Fix a subtle problem with short-circuit evaluation introduced by

[cea8bf79e18d55a8] and detected by the dbsqlfuzz fuzzer.  Test cases
in TH3.

FossilOrigin-Name: d71cd722c478288601c70df8cec8c242cc623d2147b30f4f68dad57c75b3ee4a

diff --git a/manifest b/manifest
index 68339e2c0f79dfc6ccb24ebdcf2b1f80fb390d51..ed055618ab0102844a8c4bdfa4574020fcf0ff3c 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Another\ssmall\sperformance\sincrease\sin\sthe\stext\sformat\sby\susing\sstrchr()\sto\nsearch\sfor\s'%'.
-D 2025-10-05T22:41:32.252
+C Fix\sa\ssubtle\sproblem\swith\sshort-circuit\sevaluation\sintroduced\sby\n[cea8bf79e18d55a8]\sand\sdetected\sby\sthe\sdbsqlfuzz\sfuzzer.\s\sTest\scases\nin\sTH3.
+D 2025-10-06T11:50:35.171
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -686,7 +686,7 @@ F src/date.c e19e0cfff9a41bfdd884c655755f6f00bca4c1a22272b56e0dd6667b7ea893a2
 F src/dbpage.c 081c59d84f187aa0eb48d98faf9578a00bde360f68438d646a86b618653d2479
 F src/dbstat.c 73362c0df0f40ad5523a6f5501224959d0976757b511299bf892313e79d14f5c
 F src/delete.c 03a77ba20e54f0f42ebd8eddf15411ed6bdb06a2c472ac4b6b336521bf7cea42
-F src/expr.c aae36a5fbd17e256caf37b03bdaf4d27fd080d83578953c746d542340b37457e
+F src/expr.c 4d63c8f6d50fe20637de8bdaf57757a0e424e4ac5e2c3313e621d64727a48a1c
 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
 F src/fkey.c 928ed2517e8732113d2b9821aa37af639688d752f4ea9ac6e0e393d713eeb76f
 F src/func.c de47a8295503aa130baae5e6d9868ecf4f7c4dbffa65d83ad1f70bdbac0ee2d6
@@ -2168,8 +2168,8 @@ F tool/version-info.c 3b36468a90faf1bbd59c65fd0eb66522d9f941eedd364fabccd7227350
 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
 F tool/warnings.sh 1ad0169b022b280bcaaf94a7fa231591be96b514230ab5c98fbf15cd7df842dd
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P a7ed85f27066b74263dbd3dfcefe5d378e524cc56cd3abac4032bc23f83b5d21
-R 5525d1f4d8f0df599d3573a4f5d0fc12
+P 59ad89ba07dd7b127f03f62a647f7328f08dbc0aa1b88b2b4529eb5b4c677775
+R 64d213a1164bb514373890e234bd865b
 U drh
-Z 299695479d4dba6d70d99e341c4e9259
+Z ddac3d70bcdd0f2d91634b5f6fc6814d
 # Remove this line to create a well-formed Fossil manifest.

diff --git a/manifest.uuid b/manifest.uuid
index ed174737590c275cdd4614a0c9272d443312d4ac..57626eb2c1465f8a2f70800e32a8aae33c9c7c91 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-59ad89ba07dd7b127f03f62a647f7328f08dbc0aa1b88b2b4529eb5b4c677775
+d71cd722c478288601c70df8cec8c242cc623d2147b30f4f68dad57c75b3ee4a

diff --git a/src/expr.c b/src/expr.c
index ad48c35f422fcee9c52a17de6c22a1a1e29e608f..a2b71c8af0bf2e2b45375e9ed414d2cc7ded9d92 100644 (file)
--- a/src/expr.c
+++ b/src/expr.c
@@ -4839,12 +4839,14 @@ static SQLITE_NOINLINE int exprCodeTargetAndOr(
   assert( op==TK_AND || op==TK_OR );
   assert( TK_AND==OP_And );            testcase( op==TK_AND );
   assert( TK_OR==OP_Or );              testcase( op==TK_OR );
+  assert( pParse->pVdbe!=0 );
+  v = pParse->pVdbe;
   pAlt = sqlite3ExprSimplifiedAndOr(pExpr);
   if( pAlt!=pExpr ){
-    return sqlite3ExprCodeTarget(pParse, pAlt, target);
+    r1 = sqlite3ExprCodeTarget(pParse, pAlt, target);
+    sqlite3VdbeAddOp3(v, OP_BitAnd, r1, r1, target);
+    return target;
   }
-  assert( pParse->pVdbe!=0 );
-  v = pParse->pVdbe;
   skipOp = op==TK_AND ? OP_IfNot : OP_If;
   if( exprEvalRhsFirst(pExpr) ){
     /* Compute the right operand first.  Skip the computation of the left