1 /* 2 ** 2001 September 15 3 ** 4 ** The author disclaims copyright to this source code. In place of 5 ** a legal notice, here is a blessing: 6 ** 7 ** May you do good and not evil. 8 ** May you find forgiveness for yourself and forgive others. 9 ** May you share freely, never taking more than you give. 10 ** 11 ************************************************************************* 12 ** This is the implementation of the page cache subsystem or "pager". 13 ** 14 ** The pager is used to access a database disk file. It implements 15 ** atomic commit and rollback through the use of a journal file that 16 ** is separate from the database file. The pager also implements file 17 ** locking to prevent two processes from writing the same database 18 ** file simultaneously, or one process from reading the database while 19 ** another is writing. 20 */ 21 #ifndef SQLITE_OMIT_DISKIO 22 #include "sqliteInt.h" 23 #include "wal.h" 24 25 26 /******************* NOTES ON THE DESIGN OF THE PAGER ************************ 27 ** 28 ** This comment block describes invariants that hold when using a rollback 29 ** journal. These invariants do not apply for journal_mode=WAL, 30 ** journal_mode=MEMORY, or journal_mode=OFF. 31 ** 32 ** Within this comment block, a page is deemed to have been synced 33 ** automatically as soon as it is written when PRAGMA synchronous=OFF. 34 ** Otherwise, the page is not synced until the xSync method of the VFS 35 ** is called successfully on the file containing the page. 36 ** 37 ** Definition: A page of the database file is said to be "overwriteable" if 38 ** one or more of the following are true about the page: 39 ** 40 ** (a) The original content of the page as it was at the beginning of 41 ** the transaction has been written into the rollback journal and 42 ** synced. 43 ** 44 ** (b) The page was a freelist leaf page at the start of the transaction. 45 ** 46 ** (c) The page number is greater than the largest page that existed in 47 ** the database file at the start of the transaction. 48 ** 49 ** (1) A page of the database file is never overwritten unless one of the 50 ** following are true: 51 ** 52 ** (a) The page and all other pages on the same sector are overwriteable. 53 ** 54 ** (b) The atomic page write optimization is enabled, and the entire 55 ** transaction other than the update of the transaction sequence 56 ** number consists of a single page change. 57 ** 58 ** (2) The content of a page written into the rollback journal exactly matches 59 ** both the content in the database when the rollback journal was written 60 ** and the content in the database at the beginning of the current 61 ** transaction. 62 ** 63 ** (3) Writes to the database file are an integer multiple of the page size 64 ** in length and are aligned on a page boundary. 65 ** 66 ** (4) Reads from the database file are either aligned on a page boundary and 67 ** an integer multiple of the page size in length or are taken from the 68 ** first 100 bytes of the database file. 69 ** 70 ** (5) All writes to the database file are synced prior to the rollback journal 71 ** being deleted, truncated, or zeroed. 72 ** 73 ** (6) If a super-journal file is used, then all writes to the database file 74 ** are synced prior to the super-journal being deleted. 75 ** 76 ** Definition: Two databases (or the same database at two points it time) 77 ** are said to be "logically equivalent" if they give the same answer to 78 ** all queries. Note in particular the content of freelist leaf 79 ** pages can be changed arbitrarily without affecting the logical equivalence 80 ** of the database. 81 ** 82 ** (7) At any time, if any subset, including the empty set and the total set, 83 ** of the unsynced changes to a rollback journal are removed and the 84 ** journal is rolled back, the resulting database file will be logically 85 ** equivalent to the database file at the beginning of the transaction. 86 ** 87 ** (8) When a transaction is rolled back, the xTruncate method of the VFS 88 ** is called to restore the database file to the same size it was at 89 ** the beginning of the transaction. (In some VFSes, the xTruncate 90 ** method is a no-op, but that does not change the fact the SQLite will 91 ** invoke it.) 92 ** 93 ** (9) Whenever the database file is modified, at least one bit in the range 94 ** of bytes from 24 through 39 inclusive will be changed prior to releasing 95 ** the EXCLUSIVE lock, thus signaling other connections on the same 96 ** database to flush their caches. 97 ** 98 ** (10) The pattern of bits in bytes 24 through 39 shall not repeat in less 99 ** than one billion transactions. 100 ** 101 ** (11) A database file is well-formed at the beginning and at the conclusion 102 ** of every transaction. 103 ** 104 ** (12) An EXCLUSIVE lock is held on the database file when writing to 105 ** the database file. 106 ** 107 ** (13) A SHARED lock is held on the database file while reading any 108 ** content out of the database file. 109 ** 110 ******************************************************************************/ 111 112 /* 113 ** Macros for troubleshooting. Normally turned off 114 */ 115 #if 0 116 int sqlite3PagerTrace=1; /* True to enable tracing */ 117 #define sqlite3DebugPrintf printf 118 #define PAGERTRACE(X) if( sqlite3PagerTrace ){ sqlite3DebugPrintf X; } 119 #else 120 #define PAGERTRACE(X) 121 #endif 122 123 /* 124 ** The following two macros are used within the PAGERTRACE() macros above 125 ** to print out file-descriptors. 126 ** 127 ** PAGERID() takes a pointer to a Pager struct as its argument. The 128 ** associated file-descriptor is returned. FILEHANDLEID() takes an sqlite3_file 129 ** struct as its argument. 130 */ 131 #define PAGERID(p) (SQLITE_PTR_TO_INT(p->fd)) 132 #define FILEHANDLEID(fd) (SQLITE_PTR_TO_INT(fd)) 133 134 /* 135 ** The Pager.eState variable stores the current 'state' of a pager. A 136 ** pager may be in any one of the seven states shown in the following 137 ** state diagram. 138 ** 139 ** OPEN <------+------+ 140 ** | | | 141 ** V | | 142 ** +---------> READER-------+ | 143 ** | | | 144 ** | V | 145 ** |<-------WRITER_LOCKED------> ERROR 146 ** | | ^ 147 ** | V | 148 ** |<------WRITER_CACHEMOD-------->| 149 ** | | | 150 ** | V | 151 ** |<-------WRITER_DBMOD---------->| 152 ** | | | 153 ** | V | 154 ** +<------WRITER_FINISHED-------->+ 155 ** 156 ** 157 ** List of state transitions and the C [function] that performs each: 158 ** 159 ** OPEN -> READER [sqlite3PagerSharedLock] 160 ** READER -> OPEN [pager_unlock] 161 ** 162 ** READER -> WRITER_LOCKED [sqlite3PagerBegin] 163 ** WRITER_LOCKED -> WRITER_CACHEMOD [pager_open_journal] 164 ** WRITER_CACHEMOD -> WRITER_DBMOD [syncJournal] 165 ** WRITER_DBMOD -> WRITER_FINISHED [sqlite3PagerCommitPhaseOne] 166 ** WRITER_*** -> READER [pager_end_transaction] 167 ** 168 ** WRITER_*** -> ERROR [pager_error] 169 ** ERROR -> OPEN [pager_unlock] 170 ** 171 ** 172 ** OPEN: 173 ** 174 ** The pager starts up in this state. Nothing is guaranteed in this 175 ** state - the file may or may not be locked and the database size is 176 ** unknown. The database may not be read or written. 177 ** 178 ** * No read or write transaction is active. 179 ** * Any lock, or no lock at all, may be held on the database file. 180 ** * The dbSize, dbOrigSize and dbFileSize variables may not be trusted. 181 ** 182 ** READER: 183 ** 184 ** In this state all the requirements for reading the database in 185 ** rollback (non-WAL) mode are met. Unless the pager is (or recently 186 ** was) in exclusive-locking mode, a user-level read transaction is 187 ** open. The database size is known in this state. 188 ** 189 ** A connection running with locking_mode=normal enters this state when 190 ** it opens a read-transaction on the database and returns to state 191 ** OPEN after the read-transaction is completed. However a connection 192 ** running in locking_mode=exclusive (including temp databases) remains in 193 ** this state even after the read-transaction is closed. The only way 194 ** a locking_mode=exclusive connection can transition from READER to OPEN 195 ** is via the ERROR state (see below). 196 ** 197 ** * A read transaction may be active (but a write-transaction cannot). 198 ** * A SHARED or greater lock is held on the database file. 199 ** * The dbSize variable may be trusted (even if a user-level read 200 ** transaction is not active). The dbOrigSize and dbFileSize variables 201 ** may not be trusted at this point. 202 ** * If the database is a WAL database, then the WAL connection is open. 203 ** * Even if a read-transaction is not open, it is guaranteed that 204 ** there is no hot-journal in the file-system. 205 ** 206 ** WRITER_LOCKED: 207 ** 208 ** The pager moves to this state from READER when a write-transaction 209 ** is first opened on the database. In WRITER_LOCKED state, all locks 210 ** required to start a write-transaction are held, but no actual 211 ** modifications to the cache or database have taken place. 212 ** 213 ** In rollback mode, a RESERVED or (if the transaction was opened with 214 ** BEGIN EXCLUSIVE) EXCLUSIVE lock is obtained on the database file when 215 ** moving to this state, but the journal file is not written to or opened 216 ** to in this state. If the transaction is committed or rolled back while 217 ** in WRITER_LOCKED state, all that is required is to unlock the database 218 ** file. 219 ** 220 ** IN WAL mode, WalBeginWriteTransaction() is called to lock the log file. 221 ** If the connection is running with locking_mode=exclusive, an attempt 222 ** is made to obtain an EXCLUSIVE lock on the database file. 223 ** 224 ** * A write transaction is active. 225 ** * If the connection is open in rollback-mode, a RESERVED or greater 226 ** lock is held on the database file. 227 ** * If the connection is open in WAL-mode, a WAL write transaction 228 ** is open (i.e. sqlite3WalBeginWriteTransaction() has been successfully 229 ** called). 230 ** * The dbSize, dbOrigSize and dbFileSize variables are all valid. 231 ** * The contents of the pager cache have not been modified. 232 ** * The journal file may or may not be open. 233 ** * Nothing (not even the first header) has been written to the journal. 234 ** 235 ** WRITER_CACHEMOD: 236 ** 237 ** A pager moves from WRITER_LOCKED state to this state when a page is 238 ** first modified by the upper layer. In rollback mode the journal file 239 ** is opened (if it is not already open) and a header written to the 240 ** start of it. The database file on disk has not been modified. 241 ** 242 ** * A write transaction is active. 243 ** * A RESERVED or greater lock is held on the database file. 244 ** * The journal file is open and the first header has been written 245 ** to it, but the header has not been synced to disk. 246 ** * The contents of the page cache have been modified. 247 ** 248 ** WRITER_DBMOD: 249 ** 250 ** The pager transitions from WRITER_CACHEMOD into WRITER_DBMOD state 251 ** when it modifies the contents of the database file. WAL connections 252 ** never enter this state (since they do not modify the database file, 253 ** just the log file). 254 ** 255 ** * A write transaction is active. 256 ** * An EXCLUSIVE or greater lock is held on the database file. 257 ** * The journal file is open and the first header has been written 258 ** and synced to disk. 259 ** * The contents of the page cache have been modified (and possibly 260 ** written to disk). 261 ** 262 ** WRITER_FINISHED: 263 ** 264 ** It is not possible for a WAL connection to enter this state. 265 ** 266 ** A rollback-mode pager changes to WRITER_FINISHED state from WRITER_DBMOD 267 ** state after the entire transaction has been successfully written into the 268 ** database file. In this state the transaction may be committed simply 269 ** by finalizing the journal file. Once in WRITER_FINISHED state, it is 270 ** not possible to modify the database further. At this point, the upper 271 ** layer must either commit or rollback the transaction. 272 ** 273 ** * A write transaction is active. 274 ** * An EXCLUSIVE or greater lock is held on the database file. 275 ** * All writing and syncing of journal and database data has finished. 276 ** If no error occurred, all that remains is to finalize the journal to 277 ** commit the transaction. If an error did occur, the caller will need 278 ** to rollback the transaction. 279 ** 280 ** ERROR: 281 ** 282 ** The ERROR state is entered when an IO or disk-full error (including 283 ** SQLITE_IOERR_NOMEM) occurs at a point in the code that makes it 284 ** difficult to be sure that the in-memory pager state (cache contents, 285 ** db size etc.) are consistent with the contents of the file-system. 286 ** 287 ** Temporary pager files may enter the ERROR state, but in-memory pagers 288 ** cannot. 289 ** 290 ** For example, if an IO error occurs while performing a rollback, 291 ** the contents of the page-cache may be left in an inconsistent state. 292 ** At this point it would be dangerous to change back to READER state 293 ** (as usually happens after a rollback). Any subsequent readers might 294 ** report database corruption (due to the inconsistent cache), and if 295 ** they upgrade to writers, they may inadvertently corrupt the database 296 ** file. To avoid this hazard, the pager switches into the ERROR state 297 ** instead of READER following such an error. 298 ** 299 ** Once it has entered the ERROR state, any attempt to use the pager 300 ** to read or write data returns an error. Eventually, once all 301 ** outstanding transactions have been abandoned, the pager is able to 302 ** transition back to OPEN state, discarding the contents of the 303 ** page-cache and any other in-memory state at the same time. Everything 304 ** is reloaded from disk (and, if necessary, hot-journal rollback peformed) 305 ** when a read-transaction is next opened on the pager (transitioning 306 ** the pager into READER state). At that point the system has recovered 307 ** from the error. 308 ** 309 ** Specifically, the pager jumps into the ERROR state if: 310 ** 311 ** 1. An error occurs while attempting a rollback. This happens in 312 ** function sqlite3PagerRollback(). 313 ** 314 ** 2. An error occurs while attempting to finalize a journal file 315 ** following a commit in function sqlite3PagerCommitPhaseTwo(). 316 ** 317 ** 3. An error occurs while attempting to write to the journal or 318 ** database file in function pagerStress() in order to free up 319 ** memory. 320 ** 321 ** In other cases, the error is returned to the b-tree layer. The b-tree 322 ** layer then attempts a rollback operation. If the error condition 323 ** persists, the pager enters the ERROR state via condition (1) above. 324 ** 325 ** Condition (3) is necessary because it can be triggered by a read-only 326 ** statement executed within a transaction. In this case, if the error 327 ** code were simply returned to the user, the b-tree layer would not 328 ** automatically attempt a rollback, as it assumes that an error in a 329 ** read-only statement cannot leave the pager in an internally inconsistent 330 ** state. 331 ** 332 ** * The Pager.errCode variable is set to something other than SQLITE_OK. 333 ** * There are one or more outstanding references to pages (after the 334 ** last reference is dropped the pager should move back to OPEN state). 335 ** * The pager is not an in-memory pager. 336 ** 337 ** 338 ** Notes: 339 ** 340 ** * A pager is never in WRITER_DBMOD or WRITER_FINISHED state if the 341 ** connection is open in WAL mode. A WAL connection is always in one 342 ** of the first four states. 343 ** 344 ** * Normally, a connection open in exclusive mode is never in PAGER_OPEN 345 ** state. There are two exceptions: immediately after exclusive-mode has 346 ** been turned on (and before any read or write transactions are 347 ** executed), and when the pager is leaving the "error state". 348 ** 349 ** * See also: assert_pager_state(). 350 */ 351 #define PAGER_OPEN 0 352 #define PAGER_READER 1 353 #define PAGER_WRITER_LOCKED 2 354 #define PAGER_WRITER_CACHEMOD 3 355 #define PAGER_WRITER_DBMOD 4 356 #define PAGER_WRITER_FINISHED 5 357 #define PAGER_ERROR 6 358 359 /* 360 ** The Pager.eLock variable is almost always set to one of the 361 ** following locking-states, according to the lock currently held on 362 ** the database file: NO_LOCK, SHARED_LOCK, RESERVED_LOCK or EXCLUSIVE_LOCK. 363 ** This variable is kept up to date as locks are taken and released by 364 ** the pagerLockDb() and pagerUnlockDb() wrappers. 365 ** 366 ** If the VFS xLock() or xUnlock() returns an error other than SQLITE_BUSY 367 ** (i.e. one of the SQLITE_IOERR subtypes), it is not clear whether or not 368 ** the operation was successful. In these circumstances pagerLockDb() and 369 ** pagerUnlockDb() take a conservative approach - eLock is always updated 370 ** when unlocking the file, and only updated when locking the file if the 371 ** VFS call is successful. This way, the Pager.eLock variable may be set 372 ** to a less exclusive (lower) value than the lock that is actually held 373 ** at the system level, but it is never set to a more exclusive value. 374 ** 375 ** This is usually safe. If an xUnlock fails or appears to fail, there may 376 ** be a few redundant xLock() calls or a lock may be held for longer than 377 ** required, but nothing really goes wrong. 378 ** 379 ** The exception is when the database file is unlocked as the pager moves 380 ** from ERROR to OPEN state. At this point there may be a hot-journal file 381 ** in the file-system that needs to be rolled back (as part of an OPEN->SHARED 382 ** transition, by the same pager or any other). If the call to xUnlock() 383 ** fails at this point and the pager is left holding an EXCLUSIVE lock, this 384 ** can confuse the call to xCheckReservedLock() call made later as part 385 ** of hot-journal detection. 386 ** 387 ** xCheckReservedLock() is defined as returning true "if there is a RESERVED 388 ** lock held by this process or any others". So xCheckReservedLock may 389 ** return true because the caller itself is holding an EXCLUSIVE lock (but 390 ** doesn't know it because of a previous error in xUnlock). If this happens 391 ** a hot-journal may be mistaken for a journal being created by an active 392 ** transaction in another process, causing SQLite to read from the database 393 ** without rolling it back. 394 ** 395 ** To work around this, if a call to xUnlock() fails when unlocking the 396 ** database in the ERROR state, Pager.eLock is set to UNKNOWN_LOCK. It 397 ** is only changed back to a real locking state after a successful call 398 ** to xLock(EXCLUSIVE). Also, the code to do the OPEN->SHARED state transition 399 ** omits the check for a hot-journal if Pager.eLock is set to UNKNOWN_LOCK 400 ** lock. Instead, it assumes a hot-journal exists and obtains an EXCLUSIVE 401 ** lock on the database file before attempting to roll it back. See function 402 ** PagerSharedLock() for more detail. 403 ** 404 ** Pager.eLock may only be set to UNKNOWN_LOCK when the pager is in 405 ** PAGER_OPEN state. 406 */ 407 #define UNKNOWN_LOCK (EXCLUSIVE_LOCK+1) 408 409 /* 410 ** The maximum allowed sector size. 64KiB. If the xSectorsize() method 411 ** returns a value larger than this, then MAX_SECTOR_SIZE is used instead. 412 ** This could conceivably cause corruption following a power failure on 413 ** such a system. This is currently an undocumented limit. 414 */ 415 #define MAX_SECTOR_SIZE 0x10000 416 417 418 /* 419 ** An instance of the following structure is allocated for each active 420 ** savepoint and statement transaction in the system. All such structures 421 ** are stored in the Pager.aSavepoint[] array, which is allocated and 422 ** resized using sqlite3Realloc(). 423 ** 424 ** When a savepoint is created, the PagerSavepoint.iHdrOffset field is 425 ** set to 0. If a journal-header is written into the main journal while 426 ** the savepoint is active, then iHdrOffset is set to the byte offset 427 ** immediately following the last journal record written into the main 428 ** journal before the journal-header. This is required during savepoint 429 ** rollback (see pagerPlaybackSavepoint()). 430 */ 431 typedef struct PagerSavepoint PagerSavepoint; 432 struct PagerSavepoint { 433 i64 iOffset; /* Starting offset in main journal */ 434 i64 iHdrOffset; /* See above */ 435 Bitvec *pInSavepoint; /* Set of pages in this savepoint */ 436 Pgno nOrig; /* Original number of pages in file */ 437 Pgno iSubRec; /* Index of first record in sub-journal */ 438 int bTruncateOnRelease; /* If stmt journal may be truncated on RELEASE */ 439 #ifndef SQLITE_OMIT_WAL 440 u32 aWalData[WAL_SAVEPOINT_NDATA]; /* WAL savepoint context */ 441 #endif 442 }; 443 444 /* 445 ** Bits of the Pager.doNotSpill flag. See further description below. 446 */ 447 #define SPILLFLAG_OFF 0x01 /* Never spill cache. Set via pragma */ 448 #define SPILLFLAG_ROLLBACK 0x02 /* Current rolling back, so do not spill */ 449 #define SPILLFLAG_NOSYNC 0x04 /* Spill is ok, but do not sync */ 450 451 /* 452 ** An open page cache is an instance of struct Pager. A description of 453 ** some of the more important member variables follows: 454 ** 455 ** eState 456 ** 457 ** The current 'state' of the pager object. See the comment and state 458 ** diagram above for a description of the pager state. 459 ** 460 ** eLock 461 ** 462 ** For a real on-disk database, the current lock held on the database file - 463 ** NO_LOCK, SHARED_LOCK, RESERVED_LOCK or EXCLUSIVE_LOCK. 464 ** 465 ** For a temporary or in-memory database (neither of which require any 466 ** locks), this variable is always set to EXCLUSIVE_LOCK. Since such 467 ** databases always have Pager.exclusiveMode==1, this tricks the pager 468 ** logic into thinking that it already has all the locks it will ever 469 ** need (and no reason to release them). 470 ** 471 ** In some (obscure) circumstances, this variable may also be set to 472 ** UNKNOWN_LOCK. See the comment above the #define of UNKNOWN_LOCK for 473 ** details. 474 ** 475 ** changeCountDone 476 ** 477 ** This boolean variable is used to make sure that the change-counter 478 ** (the 4-byte header field at byte offset 24 of the database file) is 479 ** not updated more often than necessary. 480 ** 481 ** It is set to true when the change-counter field is updated, which 482 ** can only happen if an exclusive lock is held on the database file. 483 ** It is cleared (set to false) whenever an exclusive lock is 484 ** relinquished on the database file. Each time a transaction is committed, 485 ** The changeCountDone flag is inspected. If it is true, the work of 486 ** updating the change-counter is omitted for the current transaction. 487 ** 488 ** This mechanism means that when running in exclusive mode, a connection 489 ** need only update the change-counter once, for the first transaction 490 ** committed. 491 ** 492 ** setSuper 493 ** 494 ** When PagerCommitPhaseOne() is called to commit a transaction, it may 495 ** (or may not) specify a super-journal name to be written into the 496 ** journal file before it is synced to disk. 497 ** 498 ** Whether or not a journal file contains a super-journal pointer affects 499 ** the way in which the journal file is finalized after the transaction is 500 ** committed or rolled back when running in "journal_mode=PERSIST" mode. 501 ** If a journal file does not contain a super-journal pointer, it is 502 ** finalized by overwriting the first journal header with zeroes. If 503 ** it does contain a super-journal pointer the journal file is finalized 504 ** by truncating it to zero bytes, just as if the connection were 505 ** running in "journal_mode=truncate" mode. 506 ** 507 ** Journal files that contain super-journal pointers cannot be finalized 508 ** simply by overwriting the first journal-header with zeroes, as the 509 ** super-journal pointer could interfere with hot-journal rollback of any 510 ** subsequently interrupted transaction that reuses the journal file. 511 ** 512 ** The flag is cleared as soon as the journal file is finalized (either 513 ** by PagerCommitPhaseTwo or PagerRollback). If an IO error prevents the 514 ** journal file from being successfully finalized, the setSuper flag 515 ** is cleared anyway (and the pager will move to ERROR state). 516 ** 517 ** doNotSpill 518 ** 519 ** This variables control the behavior of cache-spills (calls made by 520 ** the pcache module to the pagerStress() routine to write cached data 521 ** to the file-system in order to free up memory). 522 ** 523 ** When bits SPILLFLAG_OFF or SPILLFLAG_ROLLBACK of doNotSpill are set, 524 ** writing to the database from pagerStress() is disabled altogether. 525 ** The SPILLFLAG_ROLLBACK case is done in a very obscure case that 526 ** comes up during savepoint rollback that requires the pcache module 527 ** to allocate a new page to prevent the journal file from being written 528 ** while it is being traversed by code in pager_playback(). The SPILLFLAG_OFF 529 ** case is a user preference. 530 ** 531 ** If the SPILLFLAG_NOSYNC bit is set, writing to the database from 532 ** pagerStress() is permitted, but syncing the journal file is not. 533 ** This flag is set by sqlite3PagerWrite() when the file-system sector-size 534 ** is larger than the database page-size in order to prevent a journal sync 535 ** from happening in between the journalling of two pages on the same sector. 536 ** 537 ** subjInMemory 538 ** 539 ** This is a boolean variable. If true, then any required sub-journal 540 ** is opened as an in-memory journal file. If false, then in-memory 541 ** sub-journals are only used for in-memory pager files. 542 ** 543 ** This variable is updated by the upper layer each time a new 544 ** write-transaction is opened. 545 ** 546 ** dbSize, dbOrigSize, dbFileSize 547 ** 548 ** Variable dbSize is set to the number of pages in the database file. 549 ** It is valid in PAGER_READER and higher states (all states except for 550 ** OPEN and ERROR). 551 ** 552 ** dbSize is set based on the size of the database file, which may be 553 ** larger than the size of the database (the value stored at offset 554 ** 28 of the database header by the btree). If the size of the file 555 ** is not an integer multiple of the page-size, the value stored in 556 ** dbSize is rounded down (i.e. a 5KB file with 2K page-size has dbSize==2). 557 ** Except, any file that is greater than 0 bytes in size is considered 558 ** to have at least one page. (i.e. a 1KB file with 2K page-size leads 559 ** to dbSize==1). 560 ** 561 ** During a write-transaction, if pages with page-numbers greater than 562 ** dbSize are modified in the cache, dbSize is updated accordingly. 563 ** Similarly, if the database is truncated using PagerTruncateImage(), 564 ** dbSize is updated. 565 ** 566 ** Variables dbOrigSize and dbFileSize are valid in states 567 ** PAGER_WRITER_LOCKED and higher. dbOrigSize is a copy of the dbSize 568 ** variable at the start of the transaction. It is used during rollback, 569 ** and to determine whether or not pages need to be journalled before 570 ** being modified. 571 ** 572 ** Throughout a write-transaction, dbFileSize contains the size of 573 ** the file on disk in pages. It is set to a copy of dbSize when the 574 ** write-transaction is first opened, and updated when VFS calls are made 575 ** to write or truncate the database file on disk. 576 ** 577 ** The only reason the dbFileSize variable is required is to suppress 578 ** unnecessary calls to xTruncate() after committing a transaction. If, 579 ** when a transaction is committed, the dbFileSize variable indicates 580 ** that the database file is larger than the database image (Pager.dbSize), 581 ** pager_truncate() is called. The pager_truncate() call uses xFilesize() 582 ** to measure the database file on disk, and then truncates it if required. 583 ** dbFileSize is not used when rolling back a transaction. In this case 584 ** pager_truncate() is called unconditionally (which means there may be 585 ** a call to xFilesize() that is not strictly required). In either case, 586 ** pager_truncate() may cause the file to become smaller or larger. 587 ** 588 ** dbHintSize 589 ** 590 ** The dbHintSize variable is used to limit the number of calls made to 591 ** the VFS xFileControl(FCNTL_SIZE_HINT) method. 592 ** 593 ** dbHintSize is set to a copy of the dbSize variable when a 594 ** write-transaction is opened (at the same time as dbFileSize and 595 ** dbOrigSize). If the xFileControl(FCNTL_SIZE_HINT) method is called, 596 ** dbHintSize is increased to the number of pages that correspond to the 597 ** size-hint passed to the method call. See pager_write_pagelist() for 598 ** details. 599 ** 600 ** errCode 601 ** 602 ** The Pager.errCode variable is only ever used in PAGER_ERROR state. It 603 ** is set to zero in all other states. In PAGER_ERROR state, Pager.errCode 604 ** is always set to SQLITE_FULL, SQLITE_IOERR or one of the SQLITE_IOERR_XXX 605 ** sub-codes. 606 ** 607 ** syncFlags, walSyncFlags 608 ** 609 ** syncFlags is either SQLITE_SYNC_NORMAL (0x02) or SQLITE_SYNC_FULL (0x03). 610 ** syncFlags is used for rollback mode. walSyncFlags is used for WAL mode 611 ** and contains the flags used to sync the checkpoint operations in the 612 ** lower two bits, and sync flags used for transaction commits in the WAL 613 ** file in bits 0x04 and 0x08. In other words, to get the correct sync flags 614 ** for checkpoint operations, use (walSyncFlags&0x03) and to get the correct 615 ** sync flags for transaction commit, use ((walSyncFlags>>2)&0x03). Note 616 ** that with synchronous=NORMAL in WAL mode, transaction commit is not synced 617 ** meaning that the 0x04 and 0x08 bits are both zero. 618 */ 619 struct Pager { 620 sqlite3_vfs *pVfs; /* OS functions to use for IO */ 621 u8 exclusiveMode; /* Boolean. True if locking_mode==EXCLUSIVE */ 622 u8 journalMode; /* One of the PAGER_JOURNALMODE_* values */ 623 u8 useJournal; /* Use a rollback journal on this file */ 624 u8 noSync; /* Do not sync the journal if true */ 625 u8 fullSync; /* Do extra syncs of the journal for robustness */ 626 u8 extraSync; /* sync directory after journal delete */ 627 u8 syncFlags; /* SYNC_NORMAL or SYNC_FULL otherwise */ 628 u8 walSyncFlags; /* See description above */ 629 u8 tempFile; /* zFilename is a temporary or immutable file */ 630 u8 noLock; /* Do not lock (except in WAL mode) */ 631 u8 readOnly; /* True for a read-only database */ 632 u8 memDb; /* True to inhibit all file I/O */ 633 u8 memVfs; /* VFS-implemented memory database */ 634 635 /************************************************************************** 636 ** The following block contains those class members that change during 637 ** routine operation. Class members not in this block are either fixed 638 ** when the pager is first created or else only change when there is a 639 ** significant mode change (such as changing the page_size, locking_mode, 640 ** or the journal_mode). From another view, these class members describe 641 ** the "state" of the pager, while other class members describe the 642 ** "configuration" of the pager. 643 */ 644 u8 eState; /* Pager state (OPEN, READER, WRITER_LOCKED..) */ 645 u8 eLock; /* Current lock held on database file */ 646 u8 changeCountDone; /* Set after incrementing the change-counter */ 647 u8 setSuper; /* Super-jrnl name is written into jrnl */ 648 u8 doNotSpill; /* Do not spill the cache when non-zero */ 649 u8 subjInMemory; /* True to use in-memory sub-journals */ 650 u8 bUseFetch; /* True to use xFetch() */ 651 u8 hasHeldSharedLock; /* True if a shared lock has ever been held */ 652 Pgno dbSize; /* Number of pages in the database */ 653 Pgno dbOrigSize; /* dbSize before the current transaction */ 654 Pgno dbFileSize; /* Number of pages in the database file */ 655 Pgno dbHintSize; /* Value passed to FCNTL_SIZE_HINT call */ 656 int errCode; /* One of several kinds of errors */ 657 int nRec; /* Pages journalled since last j-header written */ 658 u32 cksumInit; /* Quasi-random value added to every checksum */ 659 u32 nSubRec; /* Number of records written to sub-journal */ 660 Bitvec *pInJournal; /* One bit for each page in the database file */ 661 sqlite3_file *fd; /* File descriptor for database */ 662 sqlite3_file *jfd; /* File descriptor for main journal */ 663 sqlite3_file *sjfd; /* File descriptor for sub-journal */ 664 i64 journalOff; /* Current write offset in the journal file */ 665 i64 journalHdr; /* Byte offset to previous journal header */ 666 sqlite3_backup *pBackup; /* Pointer to list of ongoing backup processes */ 667 PagerSavepoint *aSavepoint; /* Array of active savepoints */ 668 int nSavepoint; /* Number of elements in aSavepoint[] */ 669 u32 iDataVersion; /* Changes whenever database content changes */ 670 char dbFileVers[16]; /* Changes whenever database file changes */ 671 672 int nMmapOut; /* Number of mmap pages currently outstanding */ 673 sqlite3_int64 szMmap; /* Desired maximum mmap size */ 674 PgHdr *pMmapFreelist; /* List of free mmap page headers (pDirty) */ 675 /* 676 ** End of the routinely-changing class members 677 ***************************************************************************/ 678 679 u16 nExtra; /* Add this many bytes to each in-memory page */ 680 i16 nReserve; /* Number of unused bytes at end of each page */ 681 u32 vfsFlags; /* Flags for sqlite3_vfs.xOpen() */ 682 u32 sectorSize; /* Assumed sector size during rollback */ 683 Pgno mxPgno; /* Maximum allowed size of the database */ 684 Pgno lckPgno; /* Page number for the locking page */ 685 i64 pageSize; /* Number of bytes in a page */ 686 i64 journalSizeLimit; /* Size limit for persistent journal files */ 687 char *zFilename; /* Name of the database file */ 688 char *zJournal; /* Name of the journal file */ 689 int (*xBusyHandler)(void*); /* Function to call when busy */ 690 void *pBusyHandlerArg; /* Context argument for xBusyHandler */ 691 int aStat[4]; /* Total cache hits, misses, writes, spills */ 692 #ifdef SQLITE_TEST 693 int nRead; /* Database pages read */ 694 #endif 695 void (*xReiniter)(DbPage*); /* Call this routine when reloading pages */ 696 int (*xGet)(Pager*,Pgno,DbPage**,int); /* Routine to fetch a patch */ 697 char *pTmpSpace; /* Pager.pageSize bytes of space for tmp use */ 698 PCache *pPCache; /* Pointer to page cache object */ 699 #ifndef SQLITE_OMIT_WAL 700 Wal *pWal; /* Write-ahead log used by "journal_mode=wal" */ 701 char *zWal; /* File name for write-ahead log */ 702 #endif 703 }; 704 705 /* 706 ** Indexes for use with Pager.aStat[]. The Pager.aStat[] array contains 707 ** the values accessed by passing SQLITE_DBSTATUS_CACHE_HIT, CACHE_MISS 708 ** or CACHE_WRITE to sqlite3_db_status(). 709 */ 710 #define PAGER_STAT_HIT 0 711 #define PAGER_STAT_MISS 1 712 #define PAGER_STAT_WRITE 2 713 #define PAGER_STAT_SPILL 3 714 715 /* 716 ** The following global variables hold counters used for 717 ** testing purposes only. These variables do not exist in 718 ** a non-testing build. These variables are not thread-safe. 719 */ 720 #ifdef SQLITE_TEST 721 int sqlite3_pager_readdb_count = 0; /* Number of full pages read from DB */ 722 int sqlite3_pager_writedb_count = 0; /* Number of full pages written to DB */ 723 int sqlite3_pager_writej_count = 0; /* Number of pages written to journal */ 724 # define PAGER_INCR(v) v++ 725 #else 726 # define PAGER_INCR(v) 727 #endif 728 729 730 731 /* 732 ** Journal files begin with the following magic string. The data 733 ** was obtained from /dev/random. It is used only as a sanity check. 734 ** 735 ** Since version 2.8.0, the journal format contains additional sanity 736 ** checking information. If the power fails while the journal is being 737 ** written, semi-random garbage data might appear in the journal 738 ** file after power is restored. If an attempt is then made 739 ** to roll the journal back, the database could be corrupted. The additional 740 ** sanity checking data is an attempt to discover the garbage in the 741 ** journal and ignore it. 742 ** 743 ** The sanity checking information for the new journal format consists 744 ** of a 32-bit checksum on each page of data. The checksum covers both 745 ** the page number and the pPager->pageSize bytes of data for the page. 746 ** This cksum is initialized to a 32-bit random value that appears in the 747 ** journal file right after the header. The random initializer is important, 748 ** because garbage data that appears at the end of a journal is likely 749 ** data that was once in other files that have now been deleted. If the 750 ** garbage data came from an obsolete journal file, the checksums might 751 ** be correct. But by initializing the checksum to random value which 752 ** is different for every journal, we minimize that risk. 753 */ 754 static const unsigned char aJournalMagic[] = { 755 0xd9, 0xd5, 0x05, 0xf9, 0x20, 0xa1, 0x63, 0xd7, 756 }; 757 758 /* 759 ** The size of the of each page record in the journal is given by 760 ** the following macro. 761 */ 762 #define JOURNAL_PG_SZ(pPager) ((pPager->pageSize) + 8) 763 764 /* 765 ** The journal header size for this pager. This is usually the same 766 ** size as a single disk sector. See also setSectorSize(). 767 */ 768 #define JOURNAL_HDR_SZ(pPager) (pPager->sectorSize) 769 770 /* 771 ** The macro MEMDB is true if we are dealing with an in-memory database. 772 ** We do this as a macro so that if the SQLITE_OMIT_MEMORYDB macro is set, 773 ** the value of MEMDB will be a constant and the compiler will optimize 774 ** out code that would never execute. 775 */ 776 #ifdef SQLITE_OMIT_MEMORYDB 777 # define MEMDB 0 778 #else 779 # define MEMDB pPager->memDb 780 #endif 781 782 /* 783 ** The macro USEFETCH is true if we are allowed to use the xFetch and xUnfetch 784 ** interfaces to access the database using memory-mapped I/O. 785 */ 786 #if SQLITE_MAX_MMAP_SIZE>0 787 # define USEFETCH(x) ((x)->bUseFetch) 788 #else 789 # define USEFETCH(x) 0 790 #endif 791 792 /* 793 ** The argument to this macro is a file descriptor (type sqlite3_file*). 794 ** Return 0 if it is not open, or non-zero (but not 1) if it is. 795 ** 796 ** This is so that expressions can be written as: 797 ** 798 ** if( isOpen(pPager->jfd) ){ ... 799 ** 800 ** instead of 801 ** 802 ** if( pPager->jfd->pMethods ){ ... 803 */ 804 #define isOpen(pFd) ((pFd)->pMethods!=0) 805 806 #ifdef SQLITE_DIRECT_OVERFLOW_READ 807 /* 808 ** Return true if page pgno can be read directly from the database file 809 ** by the b-tree layer. This is the case if: 810 ** 811 ** * the database file is open, 812 ** * there are no dirty pages in the cache, and 813 ** * the desired page is not currently in the wal file. 814 */ 815 int sqlite3PagerDirectReadOk(Pager *pPager, Pgno pgno){ 816 if( pPager->fd->pMethods==0 ) return 0; 817 if( sqlite3PCacheIsDirty(pPager->pPCache) ) return 0; 818 #ifndef SQLITE_OMIT_WAL 819 if( pPager->pWal ){ 820 u32 iRead = 0; 821 int rc; 822 rc = sqlite3WalFindFrame(pPager->pWal, pgno, &iRead); 823 return (rc==SQLITE_OK && iRead==0); 824 } 825 #endif 826 return 1; 827 } 828 #endif 829 830 #ifndef SQLITE_OMIT_WAL 831 # define pagerUseWal(x) ((x)->pWal!=0) 832 #else 833 # define pagerUseWal(x) 0 834 # define pagerRollbackWal(x) 0 835 # define pagerWalFrames(v,w,x,y) 0 836 # define pagerOpenWalIfPresent(z) SQLITE_OK 837 # define pagerBeginReadTransaction(z) SQLITE_OK 838 #endif 839 840 #ifndef NDEBUG 841 /* 842 ** Usage: 843 ** 844 ** assert( assert_pager_state(pPager) ); 845 ** 846 ** This function runs many asserts to try to find inconsistencies in 847 ** the internal state of the Pager object. 848 */ 849 static int assert_pager_state(Pager *p){ 850 Pager *pPager = p; 851 852 /* State must be valid. */ 853 assert( p->eState==PAGER_OPEN 854 || p->eState==PAGER_READER 855 || p->eState==PAGER_WRITER_LOCKED 856 || p->eState==PAGER_WRITER_CACHEMOD 857 || p->eState==PAGER_WRITER_DBMOD 858 || p->eState==PAGER_WRITER_FINISHED 859 || p->eState==PAGER_ERROR 860 ); 861 862 /* Regardless of the current state, a temp-file connection always behaves 863 ** as if it has an exclusive lock on the database file. It never updates 864 ** the change-counter field, so the changeCountDone flag is always set. 865 */ 866 assert( p->tempFile==0 || p->eLock==EXCLUSIVE_LOCK ); 867 assert( p->tempFile==0 || pPager->changeCountDone ); 868 869 /* If the useJournal flag is clear, the journal-mode must be "OFF". 870 ** And if the journal-mode is "OFF", the journal file must not be open. 871 */ 872 assert( p->journalMode==PAGER_JOURNALMODE_OFF || p->useJournal ); 873 assert( p->journalMode!=PAGER_JOURNALMODE_OFF || !isOpen(p->jfd) ); 874 875 /* Check that MEMDB implies noSync. And an in-memory journal. Since 876 ** this means an in-memory pager performs no IO at all, it cannot encounter 877 ** either SQLITE_IOERR or SQLITE_FULL during rollback or while finalizing 878 ** a journal file. (although the in-memory journal implementation may 879 ** return SQLITE_IOERR_NOMEM while the journal file is being written). It 880 ** is therefore not possible for an in-memory pager to enter the ERROR 881 ** state. 882 */ 883 if( MEMDB ){ 884 assert( !isOpen(p->fd) ); 885 assert( p->noSync ); 886 assert( p->journalMode==PAGER_JOURNALMODE_OFF 887 || p->journalMode==PAGER_JOURNALMODE_MEMORY 888 ); 889 assert( p->eState!=PAGER_ERROR && p->eState!=PAGER_OPEN ); 890 assert( pagerUseWal(p)==0 ); 891 } 892 893 /* If changeCountDone is set, a RESERVED lock or greater must be held 894 ** on the file. 895 */ 896 assert( pPager->changeCountDone==0 || pPager->eLock>=RESERVED_LOCK ); 897 assert( p->eLock!=PENDING_LOCK ); 898 899 switch( p->eState ){ 900 case PAGER_OPEN: 901 assert( !MEMDB ); 902 assert( pPager->errCode==SQLITE_OK ); 903 assert( sqlite3PcacheRefCount(pPager->pPCache)==0 || pPager->tempFile ); 904 break; 905 906 case PAGER_READER: 907 assert( pPager->errCode==SQLITE_OK ); 908 assert( p->eLock!=UNKNOWN_LOCK ); 909 assert( p->eLock>=SHARED_LOCK ); 910 break; 911 912 case PAGER_WRITER_LOCKED: 913 assert( p->eLock!=UNKNOWN_LOCK ); 914 assert( pPager->errCode==SQLITE_OK ); 915 if( !pagerUseWal(pPager) ){ 916 assert( p->eLock>=RESERVED_LOCK ); 917 } 918 assert( pPager->dbSize==pPager->dbOrigSize ); 919 assert( pPager->dbOrigSize==pPager->dbFileSize ); 920 assert( pPager->dbOrigSize==pPager->dbHintSize ); 921 assert( pPager->setSuper==0 ); 922 break; 923 924 case PAGER_WRITER_CACHEMOD: 925 assert( p->eLock!=UNKNOWN_LOCK ); 926 assert( pPager->errCode==SQLITE_OK ); 927 if( !pagerUseWal(pPager) ){ 928 /* It is possible that if journal_mode=wal here that neither the 929 ** journal file nor the WAL file are open. This happens during 930 ** a rollback transaction that switches from journal_mode=off 931 ** to journal_mode=wal. 932 */ 933 assert( p->eLock>=RESERVED_LOCK ); 934 assert( isOpen(p->jfd) 935 || p->journalMode==PAGER_JOURNALMODE_OFF 936 || p->journalMode==PAGER_JOURNALMODE_WAL 937 ); 938 } 939 assert( pPager->dbOrigSize==pPager->dbFileSize ); 940 assert( pPager->dbOrigSize==pPager->dbHintSize ); 941 break; 942 943 case PAGER_WRITER_DBMOD: 944 assert( p->eLock==EXCLUSIVE_LOCK ); 945 assert( pPager->errCode==SQLITE_OK ); 946 assert( !pagerUseWal(pPager) ); 947 assert( p->eLock>=EXCLUSIVE_LOCK ); 948 assert( isOpen(p->jfd) 949 || p->journalMode==PAGER_JOURNALMODE_OFF 950 || p->journalMode==PAGER_JOURNALMODE_WAL 951 || (sqlite3OsDeviceCharacteristics(p->fd)&SQLITE_IOCAP_BATCH_ATOMIC) 952 ); 953 assert( pPager->dbOrigSize<=pPager->dbHintSize ); 954 break; 955 956 case PAGER_WRITER_FINISHED: 957 assert( p->eLock==EXCLUSIVE_LOCK ); 958 assert( pPager->errCode==SQLITE_OK ); 959 assert( !pagerUseWal(pPager) ); 960 assert( isOpen(p->jfd) 961 || p->journalMode==PAGER_JOURNALMODE_OFF 962 || p->journalMode==PAGER_JOURNALMODE_WAL 963 || (sqlite3OsDeviceCharacteristics(p->fd)&SQLITE_IOCAP_BATCH_ATOMIC) 964 ); 965 break; 966 967 case PAGER_ERROR: 968 /* There must be at least one outstanding reference to the pager if 969 ** in ERROR state. Otherwise the pager should have already dropped 970 ** back to OPEN state. 971 */ 972 assert( pPager->errCode!=SQLITE_OK ); 973 assert( sqlite3PcacheRefCount(pPager->pPCache)>0 || pPager->tempFile ); 974 break; 975 } 976 977 return 1; 978 } 979 #endif /* ifndef NDEBUG */ 980 981 #ifdef SQLITE_DEBUG 982 /* 983 ** Return a pointer to a human readable string in a static buffer 984 ** containing the state of the Pager object passed as an argument. This 985 ** is intended to be used within debuggers. For example, as an alternative 986 ** to "print *pPager" in gdb: 987 ** 988 ** (gdb) printf "%s", print_pager_state(pPager) 989 ** 990 ** This routine has external linkage in order to suppress compiler warnings 991 ** about an unused function. It is enclosed within SQLITE_DEBUG and so does 992 ** not appear in normal builds. 993 */ 994 char *print_pager_state(Pager *p){ 995 static char zRet[1024]; 996 997 sqlite3_snprintf(1024, zRet, 998 "Filename: %s\n" 999 "State: %s errCode=%d\n" 1000 "Lock: %s\n" 1001 "Locking mode: locking_mode=%s\n" 1002 "Journal mode: journal_mode=%s\n" 1003 "Backing store: tempFile=%d memDb=%d useJournal=%d\n" 1004 "Journal: journalOff=%lld journalHdr=%lld\n" 1005 "Size: dbsize=%d dbOrigSize=%d dbFileSize=%d\n" 1006 , p->zFilename 1007 , p->eState==PAGER_OPEN ? "OPEN" : 1008 p->eState==PAGER_READER ? "READER" : 1009 p->eState==PAGER_WRITER_LOCKED ? "WRITER_LOCKED" : 1010 p->eState==PAGER_WRITER_CACHEMOD ? "WRITER_CACHEMOD" : 1011 p->eState==PAGER_WRITER_DBMOD ? "WRITER_DBMOD" : 1012 p->eState==PAGER_WRITER_FINISHED ? "WRITER_FINISHED" : 1013 p->eState==PAGER_ERROR ? "ERROR" : "?error?" 1014 , (int)p->errCode 1015 , p->eLock==NO_LOCK ? "NO_LOCK" : 1016 p->eLock==RESERVED_LOCK ? "RESERVED" : 1017 p->eLock==EXCLUSIVE_LOCK ? "EXCLUSIVE" : 1018 p->eLock==SHARED_LOCK ? "SHARED" : 1019 p->eLock==UNKNOWN_LOCK ? "UNKNOWN" : "?error?" 1020 , p->exclusiveMode ? "exclusive" : "normal" 1021 , p->journalMode==PAGER_JOURNALMODE_MEMORY ? "memory" : 1022 p->journalMode==PAGER_JOURNALMODE_OFF ? "off" : 1023 p->journalMode==PAGER_JOURNALMODE_DELETE ? "delete" : 1024 p->journalMode==PAGER_JOURNALMODE_PERSIST ? "persist" : 1025 p->journalMode==PAGER_JOURNALMODE_TRUNCATE ? "truncate" : 1026 p->journalMode==PAGER_JOURNALMODE_WAL ? "wal" : "?error?" 1027 , (int)p->tempFile, (int)p->memDb, (int)p->useJournal 1028 , p->journalOff, p->journalHdr 1029 , (int)p->dbSize, (int)p->dbOrigSize, (int)p->dbFileSize 1030 ); 1031 1032 return zRet; 1033 } 1034 #endif 1035 1036 /* Forward references to the various page getters */ 1037 static int getPageNormal(Pager*,Pgno,DbPage**,int); 1038 static int getPageError(Pager*,Pgno,DbPage**,int); 1039 #if SQLITE_MAX_MMAP_SIZE>0 1040 static int getPageMMap(Pager*,Pgno,DbPage**,int); 1041 #endif 1042 1043 /* 1044 ** Set the Pager.xGet method for the appropriate routine used to fetch 1045 ** content from the pager. 1046 */ 1047 static void setGetterMethod(Pager *pPager){ 1048 if( pPager->errCode ){ 1049 pPager->xGet = getPageError; 1050 #if SQLITE_MAX_MMAP_SIZE>0 1051 }else if( USEFETCH(pPager) ){ 1052 pPager->xGet = getPageMMap; 1053 #endif /* SQLITE_MAX_MMAP_SIZE>0 */ 1054 }else{ 1055 pPager->xGet = getPageNormal; 1056 } 1057 } 1058 1059 /* 1060 ** Return true if it is necessary to write page *pPg into the sub-journal. 1061 ** A page needs to be written into the sub-journal if there exists one 1062 ** or more open savepoints for which: 1063 ** 1064 ** * The page-number is less than or equal to PagerSavepoint.nOrig, and 1065 ** * The bit corresponding to the page-number is not set in 1066 ** PagerSavepoint.pInSavepoint. 1067 */ 1068 static int subjRequiresPage(PgHdr *pPg){ 1069 Pager *pPager = pPg->pPager; 1070 PagerSavepoint *p; 1071 Pgno pgno = pPg->pgno; 1072 int i; 1073 for(i=0; i<pPager->nSavepoint; i++){ 1074 p = &pPager->aSavepoint[i]; 1075 if( p->nOrig>=pgno && 0==sqlite3BitvecTestNotNull(p->pInSavepoint, pgno) ){ 1076 for(i=i+1; i<pPager->nSavepoint; i++){ 1077 pPager->aSavepoint[i].bTruncateOnRelease = 0; 1078 } 1079 return 1; 1080 } 1081 } 1082 return 0; 1083 } 1084 1085 #ifdef SQLITE_DEBUG 1086 /* 1087 ** Return true if the page is already in the journal file. 1088 */ 1089 static int pageInJournal(Pager *pPager, PgHdr *pPg){ 1090 return sqlite3BitvecTest(pPager->pInJournal, pPg->pgno); 1091 } 1092 #endif 1093 1094 /* 1095 ** Read a 32-bit integer from the given file descriptor. Store the integer 1096 ** that is read in *pRes. Return SQLITE_OK if everything worked, or an 1097 ** error code is something goes wrong. 1098 ** 1099 ** All values are stored on disk as big-endian. 1100 */ 1101 static int read32bits(sqlite3_file *fd, i64 offset, u32 *pRes){ 1102 unsigned char ac[4]; 1103 int rc = sqlite3OsRead(fd, ac, sizeof(ac), offset); 1104 if( rc==SQLITE_OK ){ 1105 *pRes = sqlite3Get4byte(ac); 1106 } 1107 return rc; 1108 } 1109 1110 /* 1111 ** Write a 32-bit integer into a string buffer in big-endian byte order. 1112 */ 1113 #define put32bits(A,B) sqlite3Put4byte((u8*)A,B) 1114 1115 1116 /* 1117 ** Write a 32-bit integer into the given file descriptor. Return SQLITE_OK 1118 ** on success or an error code is something goes wrong. 1119 */ 1120 static int write32bits(sqlite3_file *fd, i64 offset, u32 val){ 1121 char ac[4]; 1122 put32bits(ac, val); 1123 return sqlite3OsWrite(fd, ac, 4, offset); 1124 } 1125 1126 /* 1127 ** Unlock the database file to level eLock, which must be either NO_LOCK 1128 ** or SHARED_LOCK. Regardless of whether or not the call to xUnlock() 1129 ** succeeds, set the Pager.eLock variable to match the (attempted) new lock. 1130 ** 1131 ** Except, if Pager.eLock is set to UNKNOWN_LOCK when this function is 1132 ** called, do not modify it. See the comment above the #define of 1133 ** UNKNOWN_LOCK for an explanation of this. 1134 */ 1135 static int pagerUnlockDb(Pager *pPager, int eLock){ 1136 int rc = SQLITE_OK; 1137 1138 assert( !pPager->exclusiveMode || pPager->eLock==eLock ); 1139 assert( eLock==NO_LOCK || eLock==SHARED_LOCK ); 1140 assert( eLock!=NO_LOCK || pagerUseWal(pPager)==0 ); 1141 if( isOpen(pPager->fd) ){ 1142 assert( pPager->eLock>=eLock ); 1143 rc = pPager->noLock ? SQLITE_OK : sqlite3OsUnlock(pPager->fd, eLock); 1144 if( pPager->eLock!=UNKNOWN_LOCK ){ 1145 pPager->eLock = (u8)eLock; 1146 } 1147 IOTRACE(("UNLOCK %p %d\n", pPager, eLock)) 1148 } 1149 pPager->changeCountDone = pPager->tempFile; /* ticket fb3b3024ea238d5c */ 1150 return rc; 1151 } 1152 1153 /* 1154 ** Lock the database file to level eLock, which must be either SHARED_LOCK, 1155 ** RESERVED_LOCK or EXCLUSIVE_LOCK. If the caller is successful, set the 1156 ** Pager.eLock variable to the new locking state. 1157 ** 1158 ** Except, if Pager.eLock is set to UNKNOWN_LOCK when this function is 1159 ** called, do not modify it unless the new locking state is EXCLUSIVE_LOCK. 1160 ** See the comment above the #define of UNKNOWN_LOCK for an explanation 1161 ** of this. 1162 */ 1163 static int pagerLockDb(Pager *pPager, int eLock){ 1164 int rc = SQLITE_OK; 1165 1166 assert( eLock==SHARED_LOCK || eLock==RESERVED_LOCK || eLock==EXCLUSIVE_LOCK ); 1167 if( pPager->eLock<eLock || pPager->eLock==UNKNOWN_LOCK ){ 1168 rc = pPager->noLock ? SQLITE_OK : sqlite3OsLock(pPager->fd, eLock); 1169 if( rc==SQLITE_OK && (pPager->eLock!=UNKNOWN_LOCK||eLock==EXCLUSIVE_LOCK) ){ 1170 pPager->eLock = (u8)eLock; 1171 IOTRACE(("LOCK %p %d\n", pPager, eLock)) 1172 } 1173 } 1174 return rc; 1175 } 1176 1177 /* 1178 ** This function determines whether or not the atomic-write or 1179 ** atomic-batch-write optimizations can be used with this pager. The 1180 ** atomic-write optimization can be used if: 1181 ** 1182 ** (a) the value returned by OsDeviceCharacteristics() indicates that 1183 ** a database page may be written atomically, and 1184 ** (b) the value returned by OsSectorSize() is less than or equal 1185 ** to the page size. 1186 ** 1187 ** If it can be used, then the value returned is the size of the journal 1188 ** file when it contains rollback data for exactly one page. 1189 ** 1190 ** The atomic-batch-write optimization can be used if OsDeviceCharacteristics() 1191 ** returns a value with the SQLITE_IOCAP_BATCH_ATOMIC bit set. -1 is 1192 ** returned in this case. 1193 ** 1194 ** If neither optimization can be used, 0 is returned. 1195 */ 1196 static int jrnlBufferSize(Pager *pPager){ 1197 assert( !MEMDB ); 1198 1199 #if defined(SQLITE_ENABLE_ATOMIC_WRITE) \ 1200 || defined(SQLITE_ENABLE_BATCH_ATOMIC_WRITE) 1201 int dc; /* Device characteristics */ 1202 1203 assert( isOpen(pPager->fd) ); 1204 dc = sqlite3OsDeviceCharacteristics(pPager->fd); 1205 #else 1206 UNUSED_PARAMETER(pPager); 1207 #endif 1208 1209 #ifdef SQLITE_ENABLE_BATCH_ATOMIC_WRITE 1210 if( pPager->dbSize>0 && (dc&SQLITE_IOCAP_BATCH_ATOMIC) ){ 1211 return -1; 1212 } 1213 #endif 1214 1215 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 1216 { 1217 int nSector = pPager->sectorSize; 1218 int szPage = pPager->pageSize; 1219 1220 assert(SQLITE_IOCAP_ATOMIC512==(512>>8)); 1221 assert(SQLITE_IOCAP_ATOMIC64K==(65536>>8)); 1222 if( 0==(dc&(SQLITE_IOCAP_ATOMIC|(szPage>>8)) || nSector>szPage) ){ 1223 return 0; 1224 } 1225 } 1226 1227 return JOURNAL_HDR_SZ(pPager) + JOURNAL_PG_SZ(pPager); 1228 #endif 1229 1230 return 0; 1231 } 1232 1233 /* 1234 ** If SQLITE_CHECK_PAGES is defined then we do some sanity checking 1235 ** on the cache using a hash function. This is used for testing 1236 ** and debugging only. 1237 */ 1238 #ifdef SQLITE_CHECK_PAGES 1239 /* 1240 ** Return a 32-bit hash of the page data for pPage. 1241 */ 1242 static u32 pager_datahash(int nByte, unsigned char *pData){ 1243 u32 hash = 0; 1244 int i; 1245 for(i=0; i<nByte; i++){ 1246 hash = (hash*1039) + pData[i]; 1247 } 1248 return hash; 1249 } 1250 static u32 pager_pagehash(PgHdr *pPage){ 1251 return pager_datahash(pPage->pPager->pageSize, (unsigned char *)pPage->pData); 1252 } 1253 static void pager_set_pagehash(PgHdr *pPage){ 1254 pPage->pageHash = pager_pagehash(pPage); 1255 } 1256 1257 /* 1258 ** The CHECK_PAGE macro takes a PgHdr* as an argument. If SQLITE_CHECK_PAGES 1259 ** is defined, and NDEBUG is not defined, an assert() statement checks 1260 ** that the page is either dirty or still matches the calculated page-hash. 1261 */ 1262 #define CHECK_PAGE(x) checkPage(x) 1263 static void checkPage(PgHdr *pPg){ 1264 Pager *pPager = pPg->pPager; 1265 assert( pPager->eState!=PAGER_ERROR ); 1266 assert( (pPg->flags&PGHDR_DIRTY) || pPg->pageHash==pager_pagehash(pPg) ); 1267 } 1268 1269 #else 1270 #define pager_datahash(X,Y) 0 1271 #define pager_pagehash(X) 0 1272 #define pager_set_pagehash(X) 1273 #define CHECK_PAGE(x) 1274 #endif /* SQLITE_CHECK_PAGES */ 1275 1276 /* 1277 ** When this is called the journal file for pager pPager must be open. 1278 ** This function attempts to read a super-journal file name from the 1279 ** end of the file and, if successful, copies it into memory supplied 1280 ** by the caller. See comments above writeSuperJournal() for the format 1281 ** used to store a super-journal file name at the end of a journal file. 1282 ** 1283 ** zSuper must point to a buffer of at least nSuper bytes allocated by 1284 ** the caller. This should be sqlite3_vfs.mxPathname+1 (to ensure there is 1285 ** enough space to write the super-journal name). If the super-journal 1286 ** name in the journal is longer than nSuper bytes (including a 1287 ** nul-terminator), then this is handled as if no super-journal name 1288 ** were present in the journal. 1289 ** 1290 ** If a super-journal file name is present at the end of the journal 1291 ** file, then it is copied into the buffer pointed to by zSuper. A 1292 ** nul-terminator byte is appended to the buffer following the 1293 ** super-journal file name. 1294 ** 1295 ** If it is determined that no super-journal file name is present 1296 ** zSuper[0] is set to 0 and SQLITE_OK returned. 1297 ** 1298 ** If an error occurs while reading from the journal file, an SQLite 1299 ** error code is returned. 1300 */ 1301 static int readSuperJournal(sqlite3_file *pJrnl, char *zSuper, u32 nSuper){ 1302 int rc; /* Return code */ 1303 u32 len; /* Length in bytes of super-journal name */ 1304 i64 szJ; /* Total size in bytes of journal file pJrnl */ 1305 u32 cksum; /* MJ checksum value read from journal */ 1306 u32 u; /* Unsigned loop counter */ 1307 unsigned char aMagic[8]; /* A buffer to hold the magic header */ 1308 zSuper[0] = '\0'; 1309 1310 if( SQLITE_OK!=(rc = sqlite3OsFileSize(pJrnl, &szJ)) 1311 || szJ<16 1312 || SQLITE_OK!=(rc = read32bits(pJrnl, szJ-16, &len)) 1313 || len>=nSuper 1314 || len>szJ-16 1315 || len==0 1316 || SQLITE_OK!=(rc = read32bits(pJrnl, szJ-12, &cksum)) 1317 || SQLITE_OK!=(rc = sqlite3OsRead(pJrnl, aMagic, 8, szJ-8)) 1318 || memcmp(aMagic, aJournalMagic, 8) 1319 || SQLITE_OK!=(rc = sqlite3OsRead(pJrnl, zSuper, len, szJ-16-len)) 1320 ){ 1321 return rc; 1322 } 1323 1324 /* See if the checksum matches the super-journal name */ 1325 for(u=0; u<len; u++){ 1326 cksum -= zSuper[u]; 1327 } 1328 if( cksum ){ 1329 /* If the checksum doesn't add up, then one or more of the disk sectors 1330 ** containing the super-journal filename is corrupted. This means 1331 ** definitely roll back, so just return SQLITE_OK and report a (nul) 1332 ** super-journal filename. 1333 */ 1334 len = 0; 1335 } 1336 zSuper[len] = '\0'; 1337 zSuper[len+1] = '\0'; 1338 1339 return SQLITE_OK; 1340 } 1341 1342 /* 1343 ** Return the offset of the sector boundary at or immediately 1344 ** following the value in pPager->journalOff, assuming a sector 1345 ** size of pPager->sectorSize bytes. 1346 ** 1347 ** i.e for a sector size of 512: 1348 ** 1349 ** Pager.journalOff Return value 1350 ** --------------------------------------- 1351 ** 0 0 1352 ** 512 512 1353 ** 100 512 1354 ** 2000 2048 1355 ** 1356 */ 1357 static i64 journalHdrOffset(Pager *pPager){ 1358 i64 offset = 0; 1359 i64 c = pPager->journalOff; 1360 if( c ){ 1361 offset = ((c-1)/JOURNAL_HDR_SZ(pPager) + 1) * JOURNAL_HDR_SZ(pPager); 1362 } 1363 assert( offset%JOURNAL_HDR_SZ(pPager)==0 ); 1364 assert( offset>=c ); 1365 assert( (offset-c)<JOURNAL_HDR_SZ(pPager) ); 1366 return offset; 1367 } 1368 1369 /* 1370 ** The journal file must be open when this function is called. 1371 ** 1372 ** This function is a no-op if the journal file has not been written to 1373 ** within the current transaction (i.e. if Pager.journalOff==0). 1374 ** 1375 ** If doTruncate is non-zero or the Pager.journalSizeLimit variable is 1376 ** set to 0, then truncate the journal file to zero bytes in size. Otherwise, 1377 ** zero the 28-byte header at the start of the journal file. In either case, 1378 ** if the pager is not in no-sync mode, sync the journal file immediately 1379 ** after writing or truncating it. 1380 ** 1381 ** If Pager.journalSizeLimit is set to a positive, non-zero value, and 1382 ** following the truncation or zeroing described above the size of the 1383 ** journal file in bytes is larger than this value, then truncate the 1384 ** journal file to Pager.journalSizeLimit bytes. The journal file does 1385 ** not need to be synced following this operation. 1386 ** 1387 ** If an IO error occurs, abandon processing and return the IO error code. 1388 ** Otherwise, return SQLITE_OK. 1389 */ 1390 static int zeroJournalHdr(Pager *pPager, int doTruncate){ 1391 int rc = SQLITE_OK; /* Return code */ 1392 assert( isOpen(pPager->jfd) ); 1393 assert( !sqlite3JournalIsInMemory(pPager->jfd) ); 1394 if( pPager->journalOff ){ 1395 const i64 iLimit = pPager->journalSizeLimit; /* Local cache of jsl */ 1396 1397 IOTRACE(("JZEROHDR %p\n", pPager)) 1398 if( doTruncate || iLimit==0 ){ 1399 rc = sqlite3OsTruncate(pPager->jfd, 0); 1400 }else{ 1401 static const char zeroHdr[28] = {0}; 1402 rc = sqlite3OsWrite(pPager->jfd, zeroHdr, sizeof(zeroHdr), 0); 1403 } 1404 if( rc==SQLITE_OK && !pPager->noSync ){ 1405 rc = sqlite3OsSync(pPager->jfd, SQLITE_SYNC_DATAONLY|pPager->syncFlags); 1406 } 1407 1408 /* At this point the transaction is committed but the write lock 1409 ** is still held on the file. If there is a size limit configured for 1410 ** the persistent journal and the journal file currently consumes more 1411 ** space than that limit allows for, truncate it now. There is no need 1412 ** to sync the file following this operation. 1413 */ 1414 if( rc==SQLITE_OK && iLimit>0 ){ 1415 i64 sz; 1416 rc = sqlite3OsFileSize(pPager->jfd, &sz); 1417 if( rc==SQLITE_OK && sz>iLimit ){ 1418 rc = sqlite3OsTruncate(pPager->jfd, iLimit); 1419 } 1420 } 1421 } 1422 return rc; 1423 } 1424 1425 /* 1426 ** The journal file must be open when this routine is called. A journal 1427 ** header (JOURNAL_HDR_SZ bytes) is written into the journal file at the 1428 ** current location. 1429 ** 1430 ** The format for the journal header is as follows: 1431 ** - 8 bytes: Magic identifying journal format. 1432 ** - 4 bytes: Number of records in journal, or -1 no-sync mode is on. 1433 ** - 4 bytes: Random number used for page hash. 1434 ** - 4 bytes: Initial database page count. 1435 ** - 4 bytes: Sector size used by the process that wrote this journal. 1436 ** - 4 bytes: Database page size. 1437 ** 1438 ** Followed by (JOURNAL_HDR_SZ - 28) bytes of unused space. 1439 */ 1440 static int writeJournalHdr(Pager *pPager){ 1441 int rc = SQLITE_OK; /* Return code */ 1442 char *zHeader = pPager->pTmpSpace; /* Temporary space used to build header */ 1443 u32 nHeader = (u32)pPager->pageSize;/* Size of buffer pointed to by zHeader */ 1444 u32 nWrite; /* Bytes of header sector written */ 1445 int ii; /* Loop counter */ 1446 1447 assert( isOpen(pPager->jfd) ); /* Journal file must be open. */ 1448 1449 if( nHeader>JOURNAL_HDR_SZ(pPager) ){ 1450 nHeader = JOURNAL_HDR_SZ(pPager); 1451 } 1452 1453 /* If there are active savepoints and any of them were created 1454 ** since the most recent journal header was written, update the 1455 ** PagerSavepoint.iHdrOffset fields now. 1456 */ 1457 for(ii=0; ii<pPager->nSavepoint; ii++){ 1458 if( pPager->aSavepoint[ii].iHdrOffset==0 ){ 1459 pPager->aSavepoint[ii].iHdrOffset = pPager->journalOff; 1460 } 1461 } 1462 1463 pPager->journalHdr = pPager->journalOff = journalHdrOffset(pPager); 1464 1465 /* 1466 ** Write the nRec Field - the number of page records that follow this 1467 ** journal header. Normally, zero is written to this value at this time. 1468 ** After the records are added to the journal (and the journal synced, 1469 ** if in full-sync mode), the zero is overwritten with the true number 1470 ** of records (see syncJournal()). 1471 ** 1472 ** A faster alternative is to write 0xFFFFFFFF to the nRec field. When 1473 ** reading the journal this value tells SQLite to assume that the 1474 ** rest of the journal file contains valid page records. This assumption 1475 ** is dangerous, as if a failure occurred whilst writing to the journal 1476 ** file it may contain some garbage data. There are two scenarios 1477 ** where this risk can be ignored: 1478 ** 1479 ** * When the pager is in no-sync mode. Corruption can follow a 1480 ** power failure in this case anyway. 1481 ** 1482 ** * When the SQLITE_IOCAP_SAFE_APPEND flag is set. This guarantees 1483 ** that garbage data is never appended to the journal file. 1484 */ 1485 assert( isOpen(pPager->fd) || pPager->noSync ); 1486 if( pPager->noSync || (pPager->journalMode==PAGER_JOURNALMODE_MEMORY) 1487 || (sqlite3OsDeviceCharacteristics(pPager->fd)&SQLITE_IOCAP_SAFE_APPEND) 1488 ){ 1489 memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic)); 1490 put32bits(&zHeader[sizeof(aJournalMagic)], 0xffffffff); 1491 }else{ 1492 memset(zHeader, 0, sizeof(aJournalMagic)+4); 1493 } 1494 1495 /* The random check-hash initializer */ 1496 sqlite3_randomness(sizeof(pPager->cksumInit), &pPager->cksumInit); 1497 put32bits(&zHeader[sizeof(aJournalMagic)+4], pPager->cksumInit); 1498 /* The initial database size */ 1499 put32bits(&zHeader[sizeof(aJournalMagic)+8], pPager->dbOrigSize); 1500 /* The assumed sector size for this process */ 1501 put32bits(&zHeader[sizeof(aJournalMagic)+12], pPager->sectorSize); 1502 1503 /* The page size */ 1504 put32bits(&zHeader[sizeof(aJournalMagic)+16], pPager->pageSize); 1505 1506 /* Initializing the tail of the buffer is not necessary. Everything 1507 ** works find if the following memset() is omitted. But initializing 1508 ** the memory prevents valgrind from complaining, so we are willing to 1509 ** take the performance hit. 1510 */ 1511 memset(&zHeader[sizeof(aJournalMagic)+20], 0, 1512 nHeader-(sizeof(aJournalMagic)+20)); 1513 1514 /* In theory, it is only necessary to write the 28 bytes that the 1515 ** journal header consumes to the journal file here. Then increment the 1516 ** Pager.journalOff variable by JOURNAL_HDR_SZ so that the next 1517 ** record is written to the following sector (leaving a gap in the file 1518 ** that will be implicitly filled in by the OS). 1519 ** 1520 ** However it has been discovered that on some systems this pattern can 1521 ** be significantly slower than contiguously writing data to the file, 1522 ** even if that means explicitly writing data to the block of 1523 ** (JOURNAL_HDR_SZ - 28) bytes that will not be used. So that is what 1524 ** is done. 1525 ** 1526 ** The loop is required here in case the sector-size is larger than the 1527 ** database page size. Since the zHeader buffer is only Pager.pageSize 1528 ** bytes in size, more than one call to sqlite3OsWrite() may be required 1529 ** to populate the entire journal header sector. 1530 */ 1531 for(nWrite=0; rc==SQLITE_OK&&nWrite<JOURNAL_HDR_SZ(pPager); nWrite+=nHeader){ 1532 IOTRACE(("JHDR %p %lld %d\n", pPager, pPager->journalHdr, nHeader)) 1533 rc = sqlite3OsWrite(pPager->jfd, zHeader, nHeader, pPager->journalOff); 1534 assert( pPager->journalHdr <= pPager->journalOff ); 1535 pPager->journalOff += nHeader; 1536 } 1537 1538 return rc; 1539 } 1540 1541 /* 1542 ** The journal file must be open when this is called. A journal header file 1543 ** (JOURNAL_HDR_SZ bytes) is read from the current location in the journal 1544 ** file. The current location in the journal file is given by 1545 ** pPager->journalOff. See comments above function writeJournalHdr() for 1546 ** a description of the journal header format. 1547 ** 1548 ** If the header is read successfully, *pNRec is set to the number of 1549 ** page records following this header and *pDbSize is set to the size of the 1550 ** database before the transaction began, in pages. Also, pPager->cksumInit 1551 ** is set to the value read from the journal header. SQLITE_OK is returned 1552 ** in this case. 1553 ** 1554 ** If the journal header file appears to be corrupted, SQLITE_DONE is 1555 ** returned and *pNRec and *PDbSize are undefined. If JOURNAL_HDR_SZ bytes 1556 ** cannot be read from the journal file an error code is returned. 1557 */ 1558 static int readJournalHdr( 1559 Pager *pPager, /* Pager object */ 1560 int isHot, 1561 i64 journalSize, /* Size of the open journal file in bytes */ 1562 u32 *pNRec, /* OUT: Value read from the nRec field */ 1563 u32 *pDbSize /* OUT: Value of original database size field */ 1564 ){ 1565 int rc; /* Return code */ 1566 unsigned char aMagic[8]; /* A buffer to hold the magic header */ 1567 i64 iHdrOff; /* Offset of journal header being read */ 1568 1569 assert( isOpen(pPager->jfd) ); /* Journal file must be open. */ 1570 1571 /* Advance Pager.journalOff to the start of the next sector. If the 1572 ** journal file is too small for there to be a header stored at this 1573 ** point, return SQLITE_DONE. 1574 */ 1575 pPager->journalOff = journalHdrOffset(pPager); 1576 if( pPager->journalOff+JOURNAL_HDR_SZ(pPager) > journalSize ){ 1577 return SQLITE_DONE; 1578 } 1579 iHdrOff = pPager->journalOff; 1580 1581 /* Read in the first 8 bytes of the journal header. If they do not match 1582 ** the magic string found at the start of each journal header, return 1583 ** SQLITE_DONE. If an IO error occurs, return an error code. Otherwise, 1584 ** proceed. 1585 */ 1586 if( isHot || iHdrOff!=pPager->journalHdr ){ 1587 rc = sqlite3OsRead(pPager->jfd, aMagic, sizeof(aMagic), iHdrOff); 1588 if( rc ){ 1589 return rc; 1590 } 1591 if( memcmp(aMagic, aJournalMagic, sizeof(aMagic))!=0 ){ 1592 return SQLITE_DONE; 1593 } 1594 } 1595 1596 /* Read the first three 32-bit fields of the journal header: The nRec 1597 ** field, the checksum-initializer and the database size at the start 1598 ** of the transaction. Return an error code if anything goes wrong. 1599 */ 1600 if( SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+8, pNRec)) 1601 || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+12, &pPager->cksumInit)) 1602 || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+16, pDbSize)) 1603 ){ 1604 return rc; 1605 } 1606 1607 if( pPager->journalOff==0 ){ 1608 u32 iPageSize; /* Page-size field of journal header */ 1609 u32 iSectorSize; /* Sector-size field of journal header */ 1610 1611 /* Read the page-size and sector-size journal header fields. */ 1612 if( SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+20, &iSectorSize)) 1613 || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+24, &iPageSize)) 1614 ){ 1615 return rc; 1616 } 1617 1618 /* Versions of SQLite prior to 3.5.8 set the page-size field of the 1619 ** journal header to zero. In this case, assume that the Pager.pageSize 1620 ** variable is already set to the correct page size. 1621 */ 1622 if( iPageSize==0 ){ 1623 iPageSize = pPager->pageSize; 1624 } 1625 1626 /* Check that the values read from the page-size and sector-size fields 1627 ** are within range. To be 'in range', both values need to be a power 1628 ** of two greater than or equal to 512 or 32, and not greater than their 1629 ** respective compile time maximum limits. 1630 */ 1631 if( iPageSize<512 || iSectorSize<32 1632 || iPageSize>SQLITE_MAX_PAGE_SIZE || iSectorSize>MAX_SECTOR_SIZE 1633 || ((iPageSize-1)&iPageSize)!=0 || ((iSectorSize-1)&iSectorSize)!=0 1634 ){ 1635 /* If the either the page-size or sector-size in the journal-header is 1636 ** invalid, then the process that wrote the journal-header must have 1637 ** crashed before the header was synced. In this case stop reading 1638 ** the journal file here. 1639 */ 1640 return SQLITE_DONE; 1641 } 1642 1643 /* Update the page-size to match the value read from the journal. 1644 ** Use a testcase() macro to make sure that malloc failure within 1645 ** PagerSetPagesize() is tested. 1646 */ 1647 rc = sqlite3PagerSetPagesize(pPager, &iPageSize, -1); 1648 testcase( rc!=SQLITE_OK ); 1649 1650 /* Update the assumed sector-size to match the value used by 1651 ** the process that created this journal. If this journal was 1652 ** created by a process other than this one, then this routine 1653 ** is being called from within pager_playback(). The local value 1654 ** of Pager.sectorSize is restored at the end of that routine. 1655 */ 1656 pPager->sectorSize = iSectorSize; 1657 } 1658 1659 pPager->journalOff += JOURNAL_HDR_SZ(pPager); 1660 return rc; 1661 } 1662 1663 1664 /* 1665 ** Write the supplied super-journal name into the journal file for pager 1666 ** pPager at the current location. The super-journal name must be the last 1667 ** thing written to a journal file. If the pager is in full-sync mode, the 1668 ** journal file descriptor is advanced to the next sector boundary before 1669 ** anything is written. The format is: 1670 ** 1671 ** + 4 bytes: PAGER_SJ_PGNO. 1672 ** + N bytes: super-journal filename in utf-8. 1673 ** + 4 bytes: N (length of super-journal name in bytes, no nul-terminator). 1674 ** + 4 bytes: super-journal name checksum. 1675 ** + 8 bytes: aJournalMagic[]. 1676 ** 1677 ** The super-journal page checksum is the sum of the bytes in thesuper-journal 1678 ** name, where each byte is interpreted as a signed 8-bit integer. 1679 ** 1680 ** If zSuper is a NULL pointer (occurs for a single database transaction), 1681 ** this call is a no-op. 1682 */ 1683 static int writeSuperJournal(Pager *pPager, const char *zSuper){ 1684 int rc; /* Return code */ 1685 int nSuper; /* Length of string zSuper */ 1686 i64 iHdrOff; /* Offset of header in journal file */ 1687 i64 jrnlSize; /* Size of journal file on disk */ 1688 u32 cksum = 0; /* Checksum of string zSuper */ 1689 1690 assert( pPager->setSuper==0 ); 1691 assert( !pagerUseWal(pPager) ); 1692 1693 if( !zSuper 1694 || pPager->journalMode==PAGER_JOURNALMODE_MEMORY 1695 || !isOpen(pPager->jfd) 1696 ){ 1697 return SQLITE_OK; 1698 } 1699 pPager->setSuper = 1; 1700 assert( pPager->journalHdr <= pPager->journalOff ); 1701 1702 /* Calculate the length in bytes and the checksum of zSuper */ 1703 for(nSuper=0; zSuper[nSuper]; nSuper++){ 1704 cksum += zSuper[nSuper]; 1705 } 1706 1707 /* If in full-sync mode, advance to the next disk sector before writing 1708 ** the super-journal name. This is in case the previous page written to 1709 ** the journal has already been synced. 1710 */ 1711 if( pPager->fullSync ){ 1712 pPager->journalOff = journalHdrOffset(pPager); 1713 } 1714 iHdrOff = pPager->journalOff; 1715 1716 /* Write the super-journal data to the end of the journal file. If 1717 ** an error occurs, return the error code to the caller. 1718 */ 1719 if( (0 != (rc = write32bits(pPager->jfd, iHdrOff, PAGER_SJ_PGNO(pPager)))) 1720 || (0 != (rc = sqlite3OsWrite(pPager->jfd, zSuper, nSuper, iHdrOff+4))) 1721 || (0 != (rc = write32bits(pPager->jfd, iHdrOff+4+nSuper, nSuper))) 1722 || (0 != (rc = write32bits(pPager->jfd, iHdrOff+4+nSuper+4, cksum))) 1723 || (0 != (rc = sqlite3OsWrite(pPager->jfd, aJournalMagic, 8, 1724 iHdrOff+4+nSuper+8))) 1725 ){ 1726 return rc; 1727 } 1728 pPager->journalOff += (nSuper+20); 1729 1730 /* If the pager is in peristent-journal mode, then the physical 1731 ** journal-file may extend past the end of the super-journal name 1732 ** and 8 bytes of magic data just written to the file. This is 1733 ** dangerous because the code to rollback a hot-journal file 1734 ** will not be able to find the super-journal name to determine 1735 ** whether or not the journal is hot. 1736 ** 1737 ** Easiest thing to do in this scenario is to truncate the journal 1738 ** file to the required size. 1739 */ 1740 if( SQLITE_OK==(rc = sqlite3OsFileSize(pPager->jfd, &jrnlSize)) 1741 && jrnlSize>pPager->journalOff 1742 ){ 1743 rc = sqlite3OsTruncate(pPager->jfd, pPager->journalOff); 1744 } 1745 return rc; 1746 } 1747 1748 /* 1749 ** Discard the entire contents of the in-memory page-cache. 1750 */ 1751 static void pager_reset(Pager *pPager){ 1752 pPager->iDataVersion++; 1753 sqlite3BackupRestart(pPager->pBackup); 1754 sqlite3PcacheClear(pPager->pPCache); 1755 } 1756 1757 /* 1758 ** Return the pPager->iDataVersion value 1759 */ 1760 u32 sqlite3PagerDataVersion(Pager *pPager){ 1761 return pPager->iDataVersion; 1762 } 1763 1764 /* 1765 ** Free all structures in the Pager.aSavepoint[] array and set both 1766 ** Pager.aSavepoint and Pager.nSavepoint to zero. Close the sub-journal 1767 ** if it is open and the pager is not in exclusive mode. 1768 */ 1769 static void releaseAllSavepoints(Pager *pPager){ 1770 int ii; /* Iterator for looping through Pager.aSavepoint */ 1771 for(ii=0; ii<pPager->nSavepoint; ii++){ 1772 sqlite3BitvecDestroy(pPager->aSavepoint[ii].pInSavepoint); 1773 } 1774 if( !pPager->exclusiveMode || sqlite3JournalIsInMemory(pPager->sjfd) ){ 1775 sqlite3OsClose(pPager->sjfd); 1776 } 1777 sqlite3_free(pPager->aSavepoint); 1778 pPager->aSavepoint = 0; 1779 pPager->nSavepoint = 0; 1780 pPager->nSubRec = 0; 1781 } 1782 1783 /* 1784 ** Set the bit number pgno in the PagerSavepoint.pInSavepoint 1785 ** bitvecs of all open savepoints. Return SQLITE_OK if successful 1786 ** or SQLITE_NOMEM if a malloc failure occurs. 1787 */ 1788 static int addToSavepointBitvecs(Pager *pPager, Pgno pgno){ 1789 int ii; /* Loop counter */ 1790 int rc = SQLITE_OK; /* Result code */ 1791 1792 for(ii=0; ii<pPager->nSavepoint; ii++){ 1793 PagerSavepoint *p = &pPager->aSavepoint[ii]; 1794 if( pgno<=p->nOrig ){ 1795 rc |= sqlite3BitvecSet(p->pInSavepoint, pgno); 1796 testcase( rc==SQLITE_NOMEM ); 1797 assert( rc==SQLITE_OK || rc==SQLITE_NOMEM ); 1798 } 1799 } 1800 return rc; 1801 } 1802 1803 /* 1804 ** This function is a no-op if the pager is in exclusive mode and not 1805 ** in the ERROR state. Otherwise, it switches the pager to PAGER_OPEN 1806 ** state. 1807 ** 1808 ** If the pager is not in exclusive-access mode, the database file is 1809 ** completely unlocked. If the file is unlocked and the file-system does 1810 ** not exhibit the UNDELETABLE_WHEN_OPEN property, the journal file is 1811 ** closed (if it is open). 1812 ** 1813 ** If the pager is in ERROR state when this function is called, the 1814 ** contents of the pager cache are discarded before switching back to 1815 ** the OPEN state. Regardless of whether the pager is in exclusive-mode 1816 ** or not, any journal file left in the file-system will be treated 1817 ** as a hot-journal and rolled back the next time a read-transaction 1818 ** is opened (by this or by any other connection). 1819 */ 1820 static void pager_unlock(Pager *pPager){ 1821 1822 assert( pPager->eState==PAGER_READER 1823 || pPager->eState==PAGER_OPEN 1824 || pPager->eState==PAGER_ERROR 1825 ); 1826 1827 sqlite3BitvecDestroy(pPager->pInJournal); 1828 pPager->pInJournal = 0; 1829 releaseAllSavepoints(pPager); 1830 1831 if( pagerUseWal(pPager) ){ 1832 assert( !isOpen(pPager->jfd) ); 1833 sqlite3WalEndReadTransaction(pPager->pWal); 1834 pPager->eState = PAGER_OPEN; 1835 }else if( !pPager->exclusiveMode ){ 1836 int rc; /* Error code returned by pagerUnlockDb() */ 1837 int iDc = isOpen(pPager->fd)?sqlite3OsDeviceCharacteristics(pPager->fd):0; 1838 1839 /* If the operating system support deletion of open files, then 1840 ** close the journal file when dropping the database lock. Otherwise 1841 ** another connection with journal_mode=delete might delete the file 1842 ** out from under us. 1843 */ 1844 assert( (PAGER_JOURNALMODE_MEMORY & 5)!=1 ); 1845 assert( (PAGER_JOURNALMODE_OFF & 5)!=1 ); 1846 assert( (PAGER_JOURNALMODE_WAL & 5)!=1 ); 1847 assert( (PAGER_JOURNALMODE_DELETE & 5)!=1 ); 1848 assert( (PAGER_JOURNALMODE_TRUNCATE & 5)==1 ); 1849 assert( (PAGER_JOURNALMODE_PERSIST & 5)==1 ); 1850 if( 0==(iDc & SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN) 1851 || 1!=(pPager->journalMode & 5) 1852 ){ 1853 sqlite3OsClose(pPager->jfd); 1854 } 1855 1856 /* If the pager is in the ERROR state and the call to unlock the database 1857 ** file fails, set the current lock to UNKNOWN_LOCK. See the comment 1858 ** above the #define for UNKNOWN_LOCK for an explanation of why this 1859 ** is necessary. 1860 */ 1861 rc = pagerUnlockDb(pPager, NO_LOCK); 1862 if( rc!=SQLITE_OK && pPager->eState==PAGER_ERROR ){ 1863 pPager->eLock = UNKNOWN_LOCK; 1864 } 1865 1866 /* The pager state may be changed from PAGER_ERROR to PAGER_OPEN here 1867 ** without clearing the error code. This is intentional - the error 1868 ** code is cleared and the cache reset in the block below. 1869 */ 1870 assert( pPager->errCode || pPager->eState!=PAGER_ERROR ); 1871 pPager->eState = PAGER_OPEN; 1872 } 1873 1874 /* If Pager.errCode is set, the contents of the pager cache cannot be 1875 ** trusted. Now that there are no outstanding references to the pager, 1876 ** it can safely move back to PAGER_OPEN state. This happens in both 1877 ** normal and exclusive-locking mode. 1878 */ 1879 assert( pPager->errCode==SQLITE_OK || !MEMDB ); 1880 if( pPager->errCode ){ 1881 if( pPager->tempFile==0 ){ 1882 pager_reset(pPager); 1883 pPager->changeCountDone = 0; 1884 pPager->eState = PAGER_OPEN; 1885 }else{ 1886 pPager->eState = (isOpen(pPager->jfd) ? PAGER_OPEN : PAGER_READER); 1887 } 1888 if( USEFETCH(pPager) ) sqlite3OsUnfetch(pPager->fd, 0, 0); 1889 pPager->errCode = SQLITE_OK; 1890 setGetterMethod(pPager); 1891 } 1892 1893 pPager->journalOff = 0; 1894 pPager->journalHdr = 0; 1895 pPager->setSuper = 0; 1896 } 1897 1898 /* 1899 ** This function is called whenever an IOERR or FULL error that requires 1900 ** the pager to transition into the ERROR state may ahve occurred. 1901 ** The first argument is a pointer to the pager structure, the second 1902 ** the error-code about to be returned by a pager API function. The 1903 ** value returned is a copy of the second argument to this function. 1904 ** 1905 ** If the second argument is SQLITE_FULL, SQLITE_IOERR or one of the 1906 ** IOERR sub-codes, the pager enters the ERROR state and the error code 1907 ** is stored in Pager.errCode. While the pager remains in the ERROR state, 1908 ** all major API calls on the Pager will immediately return Pager.errCode. 1909 ** 1910 ** The ERROR state indicates that the contents of the pager-cache 1911 ** cannot be trusted. This state can be cleared by completely discarding 1912 ** the contents of the pager-cache. If a transaction was active when 1913 ** the persistent error occurred, then the rollback journal may need 1914 ** to be replayed to restore the contents of the database file (as if 1915 ** it were a hot-journal). 1916 */ 1917 static int pager_error(Pager *pPager, int rc){ 1918 int rc2 = rc & 0xff; 1919 assert( rc==SQLITE_OK || !MEMDB ); 1920 assert( 1921 pPager->errCode==SQLITE_FULL || 1922 pPager->errCode==SQLITE_OK || 1923 (pPager->errCode & 0xff)==SQLITE_IOERR 1924 ); 1925 if( rc2==SQLITE_FULL || rc2==SQLITE_IOERR ){ 1926 pPager->errCode = rc; 1927 pPager->eState = PAGER_ERROR; 1928 setGetterMethod(pPager); 1929 } 1930 return rc; 1931 } 1932 1933 static int pager_truncate(Pager *pPager, Pgno nPage); 1934 1935 /* 1936 ** The write transaction open on pPager is being committed (bCommit==1) 1937 ** or rolled back (bCommit==0). 1938 ** 1939 ** Return TRUE if and only if all dirty pages should be flushed to disk. 1940 ** 1941 ** Rules: 1942 ** 1943 ** * For non-TEMP databases, always sync to disk. This is necessary 1944 ** for transactions to be durable. 1945 ** 1946 ** * Sync TEMP database only on a COMMIT (not a ROLLBACK) when the backing 1947 ** file has been created already (via a spill on pagerStress()) and 1948 ** when the number of dirty pages in memory exceeds 25% of the total 1949 ** cache size. 1950 */ 1951 static int pagerFlushOnCommit(Pager *pPager, int bCommit){ 1952 if( pPager->tempFile==0 ) return 1; 1953 if( !bCommit ) return 0; 1954 if( !isOpen(pPager->fd) ) return 0; 1955 return (sqlite3PCachePercentDirty(pPager->pPCache)>=25); 1956 } 1957 1958 /* 1959 ** This routine ends a transaction. A transaction is usually ended by 1960 ** either a COMMIT or a ROLLBACK operation. This routine may be called 1961 ** after rollback of a hot-journal, or if an error occurs while opening 1962 ** the journal file or writing the very first journal-header of a 1963 ** database transaction. 1964 ** 1965 ** This routine is never called in PAGER_ERROR state. If it is called 1966 ** in PAGER_NONE or PAGER_SHARED state and the lock held is less 1967 ** exclusive than a RESERVED lock, it is a no-op. 1968 ** 1969 ** Otherwise, any active savepoints are released. 1970 ** 1971 ** If the journal file is open, then it is "finalized". Once a journal 1972 ** file has been finalized it is not possible to use it to roll back a 1973 ** transaction. Nor will it be considered to be a hot-journal by this 1974 ** or any other database connection. Exactly how a journal is finalized 1975 ** depends on whether or not the pager is running in exclusive mode and 1976 ** the current journal-mode (Pager.journalMode value), as follows: 1977 ** 1978 ** journalMode==MEMORY 1979 ** Journal file descriptor is simply closed. This destroys an 1980 ** in-memory journal. 1981 ** 1982 ** journalMode==TRUNCATE 1983 ** Journal file is truncated to zero bytes in size. 1984 ** 1985 ** journalMode==PERSIST 1986 ** The first 28 bytes of the journal file are zeroed. This invalidates 1987 ** the first journal header in the file, and hence the entire journal 1988 ** file. An invalid journal file cannot be rolled back. 1989 ** 1990 ** journalMode==DELETE 1991 ** The journal file is closed and deleted using sqlite3OsDelete(). 1992 ** 1993 ** If the pager is running in exclusive mode, this method of finalizing 1994 ** the journal file is never used. Instead, if the journalMode is 1995 ** DELETE and the pager is in exclusive mode, the method described under 1996 ** journalMode==PERSIST is used instead. 1997 ** 1998 ** After the journal is finalized, the pager moves to PAGER_READER state. 1999 ** If running in non-exclusive rollback mode, the lock on the file is 2000 ** downgraded to a SHARED_LOCK. 2001 ** 2002 ** SQLITE_OK is returned if no error occurs. If an error occurs during 2003 ** any of the IO operations to finalize the journal file or unlock the 2004 ** database then the IO error code is returned to the user. If the 2005 ** operation to finalize the journal file fails, then the code still 2006 ** tries to unlock the database file if not in exclusive mode. If the 2007 ** unlock operation fails as well, then the first error code related 2008 ** to the first error encountered (the journal finalization one) is 2009 ** returned. 2010 */ 2011 static int pager_end_transaction(Pager *pPager, int hasSuper, int bCommit){ 2012 int rc = SQLITE_OK; /* Error code from journal finalization operation */ 2013 int rc2 = SQLITE_OK; /* Error code from db file unlock operation */ 2014 2015 /* Do nothing if the pager does not have an open write transaction 2016 ** or at least a RESERVED lock. This function may be called when there 2017 ** is no write-transaction active but a RESERVED or greater lock is 2018 ** held under two circumstances: 2019 ** 2020 ** 1. After a successful hot-journal rollback, it is called with 2021 ** eState==PAGER_NONE and eLock==EXCLUSIVE_LOCK. 2022 ** 2023 ** 2. If a connection with locking_mode=exclusive holding an EXCLUSIVE 2024 ** lock switches back to locking_mode=normal and then executes a 2025 ** read-transaction, this function is called with eState==PAGER_READER 2026 ** and eLock==EXCLUSIVE_LOCK when the read-transaction is closed. 2027 */ 2028 assert( assert_pager_state(pPager) ); 2029 assert( pPager->eState!=PAGER_ERROR ); 2030 if( pPager->eState<PAGER_WRITER_LOCKED && pPager->eLock<RESERVED_LOCK ){ 2031 return SQLITE_OK; 2032 } 2033 2034 releaseAllSavepoints(pPager); 2035 assert( isOpen(pPager->jfd) || pPager->pInJournal==0 2036 || (sqlite3OsDeviceCharacteristics(pPager->fd)&SQLITE_IOCAP_BATCH_ATOMIC) 2037 ); 2038 if( isOpen(pPager->jfd) ){ 2039 assert( !pagerUseWal(pPager) ); 2040 2041 /* Finalize the journal file. */ 2042 if( sqlite3JournalIsInMemory(pPager->jfd) ){ 2043 /* assert( pPager->journalMode==PAGER_JOURNALMODE_MEMORY ); */ 2044 sqlite3OsClose(pPager->jfd); 2045 }else if( pPager->journalMode==PAGER_JOURNALMODE_TRUNCATE ){ 2046 if( pPager->journalOff==0 ){ 2047 rc = SQLITE_OK; 2048 }else{ 2049 rc = sqlite3OsTruncate(pPager->jfd, 0); 2050 if( rc==SQLITE_OK && pPager->fullSync ){ 2051 /* Make sure the new file size is written into the inode right away. 2052 ** Otherwise the journal might resurrect following a power loss and 2053 ** cause the last transaction to roll back. See 2054 ** https://bugzilla.mozilla.org/show_bug.cgi?id=1072773 2055 */ 2056 rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags); 2057 } 2058 } 2059 pPager->journalOff = 0; 2060 }else if( pPager->journalMode==PAGER_JOURNALMODE_PERSIST 2061 || (pPager->exclusiveMode && pPager->journalMode!=PAGER_JOURNALMODE_WAL) 2062 ){ 2063 rc = zeroJournalHdr(pPager, hasSuper||pPager->tempFile); 2064 pPager->journalOff = 0; 2065 }else{ 2066 /* This branch may be executed with Pager.journalMode==MEMORY if 2067 ** a hot-journal was just rolled back. In this case the journal 2068 ** file should be closed and deleted. If this connection writes to 2069 ** the database file, it will do so using an in-memory journal. 2070 */ 2071 int bDelete = !pPager->tempFile; 2072 assert( sqlite3JournalIsInMemory(pPager->jfd)==0 ); 2073 assert( pPager->journalMode==PAGER_JOURNALMODE_DELETE 2074 || pPager->journalMode==PAGER_JOURNALMODE_MEMORY 2075 || pPager->journalMode==PAGER_JOURNALMODE_WAL 2076 ); 2077 sqlite3OsClose(pPager->jfd); 2078 if( bDelete ){ 2079 rc = sqlite3OsDelete(pPager->pVfs, pPager->zJournal, pPager->extraSync); 2080 } 2081 } 2082 } 2083 2084 #ifdef SQLITE_CHECK_PAGES 2085 sqlite3PcacheIterateDirty(pPager->pPCache, pager_set_pagehash); 2086 if( pPager->dbSize==0 && sqlite3PcacheRefCount(pPager->pPCache)>0 ){ 2087 PgHdr *p = sqlite3PagerLookup(pPager, 1); 2088 if( p ){ 2089 p->pageHash = 0; 2090 sqlite3PagerUnrefNotNull(p); 2091 } 2092 } 2093 #endif 2094 2095 sqlite3BitvecDestroy(pPager->pInJournal); 2096 pPager->pInJournal = 0; 2097 pPager->nRec = 0; 2098 if( rc==SQLITE_OK ){ 2099 if( MEMDB || pagerFlushOnCommit(pPager, bCommit) ){ 2100 sqlite3PcacheCleanAll(pPager->pPCache); 2101 }else{ 2102 sqlite3PcacheClearWritable(pPager->pPCache); 2103 } 2104 sqlite3PcacheTruncate(pPager->pPCache, pPager->dbSize); 2105 } 2106 2107 if( pagerUseWal(pPager) ){ 2108 /* Drop the WAL write-lock, if any. Also, if the connection was in 2109 ** locking_mode=exclusive mode but is no longer, drop the EXCLUSIVE 2110 ** lock held on the database file. 2111 */ 2112 rc2 = sqlite3WalEndWriteTransaction(pPager->pWal); 2113 assert( rc2==SQLITE_OK ); 2114 }else if( rc==SQLITE_OK && bCommit && pPager->dbFileSize>pPager->dbSize ){ 2115 /* This branch is taken when committing a transaction in rollback-journal 2116 ** mode if the database file on disk is larger than the database image. 2117 ** At this point the journal has been finalized and the transaction 2118 ** successfully committed, but the EXCLUSIVE lock is still held on the 2119 ** file. So it is safe to truncate the database file to its minimum 2120 ** required size. */ 2121 assert( pPager->eLock==EXCLUSIVE_LOCK ); 2122 rc = pager_truncate(pPager, pPager->dbSize); 2123 } 2124 2125 if( rc==SQLITE_OK && bCommit ){ 2126 rc = sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_COMMIT_PHASETWO, 0); 2127 if( rc==SQLITE_NOTFOUND ) rc = SQLITE_OK; 2128 } 2129 2130 if( !pPager->exclusiveMode 2131 && (!pagerUseWal(pPager) || sqlite3WalExclusiveMode(pPager->pWal, 0)) 2132 ){ 2133 rc2 = pagerUnlockDb(pPager, SHARED_LOCK); 2134 } 2135 pPager->eState = PAGER_READER; 2136 pPager->setSuper = 0; 2137 2138 return (rc==SQLITE_OK?rc2:rc); 2139 } 2140 2141 /* 2142 ** Execute a rollback if a transaction is active and unlock the 2143 ** database file. 2144 ** 2145 ** If the pager has already entered the ERROR state, do not attempt 2146 ** the rollback at this time. Instead, pager_unlock() is called. The 2147 ** call to pager_unlock() will discard all in-memory pages, unlock 2148 ** the database file and move the pager back to OPEN state. If this 2149 ** means that there is a hot-journal left in the file-system, the next 2150 ** connection to obtain a shared lock on the pager (which may be this one) 2151 ** will roll it back. 2152 ** 2153 ** If the pager has not already entered the ERROR state, but an IO or 2154 ** malloc error occurs during a rollback, then this will itself cause 2155 ** the pager to enter the ERROR state. Which will be cleared by the 2156 ** call to pager_unlock(), as described above. 2157 */ 2158 static void pagerUnlockAndRollback(Pager *pPager){ 2159 if( pPager->eState!=PAGER_ERROR && pPager->eState!=PAGER_OPEN ){ 2160 assert( assert_pager_state(pPager) ); 2161 if( pPager->eState>=PAGER_WRITER_LOCKED ){ 2162 sqlite3BeginBenignMalloc(); 2163 sqlite3PagerRollback(pPager); 2164 sqlite3EndBenignMalloc(); 2165 }else if( !pPager->exclusiveMode ){ 2166 assert( pPager->eState==PAGER_READER ); 2167 pager_end_transaction(pPager, 0, 0); 2168 } 2169 } 2170 pager_unlock(pPager); 2171 } 2172 2173 /* 2174 ** Parameter aData must point to a buffer of pPager->pageSize bytes 2175 ** of data. Compute and return a checksum based ont the contents of the 2176 ** page of data and the current value of pPager->cksumInit. 2177 ** 2178 ** This is not a real checksum. It is really just the sum of the 2179 ** random initial value (pPager->cksumInit) and every 200th byte 2180 ** of the page data, starting with byte offset (pPager->pageSize%200). 2181 ** Each byte is interpreted as an 8-bit unsigned integer. 2182 ** 2183 ** Changing the formula used to compute this checksum results in an 2184 ** incompatible journal file format. 2185 ** 2186 ** If journal corruption occurs due to a power failure, the most likely 2187 ** scenario is that one end or the other of the record will be changed. 2188 ** It is much less likely that the two ends of the journal record will be 2189 ** correct and the middle be corrupt. Thus, this "checksum" scheme, 2190 ** though fast and simple, catches the mostly likely kind of corruption. 2191 */ 2192 static u32 pager_cksum(Pager *pPager, const u8 *aData){ 2193 u32 cksum = pPager->cksumInit; /* Checksum value to return */ 2194 int i = pPager->pageSize-200; /* Loop counter */ 2195 while( i>0 ){ 2196 cksum += aData[i]; 2197 i -= 200; 2198 } 2199 return cksum; 2200 } 2201 2202 /* 2203 ** Read a single page from either the journal file (if isMainJrnl==1) or 2204 ** from the sub-journal (if isMainJrnl==0) and playback that page. 2205 ** The page begins at offset *pOffset into the file. The *pOffset 2206 ** value is increased to the start of the next page in the journal. 2207 ** 2208 ** The main rollback journal uses checksums - the statement journal does 2209 ** not. 2210 ** 2211 ** If the page number of the page record read from the (sub-)journal file 2212 ** is greater than the current value of Pager.dbSize, then playback is 2213 ** skipped and SQLITE_OK is returned. 2214 ** 2215 ** If pDone is not NULL, then it is a record of pages that have already 2216 ** been played back. If the page at *pOffset has already been played back 2217 ** (if the corresponding pDone bit is set) then skip the playback. 2218 ** Make sure the pDone bit corresponding to the *pOffset page is set 2219 ** prior to returning. 2220 ** 2221 ** If the page record is successfully read from the (sub-)journal file 2222 ** and played back, then SQLITE_OK is returned. If an IO error occurs 2223 ** while reading the record from the (sub-)journal file or while writing 2224 ** to the database file, then the IO error code is returned. If data 2225 ** is successfully read from the (sub-)journal file but appears to be 2226 ** corrupted, SQLITE_DONE is returned. Data is considered corrupted in 2227 ** two circumstances: 2228 ** 2229 ** * If the record page-number is illegal (0 or PAGER_SJ_PGNO), or 2230 ** * If the record is being rolled back from the main journal file 2231 ** and the checksum field does not match the record content. 2232 ** 2233 ** Neither of these two scenarios are possible during a savepoint rollback. 2234 ** 2235 ** If this is a savepoint rollback, then memory may have to be dynamically 2236 ** allocated by this function. If this is the case and an allocation fails, 2237 ** SQLITE_NOMEM is returned. 2238 */ 2239 static int pager_playback_one_page( 2240 Pager *pPager, /* The pager being played back */ 2241 i64 *pOffset, /* Offset of record to playback */ 2242 Bitvec *pDone, /* Bitvec of pages already played back */ 2243 int isMainJrnl, /* 1 -> main journal. 0 -> sub-journal. */ 2244 int isSavepnt /* True for a savepoint rollback */ 2245 ){ 2246 int rc; 2247 PgHdr *pPg; /* An existing page in the cache */ 2248 Pgno pgno; /* The page number of a page in journal */ 2249 u32 cksum; /* Checksum used for sanity checking */ 2250 char *aData; /* Temporary storage for the page */ 2251 sqlite3_file *jfd; /* The file descriptor for the journal file */ 2252 int isSynced; /* True if journal page is synced */ 2253 2254 assert( (isMainJrnl&~1)==0 ); /* isMainJrnl is 0 or 1 */ 2255 assert( (isSavepnt&~1)==0 ); /* isSavepnt is 0 or 1 */ 2256 assert( isMainJrnl || pDone ); /* pDone always used on sub-journals */ 2257 assert( isSavepnt || pDone==0 ); /* pDone never used on non-savepoint */ 2258 2259 aData = pPager->pTmpSpace; 2260 assert( aData ); /* Temp storage must have already been allocated */ 2261 assert( pagerUseWal(pPager)==0 || (!isMainJrnl && isSavepnt) ); 2262 2263 /* Either the state is greater than PAGER_WRITER_CACHEMOD (a transaction 2264 ** or savepoint rollback done at the request of the caller) or this is 2265 ** a hot-journal rollback. If it is a hot-journal rollback, the pager 2266 ** is in state OPEN and holds an EXCLUSIVE lock. Hot-journal rollback 2267 ** only reads from the main journal, not the sub-journal. 2268 */ 2269 assert( pPager->eState>=PAGER_WRITER_CACHEMOD 2270 || (pPager->eState==PAGER_OPEN && pPager->eLock==EXCLUSIVE_LOCK) 2271 ); 2272 assert( pPager->eState>=PAGER_WRITER_CACHEMOD || isMainJrnl ); 2273 2274 /* Read the page number and page data from the journal or sub-journal 2275 ** file. Return an error code to the caller if an IO error occurs. 2276 */ 2277 jfd = isMainJrnl ? pPager->jfd : pPager->sjfd; 2278 rc = read32bits(jfd, *pOffset, &pgno); 2279 if( rc!=SQLITE_OK ) return rc; 2280 rc = sqlite3OsRead(jfd, (u8*)aData, pPager->pageSize, (*pOffset)+4); 2281 if( rc!=SQLITE_OK ) return rc; 2282 *pOffset += pPager->pageSize + 4 + isMainJrnl*4; 2283 2284 /* Sanity checking on the page. This is more important that I originally 2285 ** thought. If a power failure occurs while the journal is being written, 2286 ** it could cause invalid data to be written into the journal. We need to 2287 ** detect this invalid data (with high probability) and ignore it. 2288 */ 2289 if( pgno==0 || pgno==PAGER_SJ_PGNO(pPager) ){ 2290 assert( !isSavepnt ); 2291 return SQLITE_DONE; 2292 } 2293 if( pgno>(Pgno)pPager->dbSize || sqlite3BitvecTest(pDone, pgno) ){ 2294 return SQLITE_OK; 2295 } 2296 if( isMainJrnl ){ 2297 rc = read32bits(jfd, (*pOffset)-4, &cksum); 2298 if( rc ) return rc; 2299 if( !isSavepnt && pager_cksum(pPager, (u8*)aData)!=cksum ){ 2300 return SQLITE_DONE; 2301 } 2302 } 2303 2304 /* If this page has already been played back before during the current 2305 ** rollback, then don't bother to play it back again. 2306 */ 2307 if( pDone && (rc = sqlite3BitvecSet(pDone, pgno))!=SQLITE_OK ){ 2308 return rc; 2309 } 2310 2311 /* When playing back page 1, restore the nReserve setting 2312 */ 2313 if( pgno==1 && pPager->nReserve!=((u8*)aData)[20] ){ 2314 pPager->nReserve = ((u8*)aData)[20]; 2315 } 2316 2317 /* If the pager is in CACHEMOD state, then there must be a copy of this 2318 ** page in the pager cache. In this case just update the pager cache, 2319 ** not the database file. The page is left marked dirty in this case. 2320 ** 2321 ** An exception to the above rule: If the database is in no-sync mode 2322 ** and a page is moved during an incremental vacuum then the page may 2323 ** not be in the pager cache. Later: if a malloc() or IO error occurs 2324 ** during a Movepage() call, then the page may not be in the cache 2325 ** either. So the condition described in the above paragraph is not 2326 ** assert()able. 2327 ** 2328 ** If in WRITER_DBMOD, WRITER_FINISHED or OPEN state, then we update the 2329 ** pager cache if it exists and the main file. The page is then marked 2330 ** not dirty. Since this code is only executed in PAGER_OPEN state for 2331 ** a hot-journal rollback, it is guaranteed that the page-cache is empty 2332 ** if the pager is in OPEN state. 2333 ** 2334 ** Ticket #1171: The statement journal might contain page content that is 2335 ** different from the page content at the start of the transaction. 2336 ** This occurs when a page is changed prior to the start of a statement 2337 ** then changed again within the statement. When rolling back such a 2338 ** statement we must not write to the original database unless we know 2339 ** for certain that original page contents are synced into the main rollback 2340 ** journal. Otherwise, a power loss might leave modified data in the 2341 ** database file without an entry in the rollback journal that can 2342 ** restore the database to its original form. Two conditions must be 2343 ** met before writing to the database files. (1) the database must be 2344 ** locked. (2) we know that the original page content is fully synced 2345 ** in the main journal either because the page is not in cache or else 2346 ** the page is marked as needSync==0. 2347 ** 2348 ** 2008-04-14: When attempting to vacuum a corrupt database file, it 2349 ** is possible to fail a statement on a database that does not yet exist. 2350 ** Do not attempt to write if database file has never been opened. 2351 */ 2352 if( pagerUseWal(pPager) ){ 2353 pPg = 0; 2354 }else{ 2355 pPg = sqlite3PagerLookup(pPager, pgno); 2356 } 2357 assert( pPg || !MEMDB ); 2358 assert( pPager->eState!=PAGER_OPEN || pPg==0 || pPager->tempFile ); 2359 PAGERTRACE(("PLAYBACK %d page %d hash(%08x) %s\n", 2360 PAGERID(pPager), pgno, pager_datahash(pPager->pageSize, (u8*)aData), 2361 (isMainJrnl?"main-journal":"sub-journal") 2362 )); 2363 if( isMainJrnl ){ 2364 isSynced = pPager->noSync || (*pOffset <= pPager->journalHdr); 2365 }else{ 2366 isSynced = (pPg==0 || 0==(pPg->flags & PGHDR_NEED_SYNC)); 2367 } 2368 if( isOpen(pPager->fd) 2369 && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN) 2370 && isSynced 2371 ){ 2372 i64 ofst = (pgno-1)*(i64)pPager->pageSize; 2373 testcase( !isSavepnt && pPg!=0 && (pPg->flags&PGHDR_NEED_SYNC)!=0 ); 2374 assert( !pagerUseWal(pPager) ); 2375 2376 /* Write the data read from the journal back into the database file. 2377 ** This is usually safe even for an encrypted database - as the data 2378 ** was encrypted before it was written to the journal file. The exception 2379 ** is if the data was just read from an in-memory sub-journal. In that 2380 ** case it must be encrypted here before it is copied into the database 2381 ** file. */ 2382 rc = sqlite3OsWrite(pPager->fd, (u8 *)aData, pPager->pageSize, ofst); 2383 2384 if( pgno>pPager->dbFileSize ){ 2385 pPager->dbFileSize = pgno; 2386 } 2387 if( pPager->pBackup ){ 2388 sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)aData); 2389 } 2390 }else if( !isMainJrnl && pPg==0 ){ 2391 /* If this is a rollback of a savepoint and data was not written to 2392 ** the database and the page is not in-memory, there is a potential 2393 ** problem. When the page is next fetched by the b-tree layer, it 2394 ** will be read from the database file, which may or may not be 2395 ** current. 2396 ** 2397 ** There are a couple of different ways this can happen. All are quite 2398 ** obscure. When running in synchronous mode, this can only happen 2399 ** if the page is on the free-list at the start of the transaction, then 2400 ** populated, then moved using sqlite3PagerMovepage(). 2401 ** 2402 ** The solution is to add an in-memory page to the cache containing 2403 ** the data just read from the sub-journal. Mark the page as dirty 2404 ** and if the pager requires a journal-sync, then mark the page as 2405 ** requiring a journal-sync before it is written. 2406 */ 2407 assert( isSavepnt ); 2408 assert( (pPager->doNotSpill & SPILLFLAG_ROLLBACK)==0 ); 2409 pPager->doNotSpill |= SPILLFLAG_ROLLBACK; 2410 rc = sqlite3PagerGet(pPager, pgno, &pPg, 1); 2411 assert( (pPager->doNotSpill & SPILLFLAG_ROLLBACK)!=0 ); 2412 pPager->doNotSpill &= ~SPILLFLAG_ROLLBACK; 2413 if( rc!=SQLITE_OK ) return rc; 2414 sqlite3PcacheMakeDirty(pPg); 2415 } 2416 if( pPg ){ 2417 /* No page should ever be explicitly rolled back that is in use, except 2418 ** for page 1 which is held in use in order to keep the lock on the 2419 ** database active. However such a page may be rolled back as a result 2420 ** of an internal error resulting in an automatic call to 2421 ** sqlite3PagerRollback(). 2422 */ 2423 void *pData; 2424 pData = pPg->pData; 2425 memcpy(pData, (u8*)aData, pPager->pageSize); 2426 pPager->xReiniter(pPg); 2427 /* It used to be that sqlite3PcacheMakeClean(pPg) was called here. But 2428 ** that call was dangerous and had no detectable benefit since the cache 2429 ** is normally cleaned by sqlite3PcacheCleanAll() after rollback and so 2430 ** has been removed. */ 2431 pager_set_pagehash(pPg); 2432 2433 /* If this was page 1, then restore the value of Pager.dbFileVers. 2434 ** Do this before any decoding. */ 2435 if( pgno==1 ){ 2436 memcpy(&pPager->dbFileVers, &((u8*)pData)[24],sizeof(pPager->dbFileVers)); 2437 } 2438 sqlite3PcacheRelease(pPg); 2439 } 2440 return rc; 2441 } 2442 2443 /* 2444 ** Parameter zSuper is the name of a super-journal file. A single journal 2445 ** file that referred to the super-journal file has just been rolled back. 2446 ** This routine checks if it is possible to delete the super-journal file, 2447 ** and does so if it is. 2448 ** 2449 ** Argument zSuper may point to Pager.pTmpSpace. So that buffer is not 2450 ** available for use within this function. 2451 ** 2452 ** When a super-journal file is created, it is populated with the names 2453 ** of all of its child journals, one after another, formatted as utf-8 2454 ** encoded text. The end of each child journal file is marked with a 2455 ** nul-terminator byte (0x00). i.e. the entire contents of a super-journal 2456 ** file for a transaction involving two databases might be: 2457 ** 2458 ** "/home/bill/a.db-journal\x00/home/bill/b.db-journal\x00" 2459 ** 2460 ** A super-journal file may only be deleted once all of its child 2461 ** journals have been rolled back. 2462 ** 2463 ** This function reads the contents of the super-journal file into 2464 ** memory and loops through each of the child journal names. For 2465 ** each child journal, it checks if: 2466 ** 2467 ** * if the child journal exists, and if so 2468 ** * if the child journal contains a reference to super-journal 2469 ** file zSuper 2470 ** 2471 ** If a child journal can be found that matches both of the criteria 2472 ** above, this function returns without doing anything. Otherwise, if 2473 ** no such child journal can be found, file zSuper is deleted from 2474 ** the file-system using sqlite3OsDelete(). 2475 ** 2476 ** If an IO error within this function, an error code is returned. This 2477 ** function allocates memory by calling sqlite3Malloc(). If an allocation 2478 ** fails, SQLITE_NOMEM is returned. Otherwise, if no IO or malloc errors 2479 ** occur, SQLITE_OK is returned. 2480 ** 2481 ** TODO: This function allocates a single block of memory to load 2482 ** the entire contents of the super-journal file. This could be 2483 ** a couple of kilobytes or so - potentially larger than the page 2484 ** size. 2485 */ 2486 static int pager_delsuper(Pager *pPager, const char *zSuper){ 2487 sqlite3_vfs *pVfs = pPager->pVfs; 2488 int rc; /* Return code */ 2489 sqlite3_file *pSuper; /* Malloc'd super-journal file descriptor */ 2490 sqlite3_file *pJournal; /* Malloc'd child-journal file descriptor */ 2491 char *zSuperJournal = 0; /* Contents of super-journal file */ 2492 i64 nSuperJournal; /* Size of super-journal file */ 2493 char *zJournal; /* Pointer to one journal within MJ file */ 2494 char *zSuperPtr; /* Space to hold super-journal filename */ 2495 char *zFree = 0; /* Free this buffer */ 2496 int nSuperPtr; /* Amount of space allocated to zSuperPtr[] */ 2497 2498 /* Allocate space for both the pJournal and pSuper file descriptors. 2499 ** If successful, open the super-journal file for reading. 2500 */ 2501 pSuper = (sqlite3_file *)sqlite3MallocZero(pVfs->szOsFile * 2); 2502 if( !pSuper ){ 2503 rc = SQLITE_NOMEM_BKPT; 2504 pJournal = 0; 2505 }else{ 2506 const int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_SUPER_JOURNAL); 2507 rc = sqlite3OsOpen(pVfs, zSuper, pSuper, flags, 0); 2508 pJournal = (sqlite3_file *)(((u8 *)pSuper) + pVfs->szOsFile); 2509 } 2510 if( rc!=SQLITE_OK ) goto delsuper_out; 2511 2512 /* Load the entire super-journal file into space obtained from 2513 ** sqlite3_malloc() and pointed to by zSuperJournal. Also obtain 2514 ** sufficient space (in zSuperPtr) to hold the names of super-journal 2515 ** files extracted from regular rollback-journals. 2516 */ 2517 rc = sqlite3OsFileSize(pSuper, &nSuperJournal); 2518 if( rc!=SQLITE_OK ) goto delsuper_out; 2519 nSuperPtr = pVfs->mxPathname+1; 2520 zFree = sqlite3Malloc(4 + nSuperJournal + nSuperPtr + 2); 2521 if( !zFree ){ 2522 rc = SQLITE_NOMEM_BKPT; 2523 goto delsuper_out; 2524 } 2525 zFree[0] = zFree[1] = zFree[2] = zFree[3] = 0; 2526 zSuperJournal = &zFree[4]; 2527 zSuperPtr = &zSuperJournal[nSuperJournal+2]; 2528 rc = sqlite3OsRead(pSuper, zSuperJournal, (int)nSuperJournal, 0); 2529 if( rc!=SQLITE_OK ) goto delsuper_out; 2530 zSuperJournal[nSuperJournal] = 0; 2531 zSuperJournal[nSuperJournal+1] = 0; 2532 2533 zJournal = zSuperJournal; 2534 while( (zJournal-zSuperJournal)<nSuperJournal ){ 2535 int exists; 2536 rc = sqlite3OsAccess(pVfs, zJournal, SQLITE_ACCESS_EXISTS, &exists); 2537 if( rc!=SQLITE_OK ){ 2538 goto delsuper_out; 2539 } 2540 if( exists ){ 2541 /* One of the journals pointed to by the super-journal exists. 2542 ** Open it and check if it points at the super-journal. If 2543 ** so, return without deleting the super-journal file. 2544 ** NB: zJournal is really a MAIN_JOURNAL. But call it a 2545 ** SUPER_JOURNAL here so that the VFS will not send the zJournal 2546 ** name into sqlite3_database_file_object(). 2547 */ 2548 int c; 2549 int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_SUPER_JOURNAL); 2550 rc = sqlite3OsOpen(pVfs, zJournal, pJournal, flags, 0); 2551 if( rc!=SQLITE_OK ){ 2552 goto delsuper_out; 2553 } 2554 2555 rc = readSuperJournal(pJournal, zSuperPtr, nSuperPtr); 2556 sqlite3OsClose(pJournal); 2557 if( rc!=SQLITE_OK ){ 2558 goto delsuper_out; 2559 } 2560 2561 c = zSuperPtr[0]!=0 && strcmp(zSuperPtr, zSuper)==0; 2562 if( c ){ 2563 /* We have a match. Do not delete the super-journal file. */ 2564 goto delsuper_out; 2565 } 2566 } 2567 zJournal += (sqlite3Strlen30(zJournal)+1); 2568 } 2569 2570 sqlite3OsClose(pSuper); 2571 rc = sqlite3OsDelete(pVfs, zSuper, 0); 2572 2573 delsuper_out: 2574 sqlite3_free(zFree); 2575 if( pSuper ){ 2576 sqlite3OsClose(pSuper); 2577 assert( !isOpen(pJournal) ); 2578 sqlite3_free(pSuper); 2579 } 2580 return rc; 2581 } 2582 2583 2584 /* 2585 ** This function is used to change the actual size of the database 2586 ** file in the file-system. This only happens when committing a transaction, 2587 ** or rolling back a transaction (including rolling back a hot-journal). 2588 ** 2589 ** If the main database file is not open, or the pager is not in either 2590 ** DBMOD or OPEN state, this function is a no-op. Otherwise, the size 2591 ** of the file is changed to nPage pages (nPage*pPager->pageSize bytes). 2592 ** If the file on disk is currently larger than nPage pages, then use the VFS 2593 ** xTruncate() method to truncate it. 2594 ** 2595 ** Or, it might be the case that the file on disk is smaller than 2596 ** nPage pages. Some operating system implementations can get confused if 2597 ** you try to truncate a file to some size that is larger than it 2598 ** currently is, so detect this case and write a single zero byte to 2599 ** the end of the new file instead. 2600 ** 2601 ** If successful, return SQLITE_OK. If an IO error occurs while modifying 2602 ** the database file, return the error code to the caller. 2603 */ 2604 static int pager_truncate(Pager *pPager, Pgno nPage){ 2605 int rc = SQLITE_OK; 2606 assert( pPager->eState!=PAGER_ERROR ); 2607 assert( pPager->eState!=PAGER_READER ); 2608 2609 if( isOpen(pPager->fd) 2610 && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN) 2611 ){ 2612 i64 currentSize, newSize; 2613 int szPage = pPager->pageSize; 2614 assert( pPager->eLock==EXCLUSIVE_LOCK ); 2615 /* TODO: Is it safe to use Pager.dbFileSize here? */ 2616 rc = sqlite3OsFileSize(pPager->fd, ¤tSize); 2617 newSize = szPage*(i64)nPage; 2618 if( rc==SQLITE_OK && currentSize!=newSize ){ 2619 if( currentSize>newSize ){ 2620 rc = sqlite3OsTruncate(pPager->fd, newSize); 2621 }else if( (currentSize+szPage)<=newSize ){ 2622 char *pTmp = pPager->pTmpSpace; 2623 memset(pTmp, 0, szPage); 2624 testcase( (newSize-szPage) == currentSize ); 2625 testcase( (newSize-szPage) > currentSize ); 2626 rc = sqlite3OsWrite(pPager->fd, pTmp, szPage, newSize-szPage); 2627 } 2628 if( rc==SQLITE_OK ){ 2629 pPager->dbFileSize = nPage; 2630 } 2631 } 2632 } 2633 return rc; 2634 } 2635 2636 /* 2637 ** Return a sanitized version of the sector-size of OS file pFile. The 2638 ** return value is guaranteed to lie between 32 and MAX_SECTOR_SIZE. 2639 */ 2640 int sqlite3SectorSize(sqlite3_file *pFile){ 2641 int iRet = sqlite3OsSectorSize(pFile); 2642 if( iRet<32 ){ 2643 iRet = 512; 2644 }else if( iRet>MAX_SECTOR_SIZE ){ 2645 assert( MAX_SECTOR_SIZE>=512 ); 2646 iRet = MAX_SECTOR_SIZE; 2647 } 2648 return iRet; 2649 } 2650 2651 /* 2652 ** Set the value of the Pager.sectorSize variable for the given 2653 ** pager based on the value returned by the xSectorSize method 2654 ** of the open database file. The sector size will be used 2655 ** to determine the size and alignment of journal header and 2656 ** super-journal pointers within created journal files. 2657 ** 2658 ** For temporary files the effective sector size is always 512 bytes. 2659 ** 2660 ** Otherwise, for non-temporary files, the effective sector size is 2661 ** the value returned by the xSectorSize() method rounded up to 32 if 2662 ** it is less than 32, or rounded down to MAX_SECTOR_SIZE if it 2663 ** is greater than MAX_SECTOR_SIZE. 2664 ** 2665 ** If the file has the SQLITE_IOCAP_POWERSAFE_OVERWRITE property, then set 2666 ** the effective sector size to its minimum value (512). The purpose of 2667 ** pPager->sectorSize is to define the "blast radius" of bytes that 2668 ** might change if a crash occurs while writing to a single byte in 2669 ** that range. But with POWERSAFE_OVERWRITE, the blast radius is zero 2670 ** (that is what POWERSAFE_OVERWRITE means), so we minimize the sector 2671 ** size. For backwards compatibility of the rollback journal file format, 2672 ** we cannot reduce the effective sector size below 512. 2673 */ 2674 static void setSectorSize(Pager *pPager){ 2675 assert( isOpen(pPager->fd) || pPager->tempFile ); 2676 2677 if( pPager->tempFile 2678 || (sqlite3OsDeviceCharacteristics(pPager->fd) & 2679 SQLITE_IOCAP_POWERSAFE_OVERWRITE)!=0 2680 ){ 2681 /* Sector size doesn't matter for temporary files. Also, the file 2682 ** may not have been opened yet, in which case the OsSectorSize() 2683 ** call will segfault. */ 2684 pPager->sectorSize = 512; 2685 }else{ 2686 pPager->sectorSize = sqlite3SectorSize(pPager->fd); 2687 } 2688 } 2689 2690 /* 2691 ** Playback the journal and thus restore the database file to 2692 ** the state it was in before we started making changes. 2693 ** 2694 ** The journal file format is as follows: 2695 ** 2696 ** (1) 8 byte prefix. A copy of aJournalMagic[]. 2697 ** (2) 4 byte big-endian integer which is the number of valid page records 2698 ** in the journal. If this value is 0xffffffff, then compute the 2699 ** number of page records from the journal size. 2700 ** (3) 4 byte big-endian integer which is the initial value for the 2701 ** sanity checksum. 2702 ** (4) 4 byte integer which is the number of pages to truncate the 2703 ** database to during a rollback. 2704 ** (5) 4 byte big-endian integer which is the sector size. The header 2705 ** is this many bytes in size. 2706 ** (6) 4 byte big-endian integer which is the page size. 2707 ** (7) zero padding out to the next sector size. 2708 ** (8) Zero or more pages instances, each as follows: 2709 ** + 4 byte page number. 2710 ** + pPager->pageSize bytes of data. 2711 ** + 4 byte checksum 2712 ** 2713 ** When we speak of the journal header, we mean the first 7 items above. 2714 ** Each entry in the journal is an instance of the 8th item. 2715 ** 2716 ** Call the value from the second bullet "nRec". nRec is the number of 2717 ** valid page entries in the journal. In most cases, you can compute the 2718 ** value of nRec from the size of the journal file. But if a power 2719 ** failure occurred while the journal was being written, it could be the 2720 ** case that the size of the journal file had already been increased but 2721 ** the extra entries had not yet made it safely to disk. In such a case, 2722 ** the value of nRec computed from the file size would be too large. For 2723 ** that reason, we always use the nRec value in the header. 2724 ** 2725 ** If the nRec value is 0xffffffff it means that nRec should be computed 2726 ** from the file size. This value is used when the user selects the 2727 ** no-sync option for the journal. A power failure could lead to corruption 2728 ** in this case. But for things like temporary table (which will be 2729 ** deleted when the power is restored) we don't care. 2730 ** 2731 ** If the file opened as the journal file is not a well-formed 2732 ** journal file then all pages up to the first corrupted page are rolled 2733 ** back (or no pages if the journal header is corrupted). The journal file 2734 ** is then deleted and SQLITE_OK returned, just as if no corruption had 2735 ** been encountered. 2736 ** 2737 ** If an I/O or malloc() error occurs, the journal-file is not deleted 2738 ** and an error code is returned. 2739 ** 2740 ** The isHot parameter indicates that we are trying to rollback a journal 2741 ** that might be a hot journal. Or, it could be that the journal is 2742 ** preserved because of JOURNALMODE_PERSIST or JOURNALMODE_TRUNCATE. 2743 ** If the journal really is hot, reset the pager cache prior rolling 2744 ** back any content. If the journal is merely persistent, no reset is 2745 ** needed. 2746 */ 2747 static int pager_playback(Pager *pPager, int isHot){ 2748 sqlite3_vfs *pVfs = pPager->pVfs; 2749 i64 szJ; /* Size of the journal file in bytes */ 2750 u32 nRec; /* Number of Records in the journal */ 2751 u32 u; /* Unsigned loop counter */ 2752 Pgno mxPg = 0; /* Size of the original file in pages */ 2753 int rc; /* Result code of a subroutine */ 2754 int res = 1; /* Value returned by sqlite3OsAccess() */ 2755 char *zSuper = 0; /* Name of super-journal file if any */ 2756 int needPagerReset; /* True to reset page prior to first page rollback */ 2757 int nPlayback = 0; /* Total number of pages restored from journal */ 2758 u32 savedPageSize = pPager->pageSize; 2759 2760 /* Figure out how many records are in the journal. Abort early if 2761 ** the journal is empty. 2762 */ 2763 assert( isOpen(pPager->jfd) ); 2764 rc = sqlite3OsFileSize(pPager->jfd, &szJ); 2765 if( rc!=SQLITE_OK ){ 2766 goto end_playback; 2767 } 2768 2769 /* Read the super-journal name from the journal, if it is present. 2770 ** If a super-journal file name is specified, but the file is not 2771 ** present on disk, then the journal is not hot and does not need to be 2772 ** played back. 2773 ** 2774 ** TODO: Technically the following is an error because it assumes that 2775 ** buffer Pager.pTmpSpace is (mxPathname+1) bytes or larger. i.e. that 2776 ** (pPager->pageSize >= pPager->pVfs->mxPathname+1). Using os_unix.c, 2777 ** mxPathname is 512, which is the same as the minimum allowable value 2778 ** for pageSize. 2779 */ 2780 zSuper = pPager->pTmpSpace; 2781 rc = readSuperJournal(pPager->jfd, zSuper, pPager->pVfs->mxPathname+1); 2782 if( rc==SQLITE_OK && zSuper[0] ){ 2783 rc = sqlite3OsAccess(pVfs, zSuper, SQLITE_ACCESS_EXISTS, &res); 2784 } 2785 zSuper = 0; 2786 if( rc!=SQLITE_OK || !res ){ 2787 goto end_playback; 2788 } 2789 pPager->journalOff = 0; 2790 needPagerReset = isHot; 2791 2792 /* This loop terminates either when a readJournalHdr() or 2793 ** pager_playback_one_page() call returns SQLITE_DONE or an IO error 2794 ** occurs. 2795 */ 2796 while( 1 ){ 2797 /* Read the next journal header from the journal file. If there are 2798 ** not enough bytes left in the journal file for a complete header, or 2799 ** it is corrupted, then a process must have failed while writing it. 2800 ** This indicates nothing more needs to be rolled back. 2801 */ 2802 rc = readJournalHdr(pPager, isHot, szJ, &nRec, &mxPg); 2803 if( rc!=SQLITE_OK ){ 2804 if( rc==SQLITE_DONE ){ 2805 rc = SQLITE_OK; 2806 } 2807 goto end_playback; 2808 } 2809 2810 /* If nRec is 0xffffffff, then this journal was created by a process 2811 ** working in no-sync mode. This means that the rest of the journal 2812 ** file consists of pages, there are no more journal headers. Compute 2813 ** the value of nRec based on this assumption. 2814 */ 2815 if( nRec==0xffffffff ){ 2816 assert( pPager->journalOff==JOURNAL_HDR_SZ(pPager) ); 2817 nRec = (int)((szJ - JOURNAL_HDR_SZ(pPager))/JOURNAL_PG_SZ(pPager)); 2818 } 2819 2820 /* If nRec is 0 and this rollback is of a transaction created by this 2821 ** process and if this is the final header in the journal, then it means 2822 ** that this part of the journal was being filled but has not yet been 2823 ** synced to disk. Compute the number of pages based on the remaining 2824 ** size of the file. 2825 ** 2826 ** The third term of the test was added to fix ticket #2565. 2827 ** When rolling back a hot journal, nRec==0 always means that the next 2828 ** chunk of the journal contains zero pages to be rolled back. But 2829 ** when doing a ROLLBACK and the nRec==0 chunk is the last chunk in 2830 ** the journal, it means that the journal might contain additional 2831 ** pages that need to be rolled back and that the number of pages 2832 ** should be computed based on the journal file size. 2833 */ 2834 if( nRec==0 && !isHot && 2835 pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff ){ 2836 nRec = (int)((szJ - pPager->journalOff) / JOURNAL_PG_SZ(pPager)); 2837 } 2838 2839 /* If this is the first header read from the journal, truncate the 2840 ** database file back to its original size. 2841 */ 2842 if( pPager->journalOff==JOURNAL_HDR_SZ(pPager) ){ 2843 rc = pager_truncate(pPager, mxPg); 2844 if( rc!=SQLITE_OK ){ 2845 goto end_playback; 2846 } 2847 pPager->dbSize = mxPg; 2848 } 2849 2850 /* Copy original pages out of the journal and back into the 2851 ** database file and/or page cache. 2852 */ 2853 for(u=0; u<nRec; u++){ 2854 if( needPagerReset ){ 2855 pager_reset(pPager); 2856 needPagerReset = 0; 2857 } 2858 rc = pager_playback_one_page(pPager,&pPager->journalOff,0,1,0); 2859 if( rc==SQLITE_OK ){ 2860 nPlayback++; 2861 }else{ 2862 if( rc==SQLITE_DONE ){ 2863 pPager->journalOff = szJ; 2864 break; 2865 }else if( rc==SQLITE_IOERR_SHORT_READ ){ 2866 /* If the journal has been truncated, simply stop reading and 2867 ** processing the journal. This might happen if the journal was 2868 ** not completely written and synced prior to a crash. In that 2869 ** case, the database should have never been written in the 2870 ** first place so it is OK to simply abandon the rollback. */ 2871 rc = SQLITE_OK; 2872 goto end_playback; 2873 }else{ 2874 /* If we are unable to rollback, quit and return the error 2875 ** code. This will cause the pager to enter the error state 2876 ** so that no further harm will be done. Perhaps the next 2877 ** process to come along will be able to rollback the database. 2878 */ 2879 goto end_playback; 2880 } 2881 } 2882 } 2883 } 2884 /*NOTREACHED*/ 2885 assert( 0 ); 2886 2887 end_playback: 2888 if( rc==SQLITE_OK ){ 2889 rc = sqlite3PagerSetPagesize(pPager, &savedPageSize, -1); 2890 } 2891 /* Following a rollback, the database file should be back in its original 2892 ** state prior to the start of the transaction, so invoke the 2893 ** SQLITE_FCNTL_DB_UNCHANGED file-control method to disable the 2894 ** assertion that the transaction counter was modified. 2895 */ 2896 #ifdef SQLITE_DEBUG 2897 sqlite3OsFileControlHint(pPager->fd,SQLITE_FCNTL_DB_UNCHANGED,0); 2898 #endif 2899 2900 /* If this playback is happening automatically as a result of an IO or 2901 ** malloc error that occurred after the change-counter was updated but 2902 ** before the transaction was committed, then the change-counter 2903 ** modification may just have been reverted. If this happens in exclusive 2904 ** mode, then subsequent transactions performed by the connection will not 2905 ** update the change-counter at all. This may lead to cache inconsistency 2906 ** problems for other processes at some point in the future. So, just 2907 ** in case this has happened, clear the changeCountDone flag now. 2908 */ 2909 pPager->changeCountDone = pPager->tempFile; 2910 2911 if( rc==SQLITE_OK ){ 2912 /* Leave 4 bytes of space before the super-journal filename in memory. 2913 ** This is because it may end up being passed to sqlite3OsOpen(), in 2914 ** which case it requires 4 0x00 bytes in memory immediately before 2915 ** the filename. */ 2916 zSuper = &pPager->pTmpSpace[4]; 2917 rc = readSuperJournal(pPager->jfd, zSuper, pPager->pVfs->mxPathname+1); 2918 testcase( rc!=SQLITE_OK ); 2919 } 2920 if( rc==SQLITE_OK 2921 && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN) 2922 ){ 2923 rc = sqlite3PagerSync(pPager, 0); 2924 } 2925 if( rc==SQLITE_OK ){ 2926 rc = pager_end_transaction(pPager, zSuper[0]!='\0', 0); 2927 testcase( rc!=SQLITE_OK ); 2928 } 2929 if( rc==SQLITE_OK && zSuper[0] && res ){ 2930 /* If there was a super-journal and this routine will return success, 2931 ** see if it is possible to delete the super-journal. 2932 */ 2933 assert( zSuper==&pPager->pTmpSpace[4] ); 2934 memset(&zSuper[-4], 0, 4); 2935 rc = pager_delsuper(pPager, zSuper); 2936 testcase( rc!=SQLITE_OK ); 2937 } 2938 if( isHot && nPlayback ){ 2939 sqlite3_log(SQLITE_NOTICE_RECOVER_ROLLBACK, "recovered %d pages from %s", 2940 nPlayback, pPager->zJournal); 2941 } 2942 2943 /* The Pager.sectorSize variable may have been updated while rolling 2944 ** back a journal created by a process with a different sector size 2945 ** value. Reset it to the correct value for this process. 2946 */ 2947 setSectorSize(pPager); 2948 return rc; 2949 } 2950 2951 2952 /* 2953 ** Read the content for page pPg out of the database file (or out of 2954 ** the WAL if that is where the most recent copy if found) into 2955 ** pPg->pData. A shared lock or greater must be held on the database 2956 ** file before this function is called. 2957 ** 2958 ** If page 1 is read, then the value of Pager.dbFileVers[] is set to 2959 ** the value read from the database file. 2960 ** 2961 ** If an IO error occurs, then the IO error is returned to the caller. 2962 ** Otherwise, SQLITE_OK is returned. 2963 */ 2964 static int readDbPage(PgHdr *pPg){ 2965 Pager *pPager = pPg->pPager; /* Pager object associated with page pPg */ 2966 int rc = SQLITE_OK; /* Return code */ 2967 2968 #ifndef SQLITE_OMIT_WAL 2969 u32 iFrame = 0; /* Frame of WAL containing pgno */ 2970 2971 assert( pPager->eState>=PAGER_READER && !MEMDB ); 2972 assert( isOpen(pPager->fd) ); 2973 2974 if( pagerUseWal(pPager) ){ 2975 rc = sqlite3WalFindFrame(pPager->pWal, pPg->pgno, &iFrame); 2976 if( rc ) return rc; 2977 } 2978 if( iFrame ){ 2979 rc = sqlite3WalReadFrame(pPager->pWal, iFrame,pPager->pageSize,pPg->pData); 2980 }else 2981 #endif 2982 { 2983 i64 iOffset = (pPg->pgno-1)*(i64)pPager->pageSize; 2984 rc = sqlite3OsRead(pPager->fd, pPg->pData, pPager->pageSize, iOffset); 2985 if( rc==SQLITE_IOERR_SHORT_READ ){ 2986 rc = SQLITE_OK; 2987 } 2988 } 2989 2990 if( pPg->pgno==1 ){ 2991 if( rc ){ 2992 /* If the read is unsuccessful, set the dbFileVers[] to something 2993 ** that will never be a valid file version. dbFileVers[] is a copy 2994 ** of bytes 24..39 of the database. Bytes 28..31 should always be 2995 ** zero or the size of the database in page. Bytes 32..35 and 35..39 2996 ** should be page numbers which are never 0xffffffff. So filling 2997 ** pPager->dbFileVers[] with all 0xff bytes should suffice. 2998 ** 2999 ** For an encrypted database, the situation is more complex: bytes 3000 ** 24..39 of the database are white noise. But the probability of 3001 ** white noise equaling 16 bytes of 0xff is vanishingly small so 3002 ** we should still be ok. 3003 */ 3004 memset(pPager->dbFileVers, 0xff, sizeof(pPager->dbFileVers)); 3005 }else{ 3006 u8 *dbFileVers = &((u8*)pPg->pData)[24]; 3007 memcpy(&pPager->dbFileVers, dbFileVers, sizeof(pPager->dbFileVers)); 3008 } 3009 } 3010 PAGER_INCR(sqlite3_pager_readdb_count); 3011 PAGER_INCR(pPager->nRead); 3012 IOTRACE(("PGIN %p %d\n", pPager, pPg->pgno)); 3013 PAGERTRACE(("FETCH %d page %d hash(%08x)\n", 3014 PAGERID(pPager), pPg->pgno, pager_pagehash(pPg))); 3015 3016 return rc; 3017 } 3018 3019 /* 3020 ** Update the value of the change-counter at offsets 24 and 92 in 3021 ** the header and the sqlite version number at offset 96. 3022 ** 3023 ** This is an unconditional update. See also the pager_incr_changecounter() 3024 ** routine which only updates the change-counter if the update is actually 3025 ** needed, as determined by the pPager->changeCountDone state variable. 3026 */ 3027 static void pager_write_changecounter(PgHdr *pPg){ 3028 u32 change_counter; 3029 if( NEVER(pPg==0) ) return; 3030 3031 /* Increment the value just read and write it back to byte 24. */ 3032 change_counter = sqlite3Get4byte((u8*)pPg->pPager->dbFileVers)+1; 3033 put32bits(((char*)pPg->pData)+24, change_counter); 3034 3035 /* Also store the SQLite version number in bytes 96..99 and in 3036 ** bytes 92..95 store the change counter for which the version number 3037 ** is valid. */ 3038 put32bits(((char*)pPg->pData)+92, change_counter); 3039 put32bits(((char*)pPg->pData)+96, SQLITE_VERSION_NUMBER); 3040 } 3041 3042 #ifndef SQLITE_OMIT_WAL 3043 /* 3044 ** This function is invoked once for each page that has already been 3045 ** written into the log file when a WAL transaction is rolled back. 3046 ** Parameter iPg is the page number of said page. The pCtx argument 3047 ** is actually a pointer to the Pager structure. 3048 ** 3049 ** If page iPg is present in the cache, and has no outstanding references, 3050 ** it is discarded. Otherwise, if there are one or more outstanding 3051 ** references, the page content is reloaded from the database. If the 3052 ** attempt to reload content from the database is required and fails, 3053 ** return an SQLite error code. Otherwise, SQLITE_OK. 3054 */ 3055 static int pagerUndoCallback(void *pCtx, Pgno iPg){ 3056 int rc = SQLITE_OK; 3057 Pager *pPager = (Pager *)pCtx; 3058 PgHdr *pPg; 3059 3060 assert( pagerUseWal(pPager) ); 3061 pPg = sqlite3PagerLookup(pPager, iPg); 3062 if( pPg ){ 3063 if( sqlite3PcachePageRefcount(pPg)==1 ){ 3064 sqlite3PcacheDrop(pPg); 3065 }else{ 3066 rc = readDbPage(pPg); 3067 if( rc==SQLITE_OK ){ 3068 pPager->xReiniter(pPg); 3069 } 3070 sqlite3PagerUnrefNotNull(pPg); 3071 } 3072 } 3073 3074 /* Normally, if a transaction is rolled back, any backup processes are 3075 ** updated as data is copied out of the rollback journal and into the 3076 ** database. This is not generally possible with a WAL database, as 3077 ** rollback involves simply truncating the log file. Therefore, if one 3078 ** or more frames have already been written to the log (and therefore 3079 ** also copied into the backup databases) as part of this transaction, 3080 ** the backups must be restarted. 3081 */ 3082 sqlite3BackupRestart(pPager->pBackup); 3083 3084 return rc; 3085 } 3086 3087 /* 3088 ** This function is called to rollback a transaction on a WAL database. 3089 */ 3090 static int pagerRollbackWal(Pager *pPager){ 3091 int rc; /* Return Code */ 3092 PgHdr *pList; /* List of dirty pages to revert */ 3093 3094 /* For all pages in the cache that are currently dirty or have already 3095 ** been written (but not committed) to the log file, do one of the 3096 ** following: 3097 ** 3098 ** + Discard the cached page (if refcount==0), or 3099 ** + Reload page content from the database (if refcount>0). 3100 */ 3101 pPager->dbSize = pPager->dbOrigSize; 3102 rc = sqlite3WalUndo(pPager->pWal, pagerUndoCallback, (void *)pPager); 3103 pList = sqlite3PcacheDirtyList(pPager->pPCache); 3104 while( pList && rc==SQLITE_OK ){ 3105 PgHdr *pNext = pList->pDirty; 3106 rc = pagerUndoCallback((void *)pPager, pList->pgno); 3107 pList = pNext; 3108 } 3109 3110 return rc; 3111 } 3112 3113 /* 3114 ** This function is a wrapper around sqlite3WalFrames(). As well as logging 3115 ** the contents of the list of pages headed by pList (connected by pDirty), 3116 ** this function notifies any active backup processes that the pages have 3117 ** changed. 3118 ** 3119 ** The list of pages passed into this routine is always sorted by page number. 3120 ** Hence, if page 1 appears anywhere on the list, it will be the first page. 3121 */ 3122 static int pagerWalFrames( 3123 Pager *pPager, /* Pager object */ 3124 PgHdr *pList, /* List of frames to log */ 3125 Pgno nTruncate, /* Database size after this commit */ 3126 int isCommit /* True if this is a commit */ 3127 ){ 3128 int rc; /* Return code */ 3129 int nList; /* Number of pages in pList */ 3130 PgHdr *p; /* For looping over pages */ 3131 3132 assert( pPager->pWal ); 3133 assert( pList ); 3134 #ifdef SQLITE_DEBUG 3135 /* Verify that the page list is in accending order */ 3136 for(p=pList; p && p->pDirty; p=p->pDirty){ 3137 assert( p->pgno < p->pDirty->pgno ); 3138 } 3139 #endif 3140 3141 assert( pList->pDirty==0 || isCommit ); 3142 if( isCommit ){ 3143 /* If a WAL transaction is being committed, there is no point in writing 3144 ** any pages with page numbers greater than nTruncate into the WAL file. 3145 ** They will never be read by any client. So remove them from the pDirty 3146 ** list here. */ 3147 PgHdr **ppNext = &pList; 3148 nList = 0; 3149 for(p=pList; (*ppNext = p)!=0; p=p->pDirty){ 3150 if( p->pgno<=nTruncate ){ 3151 ppNext = &p->pDirty; 3152 nList++; 3153 } 3154 } 3155 assert( pList ); 3156 }else{ 3157 nList = 1; 3158 } 3159 pPager->aStat[PAGER_STAT_WRITE] += nList; 3160 3161 if( pList->pgno==1 ) pager_write_changecounter(pList); 3162 rc = sqlite3WalFrames(pPager->pWal, 3163 pPager->pageSize, pList, nTruncate, isCommit, pPager->walSyncFlags 3164 ); 3165 if( rc==SQLITE_OK && pPager->pBackup ){ 3166 for(p=pList; p; p=p->pDirty){ 3167 sqlite3BackupUpdate(pPager->pBackup, p->pgno, (u8 *)p->pData); 3168 } 3169 } 3170 3171 #ifdef SQLITE_CHECK_PAGES 3172 pList = sqlite3PcacheDirtyList(pPager->pPCache); 3173 for(p=pList; p; p=p->pDirty){ 3174 pager_set_pagehash(p); 3175 } 3176 #endif 3177 3178 return rc; 3179 } 3180 3181 /* 3182 ** Begin a read transaction on the WAL. 3183 ** 3184 ** This routine used to be called "pagerOpenSnapshot()" because it essentially 3185 ** makes a snapshot of the database at the current point in time and preserves 3186 ** that snapshot for use by the reader in spite of concurrently changes by 3187 ** other writers or checkpointers. 3188 */ 3189 static int pagerBeginReadTransaction(Pager *pPager){ 3190 int rc; /* Return code */ 3191 int changed = 0; /* True if cache must be reset */ 3192 3193 assert( pagerUseWal(pPager) ); 3194 assert( pPager->eState==PAGER_OPEN || pPager->eState==PAGER_READER ); 3195 3196 /* sqlite3WalEndReadTransaction() was not called for the previous 3197 ** transaction in locking_mode=EXCLUSIVE. So call it now. If we 3198 ** are in locking_mode=NORMAL and EndRead() was previously called, 3199 ** the duplicate call is harmless. 3200 */ 3201 sqlite3WalEndReadTransaction(pPager->pWal); 3202 3203 rc = sqlite3WalBeginReadTransaction(pPager->pWal, &changed); 3204 if( rc!=SQLITE_OK || changed ){ 3205 pager_reset(pPager); 3206 if( USEFETCH(pPager) ) sqlite3OsUnfetch(pPager->fd, 0, 0); 3207 } 3208 3209 return rc; 3210 } 3211 #endif 3212 3213 /* 3214 ** This function is called as part of the transition from PAGER_OPEN 3215 ** to PAGER_READER state to determine the size of the database file 3216 ** in pages (assuming the page size currently stored in Pager.pageSize). 3217 ** 3218 ** If no error occurs, SQLITE_OK is returned and the size of the database 3219 ** in pages is stored in *pnPage. Otherwise, an error code (perhaps 3220 ** SQLITE_IOERR_FSTAT) is returned and *pnPage is left unmodified. 3221 */ 3222 static int pagerPagecount(Pager *pPager, Pgno *pnPage){ 3223 Pgno nPage; /* Value to return via *pnPage */ 3224 3225 /* Query the WAL sub-system for the database size. The WalDbsize() 3226 ** function returns zero if the WAL is not open (i.e. Pager.pWal==0), or 3227 ** if the database size is not available. The database size is not 3228 ** available from the WAL sub-system if the log file is empty or 3229 ** contains no valid committed transactions. 3230 */ 3231 assert( pPager->eState==PAGER_OPEN ); 3232 assert( pPager->eLock>=SHARED_LOCK ); 3233 assert( isOpen(pPager->fd) ); 3234 assert( pPager->tempFile==0 ); 3235 nPage = sqlite3WalDbsize(pPager->pWal); 3236 3237 /* If the number of pages in the database is not available from the 3238 ** WAL sub-system, determine the page count based on the size of 3239 ** the database file. If the size of the database file is not an 3240 ** integer multiple of the page-size, round up the result. 3241 */ 3242 if( nPage==0 && ALWAYS(isOpen(pPager->fd)) ){ 3243 i64 n = 0; /* Size of db file in bytes */ 3244 int rc = sqlite3OsFileSize(pPager->fd, &n); 3245 if( rc!=SQLITE_OK ){ 3246 return rc; 3247 } 3248 nPage = (Pgno)((n+pPager->pageSize-1) / pPager->pageSize); 3249 } 3250 3251 /* If the current number of pages in the file is greater than the 3252 ** configured maximum pager number, increase the allowed limit so 3253 ** that the file can be read. 3254 */ 3255 if( nPage>pPager->mxPgno ){ 3256 pPager->mxPgno = (Pgno)nPage; 3257 } 3258 3259 *pnPage = nPage; 3260 return SQLITE_OK; 3261 } 3262 3263 #ifndef SQLITE_OMIT_WAL 3264 /* 3265 ** Check if the *-wal file that corresponds to the database opened by pPager 3266 ** exists if the database is not empy, or verify that the *-wal file does 3267 ** not exist (by deleting it) if the database file is empty. 3268 ** 3269 ** If the database is not empty and the *-wal file exists, open the pager 3270 ** in WAL mode. If the database is empty or if no *-wal file exists and 3271 ** if no error occurs, make sure Pager.journalMode is not set to 3272 ** PAGER_JOURNALMODE_WAL. 3273 ** 3274 ** Return SQLITE_OK or an error code. 3275 ** 3276 ** The caller must hold a SHARED lock on the database file to call this 3277 ** function. Because an EXCLUSIVE lock on the db file is required to delete 3278 ** a WAL on a none-empty database, this ensures there is no race condition 3279 ** between the xAccess() below and an xDelete() being executed by some 3280 ** other connection. 3281 */ 3282 static int pagerOpenWalIfPresent(Pager *pPager){ 3283 int rc = SQLITE_OK; 3284 assert( pPager->eState==PAGER_OPEN ); 3285 assert( pPager->eLock>=SHARED_LOCK ); 3286 3287 if( !pPager->tempFile ){ 3288 int isWal; /* True if WAL file exists */ 3289 rc = sqlite3OsAccess( 3290 pPager->pVfs, pPager->zWal, SQLITE_ACCESS_EXISTS, &isWal 3291 ); 3292 if( rc==SQLITE_OK ){ 3293 if( isWal ){ 3294 Pgno nPage; /* Size of the database file */ 3295 3296 rc = pagerPagecount(pPager, &nPage); 3297 if( rc ) return rc; 3298 if( nPage==0 ){ 3299 rc = sqlite3OsDelete(pPager->pVfs, pPager->zWal, 0); 3300 }else{ 3301 testcase( sqlite3PcachePagecount(pPager->pPCache)==0 ); 3302 rc = sqlite3PagerOpenWal(pPager, 0); 3303 } 3304 }else if( pPager->journalMode==PAGER_JOURNALMODE_WAL ){ 3305 pPager->journalMode = PAGER_JOURNALMODE_DELETE; 3306 } 3307 } 3308 } 3309 return rc; 3310 } 3311 #endif 3312 3313 /* 3314 ** Playback savepoint pSavepoint. Or, if pSavepoint==NULL, then playback 3315 ** the entire super-journal file. The case pSavepoint==NULL occurs when 3316 ** a ROLLBACK TO command is invoked on a SAVEPOINT that is a transaction 3317 ** savepoint. 3318 ** 3319 ** When pSavepoint is not NULL (meaning a non-transaction savepoint is 3320 ** being rolled back), then the rollback consists of up to three stages, 3321 ** performed in the order specified: 3322 ** 3323 ** * Pages are played back from the main journal starting at byte 3324 ** offset PagerSavepoint.iOffset and continuing to 3325 ** PagerSavepoint.iHdrOffset, or to the end of the main journal 3326 ** file if PagerSavepoint.iHdrOffset is zero. 3327 ** 3328 ** * If PagerSavepoint.iHdrOffset is not zero, then pages are played 3329 ** back starting from the journal header immediately following 3330 ** PagerSavepoint.iHdrOffset to the end of the main journal file. 3331 ** 3332 ** * Pages are then played back from the sub-journal file, starting 3333 ** with the PagerSavepoint.iSubRec and continuing to the end of 3334 ** the journal file. 3335 ** 3336 ** Throughout the rollback process, each time a page is rolled back, the 3337 ** corresponding bit is set in a bitvec structure (variable pDone in the 3338 ** implementation below). This is used to ensure that a page is only 3339 ** rolled back the first time it is encountered in either journal. 3340 ** 3341 ** If pSavepoint is NULL, then pages are only played back from the main 3342 ** journal file. There is no need for a bitvec in this case. 3343 ** 3344 ** In either case, before playback commences the Pager.dbSize variable 3345 ** is reset to the value that it held at the start of the savepoint 3346 ** (or transaction). No page with a page-number greater than this value 3347 ** is played back. If one is encountered it is simply skipped. 3348 */ 3349 static int pagerPlaybackSavepoint(Pager *pPager, PagerSavepoint *pSavepoint){ 3350 i64 szJ; /* Effective size of the main journal */ 3351 i64 iHdrOff; /* End of first segment of main-journal records */ 3352 int rc = SQLITE_OK; /* Return code */ 3353 Bitvec *pDone = 0; /* Bitvec to ensure pages played back only once */ 3354 3355 assert( pPager->eState!=PAGER_ERROR ); 3356 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 3357 3358 /* Allocate a bitvec to use to store the set of pages rolled back */ 3359 if( pSavepoint ){ 3360 pDone = sqlite3BitvecCreate(pSavepoint->nOrig); 3361 if( !pDone ){ 3362 return SQLITE_NOMEM_BKPT; 3363 } 3364 } 3365 3366 /* Set the database size back to the value it was before the savepoint 3367 ** being reverted was opened. 3368 */ 3369 pPager->dbSize = pSavepoint ? pSavepoint->nOrig : pPager->dbOrigSize; 3370 pPager->changeCountDone = pPager->tempFile; 3371 3372 if( !pSavepoint && pagerUseWal(pPager) ){ 3373 return pagerRollbackWal(pPager); 3374 } 3375 3376 /* Use pPager->journalOff as the effective size of the main rollback 3377 ** journal. The actual file might be larger than this in 3378 ** PAGER_JOURNALMODE_TRUNCATE or PAGER_JOURNALMODE_PERSIST. But anything 3379 ** past pPager->journalOff is off-limits to us. 3380 */ 3381 szJ = pPager->journalOff; 3382 assert( pagerUseWal(pPager)==0 || szJ==0 ); 3383 3384 /* Begin by rolling back records from the main journal starting at 3385 ** PagerSavepoint.iOffset and continuing to the next journal header. 3386 ** There might be records in the main journal that have a page number 3387 ** greater than the current database size (pPager->dbSize) but those 3388 ** will be skipped automatically. Pages are added to pDone as they 3389 ** are played back. 3390 */ 3391 if( pSavepoint && !pagerUseWal(pPager) ){ 3392 iHdrOff = pSavepoint->iHdrOffset ? pSavepoint->iHdrOffset : szJ; 3393 pPager->journalOff = pSavepoint->iOffset; 3394 while( rc==SQLITE_OK && pPager->journalOff<iHdrOff ){ 3395 rc = pager_playback_one_page(pPager, &pPager->journalOff, pDone, 1, 1); 3396 } 3397 assert( rc!=SQLITE_DONE ); 3398 }else{ 3399 pPager->journalOff = 0; 3400 } 3401 3402 /* Continue rolling back records out of the main journal starting at 3403 ** the first journal header seen and continuing until the effective end 3404 ** of the main journal file. Continue to skip out-of-range pages and 3405 ** continue adding pages rolled back to pDone. 3406 */ 3407 while( rc==SQLITE_OK && pPager->journalOff<szJ ){ 3408 u32 ii; /* Loop counter */ 3409 u32 nJRec = 0; /* Number of Journal Records */ 3410 u32 dummy; 3411 rc = readJournalHdr(pPager, 0, szJ, &nJRec, &dummy); 3412 assert( rc!=SQLITE_DONE ); 3413 3414 /* 3415 ** The "pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff" 3416 ** test is related to ticket #2565. See the discussion in the 3417 ** pager_playback() function for additional information. 3418 */ 3419 if( nJRec==0 3420 && pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff 3421 ){ 3422 nJRec = (u32)((szJ - pPager->journalOff)/JOURNAL_PG_SZ(pPager)); 3423 } 3424 for(ii=0; rc==SQLITE_OK && ii<nJRec && pPager->journalOff<szJ; ii++){ 3425 rc = pager_playback_one_page(pPager, &pPager->journalOff, pDone, 1, 1); 3426 } 3427 assert( rc!=SQLITE_DONE ); 3428 } 3429 assert( rc!=SQLITE_OK || pPager->journalOff>=szJ ); 3430 3431 /* Finally, rollback pages from the sub-journal. Page that were 3432 ** previously rolled back out of the main journal (and are hence in pDone) 3433 ** will be skipped. Out-of-range pages are also skipped. 3434 */ 3435 if( pSavepoint ){ 3436 u32 ii; /* Loop counter */ 3437 i64 offset = (i64)pSavepoint->iSubRec*(4+pPager->pageSize); 3438 3439 if( pagerUseWal(pPager) ){ 3440 rc = sqlite3WalSavepointUndo(pPager->pWal, pSavepoint->aWalData); 3441 } 3442 for(ii=pSavepoint->iSubRec; rc==SQLITE_OK && ii<pPager->nSubRec; ii++){ 3443 assert( offset==(i64)ii*(4+pPager->pageSize) ); 3444 rc = pager_playback_one_page(pPager, &offset, pDone, 0, 1); 3445 } 3446 assert( rc!=SQLITE_DONE ); 3447 } 3448 3449 sqlite3BitvecDestroy(pDone); 3450 if( rc==SQLITE_OK ){ 3451 pPager->journalOff = szJ; 3452 } 3453 3454 return rc; 3455 } 3456 3457 /* 3458 ** Change the maximum number of in-memory pages that are allowed 3459 ** before attempting to recycle clean and unused pages. 3460 */ 3461 void sqlite3PagerSetCachesize(Pager *pPager, int mxPage){ 3462 sqlite3PcacheSetCachesize(pPager->pPCache, mxPage); 3463 } 3464 3465 /* 3466 ** Change the maximum number of in-memory pages that are allowed 3467 ** before attempting to spill pages to journal. 3468 */ 3469 int sqlite3PagerSetSpillsize(Pager *pPager, int mxPage){ 3470 return sqlite3PcacheSetSpillsize(pPager->pPCache, mxPage); 3471 } 3472 3473 /* 3474 ** Invoke SQLITE_FCNTL_MMAP_SIZE based on the current value of szMmap. 3475 */ 3476 static void pagerFixMaplimit(Pager *pPager){ 3477 #if SQLITE_MAX_MMAP_SIZE>0 3478 sqlite3_file *fd = pPager->fd; 3479 if( isOpen(fd) && fd->pMethods->iVersion>=3 ){ 3480 sqlite3_int64 sz; 3481 sz = pPager->szMmap; 3482 pPager->bUseFetch = (sz>0); 3483 setGetterMethod(pPager); 3484 sqlite3OsFileControlHint(pPager->fd, SQLITE_FCNTL_MMAP_SIZE, &sz); 3485 } 3486 #endif 3487 } 3488 3489 /* 3490 ** Change the maximum size of any memory mapping made of the database file. 3491 */ 3492 void sqlite3PagerSetMmapLimit(Pager *pPager, sqlite3_int64 szMmap){ 3493 pPager->szMmap = szMmap; 3494 pagerFixMaplimit(pPager); 3495 } 3496 3497 /* 3498 ** Free as much memory as possible from the pager. 3499 */ 3500 void sqlite3PagerShrink(Pager *pPager){ 3501 sqlite3PcacheShrink(pPager->pPCache); 3502 } 3503 3504 /* 3505 ** Adjust settings of the pager to those specified in the pgFlags parameter. 3506 ** 3507 ** The "level" in pgFlags & PAGER_SYNCHRONOUS_MASK sets the robustness 3508 ** of the database to damage due to OS crashes or power failures by 3509 ** changing the number of syncs()s when writing the journals. 3510 ** There are four levels: 3511 ** 3512 ** OFF sqlite3OsSync() is never called. This is the default 3513 ** for temporary and transient files. 3514 ** 3515 ** NORMAL The journal is synced once before writes begin on the 3516 ** database. This is normally adequate protection, but 3517 ** it is theoretically possible, though very unlikely, 3518 ** that an inopertune power failure could leave the journal 3519 ** in a state which would cause damage to the database 3520 ** when it is rolled back. 3521 ** 3522 ** FULL The journal is synced twice before writes begin on the 3523 ** database (with some additional information - the nRec field 3524 ** of the journal header - being written in between the two 3525 ** syncs). If we assume that writing a 3526 ** single disk sector is atomic, then this mode provides 3527 ** assurance that the journal will not be corrupted to the 3528 ** point of causing damage to the database during rollback. 3529 ** 3530 ** EXTRA This is like FULL except that is also syncs the directory 3531 ** that contains the rollback journal after the rollback 3532 ** journal is unlinked. 3533 ** 3534 ** The above is for a rollback-journal mode. For WAL mode, OFF continues 3535 ** to mean that no syncs ever occur. NORMAL means that the WAL is synced 3536 ** prior to the start of checkpoint and that the database file is synced 3537 ** at the conclusion of the checkpoint if the entire content of the WAL 3538 ** was written back into the database. But no sync operations occur for 3539 ** an ordinary commit in NORMAL mode with WAL. FULL means that the WAL 3540 ** file is synced following each commit operation, in addition to the 3541 ** syncs associated with NORMAL. There is no difference between FULL 3542 ** and EXTRA for WAL mode. 3543 ** 3544 ** Do not confuse synchronous=FULL with SQLITE_SYNC_FULL. The 3545 ** SQLITE_SYNC_FULL macro means to use the MacOSX-style full-fsync 3546 ** using fcntl(F_FULLFSYNC). SQLITE_SYNC_NORMAL means to do an 3547 ** ordinary fsync() call. There is no difference between SQLITE_SYNC_FULL 3548 ** and SQLITE_SYNC_NORMAL on platforms other than MacOSX. But the 3549 ** synchronous=FULL versus synchronous=NORMAL setting determines when 3550 ** the xSync primitive is called and is relevant to all platforms. 3551 ** 3552 ** Numeric values associated with these states are OFF==1, NORMAL=2, 3553 ** and FULL=3. 3554 */ 3555 #ifndef SQLITE_OMIT_PAGER_PRAGMAS 3556 void sqlite3PagerSetFlags( 3557 Pager *pPager, /* The pager to set safety level for */ 3558 unsigned pgFlags /* Various flags */ 3559 ){ 3560 unsigned level = pgFlags & PAGER_SYNCHRONOUS_MASK; 3561 if( pPager->tempFile ){ 3562 pPager->noSync = 1; 3563 pPager->fullSync = 0; 3564 pPager->extraSync = 0; 3565 }else{ 3566 pPager->noSync = level==PAGER_SYNCHRONOUS_OFF ?1:0; 3567 pPager->fullSync = level>=PAGER_SYNCHRONOUS_FULL ?1:0; 3568 pPager->extraSync = level==PAGER_SYNCHRONOUS_EXTRA ?1:0; 3569 } 3570 if( pPager->noSync ){ 3571 pPager->syncFlags = 0; 3572 }else if( pgFlags & PAGER_FULLFSYNC ){ 3573 pPager->syncFlags = SQLITE_SYNC_FULL; 3574 }else{ 3575 pPager->syncFlags = SQLITE_SYNC_NORMAL; 3576 } 3577 pPager->walSyncFlags = (pPager->syncFlags<<2); 3578 if( pPager->fullSync ){ 3579 pPager->walSyncFlags |= pPager->syncFlags; 3580 } 3581 if( (pgFlags & PAGER_CKPT_FULLFSYNC) && !pPager->noSync ){ 3582 pPager->walSyncFlags |= (SQLITE_SYNC_FULL<<2); 3583 } 3584 if( pgFlags & PAGER_CACHESPILL ){ 3585 pPager->doNotSpill &= ~SPILLFLAG_OFF; 3586 }else{ 3587 pPager->doNotSpill |= SPILLFLAG_OFF; 3588 } 3589 } 3590 #endif 3591 3592 /* 3593 ** The following global variable is incremented whenever the library 3594 ** attempts to open a temporary file. This information is used for 3595 ** testing and analysis only. 3596 */ 3597 #ifdef SQLITE_TEST 3598 int sqlite3_opentemp_count = 0; 3599 #endif 3600 3601 /* 3602 ** Open a temporary file. 3603 ** 3604 ** Write the file descriptor into *pFile. Return SQLITE_OK on success 3605 ** or some other error code if we fail. The OS will automatically 3606 ** delete the temporary file when it is closed. 3607 ** 3608 ** The flags passed to the VFS layer xOpen() call are those specified 3609 ** by parameter vfsFlags ORed with the following: 3610 ** 3611 ** SQLITE_OPEN_READWRITE 3612 ** SQLITE_OPEN_CREATE 3613 ** SQLITE_OPEN_EXCLUSIVE 3614 ** SQLITE_OPEN_DELETEONCLOSE 3615 */ 3616 static int pagerOpentemp( 3617 Pager *pPager, /* The pager object */ 3618 sqlite3_file *pFile, /* Write the file descriptor here */ 3619 int vfsFlags /* Flags passed through to the VFS */ 3620 ){ 3621 int rc; /* Return code */ 3622 3623 #ifdef SQLITE_TEST 3624 sqlite3_opentemp_count++; /* Used for testing and analysis only */ 3625 #endif 3626 3627 vfsFlags |= SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE | 3628 SQLITE_OPEN_EXCLUSIVE | SQLITE_OPEN_DELETEONCLOSE; 3629 rc = sqlite3OsOpen(pPager->pVfs, 0, pFile, vfsFlags, 0); 3630 assert( rc!=SQLITE_OK || isOpen(pFile) ); 3631 return rc; 3632 } 3633 3634 /* 3635 ** Set the busy handler function. 3636 ** 3637 ** The pager invokes the busy-handler if sqlite3OsLock() returns 3638 ** SQLITE_BUSY when trying to upgrade from no-lock to a SHARED lock, 3639 ** or when trying to upgrade from a RESERVED lock to an EXCLUSIVE 3640 ** lock. It does *not* invoke the busy handler when upgrading from 3641 ** SHARED to RESERVED, or when upgrading from SHARED to EXCLUSIVE 3642 ** (which occurs during hot-journal rollback). Summary: 3643 ** 3644 ** Transition | Invokes xBusyHandler 3645 ** -------------------------------------------------------- 3646 ** NO_LOCK -> SHARED_LOCK | Yes 3647 ** SHARED_LOCK -> RESERVED_LOCK | No 3648 ** SHARED_LOCK -> EXCLUSIVE_LOCK | No 3649 ** RESERVED_LOCK -> EXCLUSIVE_LOCK | Yes 3650 ** 3651 ** If the busy-handler callback returns non-zero, the lock is 3652 ** retried. If it returns zero, then the SQLITE_BUSY error is 3653 ** returned to the caller of the pager API function. 3654 */ 3655 void sqlite3PagerSetBusyHandler( 3656 Pager *pPager, /* Pager object */ 3657 int (*xBusyHandler)(void *), /* Pointer to busy-handler function */ 3658 void *pBusyHandlerArg /* Argument to pass to xBusyHandler */ 3659 ){ 3660 void **ap; 3661 pPager->xBusyHandler = xBusyHandler; 3662 pPager->pBusyHandlerArg = pBusyHandlerArg; 3663 ap = (void **)&pPager->xBusyHandler; 3664 assert( ((int(*)(void *))(ap[0]))==xBusyHandler ); 3665 assert( ap[1]==pBusyHandlerArg ); 3666 sqlite3OsFileControlHint(pPager->fd, SQLITE_FCNTL_BUSYHANDLER, (void *)ap); 3667 } 3668 3669 /* 3670 ** Change the page size used by the Pager object. The new page size 3671 ** is passed in *pPageSize. 3672 ** 3673 ** If the pager is in the error state when this function is called, it 3674 ** is a no-op. The value returned is the error state error code (i.e. 3675 ** one of SQLITE_IOERR, an SQLITE_IOERR_xxx sub-code or SQLITE_FULL). 3676 ** 3677 ** Otherwise, if all of the following are true: 3678 ** 3679 ** * the new page size (value of *pPageSize) is valid (a power 3680 ** of two between 512 and SQLITE_MAX_PAGE_SIZE, inclusive), and 3681 ** 3682 ** * there are no outstanding page references, and 3683 ** 3684 ** * the database is either not an in-memory database or it is 3685 ** an in-memory database that currently consists of zero pages. 3686 ** 3687 ** then the pager object page size is set to *pPageSize. 3688 ** 3689 ** If the page size is changed, then this function uses sqlite3PagerMalloc() 3690 ** to obtain a new Pager.pTmpSpace buffer. If this allocation attempt 3691 ** fails, SQLITE_NOMEM is returned and the page size remains unchanged. 3692 ** In all other cases, SQLITE_OK is returned. 3693 ** 3694 ** If the page size is not changed, either because one of the enumerated 3695 ** conditions above is not true, the pager was in error state when this 3696 ** function was called, or because the memory allocation attempt failed, 3697 ** then *pPageSize is set to the old, retained page size before returning. 3698 */ 3699 int sqlite3PagerSetPagesize(Pager *pPager, u32 *pPageSize, int nReserve){ 3700 int rc = SQLITE_OK; 3701 3702 /* It is not possible to do a full assert_pager_state() here, as this 3703 ** function may be called from within PagerOpen(), before the state 3704 ** of the Pager object is internally consistent. 3705 ** 3706 ** At one point this function returned an error if the pager was in 3707 ** PAGER_ERROR state. But since PAGER_ERROR state guarantees that 3708 ** there is at least one outstanding page reference, this function 3709 ** is a no-op for that case anyhow. 3710 */ 3711 3712 u32 pageSize = *pPageSize; 3713 assert( pageSize==0 || (pageSize>=512 && pageSize<=SQLITE_MAX_PAGE_SIZE) ); 3714 if( (pPager->memDb==0 || pPager->dbSize==0) 3715 && sqlite3PcacheRefCount(pPager->pPCache)==0 3716 && pageSize && pageSize!=(u32)pPager->pageSize 3717 ){ 3718 char *pNew = NULL; /* New temp space */ 3719 i64 nByte = 0; 3720 3721 if( pPager->eState>PAGER_OPEN && isOpen(pPager->fd) ){ 3722 rc = sqlite3OsFileSize(pPager->fd, &nByte); 3723 } 3724 if( rc==SQLITE_OK ){ 3725 /* 8 bytes of zeroed overrun space is sufficient so that the b-tree 3726 * cell header parser will never run off the end of the allocation */ 3727 pNew = (char *)sqlite3PageMalloc(pageSize+8); 3728 if( !pNew ){ 3729 rc = SQLITE_NOMEM_BKPT; 3730 }else{ 3731 memset(pNew+pageSize, 0, 8); 3732 } 3733 } 3734 3735 if( rc==SQLITE_OK ){ 3736 pager_reset(pPager); 3737 rc = sqlite3PcacheSetPageSize(pPager->pPCache, pageSize); 3738 } 3739 if( rc==SQLITE_OK ){ 3740 sqlite3PageFree(pPager->pTmpSpace); 3741 pPager->pTmpSpace = pNew; 3742 pPager->dbSize = (Pgno)((nByte+pageSize-1)/pageSize); 3743 pPager->pageSize = pageSize; 3744 pPager->lckPgno = (Pgno)(PENDING_BYTE/pageSize) + 1; 3745 }else{ 3746 sqlite3PageFree(pNew); 3747 } 3748 } 3749 3750 *pPageSize = pPager->pageSize; 3751 if( rc==SQLITE_OK ){ 3752 if( nReserve<0 ) nReserve = pPager->nReserve; 3753 assert( nReserve>=0 && nReserve<1000 ); 3754 pPager->nReserve = (i16)nReserve; 3755 pagerFixMaplimit(pPager); 3756 } 3757 return rc; 3758 } 3759 3760 /* 3761 ** Return a pointer to the "temporary page" buffer held internally 3762 ** by the pager. This is a buffer that is big enough to hold the 3763 ** entire content of a database page. This buffer is used internally 3764 ** during rollback and will be overwritten whenever a rollback 3765 ** occurs. But other modules are free to use it too, as long as 3766 ** no rollbacks are happening. 3767 */ 3768 void *sqlite3PagerTempSpace(Pager *pPager){ 3769 return pPager->pTmpSpace; 3770 } 3771 3772 /* 3773 ** Attempt to set the maximum database page count if mxPage is positive. 3774 ** Make no changes if mxPage is zero or negative. And never reduce the 3775 ** maximum page count below the current size of the database. 3776 ** 3777 ** Regardless of mxPage, return the current maximum page count. 3778 */ 3779 Pgno sqlite3PagerMaxPageCount(Pager *pPager, Pgno mxPage){ 3780 if( mxPage>0 ){ 3781 pPager->mxPgno = mxPage; 3782 } 3783 assert( pPager->eState!=PAGER_OPEN ); /* Called only by OP_MaxPgcnt */ 3784 /* assert( pPager->mxPgno>=pPager->dbSize ); */ 3785 /* OP_MaxPgcnt ensures that the parameter passed to this function is not 3786 ** less than the total number of valid pages in the database. But this 3787 ** may be less than Pager.dbSize, and so the assert() above is not valid */ 3788 return pPager->mxPgno; 3789 } 3790 3791 /* 3792 ** The following set of routines are used to disable the simulated 3793 ** I/O error mechanism. These routines are used to avoid simulated 3794 ** errors in places where we do not care about errors. 3795 ** 3796 ** Unless -DSQLITE_TEST=1 is used, these routines are all no-ops 3797 ** and generate no code. 3798 */ 3799 #ifdef SQLITE_TEST 3800 extern int sqlite3_io_error_pending; 3801 extern int sqlite3_io_error_hit; 3802 static int saved_cnt; 3803 void disable_simulated_io_errors(void){ 3804 saved_cnt = sqlite3_io_error_pending; 3805 sqlite3_io_error_pending = -1; 3806 } 3807 void enable_simulated_io_errors(void){ 3808 sqlite3_io_error_pending = saved_cnt; 3809 } 3810 #else 3811 # define disable_simulated_io_errors() 3812 # define enable_simulated_io_errors() 3813 #endif 3814 3815 /* 3816 ** Read the first N bytes from the beginning of the file into memory 3817 ** that pDest points to. 3818 ** 3819 ** If the pager was opened on a transient file (zFilename==""), or 3820 ** opened on a file less than N bytes in size, the output buffer is 3821 ** zeroed and SQLITE_OK returned. The rationale for this is that this 3822 ** function is used to read database headers, and a new transient or 3823 ** zero sized database has a header than consists entirely of zeroes. 3824 ** 3825 ** If any IO error apart from SQLITE_IOERR_SHORT_READ is encountered, 3826 ** the error code is returned to the caller and the contents of the 3827 ** output buffer undefined. 3828 */ 3829 int sqlite3PagerReadFileheader(Pager *pPager, int N, unsigned char *pDest){ 3830 int rc = SQLITE_OK; 3831 memset(pDest, 0, N); 3832 assert( isOpen(pPager->fd) || pPager->tempFile ); 3833 3834 /* This routine is only called by btree immediately after creating 3835 ** the Pager object. There has not been an opportunity to transition 3836 ** to WAL mode yet. 3837 */ 3838 assert( !pagerUseWal(pPager) ); 3839 3840 if( isOpen(pPager->fd) ){ 3841 IOTRACE(("DBHDR %p 0 %d\n", pPager, N)) 3842 rc = sqlite3OsRead(pPager->fd, pDest, N, 0); 3843 if( rc==SQLITE_IOERR_SHORT_READ ){ 3844 rc = SQLITE_OK; 3845 } 3846 } 3847 return rc; 3848 } 3849 3850 /* 3851 ** This function may only be called when a read-transaction is open on 3852 ** the pager. It returns the total number of pages in the database. 3853 ** 3854 ** However, if the file is between 1 and <page-size> bytes in size, then 3855 ** this is considered a 1 page file. 3856 */ 3857 void sqlite3PagerPagecount(Pager *pPager, int *pnPage){ 3858 assert( pPager->eState>=PAGER_READER ); 3859 assert( pPager->eState!=PAGER_WRITER_FINISHED ); 3860 *pnPage = (int)pPager->dbSize; 3861 } 3862 3863 3864 /* 3865 ** Try to obtain a lock of type locktype on the database file. If 3866 ** a similar or greater lock is already held, this function is a no-op 3867 ** (returning SQLITE_OK immediately). 3868 ** 3869 ** Otherwise, attempt to obtain the lock using sqlite3OsLock(). Invoke 3870 ** the busy callback if the lock is currently not available. Repeat 3871 ** until the busy callback returns false or until the attempt to 3872 ** obtain the lock succeeds. 3873 ** 3874 ** Return SQLITE_OK on success and an error code if we cannot obtain 3875 ** the lock. If the lock is obtained successfully, set the Pager.state 3876 ** variable to locktype before returning. 3877 */ 3878 static int pager_wait_on_lock(Pager *pPager, int locktype){ 3879 int rc; /* Return code */ 3880 3881 /* Check that this is either a no-op (because the requested lock is 3882 ** already held), or one of the transitions that the busy-handler 3883 ** may be invoked during, according to the comment above 3884 ** sqlite3PagerSetBusyhandler(). 3885 */ 3886 assert( (pPager->eLock>=locktype) 3887 || (pPager->eLock==NO_LOCK && locktype==SHARED_LOCK) 3888 || (pPager->eLock==RESERVED_LOCK && locktype==EXCLUSIVE_LOCK) 3889 ); 3890 3891 do { 3892 rc = pagerLockDb(pPager, locktype); 3893 }while( rc==SQLITE_BUSY && pPager->xBusyHandler(pPager->pBusyHandlerArg) ); 3894 return rc; 3895 } 3896 3897 /* 3898 ** Function assertTruncateConstraint(pPager) checks that one of the 3899 ** following is true for all dirty pages currently in the page-cache: 3900 ** 3901 ** a) The page number is less than or equal to the size of the 3902 ** current database image, in pages, OR 3903 ** 3904 ** b) if the page content were written at this time, it would not 3905 ** be necessary to write the current content out to the sub-journal. 3906 ** 3907 ** If the condition asserted by this function were not true, and the 3908 ** dirty page were to be discarded from the cache via the pagerStress() 3909 ** routine, pagerStress() would not write the current page content to 3910 ** the database file. If a savepoint transaction were rolled back after 3911 ** this happened, the correct behavior would be to restore the current 3912 ** content of the page. However, since this content is not present in either 3913 ** the database file or the portion of the rollback journal and 3914 ** sub-journal rolled back the content could not be restored and the 3915 ** database image would become corrupt. It is therefore fortunate that 3916 ** this circumstance cannot arise. 3917 */ 3918 #if defined(SQLITE_DEBUG) 3919 static void assertTruncateConstraintCb(PgHdr *pPg){ 3920 Pager *pPager = pPg->pPager; 3921 assert( pPg->flags&PGHDR_DIRTY ); 3922 if( pPg->pgno>pPager->dbSize ){ /* if (a) is false */ 3923 Pgno pgno = pPg->pgno; 3924 int i; 3925 for(i=0; i<pPg->pPager->nSavepoint; i++){ 3926 PagerSavepoint *p = &pPager->aSavepoint[i]; 3927 assert( p->nOrig<pgno || sqlite3BitvecTestNotNull(p->pInSavepoint,pgno) ); 3928 } 3929 } 3930 } 3931 static void assertTruncateConstraint(Pager *pPager){ 3932 sqlite3PcacheIterateDirty(pPager->pPCache, assertTruncateConstraintCb); 3933 } 3934 #else 3935 # define assertTruncateConstraint(pPager) 3936 #endif 3937 3938 /* 3939 ** Truncate the in-memory database file image to nPage pages. This 3940 ** function does not actually modify the database file on disk. It 3941 ** just sets the internal state of the pager object so that the 3942 ** truncation will be done when the current transaction is committed. 3943 ** 3944 ** This function is only called right before committing a transaction. 3945 ** Once this function has been called, the transaction must either be 3946 ** rolled back or committed. It is not safe to call this function and 3947 ** then continue writing to the database. 3948 */ 3949 void sqlite3PagerTruncateImage(Pager *pPager, Pgno nPage){ 3950 assert( pPager->dbSize>=nPage || CORRUPT_DB ); 3951 assert( pPager->eState>=PAGER_WRITER_CACHEMOD ); 3952 pPager->dbSize = nPage; 3953 3954 /* At one point the code here called assertTruncateConstraint() to 3955 ** ensure that all pages being truncated away by this operation are, 3956 ** if one or more savepoints are open, present in the savepoint 3957 ** journal so that they can be restored if the savepoint is rolled 3958 ** back. This is no longer necessary as this function is now only 3959 ** called right before committing a transaction. So although the 3960 ** Pager object may still have open savepoints (Pager.nSavepoint!=0), 3961 ** they cannot be rolled back. So the assertTruncateConstraint() call 3962 ** is no longer correct. */ 3963 } 3964 3965 3966 /* 3967 ** This function is called before attempting a hot-journal rollback. It 3968 ** syncs the journal file to disk, then sets pPager->journalHdr to the 3969 ** size of the journal file so that the pager_playback() routine knows 3970 ** that the entire journal file has been synced. 3971 ** 3972 ** Syncing a hot-journal to disk before attempting to roll it back ensures 3973 ** that if a power-failure occurs during the rollback, the process that 3974 ** attempts rollback following system recovery sees the same journal 3975 ** content as this process. 3976 ** 3977 ** If everything goes as planned, SQLITE_OK is returned. Otherwise, 3978 ** an SQLite error code. 3979 */ 3980 static int pagerSyncHotJournal(Pager *pPager){ 3981 int rc = SQLITE_OK; 3982 if( !pPager->noSync ){ 3983 rc = sqlite3OsSync(pPager->jfd, SQLITE_SYNC_NORMAL); 3984 } 3985 if( rc==SQLITE_OK ){ 3986 rc = sqlite3OsFileSize(pPager->jfd, &pPager->journalHdr); 3987 } 3988 return rc; 3989 } 3990 3991 #if SQLITE_MAX_MMAP_SIZE>0 3992 /* 3993 ** Obtain a reference to a memory mapped page object for page number pgno. 3994 ** The new object will use the pointer pData, obtained from xFetch(). 3995 ** If successful, set *ppPage to point to the new page reference 3996 ** and return SQLITE_OK. Otherwise, return an SQLite error code and set 3997 ** *ppPage to zero. 3998 ** 3999 ** Page references obtained by calling this function should be released 4000 ** by calling pagerReleaseMapPage(). 4001 */ 4002 static int pagerAcquireMapPage( 4003 Pager *pPager, /* Pager object */ 4004 Pgno pgno, /* Page number */ 4005 void *pData, /* xFetch()'d data for this page */ 4006 PgHdr **ppPage /* OUT: Acquired page object */ 4007 ){ 4008 PgHdr *p; /* Memory mapped page to return */ 4009 4010 if( pPager->pMmapFreelist ){ 4011 *ppPage = p = pPager->pMmapFreelist; 4012 pPager->pMmapFreelist = p->pDirty; 4013 p->pDirty = 0; 4014 assert( pPager->nExtra>=8 ); 4015 memset(p->pExtra, 0, 8); 4016 }else{ 4017 *ppPage = p = (PgHdr *)sqlite3MallocZero(sizeof(PgHdr) + pPager->nExtra); 4018 if( p==0 ){ 4019 sqlite3OsUnfetch(pPager->fd, (i64)(pgno-1) * pPager->pageSize, pData); 4020 return SQLITE_NOMEM_BKPT; 4021 } 4022 p->pExtra = (void *)&p[1]; 4023 p->flags = PGHDR_MMAP; 4024 p->nRef = 1; 4025 p->pPager = pPager; 4026 } 4027 4028 assert( p->pExtra==(void *)&p[1] ); 4029 assert( p->pPage==0 ); 4030 assert( p->flags==PGHDR_MMAP ); 4031 assert( p->pPager==pPager ); 4032 assert( p->nRef==1 ); 4033 4034 p->pgno = pgno; 4035 p->pData = pData; 4036 pPager->nMmapOut++; 4037 4038 return SQLITE_OK; 4039 } 4040 #endif 4041 4042 /* 4043 ** Release a reference to page pPg. pPg must have been returned by an 4044 ** earlier call to pagerAcquireMapPage(). 4045 */ 4046 static void pagerReleaseMapPage(PgHdr *pPg){ 4047 Pager *pPager = pPg->pPager; 4048 pPager->nMmapOut--; 4049 pPg->pDirty = pPager->pMmapFreelist; 4050 pPager->pMmapFreelist = pPg; 4051 4052 assert( pPager->fd->pMethods->iVersion>=3 ); 4053 sqlite3OsUnfetch(pPager->fd, (i64)(pPg->pgno-1)*pPager->pageSize, pPg->pData); 4054 } 4055 4056 /* 4057 ** Free all PgHdr objects stored in the Pager.pMmapFreelist list. 4058 */ 4059 static void pagerFreeMapHdrs(Pager *pPager){ 4060 PgHdr *p; 4061 PgHdr *pNext; 4062 for(p=pPager->pMmapFreelist; p; p=pNext){ 4063 pNext = p->pDirty; 4064 sqlite3_free(p); 4065 } 4066 } 4067 4068 /* Verify that the database file has not be deleted or renamed out from 4069 ** under the pager. Return SQLITE_OK if the database is still where it ought 4070 ** to be on disk. Return non-zero (SQLITE_READONLY_DBMOVED or some other error 4071 ** code from sqlite3OsAccess()) if the database has gone missing. 4072 */ 4073 static int databaseIsUnmoved(Pager *pPager){ 4074 int bHasMoved = 0; 4075 int rc; 4076 4077 if( pPager->tempFile ) return SQLITE_OK; 4078 if( pPager->dbSize==0 ) return SQLITE_OK; 4079 assert( pPager->zFilename && pPager->zFilename[0] ); 4080 rc = sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_HAS_MOVED, &bHasMoved); 4081 if( rc==SQLITE_NOTFOUND ){ 4082 /* If the HAS_MOVED file-control is unimplemented, assume that the file 4083 ** has not been moved. That is the historical behavior of SQLite: prior to 4084 ** version 3.8.3, it never checked */ 4085 rc = SQLITE_OK; 4086 }else if( rc==SQLITE_OK && bHasMoved ){ 4087 rc = SQLITE_READONLY_DBMOVED; 4088 } 4089 return rc; 4090 } 4091 4092 4093 /* 4094 ** Shutdown the page cache. Free all memory and close all files. 4095 ** 4096 ** If a transaction was in progress when this routine is called, that 4097 ** transaction is rolled back. All outstanding pages are invalidated 4098 ** and their memory is freed. Any attempt to use a page associated 4099 ** with this page cache after this function returns will likely 4100 ** result in a coredump. 4101 ** 4102 ** This function always succeeds. If a transaction is active an attempt 4103 ** is made to roll it back. If an error occurs during the rollback 4104 ** a hot journal may be left in the filesystem but no error is returned 4105 ** to the caller. 4106 */ 4107 int sqlite3PagerClose(Pager *pPager, sqlite3 *db){ 4108 u8 *pTmp = (u8*)pPager->pTmpSpace; 4109 assert( db || pagerUseWal(pPager)==0 ); 4110 assert( assert_pager_state(pPager) ); 4111 disable_simulated_io_errors(); 4112 sqlite3BeginBenignMalloc(); 4113 pagerFreeMapHdrs(pPager); 4114 /* pPager->errCode = 0; */ 4115 pPager->exclusiveMode = 0; 4116 #ifndef SQLITE_OMIT_WAL 4117 { 4118 u8 *a = 0; 4119 assert( db || pPager->pWal==0 ); 4120 if( db && 0==(db->flags & SQLITE_NoCkptOnClose) 4121 && SQLITE_OK==databaseIsUnmoved(pPager) 4122 ){ 4123 a = pTmp; 4124 } 4125 sqlite3WalClose(pPager->pWal, db, pPager->walSyncFlags, pPager->pageSize,a); 4126 pPager->pWal = 0; 4127 } 4128 #endif 4129 pager_reset(pPager); 4130 if( MEMDB ){ 4131 pager_unlock(pPager); 4132 }else{ 4133 /* If it is open, sync the journal file before calling UnlockAndRollback. 4134 ** If this is not done, then an unsynced portion of the open journal 4135 ** file may be played back into the database. If a power failure occurs 4136 ** while this is happening, the database could become corrupt. 4137 ** 4138 ** If an error occurs while trying to sync the journal, shift the pager 4139 ** into the ERROR state. This causes UnlockAndRollback to unlock the 4140 ** database and close the journal file without attempting to roll it 4141 ** back or finalize it. The next database user will have to do hot-journal 4142 ** rollback before accessing the database file. 4143 */ 4144 if( isOpen(pPager->jfd) ){ 4145 pager_error(pPager, pagerSyncHotJournal(pPager)); 4146 } 4147 pagerUnlockAndRollback(pPager); 4148 } 4149 sqlite3EndBenignMalloc(); 4150 enable_simulated_io_errors(); 4151 PAGERTRACE(("CLOSE %d\n", PAGERID(pPager))); 4152 IOTRACE(("CLOSE %p\n", pPager)) 4153 sqlite3OsClose(pPager->jfd); 4154 sqlite3OsClose(pPager->fd); 4155 sqlite3PageFree(pTmp); 4156 sqlite3PcacheClose(pPager->pPCache); 4157 assert( !pPager->aSavepoint && !pPager->pInJournal ); 4158 assert( !isOpen(pPager->jfd) && !isOpen(pPager->sjfd) ); 4159 4160 sqlite3_free(pPager); 4161 return SQLITE_OK; 4162 } 4163 4164 #if !defined(NDEBUG) || defined(SQLITE_TEST) 4165 /* 4166 ** Return the page number for page pPg. 4167 */ 4168 Pgno sqlite3PagerPagenumber(DbPage *pPg){ 4169 return pPg->pgno; 4170 } 4171 #endif 4172 4173 /* 4174 ** Increment the reference count for page pPg. 4175 */ 4176 void sqlite3PagerRef(DbPage *pPg){ 4177 sqlite3PcacheRef(pPg); 4178 } 4179 4180 /* 4181 ** Sync the journal. In other words, make sure all the pages that have 4182 ** been written to the journal have actually reached the surface of the 4183 ** disk and can be restored in the event of a hot-journal rollback. 4184 ** 4185 ** If the Pager.noSync flag is set, then this function is a no-op. 4186 ** Otherwise, the actions required depend on the journal-mode and the 4187 ** device characteristics of the file-system, as follows: 4188 ** 4189 ** * If the journal file is an in-memory journal file, no action need 4190 ** be taken. 4191 ** 4192 ** * Otherwise, if the device does not support the SAFE_APPEND property, 4193 ** then the nRec field of the most recently written journal header 4194 ** is updated to contain the number of journal records that have 4195 ** been written following it. If the pager is operating in full-sync 4196 ** mode, then the journal file is synced before this field is updated. 4197 ** 4198 ** * If the device does not support the SEQUENTIAL property, then 4199 ** journal file is synced. 4200 ** 4201 ** Or, in pseudo-code: 4202 ** 4203 ** if( NOT <in-memory journal> ){ 4204 ** if( NOT SAFE_APPEND ){ 4205 ** if( <full-sync mode> ) xSync(<journal file>); 4206 ** <update nRec field> 4207 ** } 4208 ** if( NOT SEQUENTIAL ) xSync(<journal file>); 4209 ** } 4210 ** 4211 ** If successful, this routine clears the PGHDR_NEED_SYNC flag of every 4212 ** page currently held in memory before returning SQLITE_OK. If an IO 4213 ** error is encountered, then the IO error code is returned to the caller. 4214 */ 4215 static int syncJournal(Pager *pPager, int newHdr){ 4216 int rc; /* Return code */ 4217 4218 assert( pPager->eState==PAGER_WRITER_CACHEMOD 4219 || pPager->eState==PAGER_WRITER_DBMOD 4220 ); 4221 assert( assert_pager_state(pPager) ); 4222 assert( !pagerUseWal(pPager) ); 4223 4224 rc = sqlite3PagerExclusiveLock(pPager); 4225 if( rc!=SQLITE_OK ) return rc; 4226 4227 if( !pPager->noSync ){ 4228 assert( !pPager->tempFile ); 4229 if( isOpen(pPager->jfd) && pPager->journalMode!=PAGER_JOURNALMODE_MEMORY ){ 4230 const int iDc = sqlite3OsDeviceCharacteristics(pPager->fd); 4231 assert( isOpen(pPager->jfd) ); 4232 4233 if( 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){ 4234 /* This block deals with an obscure problem. If the last connection 4235 ** that wrote to this database was operating in persistent-journal 4236 ** mode, then the journal file may at this point actually be larger 4237 ** than Pager.journalOff bytes. If the next thing in the journal 4238 ** file happens to be a journal-header (written as part of the 4239 ** previous connection's transaction), and a crash or power-failure 4240 ** occurs after nRec is updated but before this connection writes 4241 ** anything else to the journal file (or commits/rolls back its 4242 ** transaction), then SQLite may become confused when doing the 4243 ** hot-journal rollback following recovery. It may roll back all 4244 ** of this connections data, then proceed to rolling back the old, 4245 ** out-of-date data that follows it. Database corruption. 4246 ** 4247 ** To work around this, if the journal file does appear to contain 4248 ** a valid header following Pager.journalOff, then write a 0x00 4249 ** byte to the start of it to prevent it from being recognized. 4250 ** 4251 ** Variable iNextHdrOffset is set to the offset at which this 4252 ** problematic header will occur, if it exists. aMagic is used 4253 ** as a temporary buffer to inspect the first couple of bytes of 4254 ** the potential journal header. 4255 */ 4256 i64 iNextHdrOffset; 4257 u8 aMagic[8]; 4258 u8 zHeader[sizeof(aJournalMagic)+4]; 4259 4260 memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic)); 4261 put32bits(&zHeader[sizeof(aJournalMagic)], pPager->nRec); 4262 4263 iNextHdrOffset = journalHdrOffset(pPager); 4264 rc = sqlite3OsRead(pPager->jfd, aMagic, 8, iNextHdrOffset); 4265 if( rc==SQLITE_OK && 0==memcmp(aMagic, aJournalMagic, 8) ){ 4266 static const u8 zerobyte = 0; 4267 rc = sqlite3OsWrite(pPager->jfd, &zerobyte, 1, iNextHdrOffset); 4268 } 4269 if( rc!=SQLITE_OK && rc!=SQLITE_IOERR_SHORT_READ ){ 4270 return rc; 4271 } 4272 4273 /* Write the nRec value into the journal file header. If in 4274 ** full-synchronous mode, sync the journal first. This ensures that 4275 ** all data has really hit the disk before nRec is updated to mark 4276 ** it as a candidate for rollback. 4277 ** 4278 ** This is not required if the persistent media supports the 4279 ** SAFE_APPEND property. Because in this case it is not possible 4280 ** for garbage data to be appended to the file, the nRec field 4281 ** is populated with 0xFFFFFFFF when the journal header is written 4282 ** and never needs to be updated. 4283 */ 4284 if( pPager->fullSync && 0==(iDc&SQLITE_IOCAP_SEQUENTIAL) ){ 4285 PAGERTRACE(("SYNC journal of %d\n", PAGERID(pPager))); 4286 IOTRACE(("JSYNC %p\n", pPager)) 4287 rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags); 4288 if( rc!=SQLITE_OK ) return rc; 4289 } 4290 IOTRACE(("JHDR %p %lld\n", pPager, pPager->journalHdr)); 4291 rc = sqlite3OsWrite( 4292 pPager->jfd, zHeader, sizeof(zHeader), pPager->journalHdr 4293 ); 4294 if( rc!=SQLITE_OK ) return rc; 4295 } 4296 if( 0==(iDc&SQLITE_IOCAP_SEQUENTIAL) ){ 4297 PAGERTRACE(("SYNC journal of %d\n", PAGERID(pPager))); 4298 IOTRACE(("JSYNC %p\n", pPager)) 4299 rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags| 4300 (pPager->syncFlags==SQLITE_SYNC_FULL?SQLITE_SYNC_DATAONLY:0) 4301 ); 4302 if( rc!=SQLITE_OK ) return rc; 4303 } 4304 4305 pPager->journalHdr = pPager->journalOff; 4306 if( newHdr && 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){ 4307 pPager->nRec = 0; 4308 rc = writeJournalHdr(pPager); 4309 if( rc!=SQLITE_OK ) return rc; 4310 } 4311 }else{ 4312 pPager->journalHdr = pPager->journalOff; 4313 } 4314 } 4315 4316 /* Unless the pager is in noSync mode, the journal file was just 4317 ** successfully synced. Either way, clear the PGHDR_NEED_SYNC flag on 4318 ** all pages. 4319 */ 4320 sqlite3PcacheClearSyncFlags(pPager->pPCache); 4321 pPager->eState = PAGER_WRITER_DBMOD; 4322 assert( assert_pager_state(pPager) ); 4323 return SQLITE_OK; 4324 } 4325 4326 /* 4327 ** The argument is the first in a linked list of dirty pages connected 4328 ** by the PgHdr.pDirty pointer. This function writes each one of the 4329 ** in-memory pages in the list to the database file. The argument may 4330 ** be NULL, representing an empty list. In this case this function is 4331 ** a no-op. 4332 ** 4333 ** The pager must hold at least a RESERVED lock when this function 4334 ** is called. Before writing anything to the database file, this lock 4335 ** is upgraded to an EXCLUSIVE lock. If the lock cannot be obtained, 4336 ** SQLITE_BUSY is returned and no data is written to the database file. 4337 ** 4338 ** If the pager is a temp-file pager and the actual file-system file 4339 ** is not yet open, it is created and opened before any data is 4340 ** written out. 4341 ** 4342 ** Once the lock has been upgraded and, if necessary, the file opened, 4343 ** the pages are written out to the database file in list order. Writing 4344 ** a page is skipped if it meets either of the following criteria: 4345 ** 4346 ** * The page number is greater than Pager.dbSize, or 4347 ** * The PGHDR_DONT_WRITE flag is set on the page. 4348 ** 4349 ** If writing out a page causes the database file to grow, Pager.dbFileSize 4350 ** is updated accordingly. If page 1 is written out, then the value cached 4351 ** in Pager.dbFileVers[] is updated to match the new value stored in 4352 ** the database file. 4353 ** 4354 ** If everything is successful, SQLITE_OK is returned. If an IO error 4355 ** occurs, an IO error code is returned. Or, if the EXCLUSIVE lock cannot 4356 ** be obtained, SQLITE_BUSY is returned. 4357 */ 4358 static int pager_write_pagelist(Pager *pPager, PgHdr *pList){ 4359 int rc = SQLITE_OK; /* Return code */ 4360 4361 /* This function is only called for rollback pagers in WRITER_DBMOD state. */ 4362 assert( !pagerUseWal(pPager) ); 4363 assert( pPager->tempFile || pPager->eState==PAGER_WRITER_DBMOD ); 4364 assert( pPager->eLock==EXCLUSIVE_LOCK ); 4365 assert( isOpen(pPager->fd) || pList->pDirty==0 ); 4366 4367 /* If the file is a temp-file has not yet been opened, open it now. It 4368 ** is not possible for rc to be other than SQLITE_OK if this branch 4369 ** is taken, as pager_wait_on_lock() is a no-op for temp-files. 4370 */ 4371 if( !isOpen(pPager->fd) ){ 4372 assert( pPager->tempFile && rc==SQLITE_OK ); 4373 rc = pagerOpentemp(pPager, pPager->fd, pPager->vfsFlags); 4374 } 4375 4376 /* Before the first write, give the VFS a hint of what the final 4377 ** file size will be. 4378 */ 4379 assert( rc!=SQLITE_OK || isOpen(pPager->fd) ); 4380 if( rc==SQLITE_OK 4381 && pPager->dbHintSize<pPager->dbSize 4382 && (pList->pDirty || pList->pgno>pPager->dbHintSize) 4383 ){ 4384 sqlite3_int64 szFile = pPager->pageSize * (sqlite3_int64)pPager->dbSize; 4385 sqlite3OsFileControlHint(pPager->fd, SQLITE_FCNTL_SIZE_HINT, &szFile); 4386 pPager->dbHintSize = pPager->dbSize; 4387 } 4388 4389 while( rc==SQLITE_OK && pList ){ 4390 Pgno pgno = pList->pgno; 4391 4392 /* If there are dirty pages in the page cache with page numbers greater 4393 ** than Pager.dbSize, this means sqlite3PagerTruncateImage() was called to 4394 ** make the file smaller (presumably by auto-vacuum code). Do not write 4395 ** any such pages to the file. 4396 ** 4397 ** Also, do not write out any page that has the PGHDR_DONT_WRITE flag 4398 ** set (set by sqlite3PagerDontWrite()). 4399 */ 4400 if( pgno<=pPager->dbSize && 0==(pList->flags&PGHDR_DONT_WRITE) ){ 4401 i64 offset = (pgno-1)*(i64)pPager->pageSize; /* Offset to write */ 4402 char *pData; /* Data to write */ 4403 4404 assert( (pList->flags&PGHDR_NEED_SYNC)==0 ); 4405 if( pList->pgno==1 ) pager_write_changecounter(pList); 4406 4407 pData = pList->pData; 4408 4409 /* Write out the page data. */ 4410 rc = sqlite3OsWrite(pPager->fd, pData, pPager->pageSize, offset); 4411 4412 /* If page 1 was just written, update Pager.dbFileVers to match 4413 ** the value now stored in the database file. If writing this 4414 ** page caused the database file to grow, update dbFileSize. 4415 */ 4416 if( pgno==1 ){ 4417 memcpy(&pPager->dbFileVers, &pData[24], sizeof(pPager->dbFileVers)); 4418 } 4419 if( pgno>pPager->dbFileSize ){ 4420 pPager->dbFileSize = pgno; 4421 } 4422 pPager->aStat[PAGER_STAT_WRITE]++; 4423 4424 /* Update any backup objects copying the contents of this pager. */ 4425 sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)pList->pData); 4426 4427 PAGERTRACE(("STORE %d page %d hash(%08x)\n", 4428 PAGERID(pPager), pgno, pager_pagehash(pList))); 4429 IOTRACE(("PGOUT %p %d\n", pPager, pgno)); 4430 PAGER_INCR(sqlite3_pager_writedb_count); 4431 }else{ 4432 PAGERTRACE(("NOSTORE %d page %d\n", PAGERID(pPager), pgno)); 4433 } 4434 pager_set_pagehash(pList); 4435 pList = pList->pDirty; 4436 } 4437 4438 return rc; 4439 } 4440 4441 /* 4442 ** Ensure that the sub-journal file is open. If it is already open, this 4443 ** function is a no-op. 4444 ** 4445 ** SQLITE_OK is returned if everything goes according to plan. An 4446 ** SQLITE_IOERR_XXX error code is returned if a call to sqlite3OsOpen() 4447 ** fails. 4448 */ 4449 static int openSubJournal(Pager *pPager){ 4450 int rc = SQLITE_OK; 4451 if( !isOpen(pPager->sjfd) ){ 4452 const int flags = SQLITE_OPEN_SUBJOURNAL | SQLITE_OPEN_READWRITE 4453 | SQLITE_OPEN_CREATE | SQLITE_OPEN_EXCLUSIVE 4454 | SQLITE_OPEN_DELETEONCLOSE; 4455 int nStmtSpill = sqlite3Config.nStmtSpill; 4456 if( pPager->journalMode==PAGER_JOURNALMODE_MEMORY || pPager->subjInMemory ){ 4457 nStmtSpill = -1; 4458 } 4459 rc = sqlite3JournalOpen(pPager->pVfs, 0, pPager->sjfd, flags, nStmtSpill); 4460 } 4461 return rc; 4462 } 4463 4464 /* 4465 ** Append a record of the current state of page pPg to the sub-journal. 4466 ** 4467 ** If successful, set the bit corresponding to pPg->pgno in the bitvecs 4468 ** for all open savepoints before returning. 4469 ** 4470 ** This function returns SQLITE_OK if everything is successful, an IO 4471 ** error code if the attempt to write to the sub-journal fails, or 4472 ** SQLITE_NOMEM if a malloc fails while setting a bit in a savepoint 4473 ** bitvec. 4474 */ 4475 static int subjournalPage(PgHdr *pPg){ 4476 int rc = SQLITE_OK; 4477 Pager *pPager = pPg->pPager; 4478 if( pPager->journalMode!=PAGER_JOURNALMODE_OFF ){ 4479 4480 /* Open the sub-journal, if it has not already been opened */ 4481 assert( pPager->useJournal ); 4482 assert( isOpen(pPager->jfd) || pagerUseWal(pPager) ); 4483 assert( isOpen(pPager->sjfd) || pPager->nSubRec==0 ); 4484 assert( pagerUseWal(pPager) 4485 || pageInJournal(pPager, pPg) 4486 || pPg->pgno>pPager->dbOrigSize 4487 ); 4488 rc = openSubJournal(pPager); 4489 4490 /* If the sub-journal was opened successfully (or was already open), 4491 ** write the journal record into the file. */ 4492 if( rc==SQLITE_OK ){ 4493 void *pData = pPg->pData; 4494 i64 offset = (i64)pPager->nSubRec*(4+pPager->pageSize); 4495 char *pData2; 4496 pData2 = pData; 4497 PAGERTRACE(("STMT-JOURNAL %d page %d\n", PAGERID(pPager), pPg->pgno)); 4498 rc = write32bits(pPager->sjfd, offset, pPg->pgno); 4499 if( rc==SQLITE_OK ){ 4500 rc = sqlite3OsWrite(pPager->sjfd, pData2, pPager->pageSize, offset+4); 4501 } 4502 } 4503 } 4504 if( rc==SQLITE_OK ){ 4505 pPager->nSubRec++; 4506 assert( pPager->nSavepoint>0 ); 4507 rc = addToSavepointBitvecs(pPager, pPg->pgno); 4508 } 4509 return rc; 4510 } 4511 static int subjournalPageIfRequired(PgHdr *pPg){ 4512 if( subjRequiresPage(pPg) ){ 4513 return subjournalPage(pPg); 4514 }else{ 4515 return SQLITE_OK; 4516 } 4517 } 4518 4519 /* 4520 ** This function is called by the pcache layer when it has reached some 4521 ** soft memory limit. The first argument is a pointer to a Pager object 4522 ** (cast as a void*). The pager is always 'purgeable' (not an in-memory 4523 ** database). The second argument is a reference to a page that is 4524 ** currently dirty but has no outstanding references. The page 4525 ** is always associated with the Pager object passed as the first 4526 ** argument. 4527 ** 4528 ** The job of this function is to make pPg clean by writing its contents 4529 ** out to the database file, if possible. This may involve syncing the 4530 ** journal file. 4531 ** 4532 ** If successful, sqlite3PcacheMakeClean() is called on the page and 4533 ** SQLITE_OK returned. If an IO error occurs while trying to make the 4534 ** page clean, the IO error code is returned. If the page cannot be 4535 ** made clean for some other reason, but no error occurs, then SQLITE_OK 4536 ** is returned by sqlite3PcacheMakeClean() is not called. 4537 */ 4538 static int pagerStress(void *p, PgHdr *pPg){ 4539 Pager *pPager = (Pager *)p; 4540 int rc = SQLITE_OK; 4541 4542 assert( pPg->pPager==pPager ); 4543 assert( pPg->flags&PGHDR_DIRTY ); 4544 4545 /* The doNotSpill NOSYNC bit is set during times when doing a sync of 4546 ** journal (and adding a new header) is not allowed. This occurs 4547 ** during calls to sqlite3PagerWrite() while trying to journal multiple 4548 ** pages belonging to the same sector. 4549 ** 4550 ** The doNotSpill ROLLBACK and OFF bits inhibits all cache spilling 4551 ** regardless of whether or not a sync is required. This is set during 4552 ** a rollback or by user request, respectively. 4553 ** 4554 ** Spilling is also prohibited when in an error state since that could 4555 ** lead to database corruption. In the current implementation it 4556 ** is impossible for sqlite3PcacheFetch() to be called with createFlag==3 4557 ** while in the error state, hence it is impossible for this routine to 4558 ** be called in the error state. Nevertheless, we include a NEVER() 4559 ** test for the error state as a safeguard against future changes. 4560 */ 4561 if( NEVER(pPager->errCode) ) return SQLITE_OK; 4562 testcase( pPager->doNotSpill & SPILLFLAG_ROLLBACK ); 4563 testcase( pPager->doNotSpill & SPILLFLAG_OFF ); 4564 testcase( pPager->doNotSpill & SPILLFLAG_NOSYNC ); 4565 if( pPager->doNotSpill 4566 && ((pPager->doNotSpill & (SPILLFLAG_ROLLBACK|SPILLFLAG_OFF))!=0 4567 || (pPg->flags & PGHDR_NEED_SYNC)!=0) 4568 ){ 4569 return SQLITE_OK; 4570 } 4571 4572 pPager->aStat[PAGER_STAT_SPILL]++; 4573 pPg->pDirty = 0; 4574 if( pagerUseWal(pPager) ){ 4575 /* Write a single frame for this page to the log. */ 4576 rc = subjournalPageIfRequired(pPg); 4577 if( rc==SQLITE_OK ){ 4578 rc = pagerWalFrames(pPager, pPg, 0, 0); 4579 } 4580 }else{ 4581 4582 #ifdef SQLITE_ENABLE_BATCH_ATOMIC_WRITE 4583 if( pPager->tempFile==0 ){ 4584 rc = sqlite3JournalCreate(pPager->jfd); 4585 if( rc!=SQLITE_OK ) return pager_error(pPager, rc); 4586 } 4587 #endif 4588 4589 /* Sync the journal file if required. */ 4590 if( pPg->flags&PGHDR_NEED_SYNC 4591 || pPager->eState==PAGER_WRITER_CACHEMOD 4592 ){ 4593 rc = syncJournal(pPager, 1); 4594 } 4595 4596 /* Write the contents of the page out to the database file. */ 4597 if( rc==SQLITE_OK ){ 4598 assert( (pPg->flags&PGHDR_NEED_SYNC)==0 ); 4599 rc = pager_write_pagelist(pPager, pPg); 4600 } 4601 } 4602 4603 /* Mark the page as clean. */ 4604 if( rc==SQLITE_OK ){ 4605 PAGERTRACE(("STRESS %d page %d\n", PAGERID(pPager), pPg->pgno)); 4606 sqlite3PcacheMakeClean(pPg); 4607 } 4608 4609 return pager_error(pPager, rc); 4610 } 4611 4612 /* 4613 ** Flush all unreferenced dirty pages to disk. 4614 */ 4615 int sqlite3PagerFlush(Pager *pPager){ 4616 int rc = pPager->errCode; 4617 if( !MEMDB ){ 4618 PgHdr *pList = sqlite3PcacheDirtyList(pPager->pPCache); 4619 assert( assert_pager_state(pPager) ); 4620 while( rc==SQLITE_OK && pList ){ 4621 PgHdr *pNext = pList->pDirty; 4622 if( pList->nRef==0 ){ 4623 rc = pagerStress((void*)pPager, pList); 4624 } 4625 pList = pNext; 4626 } 4627 } 4628 4629 return rc; 4630 } 4631 4632 /* 4633 ** Allocate and initialize a new Pager object and put a pointer to it 4634 ** in *ppPager. The pager should eventually be freed by passing it 4635 ** to sqlite3PagerClose(). 4636 ** 4637 ** The zFilename argument is the path to the database file to open. 4638 ** If zFilename is NULL then a randomly-named temporary file is created 4639 ** and used as the file to be cached. Temporary files are be deleted 4640 ** automatically when they are closed. If zFilename is ":memory:" then 4641 ** all information is held in cache. It is never written to disk. 4642 ** This can be used to implement an in-memory database. 4643 ** 4644 ** The nExtra parameter specifies the number of bytes of space allocated 4645 ** along with each page reference. This space is available to the user 4646 ** via the sqlite3PagerGetExtra() API. When a new page is allocated, the 4647 ** first 8 bytes of this space are zeroed but the remainder is uninitialized. 4648 ** (The extra space is used by btree as the MemPage object.) 4649 ** 4650 ** The flags argument is used to specify properties that affect the 4651 ** operation of the pager. It should be passed some bitwise combination 4652 ** of the PAGER_* flags. 4653 ** 4654 ** The vfsFlags parameter is a bitmask to pass to the flags parameter 4655 ** of the xOpen() method of the supplied VFS when opening files. 4656 ** 4657 ** If the pager object is allocated and the specified file opened 4658 ** successfully, SQLITE_OK is returned and *ppPager set to point to 4659 ** the new pager object. If an error occurs, *ppPager is set to NULL 4660 ** and error code returned. This function may return SQLITE_NOMEM 4661 ** (sqlite3Malloc() is used to allocate memory), SQLITE_CANTOPEN or 4662 ** various SQLITE_IO_XXX errors. 4663 */ 4664 int sqlite3PagerOpen( 4665 sqlite3_vfs *pVfs, /* The virtual file system to use */ 4666 Pager **ppPager, /* OUT: Return the Pager structure here */ 4667 const char *zFilename, /* Name of the database file to open */ 4668 int nExtra, /* Extra bytes append to each in-memory page */ 4669 int flags, /* flags controlling this file */ 4670 int vfsFlags, /* flags passed through to sqlite3_vfs.xOpen() */ 4671 void (*xReinit)(DbPage*) /* Function to reinitialize pages */ 4672 ){ 4673 u8 *pPtr; 4674 Pager *pPager = 0; /* Pager object to allocate and return */ 4675 int rc = SQLITE_OK; /* Return code */ 4676 int tempFile = 0; /* True for temp files (incl. in-memory files) */ 4677 int memDb = 0; /* True if this is an in-memory file */ 4678 #ifndef SQLITE_OMIT_DESERIALIZE 4679 int memJM = 0; /* Memory journal mode */ 4680 #else 4681 # define memJM 0 4682 #endif 4683 int readOnly = 0; /* True if this is a read-only file */ 4684 int journalFileSize; /* Bytes to allocate for each journal fd */ 4685 char *zPathname = 0; /* Full path to database file */ 4686 int nPathname = 0; /* Number of bytes in zPathname */ 4687 int useJournal = (flags & PAGER_OMIT_JOURNAL)==0; /* False to omit journal */ 4688 int pcacheSize = sqlite3PcacheSize(); /* Bytes to allocate for PCache */ 4689 u32 szPageDflt = SQLITE_DEFAULT_PAGE_SIZE; /* Default page size */ 4690 const char *zUri = 0; /* URI args to copy */ 4691 int nUriByte = 1; /* Number of bytes of URI args at *zUri */ 4692 int nUri = 0; /* Number of URI parameters */ 4693 4694 /* Figure out how much space is required for each journal file-handle 4695 ** (there are two of them, the main journal and the sub-journal). */ 4696 journalFileSize = ROUND8(sqlite3JournalSize(pVfs)); 4697 4698 /* Set the output variable to NULL in case an error occurs. */ 4699 *ppPager = 0; 4700 4701 #ifndef SQLITE_OMIT_MEMORYDB 4702 if( flags & PAGER_MEMORY ){ 4703 memDb = 1; 4704 if( zFilename && zFilename[0] ){ 4705 zPathname = sqlite3DbStrDup(0, zFilename); 4706 if( zPathname==0 ) return SQLITE_NOMEM_BKPT; 4707 nPathname = sqlite3Strlen30(zPathname); 4708 zFilename = 0; 4709 } 4710 } 4711 #endif 4712 4713 /* Compute and store the full pathname in an allocated buffer pointed 4714 ** to by zPathname, length nPathname. Or, if this is a temporary file, 4715 ** leave both nPathname and zPathname set to 0. 4716 */ 4717 if( zFilename && zFilename[0] ){ 4718 const char *z; 4719 nPathname = pVfs->mxPathname+1; 4720 zPathname = sqlite3DbMallocRaw(0, nPathname*2); 4721 if( zPathname==0 ){ 4722 return SQLITE_NOMEM_BKPT; 4723 } 4724 zPathname[0] = 0; /* Make sure initialized even if FullPathname() fails */ 4725 rc = sqlite3OsFullPathname(pVfs, zFilename, nPathname, zPathname); 4726 if( rc!=SQLITE_OK ){ 4727 if( rc==SQLITE_OK_SYMLINK ){ 4728 if( vfsFlags & SQLITE_OPEN_NOFOLLOW ){ 4729 rc = SQLITE_CANTOPEN_SYMLINK; 4730 }else{ 4731 rc = SQLITE_OK; 4732 } 4733 } 4734 } 4735 nPathname = sqlite3Strlen30(zPathname); 4736 z = zUri = &zFilename[sqlite3Strlen30(zFilename)+1]; 4737 while( *z ){ 4738 z += strlen(z)+1; 4739 z += strlen(z)+1; 4740 nUri++; 4741 } 4742 nUriByte = (int)(&z[1] - zUri); 4743 assert( nUriByte>=1 ); 4744 if( rc==SQLITE_OK && nPathname+8>pVfs->mxPathname ){ 4745 /* This branch is taken when the journal path required by 4746 ** the database being opened will be more than pVfs->mxPathname 4747 ** bytes in length. This means the database cannot be opened, 4748 ** as it will not be possible to open the journal file or even 4749 ** check for a hot-journal before reading. 4750 */ 4751 rc = SQLITE_CANTOPEN_BKPT; 4752 } 4753 if( rc!=SQLITE_OK ){ 4754 sqlite3DbFree(0, zPathname); 4755 return rc; 4756 } 4757 } 4758 4759 /* Allocate memory for the Pager structure, PCache object, the 4760 ** three file descriptors, the database file name and the journal 4761 ** file name. The layout in memory is as follows: 4762 ** 4763 ** Pager object (sizeof(Pager) bytes) 4764 ** PCache object (sqlite3PcacheSize() bytes) 4765 ** Database file handle (pVfs->szOsFile bytes) 4766 ** Sub-journal file handle (journalFileSize bytes) 4767 ** Main journal file handle (journalFileSize bytes) 4768 ** Ptr back to the Pager (sizeof(Pager*) bytes) 4769 ** \0\0\0\0 database prefix (4 bytes) 4770 ** Database file name (nPathname+1 bytes) 4771 ** URI query parameters (nUriByte bytes) 4772 ** Journal filename (nPathname+8+1 bytes) 4773 ** WAL filename (nPathname+4+1 bytes) 4774 ** \0\0\0 terminator (3 bytes) 4775 ** 4776 ** Some 3rd-party software, over which we have no control, depends on 4777 ** the specific order of the filenames and the \0 separators between them 4778 ** so that it can (for example) find the database filename given the WAL 4779 ** filename without using the sqlite3_filename_database() API. This is a 4780 ** misuse of SQLite and a bug in the 3rd-party software, but the 3rd-party 4781 ** software is in widespread use, so we try to avoid changing the filename 4782 ** order and formatting if possible. In particular, the details of the 4783 ** filename format expected by 3rd-party software should be as follows: 4784 ** 4785 ** - Main Database Path 4786 ** - \0 4787 ** - Multiple URI components consisting of: 4788 ** - Key 4789 ** - \0 4790 ** - Value 4791 ** - \0 4792 ** - \0 4793 ** - Journal Path 4794 ** - \0 4795 ** - WAL Path (zWALName) 4796 ** - \0 4797 ** 4798 ** The sqlite3_create_filename() interface and the databaseFilename() utility 4799 ** that is used by sqlite3_filename_database() and kin also depend on the 4800 ** specific formatting and order of the various filenames, so if the format 4801 ** changes here, be sure to change it there as well. 4802 */ 4803 pPtr = (u8 *)sqlite3MallocZero( 4804 ROUND8(sizeof(*pPager)) + /* Pager structure */ 4805 ROUND8(pcacheSize) + /* PCache object */ 4806 ROUND8(pVfs->szOsFile) + /* The main db file */ 4807 journalFileSize * 2 + /* The two journal files */ 4808 sizeof(pPager) + /* Space to hold a pointer */ 4809 4 + /* Database prefix */ 4810 nPathname + 1 + /* database filename */ 4811 nUriByte + /* query parameters */ 4812 nPathname + 8 + 1 + /* Journal filename */ 4813 #ifndef SQLITE_OMIT_WAL 4814 nPathname + 4 + 1 + /* WAL filename */ 4815 #endif 4816 3 /* Terminator */ 4817 ); 4818 assert( EIGHT_BYTE_ALIGNMENT(SQLITE_INT_TO_PTR(journalFileSize)) ); 4819 if( !pPtr ){ 4820 sqlite3DbFree(0, zPathname); 4821 return SQLITE_NOMEM_BKPT; 4822 } 4823 pPager = (Pager*)pPtr; pPtr += ROUND8(sizeof(*pPager)); 4824 pPager->pPCache = (PCache*)pPtr; pPtr += ROUND8(pcacheSize); 4825 pPager->fd = (sqlite3_file*)pPtr; pPtr += ROUND8(pVfs->szOsFile); 4826 pPager->sjfd = (sqlite3_file*)pPtr; pPtr += journalFileSize; 4827 pPager->jfd = (sqlite3_file*)pPtr; pPtr += journalFileSize; 4828 assert( EIGHT_BYTE_ALIGNMENT(pPager->jfd) ); 4829 memcpy(pPtr, &pPager, sizeof(pPager)); pPtr += sizeof(pPager); 4830 4831 /* Fill in the Pager.zFilename and pPager.zQueryParam fields */ 4832 pPtr += 4; /* Skip zero prefix */ 4833 pPager->zFilename = (char*)pPtr; 4834 if( nPathname>0 ){ 4835 memcpy(pPtr, zPathname, nPathname); pPtr += nPathname + 1; 4836 if( zUri ){ 4837 memcpy(pPtr, zUri, nUriByte); pPtr += nUriByte; 4838 }else{ 4839 pPtr++; 4840 } 4841 } 4842 4843 4844 /* Fill in Pager.zJournal */ 4845 if( nPathname>0 ){ 4846 pPager->zJournal = (char*)pPtr; 4847 memcpy(pPtr, zPathname, nPathname); pPtr += nPathname; 4848 memcpy(pPtr, "-journal",8); pPtr += 8 + 1; 4849 #ifdef SQLITE_ENABLE_8_3_NAMES 4850 sqlite3FileSuffix3(zFilename,pPager->zJournal); 4851 pPtr = (u8*)(pPager->zJournal + sqlite3Strlen30(pPager->zJournal)+1); 4852 #endif 4853 }else{ 4854 pPager->zJournal = 0; 4855 } 4856 4857 #ifndef SQLITE_OMIT_WAL 4858 /* Fill in Pager.zWal */ 4859 if( nPathname>0 ){ 4860 pPager->zWal = (char*)pPtr; 4861 memcpy(pPtr, zPathname, nPathname); pPtr += nPathname; 4862 memcpy(pPtr, "-wal", 4); pPtr += 4 + 1; 4863 #ifdef SQLITE_ENABLE_8_3_NAMES 4864 sqlite3FileSuffix3(zFilename, pPager->zWal); 4865 pPtr = (u8*)(pPager->zWal + sqlite3Strlen30(pPager->zWal)+1); 4866 #endif 4867 }else{ 4868 pPager->zWal = 0; 4869 } 4870 #endif 4871 (void)pPtr; /* Suppress warning about unused pPtr value */ 4872 4873 if( nPathname ) sqlite3DbFree(0, zPathname); 4874 pPager->pVfs = pVfs; 4875 pPager->vfsFlags = vfsFlags; 4876 4877 /* Open the pager file. 4878 */ 4879 if( zFilename && zFilename[0] ){ 4880 int fout = 0; /* VFS flags returned by xOpen() */ 4881 rc = sqlite3OsOpen(pVfs, pPager->zFilename, pPager->fd, vfsFlags, &fout); 4882 assert( !memDb ); 4883 #ifndef SQLITE_OMIT_DESERIALIZE 4884 pPager->memVfs = memJM = (fout&SQLITE_OPEN_MEMORY)!=0; 4885 #endif 4886 readOnly = (fout&SQLITE_OPEN_READONLY)!=0; 4887 4888 /* If the file was successfully opened for read/write access, 4889 ** choose a default page size in case we have to create the 4890 ** database file. The default page size is the maximum of: 4891 ** 4892 ** + SQLITE_DEFAULT_PAGE_SIZE, 4893 ** + The value returned by sqlite3OsSectorSize() 4894 ** + The largest page size that can be written atomically. 4895 */ 4896 if( rc==SQLITE_OK ){ 4897 int iDc = sqlite3OsDeviceCharacteristics(pPager->fd); 4898 if( !readOnly ){ 4899 setSectorSize(pPager); 4900 assert(SQLITE_DEFAULT_PAGE_SIZE<=SQLITE_MAX_DEFAULT_PAGE_SIZE); 4901 if( szPageDflt<pPager->sectorSize ){ 4902 if( pPager->sectorSize>SQLITE_MAX_DEFAULT_PAGE_SIZE ){ 4903 szPageDflt = SQLITE_MAX_DEFAULT_PAGE_SIZE; 4904 }else{ 4905 szPageDflt = (u32)pPager->sectorSize; 4906 } 4907 } 4908 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 4909 { 4910 int ii; 4911 assert(SQLITE_IOCAP_ATOMIC512==(512>>8)); 4912 assert(SQLITE_IOCAP_ATOMIC64K==(65536>>8)); 4913 assert(SQLITE_MAX_DEFAULT_PAGE_SIZE<=65536); 4914 for(ii=szPageDflt; ii<=SQLITE_MAX_DEFAULT_PAGE_SIZE; ii=ii*2){ 4915 if( iDc&(SQLITE_IOCAP_ATOMIC|(ii>>8)) ){ 4916 szPageDflt = ii; 4917 } 4918 } 4919 } 4920 #endif 4921 } 4922 pPager->noLock = sqlite3_uri_boolean(pPager->zFilename, "nolock", 0); 4923 if( (iDc & SQLITE_IOCAP_IMMUTABLE)!=0 4924 || sqlite3_uri_boolean(pPager->zFilename, "immutable", 0) ){ 4925 vfsFlags |= SQLITE_OPEN_READONLY; 4926 goto act_like_temp_file; 4927 } 4928 } 4929 }else{ 4930 /* If a temporary file is requested, it is not opened immediately. 4931 ** In this case we accept the default page size and delay actually 4932 ** opening the file until the first call to OsWrite(). 4933 ** 4934 ** This branch is also run for an in-memory database. An in-memory 4935 ** database is the same as a temp-file that is never written out to 4936 ** disk and uses an in-memory rollback journal. 4937 ** 4938 ** This branch also runs for files marked as immutable. 4939 */ 4940 act_like_temp_file: 4941 tempFile = 1; 4942 pPager->eState = PAGER_READER; /* Pretend we already have a lock */ 4943 pPager->eLock = EXCLUSIVE_LOCK; /* Pretend we are in EXCLUSIVE mode */ 4944 pPager->noLock = 1; /* Do no locking */ 4945 readOnly = (vfsFlags&SQLITE_OPEN_READONLY); 4946 } 4947 4948 /* The following call to PagerSetPagesize() serves to set the value of 4949 ** Pager.pageSize and to allocate the Pager.pTmpSpace buffer. 4950 */ 4951 if( rc==SQLITE_OK ){ 4952 assert( pPager->memDb==0 ); 4953 rc = sqlite3PagerSetPagesize(pPager, &szPageDflt, -1); 4954 testcase( rc!=SQLITE_OK ); 4955 } 4956 4957 /* Initialize the PCache object. */ 4958 if( rc==SQLITE_OK ){ 4959 nExtra = ROUND8(nExtra); 4960 assert( nExtra>=8 && nExtra<1000 ); 4961 rc = sqlite3PcacheOpen(szPageDflt, nExtra, !memDb, 4962 !memDb?pagerStress:0, (void *)pPager, pPager->pPCache); 4963 } 4964 4965 /* If an error occurred above, free the Pager structure and close the file. 4966 */ 4967 if( rc!=SQLITE_OK ){ 4968 sqlite3OsClose(pPager->fd); 4969 sqlite3PageFree(pPager->pTmpSpace); 4970 sqlite3_free(pPager); 4971 return rc; 4972 } 4973 4974 PAGERTRACE(("OPEN %d %s\n", FILEHANDLEID(pPager->fd), pPager->zFilename)); 4975 IOTRACE(("OPEN %p %s\n", pPager, pPager->zFilename)) 4976 4977 pPager->useJournal = (u8)useJournal; 4978 /* pPager->stmtOpen = 0; */ 4979 /* pPager->stmtInUse = 0; */ 4980 /* pPager->nRef = 0; */ 4981 /* pPager->stmtSize = 0; */ 4982 /* pPager->stmtJSize = 0; */ 4983 /* pPager->nPage = 0; */ 4984 pPager->mxPgno = SQLITE_MAX_PAGE_COUNT; 4985 /* pPager->state = PAGER_UNLOCK; */ 4986 /* pPager->errMask = 0; */ 4987 pPager->tempFile = (u8)tempFile; 4988 assert( tempFile==PAGER_LOCKINGMODE_NORMAL 4989 || tempFile==PAGER_LOCKINGMODE_EXCLUSIVE ); 4990 assert( PAGER_LOCKINGMODE_EXCLUSIVE==1 ); 4991 pPager->exclusiveMode = (u8)tempFile; 4992 pPager->changeCountDone = pPager->tempFile; 4993 pPager->memDb = (u8)memDb; 4994 pPager->readOnly = (u8)readOnly; 4995 assert( useJournal || pPager->tempFile ); 4996 pPager->noSync = pPager->tempFile; 4997 if( pPager->noSync ){ 4998 assert( pPager->fullSync==0 ); 4999 assert( pPager->extraSync==0 ); 5000 assert( pPager->syncFlags==0 ); 5001 assert( pPager->walSyncFlags==0 ); 5002 }else{ 5003 pPager->fullSync = 1; 5004 pPager->extraSync = 0; 5005 pPager->syncFlags = SQLITE_SYNC_NORMAL; 5006 pPager->walSyncFlags = SQLITE_SYNC_NORMAL | (SQLITE_SYNC_NORMAL<<2); 5007 } 5008 /* pPager->pFirst = 0; */ 5009 /* pPager->pFirstSynced = 0; */ 5010 /* pPager->pLast = 0; */ 5011 pPager->nExtra = (u16)nExtra; 5012 pPager->journalSizeLimit = SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT; 5013 assert( isOpen(pPager->fd) || tempFile ); 5014 setSectorSize(pPager); 5015 if( !useJournal ){ 5016 pPager->journalMode = PAGER_JOURNALMODE_OFF; 5017 }else if( memDb || memJM ){ 5018 pPager->journalMode = PAGER_JOURNALMODE_MEMORY; 5019 } 5020 /* pPager->xBusyHandler = 0; */ 5021 /* pPager->pBusyHandlerArg = 0; */ 5022 pPager->xReiniter = xReinit; 5023 setGetterMethod(pPager); 5024 /* memset(pPager->aHash, 0, sizeof(pPager->aHash)); */ 5025 /* pPager->szMmap = SQLITE_DEFAULT_MMAP_SIZE // will be set by btree.c */ 5026 5027 *ppPager = pPager; 5028 return SQLITE_OK; 5029 } 5030 5031 /* 5032 ** Return the sqlite3_file for the main database given the name 5033 ** of the corresonding WAL or Journal name as passed into 5034 ** xOpen. 5035 */ 5036 sqlite3_file *sqlite3_database_file_object(const char *zName){ 5037 Pager *pPager; 5038 while( zName[-1]!=0 || zName[-2]!=0 || zName[-3]!=0 || zName[-4]!=0 ){ 5039 zName--; 5040 } 5041 pPager = *(Pager**)(zName - 4 - sizeof(Pager*)); 5042 return pPager->fd; 5043 } 5044 5045 5046 /* 5047 ** This function is called after transitioning from PAGER_UNLOCK to 5048 ** PAGER_SHARED state. It tests if there is a hot journal present in 5049 ** the file-system for the given pager. A hot journal is one that 5050 ** needs to be played back. According to this function, a hot-journal 5051 ** file exists if the following criteria are met: 5052 ** 5053 ** * The journal file exists in the file system, and 5054 ** * No process holds a RESERVED or greater lock on the database file, and 5055 ** * The database file itself is greater than 0 bytes in size, and 5056 ** * The first byte of the journal file exists and is not 0x00. 5057 ** 5058 ** If the current size of the database file is 0 but a journal file 5059 ** exists, that is probably an old journal left over from a prior 5060 ** database with the same name. In this case the journal file is 5061 ** just deleted using OsDelete, *pExists is set to 0 and SQLITE_OK 5062 ** is returned. 5063 ** 5064 ** This routine does not check if there is a super-journal filename 5065 ** at the end of the file. If there is, and that super-journal file 5066 ** does not exist, then the journal file is not really hot. In this 5067 ** case this routine will return a false-positive. The pager_playback() 5068 ** routine will discover that the journal file is not really hot and 5069 ** will not roll it back. 5070 ** 5071 ** If a hot-journal file is found to exist, *pExists is set to 1 and 5072 ** SQLITE_OK returned. If no hot-journal file is present, *pExists is 5073 ** set to 0 and SQLITE_OK returned. If an IO error occurs while trying 5074 ** to determine whether or not a hot-journal file exists, the IO error 5075 ** code is returned and the value of *pExists is undefined. 5076 */ 5077 static int hasHotJournal(Pager *pPager, int *pExists){ 5078 sqlite3_vfs * const pVfs = pPager->pVfs; 5079 int rc = SQLITE_OK; /* Return code */ 5080 int exists = 1; /* True if a journal file is present */ 5081 int jrnlOpen = !!isOpen(pPager->jfd); 5082 5083 assert( pPager->useJournal ); 5084 assert( isOpen(pPager->fd) ); 5085 assert( pPager->eState==PAGER_OPEN ); 5086 5087 assert( jrnlOpen==0 || ( sqlite3OsDeviceCharacteristics(pPager->jfd) & 5088 SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN 5089 )); 5090 5091 *pExists = 0; 5092 if( !jrnlOpen ){ 5093 rc = sqlite3OsAccess(pVfs, pPager->zJournal, SQLITE_ACCESS_EXISTS, &exists); 5094 } 5095 if( rc==SQLITE_OK && exists ){ 5096 int locked = 0; /* True if some process holds a RESERVED lock */ 5097 5098 /* Race condition here: Another process might have been holding the 5099 ** the RESERVED lock and have a journal open at the sqlite3OsAccess() 5100 ** call above, but then delete the journal and drop the lock before 5101 ** we get to the following sqlite3OsCheckReservedLock() call. If that 5102 ** is the case, this routine might think there is a hot journal when 5103 ** in fact there is none. This results in a false-positive which will 5104 ** be dealt with by the playback routine. Ticket #3883. 5105 */ 5106 rc = sqlite3OsCheckReservedLock(pPager->fd, &locked); 5107 if( rc==SQLITE_OK && !locked ){ 5108 Pgno nPage; /* Number of pages in database file */ 5109 5110 assert( pPager->tempFile==0 ); 5111 rc = pagerPagecount(pPager, &nPage); 5112 if( rc==SQLITE_OK ){ 5113 /* If the database is zero pages in size, that means that either (1) the 5114 ** journal is a remnant from a prior database with the same name where 5115 ** the database file but not the journal was deleted, or (2) the initial 5116 ** transaction that populates a new database is being rolled back. 5117 ** In either case, the journal file can be deleted. However, take care 5118 ** not to delete the journal file if it is already open due to 5119 ** journal_mode=PERSIST. 5120 */ 5121 if( nPage==0 && !jrnlOpen ){ 5122 sqlite3BeginBenignMalloc(); 5123 if( pagerLockDb(pPager, RESERVED_LOCK)==SQLITE_OK ){ 5124 sqlite3OsDelete(pVfs, pPager->zJournal, 0); 5125 if( !pPager->exclusiveMode ) pagerUnlockDb(pPager, SHARED_LOCK); 5126 } 5127 sqlite3EndBenignMalloc(); 5128 }else{ 5129 /* The journal file exists and no other connection has a reserved 5130 ** or greater lock on the database file. Now check that there is 5131 ** at least one non-zero bytes at the start of the journal file. 5132 ** If there is, then we consider this journal to be hot. If not, 5133 ** it can be ignored. 5134 */ 5135 if( !jrnlOpen ){ 5136 int f = SQLITE_OPEN_READONLY|SQLITE_OPEN_MAIN_JOURNAL; 5137 rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &f); 5138 } 5139 if( rc==SQLITE_OK ){ 5140 u8 first = 0; 5141 rc = sqlite3OsRead(pPager->jfd, (void *)&first, 1, 0); 5142 if( rc==SQLITE_IOERR_SHORT_READ ){ 5143 rc = SQLITE_OK; 5144 } 5145 if( !jrnlOpen ){ 5146 sqlite3OsClose(pPager->jfd); 5147 } 5148 *pExists = (first!=0); 5149 }else if( rc==SQLITE_CANTOPEN ){ 5150 /* If we cannot open the rollback journal file in order to see if 5151 ** it has a zero header, that might be due to an I/O error, or 5152 ** it might be due to the race condition described above and in 5153 ** ticket #3883. Either way, assume that the journal is hot. 5154 ** This might be a false positive. But if it is, then the 5155 ** automatic journal playback and recovery mechanism will deal 5156 ** with it under an EXCLUSIVE lock where we do not need to 5157 ** worry so much with race conditions. 5158 */ 5159 *pExists = 1; 5160 rc = SQLITE_OK; 5161 } 5162 } 5163 } 5164 } 5165 } 5166 5167 return rc; 5168 } 5169 5170 /* 5171 ** This function is called to obtain a shared lock on the database file. 5172 ** It is illegal to call sqlite3PagerGet() until after this function 5173 ** has been successfully called. If a shared-lock is already held when 5174 ** this function is called, it is a no-op. 5175 ** 5176 ** The following operations are also performed by this function. 5177 ** 5178 ** 1) If the pager is currently in PAGER_OPEN state (no lock held 5179 ** on the database file), then an attempt is made to obtain a 5180 ** SHARED lock on the database file. Immediately after obtaining 5181 ** the SHARED lock, the file-system is checked for a hot-journal, 5182 ** which is played back if present. Following any hot-journal 5183 ** rollback, the contents of the cache are validated by checking 5184 ** the 'change-counter' field of the database file header and 5185 ** discarded if they are found to be invalid. 5186 ** 5187 ** 2) If the pager is running in exclusive-mode, and there are currently 5188 ** no outstanding references to any pages, and is in the error state, 5189 ** then an attempt is made to clear the error state by discarding 5190 ** the contents of the page cache and rolling back any open journal 5191 ** file. 5192 ** 5193 ** If everything is successful, SQLITE_OK is returned. If an IO error 5194 ** occurs while locking the database, checking for a hot-journal file or 5195 ** rolling back a journal file, the IO error code is returned. 5196 */ 5197 int sqlite3PagerSharedLock(Pager *pPager){ 5198 int rc = SQLITE_OK; /* Return code */ 5199 5200 /* This routine is only called from b-tree and only when there are no 5201 ** outstanding pages. This implies that the pager state should either 5202 ** be OPEN or READER. READER is only possible if the pager is or was in 5203 ** exclusive access mode. */ 5204 assert( sqlite3PcacheRefCount(pPager->pPCache)==0 ); 5205 assert( assert_pager_state(pPager) ); 5206 assert( pPager->eState==PAGER_OPEN || pPager->eState==PAGER_READER ); 5207 assert( pPager->errCode==SQLITE_OK ); 5208 5209 if( !pagerUseWal(pPager) && pPager->eState==PAGER_OPEN ){ 5210 int bHotJournal = 1; /* True if there exists a hot journal-file */ 5211 5212 assert( !MEMDB ); 5213 assert( pPager->tempFile==0 || pPager->eLock==EXCLUSIVE_LOCK ); 5214 5215 rc = pager_wait_on_lock(pPager, SHARED_LOCK); 5216 if( rc!=SQLITE_OK ){ 5217 assert( pPager->eLock==NO_LOCK || pPager->eLock==UNKNOWN_LOCK ); 5218 goto failed; 5219 } 5220 5221 /* If a journal file exists, and there is no RESERVED lock on the 5222 ** database file, then it either needs to be played back or deleted. 5223 */ 5224 if( pPager->eLock<=SHARED_LOCK ){ 5225 rc = hasHotJournal(pPager, &bHotJournal); 5226 } 5227 if( rc!=SQLITE_OK ){ 5228 goto failed; 5229 } 5230 if( bHotJournal ){ 5231 if( pPager->readOnly ){ 5232 rc = SQLITE_READONLY_ROLLBACK; 5233 goto failed; 5234 } 5235 5236 /* Get an EXCLUSIVE lock on the database file. At this point it is 5237 ** important that a RESERVED lock is not obtained on the way to the 5238 ** EXCLUSIVE lock. If it were, another process might open the 5239 ** database file, detect the RESERVED lock, and conclude that the 5240 ** database is safe to read while this process is still rolling the 5241 ** hot-journal back. 5242 ** 5243 ** Because the intermediate RESERVED lock is not requested, any 5244 ** other process attempting to access the database file will get to 5245 ** this point in the code and fail to obtain its own EXCLUSIVE lock 5246 ** on the database file. 5247 ** 5248 ** Unless the pager is in locking_mode=exclusive mode, the lock is 5249 ** downgraded to SHARED_LOCK before this function returns. 5250 */ 5251 rc = pagerLockDb(pPager, EXCLUSIVE_LOCK); 5252 if( rc!=SQLITE_OK ){ 5253 goto failed; 5254 } 5255 5256 /* If it is not already open and the file exists on disk, open the 5257 ** journal for read/write access. Write access is required because 5258 ** in exclusive-access mode the file descriptor will be kept open 5259 ** and possibly used for a transaction later on. Also, write-access 5260 ** is usually required to finalize the journal in journal_mode=persist 5261 ** mode (and also for journal_mode=truncate on some systems). 5262 ** 5263 ** If the journal does not exist, it usually means that some 5264 ** other connection managed to get in and roll it back before 5265 ** this connection obtained the exclusive lock above. Or, it 5266 ** may mean that the pager was in the error-state when this 5267 ** function was called and the journal file does not exist. 5268 */ 5269 if( !isOpen(pPager->jfd) && pPager->journalMode!=PAGER_JOURNALMODE_OFF ){ 5270 sqlite3_vfs * const pVfs = pPager->pVfs; 5271 int bExists; /* True if journal file exists */ 5272 rc = sqlite3OsAccess( 5273 pVfs, pPager->zJournal, SQLITE_ACCESS_EXISTS, &bExists); 5274 if( rc==SQLITE_OK && bExists ){ 5275 int fout = 0; 5276 int f = SQLITE_OPEN_READWRITE|SQLITE_OPEN_MAIN_JOURNAL; 5277 assert( !pPager->tempFile ); 5278 rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &fout); 5279 assert( rc!=SQLITE_OK || isOpen(pPager->jfd) ); 5280 if( rc==SQLITE_OK && fout&SQLITE_OPEN_READONLY ){ 5281 rc = SQLITE_CANTOPEN_BKPT; 5282 sqlite3OsClose(pPager->jfd); 5283 } 5284 } 5285 } 5286 5287 /* Playback and delete the journal. Drop the database write 5288 ** lock and reacquire the read lock. Purge the cache before 5289 ** playing back the hot-journal so that we don't end up with 5290 ** an inconsistent cache. Sync the hot journal before playing 5291 ** it back since the process that crashed and left the hot journal 5292 ** probably did not sync it and we are required to always sync 5293 ** the journal before playing it back. 5294 */ 5295 if( isOpen(pPager->jfd) ){ 5296 assert( rc==SQLITE_OK ); 5297 rc = pagerSyncHotJournal(pPager); 5298 if( rc==SQLITE_OK ){ 5299 rc = pager_playback(pPager, !pPager->tempFile); 5300 pPager->eState = PAGER_OPEN; 5301 } 5302 }else if( !pPager->exclusiveMode ){ 5303 pagerUnlockDb(pPager, SHARED_LOCK); 5304 } 5305 5306 if( rc!=SQLITE_OK ){ 5307 /* This branch is taken if an error occurs while trying to open 5308 ** or roll back a hot-journal while holding an EXCLUSIVE lock. The 5309 ** pager_unlock() routine will be called before returning to unlock 5310 ** the file. If the unlock attempt fails, then Pager.eLock must be 5311 ** set to UNKNOWN_LOCK (see the comment above the #define for 5312 ** UNKNOWN_LOCK above for an explanation). 5313 ** 5314 ** In order to get pager_unlock() to do this, set Pager.eState to 5315 ** PAGER_ERROR now. This is not actually counted as a transition 5316 ** to ERROR state in the state diagram at the top of this file, 5317 ** since we know that the same call to pager_unlock() will very 5318 ** shortly transition the pager object to the OPEN state. Calling 5319 ** assert_pager_state() would fail now, as it should not be possible 5320 ** to be in ERROR state when there are zero outstanding page 5321 ** references. 5322 */ 5323 pager_error(pPager, rc); 5324 goto failed; 5325 } 5326 5327 assert( pPager->eState==PAGER_OPEN ); 5328 assert( (pPager->eLock==SHARED_LOCK) 5329 || (pPager->exclusiveMode && pPager->eLock>SHARED_LOCK) 5330 ); 5331 } 5332 5333 if( !pPager->tempFile && pPager->hasHeldSharedLock ){ 5334 /* The shared-lock has just been acquired then check to 5335 ** see if the database has been modified. If the database has changed, 5336 ** flush the cache. The hasHeldSharedLock flag prevents this from 5337 ** occurring on the very first access to a file, in order to save a 5338 ** single unnecessary sqlite3OsRead() call at the start-up. 5339 ** 5340 ** Database changes are detected by looking at 15 bytes beginning 5341 ** at offset 24 into the file. The first 4 of these 16 bytes are 5342 ** a 32-bit counter that is incremented with each change. The 5343 ** other bytes change randomly with each file change when 5344 ** a codec is in use. 5345 ** 5346 ** There is a vanishingly small chance that a change will not be 5347 ** detected. The chance of an undetected change is so small that 5348 ** it can be neglected. 5349 */ 5350 char dbFileVers[sizeof(pPager->dbFileVers)]; 5351 5352 IOTRACE(("CKVERS %p %d\n", pPager, sizeof(dbFileVers))); 5353 rc = sqlite3OsRead(pPager->fd, &dbFileVers, sizeof(dbFileVers), 24); 5354 if( rc!=SQLITE_OK ){ 5355 if( rc!=SQLITE_IOERR_SHORT_READ ){ 5356 goto failed; 5357 } 5358 memset(dbFileVers, 0, sizeof(dbFileVers)); 5359 } 5360 5361 if( memcmp(pPager->dbFileVers, dbFileVers, sizeof(dbFileVers))!=0 ){ 5362 pager_reset(pPager); 5363 5364 /* Unmap the database file. It is possible that external processes 5365 ** may have truncated the database file and then extended it back 5366 ** to its original size while this process was not holding a lock. 5367 ** In this case there may exist a Pager.pMap mapping that appears 5368 ** to be the right size but is not actually valid. Avoid this 5369 ** possibility by unmapping the db here. */ 5370 if( USEFETCH(pPager) ){ 5371 sqlite3OsUnfetch(pPager->fd, 0, 0); 5372 } 5373 } 5374 } 5375 5376 /* If there is a WAL file in the file-system, open this database in WAL 5377 ** mode. Otherwise, the following function call is a no-op. 5378 */ 5379 rc = pagerOpenWalIfPresent(pPager); 5380 #ifndef SQLITE_OMIT_WAL 5381 assert( pPager->pWal==0 || rc==SQLITE_OK ); 5382 #endif 5383 } 5384 5385 if( pagerUseWal(pPager) ){ 5386 assert( rc==SQLITE_OK ); 5387 rc = pagerBeginReadTransaction(pPager); 5388 } 5389 5390 if( pPager->tempFile==0 && pPager->eState==PAGER_OPEN && rc==SQLITE_OK ){ 5391 rc = pagerPagecount(pPager, &pPager->dbSize); 5392 } 5393 5394 failed: 5395 if( rc!=SQLITE_OK ){ 5396 assert( !MEMDB ); 5397 pager_unlock(pPager); 5398 assert( pPager->eState==PAGER_OPEN ); 5399 }else{ 5400 pPager->eState = PAGER_READER; 5401 pPager->hasHeldSharedLock = 1; 5402 } 5403 return rc; 5404 } 5405 5406 /* 5407 ** If the reference count has reached zero, rollback any active 5408 ** transaction and unlock the pager. 5409 ** 5410 ** Except, in locking_mode=EXCLUSIVE when there is nothing to in 5411 ** the rollback journal, the unlock is not performed and there is 5412 ** nothing to rollback, so this routine is a no-op. 5413 */ 5414 static void pagerUnlockIfUnused(Pager *pPager){ 5415 if( sqlite3PcacheRefCount(pPager->pPCache)==0 ){ 5416 assert( pPager->nMmapOut==0 ); /* because page1 is never memory mapped */ 5417 pagerUnlockAndRollback(pPager); 5418 } 5419 } 5420 5421 /* 5422 ** The page getter methods each try to acquire a reference to a 5423 ** page with page number pgno. If the requested reference is 5424 ** successfully obtained, it is copied to *ppPage and SQLITE_OK returned. 5425 ** 5426 ** There are different implementations of the getter method depending 5427 ** on the current state of the pager. 5428 ** 5429 ** getPageNormal() -- The normal getter 5430 ** getPageError() -- Used if the pager is in an error state 5431 ** getPageMmap() -- Used if memory-mapped I/O is enabled 5432 ** 5433 ** If the requested page is already in the cache, it is returned. 5434 ** Otherwise, a new page object is allocated and populated with data 5435 ** read from the database file. In some cases, the pcache module may 5436 ** choose not to allocate a new page object and may reuse an existing 5437 ** object with no outstanding references. 5438 ** 5439 ** The extra data appended to a page is always initialized to zeros the 5440 ** first time a page is loaded into memory. If the page requested is 5441 ** already in the cache when this function is called, then the extra 5442 ** data is left as it was when the page object was last used. 5443 ** 5444 ** If the database image is smaller than the requested page or if 5445 ** the flags parameter contains the PAGER_GET_NOCONTENT bit and the 5446 ** requested page is not already stored in the cache, then no 5447 ** actual disk read occurs. In this case the memory image of the 5448 ** page is initialized to all zeros. 5449 ** 5450 ** If PAGER_GET_NOCONTENT is true, it means that we do not care about 5451 ** the contents of the page. This occurs in two scenarios: 5452 ** 5453 ** a) When reading a free-list leaf page from the database, and 5454 ** 5455 ** b) When a savepoint is being rolled back and we need to load 5456 ** a new page into the cache to be filled with the data read 5457 ** from the savepoint journal. 5458 ** 5459 ** If PAGER_GET_NOCONTENT is true, then the data returned is zeroed instead 5460 ** of being read from the database. Additionally, the bits corresponding 5461 ** to pgno in Pager.pInJournal (bitvec of pages already written to the 5462 ** journal file) and the PagerSavepoint.pInSavepoint bitvecs of any open 5463 ** savepoints are set. This means if the page is made writable at any 5464 ** point in the future, using a call to sqlite3PagerWrite(), its contents 5465 ** will not be journaled. This saves IO. 5466 ** 5467 ** The acquisition might fail for several reasons. In all cases, 5468 ** an appropriate error code is returned and *ppPage is set to NULL. 5469 ** 5470 ** See also sqlite3PagerLookup(). Both this routine and Lookup() attempt 5471 ** to find a page in the in-memory cache first. If the page is not already 5472 ** in memory, this routine goes to disk to read it in whereas Lookup() 5473 ** just returns 0. This routine acquires a read-lock the first time it 5474 ** has to go to disk, and could also playback an old journal if necessary. 5475 ** Since Lookup() never goes to disk, it never has to deal with locks 5476 ** or journal files. 5477 */ 5478 static int getPageNormal( 5479 Pager *pPager, /* The pager open on the database file */ 5480 Pgno pgno, /* Page number to fetch */ 5481 DbPage **ppPage, /* Write a pointer to the page here */ 5482 int flags /* PAGER_GET_XXX flags */ 5483 ){ 5484 int rc = SQLITE_OK; 5485 PgHdr *pPg; 5486 u8 noContent; /* True if PAGER_GET_NOCONTENT is set */ 5487 sqlite3_pcache_page *pBase; 5488 5489 assert( pPager->errCode==SQLITE_OK ); 5490 assert( pPager->eState>=PAGER_READER ); 5491 assert( assert_pager_state(pPager) ); 5492 assert( pPager->hasHeldSharedLock==1 ); 5493 5494 if( pgno==0 ) return SQLITE_CORRUPT_BKPT; 5495 pBase = sqlite3PcacheFetch(pPager->pPCache, pgno, 3); 5496 if( pBase==0 ){ 5497 pPg = 0; 5498 rc = sqlite3PcacheFetchStress(pPager->pPCache, pgno, &pBase); 5499 if( rc!=SQLITE_OK ) goto pager_acquire_err; 5500 if( pBase==0 ){ 5501 rc = SQLITE_NOMEM_BKPT; 5502 goto pager_acquire_err; 5503 } 5504 } 5505 pPg = *ppPage = sqlite3PcacheFetchFinish(pPager->pPCache, pgno, pBase); 5506 assert( pPg==(*ppPage) ); 5507 assert( pPg->pgno==pgno ); 5508 assert( pPg->pPager==pPager || pPg->pPager==0 ); 5509 5510 noContent = (flags & PAGER_GET_NOCONTENT)!=0; 5511 if( pPg->pPager && !noContent ){ 5512 /* In this case the pcache already contains an initialized copy of 5513 ** the page. Return without further ado. */ 5514 assert( pgno!=PAGER_SJ_PGNO(pPager) ); 5515 pPager->aStat[PAGER_STAT_HIT]++; 5516 return SQLITE_OK; 5517 5518 }else{ 5519 /* The pager cache has created a new page. Its content needs to 5520 ** be initialized. But first some error checks: 5521 ** 5522 ** (*) obsolete. Was: maximum page number is 2^31 5523 ** (2) Never try to fetch the locking page 5524 */ 5525 if( pgno==PAGER_SJ_PGNO(pPager) ){ 5526 rc = SQLITE_CORRUPT_BKPT; 5527 goto pager_acquire_err; 5528 } 5529 5530 pPg->pPager = pPager; 5531 5532 assert( !isOpen(pPager->fd) || !MEMDB ); 5533 if( !isOpen(pPager->fd) || pPager->dbSize<pgno || noContent ){ 5534 if( pgno>pPager->mxPgno ){ 5535 rc = SQLITE_FULL; 5536 goto pager_acquire_err; 5537 } 5538 if( noContent ){ 5539 /* Failure to set the bits in the InJournal bit-vectors is benign. 5540 ** It merely means that we might do some extra work to journal a 5541 ** page that does not need to be journaled. Nevertheless, be sure 5542 ** to test the case where a malloc error occurs while trying to set 5543 ** a bit in a bit vector. 5544 */ 5545 sqlite3BeginBenignMalloc(); 5546 if( pgno<=pPager->dbOrigSize ){ 5547 TESTONLY( rc = ) sqlite3BitvecSet(pPager->pInJournal, pgno); 5548 testcase( rc==SQLITE_NOMEM ); 5549 } 5550 TESTONLY( rc = ) addToSavepointBitvecs(pPager, pgno); 5551 testcase( rc==SQLITE_NOMEM ); 5552 sqlite3EndBenignMalloc(); 5553 } 5554 memset(pPg->pData, 0, pPager->pageSize); 5555 IOTRACE(("ZERO %p %d\n", pPager, pgno)); 5556 }else{ 5557 assert( pPg->pPager==pPager ); 5558 pPager->aStat[PAGER_STAT_MISS]++; 5559 rc = readDbPage(pPg); 5560 if( rc!=SQLITE_OK ){ 5561 goto pager_acquire_err; 5562 } 5563 } 5564 pager_set_pagehash(pPg); 5565 } 5566 return SQLITE_OK; 5567 5568 pager_acquire_err: 5569 assert( rc!=SQLITE_OK ); 5570 if( pPg ){ 5571 sqlite3PcacheDrop(pPg); 5572 } 5573 pagerUnlockIfUnused(pPager); 5574 *ppPage = 0; 5575 return rc; 5576 } 5577 5578 #if SQLITE_MAX_MMAP_SIZE>0 5579 /* The page getter for when memory-mapped I/O is enabled */ 5580 static int getPageMMap( 5581 Pager *pPager, /* The pager open on the database file */ 5582 Pgno pgno, /* Page number to fetch */ 5583 DbPage **ppPage, /* Write a pointer to the page here */ 5584 int flags /* PAGER_GET_XXX flags */ 5585 ){ 5586 int rc = SQLITE_OK; 5587 PgHdr *pPg = 0; 5588 u32 iFrame = 0; /* Frame to read from WAL file */ 5589 5590 /* It is acceptable to use a read-only (mmap) page for any page except 5591 ** page 1 if there is no write-transaction open or the ACQUIRE_READONLY 5592 ** flag was specified by the caller. And so long as the db is not a 5593 ** temporary or in-memory database. */ 5594 const int bMmapOk = (pgno>1 5595 && (pPager->eState==PAGER_READER || (flags & PAGER_GET_READONLY)) 5596 ); 5597 5598 assert( USEFETCH(pPager) ); 5599 5600 /* Optimization note: Adding the "pgno<=1" term before "pgno==0" here 5601 ** allows the compiler optimizer to reuse the results of the "pgno>1" 5602 ** test in the previous statement, and avoid testing pgno==0 in the 5603 ** common case where pgno is large. */ 5604 if( pgno<=1 && pgno==0 ){ 5605 return SQLITE_CORRUPT_BKPT; 5606 } 5607 assert( pPager->eState>=PAGER_READER ); 5608 assert( assert_pager_state(pPager) ); 5609 assert( pPager->hasHeldSharedLock==1 ); 5610 assert( pPager->errCode==SQLITE_OK ); 5611 5612 if( bMmapOk && pagerUseWal(pPager) ){ 5613 rc = sqlite3WalFindFrame(pPager->pWal, pgno, &iFrame); 5614 if( rc!=SQLITE_OK ){ 5615 *ppPage = 0; 5616 return rc; 5617 } 5618 } 5619 if( bMmapOk && iFrame==0 ){ 5620 void *pData = 0; 5621 rc = sqlite3OsFetch(pPager->fd, 5622 (i64)(pgno-1) * pPager->pageSize, pPager->pageSize, &pData 5623 ); 5624 if( rc==SQLITE_OK && pData ){ 5625 if( pPager->eState>PAGER_READER || pPager->tempFile ){ 5626 pPg = sqlite3PagerLookup(pPager, pgno); 5627 } 5628 if( pPg==0 ){ 5629 rc = pagerAcquireMapPage(pPager, pgno, pData, &pPg); 5630 }else{ 5631 sqlite3OsUnfetch(pPager->fd, (i64)(pgno-1)*pPager->pageSize, pData); 5632 } 5633 if( pPg ){ 5634 assert( rc==SQLITE_OK ); 5635 *ppPage = pPg; 5636 return SQLITE_OK; 5637 } 5638 } 5639 if( rc!=SQLITE_OK ){ 5640 *ppPage = 0; 5641 return rc; 5642 } 5643 } 5644 return getPageNormal(pPager, pgno, ppPage, flags); 5645 } 5646 #endif /* SQLITE_MAX_MMAP_SIZE>0 */ 5647 5648 /* The page getter method for when the pager is an error state */ 5649 static int getPageError( 5650 Pager *pPager, /* The pager open on the database file */ 5651 Pgno pgno, /* Page number to fetch */ 5652 DbPage **ppPage, /* Write a pointer to the page here */ 5653 int flags /* PAGER_GET_XXX flags */ 5654 ){ 5655 UNUSED_PARAMETER(pgno); 5656 UNUSED_PARAMETER(flags); 5657 assert( pPager->errCode!=SQLITE_OK ); 5658 *ppPage = 0; 5659 return pPager->errCode; 5660 } 5661 5662 5663 /* Dispatch all page fetch requests to the appropriate getter method. 5664 */ 5665 int sqlite3PagerGet( 5666 Pager *pPager, /* The pager open on the database file */ 5667 Pgno pgno, /* Page number to fetch */ 5668 DbPage **ppPage, /* Write a pointer to the page here */ 5669 int flags /* PAGER_GET_XXX flags */ 5670 ){ 5671 /* printf("PAGE %u\n", pgno); fflush(stdout); */ 5672 return pPager->xGet(pPager, pgno, ppPage, flags); 5673 } 5674 5675 /* 5676 ** Acquire a page if it is already in the in-memory cache. Do 5677 ** not read the page from disk. Return a pointer to the page, 5678 ** or 0 if the page is not in cache. 5679 ** 5680 ** See also sqlite3PagerGet(). The difference between this routine 5681 ** and sqlite3PagerGet() is that _get() will go to the disk and read 5682 ** in the page if the page is not already in cache. This routine 5683 ** returns NULL if the page is not in cache or if a disk I/O error 5684 ** has ever happened. 5685 */ 5686 DbPage *sqlite3PagerLookup(Pager *pPager, Pgno pgno){ 5687 sqlite3_pcache_page *pPage; 5688 assert( pPager!=0 ); 5689 assert( pgno!=0 ); 5690 assert( pPager->pPCache!=0 ); 5691 pPage = sqlite3PcacheFetch(pPager->pPCache, pgno, 0); 5692 assert( pPage==0 || pPager->hasHeldSharedLock ); 5693 if( pPage==0 ) return 0; 5694 return sqlite3PcacheFetchFinish(pPager->pPCache, pgno, pPage); 5695 } 5696 5697 /* 5698 ** Release a page reference. 5699 ** 5700 ** The sqlite3PagerUnref() and sqlite3PagerUnrefNotNull() may only be 5701 ** used if we know that the page being released is not the last page. 5702 ** The btree layer always holds page1 open until the end, so these first 5703 ** to routines can be used to release any page other than BtShared.pPage1. 5704 ** 5705 ** Use sqlite3PagerUnrefPageOne() to release page1. This latter routine 5706 ** checks the total number of outstanding pages and if the number of 5707 ** pages reaches zero it drops the database lock. 5708 */ 5709 void sqlite3PagerUnrefNotNull(DbPage *pPg){ 5710 TESTONLY( Pager *pPager = pPg->pPager; ) 5711 assert( pPg!=0 ); 5712 if( pPg->flags & PGHDR_MMAP ){ 5713 assert( pPg->pgno!=1 ); /* Page1 is never memory mapped */ 5714 pagerReleaseMapPage(pPg); 5715 }else{ 5716 sqlite3PcacheRelease(pPg); 5717 } 5718 /* Do not use this routine to release the last reference to page1 */ 5719 assert( sqlite3PcacheRefCount(pPager->pPCache)>0 ); 5720 } 5721 void sqlite3PagerUnref(DbPage *pPg){ 5722 if( pPg ) sqlite3PagerUnrefNotNull(pPg); 5723 } 5724 void sqlite3PagerUnrefPageOne(DbPage *pPg){ 5725 Pager *pPager; 5726 assert( pPg!=0 ); 5727 assert( pPg->pgno==1 ); 5728 assert( (pPg->flags & PGHDR_MMAP)==0 ); /* Page1 is never memory mapped */ 5729 pPager = pPg->pPager; 5730 sqlite3PcacheRelease(pPg); 5731 pagerUnlockIfUnused(pPager); 5732 } 5733 5734 /* 5735 ** This function is called at the start of every write transaction. 5736 ** There must already be a RESERVED or EXCLUSIVE lock on the database 5737 ** file when this routine is called. 5738 ** 5739 ** Open the journal file for pager pPager and write a journal header 5740 ** to the start of it. If there are active savepoints, open the sub-journal 5741 ** as well. This function is only used when the journal file is being 5742 ** opened to write a rollback log for a transaction. It is not used 5743 ** when opening a hot journal file to roll it back. 5744 ** 5745 ** If the journal file is already open (as it may be in exclusive mode), 5746 ** then this function just writes a journal header to the start of the 5747 ** already open file. 5748 ** 5749 ** Whether or not the journal file is opened by this function, the 5750 ** Pager.pInJournal bitvec structure is allocated. 5751 ** 5752 ** Return SQLITE_OK if everything is successful. Otherwise, return 5753 ** SQLITE_NOMEM if the attempt to allocate Pager.pInJournal fails, or 5754 ** an IO error code if opening or writing the journal file fails. 5755 */ 5756 static int pager_open_journal(Pager *pPager){ 5757 int rc = SQLITE_OK; /* Return code */ 5758 sqlite3_vfs * const pVfs = pPager->pVfs; /* Local cache of vfs pointer */ 5759 5760 assert( pPager->eState==PAGER_WRITER_LOCKED ); 5761 assert( assert_pager_state(pPager) ); 5762 assert( pPager->pInJournal==0 ); 5763 5764 /* If already in the error state, this function is a no-op. But on 5765 ** the other hand, this routine is never called if we are already in 5766 ** an error state. */ 5767 if( NEVER(pPager->errCode) ) return pPager->errCode; 5768 5769 if( !pagerUseWal(pPager) && pPager->journalMode!=PAGER_JOURNALMODE_OFF ){ 5770 pPager->pInJournal = sqlite3BitvecCreate(pPager->dbSize); 5771 if( pPager->pInJournal==0 ){ 5772 return SQLITE_NOMEM_BKPT; 5773 } 5774 5775 /* Open the journal file if it is not already open. */ 5776 if( !isOpen(pPager->jfd) ){ 5777 if( pPager->journalMode==PAGER_JOURNALMODE_MEMORY ){ 5778 sqlite3MemJournalOpen(pPager->jfd); 5779 }else{ 5780 int flags = SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE; 5781 int nSpill; 5782 5783 if( pPager->tempFile ){ 5784 flags |= (SQLITE_OPEN_DELETEONCLOSE|SQLITE_OPEN_TEMP_JOURNAL); 5785 nSpill = sqlite3Config.nStmtSpill; 5786 }else{ 5787 flags |= SQLITE_OPEN_MAIN_JOURNAL; 5788 nSpill = jrnlBufferSize(pPager); 5789 } 5790 5791 /* Verify that the database still has the same name as it did when 5792 ** it was originally opened. */ 5793 rc = databaseIsUnmoved(pPager); 5794 if( rc==SQLITE_OK ){ 5795 rc = sqlite3JournalOpen ( 5796 pVfs, pPager->zJournal, pPager->jfd, flags, nSpill 5797 ); 5798 } 5799 } 5800 assert( rc!=SQLITE_OK || isOpen(pPager->jfd) ); 5801 } 5802 5803 5804 /* Write the first journal header to the journal file and open 5805 ** the sub-journal if necessary. 5806 */ 5807 if( rc==SQLITE_OK ){ 5808 /* TODO: Check if all of these are really required. */ 5809 pPager->nRec = 0; 5810 pPager->journalOff = 0; 5811 pPager->setSuper = 0; 5812 pPager->journalHdr = 0; 5813 rc = writeJournalHdr(pPager); 5814 } 5815 } 5816 5817 if( rc!=SQLITE_OK ){ 5818 sqlite3BitvecDestroy(pPager->pInJournal); 5819 pPager->pInJournal = 0; 5820 }else{ 5821 assert( pPager->eState==PAGER_WRITER_LOCKED ); 5822 pPager->eState = PAGER_WRITER_CACHEMOD; 5823 } 5824 5825 return rc; 5826 } 5827 5828 /* 5829 ** Begin a write-transaction on the specified pager object. If a 5830 ** write-transaction has already been opened, this function is a no-op. 5831 ** 5832 ** If the exFlag argument is false, then acquire at least a RESERVED 5833 ** lock on the database file. If exFlag is true, then acquire at least 5834 ** an EXCLUSIVE lock. If such a lock is already held, no locking 5835 ** functions need be called. 5836 ** 5837 ** If the subjInMemory argument is non-zero, then any sub-journal opened 5838 ** within this transaction will be opened as an in-memory file. This 5839 ** has no effect if the sub-journal is already opened (as it may be when 5840 ** running in exclusive mode) or if the transaction does not require a 5841 ** sub-journal. If the subjInMemory argument is zero, then any required 5842 ** sub-journal is implemented in-memory if pPager is an in-memory database, 5843 ** or using a temporary file otherwise. 5844 */ 5845 int sqlite3PagerBegin(Pager *pPager, int exFlag, int subjInMemory){ 5846 int rc = SQLITE_OK; 5847 5848 if( pPager->errCode ) return pPager->errCode; 5849 assert( pPager->eState>=PAGER_READER && pPager->eState<PAGER_ERROR ); 5850 pPager->subjInMemory = (u8)subjInMemory; 5851 5852 if( pPager->eState==PAGER_READER ){ 5853 assert( pPager->pInJournal==0 ); 5854 5855 if( pagerUseWal(pPager) ){ 5856 /* If the pager is configured to use locking_mode=exclusive, and an 5857 ** exclusive lock on the database is not already held, obtain it now. 5858 */ 5859 if( pPager->exclusiveMode && sqlite3WalExclusiveMode(pPager->pWal, -1) ){ 5860 rc = pagerLockDb(pPager, EXCLUSIVE_LOCK); 5861 if( rc!=SQLITE_OK ){ 5862 return rc; 5863 } 5864 (void)sqlite3WalExclusiveMode(pPager->pWal, 1); 5865 } 5866 5867 /* Grab the write lock on the log file. If successful, upgrade to 5868 ** PAGER_RESERVED state. Otherwise, return an error code to the caller. 5869 ** The busy-handler is not invoked if another connection already 5870 ** holds the write-lock. If possible, the upper layer will call it. 5871 */ 5872 rc = sqlite3WalBeginWriteTransaction(pPager->pWal); 5873 }else{ 5874 /* Obtain a RESERVED lock on the database file. If the exFlag parameter 5875 ** is true, then immediately upgrade this to an EXCLUSIVE lock. The 5876 ** busy-handler callback can be used when upgrading to the EXCLUSIVE 5877 ** lock, but not when obtaining the RESERVED lock. 5878 */ 5879 rc = pagerLockDb(pPager, RESERVED_LOCK); 5880 if( rc==SQLITE_OK && exFlag ){ 5881 rc = pager_wait_on_lock(pPager, EXCLUSIVE_LOCK); 5882 } 5883 } 5884 5885 if( rc==SQLITE_OK ){ 5886 /* Change to WRITER_LOCKED state. 5887 ** 5888 ** WAL mode sets Pager.eState to PAGER_WRITER_LOCKED or CACHEMOD 5889 ** when it has an open transaction, but never to DBMOD or FINISHED. 5890 ** This is because in those states the code to roll back savepoint 5891 ** transactions may copy data from the sub-journal into the database 5892 ** file as well as into the page cache. Which would be incorrect in 5893 ** WAL mode. 5894 */ 5895 pPager->eState = PAGER_WRITER_LOCKED; 5896 pPager->dbHintSize = pPager->dbSize; 5897 pPager->dbFileSize = pPager->dbSize; 5898 pPager->dbOrigSize = pPager->dbSize; 5899 pPager->journalOff = 0; 5900 } 5901 5902 assert( rc==SQLITE_OK || pPager->eState==PAGER_READER ); 5903 assert( rc!=SQLITE_OK || pPager->eState==PAGER_WRITER_LOCKED ); 5904 assert( assert_pager_state(pPager) ); 5905 } 5906 5907 PAGERTRACE(("TRANSACTION %d\n", PAGERID(pPager))); 5908 return rc; 5909 } 5910 5911 /* 5912 ** Write page pPg onto the end of the rollback journal. 5913 */ 5914 static SQLITE_NOINLINE int pagerAddPageToRollbackJournal(PgHdr *pPg){ 5915 Pager *pPager = pPg->pPager; 5916 int rc; 5917 u32 cksum; 5918 char *pData2; 5919 i64 iOff = pPager->journalOff; 5920 5921 /* We should never write to the journal file the page that 5922 ** contains the database locks. The following assert verifies 5923 ** that we do not. */ 5924 assert( pPg->pgno!=PAGER_SJ_PGNO(pPager) ); 5925 5926 assert( pPager->journalHdr<=pPager->journalOff ); 5927 pData2 = pPg->pData; 5928 cksum = pager_cksum(pPager, (u8*)pData2); 5929 5930 /* Even if an IO or diskfull error occurs while journalling the 5931 ** page in the block above, set the need-sync flag for the page. 5932 ** Otherwise, when the transaction is rolled back, the logic in 5933 ** playback_one_page() will think that the page needs to be restored 5934 ** in the database file. And if an IO error occurs while doing so, 5935 ** then corruption may follow. 5936 */ 5937 pPg->flags |= PGHDR_NEED_SYNC; 5938 5939 rc = write32bits(pPager->jfd, iOff, pPg->pgno); 5940 if( rc!=SQLITE_OK ) return rc; 5941 rc = sqlite3OsWrite(pPager->jfd, pData2, pPager->pageSize, iOff+4); 5942 if( rc!=SQLITE_OK ) return rc; 5943 rc = write32bits(pPager->jfd, iOff+pPager->pageSize+4, cksum); 5944 if( rc!=SQLITE_OK ) return rc; 5945 5946 IOTRACE(("JOUT %p %d %lld %d\n", pPager, pPg->pgno, 5947 pPager->journalOff, pPager->pageSize)); 5948 PAGER_INCR(sqlite3_pager_writej_count); 5949 PAGERTRACE(("JOURNAL %d page %d needSync=%d hash(%08x)\n", 5950 PAGERID(pPager), pPg->pgno, 5951 ((pPg->flags&PGHDR_NEED_SYNC)?1:0), pager_pagehash(pPg))); 5952 5953 pPager->journalOff += 8 + pPager->pageSize; 5954 pPager->nRec++; 5955 assert( pPager->pInJournal!=0 ); 5956 rc = sqlite3BitvecSet(pPager->pInJournal, pPg->pgno); 5957 testcase( rc==SQLITE_NOMEM ); 5958 assert( rc==SQLITE_OK || rc==SQLITE_NOMEM ); 5959 rc |= addToSavepointBitvecs(pPager, pPg->pgno); 5960 assert( rc==SQLITE_OK || rc==SQLITE_NOMEM ); 5961 return rc; 5962 } 5963 5964 /* 5965 ** Mark a single data page as writeable. The page is written into the 5966 ** main journal or sub-journal as required. If the page is written into 5967 ** one of the journals, the corresponding bit is set in the 5968 ** Pager.pInJournal bitvec and the PagerSavepoint.pInSavepoint bitvecs 5969 ** of any open savepoints as appropriate. 5970 */ 5971 static int pager_write(PgHdr *pPg){ 5972 Pager *pPager = pPg->pPager; 5973 int rc = SQLITE_OK; 5974 5975 /* This routine is not called unless a write-transaction has already 5976 ** been started. The journal file may or may not be open at this point. 5977 ** It is never called in the ERROR state. 5978 */ 5979 assert( pPager->eState==PAGER_WRITER_LOCKED 5980 || pPager->eState==PAGER_WRITER_CACHEMOD 5981 || pPager->eState==PAGER_WRITER_DBMOD 5982 ); 5983 assert( assert_pager_state(pPager) ); 5984 assert( pPager->errCode==0 ); 5985 assert( pPager->readOnly==0 ); 5986 CHECK_PAGE(pPg); 5987 5988 /* The journal file needs to be opened. Higher level routines have already 5989 ** obtained the necessary locks to begin the write-transaction, but the 5990 ** rollback journal might not yet be open. Open it now if this is the case. 5991 ** 5992 ** This is done before calling sqlite3PcacheMakeDirty() on the page. 5993 ** Otherwise, if it were done after calling sqlite3PcacheMakeDirty(), then 5994 ** an error might occur and the pager would end up in WRITER_LOCKED state 5995 ** with pages marked as dirty in the cache. 5996 */ 5997 if( pPager->eState==PAGER_WRITER_LOCKED ){ 5998 rc = pager_open_journal(pPager); 5999 if( rc!=SQLITE_OK ) return rc; 6000 } 6001 assert( pPager->eState>=PAGER_WRITER_CACHEMOD ); 6002 assert( assert_pager_state(pPager) ); 6003 6004 /* Mark the page that is about to be modified as dirty. */ 6005 sqlite3PcacheMakeDirty(pPg); 6006 6007 /* If a rollback journal is in use, them make sure the page that is about 6008 ** to change is in the rollback journal, or if the page is a new page off 6009 ** then end of the file, make sure it is marked as PGHDR_NEED_SYNC. 6010 */ 6011 assert( (pPager->pInJournal!=0) == isOpen(pPager->jfd) ); 6012 if( pPager->pInJournal!=0 6013 && sqlite3BitvecTestNotNull(pPager->pInJournal, pPg->pgno)==0 6014 ){ 6015 assert( pagerUseWal(pPager)==0 ); 6016 if( pPg->pgno<=pPager->dbOrigSize ){ 6017 rc = pagerAddPageToRollbackJournal(pPg); 6018 if( rc!=SQLITE_OK ){ 6019 return rc; 6020 } 6021 }else{ 6022 if( pPager->eState!=PAGER_WRITER_DBMOD ){ 6023 pPg->flags |= PGHDR_NEED_SYNC; 6024 } 6025 PAGERTRACE(("APPEND %d page %d needSync=%d\n", 6026 PAGERID(pPager), pPg->pgno, 6027 ((pPg->flags&PGHDR_NEED_SYNC)?1:0))); 6028 } 6029 } 6030 6031 /* The PGHDR_DIRTY bit is set above when the page was added to the dirty-list 6032 ** and before writing the page into the rollback journal. Wait until now, 6033 ** after the page has been successfully journalled, before setting the 6034 ** PGHDR_WRITEABLE bit that indicates that the page can be safely modified. 6035 */ 6036 pPg->flags |= PGHDR_WRITEABLE; 6037 6038 /* If the statement journal is open and the page is not in it, 6039 ** then write the page into the statement journal. 6040 */ 6041 if( pPager->nSavepoint>0 ){ 6042 rc = subjournalPageIfRequired(pPg); 6043 } 6044 6045 /* Update the database size and return. */ 6046 if( pPager->dbSize<pPg->pgno ){ 6047 pPager->dbSize = pPg->pgno; 6048 } 6049 return rc; 6050 } 6051 6052 /* 6053 ** This is a variant of sqlite3PagerWrite() that runs when the sector size 6054 ** is larger than the page size. SQLite makes the (reasonable) assumption that 6055 ** all bytes of a sector are written together by hardware. Hence, all bytes of 6056 ** a sector need to be journalled in case of a power loss in the middle of 6057 ** a write. 6058 ** 6059 ** Usually, the sector size is less than or equal to the page size, in which 6060 ** case pages can be individually written. This routine only runs in the 6061 ** exceptional case where the page size is smaller than the sector size. 6062 */ 6063 static SQLITE_NOINLINE int pagerWriteLargeSector(PgHdr *pPg){ 6064 int rc = SQLITE_OK; /* Return code */ 6065 Pgno nPageCount; /* Total number of pages in database file */ 6066 Pgno pg1; /* First page of the sector pPg is located on. */ 6067 int nPage = 0; /* Number of pages starting at pg1 to journal */ 6068 int ii; /* Loop counter */ 6069 int needSync = 0; /* True if any page has PGHDR_NEED_SYNC */ 6070 Pager *pPager = pPg->pPager; /* The pager that owns pPg */ 6071 Pgno nPagePerSector = (pPager->sectorSize/pPager->pageSize); 6072 6073 /* Set the doNotSpill NOSYNC bit to 1. This is because we cannot allow 6074 ** a journal header to be written between the pages journaled by 6075 ** this function. 6076 */ 6077 assert( !MEMDB ); 6078 assert( (pPager->doNotSpill & SPILLFLAG_NOSYNC)==0 ); 6079 pPager->doNotSpill |= SPILLFLAG_NOSYNC; 6080 6081 /* This trick assumes that both the page-size and sector-size are 6082 ** an integer power of 2. It sets variable pg1 to the identifier 6083 ** of the first page of the sector pPg is located on. 6084 */ 6085 pg1 = ((pPg->pgno-1) & ~(nPagePerSector-1)) + 1; 6086 6087 nPageCount = pPager->dbSize; 6088 if( pPg->pgno>nPageCount ){ 6089 nPage = (pPg->pgno - pg1)+1; 6090 }else if( (pg1+nPagePerSector-1)>nPageCount ){ 6091 nPage = nPageCount+1-pg1; 6092 }else{ 6093 nPage = nPagePerSector; 6094 } 6095 assert(nPage>0); 6096 assert(pg1<=pPg->pgno); 6097 assert((pg1+nPage)>pPg->pgno); 6098 6099 for(ii=0; ii<nPage && rc==SQLITE_OK; ii++){ 6100 Pgno pg = pg1+ii; 6101 PgHdr *pPage; 6102 if( pg==pPg->pgno || !sqlite3BitvecTest(pPager->pInJournal, pg) ){ 6103 if( pg!=PAGER_SJ_PGNO(pPager) ){ 6104 rc = sqlite3PagerGet(pPager, pg, &pPage, 0); 6105 if( rc==SQLITE_OK ){ 6106 rc = pager_write(pPage); 6107 if( pPage->flags&PGHDR_NEED_SYNC ){ 6108 needSync = 1; 6109 } 6110 sqlite3PagerUnrefNotNull(pPage); 6111 } 6112 } 6113 }else if( (pPage = sqlite3PagerLookup(pPager, pg))!=0 ){ 6114 if( pPage->flags&PGHDR_NEED_SYNC ){ 6115 needSync = 1; 6116 } 6117 sqlite3PagerUnrefNotNull(pPage); 6118 } 6119 } 6120 6121 /* If the PGHDR_NEED_SYNC flag is set for any of the nPage pages 6122 ** starting at pg1, then it needs to be set for all of them. Because 6123 ** writing to any of these nPage pages may damage the others, the 6124 ** journal file must contain sync()ed copies of all of them 6125 ** before any of them can be written out to the database file. 6126 */ 6127 if( rc==SQLITE_OK && needSync ){ 6128 assert( !MEMDB ); 6129 for(ii=0; ii<nPage; ii++){ 6130 PgHdr *pPage = sqlite3PagerLookup(pPager, pg1+ii); 6131 if( pPage ){ 6132 pPage->flags |= PGHDR_NEED_SYNC; 6133 sqlite3PagerUnrefNotNull(pPage); 6134 } 6135 } 6136 } 6137 6138 assert( (pPager->doNotSpill & SPILLFLAG_NOSYNC)!=0 ); 6139 pPager->doNotSpill &= ~SPILLFLAG_NOSYNC; 6140 return rc; 6141 } 6142 6143 /* 6144 ** Mark a data page as writeable. This routine must be called before 6145 ** making changes to a page. The caller must check the return value 6146 ** of this function and be careful not to change any page data unless 6147 ** this routine returns SQLITE_OK. 6148 ** 6149 ** The difference between this function and pager_write() is that this 6150 ** function also deals with the special case where 2 or more pages 6151 ** fit on a single disk sector. In this case all co-resident pages 6152 ** must have been written to the journal file before returning. 6153 ** 6154 ** If an error occurs, SQLITE_NOMEM or an IO error code is returned 6155 ** as appropriate. Otherwise, SQLITE_OK. 6156 */ 6157 int sqlite3PagerWrite(PgHdr *pPg){ 6158 Pager *pPager = pPg->pPager; 6159 assert( (pPg->flags & PGHDR_MMAP)==0 ); 6160 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 6161 assert( assert_pager_state(pPager) ); 6162 if( (pPg->flags & PGHDR_WRITEABLE)!=0 && pPager->dbSize>=pPg->pgno ){ 6163 if( pPager->nSavepoint ) return subjournalPageIfRequired(pPg); 6164 return SQLITE_OK; 6165 }else if( pPager->errCode ){ 6166 return pPager->errCode; 6167 }else if( pPager->sectorSize > (u32)pPager->pageSize ){ 6168 assert( pPager->tempFile==0 ); 6169 return pagerWriteLargeSector(pPg); 6170 }else{ 6171 return pager_write(pPg); 6172 } 6173 } 6174 6175 /* 6176 ** Return TRUE if the page given in the argument was previously passed 6177 ** to sqlite3PagerWrite(). In other words, return TRUE if it is ok 6178 ** to change the content of the page. 6179 */ 6180 #ifndef NDEBUG 6181 int sqlite3PagerIswriteable(DbPage *pPg){ 6182 return pPg->flags & PGHDR_WRITEABLE; 6183 } 6184 #endif 6185 6186 /* 6187 ** A call to this routine tells the pager that it is not necessary to 6188 ** write the information on page pPg back to the disk, even though 6189 ** that page might be marked as dirty. This happens, for example, when 6190 ** the page has been added as a leaf of the freelist and so its 6191 ** content no longer matters. 6192 ** 6193 ** The overlying software layer calls this routine when all of the data 6194 ** on the given page is unused. The pager marks the page as clean so 6195 ** that it does not get written to disk. 6196 ** 6197 ** Tests show that this optimization can quadruple the speed of large 6198 ** DELETE operations. 6199 ** 6200 ** This optimization cannot be used with a temp-file, as the page may 6201 ** have been dirty at the start of the transaction. In that case, if 6202 ** memory pressure forces page pPg out of the cache, the data does need 6203 ** to be written out to disk so that it may be read back in if the 6204 ** current transaction is rolled back. 6205 */ 6206 void sqlite3PagerDontWrite(PgHdr *pPg){ 6207 Pager *pPager = pPg->pPager; 6208 if( !pPager->tempFile && (pPg->flags&PGHDR_DIRTY) && pPager->nSavepoint==0 ){ 6209 PAGERTRACE(("DONT_WRITE page %d of %d\n", pPg->pgno, PAGERID(pPager))); 6210 IOTRACE(("CLEAN %p %d\n", pPager, pPg->pgno)) 6211 pPg->flags |= PGHDR_DONT_WRITE; 6212 pPg->flags &= ~PGHDR_WRITEABLE; 6213 testcase( pPg->flags & PGHDR_NEED_SYNC ); 6214 pager_set_pagehash(pPg); 6215 } 6216 } 6217 6218 /* 6219 ** This routine is called to increment the value of the database file 6220 ** change-counter, stored as a 4-byte big-endian integer starting at 6221 ** byte offset 24 of the pager file. The secondary change counter at 6222 ** 92 is also updated, as is the SQLite version number at offset 96. 6223 ** 6224 ** But this only happens if the pPager->changeCountDone flag is false. 6225 ** To avoid excess churning of page 1, the update only happens once. 6226 ** See also the pager_write_changecounter() routine that does an 6227 ** unconditional update of the change counters. 6228 ** 6229 ** If the isDirectMode flag is zero, then this is done by calling 6230 ** sqlite3PagerWrite() on page 1, then modifying the contents of the 6231 ** page data. In this case the file will be updated when the current 6232 ** transaction is committed. 6233 ** 6234 ** The isDirectMode flag may only be non-zero if the library was compiled 6235 ** with the SQLITE_ENABLE_ATOMIC_WRITE macro defined. In this case, 6236 ** if isDirect is non-zero, then the database file is updated directly 6237 ** by writing an updated version of page 1 using a call to the 6238 ** sqlite3OsWrite() function. 6239 */ 6240 static int pager_incr_changecounter(Pager *pPager, int isDirectMode){ 6241 int rc = SQLITE_OK; 6242 6243 assert( pPager->eState==PAGER_WRITER_CACHEMOD 6244 || pPager->eState==PAGER_WRITER_DBMOD 6245 ); 6246 assert( assert_pager_state(pPager) ); 6247 6248 /* Declare and initialize constant integer 'isDirect'. If the 6249 ** atomic-write optimization is enabled in this build, then isDirect 6250 ** is initialized to the value passed as the isDirectMode parameter 6251 ** to this function. Otherwise, it is always set to zero. 6252 ** 6253 ** The idea is that if the atomic-write optimization is not 6254 ** enabled at compile time, the compiler can omit the tests of 6255 ** 'isDirect' below, as well as the block enclosed in the 6256 ** "if( isDirect )" condition. 6257 */ 6258 #ifndef SQLITE_ENABLE_ATOMIC_WRITE 6259 # define DIRECT_MODE 0 6260 assert( isDirectMode==0 ); 6261 UNUSED_PARAMETER(isDirectMode); 6262 #else 6263 # define DIRECT_MODE isDirectMode 6264 #endif 6265 6266 if( !pPager->changeCountDone && ALWAYS(pPager->dbSize>0) ){ 6267 PgHdr *pPgHdr; /* Reference to page 1 */ 6268 6269 assert( !pPager->tempFile && isOpen(pPager->fd) ); 6270 6271 /* Open page 1 of the file for writing. */ 6272 rc = sqlite3PagerGet(pPager, 1, &pPgHdr, 0); 6273 assert( pPgHdr==0 || rc==SQLITE_OK ); 6274 6275 /* If page one was fetched successfully, and this function is not 6276 ** operating in direct-mode, make page 1 writable. When not in 6277 ** direct mode, page 1 is always held in cache and hence the PagerGet() 6278 ** above is always successful - hence the ALWAYS on rc==SQLITE_OK. 6279 */ 6280 if( !DIRECT_MODE && ALWAYS(rc==SQLITE_OK) ){ 6281 rc = sqlite3PagerWrite(pPgHdr); 6282 } 6283 6284 if( rc==SQLITE_OK ){ 6285 /* Actually do the update of the change counter */ 6286 pager_write_changecounter(pPgHdr); 6287 6288 /* If running in direct mode, write the contents of page 1 to the file. */ 6289 if( DIRECT_MODE ){ 6290 const void *zBuf; 6291 assert( pPager->dbFileSize>0 ); 6292 zBuf = pPgHdr->pData; 6293 if( rc==SQLITE_OK ){ 6294 rc = sqlite3OsWrite(pPager->fd, zBuf, pPager->pageSize, 0); 6295 pPager->aStat[PAGER_STAT_WRITE]++; 6296 } 6297 if( rc==SQLITE_OK ){ 6298 /* Update the pager's copy of the change-counter. Otherwise, the 6299 ** next time a read transaction is opened the cache will be 6300 ** flushed (as the change-counter values will not match). */ 6301 const void *pCopy = (const void *)&((const char *)zBuf)[24]; 6302 memcpy(&pPager->dbFileVers, pCopy, sizeof(pPager->dbFileVers)); 6303 pPager->changeCountDone = 1; 6304 } 6305 }else{ 6306 pPager->changeCountDone = 1; 6307 } 6308 } 6309 6310 /* Release the page reference. */ 6311 sqlite3PagerUnref(pPgHdr); 6312 } 6313 return rc; 6314 } 6315 6316 /* 6317 ** Sync the database file to disk. This is a no-op for in-memory databases 6318 ** or pages with the Pager.noSync flag set. 6319 ** 6320 ** If successful, or if called on a pager for which it is a no-op, this 6321 ** function returns SQLITE_OK. Otherwise, an IO error code is returned. 6322 */ 6323 int sqlite3PagerSync(Pager *pPager, const char *zSuper){ 6324 int rc = SQLITE_OK; 6325 void *pArg = (void*)zSuper; 6326 rc = sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_SYNC, pArg); 6327 if( rc==SQLITE_NOTFOUND ) rc = SQLITE_OK; 6328 if( rc==SQLITE_OK && !pPager->noSync ){ 6329 assert( !MEMDB ); 6330 rc = sqlite3OsSync(pPager->fd, pPager->syncFlags); 6331 } 6332 return rc; 6333 } 6334 6335 /* 6336 ** This function may only be called while a write-transaction is active in 6337 ** rollback. If the connection is in WAL mode, this call is a no-op. 6338 ** Otherwise, if the connection does not already have an EXCLUSIVE lock on 6339 ** the database file, an attempt is made to obtain one. 6340 ** 6341 ** If the EXCLUSIVE lock is already held or the attempt to obtain it is 6342 ** successful, or the connection is in WAL mode, SQLITE_OK is returned. 6343 ** Otherwise, either SQLITE_BUSY or an SQLITE_IOERR_XXX error code is 6344 ** returned. 6345 */ 6346 int sqlite3PagerExclusiveLock(Pager *pPager){ 6347 int rc = pPager->errCode; 6348 assert( assert_pager_state(pPager) ); 6349 if( rc==SQLITE_OK ){ 6350 assert( pPager->eState==PAGER_WRITER_CACHEMOD 6351 || pPager->eState==PAGER_WRITER_DBMOD 6352 || pPager->eState==PAGER_WRITER_LOCKED 6353 ); 6354 assert( assert_pager_state(pPager) ); 6355 if( 0==pagerUseWal(pPager) ){ 6356 rc = pager_wait_on_lock(pPager, EXCLUSIVE_LOCK); 6357 } 6358 } 6359 return rc; 6360 } 6361 6362 /* 6363 ** Sync the database file for the pager pPager. zSuper points to the name 6364 ** of a super-journal file that should be written into the individual 6365 ** journal file. zSuper may be NULL, which is interpreted as no 6366 ** super-journal (a single database transaction). 6367 ** 6368 ** This routine ensures that: 6369 ** 6370 ** * The database file change-counter is updated, 6371 ** * the journal is synced (unless the atomic-write optimization is used), 6372 ** * all dirty pages are written to the database file, 6373 ** * the database file is truncated (if required), and 6374 ** * the database file synced. 6375 ** 6376 ** The only thing that remains to commit the transaction is to finalize 6377 ** (delete, truncate or zero the first part of) the journal file (or 6378 ** delete the super-journal file if specified). 6379 ** 6380 ** Note that if zSuper==NULL, this does not overwrite a previous value 6381 ** passed to an sqlite3PagerCommitPhaseOne() call. 6382 ** 6383 ** If the final parameter - noSync - is true, then the database file itself 6384 ** is not synced. The caller must call sqlite3PagerSync() directly to 6385 ** sync the database file before calling CommitPhaseTwo() to delete the 6386 ** journal file in this case. 6387 */ 6388 int sqlite3PagerCommitPhaseOne( 6389 Pager *pPager, /* Pager object */ 6390 const char *zSuper, /* If not NULL, the super-journal name */ 6391 int noSync /* True to omit the xSync on the db file */ 6392 ){ 6393 int rc = SQLITE_OK; /* Return code */ 6394 6395 assert( pPager->eState==PAGER_WRITER_LOCKED 6396 || pPager->eState==PAGER_WRITER_CACHEMOD 6397 || pPager->eState==PAGER_WRITER_DBMOD 6398 || pPager->eState==PAGER_ERROR 6399 ); 6400 assert( assert_pager_state(pPager) ); 6401 6402 /* If a prior error occurred, report that error again. */ 6403 if( NEVER(pPager->errCode) ) return pPager->errCode; 6404 6405 /* Provide the ability to easily simulate an I/O error during testing */ 6406 if( sqlite3FaultSim(400) ) return SQLITE_IOERR; 6407 6408 PAGERTRACE(("DATABASE SYNC: File=%s zSuper=%s nSize=%d\n", 6409 pPager->zFilename, zSuper, pPager->dbSize)); 6410 6411 /* If no database changes have been made, return early. */ 6412 if( pPager->eState<PAGER_WRITER_CACHEMOD ) return SQLITE_OK; 6413 6414 assert( MEMDB==0 || pPager->tempFile ); 6415 assert( isOpen(pPager->fd) || pPager->tempFile ); 6416 if( 0==pagerFlushOnCommit(pPager, 1) ){ 6417 /* If this is an in-memory db, or no pages have been written to, or this 6418 ** function has already been called, it is mostly a no-op. However, any 6419 ** backup in progress needs to be restarted. */ 6420 sqlite3BackupRestart(pPager->pBackup); 6421 }else{ 6422 PgHdr *pList; 6423 if( pagerUseWal(pPager) ){ 6424 PgHdr *pPageOne = 0; 6425 pList = sqlite3PcacheDirtyList(pPager->pPCache); 6426 if( pList==0 ){ 6427 /* Must have at least one page for the WAL commit flag. 6428 ** Ticket [2d1a5c67dfc2363e44f29d9bbd57f] 2011-05-18 */ 6429 rc = sqlite3PagerGet(pPager, 1, &pPageOne, 0); 6430 pList = pPageOne; 6431 pList->pDirty = 0; 6432 } 6433 assert( rc==SQLITE_OK ); 6434 if( ALWAYS(pList) ){ 6435 rc = pagerWalFrames(pPager, pList, pPager->dbSize, 1); 6436 } 6437 sqlite3PagerUnref(pPageOne); 6438 if( rc==SQLITE_OK ){ 6439 sqlite3PcacheCleanAll(pPager->pPCache); 6440 } 6441 }else{ 6442 /* The bBatch boolean is true if the batch-atomic-write commit method 6443 ** should be used. No rollback journal is created if batch-atomic-write 6444 ** is enabled. 6445 */ 6446 #ifdef SQLITE_ENABLE_BATCH_ATOMIC_WRITE 6447 sqlite3_file *fd = pPager->fd; 6448 int bBatch = zSuper==0 /* An SQLITE_IOCAP_BATCH_ATOMIC commit */ 6449 && (sqlite3OsDeviceCharacteristics(fd) & SQLITE_IOCAP_BATCH_ATOMIC) 6450 && !pPager->noSync 6451 && sqlite3JournalIsInMemory(pPager->jfd); 6452 #else 6453 # define bBatch 0 6454 #endif 6455 6456 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 6457 /* The following block updates the change-counter. Exactly how it 6458 ** does this depends on whether or not the atomic-update optimization 6459 ** was enabled at compile time, and if this transaction meets the 6460 ** runtime criteria to use the operation: 6461 ** 6462 ** * The file-system supports the atomic-write property for 6463 ** blocks of size page-size, and 6464 ** * This commit is not part of a multi-file transaction, and 6465 ** * Exactly one page has been modified and store in the journal file. 6466 ** 6467 ** If the optimization was not enabled at compile time, then the 6468 ** pager_incr_changecounter() function is called to update the change 6469 ** counter in 'indirect-mode'. If the optimization is compiled in but 6470 ** is not applicable to this transaction, call sqlite3JournalCreate() 6471 ** to make sure the journal file has actually been created, then call 6472 ** pager_incr_changecounter() to update the change-counter in indirect 6473 ** mode. 6474 ** 6475 ** Otherwise, if the optimization is both enabled and applicable, 6476 ** then call pager_incr_changecounter() to update the change-counter 6477 ** in 'direct' mode. In this case the journal file will never be 6478 ** created for this transaction. 6479 */ 6480 if( bBatch==0 ){ 6481 PgHdr *pPg; 6482 assert( isOpen(pPager->jfd) 6483 || pPager->journalMode==PAGER_JOURNALMODE_OFF 6484 || pPager->journalMode==PAGER_JOURNALMODE_WAL 6485 ); 6486 if( !zSuper && isOpen(pPager->jfd) 6487 && pPager->journalOff==jrnlBufferSize(pPager) 6488 && pPager->dbSize>=pPager->dbOrigSize 6489 && (!(pPg = sqlite3PcacheDirtyList(pPager->pPCache)) || 0==pPg->pDirty) 6490 ){ 6491 /* Update the db file change counter via the direct-write method. The 6492 ** following call will modify the in-memory representation of page 1 6493 ** to include the updated change counter and then write page 1 6494 ** directly to the database file. Because of the atomic-write 6495 ** property of the host file-system, this is safe. 6496 */ 6497 rc = pager_incr_changecounter(pPager, 1); 6498 }else{ 6499 rc = sqlite3JournalCreate(pPager->jfd); 6500 if( rc==SQLITE_OK ){ 6501 rc = pager_incr_changecounter(pPager, 0); 6502 } 6503 } 6504 } 6505 #else /* SQLITE_ENABLE_ATOMIC_WRITE */ 6506 #ifdef SQLITE_ENABLE_BATCH_ATOMIC_WRITE 6507 if( zSuper ){ 6508 rc = sqlite3JournalCreate(pPager->jfd); 6509 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 6510 assert( bBatch==0 ); 6511 } 6512 #endif 6513 rc = pager_incr_changecounter(pPager, 0); 6514 #endif /* !SQLITE_ENABLE_ATOMIC_WRITE */ 6515 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 6516 6517 /* Write the super-journal name into the journal file. If a 6518 ** super-journal file name has already been written to the journal file, 6519 ** or if zSuper is NULL (no super-journal), then this call is a no-op. 6520 */ 6521 rc = writeSuperJournal(pPager, zSuper); 6522 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 6523 6524 /* Sync the journal file and write all dirty pages to the database. 6525 ** If the atomic-update optimization is being used, this sync will not 6526 ** create the journal file or perform any real IO. 6527 ** 6528 ** Because the change-counter page was just modified, unless the 6529 ** atomic-update optimization is used it is almost certain that the 6530 ** journal requires a sync here. However, in locking_mode=exclusive 6531 ** on a system under memory pressure it is just possible that this is 6532 ** not the case. In this case it is likely enough that the redundant 6533 ** xSync() call will be changed to a no-op by the OS anyhow. 6534 */ 6535 rc = syncJournal(pPager, 0); 6536 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 6537 6538 pList = sqlite3PcacheDirtyList(pPager->pPCache); 6539 #ifdef SQLITE_ENABLE_BATCH_ATOMIC_WRITE 6540 if( bBatch ){ 6541 rc = sqlite3OsFileControl(fd, SQLITE_FCNTL_BEGIN_ATOMIC_WRITE, 0); 6542 if( rc==SQLITE_OK ){ 6543 rc = pager_write_pagelist(pPager, pList); 6544 if( rc==SQLITE_OK ){ 6545 rc = sqlite3OsFileControl(fd, SQLITE_FCNTL_COMMIT_ATOMIC_WRITE, 0); 6546 } 6547 if( rc!=SQLITE_OK ){ 6548 sqlite3OsFileControlHint(fd, SQLITE_FCNTL_ROLLBACK_ATOMIC_WRITE, 0); 6549 } 6550 } 6551 6552 if( (rc&0xFF)==SQLITE_IOERR && rc!=SQLITE_IOERR_NOMEM ){ 6553 rc = sqlite3JournalCreate(pPager->jfd); 6554 if( rc!=SQLITE_OK ){ 6555 sqlite3OsClose(pPager->jfd); 6556 goto commit_phase_one_exit; 6557 } 6558 bBatch = 0; 6559 }else{ 6560 sqlite3OsClose(pPager->jfd); 6561 } 6562 } 6563 #endif /* SQLITE_ENABLE_BATCH_ATOMIC_WRITE */ 6564 6565 if( bBatch==0 ){ 6566 rc = pager_write_pagelist(pPager, pList); 6567 } 6568 if( rc!=SQLITE_OK ){ 6569 assert( rc!=SQLITE_IOERR_BLOCKED ); 6570 goto commit_phase_one_exit; 6571 } 6572 sqlite3PcacheCleanAll(pPager->pPCache); 6573 6574 /* If the file on disk is smaller than the database image, use 6575 ** pager_truncate to grow the file here. This can happen if the database 6576 ** image was extended as part of the current transaction and then the 6577 ** last page in the db image moved to the free-list. In this case the 6578 ** last page is never written out to disk, leaving the database file 6579 ** undersized. Fix this now if it is the case. */ 6580 if( pPager->dbSize>pPager->dbFileSize ){ 6581 Pgno nNew = pPager->dbSize - (pPager->dbSize==PAGER_SJ_PGNO(pPager)); 6582 assert( pPager->eState==PAGER_WRITER_DBMOD ); 6583 rc = pager_truncate(pPager, nNew); 6584 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 6585 } 6586 6587 /* Finally, sync the database file. */ 6588 if( !noSync ){ 6589 rc = sqlite3PagerSync(pPager, zSuper); 6590 } 6591 IOTRACE(("DBSYNC %p\n", pPager)) 6592 } 6593 } 6594 6595 commit_phase_one_exit: 6596 if( rc==SQLITE_OK && !pagerUseWal(pPager) ){ 6597 pPager->eState = PAGER_WRITER_FINISHED; 6598 } 6599 return rc; 6600 } 6601 6602 6603 /* 6604 ** When this function is called, the database file has been completely 6605 ** updated to reflect the changes made by the current transaction and 6606 ** synced to disk. The journal file still exists in the file-system 6607 ** though, and if a failure occurs at this point it will eventually 6608 ** be used as a hot-journal and the current transaction rolled back. 6609 ** 6610 ** This function finalizes the journal file, either by deleting, 6611 ** truncating or partially zeroing it, so that it cannot be used 6612 ** for hot-journal rollback. Once this is done the transaction is 6613 ** irrevocably committed. 6614 ** 6615 ** If an error occurs, an IO error code is returned and the pager 6616 ** moves into the error state. Otherwise, SQLITE_OK is returned. 6617 */ 6618 int sqlite3PagerCommitPhaseTwo(Pager *pPager){ 6619 int rc = SQLITE_OK; /* Return code */ 6620 6621 /* This routine should not be called if a prior error has occurred. 6622 ** But if (due to a coding error elsewhere in the system) it does get 6623 ** called, just return the same error code without doing anything. */ 6624 if( NEVER(pPager->errCode) ) return pPager->errCode; 6625 pPager->iDataVersion++; 6626 6627 assert( pPager->eState==PAGER_WRITER_LOCKED 6628 || pPager->eState==PAGER_WRITER_FINISHED 6629 || (pagerUseWal(pPager) && pPager->eState==PAGER_WRITER_CACHEMOD) 6630 ); 6631 assert( assert_pager_state(pPager) ); 6632 6633 /* An optimization. If the database was not actually modified during 6634 ** this transaction, the pager is running in exclusive-mode and is 6635 ** using persistent journals, then this function is a no-op. 6636 ** 6637 ** The start of the journal file currently contains a single journal 6638 ** header with the nRec field set to 0. If such a journal is used as 6639 ** a hot-journal during hot-journal rollback, 0 changes will be made 6640 ** to the database file. So there is no need to zero the journal 6641 ** header. Since the pager is in exclusive mode, there is no need 6642 ** to drop any locks either. 6643 */ 6644 if( pPager->eState==PAGER_WRITER_LOCKED 6645 && pPager->exclusiveMode 6646 && pPager->journalMode==PAGER_JOURNALMODE_PERSIST 6647 ){ 6648 assert( pPager->journalOff==JOURNAL_HDR_SZ(pPager) || !pPager->journalOff ); 6649 pPager->eState = PAGER_READER; 6650 return SQLITE_OK; 6651 } 6652 6653 PAGERTRACE(("COMMIT %d\n", PAGERID(pPager))); 6654 rc = pager_end_transaction(pPager, pPager->setSuper, 1); 6655 return pager_error(pPager, rc); 6656 } 6657 6658 /* 6659 ** If a write transaction is open, then all changes made within the 6660 ** transaction are reverted and the current write-transaction is closed. 6661 ** The pager falls back to PAGER_READER state if successful, or PAGER_ERROR 6662 ** state if an error occurs. 6663 ** 6664 ** If the pager is already in PAGER_ERROR state when this function is called, 6665 ** it returns Pager.errCode immediately. No work is performed in this case. 6666 ** 6667 ** Otherwise, in rollback mode, this function performs two functions: 6668 ** 6669 ** 1) It rolls back the journal file, restoring all database file and 6670 ** in-memory cache pages to the state they were in when the transaction 6671 ** was opened, and 6672 ** 6673 ** 2) It finalizes the journal file, so that it is not used for hot 6674 ** rollback at any point in the future. 6675 ** 6676 ** Finalization of the journal file (task 2) is only performed if the 6677 ** rollback is successful. 6678 ** 6679 ** In WAL mode, all cache-entries containing data modified within the 6680 ** current transaction are either expelled from the cache or reverted to 6681 ** their pre-transaction state by re-reading data from the database or 6682 ** WAL files. The WAL transaction is then closed. 6683 */ 6684 int sqlite3PagerRollback(Pager *pPager){ 6685 int rc = SQLITE_OK; /* Return code */ 6686 PAGERTRACE(("ROLLBACK %d\n", PAGERID(pPager))); 6687 6688 /* PagerRollback() is a no-op if called in READER or OPEN state. If 6689 ** the pager is already in the ERROR state, the rollback is not 6690 ** attempted here. Instead, the error code is returned to the caller. 6691 */ 6692 assert( assert_pager_state(pPager) ); 6693 if( pPager->eState==PAGER_ERROR ) return pPager->errCode; 6694 if( pPager->eState<=PAGER_READER ) return SQLITE_OK; 6695 6696 if( pagerUseWal(pPager) ){ 6697 int rc2; 6698 rc = sqlite3PagerSavepoint(pPager, SAVEPOINT_ROLLBACK, -1); 6699 rc2 = pager_end_transaction(pPager, pPager->setSuper, 0); 6700 if( rc==SQLITE_OK ) rc = rc2; 6701 }else if( !isOpen(pPager->jfd) || pPager->eState==PAGER_WRITER_LOCKED ){ 6702 int eState = pPager->eState; 6703 rc = pager_end_transaction(pPager, 0, 0); 6704 if( !MEMDB && eState>PAGER_WRITER_LOCKED ){ 6705 /* This can happen using journal_mode=off. Move the pager to the error 6706 ** state to indicate that the contents of the cache may not be trusted. 6707 ** Any active readers will get SQLITE_ABORT. 6708 */ 6709 pPager->errCode = SQLITE_ABORT; 6710 pPager->eState = PAGER_ERROR; 6711 setGetterMethod(pPager); 6712 return rc; 6713 } 6714 }else{ 6715 rc = pager_playback(pPager, 0); 6716 } 6717 6718 assert( pPager->eState==PAGER_READER || rc!=SQLITE_OK ); 6719 assert( rc==SQLITE_OK || rc==SQLITE_FULL || rc==SQLITE_CORRUPT 6720 || rc==SQLITE_NOMEM || (rc&0xFF)==SQLITE_IOERR 6721 || rc==SQLITE_CANTOPEN 6722 ); 6723 6724 /* If an error occurs during a ROLLBACK, we can no longer trust the pager 6725 ** cache. So call pager_error() on the way out to make any error persistent. 6726 */ 6727 return pager_error(pPager, rc); 6728 } 6729 6730 /* 6731 ** Return TRUE if the database file is opened read-only. Return FALSE 6732 ** if the database is (in theory) writable. 6733 */ 6734 u8 sqlite3PagerIsreadonly(Pager *pPager){ 6735 return pPager->readOnly; 6736 } 6737 6738 #ifdef SQLITE_DEBUG 6739 /* 6740 ** Return the sum of the reference counts for all pages held by pPager. 6741 */ 6742 int sqlite3PagerRefcount(Pager *pPager){ 6743 return sqlite3PcacheRefCount(pPager->pPCache); 6744 } 6745 #endif 6746 6747 /* 6748 ** Return the approximate number of bytes of memory currently 6749 ** used by the pager and its associated cache. 6750 */ 6751 int sqlite3PagerMemUsed(Pager *pPager){ 6752 int perPageSize = pPager->pageSize + pPager->nExtra 6753 + (int)(sizeof(PgHdr) + 5*sizeof(void*)); 6754 return perPageSize*sqlite3PcachePagecount(pPager->pPCache) 6755 + sqlite3MallocSize(pPager) 6756 + pPager->pageSize; 6757 } 6758 6759 /* 6760 ** Return the number of references to the specified page. 6761 */ 6762 int sqlite3PagerPageRefcount(DbPage *pPage){ 6763 return sqlite3PcachePageRefcount(pPage); 6764 } 6765 6766 #ifdef SQLITE_TEST 6767 /* 6768 ** This routine is used for testing and analysis only. 6769 */ 6770 int *sqlite3PagerStats(Pager *pPager){ 6771 static int a[11]; 6772 a[0] = sqlite3PcacheRefCount(pPager->pPCache); 6773 a[1] = sqlite3PcachePagecount(pPager->pPCache); 6774 a[2] = sqlite3PcacheGetCachesize(pPager->pPCache); 6775 a[3] = pPager->eState==PAGER_OPEN ? -1 : (int) pPager->dbSize; 6776 a[4] = pPager->eState; 6777 a[5] = pPager->errCode; 6778 a[6] = pPager->aStat[PAGER_STAT_HIT]; 6779 a[7] = pPager->aStat[PAGER_STAT_MISS]; 6780 a[8] = 0; /* Used to be pPager->nOvfl */ 6781 a[9] = pPager->nRead; 6782 a[10] = pPager->aStat[PAGER_STAT_WRITE]; 6783 return a; 6784 } 6785 #endif 6786 6787 /* 6788 ** Parameter eStat must be one of SQLITE_DBSTATUS_CACHE_HIT, _MISS, _WRITE, 6789 ** or _WRITE+1. The SQLITE_DBSTATUS_CACHE_WRITE+1 case is a translation 6790 ** of SQLITE_DBSTATUS_CACHE_SPILL. The _SPILL case is not contiguous because 6791 ** it was added later. 6792 ** 6793 ** Before returning, *pnVal is incremented by the 6794 ** current cache hit or miss count, according to the value of eStat. If the 6795 ** reset parameter is non-zero, the cache hit or miss count is zeroed before 6796 ** returning. 6797 */ 6798 void sqlite3PagerCacheStat(Pager *pPager, int eStat, int reset, int *pnVal){ 6799 6800 assert( eStat==SQLITE_DBSTATUS_CACHE_HIT 6801 || eStat==SQLITE_DBSTATUS_CACHE_MISS 6802 || eStat==SQLITE_DBSTATUS_CACHE_WRITE 6803 || eStat==SQLITE_DBSTATUS_CACHE_WRITE+1 6804 ); 6805 6806 assert( SQLITE_DBSTATUS_CACHE_HIT+1==SQLITE_DBSTATUS_CACHE_MISS ); 6807 assert( SQLITE_DBSTATUS_CACHE_HIT+2==SQLITE_DBSTATUS_CACHE_WRITE ); 6808 assert( PAGER_STAT_HIT==0 && PAGER_STAT_MISS==1 6809 && PAGER_STAT_WRITE==2 && PAGER_STAT_SPILL==3 ); 6810 6811 eStat -= SQLITE_DBSTATUS_CACHE_HIT; 6812 *pnVal += pPager->aStat[eStat]; 6813 if( reset ){ 6814 pPager->aStat[eStat] = 0; 6815 } 6816 } 6817 6818 /* 6819 ** Return true if this is an in-memory or temp-file backed pager. 6820 */ 6821 int sqlite3PagerIsMemdb(Pager *pPager){ 6822 return pPager->tempFile || pPager->memVfs; 6823 } 6824 6825 /* 6826 ** Check that there are at least nSavepoint savepoints open. If there are 6827 ** currently less than nSavepoints open, then open one or more savepoints 6828 ** to make up the difference. If the number of savepoints is already 6829 ** equal to nSavepoint, then this function is a no-op. 6830 ** 6831 ** If a memory allocation fails, SQLITE_NOMEM is returned. If an error 6832 ** occurs while opening the sub-journal file, then an IO error code is 6833 ** returned. Otherwise, SQLITE_OK. 6834 */ 6835 static SQLITE_NOINLINE int pagerOpenSavepoint(Pager *pPager, int nSavepoint){ 6836 int rc = SQLITE_OK; /* Return code */ 6837 int nCurrent = pPager->nSavepoint; /* Current number of savepoints */ 6838 int ii; /* Iterator variable */ 6839 PagerSavepoint *aNew; /* New Pager.aSavepoint array */ 6840 6841 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 6842 assert( assert_pager_state(pPager) ); 6843 assert( nSavepoint>nCurrent && pPager->useJournal ); 6844 6845 /* Grow the Pager.aSavepoint array using realloc(). Return SQLITE_NOMEM 6846 ** if the allocation fails. Otherwise, zero the new portion in case a 6847 ** malloc failure occurs while populating it in the for(...) loop below. 6848 */ 6849 aNew = (PagerSavepoint *)sqlite3Realloc( 6850 pPager->aSavepoint, sizeof(PagerSavepoint)*nSavepoint 6851 ); 6852 if( !aNew ){ 6853 return SQLITE_NOMEM_BKPT; 6854 } 6855 memset(&aNew[nCurrent], 0, (nSavepoint-nCurrent) * sizeof(PagerSavepoint)); 6856 pPager->aSavepoint = aNew; 6857 6858 /* Populate the PagerSavepoint structures just allocated. */ 6859 for(ii=nCurrent; ii<nSavepoint; ii++){ 6860 aNew[ii].nOrig = pPager->dbSize; 6861 if( isOpen(pPager->jfd) && pPager->journalOff>0 ){ 6862 aNew[ii].iOffset = pPager->journalOff; 6863 }else{ 6864 aNew[ii].iOffset = JOURNAL_HDR_SZ(pPager); 6865 } 6866 aNew[ii].iSubRec = pPager->nSubRec; 6867 aNew[ii].pInSavepoint = sqlite3BitvecCreate(pPager->dbSize); 6868 aNew[ii].bTruncateOnRelease = 1; 6869 if( !aNew[ii].pInSavepoint ){ 6870 return SQLITE_NOMEM_BKPT; 6871 } 6872 if( pagerUseWal(pPager) ){ 6873 sqlite3WalSavepoint(pPager->pWal, aNew[ii].aWalData); 6874 } 6875 pPager->nSavepoint = ii+1; 6876 } 6877 assert( pPager->nSavepoint==nSavepoint ); 6878 assertTruncateConstraint(pPager); 6879 return rc; 6880 } 6881 int sqlite3PagerOpenSavepoint(Pager *pPager, int nSavepoint){ 6882 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 6883 assert( assert_pager_state(pPager) ); 6884 6885 if( nSavepoint>pPager->nSavepoint && pPager->useJournal ){ 6886 return pagerOpenSavepoint(pPager, nSavepoint); 6887 }else{ 6888 return SQLITE_OK; 6889 } 6890 } 6891 6892 6893 /* 6894 ** This function is called to rollback or release (commit) a savepoint. 6895 ** The savepoint to release or rollback need not be the most recently 6896 ** created savepoint. 6897 ** 6898 ** Parameter op is always either SAVEPOINT_ROLLBACK or SAVEPOINT_RELEASE. 6899 ** If it is SAVEPOINT_RELEASE, then release and destroy the savepoint with 6900 ** index iSavepoint. If it is SAVEPOINT_ROLLBACK, then rollback all changes 6901 ** that have occurred since the specified savepoint was created. 6902 ** 6903 ** The savepoint to rollback or release is identified by parameter 6904 ** iSavepoint. A value of 0 means to operate on the outermost savepoint 6905 ** (the first created). A value of (Pager.nSavepoint-1) means operate 6906 ** on the most recently created savepoint. If iSavepoint is greater than 6907 ** (Pager.nSavepoint-1), then this function is a no-op. 6908 ** 6909 ** If a negative value is passed to this function, then the current 6910 ** transaction is rolled back. This is different to calling 6911 ** sqlite3PagerRollback() because this function does not terminate 6912 ** the transaction or unlock the database, it just restores the 6913 ** contents of the database to its original state. 6914 ** 6915 ** In any case, all savepoints with an index greater than iSavepoint 6916 ** are destroyed. If this is a release operation (op==SAVEPOINT_RELEASE), 6917 ** then savepoint iSavepoint is also destroyed. 6918 ** 6919 ** This function may return SQLITE_NOMEM if a memory allocation fails, 6920 ** or an IO error code if an IO error occurs while rolling back a 6921 ** savepoint. If no errors occur, SQLITE_OK is returned. 6922 */ 6923 int sqlite3PagerSavepoint(Pager *pPager, int op, int iSavepoint){ 6924 int rc = pPager->errCode; 6925 6926 #ifdef SQLITE_ENABLE_ZIPVFS 6927 if( op==SAVEPOINT_RELEASE ) rc = SQLITE_OK; 6928 #endif 6929 6930 assert( op==SAVEPOINT_RELEASE || op==SAVEPOINT_ROLLBACK ); 6931 assert( iSavepoint>=0 || op==SAVEPOINT_ROLLBACK ); 6932 6933 if( rc==SQLITE_OK && iSavepoint<pPager->nSavepoint ){ 6934 int ii; /* Iterator variable */ 6935 int nNew; /* Number of remaining savepoints after this op. */ 6936 6937 /* Figure out how many savepoints will still be active after this 6938 ** operation. Store this value in nNew. Then free resources associated 6939 ** with any savepoints that are destroyed by this operation. 6940 */ 6941 nNew = iSavepoint + (( op==SAVEPOINT_RELEASE ) ? 0 : 1); 6942 for(ii=nNew; ii<pPager->nSavepoint; ii++){ 6943 sqlite3BitvecDestroy(pPager->aSavepoint[ii].pInSavepoint); 6944 } 6945 pPager->nSavepoint = nNew; 6946 6947 /* Truncate the sub-journal so that it only includes the parts 6948 ** that are still in use. */ 6949 if( op==SAVEPOINT_RELEASE ){ 6950 PagerSavepoint *pRel = &pPager->aSavepoint[nNew]; 6951 if( pRel->bTruncateOnRelease && isOpen(pPager->sjfd) ){ 6952 /* Only truncate if it is an in-memory sub-journal. */ 6953 if( sqlite3JournalIsInMemory(pPager->sjfd) ){ 6954 i64 sz = (pPager->pageSize+4)*(i64)pRel->iSubRec; 6955 rc = sqlite3OsTruncate(pPager->sjfd, sz); 6956 assert( rc==SQLITE_OK ); 6957 } 6958 pPager->nSubRec = pRel->iSubRec; 6959 } 6960 } 6961 /* Else this is a rollback operation, playback the specified savepoint. 6962 ** If this is a temp-file, it is possible that the journal file has 6963 ** not yet been opened. In this case there have been no changes to 6964 ** the database file, so the playback operation can be skipped. 6965 */ 6966 else if( pagerUseWal(pPager) || isOpen(pPager->jfd) ){ 6967 PagerSavepoint *pSavepoint = (nNew==0)?0:&pPager->aSavepoint[nNew-1]; 6968 rc = pagerPlaybackSavepoint(pPager, pSavepoint); 6969 assert(rc!=SQLITE_DONE); 6970 } 6971 6972 #ifdef SQLITE_ENABLE_ZIPVFS 6973 /* If the cache has been modified but the savepoint cannot be rolled 6974 ** back journal_mode=off, put the pager in the error state. This way, 6975 ** if the VFS used by this pager includes ZipVFS, the entire transaction 6976 ** can be rolled back at the ZipVFS level. */ 6977 else if( 6978 pPager->journalMode==PAGER_JOURNALMODE_OFF 6979 && pPager->eState>=PAGER_WRITER_CACHEMOD 6980 ){ 6981 pPager->errCode = SQLITE_ABORT; 6982 pPager->eState = PAGER_ERROR; 6983 setGetterMethod(pPager); 6984 } 6985 #endif 6986 } 6987 6988 return rc; 6989 } 6990 6991 /* 6992 ** Return the full pathname of the database file. 6993 ** 6994 ** Except, if the pager is in-memory only, then return an empty string if 6995 ** nullIfMemDb is true. This routine is called with nullIfMemDb==1 when 6996 ** used to report the filename to the user, for compatibility with legacy 6997 ** behavior. But when the Btree needs to know the filename for matching to 6998 ** shared cache, it uses nullIfMemDb==0 so that in-memory databases can 6999 ** participate in shared-cache. 7000 ** 7001 ** The return value to this routine is always safe to use with 7002 ** sqlite3_uri_parameter() and sqlite3_filename_database() and friends. 7003 */ 7004 const char *sqlite3PagerFilename(const Pager *pPager, int nullIfMemDb){ 7005 static const char zFake[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 7006 return (nullIfMemDb && pPager->memDb) ? &zFake[4] : pPager->zFilename; 7007 } 7008 7009 /* 7010 ** Return the VFS structure for the pager. 7011 */ 7012 sqlite3_vfs *sqlite3PagerVfs(Pager *pPager){ 7013 return pPager->pVfs; 7014 } 7015 7016 /* 7017 ** Return the file handle for the database file associated 7018 ** with the pager. This might return NULL if the file has 7019 ** not yet been opened. 7020 */ 7021 sqlite3_file *sqlite3PagerFile(Pager *pPager){ 7022 return pPager->fd; 7023 } 7024 7025 /* 7026 ** Return the file handle for the journal file (if it exists). 7027 ** This will be either the rollback journal or the WAL file. 7028 */ 7029 sqlite3_file *sqlite3PagerJrnlFile(Pager *pPager){ 7030 #if SQLITE_OMIT_WAL 7031 return pPager->jfd; 7032 #else 7033 return pPager->pWal ? sqlite3WalFile(pPager->pWal) : pPager->jfd; 7034 #endif 7035 } 7036 7037 /* 7038 ** Return the full pathname of the journal file. 7039 */ 7040 const char *sqlite3PagerJournalname(Pager *pPager){ 7041 return pPager->zJournal; 7042 } 7043 7044 #ifndef SQLITE_OMIT_AUTOVACUUM 7045 /* 7046 ** Move the page pPg to location pgno in the file. 7047 ** 7048 ** There must be no references to the page previously located at 7049 ** pgno (which we call pPgOld) though that page is allowed to be 7050 ** in cache. If the page previously located at pgno is not already 7051 ** in the rollback journal, it is not put there by by this routine. 7052 ** 7053 ** References to the page pPg remain valid. Updating any 7054 ** meta-data associated with pPg (i.e. data stored in the nExtra bytes 7055 ** allocated along with the page) is the responsibility of the caller. 7056 ** 7057 ** A transaction must be active when this routine is called. It used to be 7058 ** required that a statement transaction was not active, but this restriction 7059 ** has been removed (CREATE INDEX needs to move a page when a statement 7060 ** transaction is active). 7061 ** 7062 ** If the fourth argument, isCommit, is non-zero, then this page is being 7063 ** moved as part of a database reorganization just before the transaction 7064 ** is being committed. In this case, it is guaranteed that the database page 7065 ** pPg refers to will not be written to again within this transaction. 7066 ** 7067 ** This function may return SQLITE_NOMEM or an IO error code if an error 7068 ** occurs. Otherwise, it returns SQLITE_OK. 7069 */ 7070 int sqlite3PagerMovepage(Pager *pPager, DbPage *pPg, Pgno pgno, int isCommit){ 7071 PgHdr *pPgOld; /* The page being overwritten. */ 7072 Pgno needSyncPgno = 0; /* Old value of pPg->pgno, if sync is required */ 7073 int rc; /* Return code */ 7074 Pgno origPgno; /* The original page number */ 7075 7076 assert( pPg->nRef>0 ); 7077 assert( pPager->eState==PAGER_WRITER_CACHEMOD 7078 || pPager->eState==PAGER_WRITER_DBMOD 7079 ); 7080 assert( assert_pager_state(pPager) ); 7081 7082 /* In order to be able to rollback, an in-memory database must journal 7083 ** the page we are moving from. 7084 */ 7085 assert( pPager->tempFile || !MEMDB ); 7086 if( pPager->tempFile ){ 7087 rc = sqlite3PagerWrite(pPg); 7088 if( rc ) return rc; 7089 } 7090 7091 /* If the page being moved is dirty and has not been saved by the latest 7092 ** savepoint, then save the current contents of the page into the 7093 ** sub-journal now. This is required to handle the following scenario: 7094 ** 7095 ** BEGIN; 7096 ** <journal page X, then modify it in memory> 7097 ** SAVEPOINT one; 7098 ** <Move page X to location Y> 7099 ** ROLLBACK TO one; 7100 ** 7101 ** If page X were not written to the sub-journal here, it would not 7102 ** be possible to restore its contents when the "ROLLBACK TO one" 7103 ** statement were is processed. 7104 ** 7105 ** subjournalPage() may need to allocate space to store pPg->pgno into 7106 ** one or more savepoint bitvecs. This is the reason this function 7107 ** may return SQLITE_NOMEM. 7108 */ 7109 if( (pPg->flags & PGHDR_DIRTY)!=0 7110 && SQLITE_OK!=(rc = subjournalPageIfRequired(pPg)) 7111 ){ 7112 return rc; 7113 } 7114 7115 PAGERTRACE(("MOVE %d page %d (needSync=%d) moves to %d\n", 7116 PAGERID(pPager), pPg->pgno, (pPg->flags&PGHDR_NEED_SYNC)?1:0, pgno)); 7117 IOTRACE(("MOVE %p %d %d\n", pPager, pPg->pgno, pgno)) 7118 7119 /* If the journal needs to be sync()ed before page pPg->pgno can 7120 ** be written to, store pPg->pgno in local variable needSyncPgno. 7121 ** 7122 ** If the isCommit flag is set, there is no need to remember that 7123 ** the journal needs to be sync()ed before database page pPg->pgno 7124 ** can be written to. The caller has already promised not to write to it. 7125 */ 7126 if( (pPg->flags&PGHDR_NEED_SYNC) && !isCommit ){ 7127 needSyncPgno = pPg->pgno; 7128 assert( pPager->journalMode==PAGER_JOURNALMODE_OFF || 7129 pageInJournal(pPager, pPg) || pPg->pgno>pPager->dbOrigSize ); 7130 assert( pPg->flags&PGHDR_DIRTY ); 7131 } 7132 7133 /* If the cache contains a page with page-number pgno, remove it 7134 ** from its hash chain. Also, if the PGHDR_NEED_SYNC flag was set for 7135 ** page pgno before the 'move' operation, it needs to be retained 7136 ** for the page moved there. 7137 */ 7138 pPg->flags &= ~PGHDR_NEED_SYNC; 7139 pPgOld = sqlite3PagerLookup(pPager, pgno); 7140 assert( !pPgOld || pPgOld->nRef==1 || CORRUPT_DB ); 7141 if( pPgOld ){ 7142 if( NEVER(pPgOld->nRef>1) ){ 7143 sqlite3PagerUnrefNotNull(pPgOld); 7144 return SQLITE_CORRUPT_BKPT; 7145 } 7146 pPg->flags |= (pPgOld->flags&PGHDR_NEED_SYNC); 7147 if( pPager->tempFile ){ 7148 /* Do not discard pages from an in-memory database since we might 7149 ** need to rollback later. Just move the page out of the way. */ 7150 sqlite3PcacheMove(pPgOld, pPager->dbSize+1); 7151 }else{ 7152 sqlite3PcacheDrop(pPgOld); 7153 } 7154 } 7155 7156 origPgno = pPg->pgno; 7157 sqlite3PcacheMove(pPg, pgno); 7158 sqlite3PcacheMakeDirty(pPg); 7159 7160 /* For an in-memory database, make sure the original page continues 7161 ** to exist, in case the transaction needs to roll back. Use pPgOld 7162 ** as the original page since it has already been allocated. 7163 */ 7164 if( pPager->tempFile && pPgOld ){ 7165 sqlite3PcacheMove(pPgOld, origPgno); 7166 sqlite3PagerUnrefNotNull(pPgOld); 7167 } 7168 7169 if( needSyncPgno ){ 7170 /* If needSyncPgno is non-zero, then the journal file needs to be 7171 ** sync()ed before any data is written to database file page needSyncPgno. 7172 ** Currently, no such page exists in the page-cache and the 7173 ** "is journaled" bitvec flag has been set. This needs to be remedied by 7174 ** loading the page into the pager-cache and setting the PGHDR_NEED_SYNC 7175 ** flag. 7176 ** 7177 ** If the attempt to load the page into the page-cache fails, (due 7178 ** to a malloc() or IO failure), clear the bit in the pInJournal[] 7179 ** array. Otherwise, if the page is loaded and written again in 7180 ** this transaction, it may be written to the database file before 7181 ** it is synced into the journal file. This way, it may end up in 7182 ** the journal file twice, but that is not a problem. 7183 */ 7184 PgHdr *pPgHdr; 7185 rc = sqlite3PagerGet(pPager, needSyncPgno, &pPgHdr, 0); 7186 if( rc!=SQLITE_OK ){ 7187 if( needSyncPgno<=pPager->dbOrigSize ){ 7188 assert( pPager->pTmpSpace!=0 ); 7189 sqlite3BitvecClear(pPager->pInJournal, needSyncPgno, pPager->pTmpSpace); 7190 } 7191 return rc; 7192 } 7193 pPgHdr->flags |= PGHDR_NEED_SYNC; 7194 sqlite3PcacheMakeDirty(pPgHdr); 7195 sqlite3PagerUnrefNotNull(pPgHdr); 7196 } 7197 7198 return SQLITE_OK; 7199 } 7200 #endif 7201 7202 /* 7203 ** The page handle passed as the first argument refers to a dirty page 7204 ** with a page number other than iNew. This function changes the page's 7205 ** page number to iNew and sets the value of the PgHdr.flags field to 7206 ** the value passed as the third parameter. 7207 */ 7208 void sqlite3PagerRekey(DbPage *pPg, Pgno iNew, u16 flags){ 7209 assert( pPg->pgno!=iNew ); 7210 pPg->flags = flags; 7211 sqlite3PcacheMove(pPg, iNew); 7212 } 7213 7214 /* 7215 ** Return a pointer to the data for the specified page. 7216 */ 7217 void *sqlite3PagerGetData(DbPage *pPg){ 7218 assert( pPg->nRef>0 || pPg->pPager->memDb ); 7219 return pPg->pData; 7220 } 7221 7222 /* 7223 ** Return a pointer to the Pager.nExtra bytes of "extra" space 7224 ** allocated along with the specified page. 7225 */ 7226 void *sqlite3PagerGetExtra(DbPage *pPg){ 7227 return pPg->pExtra; 7228 } 7229 7230 /* 7231 ** Get/set the locking-mode for this pager. Parameter eMode must be one 7232 ** of PAGER_LOCKINGMODE_QUERY, PAGER_LOCKINGMODE_NORMAL or 7233 ** PAGER_LOCKINGMODE_EXCLUSIVE. If the parameter is not _QUERY, then 7234 ** the locking-mode is set to the value specified. 7235 ** 7236 ** The returned value is either PAGER_LOCKINGMODE_NORMAL or 7237 ** PAGER_LOCKINGMODE_EXCLUSIVE, indicating the current (possibly updated) 7238 ** locking-mode. 7239 */ 7240 int sqlite3PagerLockingMode(Pager *pPager, int eMode){ 7241 assert( eMode==PAGER_LOCKINGMODE_QUERY 7242 || eMode==PAGER_LOCKINGMODE_NORMAL 7243 || eMode==PAGER_LOCKINGMODE_EXCLUSIVE ); 7244 assert( PAGER_LOCKINGMODE_QUERY<0 ); 7245 assert( PAGER_LOCKINGMODE_NORMAL>=0 && PAGER_LOCKINGMODE_EXCLUSIVE>=0 ); 7246 assert( pPager->exclusiveMode || 0==sqlite3WalHeapMemory(pPager->pWal) ); 7247 if( eMode>=0 && !pPager->tempFile && !sqlite3WalHeapMemory(pPager->pWal) ){ 7248 pPager->exclusiveMode = (u8)eMode; 7249 } 7250 return (int)pPager->exclusiveMode; 7251 } 7252 7253 /* 7254 ** Set the journal-mode for this pager. Parameter eMode must be one of: 7255 ** 7256 ** PAGER_JOURNALMODE_DELETE 7257 ** PAGER_JOURNALMODE_TRUNCATE 7258 ** PAGER_JOURNALMODE_PERSIST 7259 ** PAGER_JOURNALMODE_OFF 7260 ** PAGER_JOURNALMODE_MEMORY 7261 ** PAGER_JOURNALMODE_WAL 7262 ** 7263 ** The journalmode is set to the value specified if the change is allowed. 7264 ** The change may be disallowed for the following reasons: 7265 ** 7266 ** * An in-memory database can only have its journal_mode set to _OFF 7267 ** or _MEMORY. 7268 ** 7269 ** * Temporary databases cannot have _WAL journalmode. 7270 ** 7271 ** The returned indicate the current (possibly updated) journal-mode. 7272 */ 7273 int sqlite3PagerSetJournalMode(Pager *pPager, int eMode){ 7274 u8 eOld = pPager->journalMode; /* Prior journalmode */ 7275 7276 /* The eMode parameter is always valid */ 7277 assert( eMode==PAGER_JOURNALMODE_DELETE /* 0 */ 7278 || eMode==PAGER_JOURNALMODE_PERSIST /* 1 */ 7279 || eMode==PAGER_JOURNALMODE_OFF /* 2 */ 7280 || eMode==PAGER_JOURNALMODE_TRUNCATE /* 3 */ 7281 || eMode==PAGER_JOURNALMODE_MEMORY /* 4 */ 7282 || eMode==PAGER_JOURNALMODE_WAL /* 5 */ ); 7283 7284 /* This routine is only called from the OP_JournalMode opcode, and 7285 ** the logic there will never allow a temporary file to be changed 7286 ** to WAL mode. 7287 */ 7288 assert( pPager->tempFile==0 || eMode!=PAGER_JOURNALMODE_WAL ); 7289 7290 /* Do allow the journalmode of an in-memory database to be set to 7291 ** anything other than MEMORY or OFF 7292 */ 7293 if( MEMDB ){ 7294 assert( eOld==PAGER_JOURNALMODE_MEMORY || eOld==PAGER_JOURNALMODE_OFF ); 7295 if( eMode!=PAGER_JOURNALMODE_MEMORY && eMode!=PAGER_JOURNALMODE_OFF ){ 7296 eMode = eOld; 7297 } 7298 } 7299 7300 if( eMode!=eOld ){ 7301 7302 /* Change the journal mode. */ 7303 assert( pPager->eState!=PAGER_ERROR ); 7304 pPager->journalMode = (u8)eMode; 7305 7306 /* When transistioning from TRUNCATE or PERSIST to any other journal 7307 ** mode except WAL, unless the pager is in locking_mode=exclusive mode, 7308 ** delete the journal file. 7309 */ 7310 assert( (PAGER_JOURNALMODE_TRUNCATE & 5)==1 ); 7311 assert( (PAGER_JOURNALMODE_PERSIST & 5)==1 ); 7312 assert( (PAGER_JOURNALMODE_DELETE & 5)==0 ); 7313 assert( (PAGER_JOURNALMODE_MEMORY & 5)==4 ); 7314 assert( (PAGER_JOURNALMODE_OFF & 5)==0 ); 7315 assert( (PAGER_JOURNALMODE_WAL & 5)==5 ); 7316 7317 assert( isOpen(pPager->fd) || pPager->exclusiveMode ); 7318 if( !pPager->exclusiveMode && (eOld & 5)==1 && (eMode & 1)==0 ){ 7319 /* In this case we would like to delete the journal file. If it is 7320 ** not possible, then that is not a problem. Deleting the journal file 7321 ** here is an optimization only. 7322 ** 7323 ** Before deleting the journal file, obtain a RESERVED lock on the 7324 ** database file. This ensures that the journal file is not deleted 7325 ** while it is in use by some other client. 7326 */ 7327 sqlite3OsClose(pPager->jfd); 7328 if( pPager->eLock>=RESERVED_LOCK ){ 7329 sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0); 7330 }else{ 7331 int rc = SQLITE_OK; 7332 int state = pPager->eState; 7333 assert( state==PAGER_OPEN || state==PAGER_READER ); 7334 if( state==PAGER_OPEN ){ 7335 rc = sqlite3PagerSharedLock(pPager); 7336 } 7337 if( pPager->eState==PAGER_READER ){ 7338 assert( rc==SQLITE_OK ); 7339 rc = pagerLockDb(pPager, RESERVED_LOCK); 7340 } 7341 if( rc==SQLITE_OK ){ 7342 sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0); 7343 } 7344 if( rc==SQLITE_OK && state==PAGER_READER ){ 7345 pagerUnlockDb(pPager, SHARED_LOCK); 7346 }else if( state==PAGER_OPEN ){ 7347 pager_unlock(pPager); 7348 } 7349 assert( state==pPager->eState ); 7350 } 7351 }else if( eMode==PAGER_JOURNALMODE_OFF ){ 7352 sqlite3OsClose(pPager->jfd); 7353 } 7354 } 7355 7356 /* Return the new journal mode */ 7357 return (int)pPager->journalMode; 7358 } 7359 7360 /* 7361 ** Return the current journal mode. 7362 */ 7363 int sqlite3PagerGetJournalMode(Pager *pPager){ 7364 return (int)pPager->journalMode; 7365 } 7366 7367 /* 7368 ** Return TRUE if the pager is in a state where it is OK to change the 7369 ** journalmode. Journalmode changes can only happen when the database 7370 ** is unmodified. 7371 */ 7372 int sqlite3PagerOkToChangeJournalMode(Pager *pPager){ 7373 assert( assert_pager_state(pPager) ); 7374 if( pPager->eState>=PAGER_WRITER_CACHEMOD ) return 0; 7375 if( NEVER(isOpen(pPager->jfd) && pPager->journalOff>0) ) return 0; 7376 return 1; 7377 } 7378 7379 /* 7380 ** Get/set the size-limit used for persistent journal files. 7381 ** 7382 ** Setting the size limit to -1 means no limit is enforced. 7383 ** An attempt to set a limit smaller than -1 is a no-op. 7384 */ 7385 i64 sqlite3PagerJournalSizeLimit(Pager *pPager, i64 iLimit){ 7386 if( iLimit>=-1 ){ 7387 pPager->journalSizeLimit = iLimit; 7388 sqlite3WalLimit(pPager->pWal, iLimit); 7389 } 7390 return pPager->journalSizeLimit; 7391 } 7392 7393 /* 7394 ** Return a pointer to the pPager->pBackup variable. The backup module 7395 ** in backup.c maintains the content of this variable. This module 7396 ** uses it opaquely as an argument to sqlite3BackupRestart() and 7397 ** sqlite3BackupUpdate() only. 7398 */ 7399 sqlite3_backup **sqlite3PagerBackupPtr(Pager *pPager){ 7400 return &pPager->pBackup; 7401 } 7402 7403 #ifndef SQLITE_OMIT_VACUUM 7404 /* 7405 ** Unless this is an in-memory or temporary database, clear the pager cache. 7406 */ 7407 void sqlite3PagerClearCache(Pager *pPager){ 7408 assert( MEMDB==0 || pPager->tempFile ); 7409 if( pPager->tempFile==0 ) pager_reset(pPager); 7410 } 7411 #endif 7412 7413 7414 #ifndef SQLITE_OMIT_WAL 7415 /* 7416 ** This function is called when the user invokes "PRAGMA wal_checkpoint", 7417 ** "PRAGMA wal_blocking_checkpoint" or calls the sqlite3_wal_checkpoint() 7418 ** or wal_blocking_checkpoint() API functions. 7419 ** 7420 ** Parameter eMode is one of SQLITE_CHECKPOINT_PASSIVE, FULL or RESTART. 7421 */ 7422 int sqlite3PagerCheckpoint( 7423 Pager *pPager, /* Checkpoint on this pager */ 7424 sqlite3 *db, /* Db handle used to check for interrupts */ 7425 int eMode, /* Type of checkpoint */ 7426 int *pnLog, /* OUT: Final number of frames in log */ 7427 int *pnCkpt /* OUT: Final number of checkpointed frames */ 7428 ){ 7429 int rc = SQLITE_OK; 7430 if( pPager->pWal==0 && pPager->journalMode==PAGER_JOURNALMODE_WAL ){ 7431 /* This only happens when a database file is zero bytes in size opened and 7432 ** then "PRAGMA journal_mode=WAL" is run and then sqlite3_wal_checkpoint() 7433 ** is invoked without any intervening transactions. We need to start 7434 ** a transaction to initialize pWal. The PRAGMA table_list statement is 7435 ** used for this since it starts transactions on every database file, 7436 ** including all ATTACHed databases. This seems expensive for a single 7437 ** sqlite3_wal_checkpoint() call, but it happens very rarely. 7438 ** https://sqlite.org/forum/forumpost/fd0f19d229156939 7439 */ 7440 sqlite3_exec(db, "PRAGMA table_list",0,0,0); 7441 } 7442 if( pPager->pWal ){ 7443 rc = sqlite3WalCheckpoint(pPager->pWal, db, eMode, 7444 (eMode==SQLITE_CHECKPOINT_PASSIVE ? 0 : pPager->xBusyHandler), 7445 pPager->pBusyHandlerArg, 7446 pPager->walSyncFlags, pPager->pageSize, (u8 *)pPager->pTmpSpace, 7447 pnLog, pnCkpt 7448 ); 7449 } 7450 return rc; 7451 } 7452 7453 int sqlite3PagerWalCallback(Pager *pPager){ 7454 return sqlite3WalCallback(pPager->pWal); 7455 } 7456 7457 /* 7458 ** Return true if the underlying VFS for the given pager supports the 7459 ** primitives necessary for write-ahead logging. 7460 */ 7461 int sqlite3PagerWalSupported(Pager *pPager){ 7462 const sqlite3_io_methods *pMethods = pPager->fd->pMethods; 7463 if( pPager->noLock ) return 0; 7464 return pPager->exclusiveMode || (pMethods->iVersion>=2 && pMethods->xShmMap); 7465 } 7466 7467 /* 7468 ** Attempt to take an exclusive lock on the database file. If a PENDING lock 7469 ** is obtained instead, immediately release it. 7470 */ 7471 static int pagerExclusiveLock(Pager *pPager){ 7472 int rc; /* Return code */ 7473 7474 assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK ); 7475 rc = pagerLockDb(pPager, EXCLUSIVE_LOCK); 7476 if( rc!=SQLITE_OK ){ 7477 /* If the attempt to grab the exclusive lock failed, release the 7478 ** pending lock that may have been obtained instead. */ 7479 pagerUnlockDb(pPager, SHARED_LOCK); 7480 } 7481 7482 return rc; 7483 } 7484 7485 /* 7486 ** Call sqlite3WalOpen() to open the WAL handle. If the pager is in 7487 ** exclusive-locking mode when this function is called, take an EXCLUSIVE 7488 ** lock on the database file and use heap-memory to store the wal-index 7489 ** in. Otherwise, use the normal shared-memory. 7490 */ 7491 static int pagerOpenWal(Pager *pPager){ 7492 int rc = SQLITE_OK; 7493 7494 assert( pPager->pWal==0 && pPager->tempFile==0 ); 7495 assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK ); 7496 7497 /* If the pager is already in exclusive-mode, the WAL module will use 7498 ** heap-memory for the wal-index instead of the VFS shared-memory 7499 ** implementation. Take the exclusive lock now, before opening the WAL 7500 ** file, to make sure this is safe. 7501 */ 7502 if( pPager->exclusiveMode ){ 7503 rc = pagerExclusiveLock(pPager); 7504 } 7505 7506 /* Open the connection to the log file. If this operation fails, 7507 ** (e.g. due to malloc() failure), return an error code. 7508 */ 7509 if( rc==SQLITE_OK ){ 7510 rc = sqlite3WalOpen(pPager->pVfs, 7511 pPager->fd, pPager->zWal, pPager->exclusiveMode, 7512 pPager->journalSizeLimit, &pPager->pWal 7513 ); 7514 } 7515 pagerFixMaplimit(pPager); 7516 7517 return rc; 7518 } 7519 7520 7521 /* 7522 ** The caller must be holding a SHARED lock on the database file to call 7523 ** this function. 7524 ** 7525 ** If the pager passed as the first argument is open on a real database 7526 ** file (not a temp file or an in-memory database), and the WAL file 7527 ** is not already open, make an attempt to open it now. If successful, 7528 ** return SQLITE_OK. If an error occurs or the VFS used by the pager does 7529 ** not support the xShmXXX() methods, return an error code. *pbOpen is 7530 ** not modified in either case. 7531 ** 7532 ** If the pager is open on a temp-file (or in-memory database), or if 7533 ** the WAL file is already open, set *pbOpen to 1 and return SQLITE_OK 7534 ** without doing anything. 7535 */ 7536 int sqlite3PagerOpenWal( 7537 Pager *pPager, /* Pager object */ 7538 int *pbOpen /* OUT: Set to true if call is a no-op */ 7539 ){ 7540 int rc = SQLITE_OK; /* Return code */ 7541 7542 assert( assert_pager_state(pPager) ); 7543 assert( pPager->eState==PAGER_OPEN || pbOpen ); 7544 assert( pPager->eState==PAGER_READER || !pbOpen ); 7545 assert( pbOpen==0 || *pbOpen==0 ); 7546 assert( pbOpen!=0 || (!pPager->tempFile && !pPager->pWal) ); 7547 7548 if( !pPager->tempFile && !pPager->pWal ){ 7549 if( !sqlite3PagerWalSupported(pPager) ) return SQLITE_CANTOPEN; 7550 7551 /* Close any rollback journal previously open */ 7552 sqlite3OsClose(pPager->jfd); 7553 7554 rc = pagerOpenWal(pPager); 7555 if( rc==SQLITE_OK ){ 7556 pPager->journalMode = PAGER_JOURNALMODE_WAL; 7557 pPager->eState = PAGER_OPEN; 7558 } 7559 }else{ 7560 *pbOpen = 1; 7561 } 7562 7563 return rc; 7564 } 7565 7566 /* 7567 ** This function is called to close the connection to the log file prior 7568 ** to switching from WAL to rollback mode. 7569 ** 7570 ** Before closing the log file, this function attempts to take an 7571 ** EXCLUSIVE lock on the database file. If this cannot be obtained, an 7572 ** error (SQLITE_BUSY) is returned and the log connection is not closed. 7573 ** If successful, the EXCLUSIVE lock is not released before returning. 7574 */ 7575 int sqlite3PagerCloseWal(Pager *pPager, sqlite3 *db){ 7576 int rc = SQLITE_OK; 7577 7578 assert( pPager->journalMode==PAGER_JOURNALMODE_WAL ); 7579 7580 /* If the log file is not already open, but does exist in the file-system, 7581 ** it may need to be checkpointed before the connection can switch to 7582 ** rollback mode. Open it now so this can happen. 7583 */ 7584 if( !pPager->pWal ){ 7585 int logexists = 0; 7586 rc = pagerLockDb(pPager, SHARED_LOCK); 7587 if( rc==SQLITE_OK ){ 7588 rc = sqlite3OsAccess( 7589 pPager->pVfs, pPager->zWal, SQLITE_ACCESS_EXISTS, &logexists 7590 ); 7591 } 7592 if( rc==SQLITE_OK && logexists ){ 7593 rc = pagerOpenWal(pPager); 7594 } 7595 } 7596 7597 /* Checkpoint and close the log. Because an EXCLUSIVE lock is held on 7598 ** the database file, the log and log-summary files will be deleted. 7599 */ 7600 if( rc==SQLITE_OK && pPager->pWal ){ 7601 rc = pagerExclusiveLock(pPager); 7602 if( rc==SQLITE_OK ){ 7603 rc = sqlite3WalClose(pPager->pWal, db, pPager->walSyncFlags, 7604 pPager->pageSize, (u8*)pPager->pTmpSpace); 7605 pPager->pWal = 0; 7606 pagerFixMaplimit(pPager); 7607 if( rc && !pPager->exclusiveMode ) pagerUnlockDb(pPager, SHARED_LOCK); 7608 } 7609 } 7610 return rc; 7611 } 7612 7613 #ifdef SQLITE_ENABLE_SETLK_TIMEOUT 7614 /* 7615 ** If pager pPager is a wal-mode database not in exclusive locking mode, 7616 ** invoke the sqlite3WalWriteLock() function on the associated Wal object 7617 ** with the same db and bLock parameters as were passed to this function. 7618 ** Return an SQLite error code if an error occurs, or SQLITE_OK otherwise. 7619 */ 7620 int sqlite3PagerWalWriteLock(Pager *pPager, int bLock){ 7621 int rc = SQLITE_OK; 7622 if( pagerUseWal(pPager) && pPager->exclusiveMode==0 ){ 7623 rc = sqlite3WalWriteLock(pPager->pWal, bLock); 7624 } 7625 return rc; 7626 } 7627 7628 /* 7629 ** Set the database handle used by the wal layer to determine if 7630 ** blocking locks are required. 7631 */ 7632 void sqlite3PagerWalDb(Pager *pPager, sqlite3 *db){ 7633 if( pagerUseWal(pPager) ){ 7634 sqlite3WalDb(pPager->pWal, db); 7635 } 7636 } 7637 #endif 7638 7639 #ifdef SQLITE_ENABLE_SNAPSHOT 7640 /* 7641 ** If this is a WAL database, obtain a snapshot handle for the snapshot 7642 ** currently open. Otherwise, return an error. 7643 */ 7644 int sqlite3PagerSnapshotGet(Pager *pPager, sqlite3_snapshot **ppSnapshot){ 7645 int rc = SQLITE_ERROR; 7646 if( pPager->pWal ){ 7647 rc = sqlite3WalSnapshotGet(pPager->pWal, ppSnapshot); 7648 } 7649 return rc; 7650 } 7651 7652 /* 7653 ** If this is a WAL database, store a pointer to pSnapshot. Next time a 7654 ** read transaction is opened, attempt to read from the snapshot it 7655 ** identifies. If this is not a WAL database, return an error. 7656 */ 7657 int sqlite3PagerSnapshotOpen( 7658 Pager *pPager, 7659 sqlite3_snapshot *pSnapshot 7660 ){ 7661 int rc = SQLITE_OK; 7662 if( pPager->pWal ){ 7663 sqlite3WalSnapshotOpen(pPager->pWal, pSnapshot); 7664 }else{ 7665 rc = SQLITE_ERROR; 7666 } 7667 return rc; 7668 } 7669 7670 /* 7671 ** If this is a WAL database, call sqlite3WalSnapshotRecover(). If this 7672 ** is not a WAL database, return an error. 7673 */ 7674 int sqlite3PagerSnapshotRecover(Pager *pPager){ 7675 int rc; 7676 if( pPager->pWal ){ 7677 rc = sqlite3WalSnapshotRecover(pPager->pWal); 7678 }else{ 7679 rc = SQLITE_ERROR; 7680 } 7681 return rc; 7682 } 7683 7684 /* 7685 ** The caller currently has a read transaction open on the database. 7686 ** If this is not a WAL database, SQLITE_ERROR is returned. Otherwise, 7687 ** this function takes a SHARED lock on the CHECKPOINTER slot and then 7688 ** checks if the snapshot passed as the second argument is still 7689 ** available. If so, SQLITE_OK is returned. 7690 ** 7691 ** If the snapshot is not available, SQLITE_ERROR is returned. Or, if 7692 ** the CHECKPOINTER lock cannot be obtained, SQLITE_BUSY. If any error 7693 ** occurs (any value other than SQLITE_OK is returned), the CHECKPOINTER 7694 ** lock is released before returning. 7695 */ 7696 int sqlite3PagerSnapshotCheck(Pager *pPager, sqlite3_snapshot *pSnapshot){ 7697 int rc; 7698 if( pPager->pWal ){ 7699 rc = sqlite3WalSnapshotCheck(pPager->pWal, pSnapshot); 7700 }else{ 7701 rc = SQLITE_ERROR; 7702 } 7703 return rc; 7704 } 7705 7706 /* 7707 ** Release a lock obtained by an earlier successful call to 7708 ** sqlite3PagerSnapshotCheck(). 7709 */ 7710 void sqlite3PagerSnapshotUnlock(Pager *pPager){ 7711 assert( pPager->pWal ); 7712 sqlite3WalSnapshotUnlock(pPager->pWal); 7713 } 7714 7715 #endif /* SQLITE_ENABLE_SNAPSHOT */ 7716 #endif /* !SQLITE_OMIT_WAL */ 7717 7718 #ifdef SQLITE_ENABLE_ZIPVFS 7719 /* 7720 ** A read-lock must be held on the pager when this function is called. If 7721 ** the pager is in WAL mode and the WAL file currently contains one or more 7722 ** frames, return the size in bytes of the page images stored within the 7723 ** WAL frames. Otherwise, if this is not a WAL database or the WAL file 7724 ** is empty, return 0. 7725 */ 7726 int sqlite3PagerWalFramesize(Pager *pPager){ 7727 assert( pPager->eState>=PAGER_READER ); 7728 return sqlite3WalFramesize(pPager->pWal); 7729 } 7730 #endif 7731 7732 #endif /* SQLITE_OMIT_DISKIO */ 7733