-C Remove\scode\smade\sunreachable\sby\sthe\senhancement\sof\sthe\sprevious\scheck-in.
-D 2012-01-11T16:16:08.656
+C Remove\ssome\sassert()\sstatements\sthat\scan\sfail\swith\scorrupt\sdatabases.
+D 2012-01-12T14:25:55.908
F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
F Makefile.in 5b4a3e12a850b021547e43daf886b25133b44c07
F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
F src/backup.c e9538bad2d4a4fcd4308f1aed7cb18a0fbc968f9
F src/bitvec.c af50f1c8c0ff54d6bdb7a80e2fceca5a93670bef
F src/btmutex.c 976f45a12e37293e32cae0281b15a21d48a8aaa7
-F src/btree.c 378a0f39d6e25cc3f7c40db3d90ec6f0a29e7733
+F src/btree.c 8276f939669ed652dfe073b1290fe0094ff92458
F src/btree.h f5d775cd6cfc7ac32a2535b70e8d2af48ef5f2ce
F src/btreeInt.h 6c9960645c431c9456ca56498f43a2b3bf1fa8c2
F src/build.c 8e2a4dedad860fed982270ef43968505f35ec57f
F test/corruptC.test 62a767fe64acb1975f58cc6171192839c783edbb
F test/corruptD.test 99b1999dbfa7cc04aaeac9d695a2445d4e7c7458
F test/corruptE.test 1b9eb20a8711251ce57b44a257e241085b39b52d
+F test/corruptF.test 984b1706c9c0e4248141b056c21124612628d12e
F test/count.test 454e1ce985c94d13efeac405ce54439f49336163
F test/crash.test 519dc29f6fea151f015a23236e555239353946eb
F test/crash2.test 5b14d4eb58b880e231361d3b609b216acda86651
F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
F tool/warnings-clang.sh 9f406d66e750e8ac031c63a9ef3248aaa347ef2a
F tool/warnings.sh fbc018d67fd7395f440c28f33ef0f94420226381
-P 629108c8e5376f989cd66e11437949a54c33a5b8
-R 0e3f2b6eff759aa9860b31ea731b9403
-U drh
-Z 39b800b2fc63936bd07e49ea34b13ab2
+P 9e31a275ef494ea8713a1d60a15b84157e57c3ff
+R 04391ebd30f10ed455a6246275bb3b80
+U dan
+Z 8b2af6d3a0a6ab469514bfcff8c006db
return SQLITE_OK;
}
-#ifndef NDEBUG
+#if 0
/*
** Page pParent is an internal (non-leaf) tree page. This function
** asserts that page number iChild is the left-child if the iIdx'th
assert( pCur->eState==CURSOR_VALID );
assert( pCur->iPage>0 );
assert( pCur->apPage[pCur->iPage] );
+
+ /* UPDATE: It is actually possible for the condition tested by the assert
+ ** below to be untrue if the database file is corrupt. This can occur if
+ ** one cursor has modified page pParent while a reference to it is held
+ ** by a second cursor. Which can only happen if a single page is linked
+ ** into more than one b-tree structure in a corrupt database. */
+#if 0
assertParentIndex(
pCur->apPage[pCur->iPage-1],
pCur->aiIdx[pCur->iPage-1],
pCur->apPage[pCur->iPage]->pgno
);
+#endif
+ testcase( iIdx>pParent->nCell );
+
releasePage(pCur->apPage[pCur->iPage]);
pCur->iPage--;
pCur->info.nSize = 0;
pPage = pCur->apPage[pCur->iPage];
idx = ++pCur->aiIdx[pCur->iPage];
assert( pPage->isInit );
- assert( idx<=pPage->nCell );
+
+ /* If the database file is corrupt, it is possible for the value of idx
+ ** to be invalid here. This can only occur if a second cursor modifies
+ ** the page while cursor pCur is holding a reference to it. Which can
+ ** only happen if the database is corrupt in such a way as to link the
+ ** page into more than one b-tree structure. */
+ testcase( idx>pPage->nCell );
pCur->info.nSize = 0;
pCur->validNKey = 0;
--- /dev/null
+# 2012 January 12
+#
+# The author disclaims copyright to this source code. In place of
+# a legal notice, here is a blessing:
+#
+# May you do good and not evil.
+# May you find forgiveness for yourself and forgive others.
+# May you share freely, never taking more than you give.
+#
+#***********************************************************************
+#
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+set testprefix corruptF
+
+# Do not use a codec for tests in this file, as the database file is
+# manipulated directly using tcl scripts (using the [hexio_write] command).
+#
+do_not_use_codec
+
+proc str {i} { format %08d $i }
+
+# Create a 6 page database containing a single table - t1. Table t1
+# consists of page 2 (the root page) and pages 5 and 6 (leaf pages).
+# Database pages 3 and 4 are on the free list.
+#
+proc create_test_db {} {
+ catch { db close }
+ forcedelete test.db
+ sqlite3 db test.db
+ db func str str
+ execsql {
+ PRAGMA auto_vacuum = 0;
+ PRAGMA page_size = 1024;
+ CREATE TABLE t1(x); /* root page = 2 */
+ CREATE TABLE t2(x); /* root page = 3 */
+ CREATE TABLE t3(x); /* root page = 4 */
+
+ INSERT INTO t1 VALUES(str(1));
+ INSERT INTO t1 SELECT str(rowid+1) FROM t1;
+ INSERT INTO t1 SELECT str(rowid+2) FROM t1;
+ INSERT INTO t1 SELECT str(rowid+4) FROM t1;
+ INSERT INTO t1 SELECT str(rowid+8) FROM t1;
+ INSERT INTO t1 SELECT str(rowid+16) FROM t1;
+ INSERT INTO t1 SELECT str(rowid+32) FROM t1;
+ INSERT INTO t1 SELECT str(rowid+64) FROM t1;
+ DROP TABLE t2;
+ DROP TABLE t3;
+ }
+ db close
+}
+
+do_test 1.1 { create_test_db } {}
+
+# Check the db is as we expect. 6 pages in total, with 3 and 4 on the free
+# list. Page 3 is the free list trunk and page 4 is a leaf.
+#
+do_test 1.2 { file size test.db } [expr 6*1024]
+do_test 1.3 { hexio_read test.db 32 4 } 00000003
+do_test 1.4 { hexio_read test.db [expr 2*1024] 12 } 000000000000000100000004
+
+# Change the free-list entry to page 6 and reopen the db file.
+do_test 1.5 {
+ hexio_write test.db [expr 2*1024 + 8] 00000006
+ sqlite3 db test.db
+} {}
+
+# Now create a new table in the database file. The root of the new table
+# is page 6, which is also the right-most leaf page in table t1.
+#
+do_execsql_test 1.6 {
+ CREATE TABLE t4(x);
+ SELECT * FROM sqlite_master;
+} {
+ table t1 t1 2 {CREATE TABLE t1(x)}
+ table t4 t4 6 {CREATE TABLE t4(x)}
+}
+
+# At one point this was causing an assert to fail.
+#
+# This statement opens a cursor on table t1 and does a full table scan. As
+# each row is visited, it is copied into table t4. There is no temporary
+# table.
+#
+# When the t1 cursor reaches page 6 (which is both the right-most leaf of
+# t1 and the root of t4), it continues to iterate through the keys within
+# it (which at this point are keys that have been inserted into t4). And
+# for each row visited, another row is inserted into page 6 - it being the
+# root page of t4. Eventually, page 6 becomes full and the height of the
+# b-tree for table t4 increased. From the point of view of the t1 cursor,
+# this unexpectedly reduces the number of keys on page 6 in the middle of
+# its iteration, which causes an assert() to fail.
+#
+db_save_and_close
+if 1 {
+for {set i 0} {$i < 128} {incr i} {
+ db_restore_and_reopen
+ do_test 1.7.$i {
+ set res [
+ catchsql { INSERT INTO t4 SELECT x FROM t1 WHERE rowid>$i }
+ ]
+ if {$res == "0 {}" || $res == "1 {database disk image is malformed}"} {
+ set res ""
+ }
+ set res
+ } {}
+}
+}
+
+do_test 2.1 { create_test_db } {}
+do_test 2.2 { file size test.db } [expr 6*1024]
+do_test 2.3 { hexio_read test.db 32 4 } 00000003
+do_test 2.4 { hexio_read test.db [expr 2*1024] 12 } 000000000000000100000004
+
+# Change the free-list entry to page 5 and reopen the db file.
+do_test 2.5 {
+ hexio_write test.db [expr 2*1024 + 8] 00000005
+ sqlite3 db test.db
+} {}
+
+# Now create a new table in the database file. The root of the new table
+# is page 5, which is also the right-most leaf page in table t1.
+#
+do_execsql_test 2.6 {
+ CREATE TABLE t4(x);
+ SELECT * FROM sqlite_master;
+} {
+ table t1 t1 2 {CREATE TABLE t1(x)}
+ table t4 t4 5 {CREATE TABLE t4(x)}
+}
+
+db_save_and_close
+for {set i 127} {$i >= 0} {incr i -1} {
+ db_restore_and_reopen
+ do_test 2.7.$i {
+ set res [
+ catchsql {
+ INSERT INTO t4 SELECT x FROM t1 WHERE rowid<$i ORDER BY rowid DESC
+ }
+ ]
+ if {$res == "0 {}" || $res == "1 {database disk image is malformed}"} {
+ set res ""
+ }
+ set res
+ } {}
+}
+
+finish_test
+
projects / thirdparty / sqlite.git / commitdiff
