/ Check-in [972881c6]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Refactor the OP_Column opcode to make it clearer and easier to maintain. Overall, performance tests show about a 1% speed increase with this change.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 972881c6d394c199961f01dcbeb4a6e8b5c919a1
User & Date: drh 2013-11-21 01:33:45
References
2015-09-09
12:34 New ticket [acd12990] CREATE TABLE AS fails with a false report of database corruption. artifact: 16828871 user: drh
Context
2013-11-21
03:12
Performance optimization to the OP_Next and OP_Prev opcodes. check-in: ecaac28a user: drh tags: trunk
01:33
Refactor the OP_Column opcode to make it clearer and easier to maintain. Overall, performance tests show about a 1% speed increase with this change. check-in: 972881c6 user: drh tags: trunk
01:04
Reduce the size of VdbeCursor again, this time without a performance hit. Closed-Leaf check-in: 93393993 user: drh tags: OP_Column-refactor
2013-11-20
02:53
Simplifications to the VdbeCursor object. check-in: 5562cd34 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/vdbe.c.

   208    208     ** cursor 1 is managed by memory cell (p->nMem-1), etc.
   209    209     */
   210    210     Mem *pMem = &p->aMem[p->nMem-iCur];
   211    211   
   212    212     int nByte;
   213    213     VdbeCursor *pCx = 0;
   214    214     nByte = 
   215         -      ROUND8(sizeof(VdbeCursor)) + 
   216         -      (isBtreeCursor?sqlite3BtreeCursorSize():0) + 
   217         -      2*nField*sizeof(u32);
          215  +      ROUND8(sizeof(VdbeCursor)) + 2*sizeof(u32)*nField + 
          216  +      (isBtreeCursor?sqlite3BtreeCursorSize():0);
   218    217   
   219    218     assert( iCur<p->nCursor );
   220    219     if( p->apCsr[iCur] ){
   221    220       sqlite3VdbeFreeCursor(p, p->apCsr[iCur]);
   222    221       p->apCsr[iCur] = 0;
   223    222     }
   224    223     if( SQLITE_OK==sqlite3VdbeMemGrow(pMem, nByte, 0) ){
   225    224       p->apCsr[iCur] = pCx = (VdbeCursor*)pMem->z;
   226    225       memset(pCx, 0, sizeof(VdbeCursor));
   227    226       pCx->iDb = iDb;
   228    227       pCx->nField = nField;
   229         -    if( nField ){
   230         -      pCx->aType = (u32 *)&pMem->z[ROUND8(sizeof(VdbeCursor))];
   231         -    }
   232    228       if( isBtreeCursor ){
   233    229         pCx->pCursor = (BtCursor*)
   234         -          &pMem->z[ROUND8(sizeof(VdbeCursor))+2*nField*sizeof(u32)];
          230  +          &pMem->z[ROUND8(sizeof(VdbeCursor))+2*sizeof(u32)*nField];
   235    231         sqlite3BtreeCursorZero(pCx->pCursor);
   236    232       }
   237    233     }
   238    234     return pCx;
   239    235   }
   240    236   
   241    237   /*
................................................................................
  2249   2245   **
  2250   2246   ** If the OPFLAG_LENGTHARG and OPFLAG_TYPEOFARG bits are set on P5 when
  2251   2247   ** the result is guaranteed to only be used as the argument of a length()
  2252   2248   ** or typeof() function, respectively.  The loading of large blobs can be
  2253   2249   ** skipped for length() and all content loading can be skipped for typeof().
  2254   2250   */
  2255   2251   case OP_Column: {
  2256         -  u32 payloadSize;   /* Number of bytes in the record */
  2257   2252     i64 payloadSize64; /* Number of bytes in the record */
  2258         -  int p1;            /* P1 value of the opcode */
  2259   2253     int p2;            /* column number to retrieve */
  2260   2254     VdbeCursor *pC;    /* The VDBE cursor */
  2261         -  char *zRec;        /* Pointer to complete record-data */
  2262   2255     BtCursor *pCrsr;   /* The BTree cursor */
  2263   2256     u32 *aType;        /* aType[i] holds the numeric type of the i-th column */
  2264   2257     u32 *aOffset;      /* aOffset[i] is offset to start of data for i-th column */
  2265         -  int nField;        /* number of fields in the record */
  2266   2258     int len;           /* The length of the serialized data for the column */
  2267   2259     int i;             /* Loop counter */
  2268         -  char *zData;       /* Part of the record being decoded */
  2269   2260     Mem *pDest;        /* Where to write the extracted value */
  2270   2261     Mem sMem;          /* For storing the record being decoded */
  2271         -  u8 *zIdx;          /* Index into header */
  2272         -  u8 *zEndHdr;       /* Pointer to first byte after the header */
         2262  +  const u8 *zData;   /* Part of the record being decoded */
         2263  +  const u8 *zHdr;    /* Next unparsed byte of the header */
         2264  +  const u8 *zEndHdr; /* Pointer to first byte after the header */
  2273   2265     u32 offset;        /* Offset into the data */
  2274   2266     u32 szField;       /* Number of bytes in the content of a field */
  2275         -  int szHdr;         /* Size of the header size field at start of record */
  2276   2267     int avail;         /* Number of bytes of available data */
  2277   2268     u32 t;             /* A type code from the record header */
  2278   2269     Mem *pReg;         /* PseudoTable input register */
  2279   2270   
  2280         -
  2281         -  p1 = pOp->p1;
  2282   2271     p2 = pOp->p2;
  2283         -  pC = 0;
  2284         -  memset(&sMem, 0, sizeof(sMem));
  2285         -  assert( p1<p->nCursor );
  2286   2272     assert( pOp->p3>0 && pOp->p3<=(p->nMem-p->nCursor) );
  2287   2273     pDest = &aMem[pOp->p3];
  2288   2274     memAboutToChange(p, pDest);
  2289         -  zRec = 0;
  2290         -
  2291         -  /* This block sets the variable payloadSize to be the total number of
  2292         -  ** bytes in the record.
  2293         -  **
  2294         -  ** zRec is set to be the complete text of the record if it is available.
  2295         -  ** The complete record text is always available for pseudo-tables
  2296         -  ** If the record is stored in a cursor, the complete record text
  2297         -  ** might be available in the  pC->aRow cache.  Or it might not be.
  2298         -  ** If the data is unavailable,  zRec is set to NULL.
  2299         -  **
  2300         -  ** We also compute the number of columns in the record.  For cursors,
  2301         -  ** the number of columns is stored in the VdbeCursor.nField element.
  2302         -  */
  2303         -  pC = p->apCsr[p1];
         2275  +  assert( pOp->p1>=0 && pOp->p1<p->nCursor );
         2276  +  pC = p->apCsr[pOp->p1];
  2304   2277     assert( pC!=0 );
         2278  +  assert( p2<pC->nField );
         2279  +  aType = pC->aType;
         2280  +  aOffset = aType + pC->nField;
  2305   2281   #ifndef SQLITE_OMIT_VIRTUALTABLE
  2306         -  assert( pC->pVtabCursor==0 );
         2282  +  assert( pC->pVtabCursor==0 ); /* OP_Column never called on virtual table */
  2307   2283   #endif
  2308   2284     pCrsr = pC->pCursor;
  2309         -  if( pCrsr!=0 ){
  2310         -    /* The record is stored in a B-Tree */
  2311         -    rc = sqlite3VdbeCursorMoveto(pC);
  2312         -    if( rc ) goto abort_due_to_error;
         2285  +  assert( pCrsr!=0 || pC->pseudoTableReg>0 ); /* pCrsr NULL on PseudoTables */
         2286  +  assert( pCrsr!=0 || pC->nullRow );          /* pC->nullRow on PseudoTables */
         2287  +
         2288  +  /* If the cursor cache is stale, bring it up-to-date */
         2289  +  rc = sqlite3VdbeCursorMoveto(pC);
         2290  +  if( rc ) goto abort_due_to_error;
         2291  +  if( pC->cacheStatus!=p->cacheCtr || (pOp->p5&OPFLAG_CLEARCACHE)!=0 ){
  2313   2292       if( pC->nullRow ){
  2314         -      payloadSize = 0;
  2315         -    }else if( pC->cacheStatus==p->cacheCtr ){
  2316         -      payloadSize = pC->payloadSize;
  2317         -      zRec = (char*)pC->aRow;
  2318         -    }else if( pC->isIndex ){
  2319         -      assert( sqlite3BtreeCursorIsValid(pCrsr) );
  2320         -      VVA_ONLY(rc =) sqlite3BtreeKeySize(pCrsr, &payloadSize64);
  2321         -      assert( rc==SQLITE_OK );   /* True because of CursorMoveto() call above */
  2322         -      /* sqlite3BtreeParseCellPtr() uses getVarint32() to extract the
  2323         -      ** payload size, so it is impossible for payloadSize64 to be
  2324         -      ** larger than 32 bits. */
  2325         -      assert( (payloadSize64 & SQLITE_MAX_U32)==(u64)payloadSize64 );
  2326         -      payloadSize = (u32)payloadSize64;
  2327         -    }else{
  2328         -      assert( sqlite3BtreeCursorIsValid(pCrsr) );
  2329         -      VVA_ONLY(rc =) sqlite3BtreeDataSize(pCrsr, &payloadSize);
  2330         -      assert( rc==SQLITE_OK );   /* DataSize() cannot fail */
  2331         -    }
  2332         -  }else{
  2333         -    assert( pC->pseudoTableReg>0 );
  2334         -    pReg = &aMem[pC->pseudoTableReg];
  2335         -    if( pC->multiPseudo ){
  2336         -      sqlite3VdbeMemShallowCopy(pDest, pReg+p2, MEM_Ephem);
  2337         -      Deephemeralize(pDest);
  2338         -      goto op_column_out;
  2339         -    }
  2340         -    assert( pReg->flags & MEM_Blob );
  2341         -    assert( memIsValid(pReg) );
  2342         -    payloadSize = pReg->n;
  2343         -    zRec = pReg->z;
  2344         -    pC->cacheStatus = (pOp->p5&OPFLAG_CLEARCACHE) ? CACHE_STALE : p->cacheCtr;
  2345         -    assert( payloadSize==0 || zRec!=0 );
  2346         -  }
  2347         -
  2348         -  /* If payloadSize is 0, then just store a NULL.  This can happen because of
  2349         -  ** nullRow or because of a corrupt database. */
  2350         -  if( payloadSize==0 ){
  2351         -    MemSetTypeFlag(pDest, MEM_Null);
  2352         -    goto op_column_out;
  2353         -  }
  2354         -  assert( db->aLimit[SQLITE_LIMIT_LENGTH]>=0 );
  2355         -  if( payloadSize > (u32)db->aLimit[SQLITE_LIMIT_LENGTH] ){
  2356         -    goto too_big;
  2357         -  }
  2358         -
  2359         -  nField = pC->nField;
  2360         -  assert( p2<nField );
  2361         -
  2362         -  /* Read and parse the table header.  Store the results of the parse
  2363         -  ** into the record header cache fields of the cursor.
  2364         -  */
  2365         -  aType = pC->aType;
  2366         -  if( pC->cacheStatus==p->cacheCtr ){
  2367         -    aOffset = pC->aOffset;
  2368         -  }else{
  2369         -    assert(aType);
  2370         -    avail = 0;
  2371         -    pC->aOffset = aOffset = &aType[nField];
  2372         -    pC->payloadSize = payloadSize;
         2293  +      if( pCrsr==0 ){
         2294  +        assert( pC->pseudoTableReg>0 );
         2295  +        pReg = &aMem[pC->pseudoTableReg];
         2296  +        if( pC->multiPseudo ){
         2297  +          sqlite3VdbeMemShallowCopy(pDest, pReg+p2, MEM_Ephem);
         2298  +          Deephemeralize(pDest);
         2299  +          goto op_column_out;
         2300  +        }
         2301  +        assert( pReg->flags & MEM_Blob );
         2302  +        assert( memIsValid(pReg) );
         2303  +        pC->payloadSize = pC->szRow = avail = pReg->n;
         2304  +        pC->aRow = (u8*)pReg->z;
         2305  +      }else{
         2306  +        MemSetTypeFlag(pDest, MEM_Null);
         2307  +        goto op_column_out;
         2308  +      }
         2309  +    }else{
         2310  +      assert( pCrsr );
         2311  +      if( pC->isTable==0 ){
         2312  +        assert( sqlite3BtreeCursorIsValid(pCrsr) );
         2313  +        VVA_ONLY(rc =) sqlite3BtreeKeySize(pCrsr, &payloadSize64);
         2314  +        assert( rc==SQLITE_OK ); /* True because of CursorMoveto() call above */
         2315  +        /* sqlite3BtreeParseCellPtr() uses getVarint32() to extract the
         2316  +        ** payload size, so it is impossible for payloadSize64 to be
         2317  +        ** larger than 32 bits. */
         2318  +        assert( (payloadSize64 & SQLITE_MAX_U32)==(u64)payloadSize64 );
         2319  +        pC->aRow = sqlite3BtreeKeyFetch(pCrsr, &avail);
         2320  +        pC->payloadSize = (u32)payloadSize64;
         2321  +      }else{
         2322  +        assert( sqlite3BtreeCursorIsValid(pCrsr) );
         2323  +        VVA_ONLY(rc =) sqlite3BtreeDataSize(pCrsr, &pC->payloadSize);
         2324  +        assert( rc==SQLITE_OK );   /* DataSize() cannot fail */
         2325  +        pC->aRow = sqlite3BtreeDataFetch(pCrsr, &avail);
         2326  +      }
         2327  +      assert( avail<=65536 );  /* Maximum page size is 64KiB */
         2328  +      if( pC->payloadSize <= (u32)avail ){
         2329  +        pC->szRow = pC->payloadSize;
         2330  +      }else{
         2331  +        pC->szRow = avail;
         2332  +      }
         2333  +      if( pC->payloadSize > (u32)db->aLimit[SQLITE_LIMIT_LENGTH] ){
         2334  +        goto too_big;
         2335  +      }
         2336  +    }
  2373   2337       pC->cacheStatus = p->cacheCtr;
  2374         -
  2375         -    /* Figure out how many bytes are in the header */
  2376         -    if( zRec ){
  2377         -      zData = zRec;
  2378         -    }else{
  2379         -      if( pC->isIndex ){
  2380         -        zData = (char*)sqlite3BtreeKeyFetch(pCrsr, &avail);
  2381         -      }else{
  2382         -        zData = (char*)sqlite3BtreeDataFetch(pCrsr, &avail);
  2383         -      }
  2384         -      /* If KeyFetch()/DataFetch() managed to get the entire payload,
  2385         -      ** save the payload in the pC->aRow cache.  That will save us from
  2386         -      ** having to make additional calls to fetch the content portion of
  2387         -      ** the record.
  2388         -      */
  2389         -      assert( avail>=0 );
  2390         -      if( payloadSize <= (u32)avail ){
  2391         -        zRec = zData;
  2392         -        pC->aRow = (u8*)zData;
  2393         -      }else{
  2394         -        pC->aRow = 0;
  2395         -      }
         2338  +    pC->iHdrOffset = getVarint32(pC->aRow, offset);
         2339  +    pC->nHdrParsed = 0;
         2340  +    aOffset[0] = offset;
         2341  +    if( avail<offset ){
         2342  +      /* pC->aRow does not have to hold the entire row, but it does at least
         2343  +      ** need to cover the header of the record.  If pC->aRow does not contain
         2344  +      ** the complete header, then set it to zero, forcing the header to be
         2345  +      ** dynamically allocated. */
         2346  +      pC->aRow = 0;
         2347  +      pC->szRow = 0;
  2396   2348       }
  2397         -    /* The following assert is true in all cases except when
  2398         -    ** the database file has been corrupted externally.
  2399         -    **    assert( zRec!=0 || avail>=payloadSize || avail>=9 ); */
  2400         -    szHdr = getVarint32((u8*)zData, offset);
  2401   2349   
  2402   2350       /* Make sure a corrupt database has not given us an oversize header.
  2403   2351       ** Do this now to avoid an oversize memory allocation.
  2404   2352       **
  2405   2353       ** Type entries can be between 1 and 5 bytes each.  But 4 and 5 byte
  2406   2354       ** types use so much data space that there can only be 4096 and 32 of
  2407   2355       ** them, respectively.  So the maximum header length results from a
  2408   2356       ** 3-byte type for each of the maximum of 32768 columns plus three
  2409   2357       ** extra bytes for the header length itself.  32768*3 + 3 = 98307.
  2410   2358       */
  2411         -    if( offset > 98307 ){
         2359  +    if( offset > 98307 || offset > pC->payloadSize ){
  2412   2360         rc = SQLITE_CORRUPT_BKPT;
  2413         -      goto op_column_out;
         2361  +      goto op_column_error;
  2414   2362       }
         2363  +  }
  2415   2364   
  2416         -    /* Compute in len the number of bytes of data we need to read in order
  2417         -    ** to get nField type values.  offset is an upper bound on this.  But
  2418         -    ** nField might be significantly less than the true number of columns
  2419         -    ** in the table, and in that case, 5*nField+3 might be smaller than offset.
  2420         -    ** We want to minimize len in order to limit the size of the memory
  2421         -    ** allocation, especially if a corrupt database file has caused offset
  2422         -    ** to be oversized. Offset is limited to 98307 above.  But 98307 might
  2423         -    ** still exceed Robson memory allocation limits on some configurations.
  2424         -    ** On systems that cannot tolerate large memory allocations, nField*5+3
  2425         -    ** will likely be much smaller since nField will likely be less than
  2426         -    ** 20 or so.  This insures that Robson memory allocation limits are
  2427         -    ** not exceeded even for corrupt database files.
         2365  +  /* Make sure at least the first p2+1 entries of the header have been
         2366  +  ** parsed and valid information is in aOffset[] and aType[].
         2367  +  */
         2368  +  if( pC->nHdrParsed<=p2 ){
         2369  +    /* If there is more header available for parsing in the record, try
         2370  +    ** to extract additional fields up through the p2+1-th field 
  2428   2371       */
  2429         -    len = nField*5 + 3;
  2430         -    if( len > (int)offset ) len = (int)offset;
  2431         -
  2432         -    /* The KeyFetch() or DataFetch() above are fast and will get the entire
  2433         -    ** record header in most cases.  But they will fail to get the complete
  2434         -    ** record header if the record header does not fit on a single page
  2435         -    ** in the B-Tree.  When that happens, use sqlite3VdbeMemFromBtree() to
  2436         -    ** acquire the complete header text.
  2437         -    */
  2438         -    if( !zRec && avail<len ){
  2439         -      sMem.flags = 0;
  2440         -      sMem.db = 0;
  2441         -      rc = sqlite3VdbeMemFromBtree(pCrsr, 0, len, pC->isIndex, &sMem);
  2442         -      if( rc!=SQLITE_OK ){
  2443         -        goto op_column_out;
  2444         -      }
  2445         -      zData = sMem.z;
  2446         -    }
  2447         -    zEndHdr = (u8 *)&zData[len];
  2448         -    zIdx = (u8 *)&zData[szHdr];
  2449         -
  2450         -    /* Scan the header and use it to fill in the aType[] and aOffset[]
  2451         -    ** arrays.  aType[i] will contain the type integer for the i-th
  2452         -    ** column and aOffset[i] will contain the offset from the beginning
  2453         -    ** of the record to the start of the data for the i-th column
  2454         -    */
  2455         -    for(i=0; i<nField; i++){
  2456         -      if( zIdx<zEndHdr ){
  2457         -        aOffset[i] = offset;
  2458         -        if( zIdx[0]<0x80 ){
  2459         -          t = zIdx[0];
  2460         -          zIdx++;
         2372  +    if( pC->iHdrOffset<aOffset[0] ){
         2373  +      /* Make sure zData points to enough of the record to cover the header. */
         2374  +      if( pC->aRow==0 ){
         2375  +        memset(&sMem, 0, sizeof(sMem));
         2376  +        rc = sqlite3VdbeMemFromBtree(pCrsr, 0, aOffset[0], 
         2377  +                                     !pC->isTable, &sMem);
         2378  +        if( rc!=SQLITE_OK ){
         2379  +          goto op_column_error;
         2380  +        }
         2381  +        zData = (u8*)sMem.z;
         2382  +      }else{
         2383  +        zData = pC->aRow;
         2384  +      }
         2385  +  
         2386  +      /* Fill in aType[i] and aOffset[i] values through the p2-th field. */
         2387  +      i = pC->nHdrParsed;
         2388  +      offset = aOffset[i];
         2389  +      zHdr = zData + pC->iHdrOffset;
         2390  +      zEndHdr = zData + aOffset[0];
         2391  +      assert( i<=p2 && zHdr<zEndHdr );
         2392  +      do{
         2393  +        if( zHdr[0]<0x80 ){
         2394  +          t = zHdr[0];
         2395  +          zHdr++;
  2461   2396           }else{
  2462         -          zIdx += sqlite3GetVarint32(zIdx, &t);
         2397  +          zHdr += sqlite3GetVarint32(zHdr, &t);
  2463   2398           }
  2464   2399           aType[i] = t;
  2465   2400           szField = sqlite3VdbeSerialTypeLen(t);
  2466   2401           offset += szField;
  2467   2402           if( offset<szField ){  /* True if offset overflows */
  2468         -          zIdx = &zEndHdr[1];  /* Forces SQLITE_CORRUPT return below */
         2403  +          zHdr = &zEndHdr[1];  /* Forces SQLITE_CORRUPT return below */
  2469   2404             break;
  2470   2405           }
  2471         -      }else{
  2472         -        /* If i is less that nField, then there are fewer fields in this
  2473         -        ** record than SetNumColumns indicated there are columns in the
  2474         -        ** table. Set the offset for any extra columns not present in
  2475         -        ** the record to 0. This tells code below to store the default value
  2476         -        ** for the column instead of deserializing a value from the record.
  2477         -        */
  2478         -        aOffset[i] = 0;
  2479         -      }
  2480         -    }
  2481         -    sqlite3VdbeMemRelease(&sMem);
  2482         -    sMem.flags = MEM_Null;
  2483         -
  2484         -    /* If we have read more header data than was contained in the header,
  2485         -    ** or if the end of the last field appears to be past the end of the
  2486         -    ** record, or if the end of the last field appears to be before the end
  2487         -    ** of the record (when all fields present), then we must be dealing 
  2488         -    ** with a corrupt database.
         2406  +        i++;
         2407  +        aOffset[i] = offset;
         2408  +      }while( i<=p2 && zHdr<zEndHdr );
         2409  +      pC->nHdrParsed = i;
         2410  +      pC->iHdrOffset = (u32)(zHdr - zData);
         2411  +      if( pC->aRow==0 ){
         2412  +        sqlite3VdbeMemRelease(&sMem);
         2413  +        sMem.flags = MEM_Null;
         2414  +      }
         2415  +  
         2416  +      /* If we have read more header data than was contained in the header,
         2417  +      ** or if the end of the last field appears to be past the end of the
         2418  +      ** record, or if the end of the last field appears to be before the end
         2419  +      ** of the record (when all fields present), then we must be dealing 
         2420  +      ** with a corrupt database.
         2421  +      */
         2422  +      if( (zHdr > zEndHdr)
         2423  +       || (offset > pC->payloadSize)
         2424  +       || (zHdr==zEndHdr && offset!=pC->payloadSize)
         2425  +      ){
         2426  +        rc = SQLITE_CORRUPT_BKPT;
         2427  +        goto op_column_error;
         2428  +      }
         2429  +    }
         2430  +
         2431  +    /* If after trying to extra new entries from the header, nHdrParsed is
         2432  +    ** still not up to p2, that means that the record has fewer than p2
         2433  +    ** columns.  So the result will be either the default value or a NULL.
  2489   2434       */
  2490         -    if( (zIdx > zEndHdr) || (offset > payloadSize)
  2491         -         || (zIdx==zEndHdr && offset!=payloadSize) ){
  2492         -      rc = SQLITE_CORRUPT_BKPT;
         2435  +    if( pC->nHdrParsed<=p2 ){
         2436  +      if( pOp->p4type==P4_MEM ){
         2437  +        sqlite3VdbeMemShallowCopy(pDest, pOp->p4.pMem, MEM_Static);
         2438  +      }else{
         2439  +        MemSetTypeFlag(pDest, MEM_Null);
         2440  +      }
  2493   2441         goto op_column_out;
  2494   2442       }
  2495   2443     }
  2496   2444   
  2497         -  /* Get the column information. If aOffset[p2] is non-zero, then 
  2498         -  ** deserialize the value from the record. If aOffset[p2] is zero,
  2499         -  ** then there are not enough fields in the record to satisfy the
  2500         -  ** request.  In this case, set the value NULL or to P4 if P4 is
  2501         -  ** a pointer to a Mem object.
  2502         -  */
  2503         -  if( aOffset[p2] ){
  2504         -    assert( rc==SQLITE_OK );
  2505         -    if( zRec ){
  2506         -      /* This is the common case where the whole row fits on a single page */
  2507         -      VdbeMemRelease(pDest);
  2508         -      sqlite3VdbeSerialGet((u8 *)&zRec[aOffset[p2]], aType[p2], pDest);
  2509         -    }else{
  2510         -      /* This branch happens only when the row overflows onto multiple pages */
  2511         -      t = aType[p2];
  2512         -      if( (pOp->p5 & (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG))!=0
  2513         -       && ((t>=12 && (t&1)==0) || (pOp->p5 & OPFLAG_TYPEOFARG)!=0)
  2514         -      ){
  2515         -        /* Content is irrelevant for the typeof() function and for
  2516         -        ** the length(X) function if X is a blob.  So we might as well use
  2517         -        ** bogus content rather than reading content from disk.  NULL works
  2518         -        ** for text and blob and whatever is in the payloadSize64 variable
  2519         -        ** will work for everything else. */
  2520         -        zData = t<12 ? (char*)&payloadSize64 : 0;
  2521         -      }else{
  2522         -        len = sqlite3VdbeSerialTypeLen(t);
  2523         -        sqlite3VdbeMemMove(&sMem, pDest);
  2524         -        rc = sqlite3VdbeMemFromBtree(pCrsr, aOffset[p2], len,  pC->isIndex,
  2525         -                                     &sMem);
  2526         -        if( rc!=SQLITE_OK ){
  2527         -          goto op_column_out;
  2528         -        }
  2529         -        zData = sMem.z;
  2530         -      }
  2531         -      sqlite3VdbeSerialGet((u8*)zData, t, pDest);
  2532         -    }
  2533         -    pDest->enc = encoding;
  2534         -  }else{
  2535         -    if( pOp->p4type==P4_MEM ){
  2536         -      sqlite3VdbeMemShallowCopy(pDest, pOp->p4.pMem, MEM_Static);
  2537         -    }else{
  2538         -      MemSetTypeFlag(pDest, MEM_Null);
  2539         -    }
  2540         -  }
  2541         -
  2542         -  /* If we dynamically allocated space to hold the data (in the
  2543         -  ** sqlite3VdbeMemFromBtree() call above) then transfer control of that
  2544         -  ** dynamically allocated space over to the pDest structure.
  2545         -  ** This prevents a memory copy.
  2546         -  */
  2547         -  if( sMem.zMalloc ){
  2548         -    assert( sMem.z==sMem.zMalloc );
  2549         -    assert( !(pDest->flags & MEM_Dyn) );
  2550         -    assert( !(pDest->flags & (MEM_Blob|MEM_Str)) || pDest->z==sMem.z );
  2551         -    pDest->flags &= ~(MEM_Ephem|MEM_Static);
  2552         -    pDest->flags |= MEM_Term;
  2553         -    pDest->z = sMem.z;
  2554         -    pDest->zMalloc = sMem.zMalloc;
  2555         -  }
  2556         -
  2557         -  rc = sqlite3VdbeMemMakeWriteable(pDest);
         2445  +  /* Extract the content for the p2+1-th column.  Control can only
         2446  +  ** reach this point if aOffset[p2], aOffset[p2+1], and aType[p2] are
         2447  +  ** all valid.
         2448  +  */
         2449  +  assert( p2<pC->nHdrParsed );
         2450  +  assert( rc==SQLITE_OK );
         2451  +  if( pC->szRow>=aOffset[p2+1] ){
         2452  +    /* This is the common case where the desired content fits on the original
         2453  +    ** page - where the content is not on an overflow page */
         2454  +    VdbeMemRelease(pDest);
         2455  +    sqlite3VdbeSerialGet(pC->aRow+aOffset[p2], aType[p2], pDest);
         2456  +  }else{
         2457  +    /* This branch happens only when content is on overflow pages */	
         2458  +    t = aType[p2];
         2459  +    if( ((pOp->p5 & (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG))!=0
         2460  +          && ((t>=12 && (t&1)==0) || (pOp->p5 & OPFLAG_TYPEOFARG)!=0))
         2461  +     || (len = sqlite3VdbeSerialTypeLen(t))==0
         2462  +    ){
         2463  +      /* Content is irrelevant for the typeof() function and for
         2464  +      ** the length(X) function if X is a blob.  So we might as well use
         2465  +      ** bogus content rather than reading content from disk.  NULL works
         2466  +      ** for text and blob and whatever is in the payloadSize64 variable
         2467  +      ** will work for everything else.  Content is also irrelevant if
         2468  +      ** the content length is 0. */
         2469  +      zData = t<=13 ? (u8*)&payloadSize64 : 0;
         2470  +      sMem.zMalloc = 0;
         2471  +    }else{
         2472  +      memset(&sMem, 0, sizeof(sMem));
         2473  +      sqlite3VdbeMemMove(&sMem, pDest);
         2474  +      rc = sqlite3VdbeMemFromBtree(pCrsr, aOffset[p2], len, !pC->isTable,
         2475  +                                   &sMem);
         2476  +      if( rc!=SQLITE_OK ){
         2477  +        goto op_column_error;
         2478  +      }
         2479  +      zData = (u8*)sMem.z;
         2480  +    }
         2481  +    sqlite3VdbeSerialGet(zData, t, pDest);
         2482  +    /* If we dynamically allocated space to hold the data (in the
         2483  +    ** sqlite3VdbeMemFromBtree() call above) then transfer control of that
         2484  +    ** dynamically allocated space over to the pDest structure.
         2485  +    ** This prevents a memory copy. */
         2486  +    if( sMem.zMalloc ){
         2487  +      assert( sMem.z==sMem.zMalloc );
         2488  +      assert( !(pDest->flags & MEM_Dyn) );
         2489  +      assert( !(pDest->flags & (MEM_Blob|MEM_Str)) || pDest->z==sMem.z );
         2490  +      pDest->flags &= ~(MEM_Ephem|MEM_Static);
         2491  +      pDest->flags |= MEM_Term;
         2492  +      pDest->z = sMem.z;
         2493  +      pDest->zMalloc = sMem.zMalloc;
         2494  +    }
         2495  +  }
         2496  +  pDest->enc = encoding;
  2558   2497   
  2559   2498   op_column_out:
         2499  +  rc = sqlite3VdbeMemMakeWriteable(pDest);
         2500  +op_column_error:
  2560   2501     UPDATE_MAX_BLOBSIZE(pDest);
  2561   2502     REGISTER_TRACE(pOp->p3, pDest);
  2562   2503     break;
  2563   2504   }
  2564   2505   
  2565   2506   /* Opcode: Affinity P1 P2 * P4 *
  2566   2507   ** Synopsis: affinity(r[P1@P2])
................................................................................
  3308   3249       assert( pKeyInfo->enc==ENC(db) );
  3309   3250       assert( pKeyInfo->db==db );
  3310   3251       nField = pKeyInfo->nField+pKeyInfo->nXField;
  3311   3252     }else if( pOp->p4type==P4_INT32 ){
  3312   3253       nField = pOp->p4.i;
  3313   3254     }
  3314   3255     assert( pOp->p1>=0 );
         3256  +  assert( nField>=0 );
         3257  +  testcase( nField==0 );  /* Table with INTEGER PRIMARY KEY and nothing else */
  3315   3258     pCur = allocateCursor(p, pOp->p1, nField, iDb, 1);
  3316   3259     if( pCur==0 ) goto no_mem;
  3317   3260     pCur->nullRow = 1;
  3318   3261     pCur->isOrdered = 1;
  3319   3262     rc = sqlite3BtreeCursor(pX, p2, wrFlag, pKeyInfo, pCur->pCursor);
  3320   3263     pCur->pKeyInfo = pKeyInfo;
  3321   3264     assert( OPFLAG_BULKCSR==BTREE_BULKLOAD );
  3322   3265     sqlite3BtreeCursorHints(pCur->pCursor, (pOp->p5 & OPFLAG_BULKCSR));
  3323   3266   
  3324   3267     /* Since it performs no memory allocation or IO, the only value that
  3325   3268     ** sqlite3BtreeCursor() may return is SQLITE_OK. */
  3326   3269     assert( rc==SQLITE_OK );
  3327   3270   
  3328         -  /* Set the VdbeCursor.isTable and isIndex variables. Previous versions of
         3271  +  /* Set the VdbeCursor.isTable variable. Previous versions of
  3329   3272     ** SQLite used to check if the root-page flags were sane at this point
  3330   3273     ** and report database corruption if they were not, but this check has
  3331   3274     ** since moved into the btree layer.  */  
  3332   3275     pCur->isTable = pOp->p4type!=P4_KEYINFO;
  3333         -  pCur->isIndex = !pCur->isTable;
  3334   3276     break;
  3335   3277   }
  3336   3278   
  3337   3279   /* Opcode: OpenEphemeral P1 P2 * P4 P5
  3338   3280   ** Synopsis: nColumn=P2
  3339   3281   **
  3340   3282   ** Open a new cursor P1 to a transient table.
................................................................................
  3368   3310     static const int vfsFlags = 
  3369   3311         SQLITE_OPEN_READWRITE |
  3370   3312         SQLITE_OPEN_CREATE |
  3371   3313         SQLITE_OPEN_EXCLUSIVE |
  3372   3314         SQLITE_OPEN_DELETEONCLOSE |
  3373   3315         SQLITE_OPEN_TRANSIENT_DB;
  3374   3316     assert( pOp->p1>=0 );
         3317  +  assert( pOp->p2>=0 );
  3375   3318     pCx = allocateCursor(p, pOp->p1, pOp->p2, -1, 1);
  3376   3319     if( pCx==0 ) goto no_mem;
  3377   3320     pCx->nullRow = 1;
  3378   3321     rc = sqlite3BtreeOpen(db->pVfs, 0, db, &pCx->pBt, 
  3379   3322                           BTREE_OMIT_JOURNAL | BTREE_SINGLE | pOp->p5, vfsFlags);
  3380   3323     if( rc==SQLITE_OK ){
  3381   3324       rc = sqlite3BtreeBeginTrans(pCx->pBt, 1);
................................................................................
  3400   3343         pCx->isTable = 0;
  3401   3344       }else{
  3402   3345         rc = sqlite3BtreeCursor(pCx->pBt, MASTER_ROOT, 1, 0, pCx->pCursor);
  3403   3346         pCx->isTable = 1;
  3404   3347       }
  3405   3348     }
  3406   3349     pCx->isOrdered = (pOp->p5!=BTREE_UNORDERED);
  3407         -  pCx->isIndex = !pCx->isTable;
  3408   3350     break;
  3409   3351   }
  3410   3352   
  3411   3353   /* Opcode: SorterOpen P1 * * P4 *
  3412   3354   **
  3413   3355   ** This opcode works like OP_OpenEphemeral except that it opens
  3414   3356   ** a transient index that is specifically designed to sort large
  3415   3357   ** tables using an external merge-sort algorithm.
  3416   3358   */
  3417   3359   case OP_SorterOpen: {
  3418   3360     VdbeCursor *pCx;
  3419   3361   
         3362  +  assert( pOp->p1>=0 );
         3363  +  assert( pOp->p2>=0 );
  3420   3364     pCx = allocateCursor(p, pOp->p1, pOp->p2, -1, 1);
  3421   3365     if( pCx==0 ) goto no_mem;
  3422   3366     pCx->pKeyInfo = pOp->p4.pKeyInfo;
  3423   3367     assert( pCx->pKeyInfo->db==db );
  3424   3368     assert( pCx->pKeyInfo->enc==ENC(db) );
  3425         -  pCx->isSorter = 1;
  3426   3369     rc = sqlite3VdbeSorterInit(db, pCx);
  3427   3370     break;
  3428   3371   }
  3429   3372   
  3430   3373   /* Opcode: OpenPseudo P1 P2 P3 * P5
  3431   3374   ** Synopsis: content in r[P2@P3]
  3432   3375   **
................................................................................
  3444   3387   ** P3 is the number of fields in the records that will be stored by
  3445   3388   ** the pseudo-table.
  3446   3389   */
  3447   3390   case OP_OpenPseudo: {
  3448   3391     VdbeCursor *pCx;
  3449   3392   
  3450   3393     assert( pOp->p1>=0 );
         3394  +  assert( pOp->p3>=0 );
  3451   3395     pCx = allocateCursor(p, pOp->p1, pOp->p3, -1, 0);
  3452   3396     if( pCx==0 ) goto no_mem;
  3453   3397     pCx->nullRow = 1;
  3454   3398     pCx->pseudoTableReg = pOp->p2;
  3455   3399     pCx->isTable = 1;
  3456         -  pCx->isIndex = 0;
  3457   3400     pCx->multiPseudo = pOp->p5;
  3458   3401     break;
  3459   3402   }
  3460   3403   
  3461   3404   /* Opcode: Close P1 * * * *
  3462   3405   **
  3463   3406   ** Close a cursor previously opened as P1.  If P1 is not
................................................................................
  4265   4208   ** Write into register P2 the current sorter data for sorter cursor P1.
  4266   4209   */
  4267   4210   case OP_SorterData: {
  4268   4211     VdbeCursor *pC;
  4269   4212   
  4270   4213     pOut = &aMem[pOp->p2];
  4271   4214     pC = p->apCsr[pOp->p1];
  4272         -  assert( pC->isSorter );
         4215  +  assert( isSorter(pC) );
  4273   4216     rc = sqlite3VdbeSorterRowkey(pC, pOut);
  4274   4217     break;
  4275   4218   }
  4276   4219   
  4277   4220   /* Opcode: RowData P1 P2 * * *
  4278   4221   ** Synopsis: r[P2]=data
  4279   4222   **
................................................................................
  4305   4248   
  4306   4249     pOut = &aMem[pOp->p2];
  4307   4250     memAboutToChange(p, pOut);
  4308   4251   
  4309   4252     /* Note that RowKey and RowData are really exactly the same instruction */
  4310   4253     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
  4311   4254     pC = p->apCsr[pOp->p1];
  4312         -  assert( pC->isSorter==0 );
         4255  +  assert( isSorter(pC)==0 );
  4313   4256     assert( pC->isTable || pOp->opcode!=OP_RowData );
  4314         -  assert( pC->isIndex || pOp->opcode==OP_RowData );
         4257  +  assert( pC->isTable==0 || pOp->opcode==OP_RowData );
  4315   4258     assert( pC!=0 );
  4316   4259     assert( pC->nullRow==0 );
  4317   4260     assert( pC->pseudoTableReg==0 );
  4318   4261     assert( pC->pCursor!=0 );
  4319   4262     pCrsr = pC->pCursor;
  4320   4263     assert( sqlite3BtreeCursorIsValid(pCrsr) );
  4321   4264   
................................................................................
  4324   4267     ** the cursor.  Hence the following sqlite3VdbeCursorMoveto() call is always
  4325   4268     ** a no-op and can never fail.  But we leave it in place as a safety.
  4326   4269     */
  4327   4270     assert( pC->deferredMoveto==0 );
  4328   4271     rc = sqlite3VdbeCursorMoveto(pC);
  4329   4272     if( NEVER(rc!=SQLITE_OK) ) goto abort_due_to_error;
  4330   4273   
  4331         -  if( pC->isIndex ){
         4274  +  if( pC->isTable==0 ){
  4332   4275       assert( !pC->isTable );
  4333   4276       VVA_ONLY(rc =) sqlite3BtreeKeySize(pCrsr, &n64);
  4334   4277       assert( rc==SQLITE_OK );    /* True because of CursorMoveto() call above */
  4335   4278       if( n64>db->aLimit[SQLITE_LIMIT_LENGTH] ){
  4336   4279         goto too_big;
  4337   4280       }
  4338   4281       n = (u32)n64;
................................................................................
  4344   4287       }
  4345   4288     }
  4346   4289     if( sqlite3VdbeMemGrow(pOut, n, 0) ){
  4347   4290       goto no_mem;
  4348   4291     }
  4349   4292     pOut->n = n;
  4350   4293     MemSetTypeFlag(pOut, MEM_Blob);
  4351         -  if( pC->isIndex ){
         4294  +  if( pC->isTable==0 ){
  4352   4295       rc = sqlite3BtreeKey(pCrsr, 0, n, pOut->z);
  4353   4296     }else{
  4354   4297       rc = sqlite3BtreeData(pCrsr, 0, n, pOut->z);
  4355   4298     }
  4356   4299     pOut->enc = SQLITE_UTF8;  /* In case the blob is ever cast to text */
  4357   4300     UPDATE_MAX_BLOBSIZE(pOut);
  4358   4301     REGISTER_TRACE(pOp->p2, pOut);
................................................................................
  4417   4360     VdbeCursor *pC;
  4418   4361   
  4419   4362     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
  4420   4363     pC = p->apCsr[pOp->p1];
  4421   4364     assert( pC!=0 );
  4422   4365     pC->nullRow = 1;
  4423   4366     pC->rowidIsValid = 0;
         4367  +  pC->cacheStatus = CACHE_STALE;
  4424   4368     assert( pC->pCursor || pC->pVtabCursor );
  4425   4369     if( pC->pCursor ){
  4426   4370       sqlite3BtreeClearCursor(pC->pCursor);
  4427   4371     }
  4428   4372     break;
  4429   4373   }
  4430   4374   
................................................................................
  4492   4436     VdbeCursor *pC;
  4493   4437     BtCursor *pCrsr;
  4494   4438     int res;
  4495   4439   
  4496   4440     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
  4497   4441     pC = p->apCsr[pOp->p1];
  4498   4442     assert( pC!=0 );
  4499         -  assert( pC->isSorter==(pOp->opcode==OP_SorterSort) );
         4443  +  assert( isSorter(pC)==(pOp->opcode==OP_SorterSort) );
  4500   4444     res = 1;
  4501   4445     if( isSorter(pC) ){
  4502   4446       rc = sqlite3VdbeSorterRewind(db, pC, &res);
  4503   4447     }else{
  4504   4448       pCrsr = pC->pCursor;
  4505   4449       assert( pCrsr );
  4506   4450       rc = sqlite3BtreeFirst(pCrsr, &res);
................................................................................
  4556   4500   
  4557   4501     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
  4558   4502     assert( pOp->p5<ArraySize(p->aCounter) );
  4559   4503     pC = p->apCsr[pOp->p1];
  4560   4504     if( pC==0 ){
  4561   4505       break;  /* See ticket #2273 */
  4562   4506     }
  4563         -  assert( pC->isSorter==(pOp->opcode==OP_SorterNext) );
         4507  +  assert( isSorter(pC)==(pOp->opcode==OP_SorterNext) );
  4564   4508     if( isSorter(pC) ){
  4565   4509       assert( pOp->opcode==OP_SorterNext );
  4566   4510       rc = sqlite3VdbeSorterNext(db, pC, &res);
  4567   4511     }else{
  4568   4512       /* res = 1; // Always initialized by the xAdvance() call */
  4569   4513       assert( pC->deferredMoveto==0 );
  4570   4514       assert( pC->pCursor );
................................................................................
  4604   4548     BtCursor *pCrsr;
  4605   4549     int nKey;
  4606   4550     const char *zKey;
  4607   4551   
  4608   4552     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
  4609   4553     pC = p->apCsr[pOp->p1];
  4610   4554     assert( pC!=0 );
  4611         -  assert( pC->isSorter==(pOp->opcode==OP_SorterInsert) );
         4555  +  assert( isSorter(pC)==(pOp->opcode==OP_SorterInsert) );
  4612   4556     pIn2 = &aMem[pOp->p2];
  4613   4557     assert( pIn2->flags & MEM_Blob );
  4614   4558     pCrsr = pC->pCursor;
  4615   4559     if( pOp->p5 & OPFLAG_NCHANGE ) p->nChange++;
  4616   4560     assert( pCrsr!=0 );
  4617   4561     assert( pC->isTable==0 );
  4618   4562     rc = ExpandBlob(pIn2);
................................................................................
  5855   5799       /* Initialize sqlite3_vtab_cursor base class */
  5856   5800       pVtabCursor->pVtab = pVtab;
  5857   5801   
  5858   5802       /* Initialize vdbe cursor object */
  5859   5803       pCur = allocateCursor(p, pOp->p1, 0, -1, 0);
  5860   5804       if( pCur ){
  5861   5805         pCur->pVtabCursor = pVtabCursor;
  5862         -      pCur->pModule = pVtabCursor->pVtab->pModule;
  5863   5806       }else{
  5864   5807         db->mallocFailed = 1;
  5865   5808         pModule->xClose(pVtabCursor);
  5866   5809       }
  5867   5810     }
  5868   5811     break;
  5869   5812   }

Changes to src/vdbeInt.h.

    32     32   ** of the following structure.
    33     33   */
    34     34   typedef struct VdbeOp Op;
    35     35   
    36     36   /*
    37     37   ** Boolean values
    38     38   */
    39         -typedef unsigned char Bool;
           39  +typedef unsigned Bool;
    40     40   
    41     41   /* Opaque type used by code in vdbesort.c */
    42     42   typedef struct VdbeSorter VdbeSorter;
    43     43   
    44     44   /* Opaque type used by the explainer */
    45     45   typedef struct Explain Explain;
    46     46   
................................................................................
    49     49   
    50     50   /*
    51     51   ** A cursor is a pointer into a single BTree within a database file.
    52     52   ** The cursor can seek to a BTree entry with a particular key, or
    53     53   ** loop over all entries of the Btree.  You can also insert new BTree
    54     54   ** entries or retrieve the key or data from the entry that the cursor
    55     55   ** is currently pointing to.
           56  +**
           57  +** Cursors can also point to virtual tables, sorters, or "pseudo-tables".
           58  +** A pseudo-table is a single-row table implemented by registers.
    56     59   ** 
    57     60   ** Every cursor that the virtual machine has open is represented by an
    58     61   ** instance of the following structure.
    59     62   */
    60     63   struct VdbeCursor {
    61     64     BtCursor *pCursor;    /* The cursor structure of the backend */
    62     65     Btree *pBt;           /* Separate file holding temporary table */
    63     66     KeyInfo *pKeyInfo;    /* Info about index keys needed by index cursors */
           67  +  int seekResult;       /* Result of previous sqlite3BtreeMoveto() */
    64     68     int pseudoTableReg;   /* Register holding pseudotable content. */
    65     69     i16 nField;           /* Number of fields in the header */
           70  +  u16 nHdrParsed;       /* Number of header fields parsed so far */
    66     71     i8 iDb;               /* Index of cursor database in db->aDb[] (or -1) */
    67         -  Bool rowidIsValid;    /* True if lastRowid is valid */
    68         -  Bool useRandomRowid;  /* Generate new record numbers semi-randomly */
    69         -  Bool nullRow;         /* True if pointing to a row with no data */
    70         -  Bool deferredMoveto;  /* A call to sqlite3BtreeMoveto() is needed */
    71         -  Bool isTable;         /* True if a table requiring integer keys */
    72         -  Bool isIndex;         /* True if an index containing keys only - no data */
    73         -  Bool isOrdered;       /* True if the underlying table is BTREE_UNORDERED */
    74         -  Bool isSorter;        /* True if a new-style sorter */
    75         -  Bool multiPseudo;     /* Multi-register pseudo-cursor */
           72  +  u8 nullRow;           /* True if pointing to a row with no data */
           73  +  u8 rowidIsValid;      /* True if lastRowid is valid */
           74  +  u8 deferredMoveto;    /* A call to sqlite3BtreeMoveto() is needed */
           75  +  Bool useRandomRowid:1;/* Generate new record numbers semi-randomly */
           76  +  Bool isTable:1;       /* True if a table requiring integer keys */
           77  +  Bool isOrdered:1;     /* True if the underlying table is BTREE_UNORDERED */
           78  +  Bool multiPseudo:1;   /* Multi-register pseudo-cursor */
    76     79     sqlite3_vtab_cursor *pVtabCursor;  /* The cursor for a virtual table */
    77         -  const sqlite3_module *pModule;     /* Module for cursor pVtabCursor */
    78     80     i64 seqCount;         /* Sequence counter */
    79     81     i64 movetoTarget;     /* Argument to the deferred sqlite3BtreeMoveto() */
    80     82     i64 lastRowid;        /* Rowid being deleted by OP_Delete */
    81     83     VdbeSorter *pSorter;  /* Sorter object for OP_SorterOpen cursors */
    82     84   
    83         -  /* Result of last sqlite3BtreeMoveto() done by an OP_NotExists */
    84         -  int seekResult;
    85         -
    86     85     /* Cached information about the header for the data record that the
    87     86     ** cursor is currently pointing to.  Only valid if cacheStatus matches
    88     87     ** Vdbe.cacheCtr.  Vdbe.cacheCtr will never take on the value of
    89     88     ** CACHE_STALE and so setting cacheStatus=CACHE_STALE guarantees that
    90     89     ** the cache is out of date.
    91     90     **
    92     91     ** aRow might point to (ephemeral) data for the current row, or it might
    93     92     ** be NULL.
    94     93     */
    95     94     u32 cacheStatus;      /* Cache is valid if this matches Vdbe.cacheCtr */
    96         -  int payloadSize;      /* Total number of bytes in the record */
    97         -  u32 *aType;           /* Type values for all entries in the record */
    98         -  u32 *aOffset;         /* Cached offsets to the start of each columns data */
    99         -  u8 *aRow;             /* Data for the current row, if all on one page */
           95  +  u32 payloadSize;      /* Total number of bytes in the record */
           96  +  u32 szRow;            /* Byte available in aRow */
           97  +  u32 iHdrOffset;       /* Offset to next unparsed byte of the header */
           98  +  const u8 *aRow;       /* Data for the current row, if all on one page */
           99  +  u32 aType[1];         /* Type values for all entries in the record */
          100  +  /* 2*nField extra array elements allocated for aType[], beyond the one
          101  +  ** static element declared in the structure.  nField total array slots for
          102  +  ** aType[] and nField+1 array slots for aOffset[] */
   100    103   };
   101    104   typedef struct VdbeCursor VdbeCursor;
   102    105   
   103    106   /*
   104    107   ** When a sub-program is executed (OP_Program), a structure of this type
   105    108   ** is allocated to store the current value of the program counter, as
   106    109   ** well as the current memory cell array and various other frame specific

Changes to src/vdbeaux.c.

  1670   1670       ** the call above. */
  1671   1671     }else if( pCx->pCursor ){
  1672   1672       sqlite3BtreeCloseCursor(pCx->pCursor);
  1673   1673     }
  1674   1674   #ifndef SQLITE_OMIT_VIRTUALTABLE
  1675   1675     if( pCx->pVtabCursor ){
  1676   1676       sqlite3_vtab_cursor *pVtabCursor = pCx->pVtabCursor;
  1677         -    const sqlite3_module *pModule = pCx->pModule;
         1677  +    const sqlite3_module *pModule = pVtabCursor->pVtab->pModule;
  1678   1678       p->inVtabMethod = 1;
  1679   1679       pModule->xClose(pVtabCursor);
  1680   1680       p->inVtabMethod = 0;
  1681   1681     }
  1682   1682   #endif
  1683   1683   }
  1684   1684   
................................................................................
  2654   2654       if( res!=0 ) return SQLITE_CORRUPT_BKPT;
  2655   2655       p->rowidIsValid = 1;
  2656   2656   #ifdef SQLITE_TEST
  2657   2657       sqlite3_search_count++;
  2658   2658   #endif
  2659   2659       p->deferredMoveto = 0;
  2660   2660       p->cacheStatus = CACHE_STALE;
  2661         -  }else if( ALWAYS(p->pCursor) ){
         2661  +  }else if( p->pCursor ){
  2662   2662       int hasMoved;
  2663   2663       int rc = sqlite3BtreeCursorHasMoved(p->pCursor, &hasMoved);
  2664   2664       if( rc ) return rc;
  2665   2665       if( hasMoved ){
  2666   2666         p->cacheStatus = CACHE_STALE;
  2667   2667         p->nullRow = 1;
  2668   2668       }

Changes to src/vdbeblob.c.

    60     60     ** triggering asserts related to mutexes.
    61     61     */
    62     62     assert( v->aVar[0].flags&MEM_Int );
    63     63     v->aVar[0].u.i = iRow;
    64     64   
    65     65     rc = sqlite3_step(p->pStmt);
    66     66     if( rc==SQLITE_ROW ){
    67         -    u32 type = v->apCsr[0]->aType[p->iCol];
           67  +    VdbeCursor *pC = v->apCsr[0];
           68  +    u32 type = pC->aType[p->iCol];
    68     69       if( type<12 ){
    69     70         zErr = sqlite3MPrintf(p->db, "cannot open value of type %s",
    70     71             type==0?"null": type==7?"real": "integer"
    71     72         );
    72     73         rc = SQLITE_ERROR;
    73     74         sqlite3_finalize(p->pStmt);
    74     75         p->pStmt = 0;
    75     76       }else{
    76         -      p->iOffset = v->apCsr[0]->aOffset[p->iCol];
           77  +      p->iOffset = pC->aType[p->iCol + pC->nField];
    77     78         p->nByte = sqlite3VdbeSerialTypeLen(type);
    78         -      p->pCsr =  v->apCsr[0]->pCursor;
           79  +      p->pCsr =  pC->pCursor;
    79     80         sqlite3BtreeEnterCursor(p->pCsr);
    80     81         sqlite3BtreeCacheOverflow(p->pCsr);
    81     82         sqlite3BtreeLeaveCursor(p->pCsr);
    82     83       }
    83     84     }
    84     85   
    85     86     if( rc==SQLITE_ROW ){

Changes to test/analyze9.test.

   801    801     reset_db
   802    802     execsql {
   803    803       CREATE TABLE t1(a, UNIQUE(a));
   804    804       INSERT INTO t1 VALUES($two);
   805    805       ANALYZE;
   806    806     }
   807    807     set nByte2 [lindex [sqlite3_db_status db SCHEMA_USED 0] 1]
          808  +  puts -nonewline " (nByte=$nByte nByte2=$nByte2)"
   808    809   
   809         -  expr {$nByte2 > $nByte+900 && $nByte2 < $nByte+1050}
          810  +  expr {$nByte2 > $nByte+900 && $nByte2 < $nByte+1100}
   810    811   } {1}
   811    812   
   812    813   #-------------------------------------------------------------------------
   813    814   # Test that stat4 data may be used with partial indexes.
   814    815   #
   815    816   do_test 17.1 {
   816    817     reset_db

Changes to test/func.test.

  1314   1314     db eval {SELECT sum(length(x)) FROM t29}
  1315   1315   } {1000009}
  1316   1316   do_test func-29.6 {
  1317   1317     set x [lindex [sqlite3_db_status db CACHE_MISS 1] 1]
  1318   1318     if {$x<5} {set x 1}
  1319   1319     set x
  1320   1320   } {1}
         1321  +
         1322  +# The OP_Column opcode has an optimization that avoids loading content
         1323  +# for fields with content-length=0 when the content offset is on an overflow
         1324  +# page.  Make sure the optimization works.
         1325  +#
         1326  +do_execsql_test func-29.10 {
         1327  +  CREATE TABLE t29b(a,b,c,d,e,f,g,h,i);
         1328  +  INSERT INTO t29b 
         1329  +   VALUES(1, hex(randomblob(2000)), null, 0, 1, '', zeroblob(0),'x',x'01');
         1330  +  SELECT typeof(c), typeof(d), typeof(e), typeof(f),
         1331  +         typeof(g), typeof(h), typeof(i) FROM t29b;
         1332  +} {null integer integer text blob text blob}
         1333  +do_execsql_test func-29.11 {
         1334  +  SELECT length(f), length(g), length(h), length(i) FROM t29b;
         1335  +} {0 0 1 1}
         1336  +do_execsql_test func-29.12 {
         1337  +  SELECT quote(f), quote(g), quote(h), quote(i) FROM t29b;
         1338  +} {'' X'' 'x' X'01'}
  1321   1339   
  1322   1340   # EVIDENCE-OF: R-29701-50711 The unicode(X) function returns the numeric
  1323   1341   # unicode code point corresponding to the first character of the string
  1324   1342   # X.
  1325   1343   #
  1326   1344   # EVIDENCE-OF: R-55469-62130 The char(X1,X2,...,XN) function returns a
  1327   1345   # string composed of characters having the unicode code point values of