From: drh <drh@noemail.net>
Date: Fri, 10 Jan 2020 01:05:49 +0000 (+0000)
Subject: Fix to the register validity tracking logic in debug builds.  No impact
X-Git-Tag: version-3.31.0~42
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b2fe5a7c35a114e8d4b869968c61c7b6a9a99cb7;p=thirdparty%2Fsqlite.git

Fix to the register validity tracking logic in debug builds.  No impact
on release builds.

FossilOrigin-Name: 0a500da6aa659a8e73206e6d22ddbf2da5e4f1d1d551eeb66433163a3e13109d
---

diff --git a/manifest b/manifest
index eaa24e1e04..1c2fbe6313 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Documentation\supdates\son\snewer\sAPIs.\s\sNo\schanges\sto\scode.
-D 2020-01-10T00:00:18.770
+C Fix\sto\sthe\sregister\svalidity\stracking\slogic\sin\sdebug\sbuilds.\s\sNo\simpact\non\srelease\sbuilds.
+D 2020-01-10T01:05:49.616
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -606,7 +606,7 @@ F src/vdbe.c 35dcc7d43c2635853773d994b052061283a4e5b0e60e799cef83e410d90f3145
 F src/vdbe.h defd693289c7bb8d325f109be9490c77138061211a116827da7244b6015a4934
 F src/vdbeInt.h 30d3e8b991547cdf39025e416a0a737b0416d46747af70ae058f60e2e0466fe7
 F src/vdbeapi.c 1252d80c548711e47a6d84dae88ed4e95d3fbb4e7bd0eaa1347299af7efddf02
-F src/vdbeaux.c 3b2076c59217f964ff5fca348fa3f69c3157cbd5cafc549e9ea3252d8613c6a9
+F src/vdbeaux.c ff690e6c9314ef281de7c06f8c8c33393f0afca80aabb1fe69836dcf2d60b0bf
 F src/vdbeblob.c 253ed82894924c362a7fa3079551d3554cd1cdace39aa833da77d3bc67e7c1b1
 F src/vdbemem.c ad9e6217635f2b04df98bc57b12c98cefc9c0a1745cca47f4e8109119213253d
 F src/vdbesort.c a3be032cc3fee0e3af31773af4a7a6f931b7230a34f53282ccf1d9a2a72343be
@@ -999,7 +999,7 @@ F test/fts4rename.test 15fd9985c2bce6dea20da2245b22029ec89bd4710ed317c4c53abbe3c
 F test/fts4umlaut.test fcaca4471de7e78c9d1f7e8976e3e8704d7d8ad979d57a739d00f3f757380429
 F test/fts4unicode.test ceca76422abc251818cb25dabe33d3c3970da5f7c90e1540f190824e6b3a7c95
 F test/full.test 6b3c8fb43c6beab6b95438c1675374b95fab245d
-F test/func.test 93d692f6427bd01b39c6ddb1e2d728f5264abefdbdd56e2f95c9dc1fa7dbcb53
+F test/func.test b7f1a706d1bb8de103a24bd0c30c9e3dc3eedf0df24aabc54b0a4f6e08742622
 F test/func2.test 772d66227e4e6684b86053302e2d74a2500e1e0f
 F test/func3.test 2bb0f31ab7baaed690b962a88544d7be6b34fa389364bc36a44e441ed3e3f1e6
 F test/func4.test 6beacdfcb0e18c358e6c2dcacf1b65d1fa80955f
@@ -1856,7 +1856,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 20237d5dc4451f142b511e50a4acef4574cef17b9222c87dcebfe1ed1bab0ad9
-R 62d7e9ceb3c6bf2163d7b131b5c92b18
+P 8845a8c22a4ceabee130ce2addbe07e13b0496eeb542c89850f8658d21a48f89
+R da0f5b6fa0488473f060f2857ba231cf
 U drh
-Z 8e437f19b27b8e5454199c775779247a
+Z 7914b326b60d9184810fac64aa24751d
diff --git a/manifest.uuid b/manifest.uuid
index d68bfd43b5..1a9c6e325c 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-8845a8c22a4ceabee130ce2addbe07e13b0496eeb542c89850f8658d21a48f89
\ No newline at end of file
+0a500da6aa659a8e73206e6d22ddbf2da5e4f1d1d551eeb66433163a3e13109d
\ No newline at end of file
diff --git a/src/vdbeaux.c b/src/vdbeaux.c
index 8b01fdec60..fab8b705c8 100644
--- a/src/vdbeaux.c
+++ b/src/vdbeaux.c
@@ -1209,14 +1209,16 @@ void sqlite3VdbeReleaseRegisters(
   assert( pParse->pVdbe );
   assert( iFirst>=1 );
   assert( iFirst+N-1<=pParse->nMem );
-  while( N>0 && (mask&1)!=0 ){
-    mask >>= 1;
-    iFirst++;
-    N--;
-  }
-  while( N>0 && N<=32 && (mask & MASKBIT32(N-1))!=0 ){
-    mask &= ~MASKBIT32(N-1);
-    N--;
+  if( N<=31 && mask!=0 ){
+    while( N>0 && (mask&1)!=0 ){
+      mask >>= 1;
+      iFirst++;
+      N--;
+    }
+    while( N>0 && N<=32 && (mask & MASKBIT32(N-1))!=0 ){
+      mask &= ~MASKBIT32(N-1);
+      N--;
+    }
   }
   if( N>0 ){
     sqlite3VdbeAddOp3(pParse->pVdbe, OP_ReleaseReg, iFirst, N, *(int*)&mask);
diff --git a/test/func.test b/test/func.test
index 585ae1a14f..34a6f18bcf 100644
--- a/test/func.test
+++ b/test/func.test
@@ -1459,5 +1459,22 @@ do_execsql_test func-33.20 {
     INSERT INTO t33b(x,y) VALUES(testdirectonly(new.aaa),new.b);
   END}}
 
+# 2020-01-09 Yongheng fuzzer find
+# The bug is in the register-validity debug logic, not in the SQLite core
+# and as such it only impacts debug builds.  Release builds work fine.
+#
+reset_db
+do_execsql_test func-34.10 {
+  CREATE TABLE t1(a INT CHECK(
+     datetime( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
+              10,11,12,13,14,15,16,17,18,19,
+              20,21,22,23,24,25,26,27,28,29,
+              30,31,32,33,34,35,36,37,38,39,
+              40,41,42,43,44,45,46,47,48,a)
+   )
+  );
+  INSERT INTO t1(a) VALUES(1),(2);
+  SELECT * FROM t1;
+} {1 2}
 
 finish_test