/ Check-in [be71d1e2]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Merge the latest performance enhancements and fixes from trunk.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | apple-osx
Files: files | file ages | folders
SHA3-256: be71d1e24c9cbfbfa60df8159571929d85b1f281e32e6230b044c952eae91a92
User & Date: drh 2019-02-20 13:23:13
Context
2019-03-01
18:27
Merge the latest enhancements from trunk. check-in: e64ded7b user: drh tags: apple-osx
2019-02-20
13:23
Merge the latest performance enhancements and fixes from trunk. check-in: be71d1e2 user: drh tags: apple-osx
12:52
When an IN operator drives a query loop, mark it as "CODED" so that it will not be used afterwards for a (pointless) membership test. This is a better fix for ticket [df46dfb631f75694] than the previous fix that is now on a branch as it preserves the full optimization of check-in [e130319317e76119]. check-in: fa792714 user: drh tags: trunk
2019-02-08
14:59
Merge the fix for ticket [4e8e4857d32d401f], so that this branch now contains release 3.27.1 plus the extra patch to preserve ROWID values on VACUUM. check-in: 0cdae60e user: drh tags: apple-osx
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to VERSION.

     1         -3.27.0
            1  +3.28.0

Changes to configure.

     1      1   #! /bin/sh
     2      2   # Guess values for system-dependent variables and create Makefiles.
     3         -# Generated by GNU Autoconf 2.69 for sqlite 3.27.0.
            3  +# Generated by GNU Autoconf 2.69 for sqlite 3.28.0.
     4      4   #
     5      5   #
     6      6   # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
     7      7   #
     8      8   #
     9      9   # This configure script is free software; the Free Software Foundation
    10     10   # gives unlimited permission to copy, distribute and modify it.
................................................................................
   722    722   subdirs=
   723    723   MFLAGS=
   724    724   MAKEFLAGS=
   725    725   
   726    726   # Identity of this package.
   727    727   PACKAGE_NAME='sqlite'
   728    728   PACKAGE_TARNAME='sqlite'
   729         -PACKAGE_VERSION='3.27.0'
   730         -PACKAGE_STRING='sqlite 3.27.0'
          729  +PACKAGE_VERSION='3.28.0'
          730  +PACKAGE_STRING='sqlite 3.28.0'
   731    731   PACKAGE_BUGREPORT=''
   732    732   PACKAGE_URL=''
   733    733   
   734    734   # Factoring default headers for most tests.
   735    735   ac_includes_default="\
   736    736   #include <stdio.h>
   737    737   #ifdef HAVE_SYS_TYPES_H
................................................................................
  1462   1462   #
  1463   1463   # Report the --help message.
  1464   1464   #
  1465   1465   if test "$ac_init_help" = "long"; then
  1466   1466     # Omit some internal or obsolete options to make the list less imposing.
  1467   1467     # This message is too long to be a string in the A/UX 3.1 sh.
  1468   1468     cat <<_ACEOF
  1469         -\`configure' configures sqlite 3.27.0 to adapt to many kinds of systems.
         1469  +\`configure' configures sqlite 3.28.0 to adapt to many kinds of systems.
  1470   1470   
  1471   1471   Usage: $0 [OPTION]... [VAR=VALUE]...
  1472   1472   
  1473   1473   To assign environment variables (e.g., CC, CFLAGS...), specify them as
  1474   1474   VAR=VALUE.  See below for descriptions of some of the useful variables.
  1475   1475   
  1476   1476   Defaults for the options are specified in brackets.
................................................................................
  1527   1527     --build=BUILD     configure for building on BUILD [guessed]
  1528   1528     --host=HOST       cross-compile to build programs to run on HOST [BUILD]
  1529   1529   _ACEOF
  1530   1530   fi
  1531   1531   
  1532   1532   if test -n "$ac_init_help"; then
  1533   1533     case $ac_init_help in
  1534         -     short | recursive ) echo "Configuration of sqlite 3.27.0:";;
         1534  +     short | recursive ) echo "Configuration of sqlite 3.28.0:";;
  1535   1535      esac
  1536   1536     cat <<\_ACEOF
  1537   1537   
  1538   1538   Optional Features:
  1539   1539     --disable-option-checking  ignore unrecognized --enable/--with options
  1540   1540     --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
  1541   1541     --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
................................................................................
  1653   1653       cd "$ac_pwd" || { ac_status=$?; break; }
  1654   1654     done
  1655   1655   fi
  1656   1656   
  1657   1657   test -n "$ac_init_help" && exit $ac_status
  1658   1658   if $ac_init_version; then
  1659   1659     cat <<\_ACEOF
  1660         -sqlite configure 3.27.0
         1660  +sqlite configure 3.28.0
  1661   1661   generated by GNU Autoconf 2.69
  1662   1662   
  1663   1663   Copyright (C) 2012 Free Software Foundation, Inc.
  1664   1664   This configure script is free software; the Free Software Foundation
  1665   1665   gives unlimited permission to copy, distribute and modify it.
  1666   1666   _ACEOF
  1667   1667     exit
................................................................................
  2072   2072     eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
  2073   2073   
  2074   2074   } # ac_fn_c_check_header_mongrel
  2075   2075   cat >config.log <<_ACEOF
  2076   2076   This file contains any messages produced by compilers while
  2077   2077   running configure, to aid debugging if configure makes a mistake.
  2078   2078   
  2079         -It was created by sqlite $as_me 3.27.0, which was
         2079  +It was created by sqlite $as_me 3.28.0, which was
  2080   2080   generated by GNU Autoconf 2.69.  Invocation command line was
  2081   2081   
  2082   2082     $ $0 $@
  2083   2083   
  2084   2084   _ACEOF
  2085   2085   exec 5>>config.log
  2086   2086   {
................................................................................
 12228  12228   test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
 12229  12229   
 12230  12230   cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 12231  12231   # Save the log message, to keep $0 and so on meaningful, and to
 12232  12232   # report actual input values of CONFIG_FILES etc. instead of their
 12233  12233   # values after options handling.
 12234  12234   ac_log="
 12235         -This file was extended by sqlite $as_me 3.27.0, which was
        12235  +This file was extended by sqlite $as_me 3.28.0, which was
 12236  12236   generated by GNU Autoconf 2.69.  Invocation command line was
 12237  12237   
 12238  12238     CONFIG_FILES    = $CONFIG_FILES
 12239  12239     CONFIG_HEADERS  = $CONFIG_HEADERS
 12240  12240     CONFIG_LINKS    = $CONFIG_LINKS
 12241  12241     CONFIG_COMMANDS = $CONFIG_COMMANDS
 12242  12242     $ $0 $@
................................................................................
 12294  12294   
 12295  12295   Report bugs to the package provider."
 12296  12296   
 12297  12297   _ACEOF
 12298  12298   cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 12299  12299   ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 12300  12300   ac_cs_version="\\
 12301         -sqlite config.status 3.27.0
        12301  +sqlite config.status 3.28.0
 12302  12302   configured by $0, generated by GNU Autoconf 2.69,
 12303  12303     with options \\"\$ac_cs_config\\"
 12304  12304   
 12305  12305   Copyright (C) 2012 Free Software Foundation, Inc.
 12306  12306   This config.status script is free software; the Free Software Foundation
 12307  12307   gives unlimited permission to copy, distribute and modify it."
 12308  12308   

Changes to ext/fts3/fts3_write.c.

  1344   1344         return SQLITE_OK;
  1345   1345       }
  1346   1346   
  1347   1347       fts3SegReaderSetEof(pReader);
  1348   1348   
  1349   1349       /* If iCurrentBlock>=iLeafEndBlock, this is an EOF condition. All leaf 
  1350   1350       ** blocks have already been traversed.  */
  1351         -    assert( pReader->iCurrentBlock<=pReader->iLeafEndBlock );
         1351  +#ifdef CORRUPT_DB
         1352  +    assert( pReader->iCurrentBlock<=pReader->iLeafEndBlock || CORRUPT_DB );
         1353  +#endif
  1352   1354       if( pReader->iCurrentBlock>=pReader->iLeafEndBlock ){
  1353   1355         return SQLITE_OK;
  1354   1356       }
  1355   1357   
  1356   1358       rc = sqlite3Fts3ReadBlock(
  1357   1359           p, ++pReader->iCurrentBlock, &pReader->aNode, &pReader->nNode, 
  1358   1360           (bIncr ? &pReader->nPopulate : 0)
................................................................................
  3231   3233       iNewLevel = getAbsoluteLevel(p, iLangid, iIndex, iLevel+1);
  3232   3234       rc = fts3AllocateSegdirIdx(p, iLangid, iIndex, iLevel+1, &iIdx);
  3233   3235       bIgnoreEmpty = (iLevel!=FTS3_SEGCURSOR_PENDING) && (iNewLevel>iMaxLevel);
  3234   3236     }
  3235   3237     if( rc!=SQLITE_OK ) goto finished;
  3236   3238   
  3237   3239     assert( csr.nSegment>0 );
  3238         -  assert( iNewLevel>=getAbsoluteLevel(p, iLangid, iIndex, 0) );
  3239         -  assert( iNewLevel<getAbsoluteLevel(p, iLangid, iIndex,FTS3_SEGDIR_MAXLEVEL) );
         3240  +  assert_fts3_nc( iNewLevel>=getAbsoluteLevel(p, iLangid, iIndex, 0) );
         3241  +  assert_fts3_nc( 
         3242  +    iNewLevel<getAbsoluteLevel(p, iLangid, iIndex,FTS3_SEGDIR_MAXLEVEL) 
         3243  +  );
  3240   3244   
  3241   3245     memset(&filter, 0, sizeof(Fts3SegFilter));
  3242   3246     filter.flags = FTS3_SEGMENT_REQUIRE_POS;
  3243   3247     filter.flags |= (bIgnoreEmpty ? FTS3_SEGMENT_IGNORE_EMPTY : 0);
  3244   3248   
  3245   3249     rc = sqlite3Fts3SegReaderStart(p, &csr, &filter);
  3246   3250     while( SQLITE_OK==rc ){

Changes to ext/fts5/fts5.h.

   158    158   **
   159    159   **
   160    160   ** xSetAuxdata(pFts5, pAux, xDelete)
   161    161   **
   162    162   **   Save the pointer passed as the second argument as the extension functions 
   163    163   **   "auxiliary data". The pointer may then be retrieved by the current or any
   164    164   **   future invocation of the same fts5 extension function made as part of
   165         -**   of the same MATCH query using the xGetAuxdata() API.
          165  +**   the same MATCH query using the xGetAuxdata() API.
   166    166   **
   167    167   **   Each extension function is allocated a single auxiliary data slot for
   168    168   **   each FTS query (MATCH expression). If the extension function is invoked 
   169    169   **   more than once for a single FTS query, then all invocations share a 
   170    170   **   single auxiliary data context.
   171    171   **
   172    172   **   If there is already an auxiliary data pointer when this function is
................................................................................
   173    173   **   invoked, then it is replaced by the new pointer. If an xDelete callback
   174    174   **   was specified along with the original pointer, it is invoked at this
   175    175   **   point.
   176    176   **
   177    177   **   The xDelete callback, if one is specified, is also invoked on the
   178    178   **   auxiliary data pointer after the FTS5 query has finished.
   179    179   **
   180         -**   If an error (e.g. an OOM condition) occurs within this function, an
          180  +**   If an error (e.g. an OOM condition) occurs within this function,
   181    181   **   the auxiliary data is set to NULL and an error code returned. If the
   182    182   **   xDelete parameter was not NULL, it is invoked on the auxiliary data
   183    183   **   pointer before returning.
   184    184   **
   185    185   **
   186    186   ** xGetAuxdata(pFts5, bClear)
   187    187   **

Changes to ext/fts5/fts5_index.c.

  4165   4165               /* Set the szLeaf field */
  4166   4166               fts5PutU16(&buf.p[2], (u16)buf.n);
  4167   4167             }
  4168   4168   
  4169   4169             /* Set up the new page-index array */
  4170   4170             fts5BufferAppendVarint(&p->rc, &buf, 4);
  4171   4171             if( pSeg->iLeafPgno==pSeg->iTermLeafPgno 
  4172         -              && pSeg->iEndofDoclist<pData->szLeaf 
  4173         -            ){
         4172  +           && pSeg->iEndofDoclist<pData->szLeaf
         4173  +           && pSeg->iPgidxOff<=pData->nn
         4174  +          ){
  4174   4175               int nDiff = pData->szLeaf - pSeg->iEndofDoclist;
  4175   4176               fts5BufferAppendVarint(&p->rc, &buf, buf.n - 1 - nDiff - 4);
  4176   4177               fts5BufferAppendBlob(&p->rc, &buf, 
  4177   4178                   pData->nn - pSeg->iPgidxOff, &pData->p[pSeg->iPgidxOff]
  4178         -                );
         4179  +            );
  4179   4180             }
  4180   4181   
  4181   4182             pSeg->pSeg->pgnoFirst = pSeg->iTermLeafPgno;
  4182   4183             fts5DataDelete(p, FTS5_SEGMENT_ROWID(iId, 1), iLeafRowid);
  4183   4184             fts5DataWrite(p, iLeafRowid, buf.p, buf.n);
  4184   4185           }
  4185   4186           fts5DataRelease(pData);

Changes to ext/fts5/test/fts5corrupt3.test.

  7776   7776     SAVEPOINT one;
  7777   7777     DELETE FROM t1 WHERE a MATCH 'ts';
  7778   7778   }
  7779   7779   
  7780   7780   do_execsql_test 55.2 {
  7781   7781     ROLLBACK TO one;
  7782   7782   }
         7783  +
         7784  +#-------------------------------------------------------------------------
         7785  +reset_db
         7786  +do_test 56.0 {
         7787  +  sqlite3 db {}
         7788  +  db deserialize [decode_hexdb {
         7789  +.open --hexdb
         7790  +| size 24576 pagesize 4096 filename crash-2acc487d09f033.db
         7791  +| page 1 offset 0
         7792  +|      0: 53 51 4c 69 74 65 20 66 6f 72 6d 61 74 20 33 00   SQLite format 3.
         7793  +|     16: 10 00 01 01 00 40 20 20 00 00 00 00 00 00 00 06   .....@  ........
         7794  +|     32: 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04   ................
         7795  +|     48: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00   ................
         7796  +|     96: 00 00 00 00 0d 00 00 00 06 0e 0f 00 0f aa 0f 53   ...............S
         7797  +|    112: 0e e8 0e 8b 0e 33 0e 0f 00 00 00 00 00 00 00 00   .....3..........
         7798  +|   3584: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22   ................
         7799  +|   3600: 06 06 17 11 11 01 31 74 61 62 6c 65 62 62 62 62   ......1tablebbbb
         7800  +|   3616: 06 43 52 45 41 54 45 20 54 41 42 4c 45 20 62 62   .CREATE TABLE bb
         7801  +|   3632: 28 61 29 56 05 06 17 1f 1f 01 7d 74 61 62 6c 65   (a)V.......table
         7802  +|   3648: 74 31 5f 63 6f 6e 66 69 67 74 31 5f 63 6f 6e 66   t1_configt1_conf
         7803  +|   3664: 69 67 05 43 52 45 41 54 45 20 54 41 42 4c 45 20   ig.CREATE TABLE 
         7804  +|   3680: 27 74 31 5f 63 6f 6e 66 69 67 27 28 6b 20 50 52   't1_config'(k PR
         7805  +|   3696: 49 4d 41 52 59 20 4b 45 59 2c 20 76 29 20 57 49   IMARY KEY, v) WI
         7806  +|   3712: 54 48 4f 55 54 20 52 4f 57 49 44 5b 04 07 17 21   THOUT ROWID[...!
         7807  +|   3728: 21 01 81 01 74 61 62 6c 65 74 31 5f 64 6f 63 73   !...tablet1_docs
         7808  +|   3744: 69 7a 65 74 31 4f 64 6f 63 73 69 7a 65 04 43 52   izet1Odocsize.CR
         7809  +|   3760: 45 41 54 45 20 54 41 42 4c 45 20 27 74 31 5f 64   EATE TABLE 't1_d
         7810  +|   3776: 6f 63 73 69 7a 65 27 28 69 64 20 49 4e 54 45 47   ocsize'(id INTEG
         7811  +|   3792: 45 52 20 50 52 49 4d 41 52 59 20 4b 45 59 2c 20   ER PRIMARY KEY, 
         7812  +|   3808: 73 7a 20 42 4c 4f 42 29 69 03 07 17 19 19 01 81   sz BLOB)i.......
         7813  +|   3824: 2d 74 61 62 6c 65 74 31 5f 69 64 78 74 31 5f 69   -tablet1_idxt1_i
         7814  +|   3840: 64 78 03 43 52 45 41 54 45 20 54 41 42 4c 45 20   dx.CREATE TABLE 
         7815  +|   3856: 27 74 31 5f 69 64 78 27 28 73 65 67 69 64 2c 20   't1_idx'(segid, 
         7816  +|   3872: 74 65 72 6d 2c 20 70 67 6e 6f 2c 20 50 52 49 4d   term, pgno, PRIM
         7817  +|   3888: 41 52 59 20 4b 45 59 28 73 65 67 69 64 2c 20 74   ARY KEY(segid, t
         7818  +|   3904: 65 72 6d 29 29 20 57 49 54 48 4f 55 54 20 52 4f   erm)) WITHOUT RO
         7819  +|   3920: 57 49 44 55 02 07 17 1b 1b 01 81 01 74 61 62 6c   WIDU........tabl
         7820  +|   3936: 65 74 31 5f 64 61 74 61 74 31 5f 64 61 74 61 02   et1_datat1_data.
         7821  +|   3952: 43 52 45 41 54 45 20 54 41 42 4c 45 20 27 74 31   CREATE TABLE 't1
         7822  +|   3968: 5f 64 61 74 61 27 28 69 64 20 49 4e 54 45 47 45   _data'(id INTEGE
         7823  +|   3984: 52 20 50 52 49 4d 41 52 59 20 4b 45 59 2c 20 62   R PRIMARY KEY, b
         7824  +|   4000: 6c 6f 63 6b 20 42 4c 4f 42 29 54 01 07 17 11 11   lock BLOB)T.....
         7825  +|   4016: 08 81 15 74 61 62 6c 65 74 31 74 31 43 52 45 41   ...tablet1t1CREA
         7826  +|   4032: 54 45 20 56 49 52 54 55 41 4c 20 54 41 42 4c 45   TE VIRTUAL TABLE
         7827  +|   4048: 20 74 31 20 55 53 49 4e 47 20 66 74 73 35 28 61    t1 USING fts5(a
         7828  +|   4064: 2c 62 2c 70 72 65 66 69 78 3d 22 32 2c 32 2c 33   ,b,prefix=.2,2,3
         7829  +|   4080: 2c 34 22 2c 20 63 6f 6e 74 65 6e 74 3d 22 22 29   ,4., content=..)
         7830  +| page 2 offset 4096
         7831  +|      0: 0d 0b 6a 00 37 09 4c 02 0f e7 09 4c 0f c6 0f a4   ..j.7.L....L....
         7832  +|     16: 0f 88 0f 6d 0f 4b 0f 2c 0f 0e 0e ec 0e cd 0e ad   ...m.K.,........
         7833  +|     32: 0e 8e 0e 6c 0e 4b 0e 29 0e 08 0d e6 0d c4 0d b5   ...l.K.)........
         7834  +|     48: 0d 97 0d 76 0d 54 0d 31 0d 15 0c f3 0c d3 0c b5   ...v.T.1........
         7835  +|     64: 0c 95 0c 73 0c 54 0c 32 0c 10 0b ee 0b cc 0b b0   ...s.T.2........
         7836  +|     80: 0b 8d 0b 7e 0b 48 0b 2e 0b 0b 0a ef 0a cc 0a ad   ...~.H..........
         7837  +|     96: 0a 8c 0a 6d 0a 4d 0a 2b 0a 0c 09 ec 09 ca 09 a8   ...m.M.+........
         7838  +|    112: 09 86 09 63 0f f1 00 00 00 00 00 00 00 00 00 00   ...c............
         7839  +|   2368: 00 00 00 00 00 00 00 00 00 00 00 00 15 0a 03 00   ................
         7840  +|   2384: 30 00 00 00 01 01 03 35 00 03 01 01 12 02 01 12   0......5........
         7841  +|   2400: 03 01 11 1c 8c 80 80 80 80 10 03 00 3e 00 00 00   ............>...
         7842  +|   2416: 17 01 05 05 34 74 61 62 6c 03 02 03 01 04 77 68   ....4tabl.....wh
         7843  +|   2432: 65 72 03 02 06 09 1b 8c 80 80 80 80 0f 03 00 3c   er.............<
         7844  +|   2448: 00 00 00 16 05 34 66 74 73 34 03 02 02 01 04 6e   .....4fts4.....n
         7845  +|   2464: 75 6d 62 03 06 01 04 09 1b 8c 80 80 80 80 0e 03   umb.............
         7846  +|   2480: 00 3c 00 00 00 16 04 33 74 68 65 03 06 01 01 04   .<.....3the.....
         7847  +|   2496: 01 03 77 68 65 03 02 04 04 0a 1b 8c 80 80 80 80   ..whe...........
         7848  +|   2512: 0d 03 00 3c 00 00 00 16 04 33 6e 75 6d 03 06 01   ...<.....3num...
         7849  +|   2528: 01 05 01 03 74 61 62 03 02 03 04 0a 19 8c 80 80   ....tab.........
         7850  +|   2544: 80 80 0c 03 00 38 00 00 00 14 03 32 77 68 03 02   .....8.....2wh..
         7851  +|   2560: 04 00 04 33 66 74 73 03 02 02 04 07 18 8c 80 80   ...3fts.........
         7852  +|   2576: 80 80 0b 03 00 36 00 00 00 13 03 32 74 61 03 02   .....6.....2ta..
         7853  +|   2592: 03 02 01 68 03 06 01 01 04 04 07 1b 8c 80 80 80   ...h............
         7854  +|   2608: 80 09 03 00 3c 00 00 00 16 03 32 6e 75 03 06 01   ....<.....2nu...
         7855  +|   2624: 01 05 01 02 6f 66 03 3b 01 01 06 04 09 19 8c 80   ....of.;........
         7856  +|   2640: 80 80 80 09 03 00 38 00 00 00 14 03 32 66 74 03   ......8.....2ft.
         7857  +|   2656: 02 02 01 02 69 73 03 06 01 01 03 04 07 18 8c 80   ....is..........
         7858  +|   2672: 80 80 80 08 03 00 36 00 00 00 13 02 31 74 03 08   ......6.....1t..
         7859  +|   2688: 03 01 01 04 01 01 77 03 02 04 04 09 1a 8c 80 80   ......w.........
         7860  +|   2704: 80 80 07 03 00 3a ff 00 00 15 02 31 6e 03 08 01   .....:.....1n...
         7861  +|   2720: 01 02 05 01 01 6f 03 06 01 01 06 04 09 18 8c 80   .....o..........
         7862  +|   2736: 80 80 80 06 03 00 36 00 00 00 13 04 02 31 66 03   ......6......1f.
         7863  +|   2752: 02 02 01 01 69 03 06 01 01 03 05 06 1c 8c 80 80   ....i...........
         7864  +|   2768: 80 80 05 03 00 3e 00 00 00 17 04 30 74 68 65 03   .....>.....0the.
         7865  +|   2784: 06 00 f1 04 01 05 77 68 65 72 65 03 02 04 0a 15   ......where.....
         7866  +|   2800: 8c 80 80 80 80 04 03 00 30 00 00 00 11 01 01 06   ........0.......
         7867  +|   2816: 06 30 74 61 62 6c 65 03 02 03 07 1c 8c 80 80 80   .0table.........
         7868  +|   2832: 80 03 03 00 3e 00 00 00 17 07 30 6e 75 6d 62 65   ....>.....0numbe
         7869  +|   2848: 72 03 06 01 01 05 01 02 6f 66 03 06 04 0d 13 8c   r.......of......
         7870  +|   2864: 80 80 80 80 02 03 00 2c 00 00 00 0f 01 01 03 02   .......,........
         7871  +|   2880: 30 6e 03 06 01 01 02 07 1b 8c 80 80 80 80 01 03   0n..............
         7872  +|   2896: 00 3c 00 00 00 16 08 30 66 74 73 34 61 75 78 03   .<.....0fts4aux.
         7873  +|   2912: 02 02 01 02 69 73 03 06 04 0c 00 00 00 14 2a 00   ....is........*.
         7874  +|   2928: 00 00 01 01 02 24 00 02 01 01 12 02 01 12 08 88   .....$..........
         7875  +|   2944: 80 80 80 80 12 03 00 16 00 00 00 05 02 1c 88 80   ................
         7876  +|   2960: 80 80 80 11 03 00 3e 00 00 00 17 05 34 72 6f 77   ......>.....4row
         7877  +|   2976: 73 02 06 01 01 05 01 04 74 68 65 72 02 02 04 0b   s.......ther....
         7878  +|   2992: 15 88 80 80 80 80 10 03 00 30 00 00 00 11 02 01   .........0......
         7879  +|   3008: 01 07 05 34 62 65 74 77 02 02 04 08 1b 88 80 80   ...4betw........
         7880  +|   3024: 80 80 0f 03 00 3c 00 00 00 16 04 04 33 72 6f 77   .....<......3row
         7881  +|   3040: 02 06 01 01 05 01 03 74 68 65 02 08 05 0a 1b 88   .......the......
         7882  +|   3056: 80 80 80 80 0e 03 00 3c 00 00 00 16 01 01 02 04   .......<........
         7883  +|   3072: 33 61 72 65 02 02 03 01 03 62 65 74 02 02 07 08   3are.....bet....
         7884  +|   3088: 1b 88 80 80 80 80 0d 03 00 3c 00 00 00 16 03 32   .........<.....2
         7885  +|   3104: 74 68 02 08 02 01 01 07 00 04 33 61 6e 64 02 06   th........3and..
         7886  +|   3120: 04 0a 1b 88 80 80 80 80 0c 03 00 3c 00 00 00 16   ...........<....
         7887  +|   3136: 03 32 69 6e 02 06 01 01 06 01 02 72 6f 02 06 01   .2in.......ro...
         7888  +|   3152: 01 05 04 09 18 88 80 80 80 80 0b 03 00 36 00 00   .............6..
         7889  +|   3168: 00 13 02 03 32 61 72 02 02 03 01 02 62 65 02 02   ....2ar.....be..
         7890  +|   3184: 04 05 07 1b 88 80 80 80 80 0a 03 00 3c 00 00 00   ............<...
         7891  +|   3200: 16 02 31 74 02 08 02 01 01 07 00 03 32 61 6e 02   ..1t........2an.
         7892  +|   3216: 06 01 01 04 09 19 88 80 80 80 80 09 03 00 38 00   ..............8.
         7893  +|   3232: 00 00 14 02 31 6e 02 06 01 01 03 01 01 72 02 06   ....1n.......r..
         7894  +|   3248: 01 01 05 04 08 17 88 80 80 80 80 08 03 00 34 00   ..............4.
         7895  +|   3264: 00 00 12 02 31 62 02 02 04 01 01 69 02 06 01 01   ....1b.....i....
         7896  +|   3280: 06 04 06 19 88 80 80 80 80 07 03 00 38 00 00 00   ............8...
         7897  +|   3296: 14 04 02 31 32 02 02 05 01 01 61 02 08 03 01 01   ...12.....a.....
         7898  +|   3312: 02 05 06 1b 88 80 80 80 80 06 03 00 3c 00 00 00   ............<...
         7899  +|   3328: 16 06 30 74 68 65 72 65 02 02 02 00 02 31 31 02   ..0there.....11.
         7900  +|   3344: 06 01 01 04 0a 15 88 80 80 80 80 05 03 00 30 00   ..............0.
         7901  +|   3360: 00 00 11 01 01 05 04 30 74 68 65 02 06 01 01 07   .......0the.....
         7902  +|   3376: 07 1c 88 80 80 80 80 04 03 00 3e 00 00 00 17 01   ..........>.....
         7903  +|   3392: 01 06 02 30 6e 02 06 01 01 03 01 04 72 6f 77 73   ...0n.......rows
         7904  +|   3408: 02 06 07 08 1b 88 80 80 80 80 03 03 00 3c 00 00   .............<..
         7905  +|   3424: 00 16 08 30 62 65 74 77 65 65 6e 02 02 04 01 02   ...0between.....
         7906  +|   3440: 69 6e 02 06 04 0c 1a 88 80 80 80 80 02 03 00 3a   in.............:
         7907  +|   3456: 00 00 00 15 04 30 61 6e 64 02 06 01 01 02 02 02   .....0and.......
         7908  +|   3472: 72 65 02 02 03 04 0a 17 88 80 80 80 80 01 03 00   re..............
         7909  +|   3488: 34 00 00 00 12 02 30 31 02 06 01 01 04 01 01 32   4.....01.......2
         7910  +|   3504: 02 02 05 04 08 08 84 80 80 80 81 12 03 00 16 00   ................
         7911  +|   3520: 00 00 05 04 1b 84 61 80 80 80 11 03 00 3c 00 00   ......a......<..
         7912  +|   3536: 00 16 05 34 74 61 62 6c 01 06 01 01 05 02 03 65   ...4tabl.......e
         7913  +|   3552: 72 6d 01 02 04 0b 1b 84 80 80 80 80 10 03 00 3c   rm.............<
         7914  +|   3568: 00 00 00 16 05 34 65 61 63 68 01 02 03 01 04 70   .....4each.....p
         7915  +|   3584: 72 65 73 01 02 05 04 09 1a 84 80 80 80 80 0f 03   res.............
         7916  +|   3600: 00 3a 00 00 00 15 04 33 74 65 72 01 02 04 02 02   .:.....3ter.....
         7917  +|   3616: 68 65 01 06 01 01 03 04 08 1b 84 80 80 80 80 0e   he..............
         7918  +|   3632: 03 00 3c 00 00 00 16 04 33 70 72 65 01 02 05 01   ..<.....3pre....
         7919  +|   3648: 03 74 61 62 01 06 01 01 05 14 08 1a 84 80 80 80   .tab............
         7920  +|   3664: 80 0d 03 00 3a 00 00 00 15 04 33 66 6f 72 01 02   ....:.....3for..
         7921  +|   3680: 02 02 02 74 73 01 06 01 01 04 04 08 1b 84 80 80   ...ts...........
         7922  +|   3696: 80 80 0c 03 00 3c 00 00 00 16 03 32 74 68 01 06   .....<.....2th..
         7923  +|   3712: 01 01 03 00 04 33 65 61 63 01 02 03 04 09 18 84   .....3eac.......
         7924  +|   3728: 80 80 80 80 0b 03 00 36 00 00 00 13 03 32 74 71   .......6.....2tq
         7925  +|   3744: 01 06 01 01 05 02 01 65 01 02 04 04 09 19 84 80   .......e........
         7926  +|   3760: 80 80 80 0a 03 00 38 00 00 00 14 03 32 69 6e 01   ......8.....2in.
         7927  +|   3776: 06 01 01 02 01 02 70 72 01 02 05 0b 89 18 84 80   ......pr........
         7928  +|   3792: 80 80 80 09 03 00 36 00 00 00 13 03 32 66 6f 01   ......6.....2fo.
         7929  +|   3808: 02 02 02 01 74 01 06 01 01 04 04 07 1b 84 80 80   ....t...........
         7930  +|   3824: 80 80 08 03 00 3c 00 00 00 16 02 31 74 01 0a 04   .....<.....1t...
         7931  +|   3840: 01 01 03 04 00 03 32 65 61 01 02 03 04 0a 17 84   ......2ea.......
         7932  +|   3856: 80 80 80 80 07 03 00 34 00 00 00 12 02 31 69 01   .......4.....1i.
         7933  +|   3872: 06 01 01 02 01 01 70 01 02 05 04 08 18 84 80 80   ......p.........
         7934  +|   3888: 80 80 06 03 00 36 00 00 00 13 02 31 65 01 02 03   .....6.....1e...
         7935  +|   3904: 01 01 66 01 08 02 01 01 04 04 06 1b 84 80 80 80   ..f.............
         7936  +|   3920: 80 05 03 00 3c 00 00 00 16 05 30 74 65 72 6d 01   ....<.....0term.
         7937  +|   3936: 02 04 02 02 68 65 01 06 01 01 03 04 09 14 84 80   ....he..........
         7938  +|   3952: 80 80 80 04 03 00 2e 00 00 00 10 06 30 74 61 62   ............0tab
         7939  +|   3968: 6c 65 01 06 01 01 05 04 15 84 80 80 80 80 03 03   le..............
         7940  +|   3984: 00 30 00 00 00 11 02 08 30 70 72 65 73 65 6e 74   .0......0present
         7941  +|   4000: 01 02 05 05 1b 84 80 80 80 80 02 03 00 3c 00 00   .............<..
         7942  +|   4016: 00 16 04 30 66 74 73 01 06 01 01 04 01 02 69 6e   ...0fts.......in
         7943  +|   4032: 01 06 01 01 04 0a 1a 84 80 80 80 80 01 03 00 3a   ...............:
         7944  +|   4048: 00 00 00 15 05 30 65 61 63 f4 01 02 03 01 03 66   .....0eac......f
         7945  +|   4064: 6f 72 01 02 02 04 09 06 01 03 00 12 03 0b 0f 00   or..............
         7946  +|   4080: 00 08 8c 80 80 80 80 11 03 00 16 00 00 00 05 04   ................
         7947  +| page 3 offset 8192
         7948  +|      0: 0a 00 00 00 32 0e 4f 00 0f fa 0f f1 0f e9 0f e1   ....2.O.........
         7949  +|     16: 0f d8 0f d1 0f c9 0f c1 0f b9 0f b1 0f a9 0f a0   ................
         7950  +|     32: 0f 98 0f 90 0f 87 0f 80 0f 78 0f 71 0f 68 0f 5f   .........x.q.h._
         7951  +|     48: 0f 56 0f 4d 0f 41 0f 38 0f 2f 0f 26 0f 1d 0f 13   .V.M.A.8./.&....
         7952  +|     64: 0f 0a 0f 01 0e f7 0e ee 0e e6 0e dd 0e d6 0e cd   ................
         7953  +|     80: 0e c3 0e ba 0e b0 0e a8 0e 9f 0e 96 0e 8e 0e 85   ................
         7954  +|     96: 0e 7c 0e 73 0e 6a 0e 60 0e 58 0e 4f 00 00 00 00   .|.s.j.`.X.O....
         7955  +|   3648: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08   ................
         7956  +|   3664: 04 01 10 01 03 34 74 20 07 04 01 0e 01 03 34 1e   .....4t ......4.
         7957  +|   3680: 09 04 01 12 01 03 33 74 68 1c 08 04 01 10 01 03   ......3th.......
         7958  +|   3696: 33 6e 1a 08 04 01 10 01 03 32 77 18 08 04 01 10   3n.......2w.....
         7959  +|   3712: 01 03 32 74 16 08 04 01 10 01 03 32 6e 14 07 04   ..2t.......2n...
         7960  +|   3728: 01 0e 01 03 32 12 08 04 01 10 01 03 31 74 10 08   ....2.......1t..
         7961  +|   3744: 04 01 10 01 03 31 6e 0e 07 04 01 0e 01 03 31 0c   .....1n.......1.
         7962  +|   3760: 09 04 01 12 01 03 30 74 68 0a 08 04 01 10 01 03   ......0th.......
         7963  +|   3776: 30 74 08 09 04 01 12 01 03 30 6e 75 06 08 04 01   0t.......0nu....
         7964  +|   3792: 10 01 03 30 6e 04 06 04 01 0c 01 03 02 08 04 01   ...0n...........
         7965  +|   3808: 10 01 02 34 72 22 07 04 01 0e 01 02 34 20 08 04   ...4r.......4 ..
         7966  +|   3824: 01 10 01 02 33 72 1e 09 04 01 12 01 02 33 61 72   ....3r.......3ar
         7967  +|   3840: 1c 08 04 01 10 01 02 32 74 1a 08 04 01 10 b3 02   .......2t.......
         7968  +|   3856: 32 69 18 09 04 01 12 01 02 32 61 72 16 08 04 01   2i.......2ar....
         7969  +|   3872: 10 01 02 31 74 14 08 04 01 10 01 02 31 6e 12 08   ...1t.......1n..
         7970  +|   3888: 04 01 10 01 02 31 62 10 08 04 01 10 01 02 31 32   .....1b.......12
         7971  +|   3904: 0e 0b 04 01 16 01 02 30 74 68 65 72 0c 08 04 01   .......0ther....
         7972  +|   3920: 10 01 02 30 74 0a 08 04 01 10 01 02 30 6e 08 08   ...0t.......0n..
         7973  +|   3936: 04 01 10 01 02 30 62 06 08 04 01 10 01 02 30 61   .....0b.......0a
         7974  +|   3952: 05 06 04 01 0c 01 02 02 07 04 09 10 01 34 74 22   .............4t.
         7975  +|   3968: 06 04 09 0e 01 34 20 08 04 09 12 01 33 74 65 1e   .....4 .....3te.
         7976  +|   3984: 07 04 09 10 01 33 70 1c 07 04 09 10 01 33 66 1a   .....3p......3f.
         7977  +|   4000: 08 04 09 12 01 32 74 68 18 07 04 09 10 01 32 2d   .....2th......2-
         7978  +|   4016: 16 07 04 09 10 01 32 69 14 07 04 09 10 01 32 66   ......2i......2f
         7979  +|   4032: 12 07 04 09 10 01 31 74 10 07 04 09 10 01 31 69   ......1t......1i
         7980  +|   4048: 0e 06 04 09 0e 01 31 0c 08 04 09 12 01 30 74 65   ......1......0te
         7981  +|   4064: 0a 07 04 09 10 01 30 74 08 07 04 09 10 01 30 70   ......0t......0p
         7982  +|   4080: 06 08 04 09 12 01 30 66 74 04 05 04 09 0c 01 02   ......0ft.......
         7983  +| page 4 offset 12288
         7984  +|      0: 0d 00 00 00 03 0f eb 00 0f f9 0f f2 0f eb 00 00   ................
         7985  +|   4064: 00 00 00 00 00 00 00 00 00 00 00 05 03 03 00 10   ................
         7986  +|   4080: 03 05 05 02 03 00 10 04 06 05 01 03 00 10 04 03   ................
         7987  +| page 5 offset 16384
         7988  +|      0: 0a 00 00 00 02 0f eb 00 0f eb 0f f4 00 00 00 00   ................
         7989  +|   4064: 00 00 00 00 00 00 00 00 00 00 00 08 03 15 01 70   ...............p
         7990  +|   4080: 67 73 7a 18 0b 03 1b 01 76 65 72 73 69 6f 6e 04   gsz.....version.
         7991  +| page 6 offset 20480
         7992  +|      0: 0d 00 00 00 03 0f f2 00 0f fc 0f f7 0f f2 00 00   ................
         7993  +|   4080: 00 00 03 03 02 01 03 03 02 02 01 02 02 01 02 09   ................
         7994  +| end crash-2acc487d09f033.db
         7995  +}]} {}
         7996  +
         7997  +do_catchsql_test 56.1 {
         7998  +  INSERT INTO t1(b) VALUES(randomblob(250));
         7999  +  INSERT INTO t1(b) VALUES(randomblob(250));
         8000  +} {1 {database disk image is malformed}}
  7783   8001   
  7784   8002   sqlite3_fts5_may_be_corrupt 0
  7785   8003   finish_test
  7786   8004   

Added ext/misc/fossildelta.c.

            1  +/*
            2  +** 2019-02-19
            3  +**
            4  +** The author disclaims copyright to this source code.  In place of
            5  +** a legal notice, here is a blessing:
            6  +**
            7  +**    May you do good and not evil.
            8  +**    May you find forgiveness for yourself and forgive others.
            9  +**    May you share freely, never taking more than you give.
           10  +**
           11  +******************************************************************************
           12  +**
           13  +** This SQLite extension implements the delta functions used by Fossil.
           14  +*/
           15  +#include <string.h>
           16  +#include <assert.h>
           17  +#include <stdlib.h>
           18  +#include "sqlite3ext.h"
           19  +SQLITE_EXTENSION_INIT1
           20  +
           21  +/*
           22  +** The "u32" type must be an unsigned 32-bit integer.  Adjust this
           23  +*/
           24  +typedef unsigned int u32;
           25  +
           26  +/*
           27  +** Must be a 16-bit value
           28  +*/
           29  +typedef short int s16;
           30  +typedef unsigned short int u16;
           31  +
           32  +
           33  +/*
           34  +** The width of a hash window in bytes.  The algorithm only works if this
           35  +** is a power of 2.
           36  +*/
           37  +#define NHASH 16
           38  +
           39  +/*
           40  +** The current state of the rolling hash.
           41  +**
           42  +** z[] holds the values that have been hashed.  z[] is a circular buffer.
           43  +** z[i] is the first entry and z[(i+NHASH-1)%NHASH] is the last entry of
           44  +** the window.
           45  +**
           46  +** Hash.a is the sum of all elements of hash.z[].  Hash.b is a weighted
           47  +** sum.  Hash.b is z[i]*NHASH + z[i+1]*(NHASH-1) + ... + z[i+NHASH-1]*1.
           48  +** (Each index for z[] should be module NHASH, of course.  The %NHASH operator
           49  +** is omitted in the prior expression for brevity.)
           50  +*/
           51  +typedef struct hash hash;
           52  +struct hash {
           53  +  u16 a, b;         /* Hash values */
           54  +  u16 i;            /* Start of the hash window */
           55  +  char z[NHASH];    /* The values that have been hashed */
           56  +};
           57  +
           58  +/*
           59  +** Initialize the rolling hash using the first NHASH characters of z[]
           60  +*/
           61  +static void hash_init(hash *pHash, const char *z){
           62  +  u16 a, b, i;
           63  +  a = b = z[0];
           64  +  for(i=1; i<NHASH; i++){
           65  +    a += z[i];
           66  +    b += a;
           67  +  }
           68  +  memcpy(pHash->z, z, NHASH);
           69  +  pHash->a = a & 0xffff;
           70  +  pHash->b = b & 0xffff;
           71  +  pHash->i = 0;
           72  +}
           73  +
           74  +/*
           75  +** Advance the rolling hash by a single character "c"
           76  +*/
           77  +static void hash_next(hash *pHash, int c){
           78  +  u16 old = pHash->z[pHash->i];
           79  +  pHash->z[pHash->i] = c;
           80  +  pHash->i = (pHash->i+1)&(NHASH-1);
           81  +  pHash->a = pHash->a - old + c;
           82  +  pHash->b = pHash->b - NHASH*old + pHash->a;
           83  +}
           84  +
           85  +/*
           86  +** Return a 32-bit hash value
           87  +*/
           88  +static u32 hash_32bit(hash *pHash){
           89  +  return (pHash->a & 0xffff) | (((u32)(pHash->b & 0xffff))<<16);
           90  +}
           91  +
           92  +/*
           93  +** Compute a hash on NHASH bytes.
           94  +**
           95  +** This routine is intended to be equivalent to:
           96  +**    hash h;
           97  +**    hash_init(&h, zInput);
           98  +**    return hash_32bit(&h);
           99  +*/
          100  +static u32 hash_once(const char *z){
          101  +  u16 a, b, i;
          102  +  a = b = z[0];
          103  +  for(i=1; i<NHASH; i++){
          104  +    a += z[i];
          105  +    b += a;
          106  +  }
          107  +  return a | (((u32)b)<<16);
          108  +}
          109  +
          110  +/*
          111  +** Write an base-64 integer into the given buffer.
          112  +*/
          113  +static void putInt(unsigned int v, char **pz){
          114  +  static const char zDigits[] =
          115  +    "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz~";
          116  +  /*  123456789 123456789 123456789 123456789 123456789 123456789 123 */
          117  +  int i, j;
          118  +  char zBuf[20];
          119  +  if( v==0 ){
          120  +    *(*pz)++ = '0';
          121  +    return;
          122  +  }
          123  +  for(i=0; v>0; i++, v>>=6){
          124  +    zBuf[i] = zDigits[v&0x3f];
          125  +  }
          126  +  for(j=i-1; j>=0; j--){
          127  +    *(*pz)++ = zBuf[j];
          128  +  }
          129  +}
          130  +
          131  +/*
          132  +** Read bytes from *pz and convert them into a positive integer.  When
          133  +** finished, leave *pz pointing to the first character past the end of
          134  +** the integer.  The *pLen parameter holds the length of the string
          135  +** in *pz and is decremented once for each character in the integer.
          136  +*/
          137  +static unsigned int deltaGetInt(const char **pz, int *pLen){
          138  +  static const signed char zValue[] = {
          139  +    -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
          140  +    -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
          141  +    -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
          142  +     0,  1,  2,  3,  4,  5,  6,  7,    8,  9, -1, -1, -1, -1, -1, -1,
          143  +    -1, 10, 11, 12, 13, 14, 15, 16,   17, 18, 19, 20, 21, 22, 23, 24,
          144  +    25, 26, 27, 28, 29, 30, 31, 32,   33, 34, 35, -1, -1, -1, -1, 36,
          145  +    -1, 37, 38, 39, 40, 41, 42, 43,   44, 45, 46, 47, 48, 49, 50, 51,
          146  +    52, 53, 54, 55, 56, 57, 58, 59,   60, 61, 62, -1, -1, -1, 63, -1,
          147  +  };
          148  +  unsigned int v = 0;
          149  +  int c;
          150  +  unsigned char *z = (unsigned char*)*pz;
          151  +  unsigned char *zStart = z;
          152  +  while( (c = zValue[0x7f&*(z++)])>=0 ){
          153  +     v = (v<<6) + c;
          154  +  }
          155  +  z--;
          156  +  *pLen -= z - zStart;
          157  +  *pz = (char*)z;
          158  +  return v;
          159  +}
          160  +
          161  +/*
          162  +** Return the number digits in the base-64 representation of a positive integer
          163  +*/
          164  +static int digit_count(int v){
          165  +  unsigned int i, x;
          166  +  for(i=1, x=64; v>=x; i++, x <<= 6){}
          167  +  return i;
          168  +}
          169  +
          170  +#ifdef __GNUC__
          171  +# define GCC_VERSION (__GNUC__*1000000+__GNUC_MINOR__*1000+__GNUC_PATCHLEVEL__)
          172  +#else
          173  +# define GCC_VERSION 0
          174  +#endif
          175  +
          176  +/*
          177  +** Compute a 32-bit big-endian checksum on the N-byte buffer.  If the
          178  +** buffer is not a multiple of 4 bytes length, compute the sum that would
          179  +** have occurred if the buffer was padded with zeros to the next multiple
          180  +** of four bytes.
          181  +*/
          182  +static unsigned int checksum(const char *zIn, size_t N){
          183  +  static const int byteOrderTest = 1;
          184  +  const unsigned char *z = (const unsigned char *)zIn;
          185  +  const unsigned char *zEnd = (const unsigned char*)&zIn[N&~3];
          186  +  unsigned sum = 0;
          187  +  assert( (z - (const unsigned char*)0)%4==0 );  /* Four-byte alignment */
          188  +  if( 0==*(char*)&byteOrderTest ){
          189  +    /* This is a big-endian machine */
          190  +    while( z<zEnd ){
          191  +      sum += *(unsigned*)z;
          192  +      z += 4;
          193  +    }
          194  +  }else{
          195  +    /* A little-endian machine */
          196  +#if GCC_VERSION>=4003000
          197  +    while( z<zEnd ){
          198  +      sum += __builtin_bswap32(*(unsigned*)z);
          199  +      z += 4;
          200  +    }
          201  +#elif defined(_MSC_VER) && _MSC_VER>=1300
          202  +    while( z<zEnd ){
          203  +      sum += _byteswap_ulong(*(unsigned*)z);
          204  +      z += 4;
          205  +    }
          206  +#else
          207  +    unsigned sum0 = 0;
          208  +    unsigned sum1 = 0;
          209  +    unsigned sum2 = 0;
          210  +    while(N >= 16){
          211  +      sum0 += ((unsigned)z[0] + z[4] + z[8] + z[12]);
          212  +      sum1 += ((unsigned)z[1] + z[5] + z[9] + z[13]);
          213  +      sum2 += ((unsigned)z[2] + z[6] + z[10]+ z[14]);
          214  +      sum  += ((unsigned)z[3] + z[7] + z[11]+ z[15]);
          215  +      z += 16;
          216  +      N -= 16;
          217  +    }
          218  +    while(N >= 4){
          219  +      sum0 += z[0];
          220  +      sum1 += z[1];
          221  +      sum2 += z[2];
          222  +      sum  += z[3];
          223  +      z += 4;
          224  +      N -= 4;
          225  +    }
          226  +    sum += (sum2 << 8) + (sum1 << 16) + (sum0 << 24);
          227  +#endif
          228  +  }
          229  +  switch(N&3){
          230  +    case 3:   sum += (z[2] << 8);
          231  +    case 2:   sum += (z[1] << 16);
          232  +    case 1:   sum += (z[0] << 24);
          233  +    default:  ;
          234  +  }
          235  +  return sum;
          236  +}
          237  +
          238  +/*
          239  +** Create a new delta.
          240  +**
          241  +** The delta is written into a preallocated buffer, zDelta, which
          242  +** should be at least 60 bytes longer than the target file, zOut.
          243  +** The delta string will be NUL-terminated, but it might also contain
          244  +** embedded NUL characters if either the zSrc or zOut files are
          245  +** binary.  This function returns the length of the delta string
          246  +** in bytes, excluding the final NUL terminator character.
          247  +**
          248  +** Output Format:
          249  +**
          250  +** The delta begins with a base64 number followed by a newline.  This
          251  +** number is the number of bytes in the TARGET file.  Thus, given a
          252  +** delta file z, a program can compute the size of the output file
          253  +** simply by reading the first line and decoding the base-64 number
          254  +** found there.  The delta_output_size() routine does exactly this.
          255  +**
          256  +** After the initial size number, the delta consists of a series of
          257  +** literal text segments and commands to copy from the SOURCE file.
          258  +** A copy command looks like this:
          259  +**
          260  +**     NNN@MMM,
          261  +**
          262  +** where NNN is the number of bytes to be copied and MMM is the offset
          263  +** into the source file of the first byte (both base-64).   If NNN is 0
          264  +** it means copy the rest of the input file.  Literal text is like this:
          265  +**
          266  +**     NNN:TTTTT
          267  +**
          268  +** where NNN is the number of bytes of text (base-64) and TTTTT is the text.
          269  +**
          270  +** The last term is of the form
          271  +**
          272  +**     NNN;
          273  +**
          274  +** In this case, NNN is a 32-bit bigendian checksum of the output file
          275  +** that can be used to verify that the delta applied correctly.  All
          276  +** numbers are in base-64.
          277  +**
          278  +** Pure text files generate a pure text delta.  Binary files generate a
          279  +** delta that may contain some binary data.
          280  +**
          281  +** Algorithm:
          282  +**
          283  +** The encoder first builds a hash table to help it find matching
          284  +** patterns in the source file.  16-byte chunks of the source file
          285  +** sampled at evenly spaced intervals are used to populate the hash
          286  +** table.
          287  +**
          288  +** Next we begin scanning the target file using a sliding 16-byte
          289  +** window.  The hash of the 16-byte window in the target is used to
          290  +** search for a matching section in the source file.  When a match
          291  +** is found, a copy command is added to the delta.  An effort is
          292  +** made to extend the matching section to regions that come before
          293  +** and after the 16-byte hash window.  A copy command is only issued
          294  +** if the result would use less space that just quoting the text
          295  +** literally. Literal text is added to the delta for sections that
          296  +** do not match or which can not be encoded efficiently using copy
          297  +** commands.
          298  +*/
          299  +static int delta_create(
          300  +  const char *zSrc,      /* The source or pattern file */
          301  +  unsigned int lenSrc,   /* Length of the source file */
          302  +  const char *zOut,      /* The target file */
          303  +  unsigned int lenOut,   /* Length of the target file */
          304  +  char *zDelta           /* Write the delta into this buffer */
          305  +){
          306  +  int i, base;
          307  +  char *zOrigDelta = zDelta;
          308  +  hash h;
          309  +  int nHash;                 /* Number of hash table entries */
          310  +  int *landmark;             /* Primary hash table */
          311  +  int *collide;              /* Collision chain */
          312  +  int lastRead = -1;         /* Last byte of zSrc read by a COPY command */
          313  +
          314  +  /* Add the target file size to the beginning of the delta
          315  +  */
          316  +  putInt(lenOut, &zDelta);
          317  +  *(zDelta++) = '\n';
          318  +
          319  +  /* If the source file is very small, it means that we have no
          320  +  ** chance of ever doing a copy command.  Just output a single
          321  +  ** literal segment for the entire target and exit.
          322  +  */
          323  +  if( lenSrc<=NHASH ){
          324  +    putInt(lenOut, &zDelta);
          325  +    *(zDelta++) = ':';
          326  +    memcpy(zDelta, zOut, lenOut);
          327  +    zDelta += lenOut;
          328  +    putInt(checksum(zOut, lenOut), &zDelta);
          329  +    *(zDelta++) = ';';
          330  +    return zDelta - zOrigDelta;
          331  +  }
          332  +
          333  +  /* Compute the hash table used to locate matching sections in the
          334  +  ** source file.
          335  +  */
          336  +  nHash = lenSrc/NHASH;
          337  +  collide = sqlite3_malloc64( (sqlite3_int64)nHash*2*sizeof(int) );
          338  +  memset(collide, -1, nHash*2*sizeof(int));
          339  +  landmark = &collide[nHash];
          340  +  for(i=0; i<lenSrc-NHASH; i+=NHASH){
          341  +    int hv = hash_once(&zSrc[i]) % nHash;
          342  +    collide[i/NHASH] = landmark[hv];
          343  +    landmark[hv] = i/NHASH;
          344  +  }
          345  +
          346  +  /* Begin scanning the target file and generating copy commands and
          347  +  ** literal sections of the delta.
          348  +  */
          349  +  base = 0;    /* We have already generated everything before zOut[base] */
          350  +  while( base+NHASH<lenOut ){
          351  +    int iSrc, iBlock;
          352  +    unsigned int bestCnt, bestOfst=0, bestLitsz=0;
          353  +    hash_init(&h, &zOut[base]);
          354  +    i = 0;     /* Trying to match a landmark against zOut[base+i] */
          355  +    bestCnt = 0;
          356  +    while( 1 ){
          357  +      int hv;
          358  +      int limit = 250;
          359  +
          360  +      hv = hash_32bit(&h) % nHash;
          361  +      iBlock = landmark[hv];
          362  +      while( iBlock>=0 && (limit--)>0 ){
          363  +        /*
          364  +        ** The hash window has identified a potential match against
          365  +        ** landmark block iBlock.  But we need to investigate further.
          366  +        **
          367  +        ** Look for a region in zOut that matches zSrc. Anchor the search
          368  +        ** at zSrc[iSrc] and zOut[base+i].  Do not include anything prior to
          369  +        ** zOut[base] or after zOut[outLen] nor anything after zSrc[srcLen].
          370  +        **
          371  +        ** Set cnt equal to the length of the match and set ofst so that
          372  +        ** zSrc[ofst] is the first element of the match.  litsz is the number
          373  +        ** of characters between zOut[base] and the beginning of the match.
          374  +        ** sz will be the overhead (in bytes) needed to encode the copy
          375  +        ** command.  Only generate copy command if the overhead of the
          376  +        ** copy command is less than the amount of literal text to be copied.
          377  +        */
          378  +        int cnt, ofst, litsz;
          379  +        int j, k, x, y;
          380  +        int sz;
          381  +        int limitX;
          382  +
          383  +        /* Beginning at iSrc, match forwards as far as we can.  j counts
          384  +        ** the number of characters that match */
          385  +        iSrc = iBlock*NHASH;
          386  +        y = base+i;
          387  +        limitX = ( lenSrc-iSrc <= lenOut-y ) ? lenSrc : iSrc + lenOut - y;
          388  +        for(x=iSrc; x<limitX; x++, y++){
          389  +          if( zSrc[x]!=zOut[y] ) break;
          390  +        }
          391  +        j = x - iSrc - 1;
          392  +
          393  +        /* Beginning at iSrc-1, match backwards as far as we can.  k counts
          394  +        ** the number of characters that match */
          395  +        for(k=1; k<iSrc && k<=i; k++){
          396  +          if( zSrc[iSrc-k]!=zOut[base+i-k] ) break;
          397  +        }
          398  +        k--;
          399  +
          400  +        /* Compute the offset and size of the matching region */
          401  +        ofst = iSrc-k;
          402  +        cnt = j+k+1;
          403  +        litsz = i-k;  /* Number of bytes of literal text before the copy */
          404  +        /* sz will hold the number of bytes needed to encode the "insert"
          405  +        ** command and the copy command, not counting the "insert" text */
          406  +        sz = digit_count(i-k)+digit_count(cnt)+digit_count(ofst)+3;
          407  +        if( cnt>=sz && cnt>bestCnt ){
          408  +          /* Remember this match only if it is the best so far and it
          409  +          ** does not increase the file size */
          410  +          bestCnt = cnt;
          411  +          bestOfst = iSrc-k;
          412  +          bestLitsz = litsz;
          413  +        }
          414  +
          415  +        /* Check the next matching block */
          416  +        iBlock = collide[iBlock];
          417  +      }
          418  +
          419  +      /* We have a copy command that does not cause the delta to be larger
          420  +      ** than a literal insert.  So add the copy command to the delta.
          421  +      */
          422  +      if( bestCnt>0 ){
          423  +        if( bestLitsz>0 ){
          424  +          /* Add an insert command before the copy */
          425  +          putInt(bestLitsz,&zDelta);
          426  +          *(zDelta++) = ':';
          427  +          memcpy(zDelta, &zOut[base], bestLitsz);
          428  +          zDelta += bestLitsz;
          429  +          base += bestLitsz;
          430  +        }
          431  +        base += bestCnt;
          432  +        putInt(bestCnt, &zDelta);
          433  +        *(zDelta++) = '@';
          434  +        putInt(bestOfst, &zDelta);
          435  +        *(zDelta++) = ',';
          436  +        if( bestOfst + bestCnt -1 > lastRead ){
          437  +          lastRead = bestOfst + bestCnt - 1;
          438  +        }
          439  +        bestCnt = 0;
          440  +        break;
          441  +      }
          442  +
          443  +      /* If we reach this point, it means no match is found so far */
          444  +      if( base+i+NHASH>=lenOut ){
          445  +        /* We have reached the end of the file and have not found any
          446  +        ** matches.  Do an "insert" for everything that does not match */
          447  +        putInt(lenOut-base, &zDelta);
          448  +        *(zDelta++) = ':';
          449  +        memcpy(zDelta, &zOut[base], lenOut-base);
          450  +        zDelta += lenOut-base;
          451  +        base = lenOut;
          452  +        break;
          453  +      }
          454  +
          455  +      /* Advance the hash by one character.  Keep looking for a match */
          456  +      hash_next(&h, zOut[base+i+NHASH]);
          457  +      i++;
          458  +    }
          459  +  }
          460  +  /* Output a final "insert" record to get all the text at the end of
          461  +  ** the file that does not match anything in the source file.
          462  +  */
          463  +  if( base<lenOut ){
          464  +    putInt(lenOut-base, &zDelta);
          465  +    *(zDelta++) = ':';
          466  +    memcpy(zDelta, &zOut[base], lenOut-base);
          467  +    zDelta += lenOut-base;
          468  +  }
          469  +  /* Output the final checksum record. */
          470  +  putInt(checksum(zOut, lenOut), &zDelta);
          471  +  *(zDelta++) = ';';
          472  +  sqlite3_free(collide);
          473  +  return zDelta - zOrigDelta;
          474  +}
          475  +
          476  +/*
          477  +** Return the size (in bytes) of the output from applying
          478  +** a delta.
          479  +**
          480  +** This routine is provided so that an procedure that is able
          481  +** to call delta_apply() can learn how much space is required
          482  +** for the output and hence allocate nor more space that is really
          483  +** needed.
          484  +*/
          485  +static int delta_output_size(const char *zDelta, int lenDelta){
          486  +  int size;
          487  +  size = deltaGetInt(&zDelta, &lenDelta);
          488  +  if( *zDelta!='\n' ){
          489  +    /* ERROR: size integer not terminated by "\n" */
          490  +    return -1;
          491  +  }
          492  +  return size;
          493  +}
          494  +
          495  +
          496  +/*
          497  +** Apply a delta.
          498  +**
          499  +** The output buffer should be big enough to hold the whole output
          500  +** file and a NUL terminator at the end.  The delta_output_size()
          501  +** routine will determine this size for you.
          502  +**
          503  +** The delta string should be null-terminated.  But the delta string
          504  +** may contain embedded NUL characters (if the input and output are
          505  +** binary files) so we also have to pass in the length of the delta in
          506  +** the lenDelta parameter.
          507  +**
          508  +** This function returns the size of the output file in bytes (excluding
          509  +** the final NUL terminator character).  Except, if the delta string is
          510  +** malformed or intended for use with a source file other than zSrc,
          511  +** then this routine returns -1.
          512  +**
          513  +** Refer to the delta_create() documentation above for a description
          514  +** of the delta file format.
          515  +*/
          516  +static int delta_apply(
          517  +  const char *zSrc,      /* The source or pattern file */
          518  +  int lenSrc,            /* Length of the source file */
          519  +  const char *zDelta,    /* Delta to apply to the pattern */
          520  +  int lenDelta,          /* Length of the delta */
          521  +  char *zOut             /* Write the output into this preallocated buffer */
          522  +){
          523  +  unsigned int limit;
          524  +  unsigned int total = 0;
          525  +#ifdef FOSSIL_ENABLE_DELTA_CKSUM_TEST
          526  +  char *zOrigOut = zOut;
          527  +#endif
          528  +
          529  +  limit = deltaGetInt(&zDelta, &lenDelta);
          530  +  if( *zDelta!='\n' ){
          531  +    /* ERROR: size integer not terminated by "\n" */
          532  +    return -1;
          533  +  }
          534  +  zDelta++; lenDelta--;
          535  +  while( *zDelta && lenDelta>0 ){
          536  +    unsigned int cnt, ofst;
          537  +    cnt = deltaGetInt(&zDelta, &lenDelta);
          538  +    switch( zDelta[0] ){
          539  +      case '@': {
          540  +        zDelta++; lenDelta--;
          541  +        ofst = deltaGetInt(&zDelta, &lenDelta);
          542  +        if( lenDelta>0 && zDelta[0]!=',' ){
          543  +          /* ERROR: copy command not terminated by ',' */
          544  +          return -1;
          545  +        }
          546  +        zDelta++; lenDelta--;
          547  +        total += cnt;
          548  +        if( total>limit ){
          549  +          /* ERROR: copy exceeds output file size */
          550  +          return -1;
          551  +        }
          552  +        if( ofst+cnt > lenSrc ){
          553  +          /* ERROR: copy extends past end of input */
          554  +          return -1;
          555  +        }
          556  +        memcpy(zOut, &zSrc[ofst], cnt);
          557  +        zOut += cnt;
          558  +        break;
          559  +      }
          560  +      case ':': {
          561  +        zDelta++; lenDelta--;
          562  +        total += cnt;
          563  +        if( total>limit ){
          564  +          /* ERROR:  insert command gives an output larger than predicted */
          565  +          return -1;
          566  +        }
          567  +        if( cnt>lenDelta ){
          568  +          /* ERROR: insert count exceeds size of delta */
          569  +          return -1;
          570  +        }
          571  +        memcpy(zOut, zDelta, cnt);
          572  +        zOut += cnt;
          573  +        zDelta += cnt;
          574  +        lenDelta -= cnt;
          575  +        break;
          576  +      }
          577  +      case ';': {
          578  +        zDelta++; lenDelta--;
          579  +        zOut[0] = 0;
          580  +#ifdef FOSSIL_ENABLE_DELTA_CKSUM_TEST
          581  +        if( cnt!=checksum(zOrigOut, total) ){
          582  +          /* ERROR:  bad checksum */
          583  +          return -1;
          584  +        }
          585  +#endif
          586  +        if( total!=limit ){
          587  +          /* ERROR: generated size does not match predicted size */
          588  +          return -1;
          589  +        }
          590  +        return total;
          591  +      }
          592  +      default: {
          593  +        /* ERROR: unknown delta operator */
          594  +        return -1;
          595  +      }
          596  +    }
          597  +  }
          598  +  /* ERROR: unterminated delta */
          599  +  return -1;
          600  +}
          601  +
          602  +/*
          603  +** SQL functions:  fossildelta_create(X,Y)
          604  +**
          605  +** Return a delta for carrying X into Y.
          606  +*/
          607  +static void deltaCreateFunc(
          608  +  sqlite3_context *context,
          609  +  int argc,
          610  +  sqlite3_value **argv
          611  +){
          612  +  const char *aOrig; int nOrig;  /* old blob */
          613  +  const char *aNew;  int nNew;   /* new blob */
          614  +  char *aOut;        int nOut;   /* output delta */
          615  +
          616  +  assert( argc==2 );
          617  +  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
          618  +  if( sqlite3_value_type(argv[1])==SQLITE_NULL ) return;
          619  +  nOrig = sqlite3_value_bytes(argv[0]);
          620  +  aOrig = (const char*)sqlite3_value_blob(argv[0]);
          621  +  nNew = sqlite3_value_bytes(argv[1]);
          622  +  aNew = (const char*)sqlite3_value_blob(argv[1]);
          623  +  aOut = sqlite3_malloc64(nNew+70);
          624  +  if( aOut==0 ){
          625  +    sqlite3_result_error_nomem(context);
          626  +  }else{
          627  +    nOut = delta_create(aOrig, nOrig, aNew, nNew, aOut);
          628  +    if( nOut<0 ){
          629  +      sqlite3_free(aOut);
          630  +      sqlite3_result_error(context, "cannot create fossil delta", -1);
          631  +    }else{
          632  +      sqlite3_result_blob(context, aOut, nOut, sqlite3_free);
          633  +    }
          634  +  }
          635  +}
          636  +
          637  +/*
          638  +** SQL functions:  fossildelta_apply(X,D)
          639  +**
          640  +** Return the result of applying delta D to input X.
          641  +*/
          642  +static void deltaApplyFunc(
          643  +  sqlite3_context *context,
          644  +  int argc,
          645  +  sqlite3_value **argv
          646  +){
          647  +  const char *aOrig;   int nOrig;        /* The X input */
          648  +  const char *aDelta;  int nDelta;       /* The input delta (D) */
          649  +  char *aOut;          int nOut, nOut2;  /* The output */
          650  +
          651  +  assert( argc==2 );
          652  +  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
          653  +  if( sqlite3_value_type(argv[1])==SQLITE_NULL ) return;
          654  +  nOrig = sqlite3_value_bytes(argv[0]);
          655  +  aOrig = (const char*)sqlite3_value_blob(argv[0]);
          656  +  nDelta = sqlite3_value_bytes(argv[1]);
          657  +  aDelta = (const char*)sqlite3_value_blob(argv[1]);
          658  +
          659  +  /* Figure out the size of the output */
          660  +  nOut = delta_output_size(aDelta, nDelta);
          661  +  if( nOut<0 ){
          662  +    sqlite3_result_error(context, "corrupt fossil delta", -1);
          663  +    return;
          664  +  }
          665  +  aOut = sqlite3_malloc64((sqlite3_int64)nOut+1);
          666  +  if( aOut==0 ){
          667  +    sqlite3_result_error_nomem(context);
          668  +  }else{
          669  +    nOut2 = delta_apply(aOrig, nOrig, aDelta, nDelta, aOut);
          670  +    if( nOut2!=nOut ){
          671  +      sqlite3_free(aOut);
          672  +      sqlite3_result_error(context, "corrupt fossil delta", -1);
          673  +    }else{
          674  +      sqlite3_result_blob(context, aOut, nOut, sqlite3_free);
          675  +    }
          676  +  }
          677  +}
          678  +
          679  +
          680  +/*
          681  +** SQL functions:  fossildelta_output_size(D)
          682  +**
          683  +** Return the size of the output that results from applying delta D.
          684  +*/
          685  +static void deltaOutputSizeFunc(
          686  +  sqlite3_context *context,
          687  +  int argc,
          688  +  sqlite3_value **argv
          689  +){
          690  +  const char *aDelta;  int nDelta;       /* The input delta (D) */
          691  +  int nOut;                              /* Size of output */
          692  +  assert( argc==1 );
          693  +  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
          694  +  nDelta = sqlite3_value_bytes(argv[0]);
          695  +  aDelta = (const char*)sqlite3_value_blob(argv[0]);
          696  +
          697  +  /* Figure out the size of the output */
          698  +  nOut = delta_output_size(aDelta, nDelta);
          699  +  if( nOut<0 ){
          700  +    sqlite3_result_error(context, "corrupt fossil delta", -1);
          701  +    return;
          702  +  }else{
          703  +    sqlite3_result_int(context, nOut);
          704  +  }
          705  +}
          706  +
          707  +/* The deltaparse(DELTA) table-valued function parses the DELTA in
          708  +** its input and returns a table that describes that delta.
          709  +*/
          710  +typedef struct deltaparsevtab_vtab deltaparsevtab_vtab;
          711  +typedef struct deltaparsevtab_cursor deltaparsevtab_cursor;
          712  +struct deltaparsevtab_vtab {
          713  +  sqlite3_vtab base;  /* Base class - must be first */
          714  +  /* No additional information needed */
          715  +};
          716  +struct deltaparsevtab_cursor {
          717  +  sqlite3_vtab_cursor base;  /* Base class - must be first */
          718  +  char *aDelta;              /* The delta being parsed */
          719  +  int nDelta;                /* Number of bytes in the delta */
          720  +  int iCursor;               /* Current cursor location */
          721  +  int eOp;                   /* Name of current operator */
          722  +  unsigned int a1, a2;       /* Arguments to current operator */
          723  +  int iNext;                 /* Next cursor value */
          724  +};
          725  +
          726  +/* Operator names:
          727  +*/
          728  +static const char *azOp[] = {
          729  +  "SIZE", "COPY", "INSERT", "CHECKSUM", "ERROR", "EOF"
          730  +};
          731  +#define DELTAPARSE_OP_SIZE         0
          732  +#define DELTAPARSE_OP_COPY         1
          733  +#define DELTAPARSE_OP_INSERT       2
          734  +#define DELTAPARSE_OP_CHECKSUM     3
          735  +#define DELTAPARSE_OP_ERROR        4
          736  +#define DELTAPARSE_OP_EOF          5
          737  +
          738  +/*
          739  +** The deltaparsevtabConnect() method is invoked to create a new
          740  +** deltaparse virtual table.
          741  +**
          742  +** Think of this routine as the constructor for deltaparsevtab_vtab objects.
          743  +**
          744  +** All this routine needs to do is:
          745  +**
          746  +**    (1) Allocate the deltaparsevtab_vtab object and initialize all fields.
          747  +**
          748  +**    (2) Tell SQLite (via the sqlite3_declare_vtab() interface) what the
          749  +**        result set of queries against the virtual table will look like.
          750  +*/
          751  +static int deltaparsevtabConnect(
          752  +  sqlite3 *db,
          753  +  void *pAux,
          754  +  int argc, const char *const*argv,
          755  +  sqlite3_vtab **ppVtab,
          756  +  char **pzErr
          757  +){
          758  +  deltaparsevtab_vtab *pNew;
          759  +  int rc;
          760  +
          761  +  rc = sqlite3_declare_vtab(db,
          762  +           "CREATE TABLE x(op,a1,a2,delta HIDDEN)"
          763  +       );
          764  +  /* For convenience, define symbolic names for the index to each column. */
          765  +#define DELTAPARSEVTAB_OP     0
          766  +#define DELTAPARSEVTAB_A1     1
          767  +#define DELTAPARSEVTAB_A2     2
          768  +#define DELTAPARSEVTAB_DELTA  3
          769  +  if( rc==SQLITE_OK ){
          770  +    pNew = sqlite3_malloc64( sizeof(*pNew) );
          771  +    *ppVtab = (sqlite3_vtab*)pNew;
          772  +    if( pNew==0 ) return SQLITE_NOMEM;
          773  +    memset(pNew, 0, sizeof(*pNew));
          774  +  }
          775  +  return rc;
          776  +}
          777  +
          778  +/*
          779  +** This method is the destructor for deltaparsevtab_vtab objects.
          780  +*/
          781  +static int deltaparsevtabDisconnect(sqlite3_vtab *pVtab){
          782  +  deltaparsevtab_vtab *p = (deltaparsevtab_vtab*)pVtab;
          783  +  sqlite3_free(p);
          784  +  return SQLITE_OK;
          785  +}
          786  +
          787  +/*
          788  +** Constructor for a new deltaparsevtab_cursor object.
          789  +*/
          790  +static int deltaparsevtabOpen(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCursor){
          791  +  deltaparsevtab_cursor *pCur;
          792  +  pCur = sqlite3_malloc( sizeof(*pCur) );
          793  +  if( pCur==0 ) return SQLITE_NOMEM;
          794  +  memset(pCur, 0, sizeof(*pCur));
          795  +  *ppCursor = &pCur->base;
          796  +  return SQLITE_OK;
          797  +}
          798  +
          799  +/*
          800  +** Destructor for a deltaparsevtab_cursor.
          801  +*/
          802  +static int deltaparsevtabClose(sqlite3_vtab_cursor *cur){
          803  +  deltaparsevtab_cursor *pCur = (deltaparsevtab_cursor*)cur;
          804  +  sqlite3_free(pCur);
          805  +  return SQLITE_OK;
          806  +}
          807  +
          808  +
          809  +/*
          810  +** Advance a deltaparsevtab_cursor to its next row of output.
          811  +*/
          812  +static int deltaparsevtabNext(sqlite3_vtab_cursor *cur){
          813  +  deltaparsevtab_cursor *pCur = (deltaparsevtab_cursor*)cur;
          814  +  const char *z;
          815  +  int i = 0;
          816  +
          817  +  pCur->iCursor = pCur->iNext;
          818  +  z = pCur->aDelta + pCur->iCursor;
          819  +  pCur->a1 = deltaGetInt(&z, &i);
          820  +  switch( z[0] ){
          821  +    case '@': {
          822  +      z++;
          823  +      pCur->a2 = deltaGetInt(&z, &i);
          824  +      pCur->eOp = DELTAPARSE_OP_COPY;
          825  +      pCur->iNext = (int)(&z[1] - pCur->aDelta);
          826  +      break;
          827  +    }
          828  +    case ':': {
          829  +      z++;
          830  +      pCur->a2 = (unsigned int)(z - pCur->aDelta);
          831  +      pCur->eOp = DELTAPARSE_OP_INSERT;
          832  +      pCur->iNext = (int)(&z[pCur->a1] - pCur->aDelta);
          833  +      break;
          834  +    }
          835  +    case ';': {
          836  +      pCur->eOp = DELTAPARSE_OP_CHECKSUM;
          837  +      pCur->iNext = pCur->nDelta;
          838  +      break;
          839  +    }
          840  +    default: {
          841  +      if( pCur->iNext==pCur->nDelta ){
          842  +        pCur->eOp = DELTAPARSE_OP_EOF;
          843  +      }else{
          844  +        pCur->eOp = DELTAPARSE_OP_ERROR;
          845  +        pCur->iNext = pCur->nDelta;
          846  +      }
          847  +      break;
          848  +    }
          849  +  }
          850  +  return SQLITE_OK;
          851  +}
          852  +
          853  +/*
          854  +** Return values of columns for the row at which the deltaparsevtab_cursor
          855  +** is currently pointing.
          856  +*/
          857  +static int deltaparsevtabColumn(
          858  +  sqlite3_vtab_cursor *cur,   /* The cursor */
          859  +  sqlite3_context *ctx,       /* First argument to sqlite3_result_...() */
          860  +  int i                       /* Which column to return */
          861  +){
          862  +  deltaparsevtab_cursor *pCur = (deltaparsevtab_cursor*)cur;
          863  +  switch( i ){
          864  +    case DELTAPARSEVTAB_OP: {
          865  +      sqlite3_result_text(ctx, azOp[pCur->eOp], -1, SQLITE_STATIC);
          866  +      break;
          867  +    }
          868  +    case DELTAPARSEVTAB_A1: {
          869  +      sqlite3_result_int(ctx, pCur->a1);
          870  +      break;
          871  +    }
          872  +    case DELTAPARSEVTAB_A2: {
          873  +      if( pCur->eOp==DELTAPARSE_OP_COPY ){
          874  +        sqlite3_result_int(ctx, pCur->a2);
          875  +      }else if( pCur->eOp==DELTAPARSE_OP_INSERT ){
          876  +        sqlite3_result_blob(ctx, pCur->aDelta+pCur->a2, pCur->a1,
          877  +                            SQLITE_TRANSIENT);
          878  +      }
          879  +      break;
          880  +    }
          881  +    case DELTAPARSEVTAB_DELTA: {
          882  +      sqlite3_result_blob(ctx, pCur->aDelta, pCur->nDelta, SQLITE_TRANSIENT);
          883  +      break;
          884  +    }
          885  +  }
          886  +  return SQLITE_OK;
          887  +}
          888  +
          889  +/*
          890  +** Return the rowid for the current row.  In this implementation, the
          891  +** rowid is the same as the output value.
          892  +*/
          893  +static int deltaparsevtabRowid(sqlite3_vtab_cursor *cur, sqlite_int64 *pRowid){
          894  +  deltaparsevtab_cursor *pCur = (deltaparsevtab_cursor*)cur;
          895  +  *pRowid = pCur->iCursor;
          896  +  return SQLITE_OK;
          897  +}
          898  +
          899  +/*
          900  +** Return TRUE if the cursor has been moved off of the last
          901  +** row of output.
          902  +*/
          903  +static int deltaparsevtabEof(sqlite3_vtab_cursor *cur){
          904  +  deltaparsevtab_cursor *pCur = (deltaparsevtab_cursor*)cur;
          905  +  return pCur->eOp==DELTAPARSE_OP_EOF;
          906  +}
          907  +
          908  +/*
          909  +** This method is called to "rewind" the deltaparsevtab_cursor object back
          910  +** to the first row of output.  This method is always called at least
          911  +** once prior to any call to deltaparsevtabColumn() or deltaparsevtabRowid() or 
          912  +** deltaparsevtabEof().
          913  +*/
          914  +static int deltaparsevtabFilter(
          915  +  sqlite3_vtab_cursor *pVtabCursor, 
          916  +  int idxNum, const char *idxStr,
          917  +  int argc, sqlite3_value **argv
          918  +){
          919  +  deltaparsevtab_cursor *pCur = (deltaparsevtab_cursor *)pVtabCursor;
          920  +  const char *a;
          921  +  int i = 0;
          922  +  pCur->eOp = DELTAPARSE_OP_ERROR;
          923  +  if( idxNum!=1 ){
          924  +    return SQLITE_OK;
          925  +  }
          926  +  pCur->nDelta = sqlite3_value_bytes(argv[0]);
          927  +  a = (const char*)sqlite3_value_blob(argv[0]);
          928  +  if( pCur->nDelta==0 || a==0 ){
          929  +    return SQLITE_OK;
          930  +  }
          931  +  pCur->aDelta = sqlite3_malloc64( pCur->nDelta+1 );
          932  +  if( pCur->aDelta==0 ){
          933  +    pCur->nDelta = 0;
          934  +    return SQLITE_NOMEM;
          935  +  }
          936  +  memcpy(pCur->aDelta, a, pCur->nDelta);
          937  +  pCur->aDelta[pCur->nDelta] = 0;
          938  +  a = pCur->aDelta;
          939  +  pCur->eOp = DELTAPARSE_OP_SIZE;
          940  +  pCur->a1 = deltaGetInt(&a, &i);
          941  +  if( a[0]!='\n' ){
          942  +    pCur->eOp = DELTAPARSE_OP_ERROR;
          943  +    pCur->a1 = pCur->a2 = 0;
          944  +    pCur->iNext = pCur->nDelta;
          945  +    return SQLITE_OK;
          946  +  }
          947  +  a++;
          948  +  pCur->iNext = (unsigned int)(a - pCur->aDelta);
          949  +  return SQLITE_OK;
          950  +}
          951  +
          952  +/*
          953  +** SQLite will invoke this method one or more times while planning a query
          954  +** that uses the virtual table.  This routine needs to create
          955  +** a query plan for each invocation and compute an estimated cost for that
          956  +** plan.
          957  +*/
          958  +static int deltaparsevtabBestIndex(
          959  +  sqlite3_vtab *tab,
          960  +  sqlite3_index_info *pIdxInfo
          961  +){
          962  +  int i;
          963  +  for(i=0; i<pIdxInfo->nConstraint; i++){
          964  +    if( pIdxInfo->aConstraint[i].iColumn != DELTAPARSEVTAB_DELTA ) continue;
          965  +    if( pIdxInfo->aConstraint[i].usable==0 ) continue;
          966  +    if( pIdxInfo->aConstraint[i].op!=SQLITE_INDEX_CONSTRAINT_EQ ) continue;
          967  +    pIdxInfo->aConstraintUsage[i].argvIndex = 1;
          968  +    pIdxInfo->aConstraintUsage[i].omit = 1;
          969  +    pIdxInfo->estimatedCost = (double)1;
          970  +    pIdxInfo->estimatedRows = 10;
          971  +    pIdxInfo->idxNum = 1;
          972  +    return SQLITE_OK;
          973  +  }
          974  +  pIdxInfo->idxNum = 0;
          975  +  pIdxInfo->estimatedCost = (double)0x7fffffff;
          976  +  pIdxInfo->estimatedRows = 0x7fffffff;
          977  +  return SQLITE_CONSTRAINT;
          978  +}
          979  +
          980  +/*
          981  +** This following structure defines all the methods for the 
          982  +** virtual table.
          983  +*/
          984  +static sqlite3_module deltaparsevtabModule = {
          985  +  /* iVersion    */ 0,
          986  +  /* xCreate     */ 0,
          987  +  /* xConnect    */ deltaparsevtabConnect,
          988  +  /* xBestIndex  */ deltaparsevtabBestIndex,
          989  +  /* xDisconnect */ deltaparsevtabDisconnect,
          990  +  /* xDestroy    */ 0,
          991  +  /* xOpen       */ deltaparsevtabOpen,
          992  +  /* xClose      */ deltaparsevtabClose,
          993  +  /* xFilter     */ deltaparsevtabFilter,
          994  +  /* xNext       */ deltaparsevtabNext,
          995  +  /* xEof        */ deltaparsevtabEof,
          996  +  /* xColumn     */ deltaparsevtabColumn,
          997  +  /* xRowid      */ deltaparsevtabRowid,
          998  +  /* xUpdate     */ 0,
          999  +  /* xBegin      */ 0,
         1000  +  /* xSync       */ 0,
         1001  +  /* xCommit     */ 0,
         1002  +  /* xRollback   */ 0,
         1003  +  /* xFindMethod */ 0,
         1004  +  /* xRename     */ 0,
         1005  +  /* xSavepoint  */ 0,
         1006  +  /* xRelease    */ 0,
         1007  +  /* xRollbackTo */ 0,
         1008  +  /* xShadowName */ 0
         1009  +};
         1010  +
         1011  +
         1012  +
         1013  +#ifdef _WIN32
         1014  +__declspec(dllexport)
         1015  +#endif
         1016  +int sqlite3_fossildelta_init(
         1017  +  sqlite3 *db, 
         1018  +  char **pzErrMsg, 
         1019  +  const sqlite3_api_routines *pApi
         1020  +){
         1021  +  int rc = SQLITE_OK;
         1022  +  SQLITE_EXTENSION_INIT2(pApi);
         1023  +  (void)pzErrMsg;  /* Unused parameter */
         1024  +  rc = sqlite3_create_function(db, "delta_create", 2, SQLITE_UTF8, 0,
         1025  +                               deltaCreateFunc, 0, 0);
         1026  +  if( rc==SQLITE_OK ){
         1027  +    rc = sqlite3_create_function(db, "delta_apply", 2, SQLITE_UTF8, 0,
         1028  +                                 deltaApplyFunc, 0, 0);
         1029  +  }
         1030  +  if( rc==SQLITE_OK ){
         1031  +    rc = sqlite3_create_function(db, "delta_output_size", 1, SQLITE_UTF8, 0,
         1032  +                                 deltaOutputSizeFunc, 0, 0);
         1033  +  }
         1034  +  if( rc==SQLITE_OK ){
         1035  +    rc = sqlite3_create_module(db, "delta_parse", &deltaparsevtabModule, 0);
         1036  +  }
         1037  +  return rc;
         1038  +}

Changes to ext/misc/vfsstat.c.

   779    779   
   780    780   /*
   781    781   ** This routine is an sqlite3_auto_extension() callback, invoked to register
   782    782   ** the vfsstat virtual table for all new database connections.
   783    783   */
   784    784   static int vstatRegister(
   785    785     sqlite3 *db,
   786         -  const char **pzErrMsg,
   787         -  const struct sqlite3_api_routines *pThunk
          786  +  char **pzErrMsg,
          787  +  const sqlite3_api_routines *pThunk
   788    788   ){
   789    789     return sqlite3_create_module(db, "vfsstat", &VfsStatModule, 0);
   790    790   }
   791    791   
   792    792   #ifdef _WIN32
   793    793   __declspec(dllexport)
   794    794   #endif
................................................................................
   805    805   ){
   806    806     int rc = SQLITE_OK;
   807    807     SQLITE_EXTENSION_INIT2(pApi);
   808    808     vstat_vfs.pVfs = sqlite3_vfs_find(0);
   809    809     vstat_vfs.base.szOsFile = sizeof(VStatFile) + vstat_vfs.pVfs->szOsFile;
   810    810     rc = sqlite3_vfs_register(&vstat_vfs.base, 1);
   811    811     if( rc==SQLITE_OK ){
   812         -    rc = sqlite3_auto_extension(vstatRegister);
          812  +    rc = vstatRegister(db, pzErrMsg, pApi);
          813  +    if( rc==SQLITE_OK ){
          814  +      rc = sqlite3_auto_extension(vstatRegister);
          815  +    }
   813    816     }
   814    817     if( rc==SQLITE_OK ) rc = SQLITE_OK_LOAD_PERMANENTLY;
   815    818     return rc;
   816    819   }

Changes to ext/rbu/sqlite3rbu.c.

   680    680   
   681    681     aOut = sqlite3_malloc(nOut+1);
   682    682     if( aOut==0 ){
   683    683       sqlite3_result_error_nomem(context);
   684    684     }else{
   685    685       nOut2 = rbuDeltaApply(aOrig, nOrig, aDelta, nDelta, aOut);
   686    686       if( nOut2!=nOut ){
          687  +      sqlite3_free(aOut);
   687    688         sqlite3_result_error(context, "corrupt fossil delta", -1);
   688    689       }else{
   689    690         sqlite3_result_blob(context, aOut, nOut, sqlite3_free);
   690    691       }
   691    692     }
   692    693   }
   693    694   

Changes to src/btree.c.

  1435   1435     ** or fewer fragmented bytes. In this case it is faster to move the
  1436   1436     ** two (or one) blocks of cells using memmove() and add the required
  1437   1437     ** offsets to each pointer in the cell-pointer array than it is to 
  1438   1438     ** reconstruct the entire page.  */
  1439   1439     if( (int)data[hdr+7]<=nMaxFrag ){
  1440   1440       int iFree = get2byte(&data[hdr+1]);
  1441   1441   
  1442         -    /* If the initial freeblock offset were out of bounds, that would
  1443         -    ** have been detected by btreeInitPage() when it was computing the
         1442  +    /* If the initial freeblock offset were out of bounds, that would have
         1443  +    ** been detected by btreeComputeFreeSpace() when it was computing the
  1444   1444       ** number of free bytes on the page. */
  1445   1445       assert( iFree<=usableSize-4 );
  1446   1446       if( iFree ){
  1447   1447         int iFree2 = get2byte(&data[iFree]);
  1448   1448         if( iFree2>usableSize-4 ) return SQLITE_CORRUPT_PAGE(pPage);
  1449   1449         if( 0==iFree2 || (data[iFree2]==0 && data[iFree2+1]==0) ){
  1450   1450           u8 *pEnd = &data[cellOffset + nCell*2];
................................................................................
  1508   1508         src = temp;
  1509   1509       }
  1510   1510       memcpy(&data[cbrk], &src[pc], size);
  1511   1511     }
  1512   1512     data[hdr+7] = 0;
  1513   1513   
  1514   1514    defragment_out:
         1515  +  assert( pPage->nFree>=0 );
  1515   1516     if( data[hdr+7]+cbrk-iCellFirst!=pPage->nFree ){
  1516   1517       return SQLITE_CORRUPT_PAGE(pPage);
  1517   1518     }
  1518   1519     assert( cbrk>=iCellFirst );
  1519   1520     put2byte(&data[hdr+5], cbrk);
  1520   1521     data[hdr+1] = 0;
  1521   1522     data[hdr+2] = 0;
................................................................................
  1535   1536   ** detected then *pRc is set to SQLITE_CORRUPT and NULL is returned.
  1536   1537   **
  1537   1538   ** Slots on the free list that are between 1 and 3 bytes larger than nByte
  1538   1539   ** will be ignored if adding the extra space to the fragmentation count
  1539   1540   ** causes the fragmentation count to exceed 60.
  1540   1541   */
  1541   1542   static u8 *pageFindSlot(MemPage *pPg, int nByte, int *pRc){
  1542         -  const int hdr = pPg->hdrOffset;
  1543         -  u8 * const aData = pPg->aData;
  1544         -  int iAddr = hdr + 1;
  1545         -  int pc = get2byte(&aData[iAddr]);
  1546         -  int x;
  1547         -  int usableSize = pPg->pBt->usableSize;
  1548         -  int size;            /* Size of the free slot */
         1543  +  const int hdr = pPg->hdrOffset;            /* Offset to page header */
         1544  +  u8 * const aData = pPg->aData;             /* Page data */
         1545  +  int iAddr = hdr + 1;                       /* Address of ptr to pc */
         1546  +  int pc = get2byte(&aData[iAddr]);          /* Address of a free slot */
         1547  +  int x;                                     /* Excess size of the slot */
         1548  +  int maxPC = pPg->pBt->usableSize - nByte;  /* Max address for a usable slot */
         1549  +  int size;                                  /* Size of the free slot */
  1549   1550   
  1550   1551     assert( pc>0 );
  1551         -  while( pc<=usableSize-4 ){
         1552  +  while( pc<=maxPC ){
  1552   1553       /* EVIDENCE-OF: R-22710-53328 The third and fourth bytes of each
  1553   1554       ** freeblock form a big-endian integer which is the size of the freeblock
  1554   1555       ** in bytes, including the 4-byte header. */
  1555   1556       size = get2byte(&aData[pc+2]);
  1556   1557       if( (x = size - nByte)>=0 ){
  1557   1558         testcase( x==4 );
  1558   1559         testcase( x==3 );
  1559         -      if( size+pc > usableSize ){
  1560         -        *pRc = SQLITE_CORRUPT_PAGE(pPg);
  1561         -        return 0;
  1562         -      }else if( x<4 ){
         1560  +      if( x<4 ){
  1563   1561           /* EVIDENCE-OF: R-11498-58022 In a well-formed b-tree page, the total
  1564   1562           ** number of bytes in fragments may not exceed 60. */
  1565   1563           if( aData[hdr+7]>57 ) return 0;
  1566   1564   
  1567   1565           /* Remove the slot from the free-list. Update the number of
  1568   1566           ** fragmented bytes within the page. */
  1569   1567           memcpy(&aData[iAddr], &aData[pc], 2);
  1570   1568           aData[hdr+7] += (u8)x;
         1569  +      }else if( x+pc > maxPC ){
         1570  +        /* This slot extends off the end of the usable part of the page */
         1571  +        *pRc = SQLITE_CORRUPT_PAGE(pPg);
         1572  +        return 0;
  1571   1573         }else{
  1572   1574           /* The slot remains on the free-list. Reduce its size to account
  1573         -         ** for the portion used by the new allocation. */
         1575  +        ** for the portion used by the new allocation. */
  1574   1576           put2byte(&aData[pc+2], x);
  1575   1577         }
  1576   1578         return &aData[pc + x];
  1577   1579       }
  1578   1580       iAddr = pc;
  1579   1581       pc = get2byte(&aData[pc]);
  1580         -    if( pc<iAddr+size ) break;
         1582  +    if( pc<iAddr+size ){
         1583  +      if( pc ){
         1584  +        /* The next slot in the chain is not past the end of the current slot */
         1585  +        *pRc = SQLITE_CORRUPT_PAGE(pPg);
         1586  +      }
         1587  +      return 0;
         1588  +    }
  1581   1589     }
  1582         -  if( pc ){
         1590  +  if( pc>maxPC+nByte-4 ){
         1591  +    /* The free slot chain extends off the end of the page */
  1583   1592       *pRc = SQLITE_CORRUPT_PAGE(pPg);
  1584   1593     }
  1585         -
  1586   1594     return 0;
  1587   1595   }
  1588   1596   
  1589   1597   /*
  1590   1598   ** Allocate nByte bytes of space from within the B-Tree page passed
  1591   1599   ** as the first argument. Write into *pIdx the index into pPage->aData[]
  1592   1600   ** of the first byte of allocated space. Return either SQLITE_OK or
................................................................................
  1628   1636       if( top==0 && pPage->pBt->usableSize==65536 ){
  1629   1637         top = 65536;
  1630   1638       }else{
  1631   1639         return SQLITE_CORRUPT_PAGE(pPage);
  1632   1640       }
  1633   1641     }
  1634   1642   
  1635         -  /* If there is enough space between gap and top for one more cell pointer
  1636         -  ** array entry offset, and if the freelist is not empty, then search the
  1637         -  ** freelist looking for a free slot big enough to satisfy the request.
         1643  +  /* If there is enough space between gap and top for one more cell pointer,
         1644  +  ** and if the freelist is not empty, then search the
         1645  +  ** freelist looking for a slot big enough to satisfy the request.
  1638   1646     */
  1639   1647     testcase( gap+2==top );
  1640   1648     testcase( gap+1==top );
  1641   1649     testcase( gap==top );
  1642   1650     if( (data[hdr+2] || data[hdr+1]) && gap+2<=top ){
  1643   1651       u8 *pSpace = pageFindSlot(pPage, nByte, &rc);
  1644   1652       if( pSpace ){
................................................................................
  1652   1660   
  1653   1661     /* The request could not be fulfilled using a freelist slot.  Check
  1654   1662     ** to see if defragmentation is necessary.
  1655   1663     */
  1656   1664     testcase( gap+2+nByte==top );
  1657   1665     if( gap+2+nByte>top ){
  1658   1666       assert( pPage->nCell>0 || CORRUPT_DB );
         1667  +    assert( pPage->nFree>=0 );
  1659   1668       rc = defragmentPage(pPage, MIN(4, pPage->nFree - (2+nByte)));
  1660   1669       if( rc ) return rc;
  1661   1670       top = get2byteNotZero(&data[hdr+5]);
  1662   1671       assert( gap+2+nByte<=top );
  1663   1672     }
  1664   1673   
  1665   1674   
  1666   1675     /* Allocate memory from the gap in between the cell pointer array
  1667         -  ** and the cell content area.  The btreeInitPage() call has already
         1676  +  ** and the cell content area.  The btreeComputeFreeSpace() call has already
  1668   1677     ** validated the freelist.  Given that the freelist is valid, there
  1669   1678     ** is no way that the allocation can extend off the end of the page.
  1670   1679     ** The assert() below verifies the previous sentence.
  1671   1680     */
  1672   1681     top -= nByte;
  1673   1682     put2byte(&data[hdr+5], top);
  1674   1683     assert( top+nByte <= (int)pPage->pBt->usableSize );
................................................................................
  1679   1688   /*
  1680   1689   ** Return a section of the pPage->aData to the freelist.
  1681   1690   ** The first byte of the new free block is pPage->aData[iStart]
  1682   1691   ** and the size of the block is iSize bytes.
  1683   1692   **
  1684   1693   ** Adjacent freeblocks are coalesced.
  1685   1694   **
  1686         -** Note that even though the freeblock list was checked by btreeInitPage(),
         1695  +** Even though the freeblock list was checked by btreeComputeFreeSpace(),
  1687   1696   ** that routine will not detect overlap between cells or freeblocks.  Nor
  1688   1697   ** does it detect cells or freeblocks that encrouch into the reserved bytes
  1689   1698   ** at the end of the page.  So do additional corruption checks inside this
  1690   1699   ** routine and return SQLITE_CORRUPT if any problems are found.
  1691   1700   */
  1692   1701   static int freeSpace(MemPage *pPage, u16 iStart, u16 iSize){
  1693   1702     u16 iPtr;                             /* Address of ptr to next freeblock */
................................................................................
  1841   1850       return SQLITE_CORRUPT_PAGE(pPage);
  1842   1851     }
  1843   1852     pPage->max1bytePayload = pBt->max1bytePayload;
  1844   1853     return SQLITE_OK;
  1845   1854   }
  1846   1855   
  1847   1856   /*
  1848         -** Initialize the auxiliary information for a disk block.
  1849         -**
  1850         -** Return SQLITE_OK on success.  If we see that the page does
  1851         -** not contain a well-formed database page, then return 
  1852         -** SQLITE_CORRUPT.  Note that a return of SQLITE_OK does not
  1853         -** guarantee that the page is well-formed.  It only shows that
  1854         -** we failed to detect any corruption.
         1857  +** Compute the amount of freespace on the page.  In other words, fill
         1858  +** in the pPage->nFree field.
  1855   1859   */
  1856         -static int btreeInitPage(MemPage *pPage){
         1860  +static int btreeComputeFreeSpace(MemPage *pPage){
  1857   1861     int pc;            /* Address of a freeblock within pPage->aData[] */
  1858   1862     u8 hdr;            /* Offset to beginning of page header */
  1859   1863     u8 *data;          /* Equal to pPage->aData */
  1860         -  BtShared *pBt;        /* The main btree structure */
  1861   1864     int usableSize;    /* Amount of usable space on each page */
  1862         -  u16 cellOffset;    /* Offset from start of page to first cell pointer */
  1863   1865     int nFree;         /* Number of unused bytes on the page */
  1864   1866     int top;           /* First byte of the cell content area */
  1865   1867     int iCellFirst;    /* First allowable cell or freeblock offset */
  1866   1868     int iCellLast;     /* Last possible cell or freeblock offset */
  1867   1869   
  1868   1870     assert( pPage->pBt!=0 );
  1869   1871     assert( pPage->pBt->db!=0 );
  1870   1872     assert( sqlite3_mutex_held(pPage->pBt->mutex) );
  1871   1873     assert( pPage->pgno==sqlite3PagerPagenumber(pPage->pDbPage) );
  1872   1874     assert( pPage == sqlite3PagerGetExtra(pPage->pDbPage) );
  1873   1875     assert( pPage->aData == sqlite3PagerGetData(pPage->pDbPage) );
  1874         -  assert( pPage->isInit==0 );
         1876  +  assert( pPage->isInit==1 );
         1877  +  assert( pPage->nFree<0 );
  1875   1878   
  1876         -  pBt = pPage->pBt;
         1879  +  usableSize = pPage->pBt->usableSize;
  1877   1880     hdr = pPage->hdrOffset;
  1878   1881     data = pPage->aData;
  1879         -  /* EVIDENCE-OF: R-28594-02890 The one-byte flag at offset 0 indicating
  1880         -  ** the b-tree page type. */
  1881         -  if( decodeFlags(pPage, data[hdr]) ){
  1882         -    return SQLITE_CORRUPT_PAGE(pPage);
  1883         -  }
  1884         -  assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
  1885         -  pPage->maskPage = (u16)(pBt->pageSize - 1);
  1886         -  pPage->nOverflow = 0;
  1887         -  usableSize = pBt->usableSize;
  1888         -  pPage->cellOffset = cellOffset = hdr + 8 + pPage->childPtrSize;
  1889         -  pPage->aDataEnd = &data[usableSize];
  1890         -  pPage->aCellIdx = &data[cellOffset];
  1891         -  pPage->aDataOfst = &data[pPage->childPtrSize];
  1892   1882     /* EVIDENCE-OF: R-58015-48175 The two-byte integer at offset 5 designates
  1893   1883     ** the start of the cell content area. A zero value for this integer is
  1894   1884     ** interpreted as 65536. */
  1895   1885     top = get2byteNotZero(&data[hdr+5]);
  1896         -  /* EVIDENCE-OF: R-37002-32774 The two-byte integer at offset 3 gives the
  1897         -  ** number of cells on the page. */
  1898         -  pPage->nCell = get2byte(&data[hdr+3]);
  1899         -  if( pPage->nCell>MX_CELL(pBt) ){
  1900         -    /* To many cells for a single page.  The page must be corrupt */
  1901         -    return SQLITE_CORRUPT_PAGE(pPage);
  1902         -  }
  1903         -  testcase( pPage->nCell==MX_CELL(pBt) );
  1904         -  /* EVIDENCE-OF: R-24089-57979 If a page contains no cells (which is only
  1905         -  ** possible for a root page of a table that contains no rows) then the
  1906         -  ** offset to the cell content area will equal the page size minus the
  1907         -  ** bytes of reserved space. */
  1908         -  assert( pPage->nCell>0 || top==usableSize || CORRUPT_DB );
  1909         -
  1910         -  /* A malformed database page might cause us to read past the end
  1911         -  ** of page when parsing a cell.  
  1912         -  **
  1913         -  ** The following block of code checks early to see if a cell extends
  1914         -  ** past the end of a page boundary and causes SQLITE_CORRUPT to be 
  1915         -  ** returned if it does.
  1916         -  */
  1917         -  iCellFirst = cellOffset + 2*pPage->nCell;
         1886  +  iCellFirst = hdr + 8 + pPage->childPtrSize + 2*pPage->nCell;
  1918   1887     iCellLast = usableSize - 4;
  1919         -  if( pBt->db->flags & SQLITE_CellSizeCk ){
  1920         -    int i;            /* Index into the cell pointer array */
  1921         -    int sz;           /* Size of a cell */
  1922         -
  1923         -    if( !pPage->leaf ) iCellLast--;
  1924         -    for(i=0; i<pPage->nCell; i++){
  1925         -      pc = get2byteAligned(&data[cellOffset+i*2]);
  1926         -      testcase( pc==iCellFirst );
  1927         -      testcase( pc==iCellLast );
  1928         -      if( pc<iCellFirst || pc>iCellLast ){
  1929         -        return SQLITE_CORRUPT_PAGE(pPage);
  1930         -      }
  1931         -      sz = pPage->xCellSize(pPage, &data[pc]);
  1932         -      testcase( pc+sz==usableSize );
  1933         -      if( pc+sz>usableSize ){
  1934         -        return SQLITE_CORRUPT_PAGE(pPage);
  1935         -      }
  1936         -    }
  1937         -    if( !pPage->leaf ) iCellLast++;
  1938         -  }  
  1939   1888   
  1940   1889     /* Compute the total free space on the page
  1941   1890     ** EVIDENCE-OF: R-23588-34450 The two-byte integer at offset 1 gives the
  1942   1891     ** start of the first freeblock on the page, or is zero if there are no
  1943   1892     ** freeblocks. */
  1944   1893     pc = get2byte(&data[hdr+1]);
  1945   1894     nFree = data[hdr+7] + top;  /* Init nFree to non-freeblock free space */
................................................................................
  1979   1928     ** serves to verify that the offset to the start of the cell-content
  1980   1929     ** area, according to the page header, lies within the page.
  1981   1930     */
  1982   1931     if( nFree>usableSize ){
  1983   1932       return SQLITE_CORRUPT_PAGE(pPage);
  1984   1933     }
  1985   1934     pPage->nFree = (u16)(nFree - iCellFirst);
         1935  +  return SQLITE_OK;
         1936  +}
         1937  +
         1938  +/*
         1939  +** Do additional sanity check after btreeInitPage() if
         1940  +** PRAGMA cell_size_check=ON 
         1941  +*/
         1942  +static SQLITE_NOINLINE int btreeCellSizeCheck(MemPage *pPage){
         1943  +  int iCellFirst;    /* First allowable cell or freeblock offset */
         1944  +  int iCellLast;     /* Last possible cell or freeblock offset */
         1945  +  int i;             /* Index into the cell pointer array */
         1946  +  int sz;            /* Size of a cell */
         1947  +  int pc;            /* Address of a freeblock within pPage->aData[] */
         1948  +  u8 *data;          /* Equal to pPage->aData */
         1949  +  int usableSize;    /* Maximum usable space on the page */
         1950  +  int cellOffset;    /* Start of cell content area */
         1951  +
         1952  +  iCellFirst = pPage->cellOffset + 2*pPage->nCell;
         1953  +  usableSize = pPage->pBt->usableSize;
         1954  +  iCellLast = usableSize - 4;
         1955  +  data = pPage->aData;
         1956  +  cellOffset = pPage->cellOffset;
         1957  +  if( !pPage->leaf ) iCellLast--;
         1958  +  for(i=0; i<pPage->nCell; i++){
         1959  +    pc = get2byteAligned(&data[cellOffset+i*2]);
         1960  +    testcase( pc==iCellFirst );
         1961  +    testcase( pc==iCellLast );
         1962  +    if( pc<iCellFirst || pc>iCellLast ){
         1963  +      return SQLITE_CORRUPT_PAGE(pPage);
         1964  +    }
         1965  +    sz = pPage->xCellSize(pPage, &data[pc]);
         1966  +    testcase( pc+sz==usableSize );
         1967  +    if( pc+sz>usableSize ){
         1968  +      return SQLITE_CORRUPT_PAGE(pPage);
         1969  +    }
         1970  +  }
         1971  +  return SQLITE_OK;
         1972  +}
         1973  +
         1974  +/*
         1975  +** Initialize the auxiliary information for a disk block.
         1976  +**
         1977  +** Return SQLITE_OK on success.  If we see that the page does
         1978  +** not contain a well-formed database page, then return 
         1979  +** SQLITE_CORRUPT.  Note that a return of SQLITE_OK does not
         1980  +** guarantee that the page is well-formed.  It only shows that
         1981  +** we failed to detect any corruption.
         1982  +*/
         1983  +static int btreeInitPage(MemPage *pPage){
         1984  +  u8 *data;          /* Equal to pPage->aData */
         1985  +  BtShared *pBt;        /* The main btree structure */
         1986  +
         1987  +  assert( pPage->pBt!=0 );
         1988  +  assert( pPage->pBt->db!=0 );
         1989  +  assert( sqlite3_mutex_held(pPage->pBt->mutex) );
         1990  +  assert( pPage->pgno==sqlite3PagerPagenumber(pPage->pDbPage) );
         1991  +  assert( pPage == sqlite3PagerGetExtra(pPage->pDbPage) );
         1992  +  assert( pPage->aData == sqlite3PagerGetData(pPage->pDbPage) );
         1993  +  assert( pPage->isInit==0 );
         1994  +
         1995  +  pBt = pPage->pBt;
         1996  +  data = pPage->aData + pPage->hdrOffset;
         1997  +  /* EVIDENCE-OF: R-28594-02890 The one-byte flag at offset 0 indicating
         1998  +  ** the b-tree page type. */
         1999  +  if( decodeFlags(pPage, data[0]) ){
         2000  +    return SQLITE_CORRUPT_PAGE(pPage);
         2001  +  }
         2002  +  assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
         2003  +  pPage->maskPage = (u16)(pBt->pageSize - 1);
         2004  +  pPage->nOverflow = 0;
         2005  +  pPage->cellOffset = pPage->hdrOffset + 8 + pPage->childPtrSize;
         2006  +  pPage->aCellIdx = data + pPage->childPtrSize + 8;
         2007  +  pPage->aDataEnd = pPage->aData + pBt->usableSize;
         2008  +  pPage->aDataOfst = pPage->aData + pPage->childPtrSize;
         2009  +  /* EVIDENCE-OF: R-37002-32774 The two-byte integer at offset 3 gives the
         2010  +  ** number of cells on the page. */
         2011  +  pPage->nCell = get2byte(&data[3]);
         2012  +  if( pPage->nCell>MX_CELL(pBt) ){
         2013  +    /* To many cells for a single page.  The page must be corrupt */
         2014  +    return SQLITE_CORRUPT_PAGE(pPage);
         2015  +  }
         2016  +  testcase( pPage->nCell==MX_CELL(pBt) );
         2017  +  /* EVIDENCE-OF: R-24089-57979 If a page contains no cells (which is only
         2018  +  ** possible for a root page of a table that contains no rows) then the
         2019  +  ** offset to the cell content area will equal the page size minus the
         2020  +  ** bytes of reserved space. */
         2021  +  assert( pPage->nCell>0
         2022  +       || get2byteNotZero(&data[5])==pBt->usableSize
         2023  +       || CORRUPT_DB );
         2024  +  pPage->nFree = -1;  /* Indicate that this value is yet uncomputed */
  1986   2025     pPage->isInit = 1;
         2026  +  if( pBt->db->flags & SQLITE_CellSizeCk ){
         2027  +    return btreeCellSizeCheck(pPage);
         2028  +  }
  1987   2029     return SQLITE_OK;
  1988   2030   }
  1989   2031   
  1990   2032   /*
  1991   2033   ** Set up a raw page so that it looks like a database page holding
  1992   2034   ** no entries.
  1993   2035   */
................................................................................
  2122   2164     assert( sqlite3_mutex_held(pBt->mutex) );
  2123   2165     assert( pCur==0 || ppPage==&pCur->pPage );
  2124   2166     assert( pCur==0 || bReadOnly==pCur->curPagerFlags );
  2125   2167     assert( pCur==0 || pCur->iPage>0 );
  2126   2168   
  2127   2169     if( pgno>btreePagecount(pBt) ){
  2128   2170       rc = SQLITE_CORRUPT_BKPT;
  2129         -    goto getAndInitPage_error;
         2171  +    goto getAndInitPage_error1;
  2130   2172     }
  2131   2173     rc = sqlite3PagerGet(pBt->pPager, pgno, (DbPage**)&pDbPage, bReadOnly);
  2132   2174     if( rc ){
  2133         -    goto getAndInitPage_error;
         2175  +    goto getAndInitPage_error1;
  2134   2176     }
  2135   2177     *ppPage = (MemPage*)sqlite3PagerGetExtra(pDbPage);
  2136   2178     if( (*ppPage)->isInit==0 ){
  2137   2179       btreePageFromDbPage(pDbPage, pgno, pBt);
  2138   2180       rc = btreeInitPage(*ppPage);
  2139   2181       if( rc!=SQLITE_OK ){
  2140         -      releasePage(*ppPage);
  2141         -      goto getAndInitPage_error;
         2182  +      goto getAndInitPage_error2;
  2142   2183       }
  2143   2184     }
  2144   2185     assert( (*ppPage)->pgno==pgno );
  2145   2186     assert( (*ppPage)->aData==sqlite3PagerGetData(pDbPage) );
  2146   2187   
  2147   2188     /* If obtaining a child page for a cursor, we must verify that the page is
  2148   2189     ** compatible with the root page. */
  2149   2190     if( pCur && ((*ppPage)->nCell<1 || (*ppPage)->intKey!=pCur->curIntKey) ){
  2150   2191       rc = SQLITE_CORRUPT_PGNO(pgno);
  2151         -    releasePage(*ppPage);
  2152         -    goto getAndInitPage_error;
         2192  +    goto getAndInitPage_error2;
  2153   2193     }
  2154   2194     return SQLITE_OK;
  2155   2195   
  2156         -getAndInitPage_error:
         2196  +getAndInitPage_error2:
         2197  +  releasePage(*ppPage);
         2198  +getAndInitPage_error1:
  2157   2199     if( pCur ){
  2158   2200       pCur->iPage--;
  2159   2201       pCur->pPage = pCur->apPage[pCur->iPage];
  2160   2202     }
  2161   2203     testcase( pgno==0 );
  2162   2204     assert( pgno!=0 || rc==SQLITE_CORRUPT );
  2163   2205     return rc;
................................................................................
  6561   6603     int hdr;        /* Beginning of the header.  0 most pages.  100 page 1 */
  6562   6604   
  6563   6605     if( *pRC ) return;
  6564   6606     assert( idx>=0 && idx<pPage->nCell );
  6565   6607     assert( CORRUPT_DB || sz==cellSize(pPage, idx) );
  6566   6608     assert( sqlite3PagerIswriteable(pPage->pDbPage) );
  6567   6609     assert( sqlite3_mutex_held(pPage->pBt->mutex) );
         6610  +  assert( pPage->nFree>=0 );
  6568   6611     data = pPage->aData;
  6569   6612     ptr = &pPage->aCellIdx[2*idx];
  6570   6613     pc = get2byte(ptr);
  6571   6614     hdr = pPage->hdrOffset;
  6572   6615     testcase( pc==get2byte(&data[hdr+5]) );
  6573   6616     testcase( pc+sz==pPage->pBt->usableSize );
  6574   6617     if( pc+sz > pPage->pBt->usableSize ){
................................................................................
  6631   6674     assert( sqlite3_mutex_held(pPage->pBt->mutex) );
  6632   6675     /* The cell should normally be sized correctly.  However, when moving a
  6633   6676     ** malformed cell from a leaf page to an interior page, if the cell size
  6634   6677     ** wanted to be less than 4 but got rounded up to 4 on the leaf, then size
  6635   6678     ** might be less than 8 (leaf-size + pointer) on the interior node.  Hence
  6636   6679     ** the term after the || in the following assert(). */
  6637   6680     assert( sz==pPage->xCellSize(pPage, pCell) || (sz==8 && iChild>0) );
         6681  +  assert( pPage->nFree>=0 );
  6638   6682     if( pPage->nOverflow || sz+2>pPage->nFree ){
  6639   6683       if( pTemp ){
  6640   6684         memcpy(pTemp, pCell, sz);
  6641   6685         pCell = pTemp;
  6642   6686       }
  6643   6687       if( iChild ){
  6644   6688         put4byte(pCell, iChild);
................................................................................
  6688   6732       }
  6689   6733       pIns = pPage->aCellIdx + i*2;
  6690   6734       memmove(pIns+2, pIns, 2*(pPage->nCell - i));
  6691   6735       put2byte(pIns, idx);
  6692   6736       pPage->nCell++;
  6693   6737       /* increment the cell count */
  6694   6738       if( (++data[pPage->hdrOffset+4])==0 ) data[pPage->hdrOffset+3]++;
  6695         -    assert( get2byte(&data[pPage->hdrOffset+3])==pPage->nCell );
         6739  +    assert( get2byte(&data[pPage->hdrOffset+3])==pPage->nCell || CORRUPT_DB );
  6696   6740   #ifndef SQLITE_OMIT_AUTOVACUUM
  6697   6741       if( pPage->pBt->autoVacuum ){
  6698   6742         /* The cell may contain a pointer to an overflow page. If so, write
  6699   6743         ** the entry for the overflow page into the pointer map.
  6700   6744         */
  6701   6745         ptrmapPutOvflPtr(pPage, pPage, pCell, pRC);
  6702   6746       }
................................................................................
  6775   6819   **    ixNx[3] = Number of cells in Child-1 and Child-2 + both divider cells
  6776   6820   **    ixNx[4] = Total number of cells.
  6777   6821   **
  6778   6822   ** For a table-btree, the concept is similar, except only apEnd[0]..apEnd[2]
  6779   6823   ** are used and they point to the leaf pages only, and the ixNx value are:
  6780   6824   **
  6781   6825   **    ixNx[0] = Number of cells in Child-1.
  6782         -**    ixNx[1] = Number of cells in Child-1 and Child-2 + 1 for 1st divider.
  6783         -**    ixNx[2] = Number of cells in Child-1 and Child-2 + both divider cells
         6826  +**    ixNx[1] = Number of cells in Child-1 and Child-2.
         6827  +**    ixNx[2] = Total number of cells.
         6828  +**
         6829  +** Sometimes when deleting, a child page can have zero cells.  In those
         6830  +** cases, ixNx[] entries with higher indexes, and the corresponding apEnd[]
         6831  +** entries, shift down.  The end result is that each ixNx[] entry should
         6832  +** be larger than the previous
  6784   6833   */
  6785   6834   typedef struct CellArray CellArray;
  6786   6835   struct CellArray {
  6787   6836     int nCell;              /* Number of cells in apCell[] */
  6788   6837     MemPage *pRef;          /* Reference page */
  6789   6838     u8 **apCell;            /* All cells begin balanced */
  6790   6839     u16 *szCell;            /* Local size of all cells in apCell[] */
................................................................................
  7182   7231     MemPage *pNew;                       /* Newly allocated page */
  7183   7232     int rc;                              /* Return Code */
  7184   7233     Pgno pgnoNew;                        /* Page number of pNew */
  7185   7234   
  7186   7235     assert( sqlite3_mutex_held(pPage->pBt->mutex) );
  7187   7236     assert( sqlite3PagerIswriteable(pParent->pDbPage) );
  7188   7237     assert( pPage->nOverflow==1 );
  7189         -
         7238  +  
  7190   7239     if( pPage->nCell==0 ) return SQLITE_CORRUPT_BKPT;  /* dbfuzz001.test */
         7240  +  assert( pPage->nFree>=0 );
         7241  +  assert( pParent->nFree>=0 );
  7191   7242   
  7192   7243     /* Allocate a new page. This page will become the right-sibling of 
  7193   7244     ** pPage. Make the parent page writable, so that the new divider cell
  7194   7245     ** may be inserted. If both these operations are successful, proceed.
  7195   7246     */
  7196   7247     rc = allocateBtreePage(pBt, &pNew, &pgnoNew, 0, 0);
  7197   7248   
................................................................................
  7353   7404       /* Reinitialize page pTo so that the contents of the MemPage structure
  7354   7405       ** match the new data. The initialization of pTo can actually fail under
  7355   7406       ** fairly obscure circumstances, even though it is a copy of initialized 
  7356   7407       ** page pFrom.
  7357   7408       */
  7358   7409       pTo->isInit = 0;
  7359   7410       rc = btreeInitPage(pTo);
         7411  +    if( rc==SQLITE_OK ) rc = btreeComputeFreeSpace(pTo);
  7360   7412       if( rc!=SQLITE_OK ){
  7361   7413         *pRC = rc;
  7362   7414         return;
  7363   7415       }
  7364   7416     
  7365   7417       /* If this is an auto-vacuum database, update the pointer-map entries
  7366   7418       ** for any b-tree or overflow pages that pTo now contains the pointers to.
................................................................................
  7461   7513     */
  7462   7514     assert( pParent->nOverflow==0 || pParent->nOverflow==1 );
  7463   7515     assert( pParent->nOverflow==0 || pParent->aiOvfl[0]==iParentIdx );
  7464   7516   
  7465   7517     if( !aOvflSpace ){
  7466   7518       return SQLITE_NOMEM_BKPT;
  7467   7519     }
         7520  +  assert( pParent->nFree>=0 );
  7468   7521   
  7469   7522     /* Find the sibling pages to balance. Also locate the cells in pParent 
  7470   7523     ** that divide the siblings. An attempt is made to find NN siblings on 
  7471   7524     ** either side of pPage. More siblings are taken from one side, however, 
  7472   7525     ** if there are fewer than NN siblings on the other side. If pParent
  7473   7526     ** has NB or fewer children then all children of pParent are taken.  
  7474   7527     **
................................................................................
  7499   7552     }
  7500   7553     pgno = get4byte(pRight);
  7501   7554     while( 1 ){
  7502   7555       rc = getAndInitPage(pBt, pgno, &apOld[i], 0, 0);
  7503   7556       if( rc ){
  7504   7557         memset(apOld, 0, (i+1)*sizeof(MemPage*));
  7505   7558         goto balance_cleanup;
         7559  +    }
         7560  +    if( apOld[i]->nFree<0 ){
         7561  +      rc = btreeComputeFreeSpace(apOld[i]);
         7562  +      if( rc ){
         7563  +        memset(apOld, 0, (i)*sizeof(MemPage*));
         7564  +        goto balance_cleanup;
         7565  +      }
  7506   7566       }
  7507   7567       nMaxCells += 1+apOld[i]->nCell+apOld[i]->nOverflow;
  7508   7568       if( (i--)==0 ) break;
  7509   7569   
  7510   7570       if( pParent->nOverflow && i+nxDiv==pParent->aiOvfl[0] ){
  7511   7571         apDiv[i] = pParent->apOvfl[0];
  7512   7572         pgno = get4byte(apDiv[i]);
................................................................................
  7694   7754     ** 
  7695   7755     */
  7696   7756     usableSpace = pBt->usableSize - 12 + leafCorrection;
  7697   7757     for(i=k=0; i<nOld; i++, k++){
  7698   7758       MemPage *p = apOld[i];
  7699   7759       b.apEnd[k] = p->aDataEnd;
  7700   7760       b.ixNx[k] = cntOld[i];
         7761  +    if( k && b.ixNx[k]==b.ixNx[k-1] ){
         7762  +      k--;  /* Omit b.ixNx[] entry for child pages with no cells */
         7763  +    }
  7701   7764       if( !leafData ){
  7702   7765         k++;
  7703   7766         b.apEnd[k] = pParent->aDataEnd;
  7704   7767         b.ixNx[k] = cntOld[i]+1;
  7705   7768       }
         7769  +    assert( p->nFree>=0 );
  7706   7770       szNew[i] = usableSpace - p->nFree;
  7707   7771       for(j=0; j<p->nOverflow; j++){
  7708   7772         szNew[i] += 2 + p->xCellSize(p, p->apOvfl[j]);
  7709   7773       }
  7710   7774       cntNew[i] = cntOld[i];
  7711   7775     }
  7712   7776     k = nOld;
................................................................................
  7924   7988     ** associated with the right-child of each sibling may also need to be 
  7925   7989     ** updated. This happens below, after the sibling pages have been 
  7926   7990     ** populated, not here.
  7927   7991     */
  7928   7992     if( ISAUTOVACUUM ){
  7929   7993       MemPage *pOld;
  7930   7994       MemPage *pNew = pOld = apNew[0];
  7931         -    u8 *aOld = pNew->aData;
  7932   7995       int cntOldNext = pNew->nCell + pNew->nOverflow;
  7933         -    int usableSize = pBt->usableSize;
  7934   7996       int iNew = 0;
  7935   7997       int iOld = 0;
  7936   7998   
  7937   7999       for(i=0; i<b.nCell; i++){
  7938   8000         u8 *pCell = b.apCell[i];
  7939         -      if( i==cntOldNext ){
  7940         -        pOld = (++iOld)<nNew ? apNew[iOld] : apOld[iOld];
         8001  +      while( i==cntOldNext ){
         8002  +        iOld++;
         8003  +        assert( iOld<nNew || iOld<nOld );
         8004  +        pOld = iOld<nNew ? apNew[iOld] : apOld[iOld];
  7941   8005           cntOldNext += pOld->nCell + pOld->nOverflow + !leafData;
  7942         -        aOld = pOld->aData;
  7943   8006         }
  7944   8007         if( i==cntNew[iNew] ){
  7945   8008           pNew = apNew[++iNew];
  7946   8009           if( !leafData ) continue;
  7947   8010         }
  7948   8011   
  7949   8012         /* Cell pCell is destined for new sibling page pNew. Originally, it
................................................................................
  7950   8013         ** was either part of sibling page iOld (possibly an overflow cell), 
  7951   8014         ** or else the divider cell to the left of sibling page iOld. So,
  7952   8015         ** if sibling page iOld had the same page number as pNew, and if
  7953   8016         ** pCell really was a part of sibling page iOld (not a divider or
  7954   8017         ** overflow cell), we can skip updating the pointer map entries.  */
  7955   8018         if( iOld>=nNew
  7956   8019          || pNew->pgno!=aPgno[iOld]
  7957         -       || !SQLITE_WITHIN(pCell,aOld,&aOld[usableSize])
         8020  +       || !SQLITE_WITHIN(pCell,pOld->aData,pOld->aDataEnd)
  7958   8021         ){
  7959   8022           if( !leafCorrection ){
  7960   8023             ptrmapPut(pBt, get4byte(pCell), PTRMAP_BTREE, pNew->pgno, &rc);
  7961   8024           }
  7962   8025           if( cachedCellSize(&b,i)>pNew->minLocal ){
  7963   8026             ptrmapPutOvflPtr(pNew, pOld, pCell, &rc);
  7964   8027           }
................................................................................
  8200   8263     if( rc ){
  8201   8264       *ppChild = 0;
  8202   8265       releasePage(pChild);
  8203   8266       return rc;
  8204   8267     }
  8205   8268     assert( sqlite3PagerIswriteable(pChild->pDbPage) );
  8206   8269     assert( sqlite3PagerIswriteable(pRoot->pDbPage) );
  8207         -  assert( pChild->nCell==pRoot->nCell );
         8270  +  assert( pChild->nCell==pRoot->nCell || CORRUPT_DB );
  8208   8271   
  8209   8272     TRACE(("BALANCE: copy root %d into %d\n", pRoot->pgno, pChild->pgno));
  8210   8273   
  8211   8274     /* Copy the overflow cells from pRoot to pChild */
  8212   8275     memcpy(pChild->aiOvfl, pRoot->aiOvfl,
  8213   8276            pRoot->nOverflow*sizeof(pRoot->aiOvfl[0]));
  8214   8277     memcpy(pChild->apOvfl, pRoot->apOvfl,
................................................................................
  8242   8305     VVA_ONLY( int balance_quick_called = 0 );
  8243   8306     VVA_ONLY( int balance_deeper_called = 0 );
  8244   8307   
  8245   8308     do {
  8246   8309       int iPage = pCur->iPage;
  8247   8310       MemPage *pPage = pCur->pPage;
  8248   8311   
         8312  +    if( NEVER(pPage->nFree<0) && btreeComputeFreeSpace(pPage) ) break;
  8249   8313       if( iPage==0 ){
  8250   8314         if( pPage->nOverflow ){
  8251   8315           /* The root page of the b-tree is overfull. In this case call the
  8252   8316           ** balance_deeper() function to create a new child for the root-page
  8253   8317           ** and copy the current contents of the root-page to it. The
  8254   8318           ** next iteration of the do-loop will balance the child page.
  8255   8319           */ 
................................................................................
  8270   8334       }else if( pPage->nOverflow==0 && pPage->nFree<=nMin ){
  8271   8335         break;
  8272   8336       }else{
  8273   8337         MemPage * const pParent = pCur->apPage[iPage-1];
  8274   8338         int const iIdx = pCur->aiIdx[iPage-1];
  8275   8339   
  8276   8340         rc = sqlite3PagerWrite(pParent->pDbPage);
         8341  +      if( rc==SQLITE_OK && pParent->nFree<0 ){
         8342  +        rc = btreeComputeFreeSpace(pParent);
         8343  +      }
  8277   8344         if( rc==SQLITE_OK ){
  8278   8345   #ifndef SQLITE_OMIT_QUICKBALANCE
  8279   8346           if( pPage->intKeyLeaf
  8280   8347            && pPage->nOverflow==1
  8281   8348            && pPage->aiOvfl[0]==pPage->nCell
  8282   8349            && pParent->pgno!=1
  8283   8350            && pParent->nCell==iIdx
................................................................................
  8616   8683   
  8617   8684     }
  8618   8685     assert( pCur->eState==CURSOR_VALID || (pCur->eState==CURSOR_INVALID && loc) );
  8619   8686   
  8620   8687     pPage = pCur->pPage;
  8621   8688     assert( pPage->intKey || pX->nKey>=0 );
  8622   8689     assert( pPage->leaf || !pPage->intKey );
         8690  +  if( pPage->nFree<0 ){
         8691  +    rc = btreeComputeFreeSpace(pPage);
         8692  +    if( rc ) return rc;
         8693  +  }
  8623   8694   
  8624   8695     TRACE(("INSERT: table=%d nkey=%lld ndata=%d page=%d %s\n",
  8625   8696             pCur->pgnoRoot, pX->nKey, pX->nData, pPage->pgno,
  8626   8697             loc==0 ? "overwrite" : "new entry"));
  8627   8698     assert( pPage->isInit );
  8628   8699     newCell = pBt->pTmpSpace;
  8629   8700     assert( newCell!=0 );
................................................................................
  8766   8837     assert( pCur->eState==CURSOR_VALID );
  8767   8838     assert( (flags & ~(BTREE_SAVEPOSITION | BTREE_AUXDELETE))==0 );
  8768   8839   
  8769   8840     iCellDepth = pCur->iPage;
  8770   8841     iCellIdx = pCur->ix;
  8771   8842     pPage = pCur->pPage;
  8772   8843     pCell = findCell(pPage, iCellIdx);
         8844  +  if( pPage->nFree<0 && btreeComputeFreeSpace(pPage) ) return SQLITE_CORRUPT;
  8773   8845   
  8774   8846     /* If the bPreserve flag is set to true, then the cursor position must
  8775   8847     ** be preserved following this delete operation. If the current delete
  8776   8848     ** will cause a b-tree rebalance, then this is done by saving the cursor
  8777   8849     ** key and leaving the cursor in CURSOR_REQUIRESEEK state before 
  8778   8850     ** returning. 
  8779   8851     **
................................................................................
  8836   8908     ** node to replace the deleted cell.  */
  8837   8909     if( !pPage->leaf ){
  8838   8910       MemPage *pLeaf = pCur->pPage;
  8839   8911       int nCell;
  8840   8912       Pgno n;
  8841   8913       unsigned char *pTmp;
  8842   8914   
         8915  +    if( pLeaf->nFree<0 ){
         8916  +      rc = btreeComputeFreeSpace(pLeaf);
         8917  +      if( rc ) return rc;
         8918  +    }
  8843   8919       if( iCellDepth<pCur->iPage-1 ){
  8844   8920         n = pCur->apPage[iCellDepth+1]->pgno;
  8845   8921       }else{
  8846   8922         n = pCur->pPage->pgno;
  8847   8923       }
  8848   8924       pCell = findCell(pLeaf, pLeaf->nCell-1);
  8849   8925       if( pCell<&pLeaf->aData[4] ) return SQLITE_CORRUPT_BKPT;
................................................................................
  9727   9803     pPage->isInit = 0;
  9728   9804     if( (rc = btreeInitPage(pPage))!=0 ){
  9729   9805       assert( rc==SQLITE_CORRUPT );  /* The only possible error from InitPage */
  9730   9806       checkAppendMsg(pCheck,
  9731   9807                      "btreeInitPage() returns error code %d", rc);
  9732   9808       goto end_of_check;
  9733   9809     }
         9810  +  if( (rc = btreeComputeFreeSpace(pPage))!=0 ){
         9811  +    assert( rc==SQLITE_CORRUPT );
         9812  +    checkAppendMsg(pCheck, "free space corruption", rc);
         9813  +    goto end_of_check;
         9814  +  }
  9734   9815     data = pPage->aData;
  9735   9816     hdr = pPage->hdrOffset;
  9736   9817   
  9737   9818     /* Set up for cell analysis */
  9738   9819     pCheck->zPfx = "On tree page %d cell %d: ";
  9739   9820     contentOffset = get2byteNotZero(&data[hdr+5]);
  9740   9821     assert( contentOffset<=usableSize );  /* Enforced by btreeInitPage() */
................................................................................
  9859   9940       ** EVIDENCE-OF: R-20690-50594 The second field of the b-tree page header
  9860   9941       ** is the offset of the first freeblock, or zero if there are no
  9861   9942       ** freeblocks on the page. 
  9862   9943       */
  9863   9944       i = get2byte(&data[hdr+1]);
  9864   9945       while( i>0 ){
  9865   9946         int size, j;
  9866         -      assert( (u32)i<=usableSize-4 );     /* Enforced by btreeInitPage() */
         9947  +      assert( (u32)i<=usableSize-4 ); /* Enforced by btreeComputeFreeSpace() */
  9867   9948         size = get2byte(&data[i+2]);
  9868         -      assert( (u32)(i+size)<=usableSize );  /* Enforced by btreeInitPage() */
         9949  +      assert( (u32)(i+size)<=usableSize ); /* due to btreeComputeFreeSpace() */
  9869   9950         btreeHeapInsert(heap, (((u32)i)<<16)|(i+size-1));
  9870   9951         /* EVIDENCE-OF: R-58208-19414 The first 2 bytes of a freeblock are a
  9871   9952         ** big-endian integer which is the offset in the b-tree page of the next
  9872   9953         ** freeblock in the chain, or zero if the freeblock is the last on the
  9873   9954         ** chain. */
  9874   9955         j = get2byte(&data[i]);
  9875   9956         /* EVIDENCE-OF: R-06866-39125 Freeblocks are always connected in order of
  9876   9957         ** increasing offset. */
  9877         -      assert( j==0 || j>i+size );  /* Enforced by btreeInitPage() */
  9878         -      assert( (u32)j<=usableSize-4 );   /* Enforced by btreeInitPage() */
         9958  +      assert( j==0 || j>i+size );     /* Enforced by btreeComputeFreeSpace() */
         9959  +      assert( (u32)j<=usableSize-4 ); /* Enforced by btreeComputeFreeSpace() */
  9879   9960         i = j;
  9880   9961       }
  9881   9962       /* Analyze the min-heap looking for overlap between cells and/or 
  9882   9963       ** freeblocks, and counting the number of untracked bytes in nFrag.
  9883   9964       ** 
  9884   9965       ** Each min-heap entry is of the form:    (start_address<<16)|end_address.
  9885   9966       ** There is an implied first entry the covers the page header, the cell

Changes to src/btreeInt.h.

   266    266     u8 hdrOffset;        /* 100 for page 1.  0 otherwise */
   267    267     u8 childPtrSize;     /* 0 if leaf==1.  4 if leaf==0 */
   268    268     u8 max1bytePayload;  /* min(maxLocal,127) */
   269    269     u8 nOverflow;        /* Number of overflow cell bodies in aCell[] */
   270    270     u16 maxLocal;        /* Copy of BtShared.maxLocal or BtShared.maxLeaf */
   271    271     u16 minLocal;        /* Copy of BtShared.minLocal or BtShared.minLeaf */
   272    272     u16 cellOffset;      /* Index in aData of first cell pointer */
   273         -  u16 nFree;           /* Number of free bytes on the page */
          273  +  int nFree;           /* Number of free bytes on the page. -1 for unknown */
   274    274     u16 nCell;           /* Number of cells on this page, local and ovfl */
   275    275     u16 maskPage;        /* Mask for page offset */
   276    276     u16 aiOvfl[4];       /* Insert the i-th overflow cell before the aiOvfl-th
   277    277                          ** non-overflow cell */
   278    278     u8 *apOvfl[4];       /* Pointers to the body of overflow cells */
   279    279     BtShared *pBt;       /* Pointer to BtShared that this page is part of */
   280    280     u8 *aData;           /* Pointer to disk image of the page data */

Changes to src/build.c.

  1817   1817       sqlite3CreateIndex(pParse, 0, 0, 0, pList, pTab->keyConf, 0, 0, 0, 0,
  1818   1818                          SQLITE_IDXTYPE_PRIMARYKEY);
  1819   1819       if( db->mallocFailed || pParse->nErr ) return;
  1820   1820       pPk = sqlite3PrimaryKeyIndex(pTab);
  1821   1821       pTab->iPKey = -1;
  1822   1822     }else{
  1823   1823       pPk = sqlite3PrimaryKeyIndex(pTab);
         1824  +    assert( pPk!=0 );
  1824   1825   
  1825   1826       /*
  1826   1827       ** Remove all redundant columns from the PRIMARY KEY.  For example, change
  1827   1828       ** "PRIMARY KEY(a,b,a,b,c,b,c,d)" into just "PRIMARY KEY(a,b,c,d)".  Later
  1828   1829       ** code assumes the PRIMARY KEY contains no repeated columns.
  1829   1830       */
  1830   1831       for(i=j=1; i<pPk->nKeyCol; i++){
................................................................................
  1986   1987         sqlite3ErrorMsg(pParse, "");
  1987   1988         return;
  1988   1989       }
  1989   1990       p->tnum = db->init.newTnum;
  1990   1991       if( p->tnum==1 ) p->tabFlags |= TF_Readonly;
  1991   1992     }
  1992   1993   
         1994  +  assert( (p->tabFlags & TF_HasPrimaryKey)==0
         1995  +       || p->iPKey>=0 || sqlite3PrimaryKeyIndex(p)!=0 );
         1996  +  assert( (p->tabFlags & TF_HasPrimaryKey)!=0
         1997  +       || (p->iPKey<0 && sqlite3PrimaryKeyIndex(p)==0) );
         1998  +
  1993   1999     /* Special processing for WITHOUT ROWID Tables */
  1994   2000     if( tabOpts & TF_WithoutRowid ){
  1995   2001       if( (p->tabFlags & TF_Autoincrement) ){
  1996   2002         sqlite3ErrorMsg(pParse,
  1997   2003             "AUTOINCREMENT not allowed on WITHOUT ROWID tables");
  1998   2004         return;
  1999   2005       }

Changes to src/insert.c.

  1665   1665           sqlite3VdbeAddOp2(v, iField<0 ? OP_IntCopy : OP_SCopy, x, regIdx+i);
  1666   1666           VdbeComment((v, "%s", iField<0 ? "rowid" : pTab->aCol[iField].zName));
  1667   1667         }
  1668   1668       }
  1669   1669       sqlite3VdbeAddOp3(v, OP_MakeRecord, regIdx, pIdx->nColumn, aRegIdx[ix]);
  1670   1670       VdbeComment((v, "for %s", pIdx->zName));
  1671   1671   #ifdef SQLITE_ENABLE_NULL_TRIM
  1672         -    if( pIdx->idxType==2 ) sqlite3SetMakeRecordP5(v, pIdx->pTable);
         1672  +    if( pIdx->idxType==SQLITE_IDXTYPE_PRIMARYKEY ){
         1673  +      sqlite3SetMakeRecordP5(v, pIdx->pTable);
         1674  +    }
  1673   1675   #endif
  1674   1676   
  1675   1677       /* In an UPDATE operation, if this index is the PRIMARY KEY index 
  1676   1678       ** of a WITHOUT ROWID table and there has been no change the
  1677   1679       ** primary key, then no collision is possible.  The collision detection
  1678   1680       ** logic below can all be skipped. */
  1679   1681       if( isUpdate && pPk==pIdx && pkChng==0 ){
................................................................................
  2406   2408           if( sqlite3_stricmp(sqlite3StrBINARY, zColl) ) break;
  2407   2409         }
  2408   2410         if( i==pSrcIdx->nColumn ){
  2409   2411           idxInsFlags = OPFLAG_USESEEKRESULT;
  2410   2412           sqlite3VdbeAddOp1(v, OP_SeekEnd, iDest);
  2411   2413         }
  2412   2414       }
  2413         -    if( !HasRowid(pSrc) && pDestIdx->idxType==2 ){
         2415  +    if( !HasRowid(pSrc) && pDestIdx->idxType==SQLITE_IDXTYPE_PRIMARYKEY ){
  2414   2416         idxInsFlags |= OPFLAG_NCHANGE;
  2415   2417       }
  2416   2418       sqlite3VdbeAddOp2(v, OP_IdxInsert, iDest, regData);
  2417   2419       sqlite3VdbeChangeP5(v, idxInsFlags|OPFLAG_APPEND);
  2418   2420       sqlite3VdbeAddOp2(v, OP_Next, iSrc, addr1+1); VdbeCoverage(v);
  2419   2421       sqlite3VdbeJumpHere(v, addr1);
  2420   2422       sqlite3VdbeAddOp2(v, OP_Close, iSrc, 0);

Changes to src/malloc.c.

   657    657   void sqlite3OomFault(sqlite3 *db){
   658    658     if( db->mallocFailed==0 && db->bBenignMalloc==0 ){
   659    659       db->mallocFailed = 1;
   660    660       if( db->nVdbeExec>0 ){
   661    661         db->u1.isInterrupted = 1;
   662    662       }
   663    663       db->lookaside.bDisable++;
          664  +    if( db->pParse ){
          665  +      db->pParse->rc = SQLITE_NOMEM_BKPT;
          666  +    }
   664    667     }
   665    668   }
   666    669   
   667    670   /*
   668    671   ** This routine reactivates the memory allocator and clears the
   669    672   ** db->mallocFailed flag as necessary.
   670    673   **

Changes to src/pager.c.

  7739   7739   
  7740   7740   /*
  7741   7741   ** Release a lock obtained by an earlier successful call to
  7742   7742   ** sqlite3PagerSnapshotCheck().
  7743   7743   */
  7744   7744   void sqlite3PagerSnapshotUnlock(Pager *pPager){
  7745   7745     assert( pPager->pWal );
  7746         -  return sqlite3WalSnapshotUnlock(pPager->pWal);
         7746  +  sqlite3WalSnapshotUnlock(pPager->pWal);
  7747   7747   }
  7748   7748   
  7749   7749   #endif /* SQLITE_ENABLE_SNAPSHOT */
  7750   7750   #endif /* !SQLITE_OMIT_WAL */
  7751   7751   
  7752   7752   #ifdef SQLITE_ENABLE_ZIPVFS
  7753   7753   /*

Changes to src/resolve.c.

  1529   1529             sqlite3ErrorMsg(pParse, "aggregate functions are not allowed in "
  1530   1530                 "the GROUP BY clause");
  1531   1531             return WRC_Abort;
  1532   1532           }
  1533   1533         }
  1534   1534       }
  1535   1535   
         1536  +#ifndef SQLITE_OMIT_WINDOWFUNC
  1536   1537       if( IN_RENAME_OBJECT ){
  1537   1538         Window *pWin;
  1538   1539         for(pWin=p->pWinDefn; pWin; pWin=pWin->pNextWin){
  1539   1540           if( sqlite3ResolveExprListNames(&sNC, pWin->pOrderBy)
  1540   1541            || sqlite3ResolveExprListNames(&sNC, pWin->pPartition)
  1541   1542           ){
  1542   1543             return WRC_Abort;
  1543   1544           }
  1544   1545         }
  1545   1546       }
         1547  +#endif
  1546   1548   
  1547   1549       /* If this is part of a compound SELECT, check that it has the right
  1548   1550       ** number of expressions in the select list. */
  1549   1551       if( p->pNext && p->pEList->nExpr!=p->pNext->pEList->nExpr ){
  1550   1552         sqlite3SelectWrongNumTermsError(pParse, p->pNext);
  1551   1553         return WRC_Abort;
  1552   1554       }

Changes to src/sqliteInt.h.

  1443   1443   #endif
  1444   1444     void *pCommitArg;                 /* Argument to xCommitCallback() */
  1445   1445     int (*xCommitCallback)(void*);    /* Invoked at every commit. */
  1446   1446     void *pRollbackArg;               /* Argument to xRollbackCallback() */
  1447   1447     void (*xRollbackCallback)(void*); /* Invoked at every commit. */
  1448   1448     void *pUpdateArg;
  1449   1449     void (*xUpdateCallback)(void*,int, const char*,const char*,sqlite_int64);
         1450  +  Parse *pParse;                /* Current parse */
  1450   1451   #ifdef SQLITE_ENABLE_PREUPDATE_HOOK
  1451   1452     void *pPreUpdateArg;          /* First argument to xPreUpdateCallback */
  1452   1453     void (*xPreUpdateCallback)(   /* Registered using sqlite3_preupdate_hook() */
  1453   1454       void*,sqlite3*,int,char const*,char const*,sqlite3_int64,sqlite3_int64
  1454   1455     );
  1455   1456     PreUpdate *pPreUpdate;        /* Context for active pre-update callback */
  1456   1457   #endif /* SQLITE_ENABLE_PREUPDATE_HOOK */
................................................................................
  3106   3107   #ifndef SQLITE_OMIT_SHARED_CACHE
  3107   3108     int nTableLock;        /* Number of locks in aTableLock */
  3108   3109     TableLock *aTableLock; /* Required table locks for shared-cache mode */
  3109   3110   #endif
  3110   3111     AutoincInfo *pAinc;  /* Information about AUTOINCREMENT counters */
  3111   3112     Parse *pToplevel;    /* Parse structure for main program (or NULL) */
  3112   3113     Table *pTriggerTab;  /* Table triggers are being coded for */
         3114  +  Parse *pParentParse; /* Parent parser if this parser is nested */
  3113   3115     int addrCrTab;       /* Address of OP_CreateBtree opcode on CREATE TABLE */
  3114   3116     u32 nQueryLoop;      /* Est number of iterations of a query (10*log2(N)) */
  3115   3117     u32 oldmask;         /* Mask of old.* columns referenced */
  3116   3118     u32 newmask;         /* Mask of new.* columns referenced */
  3117   3119     u8 eTriggerOp;       /* TK_UPDATE, TK_INSERT or TK_DELETE */
  3118   3120     u8 eOrconf;          /* Default ON CONFLICT policy for trigger steps */
  3119   3121     u8 disableTriggers;  /* True to disable triggers */

Changes to src/tokenize.c.

   556    556     int nErr = 0;                   /* Number of errors encountered */
   557    557     void *pEngine;                  /* The LEMON-generated LALR(1) parser */
   558    558     int n = 0;                      /* Length of the next token token */
   559    559     int tokenType;                  /* type of the next token */
   560    560     int lastTokenParsed = -1;       /* type of the previous token */
   561    561     sqlite3 *db = pParse->db;       /* The database connection */
   562    562     int mxSqlLen;                   /* Max length of an SQL string */
          563  +  VVA_ONLY( u8 startedWithOom = db->mallocFailed );
   563    564   #ifdef sqlite3Parser_ENGINEALWAYSONSTACK
   564    565     yyParser sEngine;    /* Space to hold the Lemon-generated Parser object */
   565    566   #endif
   566    567   
   567    568     assert( zSql!=0 );
   568    569     mxSqlLen = db->aLimit[SQLITE_LIMIT_SQL_LENGTH];
   569    570     if( db->nVdbeActive==0 ){
................................................................................
   590    591       return SQLITE_NOMEM_BKPT;
   591    592     }
   592    593   #endif
   593    594     assert( pParse->pNewTable==0 );
   594    595     assert( pParse->pNewTrigger==0 );
   595    596     assert( pParse->nVar==0 );
   596    597     assert( pParse->pVList==0 );
          598  +  pParse->pParentParse = db->pParse;
          599  +  db->pParse = pParse;
   597    600     while( 1 ){
   598    601       n = sqlite3GetToken((u8*)zSql, &tokenType);
   599    602       mxSqlLen -= n;
   600    603       if( mxSqlLen<0 ){
   601    604         pParse->rc = SQLITE_TOOBIG;
   602    605         break;
   603    606       }
................................................................................
   646    649         }
   647    650       }
   648    651       pParse->sLastToken.z = zSql;
   649    652       pParse->sLastToken.n = n;
   650    653       sqlite3Parser(pEngine, tokenType, pParse->sLastToken);
   651    654       lastTokenParsed = tokenType;
   652    655       zSql += n;
   653         -    if( pParse->rc!=SQLITE_OK || db->mallocFailed ) break;
          656  +    assert( db->mallocFailed==0 || pParse->rc!=SQLITE_OK || startedWithOom );
          657  +    if( pParse->rc!=SQLITE_OK ) break;
   654    658     }
   655    659     assert( nErr==0 );
   656    660   #ifdef YYTRACKMAXSTACKDEPTH
   657    661     sqlite3_mutex_enter(sqlite3MallocMutex());
   658    662     sqlite3StatusHighwater(SQLITE_STATUS_PARSER_STACK,
   659    663         sqlite3ParserStackPeak(pEngine)
   660    664     );
................................................................................
   714    718       sqlite3DbFreeNN(db, p);
   715    719     }
   716    720     while( pParse->pZombieTab ){
   717    721       Table *p = pParse->pZombieTab;
   718    722       pParse->pZombieTab = p->pNextZombie;
   719    723       sqlite3DeleteTable(db, p);
   720    724     }
          725  +  db->pParse = pParse->pParentParse;
          726  +  pParse->pParentParse = 0;
   721    727     assert( nErr==0 || pParse->rc!=SQLITE_OK );
   722    728     return nErr;
   723    729   }
   724    730   
   725    731   
   726    732   #ifdef SQLITE_ENABLE_NORMALIZE
   727    733   /*

Changes to src/vdbe.c.

   618    618   #ifdef VDBE_PROFILE
   619    619     u64 start;                 /* CPU clock count at start of opcode */
   620    620   #endif
   621    621     /*** INSERT STACK UNION HERE ***/
   622    622   
   623    623     assert( p->magic==VDBE_MAGIC_RUN );  /* sqlite3_step() verifies this */
   624    624     sqlite3VdbeEnter(p);
          625  +#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
          626  +  if( db->xProgress ){
          627  +    u32 iPrior = p->aCounter[SQLITE_STMTSTATUS_VM_STEP];
          628  +    assert( 0 < db->nProgressOps );
          629  +    nProgressLimit = db->nProgressOps - (iPrior % db->nProgressOps);
          630  +  }else{
          631  +    nProgressLimit = 0xffffffff;
          632  +  }
          633  +#endif
   625    634     if( p->rc==SQLITE_NOMEM ){
   626    635       /* This happens if a malloc() inside a call to sqlite3_column_text() or
   627    636       ** sqlite3_column_text16() failed.  */
   628    637       goto no_mem;
   629    638     }
   630    639     assert( p->rc==SQLITE_OK || (p->rc&0xff)==SQLITE_BUSY
   631    640               || (p->rc&0xFF)==SQLITE_LOCKED );
................................................................................
   632    641     assert( p->bIsReader || p->readOnly!=0 );
   633    642     p->iCurrentTime = 0;
   634    643     assert( p->explain==0 );
   635    644     p->pResultSet = 0;
   636    645     db->busyHandler.nBusy = 0;
   637    646     if( db->u1.isInterrupted ) goto abort_due_to_interrupt;
   638    647     sqlite3VdbeIOTraceSql(p);
   639         -#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
   640         -  if( db->xProgress ){
   641         -    u32 iPrior = p->aCounter[SQLITE_STMTSTATUS_VM_STEP];
   642         -    assert( 0 < db->nProgressOps );
   643         -    nProgressLimit = db->nProgressOps - (iPrior % db->nProgressOps);
   644         -  }else{
   645         -    nProgressLimit = 0xffffffff;
   646         -  }
   647         -#endif
   648    648   #ifdef SQLITE_DEBUG
   649    649     sqlite3BeginBenignMalloc();
   650    650     if( p->pc==0
   651    651      && (p->db->flags & (SQLITE_VdbeListing|SQLITE_VdbeEQP|SQLITE_VdbeTrace))!=0
   652    652     ){
   653    653       int i;
   654    654       int once = 1;
................................................................................
   820    820     ** If the progress callback returns non-zero, exit the virtual machine with
   821    821     ** a return code SQLITE_ABORT.
   822    822     */
   823    823     if( nVmStep>=nProgressLimit && db->xProgress!=0 ){
   824    824       assert( db->nProgressOps!=0 );
   825    825       nProgressLimit = nVmStep + db->nProgressOps - (nVmStep%db->nProgressOps);
   826    826       if( db->xProgress(db->pProgressArg) ){
          827  +      nProgressLimit = 0xffffffff;
   827    828         rc = SQLITE_INTERRUPT;
   828    829         goto abort_due_to_error;
   829    830       }
   830    831     }
   831    832   #endif
   832    833     
   833    834     break;
................................................................................
  1365   1366   case OP_ResultRow: {
  1366   1367     Mem *pMem;
  1367   1368     int i;
  1368   1369     assert( p->nResColumn==pOp->p2 );
  1369   1370     assert( pOp->p1>0 );
  1370   1371     assert( pOp->p1+pOp->p2<=(p->nMem+1 - p->nCursor)+1 );
  1371   1372   
  1372         -#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
  1373         -  /* Run the progress counter just before returning.
  1374         -  */
  1375         -  if( db->xProgress!=0
  1376         -   && nVmStep>=nProgressLimit 
  1377         -   && db->xProgress(db->pProgressArg)!=0
  1378         -  ){
  1379         -    rc = SQLITE_INTERRUPT;
  1380         -    goto abort_due_to_error;
  1381         -  }
  1382         -#endif
  1383         -
  1384   1373     /* If this statement has violated immediate foreign key constraints, do
  1385   1374     ** not return the number of rows modified. And do not RELEASE the statement
  1386   1375     ** transaction. It needs to be rolled back.  */
  1387   1376     if( SQLITE_OK!=(rc = sqlite3VdbeCheckFk(p, 0)) ){
  1388   1377       assert( db->flags&SQLITE_CountRows );
  1389   1378       assert( p->usesStmtJournal );
  1390   1379       goto abort_due_to_error;
................................................................................
  2603   2592       op_column_read_header:
  2604   2593         i = pC->nHdrParsed;
  2605   2594         offset64 = aOffset[i];
  2606   2595         zHdr = zData + pC->iHdrOffset;
  2607   2596         zEndHdr = zData + aOffset[0];
  2608   2597         testcase( zHdr>=zEndHdr );
  2609   2598         do{
  2610         -        if( (t = zHdr[0])<0x80 ){
         2599  +        if( (pC->aType[i] = t = zHdr[0])<0x80 ){
  2611   2600             zHdr++;
  2612   2601             offset64 += sqlite3VdbeOneByteSerialTypeLen(t);
  2613   2602           }else{
  2614   2603             zHdr += sqlite3GetVarint32(zHdr, &t);
         2604  +          pC->aType[i] = t;
  2615   2605             offset64 += sqlite3VdbeSerialTypeLen(t);
  2616   2606           }
  2617         -        pC->aType[i++] = t;
  2618         -        aOffset[i] = (u32)(offset64 & 0xffffffff);
         2607  +        aOffset[++i] = (u32)(offset64 & 0xffffffff);
  2619   2608         }while( i<=p2 && zHdr<zEndHdr );
  2620   2609   
  2621   2610         /* The record is corrupt if any of the following are true:
  2622   2611         ** (1) the bytes of the header extend past the declared header size
  2623   2612         ** (2) the entire header was used but not all data was used
  2624   2613         ** (3) the end of the data extends beyond the end of the record.
  2625   2614         */
................................................................................
  7592   7581       sqlite3ResetOneSchema(db, resetSchemaOnFault-1);
  7593   7582     }
  7594   7583   
  7595   7584     /* This is the only way out of this procedure.  We have to
  7596   7585     ** release the mutexes on btrees that were acquired at the
  7597   7586     ** top. */
  7598   7587   vdbe_return:
  7599         -  testcase( nVmStep>0 );
         7588  +#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
         7589  +  if( nVmStep>=nProgressLimit && db->xProgress!=0 ){
         7590  +    if( db->xProgress(db->pProgressArg) ){
         7591  +      nProgressLimit = 0xffffffff;
         7592  +      rc = SQLITE_INTERRUPT;
         7593  +      goto abort_due_to_error;
         7594  +    }
         7595  +  }
         7596  +#endif
  7600   7597     p->aCounter[SQLITE_STMTSTATUS_VM_STEP] += (int)nVmStep;
  7601   7598     sqlite3VdbeLeave(p);
  7602   7599     assert( rc!=SQLITE_OK || nExtraDelete==0 
  7603   7600          || sqlite3_strlike("DELETE%",p->zSql,0)!=0 
  7604   7601     );
  7605   7602     return rc;
  7606   7603   

Changes to src/vdbemem.c.

   174    174     assert(rc==SQLITE_OK    || pMem->enc!=desiredEnc);
   175    175     assert(rc==SQLITE_NOMEM || pMem->enc==desiredEnc);
   176    176     return rc;
   177    177   #endif
   178    178   }
   179    179   
   180    180   /*
   181         -** Make sure pMem->z points to a writable allocation of at least 
   182         -** min(n,32) bytes.
          181  +** Make sure pMem->z points to a writable allocation of at least n bytes.
   183    182   **
   184    183   ** If the bPreserve argument is true, then copy of the content of
   185    184   ** pMem->z into the new allocation.  pMem must be either a string or
   186    185   ** blob if bPreserve is true.  If bPreserve is false, any prior content
   187    186   ** in pMem->z is discarded.
   188    187   */
   189    188   SQLITE_NOINLINE int sqlite3VdbeMemGrow(Mem *pMem, int n, int bPreserve){
................................................................................
   194    193     /* If the bPreserve flag is set to true, then the memory cell must already
   195    194     ** contain a valid string or blob value.  */
   196    195     assert( bPreserve==0 || pMem->flags&(MEM_Blob|MEM_Str) );
   197    196     testcase( bPreserve && pMem->z==0 );
   198    197   
   199    198     assert( pMem->szMalloc==0
   200    199          || pMem->szMalloc==sqlite3DbMallocSize(pMem->db, pMem->zMalloc) );
   201         -  if( n<32 ) n = 32;
   202    200     if( pMem->szMalloc>0 && bPreserve && pMem->z==pMem->zMalloc ){
   203    201       pMem->z = pMem->zMalloc = sqlite3DbReallocOrFree(pMem->db, pMem->z, n);
   204    202       bPreserve = 0;
   205    203     }else{
   206    204       if( pMem->szMalloc>0 ) sqlite3DbFreeNN(pMem->db, pMem->zMalloc);
   207    205       pMem->zMalloc = sqlite3DbMallocRaw(pMem->db, n);
   208    206     }
................................................................................
  1043   1041       iLimit = SQLITE_MAX_LENGTH;
  1044   1042     }
  1045   1043     flags = (enc==0?MEM_Blob:MEM_Str);
  1046   1044     if( nByte<0 ){
  1047   1045       assert( enc!=0 );
  1048   1046       if( enc==SQLITE_UTF8 ){
  1049   1047         nByte = 0x7fffffff & (int)strlen(z);
  1050         -      if( nByte>iLimit ) nByte = iLimit+1;
  1051   1048       }else{
  1052   1049         for(nByte=0; nByte<=iLimit && (z[nByte] | z[nByte+1]); nByte+=2){}
  1053   1050       }
  1054   1051       flags |= MEM_Term;
  1055   1052     }
  1056   1053   
  1057   1054     /* The following block sets the new values of Mem.z and Mem.xDel. It
  1058   1055     ** also sets a flag in local variable "flags" to indicate the memory
  1059   1056     ** management (one of MEM_Dyn or MEM_Static).
  1060   1057     */
  1061   1058     if( xDel==SQLITE_TRANSIENT ){
  1062         -    int nAlloc = nByte;
         1059  +    u32 nAlloc = nByte;
  1063   1060       if( flags&MEM_Term ){
  1064   1061         nAlloc += (enc==SQLITE_UTF8?1:2);
  1065   1062       }
  1066   1063       if( nByte>iLimit ){
  1067   1064         return SQLITE_TOOBIG;
  1068   1065       }
  1069   1066       testcase( nAlloc==0 );
  1070   1067       testcase( nAlloc==31 );
  1071   1068       testcase( nAlloc==32 );
  1072         -    if( sqlite3VdbeMemClearAndResize(pMem, MAX(nAlloc,32)) ){
         1069  +    if( sqlite3VdbeMemClearAndResize(pMem, (int)MAX(nAlloc,32)) ){
  1073   1070         return SQLITE_NOMEM_BKPT;
  1074   1071       }
  1075   1072       memcpy(pMem->z, z, nAlloc);
  1076         -  }else if( xDel==SQLITE_DYNAMIC ){
  1077         -    sqlite3VdbeMemRelease(pMem);
  1078         -    pMem->zMalloc = pMem->z = (char *)z;
  1079         -    pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->zMalloc);
  1080   1073     }else{
  1081   1074       sqlite3VdbeMemRelease(pMem);
  1082   1075       pMem->z = (char *)z;
  1083         -    pMem->xDel = xDel;
  1084         -    flags |= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
         1076  +    if( xDel==SQLITE_DYNAMIC ){
         1077  +      pMem->zMalloc = pMem->z;
         1078  +      pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->zMalloc);
         1079  +    }else{
         1080  +      pMem->xDel = xDel;
         1081  +      flags |= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
         1082  +    }
  1085   1083     }
  1086   1084   
  1087   1085     pMem->n = nByte;
  1088   1086     pMem->flags = flags;
  1089   1087     pMem->enc = (enc==0 ? SQLITE_UTF8 : enc);
  1090   1088   
  1091   1089   #ifndef SQLITE_OMIT_UTF16

Changes to src/wherecode.c.

  1340   1340       iReleaseReg = ++pParse->nMem;
  1341   1341       iRowidReg = codeEqualityTerm(pParse, pTerm, pLevel, 0, bRev, iReleaseReg);
  1342   1342       if( iRowidReg!=iReleaseReg ) sqlite3ReleaseTempReg(pParse, iReleaseReg);
  1343   1343       addrNxt = pLevel->addrNxt;
  1344   1344       sqlite3VdbeAddOp3(v, OP_SeekRowid, iCur, addrNxt, iRowidReg);
  1345   1345       VdbeCoverage(v);
  1346   1346       pLevel->op = OP_Noop;
         1347  +    pTerm->wtFlags |= TERM_CODED;
  1347   1348     }else if( (pLoop->wsFlags & WHERE_IPK)!=0
  1348   1349            && (pLoop->wsFlags & WHERE_COLUMN_RANGE)!=0
  1349   1350     ){
  1350   1351       /* Case 3:  We have an inequality comparison against the ROWID field.
  1351   1352       */
  1352   1353       int testOp = OP_Noop;
  1353   1354       int start;

Changes to test/altertab2.test.

   175    175   } {
   176    176   {CREATE TRIGGER r1 AFTER INSERT ON "t1x" WHEN new.aaa NOT NULL BEGIN
   177    177       UPDATE "t1x" SET (c,ddd)=(aaa,b);
   178    178     END}
   179    179   }
   180    180   
   181    181   #-------------------------------------------------------------------------
          182  +ifcapable windowfunc {
   182    183   do_execsql_test 5.0 {
   183    184     CREATE TABLE t2(a);
   184    185     CREATE TRIGGER r2 AFTER INSERT ON t2 WHEN new.a NOT NULL BEGIN
   185    186       SELECT a, sum(a) OVER w1 FROM t2
   186    187         WINDOW w1 AS (
   187    188           PARTITION BY a ORDER BY a 
   188    189           ROWS BETWEEN 2 PRECEDING AND 3 FOLLOWING
................................................................................
   231    232         );
   232    233     END}
   233    234   }
   234    235   
   235    236   do_execsql_test 5.3 {
   236    237     INSERT INTO t2x VALUES(1);
   237    238   } {}
          239  +} ;# windowfunc
   238    240   
   239    241   #-------------------------------------------------------------------------
   240    242   
   241    243   do_execsql_test 6.0 {
   242    244     CREATE TABLE t3(a,b,c,d);
   243    245     CREATE TRIGGER r3 AFTER INSERT ON t3 WHEN new.a NOT NULL BEGIN
   244    246       SELECT a,b,c FROM t3 EXCEPT SELECT a,b,c FROM t3 ORDER BY a;

Changes to test/altertab3.test.

    16     16   
    17     17   # If SQLITE_OMIT_ALTERTABLE is defined, omit this file.
    18     18   ifcapable !altertable {
    19     19     finish_test
    20     20     return
    21     21   }
    22     22   
           23  +ifcapable windowfunc {
    23     24   do_execsql_test 1.0 {
    24     25     CREATE TABLE t1(a, b);
    25     26     CREATE TRIGGER tr1 AFTER INSERT ON t1 BEGIN
    26     27       SELECT sum(b) OVER w FROM t1 WINDOW w AS (ORDER BY a);
    27     28     END;
    28     29   }
    29     30   
................................................................................
    36     37   } {{CREATE TRIGGER tr1 AFTER INSERT ON t1 BEGIN
    37     38       SELECT sum(b) OVER w FROM t1 WINDOW w AS (ORDER BY aaa);
    38     39     END}}
    39     40   
    40     41   do_execsql_test 1.3 {
    41     42     INSERT INTO t1 VALUES(1, 2);
    42     43   }
           44  +} ;# windowfunc
    43     45   
    44     46   #-------------------------------------------------------------------------
    45     47   reset_db
    46     48   do_execsql_test 2.0 {
    47     49     CREATE TABLE t1(a,b,c);
    48     50     CREATE TABLE t2(a,b,c);
    49     51     CREATE TRIGGER r1 AFTER INSERT ON t1 WHEN new.a NOT NULL BEGIN

Changes to test/autoindex5.test.

   124    124     ) FROM one;
   125    125   } {8.0}
   126    126   
   127    127   # Ticket https://www.sqlite.org/src/info/787fa716be3a7f65
   128    128   # Segfault due to multiple uses of the same subquery where the
   129    129   # subquery is implemented via coroutine.
   130    130   #
          131  +ifcapable windowfunc {
   131    132   sqlite3 db :memory:
   132    133   do_execsql_test 3.0 {
   133    134     -- This is the original test case reported on the mailing list
   134    135     CREATE TABLE artists (
   135    136       id integer NOT NULL PRIMARY KEY AUTOINCREMENT,
   136    137       name varchar(255)
   137    138     );
................................................................................
   162    163             WHERE (name = 'Al')
   163    164           ) AS 't1'
   164    165           WHERE (x = 1)
   165    166         ))
   166    167         AND (albums.id IN (1, 2)))
   167    168     ));
   168    169   } {1 Ar}
          170  +} ;# windowfunc
          171  +
   169    172   # The remaining test cases were discovered (by Dan) during trouble-shooting
   170    173   sqlite3 db :memory:
   171    174   do_execsql_test 3.1 {
   172    175     CREATE TABLE t1 (a); INSERT INTO t1 (a) VALUES (104);
   173    176     CREATE TABLE t2 (b); INSERT INTO t2 (b) VALUES (104);
   174    177     CREATE TABLE t3 (c); INSERT INTO t3 (c) VALUES (104);
   175    178     CREATE TABLE t4 (d); INSERT INTO t4 (d) VALUES (104);

Changes to test/corrupt2.test.

    91     91     set f [open corrupt.db RDWR]
    92     92     fconfigure $f -encoding binary
    93     93     seek $f 101 start
    94     94     puts -nonewline $f "\xFF\xFF"
    95     95     close $f
    96     96   
    97     97     sqlite3 db2 corrupt.db
    98         -  catchsql "
    99         -    $::presql
   100         -    SELECT * FROM sqlite_master;
   101         -  " db2
   102         -} {1 {database disk image is malformed}}
           98  +  # Note: This test is no longer meaningful due to the deferred computation
           99  +  # of MemPage.nFree 
          100  +  catchsql {PRAGMA quick_check} db2
          101  +} {0 {{*** in database main ***
          102  +Page 1: free space corruption}}}
   103    103   
   104    104   do_test corrupt2-1.5 {
   105    105     db2 close
   106    106   
   107    107     # Corrupt the free-block list on page 1.
   108    108     forcedelete corrupt.db
   109    109     forcedelete corrupt.db-journal
................................................................................
   114    114     puts -nonewline $f "\x00\xC8"
   115    115     seek $f 200 start
   116    116     puts -nonewline $f "\x00\x00"
   117    117     puts -nonewline $f "\x10\x00"
   118    118     close $f
   119    119   
   120    120     sqlite3 db2 corrupt.db
   121         -  catchsql "
   122         -    $::presql
   123         -    SELECT * FROM sqlite_master;
   124         -  " db2
   125         -} {1 {database disk image is malformed}}
          121  +  catchsql {PRAGMA quick_check} db2
          122  +} {0 {{*** in database main ***
          123  +Page 1: free space corruption}}}
   126    124   db2 close
   127    125   
   128    126   # Corrupt a database by having 2 indices of the same name:
   129    127   do_test corrupt2-2.1 {
   130    128   
   131    129     forcedelete corrupt.db
   132    130     forcedelete corrupt.db-journal

Changes to test/corruptD.test.

   107    107   #-------------------------------------------------------------------------
   108    108   # The following tests, corruptD-1.1.*, focus on the page header field
   109    109   # containing the offset of the first free block in a page. 
   110    110   #
   111    111   do_test corruptD-1.1.1 {
   112    112     incr_change_counter
   113    113     hexio_write test.db [expr 1024+1] FFFF
   114         -  catchsql { SELECT * FROM t1 ORDER BY rowid }
   115         -} {1 {database disk image is malformed}}
          114  +  catchsql { PRAGMA quick_check }
          115  +} {0 {{*** in database main ***
          116  +Page 2: free space corruption}}}
   116    117   do_test corruptD-1.1.2 {
   117    118     incr_change_counter
   118    119     hexio_write test.db [expr 1024+1] [hexio_render_int32 1021]
   119    120     catchsql { SELECT * FROM t1 ORDER BY rowid }
   120    121   } {1 {database disk image is malformed}}
   121    122   
   122    123   #-------------------------------------------------------------------------

Changes to test/corruptK.test.

    64     64     seek $fd 30
    65     65     puts -nonewline $fd "\x18"
    66     66     close $fd
    67     67   } {}
    68     68   do_execsql_test 1.3 {
    69     69     INSERT INTO t1 VALUES(randomblob(20));
    70     70   }
           71  +
           72  +# This test no longer functions due to the deferred computation of
           73  +# MemPage.nFree.
           74  +#
           75  +if 0 {
    71     76   do_catchsql_test 1.4 {
    72     77     INSERT INTO t1 VALUES(randomblob(90));
    73     78   } {1 {database disk image is malformed}}
           79  +}
    74     80   
    75     81   #-------------------------------------------------------------------------
    76     82   reset_db
    77     83   do_execsql_test 2.1 {
    78     84     PRAGMA page_size=1024;
    79     85     PRAGMA auto_vacuum=0;
    80     86     CREATE TABLE t1(x);

Changes to test/fts3corrupt4.test.

  3047   3047   |   4080: 75 69 6c 64 0a 01 02 1d 6f 70 74 69 6d 69 7a 65   uild....optimize
  3048   3048   | end crash-526ea445f41c02.db
  3049   3049   }]} {}
  3050   3050   
  3051   3051   do_catchsql_test 19.1 {
  3052   3052     SELECT rowid,a,c,snippet(t1,85101090932165,-1,10) FROM t1 WHERE a MATCH 'rtree';
  3053   3053   } {1 {database disk image is malformed}}
         3054  +
         3055  +#-------------------------------------------------------------------------
         3056  +reset_db
         3057  +do_test 20.0 {
         3058  +  sqlite3 db {}
         3059  +  db deserialize [decode_hexdb {
         3060  +.open --hexdb
         3061  +| size 28672 pagesize 4096 filename crash-afecd03c862e58.db
         3062  +| page 1 offset 0
         3063  +|      0: 53 51 4c 69 74 65 20 66 6f 72 6d 61 74 20 33 00   SQLite format 3.
         3064  +|     16: 10 00 01 01 00 40 20 20 00 00 00 00 00 00 00 07   .....@  ........
         3065  +|     32: 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04   ................
         3066  +|     96: 00 00 00 00 0d 0e ef 00 07 0d 4d 00 0f bd 0f 5f   ..........M...._
         3067  +|    112: 0e f7 0e 06 0e bc 0d a4 0d 4d 00 00 01 00 00 00   .........M......
         3068  +|   3392: 00 00 00 00 00 00 00 00 00 00 00 00 00 55 07 07   .............U..
         3069  +|   3408: 17 1b 1b 01 81 01 74 61 62 6c 65 74 31 5f 73 74   ......tablet1_st
         3070  +|   3424: 61 74 74 31 5f 73 74 61 74 07 43 52 45 41 54 45   att1_stat.CREATE
         3071  +|   3440: 20 54 41 42 4c 45 20 27 74 31 5f 73 74 61 74 27    TABLE 't1_stat'
         3072  +|   3456: 28 69 64 20 49 4e 54 45 47 45 52 20 50 52 49 4d   (id INTEGER PRIM
         3073  +|   3472: 41 52 59 20 4b 45 59 2c 20 76 61 6c 75 65 20 42   ARY KEY, value B
         3074  +|   3488: 4c 4f 42 29 60 06 07 17 21 21 01 81 0b 74 61 62   LOB)`...!!...tab
         3075  +|   3504: 6c 65 74 31 5f 64 6f 63 73 69 7a 65 74 31 5f 64   let1_docsizet1_d
         3076  +|   3520: 6f 63 73 69 7a 65 06 43 52 45 41 54 45 20 54 41   ocsize.CREATE TA
         3077  +|   3536: 42 4c 45 20 27 74 31 5f 64 6f 63 73 69 7a 65 27   BLE 't1_docsize'
         3078  +|   3552: 28 64 6f 63 69 64 20 49 4e 54 45 47 45 52 20 50   (docid INTEGER P
         3079  +|   3568: 52 49 4d 41 52 59 30 4b 45 59 2c 20 73 69 7a 65   RIMARY0KEY, size
         3080  +|   3584: 20 42 4c 4f 42 29 81 33 04 07 17 1f 1f 01 82 35    BLOB).3.......5
         3081  +|   3600: 74 61 62 6c 65 74 31 5f 73 65 67 64 69 72 74 31   tablet1_segdirt1
         3082  +|   3616: 5f 73 65 67 64 69 25 04 43 52 45 41 54 45 20 54   _segdi%.CREATE T
         3083  +|   3632: 41 42 4c 45 20 27 74 31 5f 73 65 67 64 69 72 27   ABLE 't1_segdir'
         3084  +|   3648: 28 6c 65 76 65 6c 20 49 4e 54 45 47 45 52 2c 69   (level INTEGER,i
         3085  +|   3664: 64 78 20 49 4e 54 45 47 45 52 2c 73 74 61 72 74   dx INTEGER,start
         3086  +|   3680: 5f 62 6c 6f 63 6b 20 49 4e 54 45 47 45 52 2c 6c   _block INTEGER,l
         3087  +|   3696: 65 61 76 65 73 5f 65 6e 64 5f 62 6c 6f 63 6b 20   eaves_end_block 
         3088  +|   3712: 49 4d 54 45 47 45 52 2c 65 6e 64 5f 62 6c 6f 63   IMTEGER,end_bloc
         3089  +|   3728: 6b 20 49 4e 54 45 47 45 52 2c 72 6f 6f 74 20 42   k INTEGER,root B
         3090  +|   3744: 4c 4f 42 2c 50 52 49 4d 41 52 59 20 4b 45 59 28   LOB,PRIMARY KEY(
         3091  +|   3760: 6c 65 76 65 6c 2c 20 69 64 78 29 29 31 05 06 17   level, idx))1...
         3092  +|   3776: 45 1f 01 00 69 6e 64 65 78 73 71 6c 69 74 65 5f   E...indexsqlite_
         3093  +|   3792: 61 75 74 6f 69 6e 64 65 78 5f 74 31 5f 73 65 67   autoindex_t1_seg
         3094  +|   3808: 64 69 72 5f 31 74 31 5f 73 65 67 64 69 72 05 00   dir_1t1_segdir..
         3095  +|   3824: 00 00 08 00 00 00 00 66 03 07 17 23 23 01 81 13   .......f...##...
         3096  +|   3840: 74 61 62 6c 65 74 31 5f 73 65 67 6d 65 6e 74 73   tablet1_segments
         3097  +|   3856: 74 31 5f 73 65 67 6d 65 6e 74 73 03 43 52 45 41   t1_segments.CREA
         3098  +|   3872: 54 45 20 54 41 42 4c 45 20 27 74 31 5f 73 65 67   TE TABLE 't1_seg
         3099  +|   3888: 6d 65 6e 74 73 27 28 62 6c 6f 63 6b 69 64 20 49   ments'(blockid I
         3100  +|   3904: 4e 54 45 47 45 52 20 50 52 49 4d 41 52 59 20 4b   NTEGER PRIMARY K
         3101  +|   3920: 45 59 2c 20 62 6c 6f 63 6b 20 42 4c 4f 42 29 5c   EY, block BLOB).
         3102  +|   3936: 02 07 17 21 21 01 81 03 74 61 62 6c 65 74 31 5f   ...!!...tablet1_
         3103  +|   3952: 63 6f 6e 74 65 6e 74 74 31 5f 63 6f 6e 74 65 6e   contentt1_conten
         3104  +|   3968: 74 02 43 52 45 41 54 45 20 54 41 42 4c 45 20 27   t.CREATE TABLE '
         3105  +|   3984: 74 31 5f 63 6f 6e 74 65 6e 74 27 28 64 6f 63 69   t1_content'(doci
         3106  +|   4000: 64 20 49 4e 54 45 47 45 52 20 50 52 49 4d 41 52   d INTEGER PRIMAR
         3107  +|   4016: 59 20 4b 45 59 2c 20 27 63 30 61 27 29 41 01 06   Y KEY, 'c0a')A..
         3108  +|   4032: 17 11 11 08 71 74 61 62 6c 65 74 31 74 31 43 52   ....qtablet1t1CR
         3109  +|   4048: 45 41 54 45 20 56 49 52 54 55 41 4c 20 54 41 42   EATE VIRTUAL TAB
         3110  +|   4064: 4c 45 20 74 31 20 55 53 49 4e 47 20 66 74 73 34   LE t1 USING fts4
         3111  +|   4080: 28 61 2c 70 72 65 66 69 78 3d 27 31 2c 32 27 29   (a,prefix='1,2')
         3112  +| page 2 offset 4096
         3113  +|      0: 0d 00 00 00 08 0e 1f 00 0f c4 0f 7c 0f 34 0f 07   ...........|.4..
         3114  +|     16: 0e c3 0e 97 0e 63 0e 1f 00 00 00 00 00 00 00 00   .....c..........
         3115  +|   3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 42   ...............B
         3116  +|   3616: 08 04 00 81 09 73 75 6e 74 20 69 6e 20 63 75 6c   .....sunt in cul
         3117  +|   3632: 70 61 20 71 75 68 20 6f 66 66 69 63 69 61 20 64   pa quh officia d
         3118  +|   3648: 65 73 65 72 75 6e 74 20 6d 6f 6c 6c 69 74 20 61   eserunt mollit a
         3119  +|   3664: 6e 69 6d 20 69 64 20 65 73 74 20 6c 61 62 6f 72   nim id est labor
         3120  +|   3680: 75 6d 2e 32 07 03 01 6b 45 78 63 65 70 74 65 75   um.2...kExcepteu
         3121  +|   3696: 72 20 73 69 6e 74 20 6f 63 63 61 65 63 61 74 20   r sint occaecat 
         3122  +|   3712: 63 75 70 69 64 61 74 61 74 20 6e 6f 6e 20 70 72   cupidatat non pr
         3123  +|   3728: 6f 69 64 65 6e 74 2c 2a 06 03 00 5b 63 69 6c 6c   oident,*...[cill
         3124  +|   3744: 75 6d 20 64 6f 6c 6f 72 65 20 65 75 20 66 75 67   um dolore eu fug
         3125  +|   3760: 69 61 74 20 6e 75 6c 6c 61 20 70 61 72 69 61 74   iat nulla pariat
         3126  +|   3776: 75 72 2e 43 05 04 00 81 09 44 75 69 73 20 61 75   ur.C.....Duis au
         3127  +|   3792: 74 65 20 69 72 75 72 65 20 64 6f 6c 6f 72 20 69   te irure dolor i
         3128  +|   3808: 6e 20 72 65 70 72 65 68 65 6e 64 65 72 69 74 20   n reprehenderit 
         3129  +|   3824: 69 6e 20 76 6f 6c 75 70 74 61 74 65 20 76 65 6c   in voluptate vel
         3130  +|   3840: 69 74 20 65 73 73 65 2b 14 03 00 5d 6e 69 73 69   it esse+...]nisi
         3131  +|   3856: 20 75 74 20 61 6c 69 71 75 69 70 20 65 78 20 65    ut aliquip ex e
         3132  +|   3872: 61 20 63 6f 6d 6d 6f 64 6f 20 63 6f 6e 73 65 71   a commodo conseq
         3133  +|   3888: 75 61 74 2e 46 03 04 00 81 11 55 74 20 65 6e 69   uat.F.....Ut eni
         3134  +|   3904: 6d 20 61 63 20 6d 69 6e 69 6d 20 76 65 6e 69 61   m ac minim venia
         3135  +|   3920: 6d 2c 20 71 75 69 73 20 6e 6f 73 74 72 75 64 20   m, quis nostrud 
         3136  +|   3936: 65 78 65 72 63 69 74 61 74 69 6f 6e 20 75 6c 6c   exercitation ull
         3137  +|   3952: 61 6d 63 6f 20 6c 61 62 6f 72 69 73 46 02 04 00   amco laborisF...
         3138  +|   3968: 81 11 73 65 64 20 64 6f 20 65 69 75 73 6d 6f 64   ..sed do eiusmod
         3139  +|   3984: 20 74 65 6d 70 6f 72 20 69 6e 63 69 64 69 64 75    tempor incididu
         3140  +|   4000: 6e 74 20 75 74 20 6c 61 62 6f 72 65 20 65 74 20   nt ut labore et 
         3141  +|   4016: 64 6f 6c 6f 72 65 20 6d 61 67 6e 61 20 61 6c 69   dolore magna ali
         3142  +|   4032: 71 75 61 2e 3a 01 03 00 7b 4c 6f 72 65 6d 20 69   qua.:....Lorem i
         3143  +|   4048: 70 73 75 6d 20 64 6f 6c 6f 72 20 73 69 74 20 61   psum dolor sit a
         3144  +|   4064: 6d 65 74 2c 20 63 6f 6e 73 65 63 74 65 74 75 72   met, consectetur
         3145  +|   4080: 20 61 64 69 70 69 73 63 69 6e 67 20 65 6c 69 74    adipiscing elit
         3146  +| page 3 offset 8192
         3147  +|      0: 0d 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00   ................
         3148  +| page 4 offset 12288
         3149  +|      0: 0d 00 00 00 03 0a a6 00 0d 57 0c 4a 0a a6 00 00   .........W.J....
         3150  +|   2720: 00 00 00 00 00 00 83 21 03 08 02 08 08 08 17 86   .......!........
         3151  +|   2736: 30 08 00 30 20 34 30 32 00 02 61 64 06 01 08 00   0..0 402..ad....
         3152  +|   2752: 02 04 00 01 01 6c 06 02 0c 00 02 04 00 01 01 6d   .....l.........m
         3153  +|   2768: 03 01 06 00 01 01 6e 03 08 09 00 01 01 75 03 05   ......n......u..
         3154  +|   2784: 03 00 00 02 63 69 03 06 01 00 01 01 6f 07 01 07   ....ci......o...
         3155  +|   2800: 00 03 07 03 00 01 01 75 06 07 05 00 01 04 00 00   .......u........
         3156  +|   2816: 02 64 65 03 08 07 00 01 01 6f 0d 01 04 00 01 03   .de......o......
         3157  +|   2832: 09 00 03 05 00 01 03 00 01 01 75 03 05 02 00 00   ..........u.....
         3158  +|   2848: 02 65 61 03 04 06 00 01 01 69 03 02 04 00 01 01   .ea......i......
         3159  +|   2864: 6c 03 01 09 00 01 01 6e 03 03 03 00 01 01 73 06   l......n......s.
         3160  +|   2880: 05 0b 00 03 0b 00 01 01 74 03 02 09 00 01 01 75   ........t......u
         3161  +|   2896: 03 06 04 00 01 01 78 09 03 09 00 01 05 00 03 02   ......x.........
         3162  +|   2912: 00 00 02 66 75 03 06 05 00 00 02 69 64 03 08 0a   ...fu......id...
         3163  +|   2928: 00 01 01 6e 0a 02 06 00 03 06 04 00 03 03 00 01   ...n............
         3164  +|   2944: 01 70 03 01 13 00 01 01 72 03 05 04 00 00 02 6c   .p......r......l
         3165  +|   2960: 61 09 02 08 00 01 0b 00 05 0c 00 01 01 6f 03 01   a............o..
         3166  +|   2976: 02 00 00 02 6d 61 03 02 0b 00 01 01 69 03 03 05   ....ma......i...
         3167  +|   2992: 00 01 01 6f 03 08 08 00 00 02 6e 69 03 04 02 00   ...o......ni....
         3168  +|   3008: 01 01 6f 06 03 08 00 04 06 00 01 01 75 03 06 06   ..o.........u...
         3169  +|   3024: 00 00 02 6f 63 03 07 04 00 01 01 66 03 08 06 00   ...oc......f....
         3170  +|   3040: 00 02 70 61 03 06 07 00 01 01 72 03 07 07 00 00   ..pa......r.....
         3171  +|   3056: 02 71 75 06 03 07 00 05 05 00 00 02 72 65 03 05   .qu.........re..
         3172  +|   3072: 07 00 00 02 73 65 03 02 02 00 01 01 69 06 01 05   ....se......i...
         3173  +|   3088: 00 06 03 00 01 01 75 03 08 02 00 00 02 74 65 03   ......u......te.
         3174  +|   3104: 03 05 00 00 02 72 bc 03 03 0a 00 01 01 74 09 02   .....r.......t..
         3175  +|   3120: 07 00 01 02 00 01 03 00 00 02 76 65 06 03 06 00   ..........ve....
         3176  +|   3136: 02 0a 00 01 01 6f 03 05 09 00 82 0a 02 08 02 08   .....o..........
         3177  +|   3152: 08 08 17 84 02 04 00 30 20 32 35 31 00 01 61 13   .......0 251..a.
         3178  +|   3168: 01 06 04 00 01 0c 00 01 04 00 01 04 00 01 03 00   ................
         3179  +|   3184: 03 09 00 00 01 63 10 01 07 00 03 07 03 00 02 02   .....c..........
         3180  +|   3200: 00 01 05 00 01 04 00 00 01 64 11 01 04 00 01 03   .........d......
         3181  +|   3216: 09 00 03 02 05 00 01 03 00 02 07 00 00 01 65 1b   ..............e.
         3182  +|   3232: 01 09 00 01 04 07 00 01 03 08 00 01 05 03 00 01   ................
         3183  +|   3248: 0b 00 01 04 00 01 02 00 01 0b 00 00 01 66 03 06   .............f..
         3184  +|   3264: 05 00 00 01 69 0f 01 03 00 01 06 00 02 04 04 04   ....i...........
         3185  +|   3280: 00 03 03 09 00 00 01 6c 0c 01 02 00 01 08 00 01   .......l........
         3186  +|   3296: 0b 00 05 0c 00 00 01 6d 09 02 0b 00 01 05 00 05   .......m........
         3187  +|   3312: 08 00 00 01 6e 0c 03 08 00 01 02 00 02 06 00 01   ....n...........
         3188  +|   3328: 06 00 f0 01 6f 06 07 04 00 01 06 00 00 01 70 06   ....o.........p.
         3189  +|   3344: 06 07 00 01 07 00 00 01 71 06 03 07 00 05 05 00   ........q.......
         3190  +|   3360: 00 01 72 03 05 08 00 00 01 73 0c 01 05 00 01 02   ..r......s......
         3191  +|   3376: 00 05 03 00 01 02 00 00 01 74 03 02 05 00 00 01   .........t......
         3192  +|   3392: 75 0a 02 07 00 01 02 0a 00 01 03 00 00 01 76 07   u.............v.
         3193  +|   3408: 03 06 00 02 09 03 00 85 26 01 08 08 08 08 08 17   ........&.......
         3194  +|   3424: 8a 3e 30 21 36 36 35 00 02 61 64 03 03 04 00 02   .>0!665..ad.....
         3195  +|   3440: 08 69 70 69 73 63 69 6e 67 03 01 08 00 01 05 6c   .ipiscing......l
         3196  +|   3456: 69 71 75 61 03 02 0c 00 05 02 69 70 03 04 04 00   iqua......ip....
         3197  +|   3472: 01 03 6d 65 74 03 01 06 00 01 03 6e 69 6d 03 08   ..met......nim..
         3198  +|   3488: 09 00 01 03 75 74 65 03 05 03 00 00 06 63 69 6c   ....ute......cil
         3199  +|   3504: 6c 75 6d 03 06 02 00 01 06 6f 6d 6d 6f 64 6f 03   lum......ommodo.
         3200  +|   3520: 04 07 00 02 09 6e 73 65 63 74 65 74 75 72 03 01   .....nsectetur..
         3201  +|   3536: 07 00 05 04 71 75 61 74 03 04 08 00 01 04 75 6c   ....quat......ul
         3202  +|   3552: 70 61 03 08 04 00 02 07 70 69 64 61 74 61 74 03   pa......pidatat.
         3203  +|   3568: 07 05 00 00 08 64 65 73 65 72 75 6e 74 03 08 07   .....deserunt...
         3204  +|   3584: 00 01 01 6f 03 02 03 00 02 03 6c 6f 72 06 01 04   ...o......lor...
         3205  +|   3600: 00 04 05 00 05 01 65 06 02 0a 00 04 03 00 01 03   ......e.........
         3206  +|   3616: 75 69 73 03 05 02 00 00 02 65 61 03 04 06 00 01   uis......ea.....
         3207  +|   3632: 06 69 75 73 6d 6f 64 03 02 04 00 01 03 6c 69 74   .iusmod......lit
         3208  +|   3648: 03 01 09 00 01 03 6e 69 6d 03 03 03 00 01 03 73   ......nim......s
         3209  +|   3664: 73 65 03 05 0b 00 02 01 74 03 08 0b 00 01 01 74   se......t......t
         3210  +|   3680: 03 02 09 00 01 01 75 03 06 04 00 01 01 78 03 04   ......u......x..
         3211  +|   3696: 05 00 02 07 63 65 70 74 65 75 72 03 07 02 00 02   ....cepteur.....
         3212  +|   3712: 0a 65 72 63 69 74 61 74 69 6f 6e 03 03 09 00 00   .ercitation.....
         3213  +|   3728: 06 66 75 67 69 61 74 03 06 05 00 00 02 69 64 03   .fugiat......id.
         3214  +|   3744: 08 0a 00 01 01 6e 07 05 06 04 00 03 03 00 02 08   .....n..........
         3215  +|   3760: 63 69 64 69 64 75 6e 74 03 02 06 00 01 04 70 73   cididunt......ps
         3216  +|   3776: 75 6d 03 01 03 00 01 04 72 75 72 65 03 05 04 00   um......rure....
         3217  +|   3792: 00 06 6c 61 62 6f 72 65 03 02 08 00 05 02 69 73   ..labore......is
         3218  +|   3808: 03 03 0b 00 05 02 75 6d 03 08 0c 00 01 04 6f 72   ......um......or
         3219  +|   3824: 65 6d 03 01 02 00 00 05 6d 61 67 6e 61 03 02 0b   em......magna...
         3220  +|   3840: 00 01 04 69 6e 69 6d 03 03 05 00 01 05 6f 6c 6c   ...inim......oll
         3221  +|   3856: 69 74 03 08 08 00 00 04 6e 69 73 69 03 04 02 00   it......nisi....
         3222  +|   3872: 01 02 6f 6e 03 07 06 00 02 05 73 74 72 75 64 03   ..on......strud.
         3223  +|   3888: 03 08 00 01 04 75 6c 6c 61 03 06 06 00 00 08 6f   .....ulla......o
         3224  +|   3904: 63 63 61 65 63 61 74 03 07 04 00 01 06 66 66 69   ccaecat......ffi
         3225  +|   3920: 63 69 61 03 08 06 00 00 08 70 61 72 69 61 74 75   cia......pariatu
         3226  +|   3936: 72 03 06 07 00 01 07 72 6f 69 64 65 6e 74 03 07   r......roident..
         3227  +|   3952: 07 00 00 03 71 75 69 03 08 05 00 03 01 73 03 03   ....qui......s..
         3228  +|   3968: 07 00 00 0d 72 65 41 72 65 68 65 6e 64 65 72 69   ....reArehenderi
         3229  +|   3984: 74 03 05 07 00 00 03 73 65 64 03 02 02 00 01 03   t......sed......
         3230  +|   4000: 69 6e 74 03 07 03 00 02 01 74 03 01 05 00 01 03   int......t......
         3231  +|   4016: 75 6e 74 03 08 02 00 00 06 74 65 6d 70 6f 72 03   unt......tempor.
         3232  +|   4032: 02 05 00 00 07 75 6c 6c 61 6d 63 6f 03 03 0a 00   .....ullamco....
         3233  +|   4048: 01 01 74 09 02 07 00 01 02 00 01 03 00 00 05 76   ..t............v
         3234  +|   4064: 65 6c 69 74 03 05 0a 00 02 04 6e 69 61 6d 03 03   elit......niam..
         3235  +|   4080: 06 00 01 08 70 6c 75 70 74 61 74 65 03 05 09 00   ....pluptate....
         3236  +| page 5 offset 16384
         3237  +|      0: 0a 00 00 00 03 0f eb 00 0f fb 0f f3 0f eb 00 00   ................
         3238  +|   4064: 00 00 00 00 00 00 00 00 00 00 00 07 04 02 08 01   ................
         3239  +|   4080: 08 00 03 07 04 0a 98 01 04 00 02 04 04 08 08 09   ................
         3240  +| page 6 offset 20480
         3241  +|      0: 0d 00 00 00 08 0f d0 00 0f fa 0f f4 0f ee 0f e8   ................
         3242  +|     16: 0f e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
         3243  +|   4048: 04 08 03 00 0e 0b 04 07 03 00 0e 06 04 06 03 00   ................
         3244  +|   4064: 0e 06 04 05 03 00 0e 0a 04 04 03 00 0e 07 04 03   ................
         3245  +|   4080: 03 00 0e 0a 04 02 03 00 0e 0b 04 01 03 00 0e 08   ................
         3246  +| page 7 offset 24576
         3247  +|      0: 0d 00 00 00 01 0f f7 00 0f f7 00 00 00 00 00 00   ................
         3248  +|   4080: 00 00 00 00 00 00 00 07 00 03 00 14 08 45 b5 03   .............E..
         3249  +| end crash-afecd03c862e58.db
         3250  +}]} {}
         3251  +
         3252  +do_execsql_test 20.1 {
         3253  +  BEGIN;
         3254  +  WITH RECURSIVE c(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM c WHERE x<10)
         3255  +    INSERT INTO t1(a) SELECT randomblob(3000) FROM c;
         3256  +}
         3257  +
         3258  +do_execsql_test 20.2 {
         3259  +  INSERT INTO t1(t1) VALUES('optimize');
         3260  +} 
         3261  +
  3054   3262   
  3055   3263   finish_test
  3056   3264   

Changes to test/fuzzdata8.db.

cannot compute difference between binary files

Changes to test/in.test.

   646    646   do_execsql_test in-14.0 {
   647    647     CREATE TABLE c1(a);
   648    648     INSERT INTO c1 VALUES(1), (2), (4), (3);
   649    649   }
   650    650   do_execsql_test in-14.1 {
   651    651     SELECT * FROM c1 WHERE a IN (SELECT a FROM c1) ORDER BY 1
   652    652   } {1 2 3 4}
          653  +
          654  +# 2019-02-20 Ticket https://www.sqlite.org/src/tktview/df46dfb631f75694fbb97033b69
          655  +#
          656  +do_execsql_test in-15.0 {
          657  +  DROP TABLE IF EXISTS t1;
          658  +  CREATE TABLE IF NOT EXISTS t1(id INTEGER PRIMARY KEY);
          659  +  INSERT INTO t1 VALUES(1);
          660  +  SELECT a.id FROM t1 AS a JOIN t1 AS b ON a.id=b.id WHERE a.id IN (1,2,3);
          661  +} {1}
          662  +do_execsql_test in-15.1 {
          663  +  DROP TABLE IF EXISTS t2;
          664  +  CREATE TABLE t2(a INTEGER PRIMARY KEY,b);
          665  +  INSERT INTO t2 VALUES(1,11);
          666  +  INSERT INTO t2 VALUES(2,22);
          667  +  INSERT INTO t2 VALUES(3,33);
          668  +  SELECT b, a IN (3,4,5) FROM t2 ORDER BY b;
          669  +} {11 0 22 0 33 1}
          670  +do_execsql_test in-15.2 {
          671  +  DROP TABLE IF EXISTS t3;
          672  +  CREATE TABLE t3(x INTEGER PRIMARY KEY);
          673  +  INSERT INTO t3 VALUES(8);
          674  +  SELECT CASE WHEN x NOT IN (5,6,7) THEN 'yes' ELSE 'no' END FROM t3;
          675  +  SELECT CASE WHEN x NOT IN (NULL,6,7) THEN 'yes' ELSE 'no' END FROM t3;
          676  +} {yes no}
          677  +do_execsql_test in-15.3 {
          678  +  SELECT CASE WHEN x NOT IN (5,6,7) OR x=0 THEN 'yes' ELSE 'no' END FROM t3;
          679  +  SELECT CASE WHEN x NOT IN (NULL,6,7) OR x=0 THEN 'yes' ELSE 'no' END FROM t3;
          680  +} {yes no}
          681  +do_execsql_test in-15.4 {
          682  +  DROP TABLE IF EXISTS t4;
          683  +  CREATE TABLE t4(a INTEGER PRIMARY KEY, b INT);
          684  +  WITH RECURSIVE c(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM c WHERE x<20)
          685  +    INSERT INTO t4(a,b) SELECT x, x+100 FROM c;
          686  +  SELECT b FROM t4 WHERE a IN (3,null,8) ORDER BY +b;
          687  +} {103 108}
          688  +do_execsql_test in-15.5 {
          689  +  SELECT b FROM t4 WHERE a NOT IN (3,null,8);
          690  +} {}
          691  +do_execsql_test in-15.6 {
          692  +  DROP TABLE IF EXISTS t5;
          693  +  DROP TABLE IF EXISTS t6;
          694  +  CREATE TABLE t5(id INTEGER PRIMARY KEY, name TEXT);
          695  +  CREATE TABLE t6(id INTEGER PRIMARY KEY, name TEXT, t5_id INT);
          696  +  INSERT INTO t5 VALUES(1,'Alice'),(2,'Emma');
          697  +  INSERT INTO t6 VALUES(1,'Bob',1),(2,'Cindy',1),(3,'Dave',2);
          698  +  SELECT a.*
          699  +    FROM t5 AS 'a' JOIN t5 AS 'b' ON b.id=a.id
          700  +   WHERE b.id IN (
          701  +          SELECT t6.t5_id
          702  +            FROM t6
          703  +           WHERE name='Bob'
          704  +             AND t6.t5_id IS NOT NULL
          705  +             AND t6.id IN (
          706  +                  SELECT id
          707  +                    FROM (SELECT t6.id, count(*) AS x
          708  +                            FROM t6
          709  +                           WHERE name='Bob'
          710  +                         ) AS 't'
          711  +                   WHERE x=1
          712  +                 )
          713  +             AND t6.id IN (1,id)
          714  +         );
          715  +} {1 Alice}
          716  +
   653    717   
   654    718   finish_test