000001  /*
000002  ** 2004 May 26
000003  **
000004  ** The author disclaims copyright to this source code.  In place of
000005  ** a legal notice, here is a blessing:
000006  **
000007  **    May you do good and not evil.
000008  **    May you find forgiveness for yourself and forgive others.
000009  **    May you share freely, never taking more than you give.
000010  **
000011  *************************************************************************
000012  **
000013  ** This file contains code use to manipulate "Mem" structure.  A "Mem"
000014  ** stores a single value in the VDBE.  Mem is an opaque structure visible
000015  ** only within the VDBE.  Interface routines refer to a Mem using the
000016  ** name sqlite_value
000017  */
000018  #include "sqliteInt.h"
000019  #include "vdbeInt.h"
000020  
000021  #ifdef SQLITE_DEBUG
000022  /*
000023  ** Check invariants on a Mem object.
000024  **
000025  ** This routine is intended for use inside of assert() statements, like
000026  ** this:    assert( sqlite3VdbeCheckMemInvariants(pMem) );
000027  */
000028  int sqlite3VdbeCheckMemInvariants(Mem *p){
000029    /* If MEM_Dyn is set then Mem.xDel!=0.  
000030    ** Mem.xDel might not be initialized if MEM_Dyn is clear.
000031    */
000032    assert( (p->flags & MEM_Dyn)==0 || p->xDel!=0 );
000033  
000034    /* MEM_Dyn may only be set if Mem.szMalloc==0.  In this way we
000035    ** ensure that if Mem.szMalloc>0 then it is safe to do
000036    ** Mem.z = Mem.zMalloc without having to check Mem.flags&MEM_Dyn.
000037    ** That saves a few cycles in inner loops. */
000038    assert( (p->flags & MEM_Dyn)==0 || p->szMalloc==0 );
000039  
000040    /* Cannot be both MEM_Int and MEM_Real at the same time */
000041    assert( (p->flags & (MEM_Int|MEM_Real))!=(MEM_Int|MEM_Real) );
000042  
000043    if( p->flags & MEM_Null ){
000044      /* Cannot be both MEM_Null and some other type */
000045      assert( (p->flags & (MEM_Int|MEM_Real|MEM_Str|MEM_Blob|MEM_Agg))==0 );
000046  
000047      /* If MEM_Null is set, then either the value is a pure NULL (the usual
000048      ** case) or it is a pointer set using sqlite3_bind_pointer() or
000049      ** sqlite3_result_pointer().  If a pointer, then MEM_Term must also be
000050      ** set.
000051      */
000052      if( (p->flags & (MEM_Term|MEM_Subtype))==(MEM_Term|MEM_Subtype) ){
000053        /* This is a pointer type.  There may be a flag to indicate what to
000054        ** do with the pointer. */
000055        assert( ((p->flags&MEM_Dyn)!=0 ? 1 : 0) +
000056                ((p->flags&MEM_Ephem)!=0 ? 1 : 0) +
000057                ((p->flags&MEM_Static)!=0 ? 1 : 0) <= 1 );
000058  
000059        /* No other bits set */
000060        assert( (p->flags & ~(MEM_Null|MEM_Term|MEM_Subtype
000061                             |MEM_Dyn|MEM_Ephem|MEM_Static))==0 );
000062      }else{
000063        /* A pure NULL might have other flags, such as MEM_Static, MEM_Dyn,
000064        ** MEM_Ephem, MEM_Cleared, or MEM_Subtype */
000065      }
000066    }else{
000067      /* The MEM_Cleared bit is only allowed on NULLs */
000068      assert( (p->flags & MEM_Cleared)==0 );
000069    }
000070  
000071    /* The szMalloc field holds the correct memory allocation size */
000072    assert( p->szMalloc==0
000073         || p->szMalloc==sqlite3DbMallocSize(p->db,p->zMalloc) );
000074  
000075    /* If p holds a string or blob, the Mem.z must point to exactly
000076    ** one of the following:
000077    **
000078    **   (1) Memory in Mem.zMalloc and managed by the Mem object
000079    **   (2) Memory to be freed using Mem.xDel
000080    **   (3) An ephemeral string or blob
000081    **   (4) A static string or blob
000082    */
000083    if( (p->flags & (MEM_Str|MEM_Blob)) && p->n>0 ){
000084      assert( 
000085        ((p->szMalloc>0 && p->z==p->zMalloc)? 1 : 0) +
000086        ((p->flags&MEM_Dyn)!=0 ? 1 : 0) +
000087        ((p->flags&MEM_Ephem)!=0 ? 1 : 0) +
000088        ((p->flags&MEM_Static)!=0 ? 1 : 0) == 1
000089      );
000090    }
000091    return 1;
000092  }
000093  #endif
000094  
000095  #ifdef SQLITE_DEBUG
000096  /*
000097  ** Check that string value of pMem agrees with its integer or real value.
000098  **
000099  ** A single int or real value always converts to the same strings.  But
000100  ** many different strings can be converted into the same int or real.
000101  ** If a table contains a numeric value and an index is based on the
000102  ** corresponding string value, then it is important that the string be
000103  ** derived from the numeric value, not the other way around, to ensure
000104  ** that the index and table are consistent.  See ticket
000105  ** https://www.sqlite.org/src/info/343634942dd54ab (2018-01-31) for
000106  ** an example.
000107  **
000108  ** This routine looks at pMem to verify that if it has both a numeric
000109  ** representation and a string representation then the string rep has
000110  ** been derived from the numeric and not the other way around.  It returns
000111  ** true if everything is ok and false if there is a problem.
000112  **
000113  ** This routine is for use inside of assert() statements only.
000114  */
000115  int sqlite3VdbeMemConsistentDualRep(Mem *p){
000116    char zBuf[100];
000117    char *z;
000118    int i, j, incr;
000119    if( (p->flags & MEM_Str)==0 ) return 1;
000120    if( (p->flags & (MEM_Int|MEM_Real))==0 ) return 1;
000121    if( p->flags & MEM_Int ){
000122      sqlite3_snprintf(sizeof(zBuf),zBuf,"%lld",p->u.i);
000123    }else{
000124      sqlite3_snprintf(sizeof(zBuf),zBuf,"%!.15g",p->u.r);
000125    }
000126    z = p->z;
000127    i = j = 0;
000128    incr = 1;
000129    if( p->enc!=SQLITE_UTF8 ){
000130      incr = 2;
000131      if( p->enc==SQLITE_UTF16BE ) z++;
000132    }
000133    while( zBuf[j] ){
000134      if( zBuf[j++]!=z[i] ) return 0;
000135      i += incr;
000136    }
000137    return 1;
000138  }
000139  #endif /* SQLITE_DEBUG */
000140  
000141  /*
000142  ** If pMem is an object with a valid string representation, this routine
000143  ** ensures the internal encoding for the string representation is
000144  ** 'desiredEnc', one of SQLITE_UTF8, SQLITE_UTF16LE or SQLITE_UTF16BE.
000145  **
000146  ** If pMem is not a string object, or the encoding of the string
000147  ** representation is already stored using the requested encoding, then this
000148  ** routine is a no-op.
000149  **
000150  ** SQLITE_OK is returned if the conversion is successful (or not required).
000151  ** SQLITE_NOMEM may be returned if a malloc() fails during conversion
000152  ** between formats.
000153  */
000154  int sqlite3VdbeChangeEncoding(Mem *pMem, int desiredEnc){
000155  #ifndef SQLITE_OMIT_UTF16
000156    int rc;
000157  #endif
000158    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000159    assert( desiredEnc==SQLITE_UTF8 || desiredEnc==SQLITE_UTF16LE
000160             || desiredEnc==SQLITE_UTF16BE );
000161    if( !(pMem->flags&MEM_Str) || pMem->enc==desiredEnc ){
000162      return SQLITE_OK;
000163    }
000164    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000165  #ifdef SQLITE_OMIT_UTF16
000166    return SQLITE_ERROR;
000167  #else
000168  
000169    /* MemTranslate() may return SQLITE_OK or SQLITE_NOMEM. If NOMEM is returned,
000170    ** then the encoding of the value may not have changed.
000171    */
000172    rc = sqlite3VdbeMemTranslate(pMem, (u8)desiredEnc);
000173    assert(rc==SQLITE_OK    || rc==SQLITE_NOMEM);
000174    assert(rc==SQLITE_OK    || pMem->enc!=desiredEnc);
000175    assert(rc==SQLITE_NOMEM || pMem->enc==desiredEnc);
000176    return rc;
000177  #endif
000178  }
000179  
000180  /*
000181  ** Make sure pMem->z points to a writable allocation of at least 
000182  ** min(n,32) bytes.
000183  **
000184  ** If the bPreserve argument is true, then copy of the content of
000185  ** pMem->z into the new allocation.  pMem must be either a string or
000186  ** blob if bPreserve is true.  If bPreserve is false, any prior content
000187  ** in pMem->z is discarded.
000188  */
000189  SQLITE_NOINLINE int sqlite3VdbeMemGrow(Mem *pMem, int n, int bPreserve){
000190    assert( sqlite3VdbeCheckMemInvariants(pMem) );
000191    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000192    testcase( pMem->db==0 );
000193  
000194    /* If the bPreserve flag is set to true, then the memory cell must already
000195    ** contain a valid string or blob value.  */
000196    assert( bPreserve==0 || pMem->flags&(MEM_Blob|MEM_Str) );
000197    testcase( bPreserve && pMem->z==0 );
000198  
000199    assert( pMem->szMalloc==0
000200         || pMem->szMalloc==sqlite3DbMallocSize(pMem->db, pMem->zMalloc) );
000201    if( n<32 ) n = 32;
000202    if( pMem->szMalloc>0 && bPreserve && pMem->z==pMem->zMalloc ){
000203      pMem->z = pMem->zMalloc = sqlite3DbReallocOrFree(pMem->db, pMem->z, n);
000204      bPreserve = 0;
000205    }else{
000206      if( pMem->szMalloc>0 ) sqlite3DbFreeNN(pMem->db, pMem->zMalloc);
000207      pMem->zMalloc = sqlite3DbMallocRaw(pMem->db, n);
000208    }
000209    if( pMem->zMalloc==0 ){
000210      sqlite3VdbeMemSetNull(pMem);
000211      pMem->z = 0;
000212      pMem->szMalloc = 0;
000213      return SQLITE_NOMEM_BKPT;
000214    }else{
000215      pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->zMalloc);
000216    }
000217  
000218    if( bPreserve && pMem->z ){
000219      assert( pMem->z!=pMem->zMalloc );
000220      memcpy(pMem->zMalloc, pMem->z, pMem->n);
000221    }
000222    if( (pMem->flags&MEM_Dyn)!=0 ){
000223      assert( pMem->xDel!=0 && pMem->xDel!=SQLITE_DYNAMIC );
000224      pMem->xDel((void *)(pMem->z));
000225    }
000226  
000227    pMem->z = pMem->zMalloc;
000228    pMem->flags &= ~(MEM_Dyn|MEM_Ephem|MEM_Static);
000229    return SQLITE_OK;
000230  }
000231  
000232  /*
000233  ** Change the pMem->zMalloc allocation to be at least szNew bytes.
000234  ** If pMem->zMalloc already meets or exceeds the requested size, this
000235  ** routine is a no-op.
000236  **
000237  ** Any prior string or blob content in the pMem object may be discarded.
000238  ** The pMem->xDel destructor is called, if it exists.  Though MEM_Str
000239  ** and MEM_Blob values may be discarded, MEM_Int, MEM_Real, and MEM_Null
000240  ** values are preserved.
000241  **
000242  ** Return SQLITE_OK on success or an error code (probably SQLITE_NOMEM)
000243  ** if unable to complete the resizing.
000244  */
000245  int sqlite3VdbeMemClearAndResize(Mem *pMem, int szNew){
000246    assert( CORRUPT_DB || szNew>0 );
000247    assert( (pMem->flags & MEM_Dyn)==0 || pMem->szMalloc==0 );
000248    if( pMem->szMalloc<szNew ){
000249      return sqlite3VdbeMemGrow(pMem, szNew, 0);
000250    }
000251    assert( (pMem->flags & MEM_Dyn)==0 );
000252    pMem->z = pMem->zMalloc;
000253    pMem->flags &= (MEM_Null|MEM_Int|MEM_Real);
000254    return SQLITE_OK;
000255  }
000256  
000257  /*
000258  ** It is already known that pMem contains an unterminated string.
000259  ** Add the zero terminator.
000260  */
000261  static SQLITE_NOINLINE int vdbeMemAddTerminator(Mem *pMem){
000262    if( sqlite3VdbeMemGrow(pMem, pMem->n+2, 1) ){
000263      return SQLITE_NOMEM_BKPT;
000264    }
000265    pMem->z[pMem->n] = 0;
000266    pMem->z[pMem->n+1] = 0;
000267    pMem->flags |= MEM_Term;
000268    return SQLITE_OK;
000269  }
000270  
000271  /*
000272  ** Change pMem so that its MEM_Str or MEM_Blob value is stored in
000273  ** MEM.zMalloc, where it can be safely written.
000274  **
000275  ** Return SQLITE_OK on success or SQLITE_NOMEM if malloc fails.
000276  */
000277  int sqlite3VdbeMemMakeWriteable(Mem *pMem){
000278    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000279    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000280    if( (pMem->flags & (MEM_Str|MEM_Blob))!=0 ){
000281      if( ExpandBlob(pMem) ) return SQLITE_NOMEM;
000282      if( pMem->szMalloc==0 || pMem->z!=pMem->zMalloc ){
000283        int rc = vdbeMemAddTerminator(pMem);
000284        if( rc ) return rc;
000285      }
000286    }
000287    pMem->flags &= ~MEM_Ephem;
000288  #ifdef SQLITE_DEBUG
000289    pMem->pScopyFrom = 0;
000290  #endif
000291  
000292    return SQLITE_OK;
000293  }
000294  
000295  /*
000296  ** If the given Mem* has a zero-filled tail, turn it into an ordinary
000297  ** blob stored in dynamically allocated space.
000298  */
000299  #ifndef SQLITE_OMIT_INCRBLOB
000300  int sqlite3VdbeMemExpandBlob(Mem *pMem){
000301    int nByte;
000302    assert( pMem->flags & MEM_Zero );
000303    assert( pMem->flags&MEM_Blob );
000304    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000305    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000306  
000307    /* Set nByte to the number of bytes required to store the expanded blob. */
000308    nByte = pMem->n + pMem->u.nZero;
000309    if( nByte<=0 ){
000310      nByte = 1;
000311    }
000312    if( sqlite3VdbeMemGrow(pMem, nByte, 1) ){
000313      return SQLITE_NOMEM_BKPT;
000314    }
000315  
000316    memset(&pMem->z[pMem->n], 0, pMem->u.nZero);
000317    pMem->n += pMem->u.nZero;
000318    pMem->flags &= ~(MEM_Zero|MEM_Term);
000319    return SQLITE_OK;
000320  }
000321  #endif
000322  
000323  /*
000324  ** Make sure the given Mem is \u0000 terminated.
000325  */
000326  int sqlite3VdbeMemNulTerminate(Mem *pMem){
000327    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000328    testcase( (pMem->flags & (MEM_Term|MEM_Str))==(MEM_Term|MEM_Str) );
000329    testcase( (pMem->flags & (MEM_Term|MEM_Str))==0 );
000330    if( (pMem->flags & (MEM_Term|MEM_Str))!=MEM_Str ){
000331      return SQLITE_OK;   /* Nothing to do */
000332    }else{
000333      return vdbeMemAddTerminator(pMem);
000334    }
000335  }
000336  
000337  /*
000338  ** Add MEM_Str to the set of representations for the given Mem.  Numbers
000339  ** are converted using sqlite3_snprintf().  Converting a BLOB to a string
000340  ** is a no-op.
000341  **
000342  ** Existing representations MEM_Int and MEM_Real are invalidated if
000343  ** bForce is true but are retained if bForce is false.
000344  **
000345  ** A MEM_Null value will never be passed to this function. This function is
000346  ** used for converting values to text for returning to the user (i.e. via
000347  ** sqlite3_value_text()), or for ensuring that values to be used as btree
000348  ** keys are strings. In the former case a NULL pointer is returned the
000349  ** user and the latter is an internal programming error.
000350  */
000351  int sqlite3VdbeMemStringify(Mem *pMem, u8 enc, u8 bForce){
000352    int fg = pMem->flags;
000353    const int nByte = 32;
000354  
000355    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000356    assert( !(fg&MEM_Zero) );
000357    assert( !(fg&(MEM_Str|MEM_Blob)) );
000358    assert( fg&(MEM_Int|MEM_Real) );
000359    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000360    assert( EIGHT_BYTE_ALIGNMENT(pMem) );
000361  
000362  
000363    if( sqlite3VdbeMemClearAndResize(pMem, nByte) ){
000364      pMem->enc = 0;
000365      return SQLITE_NOMEM_BKPT;
000366    }
000367  
000368    /* For a Real or Integer, use sqlite3_snprintf() to produce the UTF-8
000369    ** string representation of the value. Then, if the required encoding
000370    ** is UTF-16le or UTF-16be do a translation.
000371    ** 
000372    ** FIX ME: It would be better if sqlite3_snprintf() could do UTF-16.
000373    */
000374    if( fg & MEM_Int ){
000375      sqlite3_snprintf(nByte, pMem->z, "%lld", pMem->u.i);
000376    }else{
000377      assert( fg & MEM_Real );
000378      sqlite3_snprintf(nByte, pMem->z, "%!.15g", pMem->u.r);
000379    }
000380    assert( pMem->z!=0 );
000381    pMem->n = sqlite3Strlen30NN(pMem->z);
000382    pMem->enc = SQLITE_UTF8;
000383    pMem->flags |= MEM_Str|MEM_Term;
000384    if( bForce ) pMem->flags &= ~(MEM_Int|MEM_Real);
000385    sqlite3VdbeChangeEncoding(pMem, enc);
000386    return SQLITE_OK;
000387  }
000388  
000389  /*
000390  ** Memory cell pMem contains the context of an aggregate function.
000391  ** This routine calls the finalize method for that function.  The
000392  ** result of the aggregate is stored back into pMem.
000393  **
000394  ** Return SQLITE_ERROR if the finalizer reports an error.  SQLITE_OK
000395  ** otherwise.
000396  */
000397  int sqlite3VdbeMemFinalize(Mem *pMem, FuncDef *pFunc){
000398    sqlite3_context ctx;
000399    Mem t;
000400    assert( pFunc!=0 );
000401    assert( pFunc->xFinalize!=0 );
000402    assert( (pMem->flags & MEM_Null)!=0 || pFunc==pMem->u.pDef );
000403    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000404    memset(&ctx, 0, sizeof(ctx));
000405    memset(&t, 0, sizeof(t));
000406    t.flags = MEM_Null;
000407    t.db = pMem->db;
000408    ctx.pOut = &t;
000409    ctx.pMem = pMem;
000410    ctx.pFunc = pFunc;
000411    pFunc->xFinalize(&ctx); /* IMP: R-24505-23230 */
000412    assert( (pMem->flags & MEM_Dyn)==0 );
000413    if( pMem->szMalloc>0 ) sqlite3DbFreeNN(pMem->db, pMem->zMalloc);
000414    memcpy(pMem, &t, sizeof(t));
000415    return ctx.isError;
000416  }
000417  
000418  /*
000419  ** Memory cell pAccum contains the context of an aggregate function.
000420  ** This routine calls the xValue method for that function and stores
000421  ** the results in memory cell pMem.
000422  **
000423  ** SQLITE_ERROR is returned if xValue() reports an error. SQLITE_OK 
000424  ** otherwise.
000425  */
000426  #ifndef SQLITE_OMIT_WINDOWFUNC
000427  int sqlite3VdbeMemAggValue(Mem *pAccum, Mem *pOut, FuncDef *pFunc){
000428    sqlite3_context ctx;
000429    Mem t;
000430    assert( pFunc!=0 );
000431    assert( pFunc->xValue!=0 );
000432    assert( (pAccum->flags & MEM_Null)!=0 || pFunc==pAccum->u.pDef );
000433    assert( pAccum->db==0 || sqlite3_mutex_held(pAccum->db->mutex) );
000434    memset(&ctx, 0, sizeof(ctx));
000435    memset(&t, 0, sizeof(t));
000436    t.flags = MEM_Null;
000437    t.db = pAccum->db;
000438    sqlite3VdbeMemSetNull(pOut);
000439    ctx.pOut = pOut;
000440    ctx.pMem = pAccum;
000441    ctx.pFunc = pFunc;
000442    pFunc->xValue(&ctx);
000443    return ctx.isError;
000444  }
000445  #endif /* SQLITE_OMIT_WINDOWFUNC */
000446  
000447  /*
000448  ** If the memory cell contains a value that must be freed by
000449  ** invoking the external callback in Mem.xDel, then this routine
000450  ** will free that value.  It also sets Mem.flags to MEM_Null.
000451  **
000452  ** This is a helper routine for sqlite3VdbeMemSetNull() and
000453  ** for sqlite3VdbeMemRelease().  Use those other routines as the
000454  ** entry point for releasing Mem resources.
000455  */
000456  static SQLITE_NOINLINE void vdbeMemClearExternAndSetNull(Mem *p){
000457    assert( p->db==0 || sqlite3_mutex_held(p->db->mutex) );
000458    assert( VdbeMemDynamic(p) );
000459    if( p->flags&MEM_Agg ){
000460      sqlite3VdbeMemFinalize(p, p->u.pDef);
000461      assert( (p->flags & MEM_Agg)==0 );
000462      testcase( p->flags & MEM_Dyn );
000463    }
000464    if( p->flags&MEM_Dyn ){
000465      assert( p->xDel!=SQLITE_DYNAMIC && p->xDel!=0 );
000466      p->xDel((void *)p->z);
000467    }
000468    p->flags = MEM_Null;
000469  }
000470  
000471  /*
000472  ** Release memory held by the Mem p, both external memory cleared
000473  ** by p->xDel and memory in p->zMalloc.
000474  **
000475  ** This is a helper routine invoked by sqlite3VdbeMemRelease() in
000476  ** the unusual case where there really is memory in p that needs
000477  ** to be freed.
000478  */
000479  static SQLITE_NOINLINE void vdbeMemClear(Mem *p){
000480    if( VdbeMemDynamic(p) ){
000481      vdbeMemClearExternAndSetNull(p);
000482    }
000483    if( p->szMalloc ){
000484      sqlite3DbFreeNN(p->db, p->zMalloc);
000485      p->szMalloc = 0;
000486    }
000487    p->z = 0;
000488  }
000489  
000490  /*
000491  ** Release any memory resources held by the Mem.  Both the memory that is
000492  ** free by Mem.xDel and the Mem.zMalloc allocation are freed.
000493  **
000494  ** Use this routine prior to clean up prior to abandoning a Mem, or to
000495  ** reset a Mem back to its minimum memory utilization.
000496  **
000497  ** Use sqlite3VdbeMemSetNull() to release just the Mem.xDel space
000498  ** prior to inserting new content into the Mem.
000499  */
000500  void sqlite3VdbeMemRelease(Mem *p){
000501    assert( sqlite3VdbeCheckMemInvariants(p) );
000502    if( VdbeMemDynamic(p) || p->szMalloc ){
000503      vdbeMemClear(p);
000504    }
000505  }
000506  
000507  /*
000508  ** Convert a 64-bit IEEE double into a 64-bit signed integer.
000509  ** If the double is out of range of a 64-bit signed integer then
000510  ** return the closest available 64-bit signed integer.
000511  */
000512  static SQLITE_NOINLINE i64 doubleToInt64(double r){
000513  #ifdef SQLITE_OMIT_FLOATING_POINT
000514    /* When floating-point is omitted, double and int64 are the same thing */
000515    return r;
000516  #else
000517    /*
000518    ** Many compilers we encounter do not define constants for the
000519    ** minimum and maximum 64-bit integers, or they define them
000520    ** inconsistently.  And many do not understand the "LL" notation.
000521    ** So we define our own static constants here using nothing
000522    ** larger than a 32-bit integer constant.
000523    */
000524    static const i64 maxInt = LARGEST_INT64;
000525    static const i64 minInt = SMALLEST_INT64;
000526  
000527    if( r<=(double)minInt ){
000528      return minInt;
000529    }else if( r>=(double)maxInt ){
000530      return maxInt;
000531    }else{
000532      return (i64)r;
000533    }
000534  #endif
000535  }
000536  
000537  /*
000538  ** Return some kind of integer value which is the best we can do
000539  ** at representing the value that *pMem describes as an integer.
000540  ** If pMem is an integer, then the value is exact.  If pMem is
000541  ** a floating-point then the value returned is the integer part.
000542  ** If pMem is a string or blob, then we make an attempt to convert
000543  ** it into an integer and return that.  If pMem represents an
000544  ** an SQL-NULL value, return 0.
000545  **
000546  ** If pMem represents a string value, its encoding might be changed.
000547  */
000548  static SQLITE_NOINLINE i64 memIntValue(Mem *pMem){
000549    i64 value = 0;
000550    sqlite3Atoi64(pMem->z, &value, pMem->n, pMem->enc);
000551    return value;
000552  }
000553  i64 sqlite3VdbeIntValue(Mem *pMem){
000554    int flags;
000555    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000556    assert( EIGHT_BYTE_ALIGNMENT(pMem) );
000557    flags = pMem->flags;
000558    if( flags & MEM_Int ){
000559      return pMem->u.i;
000560    }else if( flags & MEM_Real ){
000561      return doubleToInt64(pMem->u.r);
000562    }else if( flags & (MEM_Str|MEM_Blob) ){
000563      assert( pMem->z || pMem->n==0 );
000564      return memIntValue(pMem);
000565    }else{
000566      return 0;
000567    }
000568  }
000569  
000570  /*
000571  ** Return the best representation of pMem that we can get into a
000572  ** double.  If pMem is already a double or an integer, return its
000573  ** value.  If it is a string or blob, try to convert it to a double.
000574  ** If it is a NULL, return 0.0.
000575  */
000576  static SQLITE_NOINLINE double memRealValue(Mem *pMem){
000577    /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
000578    double val = (double)0;
000579    sqlite3AtoF(pMem->z, &val, pMem->n, pMem->enc);
000580    return val;
000581  }
000582  double sqlite3VdbeRealValue(Mem *pMem){
000583    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000584    assert( EIGHT_BYTE_ALIGNMENT(pMem) );
000585    if( pMem->flags & MEM_Real ){
000586      return pMem->u.r;
000587    }else if( pMem->flags & MEM_Int ){
000588      return (double)pMem->u.i;
000589    }else if( pMem->flags & (MEM_Str|MEM_Blob) ){
000590      return memRealValue(pMem);
000591    }else{
000592      /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
000593      return (double)0;
000594    }
000595  }
000596  
000597  /*
000598  ** Return 1 if pMem represents true, and return 0 if pMem represents false.
000599  ** Return the value ifNull if pMem is NULL.  
000600  */
000601  int sqlite3VdbeBooleanValue(Mem *pMem, int ifNull){
000602    if( pMem->flags & MEM_Int ) return pMem->u.i!=0;
000603    if( pMem->flags & MEM_Null ) return ifNull;
000604    return sqlite3VdbeRealValue(pMem)!=0.0;
000605  }
000606  
000607  /*
000608  ** The MEM structure is already a MEM_Real.  Try to also make it a
000609  ** MEM_Int if we can.
000610  */
000611  void sqlite3VdbeIntegerAffinity(Mem *pMem){
000612    i64 ix;
000613    assert( pMem->flags & MEM_Real );
000614    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000615    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000616    assert( EIGHT_BYTE_ALIGNMENT(pMem) );
000617  
000618    ix = doubleToInt64(pMem->u.r);
000619  
000620    /* Only mark the value as an integer if
000621    **
000622    **    (1) the round-trip conversion real->int->real is a no-op, and
000623    **    (2) The integer is neither the largest nor the smallest
000624    **        possible integer (ticket #3922)
000625    **
000626    ** The second and third terms in the following conditional enforces
000627    ** the second condition under the assumption that addition overflow causes
000628    ** values to wrap around.
000629    */
000630    if( pMem->u.r==ix && ix>SMALLEST_INT64 && ix<LARGEST_INT64 ){
000631      pMem->u.i = ix;
000632      MemSetTypeFlag(pMem, MEM_Int);
000633    }
000634  }
000635  
000636  /*
000637  ** Convert pMem to type integer.  Invalidate any prior representations.
000638  */
000639  int sqlite3VdbeMemIntegerify(Mem *pMem){
000640    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000641    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000642    assert( EIGHT_BYTE_ALIGNMENT(pMem) );
000643  
000644    pMem->u.i = sqlite3VdbeIntValue(pMem);
000645    MemSetTypeFlag(pMem, MEM_Int);
000646    return SQLITE_OK;
000647  }
000648  
000649  /*
000650  ** Convert pMem so that it is of type MEM_Real.
000651  ** Invalidate any prior representations.
000652  */
000653  int sqlite3VdbeMemRealify(Mem *pMem){
000654    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000655    assert( EIGHT_BYTE_ALIGNMENT(pMem) );
000656  
000657    pMem->u.r = sqlite3VdbeRealValue(pMem);
000658    MemSetTypeFlag(pMem, MEM_Real);
000659    return SQLITE_OK;
000660  }
000661  
000662  /* Compare a floating point value to an integer.  Return true if the two
000663  ** values are the same within the precision of the floating point value.
000664  **
000665  ** For some versions of GCC on 32-bit machines, if you do the more obvious
000666  ** comparison of "r1==(double)i" you sometimes get an answer of false even
000667  ** though the r1 and (double)i values are bit-for-bit the same.
000668  */
000669  static int sqlite3RealSameAsInt(double r1, sqlite3_int64 i){
000670    double r2 = (double)i;
000671    return memcmp(&r1, &r2, sizeof(r1))==0;
000672  }
000673  
000674  /*
000675  ** Convert pMem so that it has types MEM_Real or MEM_Int or both.
000676  ** Invalidate any prior representations.
000677  **
000678  ** Every effort is made to force the conversion, even if the input
000679  ** is a string that does not look completely like a number.  Convert
000680  ** as much of the string as we can and ignore the rest.
000681  */
000682  int sqlite3VdbeMemNumerify(Mem *pMem){
000683    if( (pMem->flags & (MEM_Int|MEM_Real|MEM_Null))==0 ){
000684      int rc;
000685      assert( (pMem->flags & (MEM_Blob|MEM_Str))!=0 );
000686      assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
000687      rc = sqlite3Atoi64(pMem->z, &pMem->u.i, pMem->n, pMem->enc);
000688      if( rc==0 ){
000689        MemSetTypeFlag(pMem, MEM_Int);
000690      }else{
000691        i64 i = pMem->u.i;
000692        sqlite3AtoF(pMem->z, &pMem->u.r, pMem->n, pMem->enc);
000693        if( rc==1 && sqlite3RealSameAsInt(pMem->u.r, i) ){
000694          pMem->u.i = i;
000695          MemSetTypeFlag(pMem, MEM_Int);
000696        }else{
000697          MemSetTypeFlag(pMem, MEM_Real);
000698        }
000699      }
000700    }
000701    assert( (pMem->flags & (MEM_Int|MEM_Real|MEM_Null))!=0 );
000702    pMem->flags &= ~(MEM_Str|MEM_Blob|MEM_Zero);
000703    return SQLITE_OK;
000704  }
000705  
000706  /*
000707  ** Cast the datatype of the value in pMem according to the affinity
000708  ** "aff".  Casting is different from applying affinity in that a cast
000709  ** is forced.  In other words, the value is converted into the desired
000710  ** affinity even if that results in loss of data.  This routine is
000711  ** used (for example) to implement the SQL "cast()" operator.
000712  */
000713  void sqlite3VdbeMemCast(Mem *pMem, u8 aff, u8 encoding){
000714    if( pMem->flags & MEM_Null ) return;
000715    switch( aff ){
000716      case SQLITE_AFF_BLOB: {   /* Really a cast to BLOB */
000717        if( (pMem->flags & MEM_Blob)==0 ){
000718          sqlite3ValueApplyAffinity(pMem, SQLITE_AFF_TEXT, encoding);
000719          assert( pMem->flags & MEM_Str || pMem->db->mallocFailed );
000720          if( pMem->flags & MEM_Str ) MemSetTypeFlag(pMem, MEM_Blob);
000721        }else{
000722          pMem->flags &= ~(MEM_TypeMask&~MEM_Blob);
000723        }
000724        break;
000725      }
000726      case SQLITE_AFF_NUMERIC: {
000727        sqlite3VdbeMemNumerify(pMem);
000728        break;
000729      }
000730      case SQLITE_AFF_INTEGER: {
000731        sqlite3VdbeMemIntegerify(pMem);
000732        break;
000733      }
000734      case SQLITE_AFF_REAL: {
000735        sqlite3VdbeMemRealify(pMem);
000736        break;
000737      }
000738      default: {
000739        assert( aff==SQLITE_AFF_TEXT );
000740        assert( MEM_Str==(MEM_Blob>>3) );
000741        pMem->flags |= (pMem->flags&MEM_Blob)>>3;
000742        sqlite3ValueApplyAffinity(pMem, SQLITE_AFF_TEXT, encoding);
000743        assert( pMem->flags & MEM_Str || pMem->db->mallocFailed );
000744        pMem->flags &= ~(MEM_Int|MEM_Real|MEM_Blob|MEM_Zero);
000745        break;
000746      }
000747    }
000748  }
000749  
000750  /*
000751  ** Initialize bulk memory to be a consistent Mem object.
000752  **
000753  ** The minimum amount of initialization feasible is performed.
000754  */
000755  void sqlite3VdbeMemInit(Mem *pMem, sqlite3 *db, u16 flags){
000756    assert( (flags & ~MEM_TypeMask)==0 );
000757    pMem->flags = flags;
000758    pMem->db = db;
000759    pMem->szMalloc = 0;
000760  }
000761  
000762  
000763  /*
000764  ** Delete any previous value and set the value stored in *pMem to NULL.
000765  **
000766  ** This routine calls the Mem.xDel destructor to dispose of values that
000767  ** require the destructor.  But it preserves the Mem.zMalloc memory allocation.
000768  ** To free all resources, use sqlite3VdbeMemRelease(), which both calls this
000769  ** routine to invoke the destructor and deallocates Mem.zMalloc.
000770  **
000771  ** Use this routine to reset the Mem prior to insert a new value.
000772  **
000773  ** Use sqlite3VdbeMemRelease() to complete erase the Mem prior to abandoning it.
000774  */
000775  void sqlite3VdbeMemSetNull(Mem *pMem){
000776    if( VdbeMemDynamic(pMem) ){
000777      vdbeMemClearExternAndSetNull(pMem);
000778    }else{
000779      pMem->flags = MEM_Null;
000780    }
000781  }
000782  void sqlite3ValueSetNull(sqlite3_value *p){
000783    sqlite3VdbeMemSetNull((Mem*)p); 
000784  }
000785  
000786  /*
000787  ** Delete any previous value and set the value to be a BLOB of length
000788  ** n containing all zeros.
000789  */
000790  void sqlite3VdbeMemSetZeroBlob(Mem *pMem, int n){
000791    sqlite3VdbeMemRelease(pMem);
000792    pMem->flags = MEM_Blob|MEM_Zero;
000793    pMem->n = 0;
000794    if( n<0 ) n = 0;
000795    pMem->u.nZero = n;
000796    pMem->enc = SQLITE_UTF8;
000797    pMem->z = 0;
000798  }
000799  
000800  /*
000801  ** The pMem is known to contain content that needs to be destroyed prior
000802  ** to a value change.  So invoke the destructor, then set the value to
000803  ** a 64-bit integer.
000804  */
000805  static SQLITE_NOINLINE void vdbeReleaseAndSetInt64(Mem *pMem, i64 val){
000806    sqlite3VdbeMemSetNull(pMem);
000807    pMem->u.i = val;
000808    pMem->flags = MEM_Int;
000809  }
000810  
000811  /*
000812  ** Delete any previous value and set the value stored in *pMem to val,
000813  ** manifest type INTEGER.
000814  */
000815  void sqlite3VdbeMemSetInt64(Mem *pMem, i64 val){
000816    if( VdbeMemDynamic(pMem) ){
000817      vdbeReleaseAndSetInt64(pMem, val);
000818    }else{
000819      pMem->u.i = val;
000820      pMem->flags = MEM_Int;
000821    }
000822  }
000823  
000824  /* A no-op destructor */
000825  void sqlite3NoopDestructor(void *p){ UNUSED_PARAMETER(p); }
000826  
000827  /*
000828  ** Set the value stored in *pMem should already be a NULL.
000829  ** Also store a pointer to go with it.
000830  */
000831  void sqlite3VdbeMemSetPointer(
000832    Mem *pMem,
000833    void *pPtr,
000834    const char *zPType,
000835    void (*xDestructor)(void*)
000836  ){
000837    assert( pMem->flags==MEM_Null );
000838    pMem->u.zPType = zPType ? zPType : "";
000839    pMem->z = pPtr;
000840    pMem->flags = MEM_Null|MEM_Dyn|MEM_Subtype|MEM_Term;
000841    pMem->eSubtype = 'p';
000842    pMem->xDel = xDestructor ? xDestructor : sqlite3NoopDestructor;
000843  }
000844  
000845  #ifndef SQLITE_OMIT_FLOATING_POINT
000846  /*
000847  ** Delete any previous value and set the value stored in *pMem to val,
000848  ** manifest type REAL.
000849  */
000850  void sqlite3VdbeMemSetDouble(Mem *pMem, double val){
000851    sqlite3VdbeMemSetNull(pMem);
000852    if( !sqlite3IsNaN(val) ){
000853      pMem->u.r = val;
000854      pMem->flags = MEM_Real;
000855    }
000856  }
000857  #endif
000858  
000859  #ifdef SQLITE_DEBUG
000860  /*
000861  ** Return true if the Mem holds a RowSet object.  This routine is intended
000862  ** for use inside of assert() statements.
000863  */
000864  int sqlite3VdbeMemIsRowSet(const Mem *pMem){
000865    return (pMem->flags&(MEM_Blob|MEM_Dyn))==(MEM_Blob|MEM_Dyn)
000866           && pMem->xDel==sqlite3RowSetDelete;
000867  }
000868  #endif
000869  
000870  /*
000871  ** Delete any previous value and set the value of pMem to be an
000872  ** empty boolean index.
000873  **
000874  ** Return SQLITE_OK on success and SQLITE_NOMEM if a memory allocation
000875  ** error occurs.
000876  */
000877  int sqlite3VdbeMemSetRowSet(Mem *pMem){
000878    sqlite3 *db = pMem->db;
000879    RowSet *p;
000880    assert( db!=0 );
000881    assert( !sqlite3VdbeMemIsRowSet(pMem) );
000882    sqlite3VdbeMemRelease(pMem);
000883    p = sqlite3RowSetInit(db);
000884    if( p==0 ) return SQLITE_NOMEM;
000885    pMem->z = (char*)p;
000886    pMem->flags = MEM_Blob|MEM_Dyn;
000887    pMem->xDel = sqlite3RowSetDelete;
000888    return SQLITE_OK;
000889  }
000890  
000891  /*
000892  ** Return true if the Mem object contains a TEXT or BLOB that is
000893  ** too large - whose size exceeds SQLITE_MAX_LENGTH.
000894  */
000895  int sqlite3VdbeMemTooBig(Mem *p){
000896    assert( p->db!=0 );
000897    if( p->flags & (MEM_Str|MEM_Blob) ){
000898      int n = p->n;
000899      if( p->flags & MEM_Zero ){
000900        n += p->u.nZero;
000901      }
000902      return n>p->db->aLimit[SQLITE_LIMIT_LENGTH];
000903    }
000904    return 0; 
000905  }
000906  
000907  #ifdef SQLITE_DEBUG
000908  /*
000909  ** This routine prepares a memory cell for modification by breaking
000910  ** its link to a shallow copy and by marking any current shallow
000911  ** copies of this cell as invalid.
000912  **
000913  ** This is used for testing and debugging only - to make sure shallow
000914  ** copies are not misused.
000915  */
000916  void sqlite3VdbeMemAboutToChange(Vdbe *pVdbe, Mem *pMem){
000917    int i;
000918    Mem *pX;
000919    for(i=0, pX=pVdbe->aMem; i<pVdbe->nMem; i++, pX++){
000920      if( pX->pScopyFrom==pMem ){
000921        /* If pX is marked as a shallow copy of pMem, then verify that
000922        ** no significant changes have been made to pX since the OP_SCopy.
000923        ** A significant change would indicated a missed call to this
000924        ** function for pX.  Minor changes, such as adding or removing a
000925        ** dual type, are allowed, as long as the underlying value is the
000926        ** same. */
000927        u16 mFlags = pMem->flags & pX->flags & pX->mScopyFlags;
000928        assert( (mFlags&MEM_Int)==0 || pMem->u.i==pX->u.i );
000929        assert( (mFlags&MEM_Real)==0 || pMem->u.r==pX->u.r );
000930        assert( (mFlags&MEM_Str)==0  || (pMem->n==pX->n && pMem->z==pX->z) );
000931        assert( (mFlags&MEM_Blob)==0  || sqlite3BlobCompare(pMem,pX)==0 );
000932        
000933        /* pMem is the register that is changing.  But also mark pX as
000934        ** undefined so that we can quickly detect the shallow-copy error */
000935        pX->flags = MEM_Undefined;
000936        pX->pScopyFrom = 0;
000937      }
000938    }
000939    pMem->pScopyFrom = 0;
000940  }
000941  #endif /* SQLITE_DEBUG */
000942  
000943  
000944  /*
000945  ** Make an shallow copy of pFrom into pTo.  Prior contents of
000946  ** pTo are freed.  The pFrom->z field is not duplicated.  If
000947  ** pFrom->z is used, then pTo->z points to the same thing as pFrom->z
000948  ** and flags gets srcType (either MEM_Ephem or MEM_Static).
000949  */
000950  static SQLITE_NOINLINE void vdbeClrCopy(Mem *pTo, const Mem *pFrom, int eType){
000951    vdbeMemClearExternAndSetNull(pTo);
000952    assert( !VdbeMemDynamic(pTo) );
000953    sqlite3VdbeMemShallowCopy(pTo, pFrom, eType);
000954  }
000955  void sqlite3VdbeMemShallowCopy(Mem *pTo, const Mem *pFrom, int srcType){
000956    assert( !sqlite3VdbeMemIsRowSet(pFrom) );
000957    assert( pTo->db==pFrom->db );
000958    if( VdbeMemDynamic(pTo) ){ vdbeClrCopy(pTo,pFrom,srcType); return; }
000959    memcpy(pTo, pFrom, MEMCELLSIZE);
000960    if( (pFrom->flags&MEM_Static)==0 ){
000961      pTo->flags &= ~(MEM_Dyn|MEM_Static|MEM_Ephem);
000962      assert( srcType==MEM_Ephem || srcType==MEM_Static );
000963      pTo->flags |= srcType;
000964    }
000965  }
000966  
000967  /*
000968  ** Make a full copy of pFrom into pTo.  Prior contents of pTo are
000969  ** freed before the copy is made.
000970  */
000971  int sqlite3VdbeMemCopy(Mem *pTo, const Mem *pFrom){
000972    int rc = SQLITE_OK;
000973  
000974    assert( !sqlite3VdbeMemIsRowSet(pFrom) );
000975    if( VdbeMemDynamic(pTo) ) vdbeMemClearExternAndSetNull(pTo);
000976    memcpy(pTo, pFrom, MEMCELLSIZE);
000977    pTo->flags &= ~MEM_Dyn;
000978    if( pTo->flags&(MEM_Str|MEM_Blob) ){
000979      if( 0==(pFrom->flags&MEM_Static) ){
000980        pTo->flags |= MEM_Ephem;
000981        rc = sqlite3VdbeMemMakeWriteable(pTo);
000982      }
000983    }
000984  
000985    return rc;
000986  }
000987  
000988  /*
000989  ** Transfer the contents of pFrom to pTo. Any existing value in pTo is
000990  ** freed. If pFrom contains ephemeral data, a copy is made.
000991  **
000992  ** pFrom contains an SQL NULL when this routine returns.
000993  */
000994  void sqlite3VdbeMemMove(Mem *pTo, Mem *pFrom){
000995    assert( pFrom->db==0 || sqlite3_mutex_held(pFrom->db->mutex) );
000996    assert( pTo->db==0 || sqlite3_mutex_held(pTo->db->mutex) );
000997    assert( pFrom->db==0 || pTo->db==0 || pFrom->db==pTo->db );
000998  
000999    sqlite3VdbeMemRelease(pTo);
001000    memcpy(pTo, pFrom, sizeof(Mem));
001001    pFrom->flags = MEM_Null;
001002    pFrom->szMalloc = 0;
001003  }
001004  
001005  /*
001006  ** Change the value of a Mem to be a string or a BLOB.
001007  **
001008  ** The memory management strategy depends on the value of the xDel
001009  ** parameter. If the value passed is SQLITE_TRANSIENT, then the 
001010  ** string is copied into a (possibly existing) buffer managed by the 
001011  ** Mem structure. Otherwise, any existing buffer is freed and the
001012  ** pointer copied.
001013  **
001014  ** If the string is too large (if it exceeds the SQLITE_LIMIT_LENGTH
001015  ** size limit) then no memory allocation occurs.  If the string can be
001016  ** stored without allocating memory, then it is.  If a memory allocation
001017  ** is required to store the string, then value of pMem is unchanged.  In
001018  ** either case, SQLITE_TOOBIG is returned.
001019  */
001020  int sqlite3VdbeMemSetStr(
001021    Mem *pMem,          /* Memory cell to set to string value */
001022    const char *z,      /* String pointer */
001023    int n,              /* Bytes in string, or negative */
001024    u8 enc,             /* Encoding of z.  0 for BLOBs */
001025    void (*xDel)(void*) /* Destructor function */
001026  ){
001027    int nByte = n;      /* New value for pMem->n */
001028    int iLimit;         /* Maximum allowed string or blob size */
001029    u16 flags = 0;      /* New value for pMem->flags */
001030  
001031    assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
001032    assert( !sqlite3VdbeMemIsRowSet(pMem) );
001033  
001034    /* If z is a NULL pointer, set pMem to contain an SQL NULL. */
001035    if( !z ){
001036      sqlite3VdbeMemSetNull(pMem);
001037      return SQLITE_OK;
001038    }
001039  
001040    if( pMem->db ){
001041      iLimit = pMem->db->aLimit[SQLITE_LIMIT_LENGTH];
001042    }else{
001043      iLimit = SQLITE_MAX_LENGTH;
001044    }
001045    flags = (enc==0?MEM_Blob:MEM_Str);
001046    if( nByte<0 ){
001047      assert( enc!=0 );
001048      if( enc==SQLITE_UTF8 ){
001049        nByte = 0x7fffffff & (int)strlen(z);
001050        if( nByte>iLimit ) nByte = iLimit+1;
001051      }else{
001052        for(nByte=0; nByte<=iLimit && (z[nByte] | z[nByte+1]); nByte+=2){}
001053      }
001054      flags |= MEM_Term;
001055    }
001056  
001057    /* The following block sets the new values of Mem.z and Mem.xDel. It
001058    ** also sets a flag in local variable "flags" to indicate the memory
001059    ** management (one of MEM_Dyn or MEM_Static).
001060    */
001061    if( xDel==SQLITE_TRANSIENT ){
001062      int nAlloc = nByte;
001063      if( flags&MEM_Term ){
001064        nAlloc += (enc==SQLITE_UTF8?1:2);
001065      }
001066      if( nByte>iLimit ){
001067        return SQLITE_TOOBIG;
001068      }
001069      testcase( nAlloc==0 );
001070      testcase( nAlloc==31 );
001071      testcase( nAlloc==32 );
001072      if( sqlite3VdbeMemClearAndResize(pMem, MAX(nAlloc,32)) ){
001073        return SQLITE_NOMEM_BKPT;
001074      }
001075      memcpy(pMem->z, z, nAlloc);
001076    }else if( xDel==SQLITE_DYNAMIC ){
001077      sqlite3VdbeMemRelease(pMem);
001078      pMem->zMalloc = pMem->z = (char *)z;
001079      pMem->szMalloc = sqlite3DbMallocSize(pMem->db, pMem->zMalloc);
001080    }else{
001081      sqlite3VdbeMemRelease(pMem);
001082      pMem->z = (char *)z;
001083      pMem->xDel = xDel;
001084      flags |= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
001085    }
001086  
001087    pMem->n = nByte;
001088    pMem->flags = flags;
001089    pMem->enc = (enc==0 ? SQLITE_UTF8 : enc);
001090  
001091  #ifndef SQLITE_OMIT_UTF16
001092    if( pMem->enc!=SQLITE_UTF8 && sqlite3VdbeMemHandleBom(pMem) ){
001093      return SQLITE_NOMEM_BKPT;
001094    }
001095  #endif
001096  
001097    if( nByte>iLimit ){
001098      return SQLITE_TOOBIG;
001099    }
001100  
001101    return SQLITE_OK;
001102  }
001103  
001104  /*
001105  ** Move data out of a btree key or data field and into a Mem structure.
001106  ** The data is payload from the entry that pCur is currently pointing
001107  ** to.  offset and amt determine what portion of the data or key to retrieve.
001108  ** The result is written into the pMem element.
001109  **
001110  ** The pMem object must have been initialized.  This routine will use
001111  ** pMem->zMalloc to hold the content from the btree, if possible.  New
001112  ** pMem->zMalloc space will be allocated if necessary.  The calling routine
001113  ** is responsible for making sure that the pMem object is eventually
001114  ** destroyed.
001115  **
001116  ** If this routine fails for any reason (malloc returns NULL or unable
001117  ** to read from the disk) then the pMem is left in an inconsistent state.
001118  */
001119  static SQLITE_NOINLINE int vdbeMemFromBtreeResize(
001120    BtCursor *pCur,   /* Cursor pointing at record to retrieve. */
001121    u32 offset,       /* Offset from the start of data to return bytes from. */
001122    u32 amt,          /* Number of bytes to return. */
001123    Mem *pMem         /* OUT: Return data in this Mem structure. */
001124  ){
001125    int rc;
001126    pMem->flags = MEM_Null;
001127    if( sqlite3BtreeMaxRecordSize(pCur)<offset+amt ){
001128      return SQLITE_CORRUPT_BKPT;
001129    }
001130    if( SQLITE_OK==(rc = sqlite3VdbeMemClearAndResize(pMem, amt+1)) ){
001131      rc = sqlite3BtreePayload(pCur, offset, amt, pMem->z);
001132      if( rc==SQLITE_OK ){
001133        pMem->z[amt] = 0;   /* Overrun area used when reading malformed records */
001134        pMem->flags = MEM_Blob;
001135        pMem->n = (int)amt;
001136      }else{
001137        sqlite3VdbeMemRelease(pMem);
001138      }
001139    }
001140    return rc;
001141  }
001142  int sqlite3VdbeMemFromBtree(
001143    BtCursor *pCur,   /* Cursor pointing at record to retrieve. */
001144    u32 offset,       /* Offset from the start of data to return bytes from. */
001145    u32 amt,          /* Number of bytes to return. */
001146    Mem *pMem         /* OUT: Return data in this Mem structure. */
001147  ){
001148    char *zData;        /* Data from the btree layer */
001149    u32 available = 0;  /* Number of bytes available on the local btree page */
001150    int rc = SQLITE_OK; /* Return code */
001151  
001152    assert( sqlite3BtreeCursorIsValid(pCur) );
001153    assert( !VdbeMemDynamic(pMem) );
001154  
001155    /* Note: the calls to BtreeKeyFetch() and DataFetch() below assert() 
001156    ** that both the BtShared and database handle mutexes are held. */
001157    assert( !sqlite3VdbeMemIsRowSet(pMem) );
001158    zData = (char *)sqlite3BtreePayloadFetch(pCur, &available);
001159    assert( zData!=0 );
001160  
001161    if( offset+amt<=available ){
001162      pMem->z = &zData[offset];
001163      pMem->flags = MEM_Blob|MEM_Ephem;
001164      pMem->n = (int)amt;
001165    }else{
001166      rc = vdbeMemFromBtreeResize(pCur, offset, amt, pMem);
001167    }
001168  
001169    return rc;
001170  }
001171  
001172  /*
001173  ** The pVal argument is known to be a value other than NULL.
001174  ** Convert it into a string with encoding enc and return a pointer
001175  ** to a zero-terminated version of that string.
001176  */
001177  static SQLITE_NOINLINE const void *valueToText(sqlite3_value* pVal, u8 enc){
001178    assert( pVal!=0 );
001179    assert( pVal->db==0 || sqlite3_mutex_held(pVal->db->mutex) );
001180    assert( (enc&3)==(enc&~SQLITE_UTF16_ALIGNED) );
001181    assert( !sqlite3VdbeMemIsRowSet(pVal) );
001182    assert( (pVal->flags & (MEM_Null))==0 );
001183    if( pVal->flags & (MEM_Blob|MEM_Str) ){
001184      if( ExpandBlob(pVal) ) return 0;
001185      pVal->flags |= MEM_Str;
001186      if( pVal->enc != (enc & ~SQLITE_UTF16_ALIGNED) ){
001187        sqlite3VdbeChangeEncoding(pVal, enc & ~SQLITE_UTF16_ALIGNED);
001188      }
001189      if( (enc & SQLITE_UTF16_ALIGNED)!=0 && 1==(1&SQLITE_PTR_TO_INT(pVal->z)) ){
001190        assert( (pVal->flags & (MEM_Ephem|MEM_Static))!=0 );
001191        if( sqlite3VdbeMemMakeWriteable(pVal)!=SQLITE_OK ){
001192          return 0;
001193        }
001194      }
001195      sqlite3VdbeMemNulTerminate(pVal); /* IMP: R-31275-44060 */
001196    }else{
001197      sqlite3VdbeMemStringify(pVal, enc, 0);
001198      assert( 0==(1&SQLITE_PTR_TO_INT(pVal->z)) );
001199    }
001200    assert(pVal->enc==(enc & ~SQLITE_UTF16_ALIGNED) || pVal->db==0
001201                || pVal->db->mallocFailed );
001202    if( pVal->enc==(enc & ~SQLITE_UTF16_ALIGNED) ){
001203      assert( sqlite3VdbeMemConsistentDualRep(pVal) );
001204      return pVal->z;
001205    }else{
001206      return 0;
001207    }
001208  }
001209  
001210  /* This function is only available internally, it is not part of the
001211  ** external API. It works in a similar way to sqlite3_value_text(),
001212  ** except the data returned is in the encoding specified by the second
001213  ** parameter, which must be one of SQLITE_UTF16BE, SQLITE_UTF16LE or
001214  ** SQLITE_UTF8.
001215  **
001216  ** (2006-02-16:)  The enc value can be or-ed with SQLITE_UTF16_ALIGNED.
001217  ** If that is the case, then the result must be aligned on an even byte
001218  ** boundary.
001219  */
001220  const void *sqlite3ValueText(sqlite3_value* pVal, u8 enc){
001221    if( !pVal ) return 0;
001222    assert( pVal->db==0 || sqlite3_mutex_held(pVal->db->mutex) );
001223    assert( (enc&3)==(enc&~SQLITE_UTF16_ALIGNED) );
001224    assert( !sqlite3VdbeMemIsRowSet(pVal) );
001225    if( (pVal->flags&(MEM_Str|MEM_Term))==(MEM_Str|MEM_Term) && pVal->enc==enc ){
001226      assert( sqlite3VdbeMemConsistentDualRep(pVal) );
001227      return pVal->z;
001228    }
001229    if( pVal->flags&MEM_Null ){
001230      return 0;
001231    }
001232    return valueToText(pVal, enc);
001233  }
001234  
001235  /*
001236  ** Create a new sqlite3_value object.
001237  */
001238  sqlite3_value *sqlite3ValueNew(sqlite3 *db){
001239    Mem *p = sqlite3DbMallocZero(db, sizeof(*p));
001240    if( p ){
001241      p->flags = MEM_Null;
001242      p->db = db;
001243    }
001244    return p;
001245  }
001246  
001247  /*
001248  ** Context object passed by sqlite3Stat4ProbeSetValue() through to 
001249  ** valueNew(). See comments above valueNew() for details.
001250  */
001251  struct ValueNewStat4Ctx {
001252    Parse *pParse;
001253    Index *pIdx;
001254    UnpackedRecord **ppRec;
001255    int iVal;
001256  };
001257  
001258  /*
001259  ** Allocate and return a pointer to a new sqlite3_value object. If
001260  ** the second argument to this function is NULL, the object is allocated
001261  ** by calling sqlite3ValueNew().
001262  **
001263  ** Otherwise, if the second argument is non-zero, then this function is 
001264  ** being called indirectly by sqlite3Stat4ProbeSetValue(). If it has not
001265  ** already been allocated, allocate the UnpackedRecord structure that 
001266  ** that function will return to its caller here. Then return a pointer to
001267  ** an sqlite3_value within the UnpackedRecord.a[] array.
001268  */
001269  static sqlite3_value *valueNew(sqlite3 *db, struct ValueNewStat4Ctx *p){
001270  #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
001271    if( p ){
001272      UnpackedRecord *pRec = p->ppRec[0];
001273  
001274      if( pRec==0 ){
001275        Index *pIdx = p->pIdx;      /* Index being probed */
001276        int nByte;                  /* Bytes of space to allocate */
001277        int i;                      /* Counter variable */
001278        int nCol = pIdx->nColumn;   /* Number of index columns including rowid */
001279    
001280        nByte = sizeof(Mem) * nCol + ROUND8(sizeof(UnpackedRecord));
001281        pRec = (UnpackedRecord*)sqlite3DbMallocZero(db, nByte);
001282        if( pRec ){
001283          pRec->pKeyInfo = sqlite3KeyInfoOfIndex(p->pParse, pIdx);
001284          if( pRec->pKeyInfo ){
001285            assert( pRec->pKeyInfo->nAllField==nCol );
001286            assert( pRec->pKeyInfo->enc==ENC(db) );
001287            pRec->aMem = (Mem *)((u8*)pRec + ROUND8(sizeof(UnpackedRecord)));
001288            for(i=0; i<nCol; i++){
001289              pRec->aMem[i].flags = MEM_Null;
001290              pRec->aMem[i].db = db;
001291            }
001292          }else{
001293            sqlite3DbFreeNN(db, pRec);
001294            pRec = 0;
001295          }
001296        }
001297        if( pRec==0 ) return 0;
001298        p->ppRec[0] = pRec;
001299      }
001300    
001301      pRec->nField = p->iVal+1;
001302      return &pRec->aMem[p->iVal];
001303    }
001304  #else
001305    UNUSED_PARAMETER(p);
001306  #endif /* defined(SQLITE_ENABLE_STAT3_OR_STAT4) */
001307    return sqlite3ValueNew(db);
001308  }
001309  
001310  /*
001311  ** The expression object indicated by the second argument is guaranteed
001312  ** to be a scalar SQL function. If
001313  **
001314  **   * all function arguments are SQL literals,
001315  **   * one of the SQLITE_FUNC_CONSTANT or _SLOCHNG function flags is set, and
001316  **   * the SQLITE_FUNC_NEEDCOLL function flag is not set,
001317  **
001318  ** then this routine attempts to invoke the SQL function. Assuming no
001319  ** error occurs, output parameter (*ppVal) is set to point to a value 
001320  ** object containing the result before returning SQLITE_OK.
001321  **
001322  ** Affinity aff is applied to the result of the function before returning.
001323  ** If the result is a text value, the sqlite3_value object uses encoding 
001324  ** enc.
001325  **
001326  ** If the conditions above are not met, this function returns SQLITE_OK
001327  ** and sets (*ppVal) to NULL. Or, if an error occurs, (*ppVal) is set to
001328  ** NULL and an SQLite error code returned.
001329  */
001330  #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
001331  static int valueFromFunction(
001332    sqlite3 *db,                    /* The database connection */
001333    Expr *p,                        /* The expression to evaluate */
001334    u8 enc,                         /* Encoding to use */
001335    u8 aff,                         /* Affinity to use */
001336    sqlite3_value **ppVal,          /* Write the new value here */
001337    struct ValueNewStat4Ctx *pCtx   /* Second argument for valueNew() */
001338  ){
001339    sqlite3_context ctx;            /* Context object for function invocation */
001340    sqlite3_value **apVal = 0;      /* Function arguments */
001341    int nVal = 0;                   /* Size of apVal[] array */
001342    FuncDef *pFunc = 0;             /* Function definition */
001343    sqlite3_value *pVal = 0;        /* New value */
001344    int rc = SQLITE_OK;             /* Return code */
001345    ExprList *pList = 0;            /* Function arguments */
001346    int i;                          /* Iterator variable */
001347  
001348    assert( pCtx!=0 );
001349    assert( (p->flags & EP_TokenOnly)==0 );
001350    pList = p->x.pList;
001351    if( pList ) nVal = pList->nExpr;
001352    pFunc = sqlite3FindFunction(db, p->u.zToken, nVal, enc, 0);
001353    assert( pFunc );
001354    if( (pFunc->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG))==0 
001355     || (pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL)
001356    ){
001357      return SQLITE_OK;
001358    }
001359  
001360    if( pList ){
001361      apVal = (sqlite3_value**)sqlite3DbMallocZero(db, sizeof(apVal[0]) * nVal);
001362      if( apVal==0 ){
001363        rc = SQLITE_NOMEM_BKPT;
001364        goto value_from_function_out;
001365      }
001366      for(i=0; i<nVal; i++){
001367        rc = sqlite3ValueFromExpr(db, pList->a[i].pExpr, enc, aff, &apVal[i]);
001368        if( apVal[i]==0 || rc!=SQLITE_OK ) goto value_from_function_out;
001369      }
001370    }
001371  
001372    pVal = valueNew(db, pCtx);
001373    if( pVal==0 ){
001374      rc = SQLITE_NOMEM_BKPT;
001375      goto value_from_function_out;
001376    }
001377  
001378    assert( pCtx->pParse->rc==SQLITE_OK );
001379    memset(&ctx, 0, sizeof(ctx));
001380    ctx.pOut = pVal;
001381    ctx.pFunc = pFunc;
001382    pFunc->xSFunc(&ctx, nVal, apVal);
001383    if( ctx.isError ){
001384      rc = ctx.isError;
001385      sqlite3ErrorMsg(pCtx->pParse, "%s", sqlite3_value_text(pVal));
001386    }else{
001387      sqlite3ValueApplyAffinity(pVal, aff, SQLITE_UTF8);
001388      assert( rc==SQLITE_OK );
001389      rc = sqlite3VdbeChangeEncoding(pVal, enc);
001390      if( rc==SQLITE_OK && sqlite3VdbeMemTooBig(pVal) ){
001391        rc = SQLITE_TOOBIG;
001392        pCtx->pParse->nErr++;
001393      }
001394    }
001395    pCtx->pParse->rc = rc;
001396  
001397   value_from_function_out:
001398    if( rc!=SQLITE_OK ){
001399      pVal = 0;
001400    }
001401    if( apVal ){
001402      for(i=0; i<nVal; i++){
001403        sqlite3ValueFree(apVal[i]);
001404      }
001405      sqlite3DbFreeNN(db, apVal);
001406    }
001407  
001408    *ppVal = pVal;
001409    return rc;
001410  }
001411  #else
001412  # define valueFromFunction(a,b,c,d,e,f) SQLITE_OK
001413  #endif /* defined(SQLITE_ENABLE_STAT3_OR_STAT4) */
001414  
001415  /*
001416  ** Extract a value from the supplied expression in the manner described
001417  ** above sqlite3ValueFromExpr(). Allocate the sqlite3_value object
001418  ** using valueNew().
001419  **
001420  ** If pCtx is NULL and an error occurs after the sqlite3_value object
001421  ** has been allocated, it is freed before returning. Or, if pCtx is not
001422  ** NULL, it is assumed that the caller will free any allocated object
001423  ** in all cases.
001424  */
001425  static int valueFromExpr(
001426    sqlite3 *db,                    /* The database connection */
001427    Expr *pExpr,                    /* The expression to evaluate */
001428    u8 enc,                         /* Encoding to use */
001429    u8 affinity,                    /* Affinity to use */
001430    sqlite3_value **ppVal,          /* Write the new value here */
001431    struct ValueNewStat4Ctx *pCtx   /* Second argument for valueNew() */
001432  ){
001433    int op;
001434    char *zVal = 0;
001435    sqlite3_value *pVal = 0;
001436    int negInt = 1;
001437    const char *zNeg = "";
001438    int rc = SQLITE_OK;
001439  
001440    assert( pExpr!=0 );
001441    while( (op = pExpr->op)==TK_UPLUS || op==TK_SPAN ) pExpr = pExpr->pLeft;
001442  #if defined(SQLITE_ENABLE_STAT3_OR_STAT4)
001443    if( op==TK_REGISTER ) op = pExpr->op2;
001444  #else
001445    if( NEVER(op==TK_REGISTER) ) op = pExpr->op2;
001446  #endif
001447  
001448    /* Compressed expressions only appear when parsing the DEFAULT clause
001449    ** on a table column definition, and hence only when pCtx==0.  This
001450    ** check ensures that an EP_TokenOnly expression is never passed down
001451    ** into valueFromFunction(). */
001452    assert( (pExpr->flags & EP_TokenOnly)==0 || pCtx==0 );
001453  
001454    if( op==TK_CAST ){
001455      u8 aff = sqlite3AffinityType(pExpr->u.zToken,0);
001456      rc = valueFromExpr(db, pExpr->pLeft, enc, aff, ppVal, pCtx);
001457      testcase( rc!=SQLITE_OK );
001458      if( *ppVal ){
001459        sqlite3VdbeMemCast(*ppVal, aff, SQLITE_UTF8);
001460        sqlite3ValueApplyAffinity(*ppVal, affinity, SQLITE_UTF8);
001461      }
001462      return rc;
001463    }
001464  
001465    /* Handle negative integers in a single step.  This is needed in the
001466    ** case when the value is -9223372036854775808.
001467    */
001468    if( op==TK_UMINUS
001469     && (pExpr->pLeft->op==TK_INTEGER || pExpr->pLeft->op==TK_FLOAT) ){
001470      pExpr = pExpr->pLeft;
001471      op = pExpr->op;
001472      negInt = -1;
001473      zNeg = "-";
001474    }
001475  
001476    if( op==TK_STRING || op==TK_FLOAT || op==TK_INTEGER ){
001477      pVal = valueNew(db, pCtx);
001478      if( pVal==0 ) goto no_mem;
001479      if( ExprHasProperty(pExpr, EP_IntValue) ){
001480        sqlite3VdbeMemSetInt64(pVal, (i64)pExpr->u.iValue*negInt);
001481      }else{
001482        zVal = sqlite3MPrintf(db, "%s%s", zNeg, pExpr->u.zToken);
001483        if( zVal==0 ) goto no_mem;
001484        sqlite3ValueSetStr(pVal, -1, zVal, SQLITE_UTF8, SQLITE_DYNAMIC);
001485      }
001486      if( (op==TK_INTEGER || op==TK_FLOAT ) && affinity==SQLITE_AFF_BLOB ){
001487        sqlite3ValueApplyAffinity(pVal, SQLITE_AFF_NUMERIC, SQLITE_UTF8);
001488      }else{
001489        sqlite3ValueApplyAffinity(pVal, affinity, SQLITE_UTF8);
001490      }
001491      if( pVal->flags & (MEM_Int|MEM_Real) ) pVal->flags &= ~MEM_Str;
001492      if( enc!=SQLITE_UTF8 ){
001493        rc = sqlite3VdbeChangeEncoding(pVal, enc);
001494      }
001495    }else if( op==TK_UMINUS ) {
001496      /* This branch happens for multiple negative signs.  Ex: -(-5) */
001497      if( SQLITE_OK==valueFromExpr(db,pExpr->pLeft,enc,affinity,&pVal,pCtx) 
001498       && pVal!=0
001499      ){
001500        sqlite3VdbeMemNumerify(pVal);
001501        if( pVal->flags & MEM_Real ){
001502          pVal->u.r = -pVal->u.r;
001503        }else if( pVal->u.i==SMALLEST_INT64 ){
001504          pVal->u.r = -(double)SMALLEST_INT64;
001505          MemSetTypeFlag(pVal, MEM_Real);
001506        }else{
001507          pVal->u.i = -pVal->u.i;
001508        }
001509        sqlite3ValueApplyAffinity(pVal, affinity, enc);
001510      }
001511    }else if( op==TK_NULL ){
001512      pVal = valueNew(db, pCtx);
001513      if( pVal==0 ) goto no_mem;
001514      sqlite3VdbeMemNumerify(pVal);
001515    }
001516  #ifndef SQLITE_OMIT_BLOB_LITERAL
001517    else if( op==TK_BLOB ){
001518      int nVal;
001519      assert( pExpr->u.zToken[0]=='x' || pExpr->u.zToken[0]=='X' );
001520      assert( pExpr->u.zToken[1]=='\'' );
001521      pVal = valueNew(db, pCtx);
001522      if( !pVal ) goto no_mem;
001523      zVal = &pExpr->u.zToken[2];
001524      nVal = sqlite3Strlen30(zVal)-1;
001525      assert( zVal[nVal]=='\'' );
001526      sqlite3VdbeMemSetStr(pVal, sqlite3HexToBlob(db, zVal, nVal), nVal/2,
001527                           0, SQLITE_DYNAMIC);
001528    }
001529  #endif
001530  #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
001531    else if( op==TK_FUNCTION && pCtx!=0 ){
001532      rc = valueFromFunction(db, pExpr, enc, affinity, &pVal, pCtx);
001533    }
001534  #endif
001535    else if( op==TK_TRUEFALSE ){
001536      pVal = valueNew(db, pCtx);
001537      if( pVal ){
001538        pVal->flags = MEM_Int;
001539        pVal->u.i = pExpr->u.zToken[4]==0;
001540      }
001541    }
001542  
001543    *ppVal = pVal;
001544    return rc;
001545  
001546  no_mem:
001547  #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
001548    if( pCtx==0 || pCtx->pParse->nErr==0 )
001549  #endif
001550      sqlite3OomFault(db);
001551    sqlite3DbFree(db, zVal);
001552    assert( *ppVal==0 );
001553  #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
001554    if( pCtx==0 ) sqlite3ValueFree(pVal);
001555  #else
001556    assert( pCtx==0 ); sqlite3ValueFree(pVal);
001557  #endif
001558    return SQLITE_NOMEM_BKPT;
001559  }
001560  
001561  /*
001562  ** Create a new sqlite3_value object, containing the value of pExpr.
001563  **
001564  ** This only works for very simple expressions that consist of one constant
001565  ** token (i.e. "5", "5.1", "'a string'"). If the expression can
001566  ** be converted directly into a value, then the value is allocated and
001567  ** a pointer written to *ppVal. The caller is responsible for deallocating
001568  ** the value by passing it to sqlite3ValueFree() later on. If the expression
001569  ** cannot be converted to a value, then *ppVal is set to NULL.
001570  */
001571  int sqlite3ValueFromExpr(
001572    sqlite3 *db,              /* The database connection */
001573    Expr *pExpr,              /* The expression to evaluate */
001574    u8 enc,                   /* Encoding to use */
001575    u8 affinity,              /* Affinity to use */
001576    sqlite3_value **ppVal     /* Write the new value here */
001577  ){
001578    return pExpr ? valueFromExpr(db, pExpr, enc, affinity, ppVal, 0) : 0;
001579  }
001580  
001581  #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
001582  /*
001583  ** The implementation of the sqlite_record() function. This function accepts
001584  ** a single argument of any type. The return value is a formatted database 
001585  ** record (a blob) containing the argument value.
001586  **
001587  ** This is used to convert the value stored in the 'sample' column of the
001588  ** sqlite_stat3 table to the record format SQLite uses internally.
001589  */
001590  static void recordFunc(
001591    sqlite3_context *context,
001592    int argc,
001593    sqlite3_value **argv
001594  ){
001595    const int file_format = 1;
001596    u32 iSerial;                    /* Serial type */
001597    int nSerial;                    /* Bytes of space for iSerial as varint */
001598    u32 nVal;                       /* Bytes of space required for argv[0] */
001599    int nRet;
001600    sqlite3 *db;
001601    u8 *aRet;
001602  
001603    UNUSED_PARAMETER( argc );
001604    iSerial = sqlite3VdbeSerialType(argv[0], file_format, &nVal);
001605    nSerial = sqlite3VarintLen(iSerial);
001606    db = sqlite3_context_db_handle(context);
001607  
001608    nRet = 1 + nSerial + nVal;
001609    aRet = sqlite3DbMallocRawNN(db, nRet);
001610    if( aRet==0 ){
001611      sqlite3_result_error_nomem(context);
001612    }else{
001613      aRet[0] = nSerial+1;
001614      putVarint32(&aRet[1], iSerial);
001615      sqlite3VdbeSerialPut(&aRet[1+nSerial], argv[0], iSerial);
001616      sqlite3_result_blob(context, aRet, nRet, SQLITE_TRANSIENT);
001617      sqlite3DbFreeNN(db, aRet);
001618    }
001619  }
001620  
001621  /*
001622  ** Register built-in functions used to help read ANALYZE data.
001623  */
001624  void sqlite3AnalyzeFunctions(void){
001625    static FuncDef aAnalyzeTableFuncs[] = {
001626      FUNCTION(sqlite_record,   1, 0, 0, recordFunc),
001627    };
001628    sqlite3InsertBuiltinFuncs(aAnalyzeTableFuncs, ArraySize(aAnalyzeTableFuncs));
001629  }
001630  
001631  /*
001632  ** Attempt to extract a value from pExpr and use it to construct *ppVal.
001633  **
001634  ** If pAlloc is not NULL, then an UnpackedRecord object is created for
001635  ** pAlloc if one does not exist and the new value is added to the
001636  ** UnpackedRecord object.
001637  **
001638  ** A value is extracted in the following cases:
001639  **
001640  **  * (pExpr==0). In this case the value is assumed to be an SQL NULL,
001641  **
001642  **  * The expression is a bound variable, and this is a reprepare, or
001643  **
001644  **  * The expression is a literal value.
001645  **
001646  ** On success, *ppVal is made to point to the extracted value.  The caller
001647  ** is responsible for ensuring that the value is eventually freed.
001648  */
001649  static int stat4ValueFromExpr(
001650    Parse *pParse,                  /* Parse context */
001651    Expr *pExpr,                    /* The expression to extract a value from */
001652    u8 affinity,                    /* Affinity to use */
001653    struct ValueNewStat4Ctx *pAlloc,/* How to allocate space.  Or NULL */
001654    sqlite3_value **ppVal           /* OUT: New value object (or NULL) */
001655  ){
001656    int rc = SQLITE_OK;
001657    sqlite3_value *pVal = 0;
001658    sqlite3 *db = pParse->db;
001659  
001660    /* Skip over any TK_COLLATE nodes */
001661    pExpr = sqlite3ExprSkipCollate(pExpr);
001662  
001663    assert( pExpr==0 || pExpr->op!=TK_REGISTER || pExpr->op2!=TK_VARIABLE );
001664    if( !pExpr ){
001665      pVal = valueNew(db, pAlloc);
001666      if( pVal ){
001667        sqlite3VdbeMemSetNull((Mem*)pVal);
001668      }
001669    }else if( pExpr->op==TK_VARIABLE && (db->flags & SQLITE_EnableQPSG)==0 ){
001670      Vdbe *v;
001671      int iBindVar = pExpr->iColumn;
001672      sqlite3VdbeSetVarmask(pParse->pVdbe, iBindVar);
001673      if( (v = pParse->pReprepare)!=0 ){
001674        pVal = valueNew(db, pAlloc);
001675        if( pVal ){
001676          rc = sqlite3VdbeMemCopy((Mem*)pVal, &v->aVar[iBindVar-1]);
001677          sqlite3ValueApplyAffinity(pVal, affinity, ENC(db));
001678          pVal->db = pParse->db;
001679        }
001680      }
001681    }else{
001682      rc = valueFromExpr(db, pExpr, ENC(db), affinity, &pVal, pAlloc);
001683    }
001684  
001685    assert( pVal==0 || pVal->db==db );
001686    *ppVal = pVal;
001687    return rc;
001688  }
001689  
001690  /*
001691  ** This function is used to allocate and populate UnpackedRecord 
001692  ** structures intended to be compared against sample index keys stored 
001693  ** in the sqlite_stat4 table.
001694  **
001695  ** A single call to this function populates zero or more fields of the
001696  ** record starting with field iVal (fields are numbered from left to
001697  ** right starting with 0). A single field is populated if:
001698  **
001699  **  * (pExpr==0). In this case the value is assumed to be an SQL NULL,
001700  **
001701  **  * The expression is a bound variable, and this is a reprepare, or
001702  **
001703  **  * The sqlite3ValueFromExpr() function is able to extract a value 
001704  **    from the expression (i.e. the expression is a literal value).
001705  **
001706  ** Or, if pExpr is a TK_VECTOR, one field is populated for each of the
001707  ** vector components that match either of the two latter criteria listed
001708  ** above.
001709  **
001710  ** Before any value is appended to the record, the affinity of the 
001711  ** corresponding column within index pIdx is applied to it. Before
001712  ** this function returns, output parameter *pnExtract is set to the
001713  ** number of values appended to the record.
001714  **
001715  ** When this function is called, *ppRec must either point to an object
001716  ** allocated by an earlier call to this function, or must be NULL. If it
001717  ** is NULL and a value can be successfully extracted, a new UnpackedRecord
001718  ** is allocated (and *ppRec set to point to it) before returning.
001719  **
001720  ** Unless an error is encountered, SQLITE_OK is returned. It is not an
001721  ** error if a value cannot be extracted from pExpr. If an error does
001722  ** occur, an SQLite error code is returned.
001723  */
001724  int sqlite3Stat4ProbeSetValue(
001725    Parse *pParse,                  /* Parse context */
001726    Index *pIdx,                    /* Index being probed */
001727    UnpackedRecord **ppRec,         /* IN/OUT: Probe record */
001728    Expr *pExpr,                    /* The expression to extract a value from */
001729    int nElem,                      /* Maximum number of values to append */
001730    int iVal,                       /* Array element to populate */
001731    int *pnExtract                  /* OUT: Values appended to the record */
001732  ){
001733    int rc = SQLITE_OK;
001734    int nExtract = 0;
001735  
001736    if( pExpr==0 || pExpr->op!=TK_SELECT ){
001737      int i;
001738      struct ValueNewStat4Ctx alloc;
001739  
001740      alloc.pParse = pParse;
001741      alloc.pIdx = pIdx;
001742      alloc.ppRec = ppRec;
001743  
001744      for(i=0; i<nElem; i++){
001745        sqlite3_value *pVal = 0;
001746        Expr *pElem = (pExpr ? sqlite3VectorFieldSubexpr(pExpr, i) : 0);
001747        u8 aff = sqlite3IndexColumnAffinity(pParse->db, pIdx, iVal+i);
001748        alloc.iVal = iVal+i;
001749        rc = stat4ValueFromExpr(pParse, pElem, aff, &alloc, &pVal);
001750        if( !pVal ) break;
001751        nExtract++;
001752      }
001753    }
001754  
001755    *pnExtract = nExtract;
001756    return rc;
001757  }
001758  
001759  /*
001760  ** Attempt to extract a value from expression pExpr using the methods
001761  ** as described for sqlite3Stat4ProbeSetValue() above. 
001762  **
001763  ** If successful, set *ppVal to point to a new value object and return 
001764  ** SQLITE_OK. If no value can be extracted, but no other error occurs
001765  ** (e.g. OOM), return SQLITE_OK and set *ppVal to NULL. Or, if an error
001766  ** does occur, return an SQLite error code. The final value of *ppVal
001767  ** is undefined in this case.
001768  */
001769  int sqlite3Stat4ValueFromExpr(
001770    Parse *pParse,                  /* Parse context */
001771    Expr *pExpr,                    /* The expression to extract a value from */
001772    u8 affinity,                    /* Affinity to use */
001773    sqlite3_value **ppVal           /* OUT: New value object (or NULL) */
001774  ){
001775    return stat4ValueFromExpr(pParse, pExpr, affinity, 0, ppVal);
001776  }
001777  
001778  /*
001779  ** Extract the iCol-th column from the nRec-byte record in pRec.  Write
001780  ** the column value into *ppVal.  If *ppVal is initially NULL then a new
001781  ** sqlite3_value object is allocated.
001782  **
001783  ** If *ppVal is initially NULL then the caller is responsible for 
001784  ** ensuring that the value written into *ppVal is eventually freed.
001785  */
001786  int sqlite3Stat4Column(
001787    sqlite3 *db,                    /* Database handle */
001788    const void *pRec,               /* Pointer to buffer containing record */
001789    int nRec,                       /* Size of buffer pRec in bytes */
001790    int iCol,                       /* Column to extract */
001791    sqlite3_value **ppVal           /* OUT: Extracted value */
001792  ){
001793    u32 t = 0;                      /* a column type code */
001794    int nHdr;                       /* Size of the header in the record */
001795    int iHdr;                       /* Next unread header byte */
001796    int iField;                     /* Next unread data byte */
001797    int szField = 0;                /* Size of the current data field */
001798    int i;                          /* Column index */
001799    u8 *a = (u8*)pRec;              /* Typecast byte array */
001800    Mem *pMem = *ppVal;             /* Write result into this Mem object */
001801  
001802    assert( iCol>0 );
001803    iHdr = getVarint32(a, nHdr);
001804    if( nHdr>nRec || iHdr>=nHdr ) return SQLITE_CORRUPT_BKPT;
001805    iField = nHdr;
001806    for(i=0; i<=iCol; i++){
001807      iHdr += getVarint32(&a[iHdr], t);
001808      testcase( iHdr==nHdr );
001809      testcase( iHdr==nHdr+1 );
001810      if( iHdr>nHdr ) return SQLITE_CORRUPT_BKPT;
001811      szField = sqlite3VdbeSerialTypeLen(t);
001812      iField += szField;
001813    }
001814    testcase( iField==nRec );
001815    testcase( iField==nRec+1 );
001816    if( iField>nRec ) return SQLITE_CORRUPT_BKPT;
001817    if( pMem==0 ){
001818      pMem = *ppVal = sqlite3ValueNew(db);
001819      if( pMem==0 ) return SQLITE_NOMEM_BKPT;
001820    }
001821    sqlite3VdbeSerialGet(&a[iField-szField], t, pMem);
001822    pMem->enc = ENC(db);
001823    return SQLITE_OK;
001824  }
001825  
001826  /*
001827  ** Unless it is NULL, the argument must be an UnpackedRecord object returned
001828  ** by an earlier call to sqlite3Stat4ProbeSetValue(). This call deletes
001829  ** the object.
001830  */
001831  void sqlite3Stat4ProbeFree(UnpackedRecord *pRec){
001832    if( pRec ){
001833      int i;
001834      int nCol = pRec->pKeyInfo->nAllField;
001835      Mem *aMem = pRec->aMem;
001836      sqlite3 *db = aMem[0].db;
001837      for(i=0; i<nCol; i++){
001838        sqlite3VdbeMemRelease(&aMem[i]);
001839      }
001840      sqlite3KeyInfoUnref(pRec->pKeyInfo);
001841      sqlite3DbFreeNN(db, pRec);
001842    }
001843  }
001844  #endif /* ifdef SQLITE_ENABLE_STAT4 */
001845  
001846  /*
001847  ** Change the string value of an sqlite3_value object
001848  */
001849  void sqlite3ValueSetStr(
001850    sqlite3_value *v,     /* Value to be set */
001851    int n,                /* Length of string z */
001852    const void *z,        /* Text of the new string */
001853    u8 enc,               /* Encoding to use */
001854    void (*xDel)(void*)   /* Destructor for the string */
001855  ){
001856    if( v ) sqlite3VdbeMemSetStr((Mem *)v, z, n, enc, xDel);
001857  }
001858  
001859  /*
001860  ** Free an sqlite3_value object
001861  */
001862  void sqlite3ValueFree(sqlite3_value *v){
001863    if( !v ) return;
001864    sqlite3VdbeMemRelease((Mem *)v);
001865    sqlite3DbFreeNN(((Mem*)v)->db, v);
001866  }
001867  
001868  /*
001869  ** The sqlite3ValueBytes() routine returns the number of bytes in the
001870  ** sqlite3_value object assuming that it uses the encoding "enc".
001871  ** The valueBytes() routine is a helper function.
001872  */
001873  static SQLITE_NOINLINE int valueBytes(sqlite3_value *pVal, u8 enc){
001874    return valueToText(pVal, enc)!=0 ? pVal->n : 0;
001875  }
001876  int sqlite3ValueBytes(sqlite3_value *pVal, u8 enc){
001877    Mem *p = (Mem*)pVal;
001878    assert( (p->flags & MEM_Null)==0 || (p->flags & (MEM_Str|MEM_Blob))==0 );
001879    if( (p->flags & MEM_Str)!=0 && pVal->enc==enc ){
001880      return p->n;
001881    }
001882    if( (p->flags & MEM_Blob)!=0 ){
001883      if( p->flags & MEM_Zero ){
001884        return p->n + p->u.nZero;
001885      }else{
001886        return p->n;
001887      }
001888    }
001889    if( p->flags & MEM_Null ) return 0;
001890    return valueBytes(pVal, enc);
001891  }