Fix a post-OOM crash in updateRangeAffinityStr(). Add several ALWAYS()

macros on unreachable branches.

FossilOrigin-Name: 87d40195ae5cc2abd9bae45073a615db81263285

4 files changed, 18 insertions, 13 deletions

diff --git a/manifest b/manifest
index cb2c5f28b..59c570e2f 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sa\sproblem\swith\saffinity\schanges\sand\svector\srange\scomparisons.
-D 2016-08-26T17:54:46.350
+C Fix\sa\spost-OOM\scrash\sin\supdateRangeAffinityStr().\s\sAdd\sseveral\sALWAYS()\nmacros\son\sunreachable\sbranches.
+D 2016-08-26T18:17:08.713
 F Makefile.in cfd8fb987cd7a6af046daa87daa146d5aad0e088
 F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434
 F Makefile.msc 5017381e4853b1472e01d5bb926be1268eba429c
@@ -465,9 +465,9 @@ F src/vxworks.h d2988f4e5a61a4dfe82c6524dd3d6e4f2ce3cdb9
 F src/wal.c 02eeecc265f6ffd0597378f5d8ae9070b62a406a
 F src/wal.h 6dd221ed384afdc204bc61e25c23ef7fd5a511f2
 F src/walker.c 2d2cc7fb0f320f7f415215d7247f3c584141ac09
-F src/where.c bad93f9bc5e62c38d2e0d2f572dd01d359c8d4cb
+F src/where.c 48d705e5196a0611a7be90698eade455ee238536
 F src/whereInt.h 14dd243e13b81cbb0a66063d38b70f93a7d6e613
-F src/wherecode.c 71de4d2d36fa3afe6160e98334f1a717c226ee86
+F src/wherecode.c ee7b5353ff5f63548c206e3ecb4423ff0857d766
 F src/whereexpr.c 7f9ada866d48d15d09754ae819c1c40efe3b2aff
 F test/8_3_names.test ebbb5cd36741350040fd28b432ceadf495be25b2
 F test/affinity2.test a6d901b436328bd67a79b41bb0ac2663918fe3bd
@@ -1521,7 +1521,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P b0cc6be4eb81f21b11796e1f14d4412bf21dea6e
-R 0bd9bba299be3b1c19235baf0c5a546b
-U dan
-Z 7b1a4a5a11db26063e955544de8c89fc
+P b34413ac7e34369b4420e57b0132249dca68a7b0
+R e94f28a1c30d92b873747a9f1cb33b94
+U drh
+Z a3a8a387b6b2455df60af55b1e2df964
diff --git a/manifest.uuid b/manifest.uuid
index ab39b9341..1ac92a55f 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-b34413ac7e34369b4420e57b0132249dca68a7b0
\ No newline at end of file
+87d40195ae5cc2abd9bae45073a615db81263285
\ No newline at end of file
diff --git a/src/where.c b/src/where.c
index 5c004ca0c..f60d5be6d 100644
--- a/src/where.c
+++ b/src/where.c
@@ -2260,6 +2260,7 @@ int whereRangeVectorLen(
       break;
     }
 
+    testcase( pLhs->iColumn==XN_ROWID );
     aff = sqlite3CompareAffinity(pRhs, sqlite3ExprAffinity(pLhs));
     idxaff = sqlite3TableColumnAffinity(pIdx->pTable, pLhs->iColumn);
     if( aff!=idxaff ) break;
diff --git a/src/wherecode.c b/src/wherecode.c
index 34894fe1b..16ffb89db 100644
--- a/src/wherecode.c
+++ b/src/wherecode.c
@@ -294,7 +294,7 @@ void sqlite3WhereAddScanStatus(
 */
 static void disableTerm(WhereLevel *pLevel, WhereTerm *pTerm){
   int nLoop = 0;
-  while( pTerm
+  while( ALWAYS(pTerm!=0)
       && (pTerm->wtFlags & TERM_CODED)==0
       && (pLevel->iLeftJoin==0 || ExprHasProperty(pTerm->pExpr, EP_FromJoin))
       && (pLevel->notReady & pTerm->prereqAll)==0
@@ -435,7 +435,7 @@ static int codeEqualityTerm(
       }
     }
     for(i=iEq;i<pLoop->nLTerm; i++){
-      if( pLoop->aLTerm[i] && pLoop->aLTerm[i]->pExpr==pX ) nEq++;
+      if( ALWAYS(pLoop->aLTerm[i]) && pLoop->aLTerm[i]->pExpr==pX ) nEq++;
     }
 
     if( nEq>1 ){
@@ -1518,8 +1518,12 @@ Bitmask sqlite3WhereCodeOneLoopStart(
         sqlite3VdbeAddOp2(v, OP_IsNull, regBase+nEq, addrNxt);
         VdbeCoverage(v);
       }
-      updateRangeAffinityStr(pParse, pRight, nTop, zEndAff);
-      codeApplyAffinity(pParse, regBase+nEq, nTop, zEndAff);
+      if( zEndAff ){
+        updateRangeAffinityStr(pParse, pRight, nTop, zEndAff);
+        codeApplyAffinity(pParse, regBase+nEq, nTop, zEndAff);
+      }else{
+        assert( pParse->db->mallocFailed );
+      }
       nConstraint += nTop;
       testcase( pRangeEnd->wtFlags & TERM_VIRTUAL );