Restore a NEVER and an assert in btree that was removed by

check-in [7b62555e285f32d3].  Dbsqlfuzz found test cases.

FossilOrigin-Name: 04a05c83f58784df438dc6614f7920f782bf7c1ed4f6d101c03b6573cfde06ee

diff --git a/manifest b/manifest
index 1e35dea297c8f298333672ce0fbfc2e8adf65960..c656a7f9ae1a7be1e3a560f74e9d1f97469303b8 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C In\sfts3,\savoid\smaking\sa\svery\slarge\smemory\sallocation\sif\sthe\smerge-hint\srecord\sis\scorrupt.
-D 2020-01-03T20:16:32.201
+C Restore\sa\sNEVER\sand\san\sassert\sin\sbtree\sthat\swas\sremoved\sby\ncheck-in\s[7b62555e285f32d3].\s\sDbsqlfuzz\sfound\stest\scases.
+D 2020-01-04T12:34:44.449
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -469,7 +469,7 @@ F src/auth.c a3d5bfdba83d25abed1013a8c7a5f204e2e29b0c25242a56bc02bb0c07bf1e06
 F src/backup.c f70077d40c08b7787bfe934e4d1da8030cb0cc57d46b345fba2294b7d1be23ab
 F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33
 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
-F src/btree.c df0ec5541fa5662a90082faea44322c5143db61f2e806375f4e3f5ab35d6cc41
+F src/btree.c 71f8faded1395642655c7687425deffa2ab400ffb7ebcf49c70a0f2b2c98932d
 F src/btree.h 6111552f19ed7a40f029cf4b33badc6fef9880314fffd80a945f0b7f43ab7471
 F src/btreeInt.h 6794084fad08c9750b45145743c0e3e5c27c94dee89f26dd8df7073314934fd2
 F src/build.c 67b1a8d3ac700747687dbdc49ded847a3c17fef450a8c919ac0399b44cbd4215
@@ -1018,7 +1018,7 @@ F test/fuzzdata4.db b502c7d5498261715812dd8b3c2005bad08b3a26e6489414bd13926cd3e4
 F test/fuzzdata5.db e35f64af17ec48926481cfaf3b3855e436bd40d1cfe2d59a9474cb4b748a52a5
 F test/fuzzdata6.db 92a80e4afc172c24f662a10a612d188fb272de4a9bd19e017927c95f737de6d7
 F test/fuzzdata7.db e7a86fd83dda151d160445d542e32e5c6019c541b3a74c2a525b6ac640639711
-F test/fuzzdata8.db d702762f8bf21456a6b69d15dde3e3023733da01ed6f1c06fe50d0b2d161199f
+F test/fuzzdata8.db 8188c0a807df955c737e41664d612c092e090c2dc5cc019752aec11170aee281
 F test/fuzzer1.test 3d4c4b7e547aba5e5511a2991e3e3d07166cfbb8
 F test/fuzzer2.test a85ef814ce071293bce1ad8dffa217cbbaad4c14
 F test/fuzzerfault.test 8792cd77fd5bce765b05d0c8e01b9edcf8af8536
@@ -1853,7 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 7b62555e285f32d354df7746ef8dce16856c6d9d53a02d895b74ba02362d2968
-R 7f27ee6576dc13efabadbee4643d1518
-U dan
-Z 162e3132aa65eb8605e2f1b28bf07203
+P 9add58fe9688d5c1f675736e7f1c6ff7831d2ff6fdeb884a2e62c1bf9536ee50
+R 5059995eb8450169ff521185199eecaf
+U drh
+Z 753930b3a0ffb956484eb640a3d66d6e

diff --git a/manifest.uuid b/manifest.uuid
index 778ba3f4cecf47ef9470830419932a1e867a60ee..f6957d3d029ce04d897b77cbea086b3572de2aa9 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-9add58fe9688d5c1f675736e7f1c6ff7831d2ff6fdeb884a2e62c1bf9536ee50
\ No newline at end of file
+04a05c83f58784df438dc6614f7920f782bf7c1ed4f6d101c03b6573cfde06ee
\ No newline at end of file

diff --git a/src/btree.c b/src/btree.c
index 67b91c5962f77798dc424a6e7958bd6784e17012..3774ad1dcdbfde0021e0e48809453c8d7f67c52a 100644 (file)
--- a/src/btree.c
+++ b/src/btree.c
@@ -6962,9 +6962,10 @@ static int rebuildPage(
     pData -= sz;
     put2byte(pCellptr, (pData - aData));
     pCellptr += 2;
-    if( NEVER(pData < pCellptr) ) return SQLITE_CORRUPT_BKPT;
+    if( pData < pCellptr ) return SQLITE_CORRUPT_BKPT;
     memcpy(pData, pCell, sz);
-    assert( sz==pPg->xCellSize(pPg, pCell) );
+    assert( sz==pPg->xCellSize(pPg, pCell) || CORRUPT_DB );
+    testcase( sz!=pPg->xCellSize(pPg,pCell) )
     i++;
     if( i>=iEnd ) break;
     if( pCArray->ixNx[k]<=i ){

diff --git a/test/fuzzdata8.db b/test/fuzzdata8.db
index 05f07ad4bb424cd0629552f0530cf1a2855acffc..0e04478e0bbf983508302d3bacecbeb83505bae9 100644 (file)
Binary files a/test/fuzzdata8.db and b/test/fuzzdata8.db differ