From 3de5d16cf7df698599136d4a6695c97dbb603c2d Mon Sep 17 00:00:00 2001 From: drh Date: Thu, 3 May 2018 03:59:02 +0000 Subject: [PATCH 1/6] The sqlite3BtreeInsert() routine tries to overwrite an existing cell with modified content if the new content is the same size. Pages are only dirtied if they change. This prototype works some, but still has issues. FossilOrigin-Name: 489451b378819621537231c1c8a07704437e11c1f5384fd53b09f3977d2213a4 --- manifest | 15 ++++++---- manifest.uuid | 2 +- src/btree.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 92 insertions(+), 7 deletions(-) diff --git a/manifest b/manifest index 866465edaf..734d14e6c0 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Prevent\sVACUUM\sfrom\srunning\sany\scommands\sin\ssqlite_master.sql\sother\sthan\nCREATE\sstatements.\s\sThat\sis\sall\sthat\sshould\sbe\sthere\sanyhow.\s\sThis\sfixes\na\sproblem\sdiscovered\sby\sOSSFuzz.\s\sTest\scases\sin\sTH3. -D 2018-05-02T15:00:26.033 +C The\ssqlite3BtreeInsert()\sroutine\stries\sto\soverwrite\san\sexisting\scell\swith\nmodified\scontent\sif\sthe\snew\scontent\sis\sthe\ssame\ssize.\s\sPages\sare\sonly\sdirtied\nif\sthey\schange.\s\sThis\sprototype\sworks\ssome,\sbut\sstill\shas\sissues. +D 2018-05-03T03:59:02.523 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in 5ce9343cba9c189046f1afe6d2bcc1f68079439febc05267b98aec6ecc752439 @@ -434,7 +434,7 @@ F src/auth.c 6277d63837357549fe14e723490d6dc1a38768d71c795c5eb5c0f8a99f918f73 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 -F src/btree.c fa7da0a5584e5182b92536bc4b7622a154a468997a075d5901345efb79a05ffe +F src/btree.c d1b1bd0602381cd668fefdc21bb376083d34a202c7f978ddd6cdfe8b576880fa F src/btree.h 0866c0a08255142ea0e754aabd211c843cab32045c978a592a43152405ed0c84 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96 F src/build.c 0c2be5839f22aa2938f217c6c6c2120d9fc96872a546a37541a8271541cb355e @@ -1727,7 +1727,10 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 0c67150749cb3d067e14b2dcac9c3489e0f14bd18c0387f1d9bc93d21fc96fe5 -R 05ae73916277803fcebbb023b759986c +P ab0d99d0b5edece4c639baa47ce1ca2c02774cb2515e5b7f36d9bd312ccd3310 +R d19653c30e874527a8180a99ea6a4aad +T *branch * cell-overwrite-prototype +T *sym-cell-overwrite-prototype * +T -sym-trunk * U drh -Z 0a57dfa0969cac36c6f9349555316be2 +Z 4db008fe8cce4e65f98c2fd1a101b30c diff --git a/manifest.uuid b/manifest.uuid index 1f86bdd5bb..44cef5c9c1 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -ab0d99d0b5edece4c639baa47ce1ca2c02774cb2515e5b7f36d9bd312ccd3310 \ No newline at end of file +489451b378819621537231c1c8a07704437e11c1f5384fd53b09f3977d2213a4 \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index 700138efca..0a8c172212 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8152,6 +8152,83 @@ static int balance(BtCursor *pCur){ return rc; } +/* Overwrite content from pX into pDest. Only do the write if the +** content is different from what is already there. +*/ +static int btreeOverwriteContent( + MemPage *pPage, /* MemPage on which writing will occur */ + u8 *pDest, /* Pointer to the place to start writing */ + const BtreePayload *pX, /* Source of data to write */ + int iOffset, /* Offset of first byte to write */ + int iAmt /* Number of bytes to be written */ +){ + int nData = pX->nData - iOffset; + if( nData<=0 ){ + /* Overwritting with zeros */ + int i; + for(i=0; ipDbPage); + if( rc ) return rc; + memset(pDest + i, 0, iAmt - i); + } + }else{ + if( nDatapData) + iOffset, iAmt)!=0 ){ + int rc = sqlite3PagerWrite(pPage->pDbPage); + if( rc ) return rc; + memcpy(pDest, ((u8*)pX->pData) + iOffset, iAmt); + } + } + return SQLITE_OK; +} + +/* +** Overwrite the cell that cursor pCur is pointing to with fresh content +** contained in pX. +*/ +static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ + int iOffset; /* Next byte of pX->pData to write */ + int nTotal = pX->nData + pX->nZero; /* Total bytes of to write */ + int rc; /* Return code */ + MemPage *pPage = pCur->pPage; /* Page being written */ + BtShared *pBt; /* Btree */ + Pgno ovflPgno; /* Next overflow page to write */ + u32 ovflPageSize; /* Size to write on overflow page */ + + /* Overwrite the local portion first */ + rc = btreeOverwriteContent(pPage, pCur->info.pPayload, pX, + 0, pCur->info.nLocal); + if( rc ) return rc; + if( pCur->info.nLocal==nTotal ) return SQLITE_OK; + + /* Now overwrite the overflow pages */ + iOffset = pCur->info.nLocal; + ovflPgno = get4byte(pCur->info.pPayload + iOffset); + pBt = pPage->pBt; + ovflPageSize = pBt->usableSize - 4; + do{ + rc = btreeGetPage(pBt, ovflPgno, &pPage, 0); + if( rc ) return rc; + if( iOffset+ovflPageSize>nTotal ){ + ovflPgno = get4byte(pPage->aData + ovflPageSize); + }else{ + ovflPageSize = nTotal - iOffset; + } + rc = btreeOverwriteContent(pPage, pPage->aData, pX, + iOffset, ovflPageSize); + if( rc ) return rc; + iOffset += ovflPageSize; + sqlite3PagerUnref(pPage->pDbPage); + }while( iOffsetcurFlags&BTCF_ValidNKey)!=0 && pX->nKey==pCur->info.nKey ){ + /* The current is currently pointing to the entry that is to be + ** overwritten */ + if( pCur->info.nPayload==pX->nData+pX->nZero ){ + return btreeOverwriteCell(pCur, pX); + } loc = 0; }else if( loc==0 ){ rc = sqlite3BtreeMovetoUnpacked(pCur, 0, pX->nKey, flags!=0, &loc); From 9b03192e15b45ac1d448b958be6d35d1ea9cf9ff Mon Sep 17 00:00:00 2001 From: drh Date: Thu, 3 May 2018 12:57:48 +0000 Subject: [PATCH 2/6] Bug fixes in the overwrite optimization. FossilOrigin-Name: 0cb6cd2a6a596afaa1cca6c5f5abc2ea75d04f254c7debaf36ecd6a90b66aed6 --- manifest | 15 ++++++--------- manifest.uuid | 2 +- src/btree.c | 6 +++--- 3 files changed, 10 insertions(+), 13 deletions(-) diff --git a/manifest b/manifest index 734d14e6c0..210a679733 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C The\ssqlite3BtreeInsert()\sroutine\stries\sto\soverwrite\san\sexisting\scell\swith\nmodified\scontent\sif\sthe\snew\scontent\sis\sthe\ssame\ssize.\s\sPages\sare\sonly\sdirtied\nif\sthey\schange.\s\sThis\sprototype\sworks\ssome,\sbut\sstill\shas\sissues. -D 2018-05-03T03:59:02.523 +C Bug\sfixes\sin\sthe\soverwrite\soptimization. +D 2018-05-03T12:57:48.671 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in 5ce9343cba9c189046f1afe6d2bcc1f68079439febc05267b98aec6ecc752439 @@ -434,7 +434,7 @@ F src/auth.c 6277d63837357549fe14e723490d6dc1a38768d71c795c5eb5c0f8a99f918f73 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 -F src/btree.c d1b1bd0602381cd668fefdc21bb376083d34a202c7f978ddd6cdfe8b576880fa +F src/btree.c 7216dac5e870868de7429e71727fb87cca8057fd01814c18df2e59a5d00d20d5 F src/btree.h 0866c0a08255142ea0e754aabd211c843cab32045c978a592a43152405ed0c84 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96 F src/build.c 0c2be5839f22aa2938f217c6c6c2120d9fc96872a546a37541a8271541cb355e @@ -1727,10 +1727,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P ab0d99d0b5edece4c639baa47ce1ca2c02774cb2515e5b7f36d9bd312ccd3310 -R d19653c30e874527a8180a99ea6a4aad -T *branch * cell-overwrite-prototype -T *sym-cell-overwrite-prototype * -T -sym-trunk * +P 489451b378819621537231c1c8a07704437e11c1f5384fd53b09f3977d2213a4 +R b89660c58e0d48e704d46836e0da0214 U drh -Z 4db008fe8cce4e65f98c2fd1a101b30c +Z 41261a1ee8ebfd1f0c3b6e3f166f7f4d diff --git a/manifest.uuid b/manifest.uuid index 44cef5c9c1..88b683be02 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -489451b378819621537231c1c8a07704437e11c1f5384fd53b09f3977d2213a4 \ No newline at end of file +0cb6cd2a6a596afaa1cca6c5f5abc2ea75d04f254c7debaf36ecd6a90b66aed6 \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index 0a8c172212..e920d89026 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8215,12 +8215,12 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ do{ rc = btreeGetPage(pBt, ovflPgno, &pPage, 0); if( rc ) return rc; - if( iOffset+ovflPageSize>nTotal ){ - ovflPgno = get4byte(pPage->aData + ovflPageSize); + if( iOffset+ovflPageSizeaData); }else{ ovflPageSize = nTotal - iOffset; } - rc = btreeOverwriteContent(pPage, pPage->aData, pX, + rc = btreeOverwriteContent(pPage, pPage->aData+4, pX, iOffset, ovflPageSize); if( rc ) return rc; iOffset += ovflPageSize; From 4f84e9c7e24ceddc645e19491b35d64ec47974f8 Mon Sep 17 00:00:00 2001 From: drh Date: Thu, 3 May 2018 13:56:23 +0000 Subject: [PATCH 3/6] Add more corruption checking to the cell overwrite logic. FossilOrigin-Name: 58d14afe1e1288d114ea213458b3121e0a95670887861928858b7f143c76f789 --- manifest | 12 ++++++------ manifest.uuid | 2 +- src/btree.c | 6 ++++++ 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/manifest b/manifest index 210a679733..709d2da340 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Bug\sfixes\sin\sthe\soverwrite\soptimization. -D 2018-05-03T12:57:48.671 +C Add\smore\scorruption\schecking\sto\sthe\scell\soverwrite\slogic. +D 2018-05-03T13:56:23.121 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in 5ce9343cba9c189046f1afe6d2bcc1f68079439febc05267b98aec6ecc752439 @@ -434,7 +434,7 @@ F src/auth.c 6277d63837357549fe14e723490d6dc1a38768d71c795c5eb5c0f8a99f918f73 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 -F src/btree.c 7216dac5e870868de7429e71727fb87cca8057fd01814c18df2e59a5d00d20d5 +F src/btree.c ffaf0f6524095774527460de0ffe362fb463fed2ceecf79acbd93ad517a6f26d F src/btree.h 0866c0a08255142ea0e754aabd211c843cab32045c978a592a43152405ed0c84 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96 F src/build.c 0c2be5839f22aa2938f217c6c6c2120d9fc96872a546a37541a8271541cb355e @@ -1727,7 +1727,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 489451b378819621537231c1c8a07704437e11c1f5384fd53b09f3977d2213a4 -R b89660c58e0d48e704d46836e0da0214 +P 0cb6cd2a6a596afaa1cca6c5f5abc2ea75d04f254c7debaf36ecd6a90b66aed6 +R 8c38a5f8c55025ab9be63aa068eb2853 U drh -Z 41261a1ee8ebfd1f0c3b6e3f166f7f4d +Z 78d645c2f5a7df7e355a3c554b462bfa diff --git a/manifest.uuid b/manifest.uuid index 88b683be02..c5cf856b0a 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -0cb6cd2a6a596afaa1cca6c5f5abc2ea75d04f254c7debaf36ecd6a90b66aed6 \ No newline at end of file +58d14afe1e1288d114ea213458b3121e0a95670887861928858b7f143c76f789 \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index e920d89026..041c88c763 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8201,6 +8201,9 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ Pgno ovflPgno; /* Next overflow page to write */ u32 ovflPageSize; /* Size to write on overflow page */ + if( pCur->info.pPayload + pCur->info.nLocal > pPage->aDataEnd ){ + return SQLITE_CORRUPT_BKPT; + } /* Overwrite the local portion first */ rc = btreeOverwriteContent(pPage, pCur->info.pPayload, pX, 0, pCur->info.nLocal); @@ -8215,6 +8218,9 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ do{ rc = btreeGetPage(pBt, ovflPgno, &pPage, 0); if( rc ) return rc; + if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 ){ + return SQLITE_CORRUPT_BKPT; + } if( iOffset+ovflPageSizeaData); }else{ From da65fc6e329324f0c50165d48c232def3d44140b Mon Sep 17 00:00:00 2001 From: drh Date: Thu, 3 May 2018 14:07:18 +0000 Subject: [PATCH 4/6] The BtCursor.info fields are only valid if info.nSize!=0. FossilOrigin-Name: 54c537eead5b08104cfaf0d5b1e2706e53d6f74be2ca02e06229024fd889fc94 --- manifest | 12 ++++++------ manifest.uuid | 2 +- src/btree.c | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifest b/manifest index 709d2da340..fb7c6552f6 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Add\smore\scorruption\schecking\sto\sthe\scell\soverwrite\slogic. -D 2018-05-03T13:56:23.121 +C The\sBtCursor.info\sfields\sare\sonly\svalid\sif\sinfo.nSize!=0. +D 2018-05-03T14:07:18.080 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in 5ce9343cba9c189046f1afe6d2bcc1f68079439febc05267b98aec6ecc752439 @@ -434,7 +434,7 @@ F src/auth.c 6277d63837357549fe14e723490d6dc1a38768d71c795c5eb5c0f8a99f918f73 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 -F src/btree.c ffaf0f6524095774527460de0ffe362fb463fed2ceecf79acbd93ad517a6f26d +F src/btree.c edb3c69a73cf7c0286dbe040b0ea7069e606e54fd1ee60bbe1e63e56fba0e2b7 F src/btree.h 0866c0a08255142ea0e754aabd211c843cab32045c978a592a43152405ed0c84 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96 F src/build.c 0c2be5839f22aa2938f217c6c6c2120d9fc96872a546a37541a8271541cb355e @@ -1727,7 +1727,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 0cb6cd2a6a596afaa1cca6c5f5abc2ea75d04f254c7debaf36ecd6a90b66aed6 -R 8c38a5f8c55025ab9be63aa068eb2853 +P 58d14afe1e1288d114ea213458b3121e0a95670887861928858b7f143c76f789 +R b073d403d1ba3bd03f4d3e8e8927a6d3 U drh -Z 78d645c2f5a7df7e355a3c554b462bfa +Z e6a7ba3bea7a5cce16673df821a14231 diff --git a/manifest.uuid b/manifest.uuid index c5cf856b0a..6323573dea 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -58d14afe1e1288d114ea213458b3121e0a95670887861928858b7f143c76f789 \ No newline at end of file +54c537eead5b08104cfaf0d5b1e2706e53d6f74be2ca02e06229024fd889fc94 \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index 041c88c763..3811c59de7 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8335,7 +8335,7 @@ int sqlite3BtreeInsert( if( (pCur->curFlags&BTCF_ValidNKey)!=0 && pX->nKey==pCur->info.nKey ){ /* The current is currently pointing to the entry that is to be ** overwritten */ - if( pCur->info.nPayload==pX->nData+pX->nZero ){ + if( pCur->info.nSize!=0 && pCur->info.nPayload==pX->nData+pX->nZero ){ return btreeOverwriteCell(pCur, pX); } loc = 0; From d5aa9262a68b04ec0874cd6659dff85e023f30dc Mon Sep 17 00:00:00 2001 From: drh Date: Thu, 3 May 2018 16:56:06 +0000 Subject: [PATCH 5/6] Fix various error handling conditions on the cell overwrite optimization. Fix a test case so that it works with the new optimization. FossilOrigin-Name: f89b54f41405ed7e28132f66b8a0c690a087c2412c8f55790c2beabb0b521645 --- manifest | 14 +++++++------- manifest.uuid | 2 +- src/btree.c | 21 ++++++++++++--------- test/pager1.test | 2 +- 4 files changed, 21 insertions(+), 18 deletions(-) diff --git a/manifest b/manifest index fb7c6552f6..481534c358 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C The\sBtCursor.info\sfields\sare\sonly\svalid\sif\sinfo.nSize!=0. -D 2018-05-03T14:07:18.080 +C Fix\svarious\serror\shandling\sconditions\son\sthe\scell\soverwrite\soptimization.\nFix\sa\stest\scase\sso\sthat\sit\sworks\swith\sthe\snew\soptimization. +D 2018-05-03T16:56:06.556 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in 5ce9343cba9c189046f1afe6d2bcc1f68079439febc05267b98aec6ecc752439 @@ -434,7 +434,7 @@ F src/auth.c 6277d63837357549fe14e723490d6dc1a38768d71c795c5eb5c0f8a99f918f73 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 -F src/btree.c edb3c69a73cf7c0286dbe040b0ea7069e606e54fd1ee60bbe1e63e56fba0e2b7 +F src/btree.c 8faf9ebbecb98f05d75f203fdb2421e47a60f1edef3192af8fc7691cb979895c F src/btree.h 0866c0a08255142ea0e754aabd211c843cab32045c978a592a43152405ed0c84 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96 F src/build.c 0c2be5839f22aa2938f217c6c6c2120d9fc96872a546a37541a8271541cb355e @@ -1131,7 +1131,7 @@ F test/oserror.test b32dc34f2363ef18532e3a0a7358e3e7e321974f F test/ossfuzz.c c4c4547e2c92ac52f10038b073a03248251a23c1c559728f63a18aeca0e79f03 F test/ossshell.c f125c5bd16e537a2549aa579b328dd1c59905e7ab1338dfc210e755bb7b69f17 F test/ovfl.test 199c482696defceacee8c8e0e0ef36da62726b2f -F test/pager1.test f596d3bd53ce96e1d87d44d223d2ae6c8867dd782c425e5eb28b5721fa6aaa97 +F test/pager1.test a32ce299ed01ffb06e84a3af467ae1f3389786b316f40c4359f442c79144736b F test/pager2.test 67b8f40ae98112bcdba1f2b2d03ea83266418c71 F test/pager3.test 4e9a83d6ca0838d7c602c9eb93d1357562d9059c1e02ffb138a8271020838370 F test/pager4.test a122e9e6925d5b23b31e3dfef8c6a44bbf19590e @@ -1727,7 +1727,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 58d14afe1e1288d114ea213458b3121e0a95670887861928858b7f143c76f789 -R b073d403d1ba3bd03f4d3e8e8927a6d3 +P 54c537eead5b08104cfaf0d5b1e2706e53d6f74be2ca02e06229024fd889fc94 +R e3474d8063bbcdfd90a9f2049be513c8 U drh -Z e6a7ba3bea7a5cce16673df821a14231 +Z a88b0406803dcfd2b3d768953d03cd3c diff --git a/manifest.uuid b/manifest.uuid index 6323573dea..2ad022bdcb 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -54c537eead5b08104cfaf0d5b1e2706e53d6f74be2ca02e06229024fd889fc94 \ No newline at end of file +f89b54f41405ed7e28132f66b8a0c690a087c2412c8f55790c2beabb0b521645 \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index 3811c59de7..9dc91fe982 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8176,7 +8176,9 @@ static int btreeOverwriteContent( if( nDatapData) + iOffset, iAmt)!=0 ){ @@ -8219,18 +8221,19 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ rc = btreeGetPage(pBt, ovflPgno, &pPage, 0); if( rc ) return rc; if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 ){ - return SQLITE_CORRUPT_BKPT; - } - if( iOffset+ovflPageSizeaData); + rc = SQLITE_CORRUPT_BKPT; }else{ - ovflPageSize = nTotal - iOffset; + if( iOffset+ovflPageSizeaData); + }else{ + ovflPageSize = nTotal - iOffset; + } + rc = btreeOverwriteContent(pPage, pPage->aData+4, pX, + iOffset, ovflPageSize); } - rc = btreeOverwriteContent(pPage, pPage->aData+4, pX, - iOffset, ovflPageSize); + sqlite3PagerUnref(pPage->pDbPage); if( rc ) return rc; iOffset += ovflPageSize; - sqlite3PagerUnref(pPage->pDbPage); }while( iOffset 15000 } {1} From 30f7a25325ee6d779bd91f66db1dd936f17e7c2b Mon Sep 17 00:00:00 2001 From: drh Date: Mon, 7 May 2018 11:29:59 +0000 Subject: [PATCH 6/6] Fix harmless compiler warnings in the cell-overwrite logic. FossilOrigin-Name: 3e11dc3183bc3e8ec49af244a8e8b3e07d12f7a2e59028b2bf64ce0ab589a91f --- manifest | 12 ++++++------ manifest.uuid | 2 +- src/btree.c | 9 +++++++-- 3 files changed, 14 insertions(+), 9 deletions(-) diff --git a/manifest b/manifest index a19a336799..363640929f 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Merge\senhancements\sfrom\strunk. -D 2018-05-04T19:18:27.186 +C Fix\sharmless\scompiler\swarnings\sin\sthe\scell-overwrite\slogic. +D 2018-05-07T11:29:59.385 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in 5ce9343cba9c189046f1afe6d2bcc1f68079439febc05267b98aec6ecc752439 @@ -434,7 +434,7 @@ F src/auth.c 6277d63837357549fe14e723490d6dc1a38768d71c795c5eb5c0f8a99f918f73 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 -F src/btree.c 8faf9ebbecb98f05d75f203fdb2421e47a60f1edef3192af8fc7691cb979895c +F src/btree.c b4ca692c0c557bba653412a0c3347f0e5c140e759f0d8349383b7de7281ad99e F src/btree.h 0866c0a08255142ea0e754aabd211c843cab32045c978a592a43152405ed0c84 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96 F src/build.c 0c2be5839f22aa2938f217c6c6c2120d9fc96872a546a37541a8271541cb355e @@ -1727,7 +1727,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P f89b54f41405ed7e28132f66b8a0c690a087c2412c8f55790c2beabb0b521645 7fdad122a21e4b01bd678198fd5131dc32febe3af366bd6368505398255f9822 -R df1e682f55c594c022a81ad6cca73208 +P 9650f71b82ca1b3759e776bbd8a2e8ca61c51f80038e37c9c9a675a8c13b0b06 +R 0f12e4904e55641cfcfe9534f6ff08d6 U drh -Z 23057790a24d7f2fdd5e77d4df41fcee +Z eb245c54fb26ccb37327155d2c7d476e diff --git a/manifest.uuid b/manifest.uuid index da787b2962..adb6239ec1 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -9650f71b82ca1b3759e776bbd8a2e8ca61c51f80038e37c9c9a675a8c13b0b06 \ No newline at end of file +3e11dc3183bc3e8ec49af244a8e8b3e07d12f7a2e59028b2bf64ce0ab589a91f \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index 9dc91fe982..6dcd435325 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8214,6 +8214,8 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ /* Now overwrite the overflow pages */ iOffset = pCur->info.nLocal; + assert( nTotal>=0 ); + assert( iOffset>=0 ); ovflPgno = get4byte(pCur->info.pPayload + iOffset); pBt = pPage->pBt; ovflPageSize = pBt->usableSize - 4; @@ -8223,7 +8225,7 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){ if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 ){ rc = SQLITE_CORRUPT_BKPT; }else{ - if( iOffset+ovflPageSizeaData); }else{ ovflPageSize = nTotal - iOffset; @@ -8338,7 +8340,10 @@ int sqlite3BtreeInsert( if( (pCur->curFlags&BTCF_ValidNKey)!=0 && pX->nKey==pCur->info.nKey ){ /* The current is currently pointing to the entry that is to be ** overwritten */ - if( pCur->info.nSize!=0 && pCur->info.nPayload==pX->nData+pX->nZero ){ + assert( pX->nData>=0 && pX->nZero>=0 ); + if( pCur->info.nSize!=0 + && pCur->info.nPayload==(u32)pX->nData+pX->nZero + ){ return btreeOverwriteCell(pCur, pX); } loc = 0;