In sqlite3BtreeInsert() when replacing a re-existing row, try to overwrite

the cell directly rather than deallocate and reallocate the cell. FossilOrigin-Name: 0b86fbca6615ccf1f3a62614db577a8acbec6d9e
2016-12-09 17:32:51 +00:00 · 2016-12-09 17:32:51 +00:00 · 80159da6c6
commit 80159da6c6
parent 55092c1504
3 changed files with 28 additions and 25 deletions
--- a/14
+++ b/14
@ -1,5 +1,5 @@
-C Fix\san\sfts5\sbug\sthat\scould\scause\sa\scrash\sfollowing\san\sOOM\serror\sor\nsqlite3_interrupt()\sinterrupt.
-D 2016-12-09T16:12:04.593
+C In\ssqlite3BtreeInsert()\swhen\sreplacing\sa\sre-existing\srow,\stry\sto\soverwrite\nthe\scell\sdirectly\srather\sthan\sdeallocate\sand\sreallocate\sthe\scell.
+D 2016-12-09T17:32:51.304
 F Makefile.in 7639c6a09da11a9c7c6f2630fc981ee588d1072d
 F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434
 F Makefile.msc b8ca53350ae545e3562403d5da2a69cec79308da
@ -331,7 +331,7 @@ F src/auth.c 930b376a9c56998557367e6f7f8aaeac82a2a792
 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b
 F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33
 F src/btmutex.c bc87dd3b062cc26edfe79918de2200ccb8d41e73
-F src/btree.c c73d77875c83407a0048f5e29d1251536e9f009d
+F src/btree.c 71f31086e48b0802990e95dbc30b65486f8c102d
 F src/btree.h 2349a588abcd7e0c04f984e15c5c777b61637583
 F src/btreeInt.h 10c4b77c2fb399580babbcc7cf652ac10dba796e
 F src/build.c 178f16698cbcb43402c343a9413fe22c99ffee21
@ -1536,7 +1536,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 01ada3d1068476f90dcae02cb089001ea4bcc23d
-R 6c11217a616aa1a10db37b68e7e9ff3a
-U dan
-Z 2ed0e00b28721a896fc3a4cd535080e8
+P 0ea3ece988883874bb88e3daaa220d7fc0cf36ef
+R 6946276392a9f20f9596069270e1a062
+U drh
+Z ec93e08c56ba9575d48dea94960936a0
--- a/manifest.uuid
+++ b/manifest.uuid
@ -1 +1 @@
-0ea3ece988883874bb88e3daaa220d7fc0cf36ef
+0b86fbca6615ccf1f3a62614db577a8acbec6d9e
--- a/src/btree.c
+++ b/src/btree.c
@ -5996,30 +5996,28 @@ static void freePage(MemPage *pPage, int *pRC){
 static int clearCell(
  MemPage *pPage,          /* The page that contains the Cell */
  unsigned char *pCell,    /* First byte of the Cell */
-  u16 *pnSize              /* Write the size of the Cell here */
+  CellInfo *pInfo          /* Size information about the cell */
 ){
  BtShared *pBt = pPage->pBt;
-  CellInfo info;
  Pgno ovflPgno;
  int rc;
  int nOvfl;
  u32 ovflPageSize;

  assert( sqlite3_mutex_held(pPage->pBt->mutex) );
-  pPage->xParseCell(pPage, pCell, &info);
-  *pnSize = info.nSize;
-  if( info.nLocal==info.nPayload ){
+  pPage->xParseCell(pPage, pCell, pInfo);
+  if( pInfo->nLocal==pInfo->nPayload ){
    return SQLITE_OK;  /* No overflow pages. Return without doing anything */
  }
-  if( pCell+info.nSize-1 > pPage->aData+pPage->maskPage ){
+  if( pCell+pInfo->nSize-1 > pPage->aData+pPage->maskPage ){
    return SQLITE_CORRUPT_BKPT;  /* Cell extends past end of page */
  }
-  ovflPgno = get4byte(pCell + info.nSize - 4);
+  ovflPgno = get4byte(pCell + pInfo->nSize - 4);
  assert( pBt->usableSize > 4 );
  ovflPageSize = pBt->usableSize - 4;
-  nOvfl = (info.nPayload - info.nLocal + ovflPageSize - 1)/ovflPageSize;
+  nOvfl = (pInfo->nPayload - pInfo->nLocal + ovflPageSize - 1)/ovflPageSize;
  assert( nOvfl>0 || 
-    (CORRUPT_DB && (info.nPayload + ovflPageSize)<ovflPageSize)
+    (CORRUPT_DB && (pInfo->nPayload + ovflPageSize)<ovflPageSize)
  );
  while( nOvfl-- ){
    Pgno iNext = 0;
@ -8052,7 +8050,7 @@ int sqlite3BtreeInsert(
  assert( szNew <= MX_CELL_SIZE(pBt) );
  idx = pCur->aiIdx[pCur->iPage];
  if( loc==0 ){
-    u16 szOld;
+    CellInfo info;
    assert( idx<pPage->nCell );
    rc = sqlite3PagerWrite(pPage->pDbPage);
    if( rc ){
@ -8062,8 +8060,13 @@ int sqlite3BtreeInsert(
    if( !pPage->leaf ){
      memcpy(newCell, oldCell, 4);
    }
-    rc = clearCell(pPage, oldCell, &szOld);
-    dropCell(pPage, idx, szOld, &rc);
+    rc = clearCell(pPage, oldCell, &info);
+    if( info.nSize==szNew && info.nLocal==info.nPayload ){
+      /* Overwrite the old cell with the new */
+      memcpy(oldCell, newCell, szNew);
+      return SQLITE_OK;
+    }
+    dropCell(pPage, idx, info.nSize, &rc);
    if( rc ) goto end_insert;
  }else if( loc<0 && pPage->nCell>0 ){
    assert( pPage->leaf );
@ -8139,7 +8142,7 @@ int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
  unsigned char *pCell;                /* Pointer to cell to delete */
  int iCellIdx;                        /* Index of cell to delete */
  int iCellDepth;                      /* Depth of node containing pCell */ 
-  u16 szCell;                          /* Size of the cell being deleted */
+  CellInfo info;                       /* Size of the cell being deleted */
  int bSkipnext = 0;                   /* Leaf cursor in SKIPNEXT state */
  u8 bPreserve = flags & BTREE_SAVEPOSITION;  /* Keep cursor valid */

@ -8211,8 +8214,8 @@ int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
  ** itself from within the page.  */
  rc = sqlite3PagerWrite(pPage->pDbPage);
  if( rc ) return rc;
-  rc = clearCell(pPage, pCell, &szCell);
-  dropCell(pPage, iCellIdx, szCell, &rc);
+  rc = clearCell(pPage, pCell, &info);
+  dropCell(pPage, iCellIdx, info.nSize, &rc);
  if( rc ) return rc;

  /* If the cell deleted was not located on a leaf page, then the cursor
@ -8462,7 +8465,7 @@ static int clearDatabasePage(
  unsigned char *pCell;
  int i;
  int hdr;
-  u16 szCell;
+  CellInfo info;

  assert( sqlite3_mutex_held(pBt->mutex) );
  if( pgno>btreePagecount(pBt) ){
@ -8482,7 +8485,7 @@ static int clearDatabasePage(
      rc = clearDatabasePage(pBt, get4byte(pCell), 1, pnChange);
      if( rc ) goto cleardatabasepage_out;
    }
-    rc = clearCell(pPage, pCell, &szCell);
+    rc = clearCell(pPage, pCell, &info);
    if( rc ) goto cleardatabasepage_out;
  }
  if( !pPage->leaf ){