/ Check-in [9cb0ed6e]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix segfaults that can occur if a malloc failure happens just before a built-in function calls sqlite3_value_text(). (CVS 3874)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:9cb0ed6ee9827bc6884a0195044d5b6ad0de698e
User & Date: drh 2007-04-25 18:23:53
Context
2007-04-26
12:11
In the pager, load the content of pages which were initialized with noContent==1 if they are subsequently requested with noContent==0. (CVS 3875) check-in: d0745a43 user: drh tags: trunk
2007-04-25
18:23
Fix segfaults that can occur if a malloc failure happens just before a built-in function calls sqlite3_value_text(). (CVS 3874) check-in: 9cb0ed6e user: drh tags: trunk
15:42
Disable tests in misc7 that do not work on windows due to limitations of the windows file system. (CVS 3873) check-in: 66646d6f user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/date.c.

12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
...
651
652
653
654
655
656
657

658
659
660


661
662
663


664
665
666
667
668
669
670
** This file contains the C functions that implement date and time
** functions for SQLite.  
**
** There is only one exported symbol in this file - the function
** sqlite3RegisterDateTimeFunctions() found at the bottom of the file.
** All other code has file scope.
**
** $Id: date.c,v 1.62 2007/04/06 02:32:34 drh Exp $
**
** NOTES:
**
** SQLite processes all times and dates as Julian Day numbers.  The
** dates and times are stored as the number of days since noon
** in Greenwich on November 24, 4714 B.C. according to the Gregorian
** calendar system. 
................................................................................
** Process time function arguments.  argv[0] is a date-time stamp.
** argv[1] and following are modifiers.  Parse them all and write
** the resulting time into the DateTime structure p.  Return 0
** on success and 1 if there are any errors.
*/
static int isDate(int argc, sqlite3_value **argv, DateTime *p){
  int i;

  if( argc==0 ) return 1;
  if( SQLITE_NULL==sqlite3_value_type(argv[0]) || 
      parseDateOrTime((char*)sqlite3_value_text(argv[0]), p) ) return 1;


  for(i=1; i<argc; i++){
    if( SQLITE_NULL==sqlite3_value_type(argv[i]) || 
        parseModifier((char*)sqlite3_value_text(argv[i]), p) ) return 1;


  }
  return 0;
}


/*
** The following routines implement the various date and time functions







|







 







>

<
|
>
>

<
|
>
>







12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
...
651
652
653
654
655
656
657
658
659

660
661
662
663

664
665
666
667
668
669
670
671
672
673
** This file contains the C functions that implement date and time
** functions for SQLite.  
**
** There is only one exported symbol in this file - the function
** sqlite3RegisterDateTimeFunctions() found at the bottom of the file.
** All other code has file scope.
**
** $Id: date.c,v 1.63 2007/04/25 18:23:53 drh Exp $
**
** NOTES:
**
** SQLite processes all times and dates as Julian Day numbers.  The
** dates and times are stored as the number of days since noon
** in Greenwich on November 24, 4714 B.C. according to the Gregorian
** calendar system. 
................................................................................
** Process time function arguments.  argv[0] is a date-time stamp.
** argv[1] and following are modifiers.  Parse them all and write
** the resulting time into the DateTime structure p.  Return 0
** on success and 1 if there are any errors.
*/
static int isDate(int argc, sqlite3_value **argv, DateTime *p){
  int i;
  const unsigned char *z;
  if( argc==0 ) return 1;

  if( (z = sqlite3_value_text(argv[0]))==0 || parseDateOrTime((char*)z, p) ){
    return 1;
  }
  for(i=1; i<argc; i++){

    if( (z = sqlite3_value_text(argv[i]))==0 || parseModifier((char*)z, p) ){
      return 1;
    }
  }
  return 0;
}


/*
** The following routines implement the various date and time functions

Changes to src/func.c.

12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
..
98
99
100
101
102
103
104

105
106
107
108
109
110
111
...
208
209
210
211
212
213
214
215

216
217


218
219
220

221
222
223
224
225
226


227
228

229
230


231
232
233

234
235
236
237
238


239
240
241
242
243
244
245
...
519
520
521
522
523
524
525

526
527
528
529
530
531
532
...
621
622
623
624
625
626
627

628
629
630
631
632
633
634
...
688
689
690
691
692
693
694
695
696
697
698
699
700

701
702

703
704

705
706
707
708
709
710
711
...
742
743
744
745
746
747
748

749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
...
830
831
832
833
834
835
836
837
838
839
840
841
842


843
844
845
846
847
848
849
850
851
** This file contains the C functions that implement various SQL
** functions of SQLite.  
**
** There is only one exported symbol in this file - the function
** sqliteRegisterBuildinFunctions() found at the bottom of the file.
** All other code has file scope.
**
** $Id: func.c,v 1.139 2007/04/10 13:51:18 drh Exp $
*/
#include "sqliteInt.h"
#include <ctype.h>
/* #include <math.h> */
#include <stdlib.h>
#include <assert.h>
#include "vdbeInt.h"
................................................................................
    case SQLITE_INTEGER:
    case SQLITE_FLOAT: {
      sqlite3_result_int(context, sqlite3_value_bytes(argv[0]));
      break;
    }
    case SQLITE_TEXT: {
      const unsigned char *z = sqlite3_value_text(argv[0]);

      for(len=0; *z; z++){ if( (0xc0&*z)!=0x80 ) len++; }
      sqlite3_result_int(context, len);
      break;
    }
    default: {
      sqlite3_result_null(context);
      break;
................................................................................
  sqlite3_result_double(context, r);
}

/*
** Implementation of the upper() and lower() SQL functions.
*/
static void upperFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
  unsigned char *z;

  int i;
  if( argc<1 || SQLITE_NULL==sqlite3_value_type(argv[0]) ) return;


  z = sqliteMalloc(sqlite3_value_bytes(argv[0])+1);
  if( z==0 ) return;
  strcpy((char*)z, (char*)sqlite3_value_text(argv[0]));

  for(i=0; z[i]; i++){
    z[i] = toupper(z[i]);
  }
  sqlite3_result_text(context, (char*)z, -1, SQLITE_TRANSIENT);
  sqliteFree(z);
}


static void lowerFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
  unsigned char *z;

  int i;
  if( argc<1 || SQLITE_NULL==sqlite3_value_type(argv[0]) ) return;


  z = sqliteMalloc(sqlite3_value_bytes(argv[0])+1);
  if( z==0 ) return;
  strcpy((char*)z, (char*)sqlite3_value_text(argv[0]));

  for(i=0; z[i]; i++){
    z[i] = tolower(z[i]);
  }
  sqlite3_result_text(context, (char*)z, -1, SQLITE_TRANSIENT);
  sqliteFree(z);


}

/*
** Implementation of the IFNULL(), NVL(), and COALESCE() functions.  
** All three do the same thing.  They return the first non-NULL
** argument.
*/
................................................................................
  const unsigned char *zB = sqlite3_value_text(argv[1]);
  int escape = 0;
  if( argc==3 ){
    /* The escape character string must consist of a single UTF-8 character.
    ** Otherwise, return an error.
    */
    const unsigned char *zEsc = sqlite3_value_text(argv[2]);

    if( sqlite3utf8CharLen((char*)zEsc, -1)!=1 ){
      sqlite3_result_error(context, 
          "ESCAPE expression must be a single character", -1);
      return;
    }
    escape = sqlite3ReadUtf8(zEsc);
  }
................................................................................
      break;
    }
    case SQLITE_TEXT: {
      int i,j,n;
      const unsigned char *zArg = sqlite3_value_text(argv[0]);
      char *z;


      for(i=n=0; zArg[i]; i++){ if( zArg[i]=='\'' ) n++; }
      z = sqliteMalloc( i+n+3 );
      if( z==0 ) return;
      z[0] = '\'';
      for(i=0, j=1; zArg[i]; i++){
        z[j++] = zArg[i];
        if( zArg[i]=='\'' ){
................................................................................
  int nPattern;            /* Size of zPattern */
  int nRep;                /* Size of zRep */
  int nOut;                /* Maximum size of zOut */
  int loopLimit;           /* Last zStr[] that might match zPattern[] */
  int i, j;                /* Loop counters */

  assert( argc==3 );
  if( sqlite3_value_type(argv[0])==SQLITE_NULL ||
      sqlite3_value_type(argv[1])==SQLITE_NULL ||
      sqlite3_value_type(argv[2])==SQLITE_NULL ){
    return;
  }
  zStr = sqlite3_value_text(argv[0]);

  nStr = sqlite3_value_bytes(argv[0]);
  zPattern = sqlite3_value_text(argv[1]);

  nPattern = sqlite3_value_bytes(argv[1]);
  zRep = sqlite3_value_text(argv[2]);

  nRep = sqlite3_value_bytes(argv[2]);
  if( nPattern>=nRep ){
    nOut = nStr;
  }else{
    nOut = (nStr/nPattern + 1)*nRep;
  }
  zOut = sqlite3_malloc(nOut+1);
................................................................................
  int flags;
  int i;
  unsigned char cFirst, cNext;
  if( sqlite3_value_type(argv[0])==SQLITE_NULL ){
    return;
  }
  zIn = sqlite3_value_text(argv[0]);

  nIn = sqlite3_value_bytes(argv[0]);
  if( argc==1 ){
    static const unsigned char zSpace[] = " ";
    zCharSet = zSpace;
  }else if( sqlite3_value_type(argv[1])==SQLITE_NULL ){
    return;
  }else{
    zCharSet = sqlite3_value_text(argv[1]);
  }
  cFirst = zCharSet[0];
  if( cFirst ){
    flags = (int)sqlite3_user_data(context);
    if( flags & 1 ){
      for(; nIn>0; nIn--, zIn++){
        if( cFirst==zIn[0] ) continue;
................................................................................

#ifndef SQLITE_OMIT_LOAD_EXTENSION
/*
** A function that loads a shared-library extension then returns NULL.
*/
static void loadExt(sqlite3_context *context, int argc, sqlite3_value **argv){
  const char *zFile = (const char *)sqlite3_value_text(argv[0]);
  const char *zProc = 0;
  sqlite3 *db = sqlite3_user_data(context);
  char *zErrMsg = 0;

  if( argc==2 ){
    zProc = (const char *)sqlite3_value_text(argv[1]);


  }
  if( sqlite3_load_extension(db, zFile, zProc, &zErrMsg) ){
    sqlite3_result_error(context, zErrMsg, -1);
    sqlite3_free(zErrMsg);
  }
}
#endif

#ifdef SQLITE_TEST







|







 







>







 







|
>


>
>
|
|
<
>
|
|
|
|
<
|
>
>

|
>


>
>
|
|
<
>
|
|
|
|
<
>
>







 







>







 







>







 







<
<
<
<
<

>


>


>







 







>




|

<
<







 







|





>
>

|







12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
..
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
...
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223

224
225
226
227
228

229
230
231
232
233
234
235
236
237
238
239
240

241
242
243
244
245

246
247
248
249
250
251
252
253
254
...
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
...
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
...
699
700
701
702
703
704
705





706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
...
751
752
753
754
755
756
757
758
759
760
761
762
763
764


765
766
767
768
769
770
771
...
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
** This file contains the C functions that implement various SQL
** functions of SQLite.  
**
** There is only one exported symbol in this file - the function
** sqliteRegisterBuildinFunctions() found at the bottom of the file.
** All other code has file scope.
**
** $Id: func.c,v 1.140 2007/04/25 18:23:53 drh Exp $
*/
#include "sqliteInt.h"
#include <ctype.h>
/* #include <math.h> */
#include <stdlib.h>
#include <assert.h>
#include "vdbeInt.h"
................................................................................
    case SQLITE_INTEGER:
    case SQLITE_FLOAT: {
      sqlite3_result_int(context, sqlite3_value_bytes(argv[0]));
      break;
    }
    case SQLITE_TEXT: {
      const unsigned char *z = sqlite3_value_text(argv[0]);
      if( z==0 ) return;
      for(len=0; *z; z++){ if( (0xc0&*z)!=0x80 ) len++; }
      sqlite3_result_int(context, len);
      break;
    }
    default: {
      sqlite3_result_null(context);
      break;
................................................................................
  sqlite3_result_double(context, r);
}

/*
** Implementation of the upper() and lower() SQL functions.
*/
static void upperFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
  char *z1;
  const char *z2;
  int i;
  if( argc<1 || SQLITE_NULL==sqlite3_value_type(argv[0]) ) return;
  z2 = (char*)sqlite3_value_text(argv[0]);
  if( z2 ){
    z1 = sqlite3_malloc(sqlite3_value_bytes(argv[0])+1);
    if( z1 ){

      strcpy(z1, z2);
      for(i=0; z1[i]; i++){
        z1[i] = toupper(z1[i]);
      }
      sqlite3_result_text(context, z1, -1, sqlite3_free);

    }
  }
}
static void lowerFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
  char *z1;
  const char *z2;
  int i;
  if( argc<1 || SQLITE_NULL==sqlite3_value_type(argv[0]) ) return;
  z2 = (char*)sqlite3_value_text(argv[0]);
  if( z2 ){
    z1 = sqlite3_malloc(sqlite3_value_bytes(argv[0])+1);
    if( z1 ){

      strcpy(z1, z2);
      for(i=0; z1[i]; i++){
        z1[i] = tolower(z1[i]);
      }
      sqlite3_result_text(context, z1, -1, sqlite3_free);

    }
  }
}

/*
** Implementation of the IFNULL(), NVL(), and COALESCE() functions.  
** All three do the same thing.  They return the first non-NULL
** argument.
*/
................................................................................
  const unsigned char *zB = sqlite3_value_text(argv[1]);
  int escape = 0;
  if( argc==3 ){
    /* The escape character string must consist of a single UTF-8 character.
    ** Otherwise, return an error.
    */
    const unsigned char *zEsc = sqlite3_value_text(argv[2]);
    if( zEsc==0 ) return;
    if( sqlite3utf8CharLen((char*)zEsc, -1)!=1 ){
      sqlite3_result_error(context, 
          "ESCAPE expression must be a single character", -1);
      return;
    }
    escape = sqlite3ReadUtf8(zEsc);
  }
................................................................................
      break;
    }
    case SQLITE_TEXT: {
      int i,j,n;
      const unsigned char *zArg = sqlite3_value_text(argv[0]);
      char *z;

      if( zArg==0 ) return;
      for(i=n=0; zArg[i]; i++){ if( zArg[i]=='\'' ) n++; }
      z = sqliteMalloc( i+n+3 );
      if( z==0 ) return;
      z[0] = '\'';
      for(i=0, j=1; zArg[i]; i++){
        z[j++] = zArg[i];
        if( zArg[i]=='\'' ){
................................................................................
  int nPattern;            /* Size of zPattern */
  int nRep;                /* Size of zRep */
  int nOut;                /* Maximum size of zOut */
  int loopLimit;           /* Last zStr[] that might match zPattern[] */
  int i, j;                /* Loop counters */

  assert( argc==3 );





  zStr = sqlite3_value_text(argv[0]);
  if( zStr==0 ) return;
  nStr = sqlite3_value_bytes(argv[0]);
  zPattern = sqlite3_value_text(argv[1]);
  if( zPattern==0 ) return;
  nPattern = sqlite3_value_bytes(argv[1]);
  zRep = sqlite3_value_text(argv[2]);
  if( zRep==0 ) return;
  nRep = sqlite3_value_bytes(argv[2]);
  if( nPattern>=nRep ){
    nOut = nStr;
  }else{
    nOut = (nStr/nPattern + 1)*nRep;
  }
  zOut = sqlite3_malloc(nOut+1);
................................................................................
  int flags;
  int i;
  unsigned char cFirst, cNext;
  if( sqlite3_value_type(argv[0])==SQLITE_NULL ){
    return;
  }
  zIn = sqlite3_value_text(argv[0]);
  if( zIn==0 ) return;
  nIn = sqlite3_value_bytes(argv[0]);
  if( argc==1 ){
    static const unsigned char zSpace[] = " ";
    zCharSet = zSpace;
  }else if( (zCharSet = sqlite3_value_text(argv[1]))==0 ){
    return;


  }
  cFirst = zCharSet[0];
  if( cFirst ){
    flags = (int)sqlite3_user_data(context);
    if( flags & 1 ){
      for(; nIn>0; nIn--, zIn++){
        if( cFirst==zIn[0] ) continue;
................................................................................

#ifndef SQLITE_OMIT_LOAD_EXTENSION
/*
** A function that loads a shared-library extension then returns NULL.
*/
static void loadExt(sqlite3_context *context, int argc, sqlite3_value **argv){
  const char *zFile = (const char *)sqlite3_value_text(argv[0]);
  const char *zProc;
  sqlite3 *db = sqlite3_user_data(context);
  char *zErrMsg = 0;

  if( argc==2 ){
    zProc = (const char *)sqlite3_value_text(argv[1]);
  }else{
    zProc = 0;
  }
  if( zFile && sqlite3_load_extension(db, zFile, zProc, &zErrMsg) ){
    sqlite3_result_error(context, zErrMsg, -1);
    sqlite3_free(zErrMsg);
  }
}
#endif

#ifdef SQLITE_TEST

Changes to src/vdbeapi.c.

439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
** If iCol is not valid, return a pointer to a Mem which has a value
** of NULL.
*/
static Mem *columnMem(sqlite3_stmt *pStmt, int i){
  Vdbe *pVm = (Vdbe *)pStmt;
  int vals = sqlite3_data_count(pStmt);
  if( i>=vals || i<0 ){
    static const Mem nullMem = {{0}, 0.0, "", 0, MEM_Null, MEM_Null };
    sqlite3Error(pVm->db, SQLITE_RANGE, 0);
    return (Mem*)&nullMem;
  }
  return &pVm->pTos[(1-vals)+i];
}

/*







|







439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
** If iCol is not valid, return a pointer to a Mem which has a value
** of NULL.
*/
static Mem *columnMem(sqlite3_stmt *pStmt, int i){
  Vdbe *pVm = (Vdbe *)pStmt;
  int vals = sqlite3_data_count(pStmt);
  if( i>=vals || i<0 ){
    static const Mem nullMem = {{0}, 0.0, "", 0, MEM_Null, SQLITE_NULL };
    sqlite3Error(pVm->db, SQLITE_RANGE, 0);
    return (Mem*)&nullMem;
  }
  return &pVm->pTos[(1-vals)+i];
}

/*

Added test/malloc8.test.





























































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
# 2006 July 26
#
# The author disclaims copyright to this source code.  In place of
# a legal notice, here is a blessing:
#
#    May you do good and not evil.
#    May you find forgiveness for yourself and forgive others.
#    May you share freely, never taking more than you give.
#
#***********************************************************************
# This file contains additional out-of-memory checks (see malloc.tcl)
# added to expose a bug in out-of-memory handling for sqlite3_value_text()
#
# $Id: malloc8.test,v 1.1 2007/04/25 18:23:53 drh Exp $

set testdir [file dirname $argv0]
source $testdir/tester.tcl

# Only run these tests if memory debugging is turned on.
#
if {[info command sqlite_malloc_stat]==""} {
   puts "Skipping malloc tests: not compiled with -DSQLITE_MEMDEBUG..."
   finish_test
   return
}

# Usage: do_malloc_test <test number> <options...>
#
# The first argument, <test number>, is an integer used to name the
# tests executed by this proc. Options are as follows:
#
#     -tclprep          TCL script to run to prepare test.
#     -sqlprep          SQL script to run to prepare test.
#     -tclbody          TCL script to run with malloc failure simulation.
#     -sqlbody          TCL script to run with malloc failure simulation.
#     -cleanup          TCL script to run after the test.
#
# This command runs a series of tests to verify SQLite's ability
# to handle an out-of-memory condition gracefully. It is assumed
# that if this condition occurs a malloc() call will return a
# NULL pointer. Linux, for example, doesn't do that by default. See
# the "BUGS" section of malloc(3).
#
# Each iteration of a loop, the TCL commands in any argument passed
# to the -tclbody switch, followed by the SQL commands in any argument
# passed to the -sqlbody switch are executed. Each iteration the
# Nth call to sqliteMalloc() is made to fail, where N is increased
# each time the loop runs starting from 1. When all commands execute
# successfully, the loop ends.
#
proc do_malloc_test {tn args} {
  array unset ::mallocopts 
  array set ::mallocopts $args

  set ::go 1
  for {set ::n 1} {$::go && $::n < 50000} {incr ::n} {
    do_test malloc8-$tn.$::n {

      sqlite_malloc_fail 0
      catch {db close}
      sqlite3 db test.db
      set ::DB [sqlite3_connection_pointer db]

      # Execute any -tclprep and -sqlprep scripts.
      #
      if {[info exists ::mallocopts(-tclprep)]} {
        eval $::mallocopts(-tclprep)
      }
      if {[info exists ::mallocopts(-sqlprep)]} {
        execsql $::mallocopts(-sqlprep)
      }

      # Now set the ${::n}th malloc() to fail and execute the -tclbody and
      # -sqlbody scripts.
      #
      sqlite_malloc_fail $::n
      set ::mallocbody {}
      if {[info exists ::mallocopts(-tclbody)]} {
        append ::mallocbody "$::mallocopts(-tclbody)\n"
      }
      if {[info exists ::mallocopts(-sqlbody)]} {
        append ::mallocbody "db eval {$::mallocopts(-sqlbody)}"
      }
      set v [catch $::mallocbody msg]

      # If the test fails (if $v!=0) and the database connection actually
      # exists, make sure the failure code is SQLITE_NOMEM.
      if {$v && [info command db]=="db" && [info exists ::mallocopts(-sqlbody)]
              && [db errorcode]!=7} {
        set v 999
      }

      set leftover [lindex [sqlite_malloc_stat] 2]
      if {$leftover>0} {
        if {$leftover>1} {puts "\nLeftover: $leftover\nReturn=$v  Message=$msg"}
        set ::go 0
        if {$v} {
          puts "\nError message returned: $msg"
        } else {
          set v {1 1}
        }
      } else {
        set v2 [expr {$msg=="" || $msg=="out of memory"}]
        if {!$v2} {puts "\nError message returned: $msg"}
        lappend v $v2
      }
    } {1 1}

    if {[info exists ::mallocopts(-cleanup)]} {
      catch [list uplevel #0 $::mallocopts(-cleanup)] msg
    }
  }
  unset ::mallocopts
}

# The setup is a database with UTF-16 encoding that contains a single
# large string.  We will be running lots of queries against this 
# database.  Because we will be extracting the string as UTF-8, there
# is a type conversion that occurs and thus an opportunity for malloc()
# to fail and for sqlite3_value_text() to return 0 even though
# sqlite3_value_type() returns SQLITE_TEXT.
#
db close
file delete -force test.db test.db-journal
sqlite3 db test.db
db eval {
  PRAGMA encoding='UTF-16';
  CREATE TABLE t1(a);
  INSERT INTO t1 
  VALUES('0123456789aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ');
}


do_malloc_test 1 -sqlbody {
  SELECT lower(a), upper(a), quote(a), trim(a), trim('x',a) FROM t1;
}
do_malloc_test 2 -sqlbody {
  SELECT replace(a,'x','y'), replace('x',a,'y'), replace('x','y',a)
    FROM t1;
}
do_malloc_test 3 -sqlbody {
  SELECT length(a), substr(a, 4, 4) FROM t1;
}
do_malloc_test 4 -sqlbody {
  SELECT julianday(a,a) FROM t1;
}
do_malloc_test 5 -sqlbody {
  SELECT 1 FROM t1 WHERE a LIKE 'hello' ESCAPE NULL;
}

# Ensure that no file descriptors were leaked.
do_test malloc-99.X {
  catch {db close}
  set sqlite_open_file_count
} {0}

sqlite_malloc_fail 0
finish_test