite will only request a recursive mutex in
|
|
|
+** cases where it really needs one. If a faster non-recursive mutex
|
|
|
** implementation is available on the host platform, the mutex subsystem
|
|
|
** might return such a mutex in response to SQLITE_MUTEX_FAST.
|
|
|
**
|
|
|
** ^The other allowed parameters to sqlite3_mutex_alloc() (anything other
|
|
|
** than SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE) each return
|
|
|
-** a pointer to a static preexisting mutex. ^Six static mutexes are
|
|
|
+** a pointer to a static preexisting mutex. ^Nine static mutexes are
|
|
|
** used by the current version of SQLite. Future versions of SQLite
|
|
|
** may add additional static mutexes. Static mutexes are for internal
|
|
|
** use by SQLite only. Applications that use SQLite mutexes should
|
|
|
@@ -6129,16 +6130,13 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
|
|
|
**
|
|
|
** ^Note that if one of the dynamic mutex parameters (SQLITE_MUTEX_FAST
|
|
|
** or SQLITE_MUTEX_RECURSIVE) is used then sqlite3_mutex_alloc()
|
|
|
-** returns a different mutex on every call. ^But for the static
|
|
|
+** returns a different mutex on every call. ^For the static
|
|
|
** mutex types, the same mutex is returned on every call that has
|
|
|
** the same type number.
|
|
|
**
|
|
|
** ^The sqlite3_mutex_free() routine deallocates a previously
|
|
|
-** allocated dynamic mutex. ^SQLite is careful to deallocate every
|
|
|
-** dynamic mutex that it allocates. The dynamic mutexes must not be in
|
|
|
-** use when they are deallocated. Attempting to deallocate a static
|
|
|
-** mutex results in undefined behavior. ^SQLite never deallocates
|
|
|
-** a static mutex.
|
|
|
+** allocated dynamic mutex. Attempting to deallocate a static
|
|
|
+** mutex results in undefined behavior.
|
|
|
**
|
|
|
** ^The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt
|
|
|
** to enter a mutex. ^If another thread is already within the mutex,
|
|
|
@@ -6146,23 +6144,21 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
|
|
|
** SQLITE_BUSY. ^The sqlite3_mutex_try() interface returns [SQLITE_OK]
|
|
|
** upon successful entry. ^(Mutexes created using
|
|
|
** SQLITE_MUTEX_RECURSIVE can be entered multiple times by the same thread.
|
|
|
-** In such cases the,
|
|
|
+** In such cases, the
|
|
|
** mutex must be exited an equal number of times before another thread
|
|
|
-** can enter.)^ ^(If the same thread tries to enter any other
|
|
|
-** kind of mutex more than once, the behavior is undefined.
|
|
|
-** SQLite will never exhibit
|
|
|
-** such behavior in its own use of mutexes.)^
|
|
|
+** can enter.)^ If the same thread tries to enter any mutex other
|
|
|
+** than an SQLITE_MUTEX_RECURSIVE more than once, the behavior is undefined.
|
|
|
**
|
|
|
** ^(Some systems (for example, Windows 95) do not support the operation
|
|
|
** implemented by sqlite3_mutex_try(). On those systems, sqlite3_mutex_try()
|
|
|
-** will always return SQLITE_BUSY. The SQLite core only ever uses
|
|
|
-** sqlite3_mutex_try() as an optimization so this is acceptable behavior.)^
|
|
|
+** will always return SQLITE_BUSY. The SQLite core only ever uses
|
|
|
+** sqlite3_mutex_try() as an optimization so this is acceptable
|
|
|
+** behavior.)^
|
|
|
**
|
|
|
** ^The sqlite3_mutex_leave() routine exits a mutex that was
|
|
|
-** previously entered by the same thread. ^(The behavior
|
|
|
+** previously entered by the same thread. The behavior
|
|
|
** is undefined if the mutex is not currently entered by the
|
|
|
-** calling thread or is not currently allocated. SQLite will
|
|
|
-** never do either.)^
|
|
|
+** calling thread or is not currently allocated.
|
|
|
**
|
|
|
** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), or
|
|
|
** sqlite3_mutex_leave() is a NULL pointer, then all three routines
|
|
|
@@ -6183,9 +6179,9 @@ SQLITE_API void sqlite3_mutex_leave(sqlite3_mutex*);
|
|
|
** used to allocate and use mutexes.
|
|
|
**
|
|
|
** Usually, the default mutex implementations provided by SQLite are
|
|
|
-** sufficient, however the user has the option of substituting a custom
|
|
|
+** sufficient, however the application has the option of substituting a custom
|
|
|
** implementation for specialized deployments or systems for which SQLite
|
|
|
-** does not provide a suitable implementation. In this case, the user
|
|
|
+** does not provide a suitable implementation. In this case, the application
|
|
|
** creates and populates an instance of this structure to pass
|
|
|
** to sqlite3_config() along with the [SQLITE_CONFIG_MUTEX] option.
|
|
|
** Additionally, an instance of this structure can be used as an
|
|
|
@@ -6226,13 +6222,13 @@ SQLITE_API void sqlite3_mutex_leave(sqlite3_mutex*);
|
|
|
** (i.e. it is acceptable to provide an implementation that segfaults if
|
|
|
** it is passed a NULL pointer).
|
|
|
**
|
|
|
-** The xMutexInit() method must be threadsafe. ^It must be harmless to
|
|
|
+** The xMutexInit() method must be threadsafe. It must be harmless to
|
|
|
** invoke xMutexInit() multiple times within the same process and without
|
|
|
** intervening calls to xMutexEnd(). Second and subsequent calls to
|
|
|
** xMutexInit() must be no-ops.
|
|
|
**
|
|
|
-** ^xMutexInit() must not use SQLite memory allocation ([sqlite3_malloc()]
|
|
|
-** and its associates). ^Similarly, xMutexAlloc() must not use SQLite memory
|
|
|
+** xMutexInit() must not use SQLite memory allocation ([sqlite3_malloc()]
|
|
|
+** and its associates). Similarly, xMutexAlloc() must not use SQLite memory
|
|
|
** allocation for a static mutex. ^However xMutexAlloc() may use SQLite
|
|
|
** memory allocation for a fast or recursive mutex.
|
|
|
**
|
|
|
@@ -6258,29 +6254,29 @@ struct sqlite3_mutex_methods {
|
|
|
** CAPI3REF: Mutex Verification Routines
|
|
|
**
|
|
|
** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routines
|
|
|
-** are intended for use inside assert() statements. ^The SQLite core
|
|
|
+** are intended for use inside assert() statements. The SQLite core
|
|
|
** never uses these routines except inside an assert() and applications
|
|
|
-** are advised to follow the lead of the core. ^The SQLite core only
|
|
|
+** are advised to follow the lead of the core. The SQLite core only
|
|
|
** provides implementations for these routines when it is compiled
|
|
|
-** with the SQLITE_DEBUG flag. ^External mutex implementations
|
|
|
+** with the SQLITE_DEBUG flag. External mutex implementations
|
|
|
** are only required to provide these routines if SQLITE_DEBUG is
|
|
|
** defined and if NDEBUG is not defined.
|
|
|
**
|
|
|
-** ^These routines should return true if the mutex in their argument
|
|
|
+** These routines should return true if the mutex in their argument
|
|
|
** is held or not held, respectively, by the calling thread.
|
|
|
**
|
|
|
-** ^The implementation is not required to provide versions of these
|
|
|
+** The implementation is not required to provide versions of these
|
|
|
** routines that actually work. If the implementation does not provide working
|
|
|
** versions of these routines, it should at least provide stubs that always
|
|
|
** return true so that one does not get spurious assertion failures.
|
|
|
**
|
|
|
-** ^If the argument to sqlite3_mutex_held() is a NULL pointer then
|
|
|
+** If the argument to sqlite3_mutex_held() is a NULL pointer then
|
|
|
** the routine should return 1. This seems counter-intuitive since
|
|
|
** clearly the mutex cannot be held if it does not exist. But
|
|
|
** the reason the mutex does not exist is because the build is not
|
|
|
** using mutexes. And we do not want the assert() containing the
|
|
|
** call to sqlite3_mutex_held() to fail, so a non-zero return is
|
|
|
-** the appropriate thing to do. ^The sqlite3_mutex_notheld()
|
|
|
+** the appropriate thing to do. The sqlite3_mutex_notheld()
|
|
|
** interface should also return 1 when given a NULL pointer.
|
|
|
*/
|
|
|
#ifndef NDEBUG
|
|
|
@@ -53809,6 +53805,11 @@ static void ptrmapPutOvflPtr(MemPage *pPage, u8 *pCell, int *pRC){
|
|
|
** end of the page and all free space is collected into one
|
|
|
** big FreeBlk that occurs in between the header and cell
|
|
|
** pointer array and the cell content area.
|
|
|
+**
|
|
|
+** EVIDENCE-OF: R-44582-60138 SQLite may from time to time reorganize a
|
|
|
+** b-tree page so that there are no freeblocks or fragment bytes, all
|
|
|
+** unused bytes are contained in the unallocated space region, and all
|
|
|
+** cells are packed tightly at the end of the page.
|
|
|
*/
|
|
|
static int defragmentPage(MemPage *pPage){
|
|
|
int i; /* Loop counter */
|
|
|
@@ -53932,6 +53933,8 @@ static u8 *pageFindSlot(MemPage *pPg, int nByte, int *pRc, int *pbDefrag){
|
|
|
testcase( x==4 );
|
|
|
testcase( x==3 );
|
|
|
if( x<4 ){
|
|
|
+ /* EVIDENCE-OF: R-11498-58022 In a well-formed b-tree page, the total
|
|
|
+ ** number of bytes in fragments may not exceed 60. */
|
|
|
if( aData[hdr+7]>=60 ){
|
|
|
if( pbDefrag ) *pbDefrag = 1;
|
|
|
return 0;
|
|
|
@@ -53986,19 +53989,13 @@ static int allocateSpace(MemPage *pPage, int nByte, int *pIdx){
|
|
|
assert( pPage->cellOffset == hdr + 12 - 4*pPage->leaf );
|
|
|
gap = pPage->cellOffset + 2*pPage->nCell;
|
|
|
assert( gap<=65536 );
|
|
|
- top = get2byte(&data[hdr+5]);
|
|
|
- if( gap>top ){
|
|
|
- if( top==0 ){
|
|
|
- /* EVIDENCE-OF: R-29356-02391 If the database uses a 65536-byte page size
|
|
|
- ** and the reserved space is zero (the usual value for reserved space)
|
|
|
- ** then the cell content offset of an empty page wants to be 65536.
|
|
|
- ** However, that integer is too large to be stored in a 2-byte unsigned
|
|
|
- ** integer, so a value of 0 is used in its place. */
|
|
|
- top = 65536;
|
|
|
- }else{
|
|
|
- return SQLITE_CORRUPT_BKPT;
|
|
|
- }
|
|
|
- }
|
|
|
+ /* EVIDENCE-OF: R-29356-02391 If the database uses a 65536-byte page size
|
|
|
+ ** and the reserved space is zero (the usual value for reserved space)
|
|
|
+ ** then the cell content offset of an empty page wants to be 65536.
|
|
|
+ ** However, that integer is too large to be stored in a 2-byte unsigned
|
|
|
+ ** integer, so a value of 0 is used in its place. */
|
|
|
+ top = get2byteNotZero(&data[hdr+5]);
|
|
|
+ if( gap>top ) return SQLITE_CORRUPT_BKPT;
|
|
|
|
|
|
/* If there is enough space between gap and top for one more cell pointer
|
|
|
** array entry offset, and if the freelist is not empty, then search the
|
|
|
@@ -54167,18 +54164,32 @@ static int decodeFlags(MemPage *pPage, int flagByte){
|
|
|
pPage->childPtrSize = 4-4*pPage->leaf;
|
|
|
pBt = pPage->pBt;
|
|
|
if( flagByte==(PTF_LEAFDATA | PTF_INTKEY) ){
|
|
|
+ /* EVIDENCE-OF: R-03640-13415 A value of 5 means the page is an interior
|
|
|
+ ** table b-tree page. */
|
|
|
+ assert( (PTF_LEAFDATA|PTF_INTKEY)==5 );
|
|
|
+ /* EVIDENCE-OF: R-20501-61796 A value of 13 means the page is a leaf
|
|
|
+ ** table b-tree page. */
|
|
|
+ assert( (PTF_LEAFDATA|PTF_INTKEY|PTF_LEAF)==13 );
|
|
|
pPage->intKey = 1;
|
|
|
pPage->intKeyLeaf = pPage->leaf;
|
|
|
pPage->noPayload = !pPage->leaf;
|
|
|
pPage->maxLocal = pBt->maxLeaf;
|
|
|
pPage->minLocal = pBt->minLeaf;
|
|
|
}else if( flagByte==PTF_ZERODATA ){
|
|
|
+ /* EVIDENCE-OF: R-27225-53936 A value of 2 means the page is an interior
|
|
|
+ ** index b-tree page. */
|
|
|
+ assert( (PTF_ZERODATA)==2 );
|
|
|
+ /* EVIDENCE-OF: R-16571-11615 A value of 10 means the page is a leaf
|
|
|
+ ** index b-tree page. */
|
|
|
+ assert( (PTF_ZERODATA|PTF_LEAF)==10 );
|
|
|
pPage->intKey = 0;
|
|
|
pPage->intKeyLeaf = 0;
|
|
|
pPage->noPayload = 0;
|
|
|
pPage->maxLocal = pBt->maxLocal;
|
|
|
pPage->minLocal = pBt->minLocal;
|
|
|
}else{
|
|
|
+ /* EVIDENCE-OF: R-47608-56469 Any other value for the b-tree page type is
|
|
|
+ ** an error. */
|
|
|
return SQLITE_CORRUPT_BKPT;
|
|
|
}
|
|
|
pPage->max1bytePayload = pBt->max1bytePayload;
|
|
|
@@ -54218,21 +54229,33 @@ static int btreeInitPage(MemPage *pPage){
|
|
|
|
|
|
hdr = pPage->hdrOffset;
|
|
|
data = pPage->aData;
|
|
|
+ /* EVIDENCE-OF: R-28594-02890 The one-byte flag at offset 0 indicating
|
|
|
+ ** the b-tree page type. */
|
|
|
if( decodeFlags(pPage, data[hdr]) ) return SQLITE_CORRUPT_BKPT;
|
|
|
assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
|
|
|
pPage->maskPage = (u16)(pBt->pageSize - 1);
|
|
|
pPage->nOverflow = 0;
|
|
|
usableSize = pBt->usableSize;
|
|
|
- pPage->cellOffset = cellOffset = hdr + 12 - 4*pPage->leaf;
|
|
|
+ pPage->cellOffset = cellOffset = hdr + 8 + pPage->childPtrSize;
|
|
|
pPage->aDataEnd = &data[usableSize];
|
|
|
pPage->aCellIdx = &data[cellOffset];
|
|
|
+ /* EVIDENCE-OF: R-58015-48175 The two-byte integer at offset 5 designates
|
|
|
+ ** the start of the cell content area. A zero value for this integer is
|
|
|
+ ** interpreted as 65536. */
|
|
|
top = get2byteNotZero(&data[hdr+5]);
|
|
|
+ /* EVIDENCE-OF: R-37002-32774 The two-byte integer at offset 3 gives the
|
|
|
+ ** number of cells on the page. */
|
|
|
pPage->nCell = get2byte(&data[hdr+3]);
|
|
|
if( pPage->nCell>MX_CELL(pBt) ){
|
|
|
/* To many cells for a single page. The page must be corrupt */
|
|
|
return SQLITE_CORRUPT_BKPT;
|
|
|
}
|
|
|
testcase( pPage->nCell==MX_CELL(pBt) );
|
|
|
+ /* EVIDENCE-OF: R-24089-57979 If a page contains no cells (which is only
|
|
|
+ ** possible for a root page of a table that contains no rows) then the
|
|
|
+ ** offset to the cell content area will equal the page size minus the
|
|
|
+ ** bytes of reserved space. */
|
|
|
+ assert( pPage->nCell>0 || top==usableSize || CORRUPT_DB );
|
|
|
|
|
|
/* A malformed database page might cause us to read past the end
|
|
|
** of page when parsing a cell.
|
|
|
@@ -54266,13 +54289,20 @@ static int btreeInitPage(MemPage *pPage){
|
|
|
}
|
|
|
#endif
|
|
|
|
|
|
- /* Compute the total free space on the page */
|
|
|
+ /* Compute the total free space on the page
|
|
|
+ ** EVIDENCE-OF: R-23588-34450 The two-byte integer at offset 1 gives the
|
|
|
+ ** start of the first freeblock on the page, or is zero if there are no
|
|
|
+ ** freeblocks. */
|
|
|
pc = get2byte(&data[hdr+1]);
|
|
|
- nFree = data[hdr+7] + top;
|
|
|
+ nFree = data[hdr+7] + top; /* Init nFree to non-freeblock free space */
|
|
|
while( pc>0 ){
|
|
|
u16 next, size;
|
|
|
if( pc<iCellFirst || pc>iCellLast ){
|
|
|
- /* Start of free block is off the page */
|
|
|
+ /* EVIDENCE-OF: R-55530-52930 In a well-formed b-tree page, there will
|
|
|
+ ** always be at least one cell before the first freeblock.
|
|
|
+ **
|
|
|
+ ** Or, the freeblock is off the end of the page
|
|
|
+ */
|
|
|
return SQLITE_CORRUPT_BKPT;
|
|
|
}
|
|
|
next = get2byte(&data[pc]);
|
|
|
@@ -58629,9 +58659,17 @@ static void dropCell(MemPage *pPage, int idx, int sz, int *pRC){
|
|
|
return;
|
|
|
}
|
|
|
pPage->nCell--;
|
|
|
- memmove(ptr, ptr+2, 2*(pPage->nCell - idx));
|
|
|
- put2byte(&data[hdr+3], pPage->nCell);
|
|
|
- pPage->nFree += 2;
|
|
|
+ if( pPage->nCell==0 ){
|
|
|
+ memset(&data[hdr+1], 0, 4);
|
|
|
+ data[hdr+7] = 0;
|
|
|
+ put2byte(&data[hdr+5], pPage->pBt->usableSize);
|
|
|
+ pPage->nFree = pPage->pBt->usableSize - pPage->hdrOffset
|
|
|
+ - pPage->childPtrSize - 8;
|
|
|
+ }else{
|
|
|
+ memmove(ptr, ptr+2, 2*(pPage->nCell - idx));
|
|
|
+ put2byte(&data[hdr+3], pPage->nCell);
|
|
|
+ pPage->nFree += 2;
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
/*
|
|
|
@@ -58885,6 +58923,14 @@ static int pageFreeArray(
|
|
|
}
|
|
|
|
|
|
/*
|
|
|
+** apCell[] and szCell[] contains pointers to and sizes of all cells in the
|
|
|
+** pages being balanced. The current page, pPg, has pPg->nCell cells starting
|
|
|
+** with apCell[iOld]. After balancing, this page should hold nNew cells
|
|
|
+** starting at apCell[iNew].
|
|
|
+**
|
|
|
+** This routine makes the necessary adjustments to pPg so that it contains
|
|
|
+** the correct cells after being balanced.
|
|
|
+**
|
|
|
** The pPg->nFree field is invalid when this function returns. It is the
|
|
|
** responsibility of the caller to set it correctly.
|
|
|
*/
|
|
|
@@ -58925,12 +58971,13 @@ static void editPage(
|
|
|
);
|
|
|
}
|
|
|
|
|
|
- pData = &aData[get2byte(&aData[hdr+5])];
|
|
|
+ pData = &aData[get2byteNotZero(&aData[hdr+5])];
|
|
|
if( pData<pBegin ) goto editpage_fail;
|
|
|
|
|
|
/* Add cells to the start of the page */
|
|
|
if( iNew<iOld ){
|
|
|
- int nAdd = iOld-iNew;
|
|
|
+ int nAdd = MIN(nNew,iOld-iNew);
|
|
|
+ assert( (iOld-iNew)<nNew || nCell==0 || CORRUPT_DB );
|
|
|
pCellptr = pPg->aCellIdx;
|
|
|
memmove(&pCellptr[nAdd*2], pCellptr, nCell*2);
|
|
|
if( pageInsertArray(
|
|
|
@@ -61279,8 +61326,14 @@ static int checkTreePage(
|
|
|
assert( contentOffset<=usableSize ); /* Enforced by btreeInitPage() */
|
|
|
memset(hit+contentOffset, 0, usableSize-contentOffset);
|
|
|
memset(hit, 1, contentOffset);
|
|
|
+ /* EVIDENCE-OF: R-37002-32774 The two-byte integer at offset 3 gives the
|
|
|
+ ** number of cells on the page. */
|
|
|
nCell = get2byte(&data[hdr+3]);
|
|
|
+ /* EVIDENCE-OF: R-23882-45353 The cell pointer array of a b-tree page
|
|
|
+ ** immediately follows the b-tree page header. */
|
|
|
cellStart = hdr + 12 - 4*pPage->leaf;
|
|
|
+ /* EVIDENCE-OF: R-02776-14802 The cell pointer array consists of K 2-byte
|
|
|
+ ** integer offsets to the cell contents. */
|
|
|
for(i=0; i<nCell; i++){
|
|
|
int pc = get2byte(&data[cellStart+i*2]);
|
|
|
u32 size = 65536;
|
|
|
@@ -61296,6 +61349,9 @@ static int checkTreePage(
|
|
|
for(j=pc+size-1; j>=pc; j--) hit[j]++;
|
|
|
}
|
|
|
}
|
|
|
+ /* EVIDENCE-OF: R-20690-50594 The second field of the b-tree page header
|
|
|
+ ** is the offset of the first freeblock, or zero if there are no
|
|
|
+ ** freeblocks on the page. */
|
|
|
i = get2byte(&data[hdr+1]);
|
|
|
while( i>0 ){
|
|
|
int size, j;
|
|
|
@@ -61303,7 +61359,13 @@ static int checkTreePage(
|
|
|
size = get2byte(&data[i+2]);
|
|
|
assert( i+size<=usableSize ); /* Enforced by btreeInitPage() */
|
|
|
for(j=i+size-1; j>=i; j--) hit[j]++;
|
|
|
+ /* EVIDENCE-OF: R-58208-19414 The first 2 bytes of a freeblock are a
|
|
|
+ ** big-endian integer which is the offset in the b-tree page of the next
|
|
|
+ ** freeblock in the chain, or zero if the freeblock is the last on the
|
|
|
+ ** chain. */
|
|
|
j = get2byte(&data[i]);
|
|
|
+ /* EVIDENCE-OF: R-06866-39125 Freeblocks are always connected in order of
|
|
|
+ ** increasing offset. */
|
|
|
assert( j==0 || j>i+size ); /* Enforced by btreeInitPage() */
|
|
|
assert( j<=usableSize-4 ); /* Enforced by btreeInitPage() */
|
|
|
i = j;
|
|
|
@@ -61317,6 +61379,11 @@ static int checkTreePage(
|
|
|
break;
|
|
|
}
|
|
|
}
|
|
|
+ /* EVIDENCE-OF: R-43263-13491 The total number of bytes in all fragments
|
|
|
+ ** is stored in the fifth field of the b-tree page header.
|
|
|
+ ** EVIDENCE-OF: R-07161-27322 The one-byte integer at offset 7 gives the
|
|
|
+ ** number of fragmented free bytes within the cell content area.
|
|
|
+ */
|
|
|
if( cnt!=data[hdr+7] ){
|
|
|
checkAppendMsg(pCheck,
|
|
|
"Fragmentation of %d bytes reported as %d on page %d",
|
|
|
@@ -77172,6 +77239,13 @@ SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *pBlob, sqlite3_int64 iRow){
|
|
|
# define SQLITE_DEBUG_SORTER_THREADS 1
|
|
|
#endif
|
|
|
|
|
|
+/*
|
|
|
+** Hard-coded maximum amount of data to accumulate in memory before flushing
|
|
|
+** to a level 0 PMA. The purpose of this limit is to prevent various integer
|
|
|
+** overflows. 512MiB.
|
|
|
+*/
|
|
|
+#define SQLITE_MAX_MXPMASIZE (1<<29)
|
|
|
+
|
|
|
/*
|
|
|
** Private objects used by the sorter
|
|
|
*/
|
|
|
@@ -77870,7 +77944,7 @@ SQLITE_PRIVATE int sqlite3VdbeSorterInit(
|
|
|
pSorter->mnPmaSize = SORTER_MIN_WORKING * pgsz;
|
|
|
mxCache = db->aDb[0].pSchema->cache_size;
|
|
|
if( mxCache<SORTER_MIN_WORKING ) mxCache = SORTER_MIN_WORKING;
|
|
|
- pSorter->mxPmaSize = mxCache * pgsz;
|
|
|
+ pSorter->mxPmaSize = MIN((i64)mxCache*pgsz, SQLITE_MAX_MXPMASIZE);
|
|
|
|
|
|
/* EVIDENCE-OF: R-26747-61719 When the application provides any amount of
|
|
|
** scratch memory using SQLITE_CONFIG_SCRATCH, SQLite avoids unnecessary
|
|
|
@@ -88320,8 +88394,6 @@ static void decodeIntArray(
|
|
|
if( z==0 ) z = "";
|
|
|
#else
|
|
|
assert( z!=0 );
|
|
|
- pIndex->bUnordered = 0;
|
|
|
- pIndex->noSkipScan = 0;
|
|
|
#endif
|
|
|
for(i=0; *z && i<nOut; i++){
|
|
|
v = 0;
|
|
|
@@ -88341,25 +88413,28 @@ static void decodeIntArray(
|
|
|
if( *z==' ' ) z++;
|
|
|
}
|
|
|
#ifndef SQLITE_ENABLE_STAT3_OR_STAT4
|
|
|
- assert( pIndex!=0 );
|
|
|
+ assert( pIndex!=0 ); {
|
|
|
#else
|
|
|
- if( pIndex )
|
|
|
+ if( pIndex ){
|
|
|
#endif
|
|
|
- while( z[0] ){
|
|
|
- if( sqlite3_strglob("unordered*", z)==0 ){
|
|
|
- pIndex->bUnordered = 1;
|
|
|
- }else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){
|
|
|
- pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3));
|
|
|
- }else if( sqlite3_strglob("noskipscan*", z)==0 ){
|
|
|
- pIndex->noSkipScan = 1;
|
|
|
- }
|
|
|
+ pIndex->bUnordered = 0;
|
|
|
+ pIndex->noSkipScan = 0;
|
|
|
+ while( z[0] ){
|
|
|
+ if( sqlite3_strglob("unordered*", z)==0 ){
|
|
|
+ pIndex->bUnordered = 1;
|
|
|
+ }else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){
|
|
|
+ pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3));
|
|
|
+ }else if( sqlite3_strglob("noskipscan*", z)==0 ){
|
|
|
+ pIndex->noSkipScan = 1;
|
|
|
+ }
|
|
|
#ifdef SQLITE_ENABLE_COSTMULT
|
|
|
- else if( sqlite3_strglob("costmult=[0-9]*",z)==0 ){
|
|
|
- pIndex->pTable->costMult = sqlite3LogEst(sqlite3Atoi(z+9));
|
|
|
- }
|
|
|
+ else if( sqlite3_strglob("costmult=[0-9]*",z)==0 ){
|
|
|
+ pIndex->pTable->costMult = sqlite3LogEst(sqlite3Atoi(z+9));
|
|
|
+ }
|
|
|
#endif
|
|
|
- while( z[0]!=0 && z[0]!=' ' ) z++;
|
|
|
- while( z[0]==' ' ) z++;
|
|
|
+ while( z[0]!=0 && z[0]!=' ' ) z++;
|
|
|
+ while( z[0]==' ' ) z++;
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -95394,8 +95469,8 @@ static void absFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
|
|
|
default: {
|
|
|
/* Because sqlite3_value_double() returns 0.0 if the argument is not
|
|
|
** something that can be converted into a number, we have:
|
|
|
- ** IMP: R-57326-31541 Abs(X) return 0.0 if X is a string or blob that
|
|
|
- ** cannot be converted to a numeric value.
|
|
|
+ ** IMP: R-01992-00519 Abs(X) returns 0.0 if X is a string or blob
|
|
|
+ ** that cannot be converted to a numeric value.
|
|
|
*/
|
|
|
sqlite_double rVal = sqlite3_value_double(argv[0]);
|
|
|
if( rVal<0 ) rVal = -rVal;
|
|
|
@@ -113505,7 +113580,12 @@ SQLITE_PRIVATE void sqlite3VtabBeginParse(
|
|
|
addModuleArgument(db, pTable, sqlite3NameFromToken(db, pModuleName));
|
|
|
addModuleArgument(db, pTable, 0);
|
|
|
addModuleArgument(db, pTable, sqlite3DbStrDup(db, pTable->zName));
|
|
|
- pParse->sNameToken.n = (int)(&pModuleName->z[pModuleName->n] - pName1->z);
|
|
|
+ assert( (pParse->sNameToken.z==pName2->z && pName2->z!=0)
|
|
|
+ || (pParse->sNameToken.z==pName1->z && pName2->z==0)
|
|
|
+ );
|
|
|
+ pParse->sNameToken.n = (int)(
|
|
|
+ &pModuleName->z[pModuleName->n] - pParse->sNameToken.z
|
|
|
+ );
|
|
|
|
|
|
#ifndef SQLITE_OMIT_AUTHORIZATION
|
|
|
/* Creating a virtual table invokes the authorization callback twice.
|
|
|
@@ -119046,10 +119126,30 @@ static int whereLoopInsert(WhereLoopBuilder *pBuilder, WhereLoop *pTemplate){
|
|
|
** Adjust the WhereLoop.nOut value downward to account for terms of the
|
|
|
** WHERE clause that reference the loop but which are not used by an
|
|
|
** index.
|
|
|
-**
|
|
|
-** In the current implementation, the first extra WHERE clause term reduces
|
|
|
-** the number of output rows by a factor of 10 and each additional term
|
|
|
-** reduces the number of output rows by sqrt(2).
|
|
|
+*
|
|
|
+** For every WHERE clause term that is not used by the index
|
|
|
+** and which has a truth probability assigned by one of the likelihood(),
|
|
|
+** likely(), or unlikely() SQL functions, reduce the estimated number
|
|
|
+** of output rows by the probability specified.
|
|
|
+**
|
|
|
+** TUNING: For every WHERE clause term that is not used by the index
|
|
|
+** and which does not have an assigned truth probability, heuristics
|
|
|
+** described below are used to try to estimate the truth probability.
|
|
|
+** TODO --> Perhaps this is something that could be improved by better
|
|
|
+** table statistics.
|
|
|
+**
|
|
|
+** Heuristic 1: Estimate the truth probability as 93.75%. The 93.75%
|
|
|
+** value corresponds to -1 in LogEst notation, so this means decrement
|
|
|
+** the WhereLoop.nOut field for every such WHERE clause term.
|
|
|
+**
|
|
|
+** Heuristic 2: If there exists one or more WHERE clause terms of the
|
|
|
+** form "x==EXPR" and EXPR is not a constant 0 or 1, then make sure the
|
|
|
+** final output row estimate is no greater than 1/4 of the total number
|
|
|
+** of rows in the table. In other words, assume that x==EXPR will filter
|
|
|
+** out at least 3 out of 4 rows. If EXPR is -1 or 0 or 1, then maybe the
|
|
|
+** "x" column is boolean or else -1 or 0 or 1 is a common default value
|
|
|
+** on the "x" column and so in that case only cap the output row estimate
|
|
|
+** at 1/2 instead of 1/4.
|
|
|
*/
|
|
|
static void whereLoopOutputAdjust(
|
|
|
WhereClause *pWC, /* The WHERE clause */
|
|
|
@@ -119058,9 +119158,10 @@ static void whereLoopOutputAdjust(
|
|
|
){
|
|
|
WhereTerm *pTerm, *pX;
|
|
|
Bitmask notAllowed = ~(pLoop->prereq|pLoop->maskSelf);
|
|
|
- int i, j;
|
|
|
- int nEq = 0; /* Number of = constraints not within likely()/unlikely() */
|
|
|
+ int i, j, k;
|
|
|
+ LogEst iReduce = 0; /* pLoop->nOut should not exceed nRow-iReduce */
|
|
|
|
|
|
+ assert( (pLoop->wsFlags & WHERE_AUTO_INDEX)==0 );
|
|
|
for(i=pWC->nTerm, pTerm=pWC->a; i>0; i--, pTerm++){
|
|
|
if( (pTerm->wtFlags & TERM_VIRTUAL)!=0 ) break;
|
|
|
if( (pTerm->prereqAll & pLoop->maskSelf)==0 ) continue;
|
|
|
@@ -119073,20 +119174,26 @@ static void whereLoopOutputAdjust(
|
|
|
}
|
|
|
if( j<0 ){
|
|
|
if( pTerm->truthProb<=0 ){
|
|
|
+ /* If a truth probability is specified using the likelihood() hints,
|
|
|
+ ** then use the probability provided by the application. */
|
|
|
pLoop->nOut += pTerm->truthProb;
|
|
|
}else{
|
|
|
+ /* In the absence of explicit truth probabilities, use heuristics to
|
|
|
+ ** guess a reasonable truth probability. */
|
|
|
pLoop->nOut--;
|
|
|
- if( pTerm->eOperator&WO_EQ ) nEq++;
|
|
|
+ if( pTerm->eOperator&WO_EQ ){
|
|
|
+ Expr *pRight = pTerm->pExpr->pRight;
|
|
|
+ if( sqlite3ExprIsInteger(pRight, &k) && k>=(-1) && k<=1 ){
|
|
|
+ k = 10;
|
|
|
+ }else{
|
|
|
+ k = 20;
|
|
|
+ }
|
|
|
+ if( iReduce<k ) iReduce = k;
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- /* TUNING: If there is at least one equality constraint in the WHERE
|
|
|
- ** clause that does not have a likelihood() explicitly assigned to it
|
|
|
- ** then do not let the estimated number of output rows exceed half
|
|
|
- ** the number of rows in the table. */
|
|
|
- if( nEq && pLoop->nOut>nRow-10 ){
|
|
|
- pLoop->nOut = nRow - 10;
|
|
|
- }
|
|
|
+ if( pLoop->nOut > nRow-iReduce ) pLoop->nOut = nRow - iReduce;
|
|
|
}
|
|
|
|
|
|
/*
|
|
|
@@ -127016,13 +127123,20 @@ static int binCollFunc(
|
|
|
){
|
|
|
int rc, n;
|
|
|
n = nKey1<nKey2 ? nKey1 : nKey2;
|
|
|
+ /* EVIDENCE-OF: R-65033-28449 The built-in BINARY collation compares
|
|
|
+ ** strings byte by byte using the memcmp() function from the standard C
|
|
|
+ ** library. */
|
|
|
rc = memcmp(pKey1, pKey2, n);
|
|
|
if( rc==0 ){
|
|
|
if( padFlag
|
|
|
&& allSpaces(((char*)pKey1)+n, nKey1-n)
|
|
|
&& allSpaces(((char*)pKey2)+n, nKey2-n)
|
|
|
){
|
|
|
- /* Leave rc unchanged at 0 */
|
|
|
+ /* EVIDENCE-OF: R-31624-24737 RTRIM is like BINARY except that extra
|
|
|
+ ** spaces at the end of either string do not change the result. In other
|
|
|
+ ** words, strings will compare equal to one another as long as they
|
|
|
+ ** differ only in the number of spaces at the end.
|
|
|
+ */
|
|
|
}else{
|
|
|
rc = nKey1 - nKey2;
|
|
|
}
|
|
|
@@ -129023,14 +129137,21 @@ static int openDatabase(
|
|
|
/* Add the default collation sequence BINARY. BINARY works for both UTF-8
|
|
|
** and UTF-16, so add a version for each to avoid any unnecessary
|
|
|
** conversions. The only error that can occur here is a malloc() failure.
|
|
|
+ **
|
|
|
+ ** EVIDENCE-OF: R-52786-44878 SQLite defines three built-in collating
|
|
|
+ ** functions:
|
|
|
*/
|
|
|
createCollation(db, "BINARY", SQLITE_UTF8, 0, binCollFunc, 0);
|
|
|
createCollation(db, "BINARY", SQLITE_UTF16BE, 0, binCollFunc, 0);
|
|
|
createCollation(db, "BINARY", SQLITE_UTF16LE, 0, binCollFunc, 0);
|
|
|
+ createCollation(db, "NOCASE", SQLITE_UTF8, 0, nocaseCollatingFunc, 0);
|
|
|
createCollation(db, "RTRIM", SQLITE_UTF8, (void*)1, binCollFunc, 0);
|
|
|
if( db->mallocFailed ){
|
|
|
goto opendb_out;
|
|
|
}
|
|
|
+ /* EVIDENCE-OF: R-08308-17224 The default collating function for all
|
|
|
+ ** strings is BINARY.
|
|
|
+ */
|
|
|
db->pDfltColl = sqlite3FindCollSeq(db, SQLITE_UTF8, "BINARY", 0);
|
|
|
assert( db->pDfltColl!=0 );
|
|
|
|
mingodad