1 /* 2 ** 2001 September 15 3 ** 4 ** The author disclaims copyright to this source code. In place of 5 ** a legal notice, here is a blessing: 6 ** 7 ** May you do good and not evil. 8 ** May you find forgiveness for yourself and forgive others. 9 ** May you share freely, never taking more than you give. 10 ** 11 ************************************************************************* 12 ** This is the implementation of the page cache subsystem or "pager". 13 ** 14 ** The pager is used to access a database disk file. It implements 15 ** atomic commit and rollback through the use of a journal file that 16 ** is separate from the database file. The pager also implements file 17 ** locking to prevent two processes from writing the same database 18 ** file simultaneously, or one process from reading the database while 19 ** another is writing. 20 */ 21 #ifndef SQLITE_OMIT_DISKIO 22 #include "sqliteInt.h" 23 #include "wal.h" 24 25 26 /******************* NOTES ON THE DESIGN OF THE PAGER ************************ 27 ** 28 ** This comment block describes invariants that hold when using a rollback 29 ** journal. These invariants do not apply for journal_mode=WAL, 30 ** journal_mode=MEMORY, or journal_mode=OFF. 31 ** 32 ** Within this comment block, a page is deemed to have been synced 33 ** automatically as soon as it is written when PRAGMA synchronous=OFF. 34 ** Otherwise, the page is not synced until the xSync method of the VFS 35 ** is called successfully on the file containing the page. 36 ** 37 ** Definition: A page of the database file is said to be "overwriteable" if 38 ** one or more of the following are true about the page: 39 ** 40 ** (a) The original content of the page as it was at the beginning of 41 ** the transaction has been written into the rollback journal and 42 ** synced. 43 ** 44 ** (b) The page was a freelist leaf page at the start of the transaction. 45 ** 46 ** (c) The page number is greater than the largest page that existed in 47 ** the database file at the start of the transaction. 48 ** 49 ** (1) A page of the database file is never overwritten unless one of the 50 ** following are true: 51 ** 52 ** (a) The page and all other pages on the same sector are overwriteable. 53 ** 54 ** (b) The atomic page write optimization is enabled, and the entire 55 ** transaction other than the update of the transaction sequence 56 ** number consists of a single page change. 57 ** 58 ** (2) The content of a page written into the rollback journal exactly matches 59 ** both the content in the database when the rollback journal was written 60 ** and the content in the database at the beginning of the current 61 ** transaction. 62 ** 63 ** (3) Writes to the database file are an integer multiple of the page size 64 ** in length and are aligned on a page boundary. 65 ** 66 ** (4) Reads from the database file are either aligned on a page boundary and 67 ** an integer multiple of the page size in length or are taken from the 68 ** first 100 bytes of the database file. 69 ** 70 ** (5) All writes to the database file are synced prior to the rollback journal 71 ** being deleted, truncated, or zeroed. 72 ** 73 ** (6) If a master journal file is used, then all writes to the database file 74 ** are synced prior to the master journal being deleted. 75 ** 76 ** Definition: Two databases (or the same database at two points it time) 77 ** are said to be "logically equivalent" if they give the same answer to 78 ** all queries. Note in particular the the content of freelist leaf 79 ** pages can be changed arbitarily without effecting the logical equivalence 80 ** of the database. 81 ** 82 ** (7) At any time, if any subset, including the empty set and the total set, 83 ** of the unsynced changes to a rollback journal are removed and the 84 ** journal is rolled back, the resulting database file will be logical 85 ** equivalent to the database file at the beginning of the transaction. 86 ** 87 ** (8) When a transaction is rolled back, the xTruncate method of the VFS 88 ** is called to restore the database file to the same size it was at 89 ** the beginning of the transaction. (In some VFSes, the xTruncate 90 ** method is a no-op, but that does not change the fact the SQLite will 91 ** invoke it.) 92 ** 93 ** (9) Whenever the database file is modified, at least one bit in the range 94 ** of bytes from 24 through 39 inclusive will be changed prior to releasing 95 ** the EXCLUSIVE lock, thus signaling other connections on the same 96 ** database to flush their caches. 97 ** 98 ** (10) The pattern of bits in bytes 24 through 39 shall not repeat in less 99 ** than one billion transactions. 100 ** 101 ** (11) A database file is well-formed at the beginning and at the conclusion 102 ** of every transaction. 103 ** 104 ** (12) An EXCLUSIVE lock is held on the database file when writing to 105 ** the database file. 106 ** 107 ** (13) A SHARED lock is held on the database file while reading any 108 ** content out of the database file. 109 ** 110 ******************************************************************************/ 111 112 /* 113 ** Macros for troubleshooting. Normally turned off 114 */ 115 #if 0 116 int sqlite3PagerTrace=1; /* True to enable tracing */ 117 #define sqlite3DebugPrintf printf 118 #define PAGERTRACE(X) if( sqlite3PagerTrace ){ sqlite3DebugPrintf X; } 119 #else 120 #define PAGERTRACE(X) 121 #endif 122 123 /* 124 ** The following two macros are used within the PAGERTRACE() macros above 125 ** to print out file-descriptors. 126 ** 127 ** PAGERID() takes a pointer to a Pager struct as its argument. The 128 ** associated file-descriptor is returned. FILEHANDLEID() takes an sqlite3_file 129 ** struct as its argument. 130 */ 131 #define PAGERID(p) ((int)(p->fd)) 132 #define FILEHANDLEID(fd) ((int)fd) 133 134 /* 135 ** The Pager.eState variable stores the current 'state' of a pager. A 136 ** pager may be in any one of the seven states shown in the following 137 ** state diagram. 138 ** 139 ** OPEN <------+------+ 140 ** | | | 141 ** V | | 142 ** +---------> READER-------+ | 143 ** | | | 144 ** | V | 145 ** |<-------WRITER_LOCKED------> ERROR 146 ** | | ^ 147 ** | V | 148 ** |<------WRITER_CACHEMOD-------->| 149 ** | | | 150 ** | V | 151 ** |<-------WRITER_DBMOD---------->| 152 ** | | | 153 ** | V | 154 ** +<------WRITER_FINISHED-------->+ 155 ** 156 ** 157 ** List of state transitions and the C [function] that performs each: 158 ** 159 ** OPEN -> READER [sqlite3PagerSharedLock] 160 ** READER -> OPEN [pager_unlock] 161 ** 162 ** READER -> WRITER_LOCKED [sqlite3PagerBegin] 163 ** WRITER_LOCKED -> WRITER_CACHEMOD [pager_open_journal] 164 ** WRITER_CACHEMOD -> WRITER_DBMOD [syncJournal] 165 ** WRITER_DBMOD -> WRITER_FINISHED [sqlite3PagerCommitPhaseOne] 166 ** WRITER_*** -> READER [pager_end_transaction] 167 ** 168 ** WRITER_*** -> ERROR [pager_error] 169 ** ERROR -> OPEN [pager_unlock] 170 ** 171 ** 172 ** OPEN: 173 ** 174 ** The pager starts up in this state. Nothing is guaranteed in this 175 ** state - the file may or may not be locked and the database size is 176 ** unknown. The database may not be read or written. 177 ** 178 ** * No read or write transaction is active. 179 ** * Any lock, or no lock at all, may be held on the database file. 180 ** * The dbSize, dbOrigSize and dbFileSize variables may not be trusted. 181 ** 182 ** READER: 183 ** 184 ** In this state all the requirements for reading the database in 185 ** rollback (non-WAL) mode are met. Unless the pager is (or recently 186 ** was) in exclusive-locking mode, a user-level read transaction is 187 ** open. The database size is known in this state. 188 ** 189 ** A connection running with locking_mode=normal enters this state when 190 ** it opens a read-transaction on the database and returns to state 191 ** OPEN after the read-transaction is completed. However a connection 192 ** running in locking_mode=exclusive (including temp databases) remains in 193 ** this state even after the read-transaction is closed. The only way 194 ** a locking_mode=exclusive connection can transition from READER to OPEN 195 ** is via the ERROR state (see below). 196 ** 197 ** * A read transaction may be active (but a write-transaction cannot). 198 ** * A SHARED or greater lock is held on the database file. 199 ** * The dbSize variable may be trusted (even if a user-level read 200 ** transaction is not active). The dbOrigSize and dbFileSize variables 201 ** may not be trusted at this point. 202 ** * If the database is a WAL database, then the WAL connection is open. 203 ** * Even if a read-transaction is not open, it is guaranteed that 204 ** there is no hot-journal in the file-system. 205 ** 206 ** WRITER_LOCKED: 207 ** 208 ** The pager moves to this state from READER when a write-transaction 209 ** is first opened on the database. In WRITER_LOCKED state, all locks 210 ** required to start a write-transaction are held, but no actual 211 ** modifications to the cache or database have taken place. 212 ** 213 ** In rollback mode, a RESERVED or (if the transaction was opened with 214 ** BEGIN EXCLUSIVE) EXCLUSIVE lock is obtained on the database file when 215 ** moving to this state, but the journal file is not written to or opened 216 ** to in this state. If the transaction is committed or rolled back while 217 ** in WRITER_LOCKED state, all that is required is to unlock the database 218 ** file. 219 ** 220 ** IN WAL mode, WalBeginWriteTransaction() is called to lock the log file. 221 ** If the connection is running with locking_mode=exclusive, an attempt 222 ** is made to obtain an EXCLUSIVE lock on the database file. 223 ** 224 ** * A write transaction is active. 225 ** * If the connection is open in rollback-mode, a RESERVED or greater 226 ** lock is held on the database file. 227 ** * If the connection is open in WAL-mode, a WAL write transaction 228 ** is open (i.e. sqlite3WalBeginWriteTransaction() has been successfully 229 ** called). 230 ** * The dbSize, dbOrigSize and dbFileSize variables are all valid. 231 ** * The contents of the pager cache have not been modified. 232 ** * The journal file may or may not be open. 233 ** * Nothing (not even the first header) has been written to the journal. 234 ** 235 ** WRITER_CACHEMOD: 236 ** 237 ** A pager moves from WRITER_LOCKED state to this state when a page is 238 ** first modified by the upper layer. In rollback mode the journal file 239 ** is opened (if it is not already open) and a header written to the 240 ** start of it. The database file on disk has not been modified. 241 ** 242 ** * A write transaction is active. 243 ** * A RESERVED or greater lock is held on the database file. 244 ** * The journal file is open and the first header has been written 245 ** to it, but the header has not been synced to disk. 246 ** * The contents of the page cache have been modified. 247 ** 248 ** WRITER_DBMOD: 249 ** 250 ** The pager transitions from WRITER_CACHEMOD into WRITER_DBMOD state 251 ** when it modifies the contents of the database file. WAL connections 252 ** never enter this state (since they do not modify the database file, 253 ** just the log file). 254 ** 255 ** * A write transaction is active. 256 ** * An EXCLUSIVE or greater lock is held on the database file. 257 ** * The journal file is open and the first header has been written 258 ** and synced to disk. 259 ** * The contents of the page cache have been modified (and possibly 260 ** written to disk). 261 ** 262 ** WRITER_FINISHED: 263 ** 264 ** It is not possible for a WAL connection to enter this state. 265 ** 266 ** A rollback-mode pager changes to WRITER_FINISHED state from WRITER_DBMOD 267 ** state after the entire transaction has been successfully written into the 268 ** database file. In this state the transaction may be committed simply 269 ** by finalizing the journal file. Once in WRITER_FINISHED state, it is 270 ** not possible to modify the database further. At this point, the upper 271 ** layer must either commit or rollback the transaction. 272 ** 273 ** * A write transaction is active. 274 ** * An EXCLUSIVE or greater lock is held on the database file. 275 ** * All writing and syncing of journal and database data has finished. 276 ** If no error occured, all that remains is to finalize the journal to 277 ** commit the transaction. If an error did occur, the caller will need 278 ** to rollback the transaction. 279 ** 280 ** ERROR: 281 ** 282 ** The ERROR state is entered when an IO or disk-full error (including 283 ** SQLITE_IOERR_NOMEM) occurs at a point in the code that makes it 284 ** difficult to be sure that the in-memory pager state (cache contents, 285 ** db size etc.) are consistent with the contents of the file-system. 286 ** 287 ** Temporary pager files may enter the ERROR state, but in-memory pagers 288 ** cannot. 289 ** 290 ** For example, if an IO error occurs while performing a rollback, 291 ** the contents of the page-cache may be left in an inconsistent state. 292 ** At this point it would be dangerous to change back to READER state 293 ** (as usually happens after a rollback). Any subsequent readers might 294 ** report database corruption (due to the inconsistent cache), and if 295 ** they upgrade to writers, they may inadvertently corrupt the database 296 ** file. To avoid this hazard, the pager switches into the ERROR state 297 ** instead of READER following such an error. 298 ** 299 ** Once it has entered the ERROR state, any attempt to use the pager 300 ** to read or write data returns an error. Eventually, once all 301 ** outstanding transactions have been abandoned, the pager is able to 302 ** transition back to OPEN state, discarding the contents of the 303 ** page-cache and any other in-memory state at the same time. Everything 304 ** is reloaded from disk (and, if necessary, hot-journal rollback peformed) 305 ** when a read-transaction is next opened on the pager (transitioning 306 ** the pager into READER state). At that point the system has recovered 307 ** from the error. 308 ** 309 ** Specifically, the pager jumps into the ERROR state if: 310 ** 311 ** 1. An error occurs while attempting a rollback. This happens in 312 ** function sqlite3PagerRollback(). 313 ** 314 ** 2. An error occurs while attempting to finalize a journal file 315 ** following a commit in function sqlite3PagerCommitPhaseTwo(). 316 ** 317 ** 3. An error occurs while attempting to write to the journal or 318 ** database file in function pagerStress() in order to free up 319 ** memory. 320 ** 321 ** In other cases, the error is returned to the b-tree layer. The b-tree 322 ** layer then attempts a rollback operation. If the error condition 323 ** persists, the pager enters the ERROR state via condition (1) above. 324 ** 325 ** Condition (3) is necessary because it can be triggered by a read-only 326 ** statement executed within a transaction. In this case, if the error 327 ** code were simply returned to the user, the b-tree layer would not 328 ** automatically attempt a rollback, as it assumes that an error in a 329 ** read-only statement cannot leave the pager in an internally inconsistent 330 ** state. 331 ** 332 ** * The Pager.errCode variable is set to something other than SQLITE_OK. 333 ** * There are one or more outstanding references to pages (after the 334 ** last reference is dropped the pager should move back to OPEN state). 335 ** * The pager is not an in-memory pager. 336 ** 337 ** 338 ** Notes: 339 ** 340 ** * A pager is never in WRITER_DBMOD or WRITER_FINISHED state if the 341 ** connection is open in WAL mode. A WAL connection is always in one 342 ** of the first four states. 343 ** 344 ** * Normally, a connection open in exclusive mode is never in PAGER_OPEN 345 ** state. There are two exceptions: immediately after exclusive-mode has 346 ** been turned on (and before any read or write transactions are 347 ** executed), and when the pager is leaving the "error state". 348 ** 349 ** * See also: assert_pager_state(). 350 */ 351 #define PAGER_OPEN 0 352 #define PAGER_READER 1 353 #define PAGER_WRITER_LOCKED 2 354 #define PAGER_WRITER_CACHEMOD 3 355 #define PAGER_WRITER_DBMOD 4 356 #define PAGER_WRITER_FINISHED 5 357 #define PAGER_ERROR 6 358 359 /* 360 ** The Pager.eLock variable is almost always set to one of the 361 ** following locking-states, according to the lock currently held on 362 ** the database file: NO_LOCK, SHARED_LOCK, RESERVED_LOCK or EXCLUSIVE_LOCK. 363 ** This variable is kept up to date as locks are taken and released by 364 ** the pagerLockDb() and pagerUnlockDb() wrappers. 365 ** 366 ** If the VFS xLock() or xUnlock() returns an error other than SQLITE_BUSY 367 ** (i.e. one of the SQLITE_IOERR subtypes), it is not clear whether or not 368 ** the operation was successful. In these circumstances pagerLockDb() and 369 ** pagerUnlockDb() take a conservative approach - eLock is always updated 370 ** when unlocking the file, and only updated when locking the file if the 371 ** VFS call is successful. This way, the Pager.eLock variable may be set 372 ** to a less exclusive (lower) value than the lock that is actually held 373 ** at the system level, but it is never set to a more exclusive value. 374 ** 375 ** This is usually safe. If an xUnlock fails or appears to fail, there may 376 ** be a few redundant xLock() calls or a lock may be held for longer than 377 ** required, but nothing really goes wrong. 378 ** 379 ** The exception is when the database file is unlocked as the pager moves 380 ** from ERROR to OPEN state. At this point there may be a hot-journal file 381 ** in the file-system that needs to be rolled back (as part of a OPEN->SHARED 382 ** transition, by the same pager or any other). If the call to xUnlock() 383 ** fails at this point and the pager is left holding an EXCLUSIVE lock, this 384 ** can confuse the call to xCheckReservedLock() call made later as part 385 ** of hot-journal detection. 386 ** 387 ** xCheckReservedLock() is defined as returning true "if there is a RESERVED 388 ** lock held by this process or any others". So xCheckReservedLock may 389 ** return true because the caller itself is holding an EXCLUSIVE lock (but 390 ** doesn't know it because of a previous error in xUnlock). If this happens 391 ** a hot-journal may be mistaken for a journal being created by an active 392 ** transaction in another process, causing SQLite to read from the database 393 ** without rolling it back. 394 ** 395 ** To work around this, if a call to xUnlock() fails when unlocking the 396 ** database in the ERROR state, Pager.eLock is set to UNKNOWN_LOCK. It 397 ** is only changed back to a real locking state after a successful call 398 ** to xLock(EXCLUSIVE). Also, the code to do the OPEN->SHARED state transition 399 ** omits the check for a hot-journal if Pager.eLock is set to UNKNOWN_LOCK 400 ** lock. Instead, it assumes a hot-journal exists and obtains an EXCLUSIVE 401 ** lock on the database file before attempting to roll it back. See function 402 ** PagerSharedLock() for more detail. 403 ** 404 ** Pager.eLock may only be set to UNKNOWN_LOCK when the pager is in 405 ** PAGER_OPEN state. 406 */ 407 #define UNKNOWN_LOCK (EXCLUSIVE_LOCK+1) 408 409 /* 410 ** A macro used for invoking the codec if there is one 411 */ 412 #ifdef SQLITE_HAS_CODEC 413 # define CODEC1(P,D,N,X,E) \ 414 if( P->xCodec && P->xCodec(P->pCodec,D,N,X)==0 ){ E; } 415 # define CODEC2(P,D,N,X,E,O) \ 416 if( P->xCodec==0 ){ O=(char*)D; }else \ 417 if( (O=(char*)(P->xCodec(P->pCodec,D,N,X)))==0 ){ E; } 418 #else 419 # define CODEC1(P,D,N,X,E) /* NO-OP */ 420 # define CODEC2(P,D,N,X,E,O) O=(char*)D 421 #endif 422 423 /* 424 ** The maximum allowed sector size. 64KiB. If the xSectorsize() method 425 ** returns a value larger than this, then MAX_SECTOR_SIZE is used instead. 426 ** This could conceivably cause corruption following a power failure on 427 ** such a system. This is currently an undocumented limit. 428 */ 429 #define MAX_SECTOR_SIZE 0x10000 430 431 /* 432 ** An instance of the following structure is allocated for each active 433 ** savepoint and statement transaction in the system. All such structures 434 ** are stored in the Pager.aSavepoint[] array, which is allocated and 435 ** resized using sqlite3Realloc(). 436 ** 437 ** When a savepoint is created, the PagerSavepoint.iHdrOffset field is 438 ** set to 0. If a journal-header is written into the main journal while 439 ** the savepoint is active, then iHdrOffset is set to the byte offset 440 ** immediately following the last journal record written into the main 441 ** journal before the journal-header. This is required during savepoint 442 ** rollback (see pagerPlaybackSavepoint()). 443 */ 444 typedef struct PagerSavepoint PagerSavepoint; 445 struct PagerSavepoint { 446 i64 iOffset; /* Starting offset in main journal */ 447 i64 iHdrOffset; /* See above */ 448 Bitvec *pInSavepoint; /* Set of pages in this savepoint */ 449 Pgno nOrig; /* Original number of pages in file */ 450 Pgno iSubRec; /* Index of first record in sub-journal */ 451 #ifndef SQLITE_OMIT_WAL 452 u32 aWalData[WAL_SAVEPOINT_NDATA]; /* WAL savepoint context */ 453 #endif 454 }; 455 456 /* 457 ** A open page cache is an instance of struct Pager. A description of 458 ** some of the more important member variables follows: 459 ** 460 ** eState 461 ** 462 ** The current 'state' of the pager object. See the comment and state 463 ** diagram above for a description of the pager state. 464 ** 465 ** eLock 466 ** 467 ** For a real on-disk database, the current lock held on the database file - 468 ** NO_LOCK, SHARED_LOCK, RESERVED_LOCK or EXCLUSIVE_LOCK. 469 ** 470 ** For a temporary or in-memory database (neither of which require any 471 ** locks), this variable is always set to EXCLUSIVE_LOCK. Since such 472 ** databases always have Pager.exclusiveMode==1, this tricks the pager 473 ** logic into thinking that it already has all the locks it will ever 474 ** need (and no reason to release them). 475 ** 476 ** In some (obscure) circumstances, this variable may also be set to 477 ** UNKNOWN_LOCK. See the comment above the #define of UNKNOWN_LOCK for 478 ** details. 479 ** 480 ** changeCountDone 481 ** 482 ** This boolean variable is used to make sure that the change-counter 483 ** (the 4-byte header field at byte offset 24 of the database file) is 484 ** not updated more often than necessary. 485 ** 486 ** It is set to true when the change-counter field is updated, which 487 ** can only happen if an exclusive lock is held on the database file. 488 ** It is cleared (set to false) whenever an exclusive lock is 489 ** relinquished on the database file. Each time a transaction is committed, 490 ** The changeCountDone flag is inspected. If it is true, the work of 491 ** updating the change-counter is omitted for the current transaction. 492 ** 493 ** This mechanism means that when running in exclusive mode, a connection 494 ** need only update the change-counter once, for the first transaction 495 ** committed. 496 ** 497 ** setMaster 498 ** 499 ** When PagerCommitPhaseOne() is called to commit a transaction, it may 500 ** (or may not) specify a master-journal name to be written into the 501 ** journal file before it is synced to disk. 502 ** 503 ** Whether or not a journal file contains a master-journal pointer affects 504 ** the way in which the journal file is finalized after the transaction is 505 ** committed or rolled back when running in "journal_mode=PERSIST" mode. 506 ** If a journal file does not contain a master-journal pointer, it is 507 ** finalized by overwriting the first journal header with zeroes. If 508 ** it does contain a master-journal pointer the journal file is finalized 509 ** by truncating it to zero bytes, just as if the connection were 510 ** running in "journal_mode=truncate" mode. 511 ** 512 ** Journal files that contain master journal pointers cannot be finalized 513 ** simply by overwriting the first journal-header with zeroes, as the 514 ** master journal pointer could interfere with hot-journal rollback of any 515 ** subsequently interrupted transaction that reuses the journal file. 516 ** 517 ** The flag is cleared as soon as the journal file is finalized (either 518 ** by PagerCommitPhaseTwo or PagerRollback). If an IO error prevents the 519 ** journal file from being successfully finalized, the setMaster flag 520 ** is cleared anyway (and the pager will move to ERROR state). 521 ** 522 ** doNotSpill, doNotSyncSpill 523 ** 524 ** These two boolean variables control the behaviour of cache-spills 525 ** (calls made by the pcache module to the pagerStress() routine to 526 ** write cached data to the file-system in order to free up memory). 527 ** 528 ** When doNotSpill is non-zero, writing to the database from pagerStress() 529 ** is disabled altogether. This is done in a very obscure case that 530 ** comes up during savepoint rollback that requires the pcache module 531 ** to allocate a new page to prevent the journal file from being written 532 ** while it is being traversed by code in pager_playback(). 533 ** 534 ** If doNotSyncSpill is non-zero, writing to the database from pagerStress() 535 ** is permitted, but syncing the journal file is not. This flag is set 536 ** by sqlite3PagerWrite() when the file-system sector-size is larger than 537 ** the database page-size in order to prevent a journal sync from happening 538 ** in between the journalling of two pages on the same sector. 539 ** 540 ** subjInMemory 541 ** 542 ** This is a boolean variable. If true, then any required sub-journal 543 ** is opened as an in-memory journal file. If false, then in-memory 544 ** sub-journals are only used for in-memory pager files. 545 ** 546 ** This variable is updated by the upper layer each time a new 547 ** write-transaction is opened. 548 ** 549 ** dbSize, dbOrigSize, dbFileSize 550 ** 551 ** Variable dbSize is set to the number of pages in the database file. 552 ** It is valid in PAGER_READER and higher states (all states except for 553 ** OPEN and ERROR). 554 ** 555 ** dbSize is set based on the size of the database file, which may be 556 ** larger than the size of the database (the value stored at offset 557 ** 28 of the database header by the btree). If the size of the file 558 ** is not an integer multiple of the page-size, the value stored in 559 ** dbSize is rounded down (i.e. a 5KB file with 2K page-size has dbSize==2). 560 ** Except, any file that is greater than 0 bytes in size is considered 561 ** to have at least one page. (i.e. a 1KB file with 2K page-size leads 562 ** to dbSize==1). 563 ** 564 ** During a write-transaction, if pages with page-numbers greater than 565 ** dbSize are modified in the cache, dbSize is updated accordingly. 566 ** Similarly, if the database is truncated using PagerTruncateImage(), 567 ** dbSize is updated. 568 ** 569 ** Variables dbOrigSize and dbFileSize are valid in states 570 ** PAGER_WRITER_LOCKED and higher. dbOrigSize is a copy of the dbSize 571 ** variable at the start of the transaction. It is used during rollback, 572 ** and to determine whether or not pages need to be journalled before 573 ** being modified. 574 ** 575 ** Throughout a write-transaction, dbFileSize contains the size of 576 ** the file on disk in pages. It is set to a copy of dbSize when the 577 ** write-transaction is first opened, and updated when VFS calls are made 578 ** to write or truncate the database file on disk. 579 ** 580 ** The only reason the dbFileSize variable is required is to suppress 581 ** unnecessary calls to xTruncate() after committing a transaction. If, 582 ** when a transaction is committed, the dbFileSize variable indicates 583 ** that the database file is larger than the database image (Pager.dbSize), 584 ** pager_truncate() is called. The pager_truncate() call uses xFilesize() 585 ** to measure the database file on disk, and then truncates it if required. 586 ** dbFileSize is not used when rolling back a transaction. In this case 587 ** pager_truncate() is called unconditionally (which means there may be 588 ** a call to xFilesize() that is not strictly required). In either case, 589 ** pager_truncate() may cause the file to become smaller or larger. 590 ** 591 ** dbHintSize 592 ** 593 ** The dbHintSize variable is used to limit the number of calls made to 594 ** the VFS xFileControl(FCNTL_SIZE_HINT) method. 595 ** 596 ** dbHintSize is set to a copy of the dbSize variable when a 597 ** write-transaction is opened (at the same time as dbFileSize and 598 ** dbOrigSize). If the xFileControl(FCNTL_SIZE_HINT) method is called, 599 ** dbHintSize is increased to the number of pages that correspond to the 600 ** size-hint passed to the method call. See pager_write_pagelist() for 601 ** details. 602 ** 603 ** errCode 604 ** 605 ** The Pager.errCode variable is only ever used in PAGER_ERROR state. It 606 ** is set to zero in all other states. In PAGER_ERROR state, Pager.errCode 607 ** is always set to SQLITE_FULL, SQLITE_IOERR or one of the SQLITE_IOERR_XXX 608 ** sub-codes. 609 */ 610 struct Pager { 611 sqlite3_vfs *pVfs; /* OS functions to use for IO */ 612 u8 exclusiveMode; /* Boolean. True if locking_mode==EXCLUSIVE */ 613 u8 journalMode; /* One of the PAGER_JOURNALMODE_* values */ 614 u8 useJournal; /* Use a rollback journal on this file */ 615 u8 noReadlock; /* Do not bother to obtain readlocks */ 616 u8 noSync; /* Do not sync the journal if true */ 617 u8 fullSync; /* Do extra syncs of the journal for robustness */ 618 u8 ckptSyncFlags; /* SYNC_NORMAL or SYNC_FULL for checkpoint */ 619 u8 syncFlags; /* SYNC_NORMAL or SYNC_FULL otherwise */ 620 u8 tempFile; /* zFilename is a temporary file */ 621 u8 readOnly; /* True for a read-only database */ 622 u8 memDb; /* True to inhibit all file I/O */ 623 624 /************************************************************************** 625 ** The following block contains those class members that change during 626 ** routine opertion. Class members not in this block are either fixed 627 ** when the pager is first created or else only change when there is a 628 ** significant mode change (such as changing the page_size, locking_mode, 629 ** or the journal_mode). From another view, these class members describe 630 ** the "state" of the pager, while other class members describe the 631 ** "configuration" of the pager. 632 */ 633 u8 eState; /* Pager state (OPEN, READER, WRITER_LOCKED..) */ 634 u8 eLock; /* Current lock held on database file */ 635 u8 changeCountDone; /* Set after incrementing the change-counter */ 636 u8 setMaster; /* True if a m-j name has been written to jrnl */ 637 u8 doNotSpill; /* Do not spill the cache when non-zero */ 638 u8 doNotSyncSpill; /* Do not do a spill that requires jrnl sync */ 639 u8 subjInMemory; /* True to use in-memory sub-journals */ 640 Pgno dbSize; /* Number of pages in the database */ 641 Pgno dbOrigSize; /* dbSize before the current transaction */ 642 Pgno dbFileSize; /* Number of pages in the database file */ 643 Pgno dbHintSize; /* Value passed to FCNTL_SIZE_HINT call */ 644 int errCode; /* One of several kinds of errors */ 645 int nRec; /* Pages journalled since last j-header written */ 646 u32 cksumInit; /* Quasi-random value added to every checksum */ 647 u32 nSubRec; /* Number of records written to sub-journal */ 648 Bitvec *pInJournal; /* One bit for each page in the database file */ 649 sqlite3_file *fd; /* File descriptor for database */ 650 sqlite3_file *jfd; /* File descriptor for main journal */ 651 sqlite3_file *sjfd; /* File descriptor for sub-journal */ 652 i64 journalOff; /* Current write offset in the journal file */ 653 i64 journalHdr; /* Byte offset to previous journal header */ 654 sqlite3_backup *pBackup; /* Pointer to list of ongoing backup processes */ 655 PagerSavepoint *aSavepoint; /* Array of active savepoints */ 656 int nSavepoint; /* Number of elements in aSavepoint[] */ 657 char dbFileVers[16]; /* Changes whenever database file changes */ 658 /* 659 ** End of the routinely-changing class members 660 ***************************************************************************/ 661 662 u16 nExtra; /* Add this many bytes to each in-memory page */ 663 i16 nReserve; /* Number of unused bytes at end of each page */ 664 u32 vfsFlags; /* Flags for sqlite3_vfs.xOpen() */ 665 u32 sectorSize; /* Assumed sector size during rollback */ 666 int pageSize; /* Number of bytes in a page */ 667 Pgno mxPgno; /* Maximum allowed size of the database */ 668 i64 journalSizeLimit; /* Size limit for persistent journal files */ 669 char *zFilename; /* Name of the database file */ 670 char *zJournal; /* Name of the journal file */ 671 int (*xBusyHandler)(void*); /* Function to call when busy */ 672 void *pBusyHandlerArg; /* Context argument for xBusyHandler */ 673 #ifdef SQLITE_TEST 674 int nHit, nMiss; /* Cache hits and missing */ 675 int nRead, nWrite; /* Database pages read/written */ 676 #endif 677 void (*xReiniter)(DbPage*); /* Call this routine when reloading pages */ 678 #ifdef SQLITE_HAS_CODEC 679 void *(*xCodec)(void*,void*,Pgno,int); /* Routine for en/decoding data */ 680 void (*xCodecSizeChng)(void*,int,int); /* Notify of page size changes */ 681 void (*xCodecFree)(void*); /* Destructor for the codec */ 682 void *pCodec; /* First argument to xCodec... methods */ 683 #endif 684 char *pTmpSpace; /* Pager.pageSize bytes of space for tmp use */ 685 PCache *pPCache; /* Pointer to page cache object */ 686 #ifndef SQLITE_OMIT_WAL 687 Wal *pWal; /* Write-ahead log used by "journal_mode=wal" */ 688 char *zWal; /* File name for write-ahead log */ 689 #endif 690 }; 691 692 /* 693 ** The following global variables hold counters used for 694 ** testing purposes only. These variables do not exist in 695 ** a non-testing build. These variables are not thread-safe. 696 */ 697 #ifdef SQLITE_TEST 698 int sqlite3_pager_readdb_count = 0; /* Number of full pages read from DB */ 699 int sqlite3_pager_writedb_count = 0; /* Number of full pages written to DB */ 700 int sqlite3_pager_writej_count = 0; /* Number of pages written to journal */ 701 # define PAGER_INCR(v) v++ 702 #else 703 # define PAGER_INCR(v) 704 #endif 705 706 707 708 /* 709 ** Journal files begin with the following magic string. The data 710 ** was obtained from /dev/random. It is used only as a sanity check. 711 ** 712 ** Since version 2.8.0, the journal format contains additional sanity 713 ** checking information. If the power fails while the journal is being 714 ** written, semi-random garbage data might appear in the journal 715 ** file after power is restored. If an attempt is then made 716 ** to roll the journal back, the database could be corrupted. The additional 717 ** sanity checking data is an attempt to discover the garbage in the 718 ** journal and ignore it. 719 ** 720 ** The sanity checking information for the new journal format consists 721 ** of a 32-bit checksum on each page of data. The checksum covers both 722 ** the page number and the pPager->pageSize bytes of data for the page. 723 ** This cksum is initialized to a 32-bit random value that appears in the 724 ** journal file right after the header. The random initializer is important, 725 ** because garbage data that appears at the end of a journal is likely 726 ** data that was once in other files that have now been deleted. If the 727 ** garbage data came from an obsolete journal file, the checksums might 728 ** be correct. But by initializing the checksum to random value which 729 ** is different for every journal, we minimize that risk. 730 */ 731 static const unsigned char aJournalMagic[] = { 732 0xd9, 0xd5, 0x05, 0xf9, 0x20, 0xa1, 0x63, 0xd7, 733 }; 734 735 /* 736 ** The size of the of each page record in the journal is given by 737 ** the following macro. 738 */ 739 #define JOURNAL_PG_SZ(pPager) ((pPager->pageSize) + 8) 740 741 /* 742 ** The journal header size for this pager. This is usually the same 743 ** size as a single disk sector. See also setSectorSize(). 744 */ 745 #define JOURNAL_HDR_SZ(pPager) (pPager->sectorSize) 746 747 /* 748 ** The macro MEMDB is true if we are dealing with an in-memory database. 749 ** We do this as a macro so that if the SQLITE_OMIT_MEMORYDB macro is set, 750 ** the value of MEMDB will be a constant and the compiler will optimize 751 ** out code that would never execute. 752 */ 753 #ifdef SQLITE_OMIT_MEMORYDB 754 # define MEMDB 0 755 #else 756 # define MEMDB pPager->memDb 757 #endif 758 759 /* 760 ** The maximum legal page number is (2^31 - 1). 761 */ 762 #define PAGER_MAX_PGNO 2147483647 763 764 /* 765 ** The argument to this macro is a file descriptor (type sqlite3_file*). 766 ** Return 0 if it is not open, or non-zero (but not 1) if it is. 767 ** 768 ** This is so that expressions can be written as: 769 ** 770 ** if( isOpen(pPager->jfd) ){ ... 771 ** 772 ** instead of 773 ** 774 ** if( pPager->jfd->pMethods ){ ... 775 */ 776 #define isOpen(pFd) ((pFd)->pMethods) 777 778 /* 779 ** Return true if this pager uses a write-ahead log instead of the usual 780 ** rollback journal. Otherwise false. 781 */ 782 #ifndef SQLITE_OMIT_WAL 783 static int pagerUseWal(Pager *pPager){ 784 return (pPager->pWal!=0); 785 } 786 #else 787 # define pagerUseWal(x) 0 788 # define pagerRollbackWal(x) 0 789 # define pagerWalFrames(v,w,x,y,z) 0 790 # define pagerOpenWalIfPresent(z) SQLITE_OK 791 # define pagerBeginReadTransaction(z) SQLITE_OK 792 #endif 793 794 #ifndef NDEBUG 795 /* 796 ** Usage: 797 ** 798 ** assert( assert_pager_state(pPager) ); 799 ** 800 ** This function runs many asserts to try to find inconsistencies in 801 ** the internal state of the Pager object. 802 */ 803 static int assert_pager_state(Pager *p){ 804 Pager *pPager = p; 805 806 /* State must be valid. */ 807 assert( p->eState==PAGER_OPEN 808 || p->eState==PAGER_READER 809 || p->eState==PAGER_WRITER_LOCKED 810 || p->eState==PAGER_WRITER_CACHEMOD 811 || p->eState==PAGER_WRITER_DBMOD 812 || p->eState==PAGER_WRITER_FINISHED 813 || p->eState==PAGER_ERROR 814 ); 815 816 /* Regardless of the current state, a temp-file connection always behaves 817 ** as if it has an exclusive lock on the database file. It never updates 818 ** the change-counter field, so the changeCountDone flag is always set. 819 */ 820 assert( p->tempFile==0 || p->eLock==EXCLUSIVE_LOCK ); 821 assert( p->tempFile==0 || pPager->changeCountDone ); 822 823 /* If the useJournal flag is clear, the journal-mode must be "OFF". 824 ** And if the journal-mode is "OFF", the journal file must not be open. 825 */ 826 assert( p->journalMode==PAGER_JOURNALMODE_OFF || p->useJournal ); 827 assert( p->journalMode!=PAGER_JOURNALMODE_OFF || !isOpen(p->jfd) ); 828 829 /* Check that MEMDB implies noSync. And an in-memory journal. Since 830 ** this means an in-memory pager performs no IO at all, it cannot encounter 831 ** either SQLITE_IOERR or SQLITE_FULL during rollback or while finalizing 832 ** a journal file. (although the in-memory journal implementation may 833 ** return SQLITE_IOERR_NOMEM while the journal file is being written). It 834 ** is therefore not possible for an in-memory pager to enter the ERROR 835 ** state. 836 */ 837 if( MEMDB ){ 838 assert( p->noSync ); 839 assert( p->journalMode==PAGER_JOURNALMODE_OFF 840 || p->journalMode==PAGER_JOURNALMODE_MEMORY 841 ); 842 assert( p->eState!=PAGER_ERROR && p->eState!=PAGER_OPEN ); 843 assert( pagerUseWal(p)==0 ); 844 } 845 846 /* If changeCountDone is set, a RESERVED lock or greater must be held 847 ** on the file. 848 */ 849 assert( pPager->changeCountDone==0 || pPager->eLock>=RESERVED_LOCK ); 850 assert( p->eLock!=PENDING_LOCK ); 851 852 switch( p->eState ){ 853 case PAGER_OPEN: 854 assert( !MEMDB ); 855 assert( pPager->errCode==SQLITE_OK ); 856 assert( sqlite3PcacheRefCount(pPager->pPCache)==0 || pPager->tempFile ); 857 break; 858 859 case PAGER_READER: 860 assert( pPager->errCode==SQLITE_OK ); 861 assert( p->eLock!=UNKNOWN_LOCK ); 862 assert( p->eLock>=SHARED_LOCK || p->noReadlock ); 863 break; 864 865 case PAGER_WRITER_LOCKED: 866 assert( p->eLock!=UNKNOWN_LOCK ); 867 assert( pPager->errCode==SQLITE_OK ); 868 if( !pagerUseWal(pPager) ){ 869 assert( p->eLock>=RESERVED_LOCK ); 870 } 871 assert( pPager->dbSize==pPager->dbOrigSize ); 872 assert( pPager->dbOrigSize==pPager->dbFileSize ); 873 assert( pPager->dbOrigSize==pPager->dbHintSize ); 874 assert( pPager->setMaster==0 ); 875 break; 876 877 case PAGER_WRITER_CACHEMOD: 878 assert( p->eLock!=UNKNOWN_LOCK ); 879 assert( pPager->errCode==SQLITE_OK ); 880 if( !pagerUseWal(pPager) ){ 881 /* It is possible that if journal_mode=wal here that neither the 882 ** journal file nor the WAL file are open. This happens during 883 ** a rollback transaction that switches from journal_mode=off 884 ** to journal_mode=wal. 885 */ 886 assert( p->eLock>=RESERVED_LOCK ); 887 assert( isOpen(p->jfd) 888 || p->journalMode==PAGER_JOURNALMODE_OFF 889 || p->journalMode==PAGER_JOURNALMODE_WAL 890 ); 891 } 892 assert( pPager->dbOrigSize==pPager->dbFileSize ); 893 assert( pPager->dbOrigSize==pPager->dbHintSize ); 894 break; 895 896 case PAGER_WRITER_DBMOD: 897 assert( p->eLock==EXCLUSIVE_LOCK ); 898 assert( pPager->errCode==SQLITE_OK ); 899 assert( !pagerUseWal(pPager) ); 900 assert( p->eLock>=EXCLUSIVE_LOCK ); 901 assert( isOpen(p->jfd) 902 || p->journalMode==PAGER_JOURNALMODE_OFF 903 || p->journalMode==PAGER_JOURNALMODE_WAL 904 ); 905 assert( pPager->dbOrigSize<=pPager->dbHintSize ); 906 break; 907 908 case PAGER_WRITER_FINISHED: 909 assert( p->eLock==EXCLUSIVE_LOCK ); 910 assert( pPager->errCode==SQLITE_OK ); 911 assert( !pagerUseWal(pPager) ); 912 assert( isOpen(p->jfd) 913 || p->journalMode==PAGER_JOURNALMODE_OFF 914 || p->journalMode==PAGER_JOURNALMODE_WAL 915 ); 916 break; 917 918 case PAGER_ERROR: 919 /* There must be at least one outstanding reference to the pager if 920 ** in ERROR state. Otherwise the pager should have already dropped 921 ** back to OPEN state. 922 */ 923 assert( pPager->errCode!=SQLITE_OK ); 924 assert( sqlite3PcacheRefCount(pPager->pPCache)>0 ); 925 break; 926 } 927 928 return 1; 929 } 930 #endif /* ifndef NDEBUG */ 931 932 #ifdef SQLITE_DEBUG 933 /* 934 ** Return a pointer to a human readable string in a static buffer 935 ** containing the state of the Pager object passed as an argument. This 936 ** is intended to be used within debuggers. For example, as an alternative 937 ** to "print *pPager" in gdb: 938 ** 939 ** (gdb) printf "%s", print_pager_state(pPager) 940 */ 941 static char *print_pager_state(Pager *p){ 942 static char zRet[1024]; 943 944 sqlite3_snprintf(1024, zRet, 945 "Filename: %s\n" 946 "State: %s errCode=%d\n" 947 "Lock: %s\n" 948 "Locking mode: locking_mode=%s\n" 949 "Journal mode: journal_mode=%s\n" 950 "Backing store: tempFile=%d memDb=%d useJournal=%d\n" 951 "Journal: journalOff=%lld journalHdr=%lld\n" 952 "Size: dbsize=%d dbOrigSize=%d dbFileSize=%d\n" 953 , p->zFilename 954 , p->eState==PAGER_OPEN ? "OPEN" : 955 p->eState==PAGER_READER ? "READER" : 956 p->eState==PAGER_WRITER_LOCKED ? "WRITER_LOCKED" : 957 p->eState==PAGER_WRITER_CACHEMOD ? "WRITER_CACHEMOD" : 958 p->eState==PAGER_WRITER_DBMOD ? "WRITER_DBMOD" : 959 p->eState==PAGER_WRITER_FINISHED ? "WRITER_FINISHED" : 960 p->eState==PAGER_ERROR ? "ERROR" : "?error?" 961 , (int)p->errCode 962 , p->eLock==NO_LOCK ? "NO_LOCK" : 963 p->eLock==RESERVED_LOCK ? "RESERVED" : 964 p->eLock==EXCLUSIVE_LOCK ? "EXCLUSIVE" : 965 p->eLock==SHARED_LOCK ? "SHARED" : 966 p->eLock==UNKNOWN_LOCK ? "UNKNOWN" : "?error?" 967 , p->exclusiveMode ? "exclusive" : "normal" 968 , p->journalMode==PAGER_JOURNALMODE_MEMORY ? "memory" : 969 p->journalMode==PAGER_JOURNALMODE_OFF ? "off" : 970 p->journalMode==PAGER_JOURNALMODE_DELETE ? "delete" : 971 p->journalMode==PAGER_JOURNALMODE_PERSIST ? "persist" : 972 p->journalMode==PAGER_JOURNALMODE_TRUNCATE ? "truncate" : 973 p->journalMode==PAGER_JOURNALMODE_WAL ? "wal" : "?error?" 974 , (int)p->tempFile, (int)p->memDb, (int)p->useJournal 975 , p->journalOff, p->journalHdr 976 , (int)p->dbSize, (int)p->dbOrigSize, (int)p->dbFileSize 977 ); 978 979 return zRet; 980 } 981 #endif 982 983 /* 984 ** Return true if it is necessary to write page *pPg into the sub-journal. 985 ** A page needs to be written into the sub-journal if there exists one 986 ** or more open savepoints for which: 987 ** 988 ** * The page-number is less than or equal to PagerSavepoint.nOrig, and 989 ** * The bit corresponding to the page-number is not set in 990 ** PagerSavepoint.pInSavepoint. 991 */ 992 static int subjRequiresPage(PgHdr *pPg){ 993 Pgno pgno = pPg->pgno; 994 Pager *pPager = pPg->pPager; 995 int i; 996 for(i=0; i<pPager->nSavepoint; i++){ 997 PagerSavepoint *p = &pPager->aSavepoint[i]; 998 if( p->nOrig>=pgno && 0==sqlite3BitvecTest(p->pInSavepoint, pgno) ){ 999 return 1; 1000 } 1001 } 1002 return 0; 1003 } 1004 1005 /* 1006 ** Return true if the page is already in the journal file. 1007 */ 1008 static int pageInJournal(PgHdr *pPg){ 1009 return sqlite3BitvecTest(pPg->pPager->pInJournal, pPg->pgno); 1010 } 1011 1012 /* 1013 ** Read a 32-bit integer from the given file descriptor. Store the integer 1014 ** that is read in *pRes. Return SQLITE_OK if everything worked, or an 1015 ** error code is something goes wrong. 1016 ** 1017 ** All values are stored on disk as big-endian. 1018 */ 1019 static int read32bits(sqlite3_file *fd, i64 offset, u32 *pRes){ 1020 unsigned char ac[4]; 1021 int rc = sqlite3OsRead(fd, ac, sizeof(ac), offset); 1022 if( rc==SQLITE_OK ){ 1023 *pRes = sqlite3Get4byte(ac); 1024 } 1025 return rc; 1026 } 1027 1028 /* 1029 ** Write a 32-bit integer into a string buffer in big-endian byte order. 1030 */ 1031 #define put32bits(A,B) sqlite3Put4byte((u8*)A,B) 1032 1033 1034 /* 1035 ** Write a 32-bit integer into the given file descriptor. Return SQLITE_OK 1036 ** on success or an error code is something goes wrong. 1037 */ 1038 static int write32bits(sqlite3_file *fd, i64 offset, u32 val){ 1039 char ac[4]; 1040 put32bits(ac, val); 1041 return sqlite3OsWrite(fd, ac, 4, offset); 1042 } 1043 1044 /* 1045 ** Unlock the database file to level eLock, which must be either NO_LOCK 1046 ** or SHARED_LOCK. Regardless of whether or not the call to xUnlock() 1047 ** succeeds, set the Pager.eLock variable to match the (attempted) new lock. 1048 ** 1049 ** Except, if Pager.eLock is set to UNKNOWN_LOCK when this function is 1050 ** called, do not modify it. See the comment above the #define of 1051 ** UNKNOWN_LOCK for an explanation of this. 1052 */ 1053 static int pagerUnlockDb(Pager *pPager, int eLock){ 1054 int rc = SQLITE_OK; 1055 1056 assert( !pPager->exclusiveMode || pPager->eLock==eLock ); 1057 assert( eLock==NO_LOCK || eLock==SHARED_LOCK ); 1058 assert( eLock!=NO_LOCK || pagerUseWal(pPager)==0 ); 1059 if( isOpen(pPager->fd) ){ 1060 assert( pPager->eLock>=eLock ); 1061 rc = sqlite3OsUnlock(pPager->fd, eLock); 1062 if( pPager->eLock!=UNKNOWN_LOCK ){ 1063 pPager->eLock = (u8)eLock; 1064 } 1065 IOTRACE(("UNLOCK %p %d\n", pPager, eLock)) 1066 } 1067 return rc; 1068 } 1069 1070 /* 1071 ** Lock the database file to level eLock, which must be either SHARED_LOCK, 1072 ** RESERVED_LOCK or EXCLUSIVE_LOCK. If the caller is successful, set the 1073 ** Pager.eLock variable to the new locking state. 1074 ** 1075 ** Except, if Pager.eLock is set to UNKNOWN_LOCK when this function is 1076 ** called, do not modify it unless the new locking state is EXCLUSIVE_LOCK. 1077 ** See the comment above the #define of UNKNOWN_LOCK for an explanation 1078 ** of this. 1079 */ 1080 static int pagerLockDb(Pager *pPager, int eLock){ 1081 int rc = SQLITE_OK; 1082 1083 assert( eLock==SHARED_LOCK || eLock==RESERVED_LOCK || eLock==EXCLUSIVE_LOCK ); 1084 if( pPager->eLock<eLock || pPager->eLock==UNKNOWN_LOCK ){ 1085 rc = sqlite3OsLock(pPager->fd, eLock); 1086 if( rc==SQLITE_OK && (pPager->eLock!=UNKNOWN_LOCK||eLock==EXCLUSIVE_LOCK) ){ 1087 pPager->eLock = (u8)eLock; 1088 IOTRACE(("LOCK %p %d\n", pPager, eLock)) 1089 } 1090 } 1091 return rc; 1092 } 1093 1094 /* 1095 ** This function determines whether or not the atomic-write optimization 1096 ** can be used with this pager. The optimization can be used if: 1097 ** 1098 ** (a) the value returned by OsDeviceCharacteristics() indicates that 1099 ** a database page may be written atomically, and 1100 ** (b) the value returned by OsSectorSize() is less than or equal 1101 ** to the page size. 1102 ** 1103 ** The optimization is also always enabled for temporary files. It is 1104 ** an error to call this function if pPager is opened on an in-memory 1105 ** database. 1106 ** 1107 ** If the optimization cannot be used, 0 is returned. If it can be used, 1108 ** then the value returned is the size of the journal file when it 1109 ** contains rollback data for exactly one page. 1110 */ 1111 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 1112 static int jrnlBufferSize(Pager *pPager){ 1113 assert( !MEMDB ); 1114 if( !pPager->tempFile ){ 1115 int dc; /* Device characteristics */ 1116 int nSector; /* Sector size */ 1117 int szPage; /* Page size */ 1118 1119 assert( isOpen(pPager->fd) ); 1120 dc = sqlite3OsDeviceCharacteristics(pPager->fd); 1121 nSector = pPager->sectorSize; 1122 szPage = pPager->pageSize; 1123 1124 assert(SQLITE_IOCAP_ATOMIC512==(512>>8)); 1125 assert(SQLITE_IOCAP_ATOMIC64K==(65536>>8)); 1126 if( 0==(dc&(SQLITE_IOCAP_ATOMIC|(szPage>>8)) || nSector>szPage) ){ 1127 return 0; 1128 } 1129 } 1130 1131 return JOURNAL_HDR_SZ(pPager) + JOURNAL_PG_SZ(pPager); 1132 } 1133 #endif 1134 1135 /* 1136 ** If SQLITE_CHECK_PAGES is defined then we do some sanity checking 1137 ** on the cache using a hash function. This is used for testing 1138 ** and debugging only. 1139 */ 1140 #ifdef SQLITE_CHECK_PAGES 1141 /* 1142 ** Return a 32-bit hash of the page data for pPage. 1143 */ 1144 static u32 pager_datahash(int nByte, unsigned char *pData){ 1145 u32 hash = 0; 1146 int i; 1147 for(i=0; i<nByte; i++){ 1148 hash = (hash*1039) + pData[i]; 1149 } 1150 return hash; 1151 } 1152 static u32 pager_pagehash(PgHdr *pPage){ 1153 return pager_datahash(pPage->pPager->pageSize, (unsigned char *)pPage->pData); 1154 } 1155 static void pager_set_pagehash(PgHdr *pPage){ 1156 pPage->pageHash = pager_pagehash(pPage); 1157 } 1158 1159 /* 1160 ** The CHECK_PAGE macro takes a PgHdr* as an argument. If SQLITE_CHECK_PAGES 1161 ** is defined, and NDEBUG is not defined, an assert() statement checks 1162 ** that the page is either dirty or still matches the calculated page-hash. 1163 */ 1164 #define CHECK_PAGE(x) checkPage(x) 1165 static void checkPage(PgHdr *pPg){ 1166 Pager *pPager = pPg->pPager; 1167 assert( pPager->eState!=PAGER_ERROR ); 1168 assert( (pPg->flags&PGHDR_DIRTY) || pPg->pageHash==pager_pagehash(pPg) ); 1169 } 1170 1171 #else 1172 #define pager_datahash(X,Y) 0 1173 #define pager_pagehash(X) 0 1174 #define pager_set_pagehash(X) 1175 #define CHECK_PAGE(x) 1176 #endif /* SQLITE_CHECK_PAGES */ 1177 1178 /* 1179 ** When this is called the journal file for pager pPager must be open. 1180 ** This function attempts to read a master journal file name from the 1181 ** end of the file and, if successful, copies it into memory supplied 1182 ** by the caller. See comments above writeMasterJournal() for the format 1183 ** used to store a master journal file name at the end of a journal file. 1184 ** 1185 ** zMaster must point to a buffer of at least nMaster bytes allocated by 1186 ** the caller. This should be sqlite3_vfs.mxPathname+1 (to ensure there is 1187 ** enough space to write the master journal name). If the master journal 1188 ** name in the journal is longer than nMaster bytes (including a 1189 ** nul-terminator), then this is handled as if no master journal name 1190 ** were present in the journal. 1191 ** 1192 ** If a master journal file name is present at the end of the journal 1193 ** file, then it is copied into the buffer pointed to by zMaster. A 1194 ** nul-terminator byte is appended to the buffer following the master 1195 ** journal file name. 1196 ** 1197 ** If it is determined that no master journal file name is present 1198 ** zMaster[0] is set to 0 and SQLITE_OK returned. 1199 ** 1200 ** If an error occurs while reading from the journal file, an SQLite 1201 ** error code is returned. 1202 */ 1203 static int readMasterJournal(sqlite3_file *pJrnl, char *zMaster, u32 nMaster){ 1204 int rc; /* Return code */ 1205 u32 len; /* Length in bytes of master journal name */ 1206 i64 szJ; /* Total size in bytes of journal file pJrnl */ 1207 u32 cksum; /* MJ checksum value read from journal */ 1208 u32 u; /* Unsigned loop counter */ 1209 unsigned char aMagic[8]; /* A buffer to hold the magic header */ 1210 zMaster[0] = '\0'; 1211 1212 if( SQLITE_OK!=(rc = sqlite3OsFileSize(pJrnl, &szJ)) 1213 || szJ<16 1214 || SQLITE_OK!=(rc = read32bits(pJrnl, szJ-16, &len)) 1215 || len>=nMaster 1216 || SQLITE_OK!=(rc = read32bits(pJrnl, szJ-12, &cksum)) 1217 || SQLITE_OK!=(rc = sqlite3OsRead(pJrnl, aMagic, 8, szJ-8)) 1218 || memcmp(aMagic, aJournalMagic, 8) 1219 || SQLITE_OK!=(rc = sqlite3OsRead(pJrnl, zMaster, len, szJ-16-len)) 1220 ){ 1221 return rc; 1222 } 1223 1224 /* See if the checksum matches the master journal name */ 1225 for(u=0; u<len; u++){ 1226 cksum -= zMaster[u]; 1227 } 1228 if( cksum ){ 1229 /* If the checksum doesn't add up, then one or more of the disk sectors 1230 ** containing the master journal filename is corrupted. This means 1231 ** definitely roll back, so just return SQLITE_OK and report a (nul) 1232 ** master-journal filename. 1233 */ 1234 len = 0; 1235 } 1236 zMaster[len] = '\0'; 1237 1238 return SQLITE_OK; 1239 } 1240 1241 /* 1242 ** Return the offset of the sector boundary at or immediately 1243 ** following the value in pPager->journalOff, assuming a sector 1244 ** size of pPager->sectorSize bytes. 1245 ** 1246 ** i.e for a sector size of 512: 1247 ** 1248 ** Pager.journalOff Return value 1249 ** --------------------------------------- 1250 ** 0 0 1251 ** 512 512 1252 ** 100 512 1253 ** 2000 2048 1254 ** 1255 */ 1256 static i64 journalHdrOffset(Pager *pPager){ 1257 i64 offset = 0; 1258 i64 c = pPager->journalOff; 1259 if( c ){ 1260 offset = ((c-1)/JOURNAL_HDR_SZ(pPager) + 1) * JOURNAL_HDR_SZ(pPager); 1261 } 1262 assert( offset%JOURNAL_HDR_SZ(pPager)==0 ); 1263 assert( offset>=c ); 1264 assert( (offset-c)<JOURNAL_HDR_SZ(pPager) ); 1265 return offset; 1266 } 1267 1268 /* 1269 ** The journal file must be open when this function is called. 1270 ** 1271 ** This function is a no-op if the journal file has not been written to 1272 ** within the current transaction (i.e. if Pager.journalOff==0). 1273 ** 1274 ** If doTruncate is non-zero or the Pager.journalSizeLimit variable is 1275 ** set to 0, then truncate the journal file to zero bytes in size. Otherwise, 1276 ** zero the 28-byte header at the start of the journal file. In either case, 1277 ** if the pager is not in no-sync mode, sync the journal file immediately 1278 ** after writing or truncating it. 1279 ** 1280 ** If Pager.journalSizeLimit is set to a positive, non-zero value, and 1281 ** following the truncation or zeroing described above the size of the 1282 ** journal file in bytes is larger than this value, then truncate the 1283 ** journal file to Pager.journalSizeLimit bytes. The journal file does 1284 ** not need to be synced following this operation. 1285 ** 1286 ** If an IO error occurs, abandon processing and return the IO error code. 1287 ** Otherwise, return SQLITE_OK. 1288 */ 1289 static int zeroJournalHdr(Pager *pPager, int doTruncate){ 1290 int rc = SQLITE_OK; /* Return code */ 1291 assert( isOpen(pPager->jfd) ); 1292 if( pPager->journalOff ){ 1293 const i64 iLimit = pPager->journalSizeLimit; /* Local cache of jsl */ 1294 1295 IOTRACE(("JZEROHDR %p\n", pPager)) 1296 if( doTruncate || iLimit==0 ){ 1297 rc = sqlite3OsTruncate(pPager->jfd, 0); 1298 }else{ 1299 static const char zeroHdr[28] = {0}; 1300 rc = sqlite3OsWrite(pPager->jfd, zeroHdr, sizeof(zeroHdr), 0); 1301 } 1302 if( rc==SQLITE_OK && !pPager->noSync ){ 1303 rc = sqlite3OsSync(pPager->jfd, SQLITE_SYNC_DATAONLY|pPager->syncFlags); 1304 } 1305 1306 /* At this point the transaction is committed but the write lock 1307 ** is still held on the file. If there is a size limit configured for 1308 ** the persistent journal and the journal file currently consumes more 1309 ** space than that limit allows for, truncate it now. There is no need 1310 ** to sync the file following this operation. 1311 */ 1312 if( rc==SQLITE_OK && iLimit>0 ){ 1313 i64 sz; 1314 rc = sqlite3OsFileSize(pPager->jfd, &sz); 1315 if( rc==SQLITE_OK && sz>iLimit ){ 1316 rc = sqlite3OsTruncate(pPager->jfd, iLimit); 1317 } 1318 } 1319 } 1320 return rc; 1321 } 1322 1323 /* 1324 ** The journal file must be open when this routine is called. A journal 1325 ** header (JOURNAL_HDR_SZ bytes) is written into the journal file at the 1326 ** current location. 1327 ** 1328 ** The format for the journal header is as follows: 1329 ** - 8 bytes: Magic identifying journal format. 1330 ** - 4 bytes: Number of records in journal, or -1 no-sync mode is on. 1331 ** - 4 bytes: Random number used for page hash. 1332 ** - 4 bytes: Initial database page count. 1333 ** - 4 bytes: Sector size used by the process that wrote this journal. 1334 ** - 4 bytes: Database page size. 1335 ** 1336 ** Followed by (JOURNAL_HDR_SZ - 28) bytes of unused space. 1337 */ 1338 static int writeJournalHdr(Pager *pPager){ 1339 int rc = SQLITE_OK; /* Return code */ 1340 char *zHeader = pPager->pTmpSpace; /* Temporary space used to build header */ 1341 u32 nHeader = (u32)pPager->pageSize;/* Size of buffer pointed to by zHeader */ 1342 u32 nWrite; /* Bytes of header sector written */ 1343 int ii; /* Loop counter */ 1344 1345 assert( isOpen(pPager->jfd) ); /* Journal file must be open. */ 1346 1347 if( nHeader>JOURNAL_HDR_SZ(pPager) ){ 1348 nHeader = JOURNAL_HDR_SZ(pPager); 1349 } 1350 1351 /* If there are active savepoints and any of them were created 1352 ** since the most recent journal header was written, update the 1353 ** PagerSavepoint.iHdrOffset fields now. 1354 */ 1355 for(ii=0; ii<pPager->nSavepoint; ii++){ 1356 if( pPager->aSavepoint[ii].iHdrOffset==0 ){ 1357 pPager->aSavepoint[ii].iHdrOffset = pPager->journalOff; 1358 } 1359 } 1360 1361 pPager->journalHdr = pPager->journalOff = journalHdrOffset(pPager); 1362 1363 /* 1364 ** Write the nRec Field - the number of page records that follow this 1365 ** journal header. Normally, zero is written to this value at this time. 1366 ** After the records are added to the journal (and the journal synced, 1367 ** if in full-sync mode), the zero is overwritten with the true number 1368 ** of records (see syncJournal()). 1369 ** 1370 ** A faster alternative is to write 0xFFFFFFFF to the nRec field. When 1371 ** reading the journal this value tells SQLite to assume that the 1372 ** rest of the journal file contains valid page records. This assumption 1373 ** is dangerous, as if a failure occurred whilst writing to the journal 1374 ** file it may contain some garbage data. There are two scenarios 1375 ** where this risk can be ignored: 1376 ** 1377 ** * When the pager is in no-sync mode. Corruption can follow a 1378 ** power failure in this case anyway. 1379 ** 1380 ** * When the SQLITE_IOCAP_SAFE_APPEND flag is set. This guarantees 1381 ** that garbage data is never appended to the journal file. 1382 */ 1383 assert( isOpen(pPager->fd) || pPager->noSync ); 1384 if( pPager->noSync || (pPager->journalMode==PAGER_JOURNALMODE_MEMORY) 1385 || (sqlite3OsDeviceCharacteristics(pPager->fd)&SQLITE_IOCAP_SAFE_APPEND) 1386 ){ 1387 memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic)); 1388 put32bits(&zHeader[sizeof(aJournalMagic)], 0xffffffff); 1389 }else{ 1390 memset(zHeader, 0, sizeof(aJournalMagic)+4); 1391 } 1392 1393 /* The random check-hash initialiser */ 1394 sqlite3_randomness(sizeof(pPager->cksumInit), &pPager->cksumInit); 1395 put32bits(&zHeader[sizeof(aJournalMagic)+4], pPager->cksumInit); 1396 /* The initial database size */ 1397 put32bits(&zHeader[sizeof(aJournalMagic)+8], pPager->dbOrigSize); 1398 /* The assumed sector size for this process */ 1399 put32bits(&zHeader[sizeof(aJournalMagic)+12], pPager->sectorSize); 1400 1401 /* The page size */ 1402 put32bits(&zHeader[sizeof(aJournalMagic)+16], pPager->pageSize); 1403 1404 /* Initializing the tail of the buffer is not necessary. Everything 1405 ** works find if the following memset() is omitted. But initializing 1406 ** the memory prevents valgrind from complaining, so we are willing to 1407 ** take the performance hit. 1408 */ 1409 memset(&zHeader[sizeof(aJournalMagic)+20], 0, 1410 nHeader-(sizeof(aJournalMagic)+20)); 1411 1412 /* In theory, it is only necessary to write the 28 bytes that the 1413 ** journal header consumes to the journal file here. Then increment the 1414 ** Pager.journalOff variable by JOURNAL_HDR_SZ so that the next 1415 ** record is written to the following sector (leaving a gap in the file 1416 ** that will be implicitly filled in by the OS). 1417 ** 1418 ** However it has been discovered that on some systems this pattern can 1419 ** be significantly slower than contiguously writing data to the file, 1420 ** even if that means explicitly writing data to the block of 1421 ** (JOURNAL_HDR_SZ - 28) bytes that will not be used. So that is what 1422 ** is done. 1423 ** 1424 ** The loop is required here in case the sector-size is larger than the 1425 ** database page size. Since the zHeader buffer is only Pager.pageSize 1426 ** bytes in size, more than one call to sqlite3OsWrite() may be required 1427 ** to populate the entire journal header sector. 1428 */ 1429 for(nWrite=0; rc==SQLITE_OK&&nWrite<JOURNAL_HDR_SZ(pPager); nWrite+=nHeader){ 1430 IOTRACE(("JHDR %p %lld %d\n", pPager, pPager->journalHdr, nHeader)) 1431 rc = sqlite3OsWrite(pPager->jfd, zHeader, nHeader, pPager->journalOff); 1432 assert( pPager->journalHdr <= pPager->journalOff ); 1433 pPager->journalOff += nHeader; 1434 } 1435 1436 return rc; 1437 } 1438 1439 /* 1440 ** The journal file must be open when this is called. A journal header file 1441 ** (JOURNAL_HDR_SZ bytes) is read from the current location in the journal 1442 ** file. The current location in the journal file is given by 1443 ** pPager->journalOff. See comments above function writeJournalHdr() for 1444 ** a description of the journal header format. 1445 ** 1446 ** If the header is read successfully, *pNRec is set to the number of 1447 ** page records following this header and *pDbSize is set to the size of the 1448 ** database before the transaction began, in pages. Also, pPager->cksumInit 1449 ** is set to the value read from the journal header. SQLITE_OK is returned 1450 ** in this case. 1451 ** 1452 ** If the journal header file appears to be corrupted, SQLITE_DONE is 1453 ** returned and *pNRec and *PDbSize are undefined. If JOURNAL_HDR_SZ bytes 1454 ** cannot be read from the journal file an error code is returned. 1455 */ 1456 static int readJournalHdr( 1457 Pager *pPager, /* Pager object */ 1458 int isHot, 1459 i64 journalSize, /* Size of the open journal file in bytes */ 1460 u32 *pNRec, /* OUT: Value read from the nRec field */ 1461 u32 *pDbSize /* OUT: Value of original database size field */ 1462 ){ 1463 int rc; /* Return code */ 1464 unsigned char aMagic[8]; /* A buffer to hold the magic header */ 1465 i64 iHdrOff; /* Offset of journal header being read */ 1466 1467 assert( isOpen(pPager->jfd) ); /* Journal file must be open. */ 1468 1469 /* Advance Pager.journalOff to the start of the next sector. If the 1470 ** journal file is too small for there to be a header stored at this 1471 ** point, return SQLITE_DONE. 1472 */ 1473 pPager->journalOff = journalHdrOffset(pPager); 1474 if( pPager->journalOff+JOURNAL_HDR_SZ(pPager) > journalSize ){ 1475 return SQLITE_DONE; 1476 } 1477 iHdrOff = pPager->journalOff; 1478 1479 /* Read in the first 8 bytes of the journal header. If they do not match 1480 ** the magic string found at the start of each journal header, return 1481 ** SQLITE_DONE. If an IO error occurs, return an error code. Otherwise, 1482 ** proceed. 1483 */ 1484 if( isHot || iHdrOff!=pPager->journalHdr ){ 1485 rc = sqlite3OsRead(pPager->jfd, aMagic, sizeof(aMagic), iHdrOff); 1486 if( rc ){ 1487 return rc; 1488 } 1489 if( memcmp(aMagic, aJournalMagic, sizeof(aMagic))!=0 ){ 1490 return SQLITE_DONE; 1491 } 1492 } 1493 1494 /* Read the first three 32-bit fields of the journal header: The nRec 1495 ** field, the checksum-initializer and the database size at the start 1496 ** of the transaction. Return an error code if anything goes wrong. 1497 */ 1498 if( SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+8, pNRec)) 1499 || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+12, &pPager->cksumInit)) 1500 || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+16, pDbSize)) 1501 ){ 1502 return rc; 1503 } 1504 1505 if( pPager->journalOff==0 ){ 1506 u32 iPageSize; /* Page-size field of journal header */ 1507 u32 iSectorSize; /* Sector-size field of journal header */ 1508 1509 /* Read the page-size and sector-size journal header fields. */ 1510 if( SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+20, &iSectorSize)) 1511 || SQLITE_OK!=(rc = read32bits(pPager->jfd, iHdrOff+24, &iPageSize)) 1512 ){ 1513 return rc; 1514 } 1515 1516 /* Versions of SQLite prior to 3.5.8 set the page-size field of the 1517 ** journal header to zero. In this case, assume that the Pager.pageSize 1518 ** variable is already set to the correct page size. 1519 */ 1520 if( iPageSize==0 ){ 1521 iPageSize = pPager->pageSize; 1522 } 1523 1524 /* Check that the values read from the page-size and sector-size fields 1525 ** are within range. To be 'in range', both values need to be a power 1526 ** of two greater than or equal to 512 or 32, and not greater than their 1527 ** respective compile time maximum limits. 1528 */ 1529 if( iPageSize<512 || iSectorSize<32 1530 || iPageSize>SQLITE_MAX_PAGE_SIZE || iSectorSize>MAX_SECTOR_SIZE 1531 || ((iPageSize-1)&iPageSize)!=0 || ((iSectorSize-1)&iSectorSize)!=0 1532 ){ 1533 /* If the either the page-size or sector-size in the journal-header is 1534 ** invalid, then the process that wrote the journal-header must have 1535 ** crashed before the header was synced. In this case stop reading 1536 ** the journal file here. 1537 */ 1538 return SQLITE_DONE; 1539 } 1540 1541 /* Update the page-size to match the value read from the journal. 1542 ** Use a testcase() macro to make sure that malloc failure within 1543 ** PagerSetPagesize() is tested. 1544 */ 1545 rc = sqlite3PagerSetPagesize(pPager, &iPageSize, -1); 1546 testcase( rc!=SQLITE_OK ); 1547 1548 /* Update the assumed sector-size to match the value used by 1549 ** the process that created this journal. If this journal was 1550 ** created by a process other than this one, then this routine 1551 ** is being called from within pager_playback(). The local value 1552 ** of Pager.sectorSize is restored at the end of that routine. 1553 */ 1554 pPager->sectorSize = iSectorSize; 1555 } 1556 1557 pPager->journalOff += JOURNAL_HDR_SZ(pPager); 1558 return rc; 1559 } 1560 1561 1562 /* 1563 ** Write the supplied master journal name into the journal file for pager 1564 ** pPager at the current location. The master journal name must be the last 1565 ** thing written to a journal file. If the pager is in full-sync mode, the 1566 ** journal file descriptor is advanced to the next sector boundary before 1567 ** anything is written. The format is: 1568 ** 1569 ** + 4 bytes: PAGER_MJ_PGNO. 1570 ** + N bytes: Master journal filename in utf-8. 1571 ** + 4 bytes: N (length of master journal name in bytes, no nul-terminator). 1572 ** + 4 bytes: Master journal name checksum. 1573 ** + 8 bytes: aJournalMagic[]. 1574 ** 1575 ** The master journal page checksum is the sum of the bytes in the master 1576 ** journal name, where each byte is interpreted as a signed 8-bit integer. 1577 ** 1578 ** If zMaster is a NULL pointer (occurs for a single database transaction), 1579 ** this call is a no-op. 1580 */ 1581 static int writeMasterJournal(Pager *pPager, const char *zMaster){ 1582 int rc; /* Return code */ 1583 int nMaster; /* Length of string zMaster */ 1584 i64 iHdrOff; /* Offset of header in journal file */ 1585 i64 jrnlSize; /* Size of journal file on disk */ 1586 u32 cksum = 0; /* Checksum of string zMaster */ 1587 1588 assert( pPager->setMaster==0 ); 1589 assert( !pagerUseWal(pPager) ); 1590 1591 if( !zMaster 1592 || pPager->journalMode==PAGER_JOURNALMODE_MEMORY 1593 || pPager->journalMode==PAGER_JOURNALMODE_OFF 1594 ){ 1595 return SQLITE_OK; 1596 } 1597 pPager->setMaster = 1; 1598 assert( isOpen(pPager->jfd) ); 1599 assert( pPager->journalHdr <= pPager->journalOff ); 1600 1601 /* Calculate the length in bytes and the checksum of zMaster */ 1602 for(nMaster=0; zMaster[nMaster]; nMaster++){ 1603 cksum += zMaster[nMaster]; 1604 } 1605 1606 /* If in full-sync mode, advance to the next disk sector before writing 1607 ** the master journal name. This is in case the previous page written to 1608 ** the journal has already been synced. 1609 */ 1610 if( pPager->fullSync ){ 1611 pPager->journalOff = journalHdrOffset(pPager); 1612 } 1613 iHdrOff = pPager->journalOff; 1614 1615 /* Write the master journal data to the end of the journal file. If 1616 ** an error occurs, return the error code to the caller. 1617 */ 1618 if( (0 != (rc = write32bits(pPager->jfd, iHdrOff, PAGER_MJ_PGNO(pPager)))) 1619 || (0 != (rc = sqlite3OsWrite(pPager->jfd, zMaster, nMaster, iHdrOff+4))) 1620 || (0 != (rc = write32bits(pPager->jfd, iHdrOff+4+nMaster, nMaster))) 1621 || (0 != (rc = write32bits(pPager->jfd, iHdrOff+4+nMaster+4, cksum))) 1622 || (0 != (rc = sqlite3OsWrite(pPager->jfd, aJournalMagic, 8, iHdrOff+4+nMaster+8))) 1623 ){ 1624 return rc; 1625 } 1626 pPager->journalOff += (nMaster+20); 1627 1628 /* If the pager is in peristent-journal mode, then the physical 1629 ** journal-file may extend past the end of the master-journal name 1630 ** and 8 bytes of magic data just written to the file. This is 1631 ** dangerous because the code to rollback a hot-journal file 1632 ** will not be able to find the master-journal name to determine 1633 ** whether or not the journal is hot. 1634 ** 1635 ** Easiest thing to do in this scenario is to truncate the journal 1636 ** file to the required size. 1637 */ 1638 if( SQLITE_OK==(rc = sqlite3OsFileSize(pPager->jfd, &jrnlSize)) 1639 && jrnlSize>pPager->journalOff 1640 ){ 1641 rc = sqlite3OsTruncate(pPager->jfd, pPager->journalOff); 1642 } 1643 return rc; 1644 } 1645 1646 /* 1647 ** Find a page in the hash table given its page number. Return 1648 ** a pointer to the page or NULL if the requested page is not 1649 ** already in memory. 1650 */ 1651 static PgHdr *pager_lookup(Pager *pPager, Pgno pgno){ 1652 PgHdr *p; /* Return value */ 1653 1654 /* It is not possible for a call to PcacheFetch() with createFlag==0 to 1655 ** fail, since no attempt to allocate dynamic memory will be made. 1656 */ 1657 (void)sqlite3PcacheFetch(pPager->pPCache, pgno, 0, &p); 1658 return p; 1659 } 1660 1661 /* 1662 ** Discard the entire contents of the in-memory page-cache. 1663 */ 1664 static void pager_reset(Pager *pPager){ 1665 sqlite3BackupRestart(pPager->pBackup); 1666 sqlite3PcacheClear(pPager->pPCache); 1667 } 1668 1669 /* 1670 ** Free all structures in the Pager.aSavepoint[] array and set both 1671 ** Pager.aSavepoint and Pager.nSavepoint to zero. Close the sub-journal 1672 ** if it is open and the pager is not in exclusive mode. 1673 */ 1674 static void releaseAllSavepoints(Pager *pPager){ 1675 int ii; /* Iterator for looping through Pager.aSavepoint */ 1676 for(ii=0; ii<pPager->nSavepoint; ii++){ 1677 sqlite3BitvecDestroy(pPager->aSavepoint[ii].pInSavepoint); 1678 } 1679 if( !pPager->exclusiveMode || sqlite3IsMemJournal(pPager->sjfd) ){ 1680 sqlite3OsClose(pPager->sjfd); 1681 } 1682 sqlite3_free(pPager->aSavepoint); 1683 pPager->aSavepoint = 0; 1684 pPager->nSavepoint = 0; 1685 pPager->nSubRec = 0; 1686 } 1687 1688 /* 1689 ** Set the bit number pgno in the PagerSavepoint.pInSavepoint 1690 ** bitvecs of all open savepoints. Return SQLITE_OK if successful 1691 ** or SQLITE_NOMEM if a malloc failure occurs. 1692 */ 1693 static int addToSavepointBitvecs(Pager *pPager, Pgno pgno){ 1694 int ii; /* Loop counter */ 1695 int rc = SQLITE_OK; /* Result code */ 1696 1697 for(ii=0; ii<pPager->nSavepoint; ii++){ 1698 PagerSavepoint *p = &pPager->aSavepoint[ii]; 1699 if( pgno<=p->nOrig ){ 1700 rc |= sqlite3BitvecSet(p->pInSavepoint, pgno); 1701 testcase( rc==SQLITE_NOMEM ); 1702 assert( rc==SQLITE_OK || rc==SQLITE_NOMEM ); 1703 } 1704 } 1705 return rc; 1706 } 1707 1708 /* 1709 ** This function is a no-op if the pager is in exclusive mode and not 1710 ** in the ERROR state. Otherwise, it switches the pager to PAGER_OPEN 1711 ** state. 1712 ** 1713 ** If the pager is not in exclusive-access mode, the database file is 1714 ** completely unlocked. If the file is unlocked and the file-system does 1715 ** not exhibit the UNDELETABLE_WHEN_OPEN property, the journal file is 1716 ** closed (if it is open). 1717 ** 1718 ** If the pager is in ERROR state when this function is called, the 1719 ** contents of the pager cache are discarded before switching back to 1720 ** the OPEN state. Regardless of whether the pager is in exclusive-mode 1721 ** or not, any journal file left in the file-system will be treated 1722 ** as a hot-journal and rolled back the next time a read-transaction 1723 ** is opened (by this or by any other connection). 1724 */ 1725 static void pager_unlock(Pager *pPager){ 1726 1727 assert( pPager->eState==PAGER_READER 1728 || pPager->eState==PAGER_OPEN 1729 || pPager->eState==PAGER_ERROR 1730 ); 1731 1732 sqlite3BitvecDestroy(pPager->pInJournal); 1733 pPager->pInJournal = 0; 1734 releaseAllSavepoints(pPager); 1735 1736 if( pagerUseWal(pPager) ){ 1737 assert( !isOpen(pPager->jfd) ); 1738 sqlite3WalEndReadTransaction(pPager->pWal); 1739 pPager->eState = PAGER_OPEN; 1740 }else if( !pPager->exclusiveMode ){ 1741 int rc; /* Error code returned by pagerUnlockDb() */ 1742 int iDc = isOpen(pPager->fd)?sqlite3OsDeviceCharacteristics(pPager->fd):0; 1743 1744 /* If the operating system support deletion of open files, then 1745 ** close the journal file when dropping the database lock. Otherwise 1746 ** another connection with journal_mode=delete might delete the file 1747 ** out from under us. 1748 */ 1749 assert( (PAGER_JOURNALMODE_MEMORY & 5)!=1 ); 1750 assert( (PAGER_JOURNALMODE_OFF & 5)!=1 ); 1751 assert( (PAGER_JOURNALMODE_WAL & 5)!=1 ); 1752 assert( (PAGER_JOURNALMODE_DELETE & 5)!=1 ); 1753 assert( (PAGER_JOURNALMODE_TRUNCATE & 5)==1 ); 1754 assert( (PAGER_JOURNALMODE_PERSIST & 5)==1 ); 1755 if( 0==(iDc & SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN) 1756 || 1!=(pPager->journalMode & 5) 1757 ){ 1758 sqlite3OsClose(pPager->jfd); 1759 } 1760 1761 /* If the pager is in the ERROR state and the call to unlock the database 1762 ** file fails, set the current lock to UNKNOWN_LOCK. See the comment 1763 ** above the #define for UNKNOWN_LOCK for an explanation of why this 1764 ** is necessary. 1765 */ 1766 rc = pagerUnlockDb(pPager, NO_LOCK); 1767 if( rc!=SQLITE_OK && pPager->eState==PAGER_ERROR ){ 1768 pPager->eLock = UNKNOWN_LOCK; 1769 } 1770 1771 /* The pager state may be changed from PAGER_ERROR to PAGER_OPEN here 1772 ** without clearing the error code. This is intentional - the error 1773 ** code is cleared and the cache reset in the block below. 1774 */ 1775 assert( pPager->errCode || pPager->eState!=PAGER_ERROR ); 1776 pPager->changeCountDone = 0; 1777 pPager->eState = PAGER_OPEN; 1778 } 1779 1780 /* If Pager.errCode is set, the contents of the pager cache cannot be 1781 ** trusted. Now that there are no outstanding references to the pager, 1782 ** it can safely move back to PAGER_OPEN state. This happens in both 1783 ** normal and exclusive-locking mode. 1784 */ 1785 if( pPager->errCode ){ 1786 assert( !MEMDB ); 1787 pager_reset(pPager); 1788 pPager->changeCountDone = pPager->tempFile; 1789 pPager->eState = PAGER_OPEN; 1790 pPager->errCode = SQLITE_OK; 1791 } 1792 1793 pPager->journalOff = 0; 1794 pPager->journalHdr = 0; 1795 pPager->setMaster = 0; 1796 } 1797 1798 /* 1799 ** This function is called whenever an IOERR or FULL error that requires 1800 ** the pager to transition into the ERROR state may ahve occurred. 1801 ** The first argument is a pointer to the pager structure, the second 1802 ** the error-code about to be returned by a pager API function. The 1803 ** value returned is a copy of the second argument to this function. 1804 ** 1805 ** If the second argument is SQLITE_FULL, SQLITE_IOERR or one of the 1806 ** IOERR sub-codes, the pager enters the ERROR state and the error code 1807 ** is stored in Pager.errCode. While the pager remains in the ERROR state, 1808 ** all major API calls on the Pager will immediately return Pager.errCode. 1809 ** 1810 ** The ERROR state indicates that the contents of the pager-cache 1811 ** cannot be trusted. This state can be cleared by completely discarding 1812 ** the contents of the pager-cache. If a transaction was active when 1813 ** the persistent error occurred, then the rollback journal may need 1814 ** to be replayed to restore the contents of the database file (as if 1815 ** it were a hot-journal). 1816 */ 1817 static int pager_error(Pager *pPager, int rc){ 1818 int rc2 = rc & 0xff; 1819 assert( rc==SQLITE_OK || !MEMDB ); 1820 assert( 1821 pPager->errCode==SQLITE_FULL || 1822 pPager->errCode==SQLITE_OK || 1823 (pPager->errCode & 0xff)==SQLITE_IOERR 1824 ); 1825 if( rc2==SQLITE_FULL || rc2==SQLITE_IOERR ){ 1826 pPager->errCode = rc; 1827 pPager->eState = PAGER_ERROR; 1828 } 1829 return rc; 1830 } 1831 1832 /* 1833 ** This routine ends a transaction. A transaction is usually ended by 1834 ** either a COMMIT or a ROLLBACK operation. This routine may be called 1835 ** after rollback of a hot-journal, or if an error occurs while opening 1836 ** the journal file or writing the very first journal-header of a 1837 ** database transaction. 1838 ** 1839 ** This routine is never called in PAGER_ERROR state. If it is called 1840 ** in PAGER_NONE or PAGER_SHARED state and the lock held is less 1841 ** exclusive than a RESERVED lock, it is a no-op. 1842 ** 1843 ** Otherwise, any active savepoints are released. 1844 ** 1845 ** If the journal file is open, then it is "finalized". Once a journal 1846 ** file has been finalized it is not possible to use it to roll back a 1847 ** transaction. Nor will it be considered to be a hot-journal by this 1848 ** or any other database connection. Exactly how a journal is finalized 1849 ** depends on whether or not the pager is running in exclusive mode and 1850 ** the current journal-mode (Pager.journalMode value), as follows: 1851 ** 1852 ** journalMode==MEMORY 1853 ** Journal file descriptor is simply closed. This destroys an 1854 ** in-memory journal. 1855 ** 1856 ** journalMode==TRUNCATE 1857 ** Journal file is truncated to zero bytes in size. 1858 ** 1859 ** journalMode==PERSIST 1860 ** The first 28 bytes of the journal file are zeroed. This invalidates 1861 ** the first journal header in the file, and hence the entire journal 1862 ** file. An invalid journal file cannot be rolled back. 1863 ** 1864 ** journalMode==DELETE 1865 ** The journal file is closed and deleted using sqlite3OsDelete(). 1866 ** 1867 ** If the pager is running in exclusive mode, this method of finalizing 1868 ** the journal file is never used. Instead, if the journalMode is 1869 ** DELETE and the pager is in exclusive mode, the method described under 1870 ** journalMode==PERSIST is used instead. 1871 ** 1872 ** After the journal is finalized, the pager moves to PAGER_READER state. 1873 ** If running in non-exclusive rollback mode, the lock on the file is 1874 ** downgraded to a SHARED_LOCK. 1875 ** 1876 ** SQLITE_OK is returned if no error occurs. If an error occurs during 1877 ** any of the IO operations to finalize the journal file or unlock the 1878 ** database then the IO error code is returned to the user. If the 1879 ** operation to finalize the journal file fails, then the code still 1880 ** tries to unlock the database file if not in exclusive mode. If the 1881 ** unlock operation fails as well, then the first error code related 1882 ** to the first error encountered (the journal finalization one) is 1883 ** returned. 1884 */ 1885 static int pager_end_transaction(Pager *pPager, int hasMaster){ 1886 int rc = SQLITE_OK; /* Error code from journal finalization operation */ 1887 int rc2 = SQLITE_OK; /* Error code from db file unlock operation */ 1888 1889 /* Do nothing if the pager does not have an open write transaction 1890 ** or at least a RESERVED lock. This function may be called when there 1891 ** is no write-transaction active but a RESERVED or greater lock is 1892 ** held under two circumstances: 1893 ** 1894 ** 1. After a successful hot-journal rollback, it is called with 1895 ** eState==PAGER_NONE and eLock==EXCLUSIVE_LOCK. 1896 ** 1897 ** 2. If a connection with locking_mode=exclusive holding an EXCLUSIVE 1898 ** lock switches back to locking_mode=normal and then executes a 1899 ** read-transaction, this function is called with eState==PAGER_READER 1900 ** and eLock==EXCLUSIVE_LOCK when the read-transaction is closed. 1901 */ 1902 assert( assert_pager_state(pPager) ); 1903 assert( pPager->eState!=PAGER_ERROR ); 1904 if( pPager->eState<PAGER_WRITER_LOCKED && pPager->eLock<RESERVED_LOCK ){ 1905 return SQLITE_OK; 1906 } 1907 1908 releaseAllSavepoints(pPager); 1909 assert( isOpen(pPager->jfd) || pPager->pInJournal==0 ); 1910 if( isOpen(pPager->jfd) ){ 1911 assert( !pagerUseWal(pPager) ); 1912 1913 /* Finalize the journal file. */ 1914 if( sqlite3IsMemJournal(pPager->jfd) ){ 1915 assert( pPager->journalMode==PAGER_JOURNALMODE_MEMORY ); 1916 sqlite3OsClose(pPager->jfd); 1917 }else if( pPager->journalMode==PAGER_JOURNALMODE_TRUNCATE ){ 1918 if( pPager->journalOff==0 ){ 1919 rc = SQLITE_OK; 1920 }else{ 1921 rc = sqlite3OsTruncate(pPager->jfd, 0); 1922 } 1923 pPager->journalOff = 0; 1924 }else if( pPager->journalMode==PAGER_JOURNALMODE_PERSIST 1925 || (pPager->exclusiveMode && pPager->journalMode!=PAGER_JOURNALMODE_WAL) 1926 ){ 1927 rc = zeroJournalHdr(pPager, hasMaster); 1928 pPager->journalOff = 0; 1929 }else{ 1930 /* This branch may be executed with Pager.journalMode==MEMORY if 1931 ** a hot-journal was just rolled back. In this case the journal 1932 ** file should be closed and deleted. If this connection writes to 1933 ** the database file, it will do so using an in-memory journal. 1934 */ 1935 assert( pPager->journalMode==PAGER_JOURNALMODE_DELETE 1936 || pPager->journalMode==PAGER_JOURNALMODE_MEMORY 1937 || pPager->journalMode==PAGER_JOURNALMODE_WAL 1938 ); 1939 sqlite3OsClose(pPager->jfd); 1940 if( !pPager->tempFile ){ 1941 rc = sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0); 1942 } 1943 } 1944 } 1945 1946 #ifdef SQLITE_CHECK_PAGES 1947 sqlite3PcacheIterateDirty(pPager->pPCache, pager_set_pagehash); 1948 if( pPager->dbSize==0 && sqlite3PcacheRefCount(pPager->pPCache)>0 ){ 1949 PgHdr *p = pager_lookup(pPager, 1); 1950 if( p ){ 1951 p->pageHash = 0; 1952 sqlite3PagerUnref(p); 1953 } 1954 } 1955 #endif 1956 1957 sqlite3BitvecDestroy(pPager->pInJournal); 1958 pPager->pInJournal = 0; 1959 pPager->nRec = 0; 1960 sqlite3PcacheCleanAll(pPager->pPCache); 1961 sqlite3PcacheTruncate(pPager->pPCache, pPager->dbSize); 1962 1963 if( pagerUseWal(pPager) ){ 1964 /* Drop the WAL write-lock, if any. Also, if the connection was in 1965 ** locking_mode=exclusive mode but is no longer, drop the EXCLUSIVE 1966 ** lock held on the database file. 1967 */ 1968 rc2 = sqlite3WalEndWriteTransaction(pPager->pWal); 1969 assert( rc2==SQLITE_OK ); 1970 } 1971 if( !pPager->exclusiveMode 1972 && (!pagerUseWal(pPager) || sqlite3WalExclusiveMode(pPager->pWal, 0)) 1973 ){ 1974 rc2 = pagerUnlockDb(pPager, SHARED_LOCK); 1975 pPager->changeCountDone = 0; 1976 } 1977 pPager->eState = PAGER_READER; 1978 pPager->setMaster = 0; 1979 1980 return (rc==SQLITE_OK?rc2:rc); 1981 } 1982 1983 /* 1984 ** Execute a rollback if a transaction is active and unlock the 1985 ** database file. 1986 ** 1987 ** If the pager has already entered the ERROR state, do not attempt 1988 ** the rollback at this time. Instead, pager_unlock() is called. The 1989 ** call to pager_unlock() will discard all in-memory pages, unlock 1990 ** the database file and move the pager back to OPEN state. If this 1991 ** means that there is a hot-journal left in the file-system, the next 1992 ** connection to obtain a shared lock on the pager (which may be this one) 1993 ** will roll it back. 1994 ** 1995 ** If the pager has not already entered the ERROR state, but an IO or 1996 ** malloc error occurs during a rollback, then this will itself cause 1997 ** the pager to enter the ERROR state. Which will be cleared by the 1998 ** call to pager_unlock(), as described above. 1999 */ 2000 static void pagerUnlockAndRollback(Pager *pPager){ 2001 if( pPager->eState!=PAGER_ERROR && pPager->eState!=PAGER_OPEN ){ 2002 assert( assert_pager_state(pPager) ); 2003 if( pPager->eState>=PAGER_WRITER_LOCKED ){ 2004 sqlite3BeginBenignMalloc(); 2005 sqlite3PagerRollback(pPager); 2006 sqlite3EndBenignMalloc(); 2007 }else if( !pPager->exclusiveMode ){ 2008 assert( pPager->eState==PAGER_READER ); 2009 pager_end_transaction(pPager, 0); 2010 } 2011 } 2012 pager_unlock(pPager); 2013 } 2014 2015 /* 2016 ** Parameter aData must point to a buffer of pPager->pageSize bytes 2017 ** of data. Compute and return a checksum based ont the contents of the 2018 ** page of data and the current value of pPager->cksumInit. 2019 ** 2020 ** This is not a real checksum. It is really just the sum of the 2021 ** random initial value (pPager->cksumInit) and every 200th byte 2022 ** of the page data, starting with byte offset (pPager->pageSize%200). 2023 ** Each byte is interpreted as an 8-bit unsigned integer. 2024 ** 2025 ** Changing the formula used to compute this checksum results in an 2026 ** incompatible journal file format. 2027 ** 2028 ** If journal corruption occurs due to a power failure, the most likely 2029 ** scenario is that one end or the other of the record will be changed. 2030 ** It is much less likely that the two ends of the journal record will be 2031 ** correct and the middle be corrupt. Thus, this "checksum" scheme, 2032 ** though fast and simple, catches the mostly likely kind of corruption. 2033 */ 2034 static u32 pager_cksum(Pager *pPager, const u8 *aData){ 2035 u32 cksum = pPager->cksumInit; /* Checksum value to return */ 2036 int i = pPager->pageSize-200; /* Loop counter */ 2037 while( i>0 ){ 2038 cksum += aData[i]; 2039 i -= 200; 2040 } 2041 return cksum; 2042 } 2043 2044 /* 2045 ** Report the current page size and number of reserved bytes back 2046 ** to the codec. 2047 */ 2048 #ifdef SQLITE_HAS_CODEC 2049 static void pagerReportSize(Pager *pPager){ 2050 if( pPager->xCodecSizeChng ){ 2051 pPager->xCodecSizeChng(pPager->pCodec, pPager->pageSize, 2052 (int)pPager->nReserve); 2053 } 2054 } 2055 #else 2056 # define pagerReportSize(X) /* No-op if we do not support a codec */ 2057 #endif 2058 2059 /* 2060 ** Read a single page from either the journal file (if isMainJrnl==1) or 2061 ** from the sub-journal (if isMainJrnl==0) and playback that page. 2062 ** The page begins at offset *pOffset into the file. The *pOffset 2063 ** value is increased to the start of the next page in the journal. 2064 ** 2065 ** The main rollback journal uses checksums - the statement journal does 2066 ** not. 2067 ** 2068 ** If the page number of the page record read from the (sub-)journal file 2069 ** is greater than the current value of Pager.dbSize, then playback is 2070 ** skipped and SQLITE_OK is returned. 2071 ** 2072 ** If pDone is not NULL, then it is a record of pages that have already 2073 ** been played back. If the page at *pOffset has already been played back 2074 ** (if the corresponding pDone bit is set) then skip the playback. 2075 ** Make sure the pDone bit corresponding to the *pOffset page is set 2076 ** prior to returning. 2077 ** 2078 ** If the page record is successfully read from the (sub-)journal file 2079 ** and played back, then SQLITE_OK is returned. If an IO error occurs 2080 ** while reading the record from the (sub-)journal file or while writing 2081 ** to the database file, then the IO error code is returned. If data 2082 ** is successfully read from the (sub-)journal file but appears to be 2083 ** corrupted, SQLITE_DONE is returned. Data is considered corrupted in 2084 ** two circumstances: 2085 ** 2086 ** * If the record page-number is illegal (0 or PAGER_MJ_PGNO), or 2087 ** * If the record is being rolled back from the main journal file 2088 ** and the checksum field does not match the record content. 2089 ** 2090 ** Neither of these two scenarios are possible during a savepoint rollback. 2091 ** 2092 ** If this is a savepoint rollback, then memory may have to be dynamically 2093 ** allocated by this function. If this is the case and an allocation fails, 2094 ** SQLITE_NOMEM is returned. 2095 */ 2096 static int pager_playback_one_page( 2097 Pager *pPager, /* The pager being played back */ 2098 i64 *pOffset, /* Offset of record to playback */ 2099 Bitvec *pDone, /* Bitvec of pages already played back */ 2100 int isMainJrnl, /* 1 -> main journal. 0 -> sub-journal. */ 2101 int isSavepnt /* True for a savepoint rollback */ 2102 ){ 2103 int rc; 2104 PgHdr *pPg; /* An existing page in the cache */ 2105 Pgno pgno; /* The page number of a page in journal */ 2106 u32 cksum; /* Checksum used for sanity checking */ 2107 char *aData; /* Temporary storage for the page */ 2108 sqlite3_file *jfd; /* The file descriptor for the journal file */ 2109 int isSynced; /* True if journal page is synced */ 2110 2111 assert( (isMainJrnl&~1)==0 ); /* isMainJrnl is 0 or 1 */ 2112 assert( (isSavepnt&~1)==0 ); /* isSavepnt is 0 or 1 */ 2113 assert( isMainJrnl || pDone ); /* pDone always used on sub-journals */ 2114 assert( isSavepnt || pDone==0 ); /* pDone never used on non-savepoint */ 2115 2116 aData = pPager->pTmpSpace; 2117 assert( aData ); /* Temp storage must have already been allocated */ 2118 assert( pagerUseWal(pPager)==0 || (!isMainJrnl && isSavepnt) ); 2119 2120 /* Either the state is greater than PAGER_WRITER_CACHEMOD (a transaction 2121 ** or savepoint rollback done at the request of the caller) or this is 2122 ** a hot-journal rollback. If it is a hot-journal rollback, the pager 2123 ** is in state OPEN and holds an EXCLUSIVE lock. Hot-journal rollback 2124 ** only reads from the main journal, not the sub-journal. 2125 */ 2126 assert( pPager->eState>=PAGER_WRITER_CACHEMOD 2127 || (pPager->eState==PAGER_OPEN && pPager->eLock==EXCLUSIVE_LOCK) 2128 ); 2129 assert( pPager->eState>=PAGER_WRITER_CACHEMOD || isMainJrnl ); 2130 2131 /* Read the page number and page data from the journal or sub-journal 2132 ** file. Return an error code to the caller if an IO error occurs. 2133 */ 2134 jfd = isMainJrnl ? pPager->jfd : pPager->sjfd; 2135 rc = read32bits(jfd, *pOffset, &pgno); 2136 if( rc!=SQLITE_OK ) return rc; 2137 rc = sqlite3OsRead(jfd, (u8*)aData, pPager->pageSize, (*pOffset)+4); 2138 if( rc!=SQLITE_OK ) return rc; 2139 *pOffset += pPager->pageSize + 4 + isMainJrnl*4; 2140 2141 /* Sanity checking on the page. This is more important that I originally 2142 ** thought. If a power failure occurs while the journal is being written, 2143 ** it could cause invalid data to be written into the journal. We need to 2144 ** detect this invalid data (with high probability) and ignore it. 2145 */ 2146 if( pgno==0 || pgno==PAGER_MJ_PGNO(pPager) ){ 2147 assert( !isSavepnt ); 2148 return SQLITE_DONE; 2149 } 2150 if( pgno>(Pgno)pPager->dbSize || sqlite3BitvecTest(pDone, pgno) ){ 2151 return SQLITE_OK; 2152 } 2153 if( isMainJrnl ){ 2154 rc = read32bits(jfd, (*pOffset)-4, &cksum); 2155 if( rc ) return rc; 2156 if( !isSavepnt && pager_cksum(pPager, (u8*)aData)!=cksum ){ 2157 return SQLITE_DONE; 2158 } 2159 } 2160 2161 /* If this page has already been played by before during the current 2162 ** rollback, then don't bother to play it back again. 2163 */ 2164 if( pDone && (rc = sqlite3BitvecSet(pDone, pgno))!=SQLITE_OK ){ 2165 return rc; 2166 } 2167 2168 /* When playing back page 1, restore the nReserve setting 2169 */ 2170 if( pgno==1 && pPager->nReserve!=((u8*)aData)[20] ){ 2171 pPager->nReserve = ((u8*)aData)[20]; 2172 pagerReportSize(pPager); 2173 } 2174 2175 /* If the pager is in CACHEMOD state, then there must be a copy of this 2176 ** page in the pager cache. In this case just update the pager cache, 2177 ** not the database file. The page is left marked dirty in this case. 2178 ** 2179 ** An exception to the above rule: If the database is in no-sync mode 2180 ** and a page is moved during an incremental vacuum then the page may 2181 ** not be in the pager cache. Later: if a malloc() or IO error occurs 2182 ** during a Movepage() call, then the page may not be in the cache 2183 ** either. So the condition described in the above paragraph is not 2184 ** assert()able. 2185 ** 2186 ** If in WRITER_DBMOD, WRITER_FINISHED or OPEN state, then we update the 2187 ** pager cache if it exists and the main file. The page is then marked 2188 ** not dirty. Since this code is only executed in PAGER_OPEN state for 2189 ** a hot-journal rollback, it is guaranteed that the page-cache is empty 2190 ** if the pager is in OPEN state. 2191 ** 2192 ** Ticket #1171: The statement journal might contain page content that is 2193 ** different from the page content at the start of the transaction. 2194 ** This occurs when a page is changed prior to the start of a statement 2195 ** then changed again within the statement. When rolling back such a 2196 ** statement we must not write to the original database unless we know 2197 ** for certain that original page contents are synced into the main rollback 2198 ** journal. Otherwise, a power loss might leave modified data in the 2199 ** database file without an entry in the rollback journal that can 2200 ** restore the database to its original form. Two conditions must be 2201 ** met before writing to the database files. (1) the database must be 2202 ** locked. (2) we know that the original page content is fully synced 2203 ** in the main journal either because the page is not in cache or else 2204 ** the page is marked as needSync==0. 2205 ** 2206 ** 2008-04-14: When attempting to vacuum a corrupt database file, it 2207 ** is possible to fail a statement on a database that does not yet exist. 2208 ** Do not attempt to write if database file has never been opened. 2209 */ 2210 if( pagerUseWal(pPager) ){ 2211 pPg = 0; 2212 }else{ 2213 pPg = pager_lookup(pPager, pgno); 2214 } 2215 assert( pPg || !MEMDB ); 2216 assert( pPager->eState!=PAGER_OPEN || pPg==0 ); 2217 PAGERTRACE(("PLAYBACK %d page %d hash(%08x) %s\n", 2218 PAGERID(pPager), pgno, pager_datahash(pPager->pageSize, (u8*)aData), 2219 (isMainJrnl?"main-journal":"sub-journal") 2220 )); 2221 if( isMainJrnl ){ 2222 isSynced = pPager->noSync || (*pOffset <= pPager->journalHdr); 2223 }else{ 2224 isSynced = (pPg==0 || 0==(pPg->flags & PGHDR_NEED_SYNC)); 2225 } 2226 if( isOpen(pPager->fd) 2227 && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN) 2228 && isSynced 2229 ){ 2230 i64 ofst = (pgno-1)*(i64)pPager->pageSize; 2231 testcase( !isSavepnt && pPg!=0 && (pPg->flags&PGHDR_NEED_SYNC)!=0 ); 2232 assert( !pagerUseWal(pPager) ); 2233 rc = sqlite3OsWrite(pPager->fd, (u8*)aData, pPager->pageSize, ofst); 2234 if( pgno>pPager->dbFileSize ){ 2235 pPager->dbFileSize = pgno; 2236 } 2237 if( pPager->pBackup ){ 2238 CODEC1(pPager, aData, pgno, 3, rc=SQLITE_NOMEM); 2239 sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)aData); 2240 CODEC2(pPager, aData, pgno, 7, rc=SQLITE_NOMEM, aData); 2241 } 2242 }else if( !isMainJrnl && pPg==0 ){ 2243 /* If this is a rollback of a savepoint and data was not written to 2244 ** the database and the page is not in-memory, there is a potential 2245 ** problem. When the page is next fetched by the b-tree layer, it 2246 ** will be read from the database file, which may or may not be 2247 ** current. 2248 ** 2249 ** There are a couple of different ways this can happen. All are quite 2250 ** obscure. When running in synchronous mode, this can only happen 2251 ** if the page is on the free-list at the start of the transaction, then 2252 ** populated, then moved using sqlite3PagerMovepage(). 2253 ** 2254 ** The solution is to add an in-memory page to the cache containing 2255 ** the data just read from the sub-journal. Mark the page as dirty 2256 ** and if the pager requires a journal-sync, then mark the page as 2257 ** requiring a journal-sync before it is written. 2258 */ 2259 assert( isSavepnt ); 2260 assert( pPager->doNotSpill==0 ); 2261 pPager->doNotSpill++; 2262 rc = sqlite3PagerAcquire(pPager, pgno, &pPg, 1); 2263 assert( pPager->doNotSpill==1 ); 2264 pPager->doNotSpill--; 2265 if( rc!=SQLITE_OK ) return rc; 2266 pPg->flags &= ~PGHDR_NEED_READ; 2267 sqlite3PcacheMakeDirty(pPg); 2268 } 2269 if( pPg ){ 2270 /* No page should ever be explicitly rolled back that is in use, except 2271 ** for page 1 which is held in use in order to keep the lock on the 2272 ** database active. However such a page may be rolled back as a result 2273 ** of an internal error resulting in an automatic call to 2274 ** sqlite3PagerRollback(). 2275 */ 2276 void *pData; 2277 pData = pPg->pData; 2278 memcpy(pData, (u8*)aData, pPager->pageSize); 2279 pPager->xReiniter(pPg); 2280 if( isMainJrnl && (!isSavepnt || *pOffset<=pPager->journalHdr) ){ 2281 /* If the contents of this page were just restored from the main 2282 ** journal file, then its content must be as they were when the 2283 ** transaction was first opened. In this case we can mark the page 2284 ** as clean, since there will be no need to write it out to the 2285 ** database. 2286 ** 2287 ** There is one exception to this rule. If the page is being rolled 2288 ** back as part of a savepoint (or statement) rollback from an 2289 ** unsynced portion of the main journal file, then it is not safe 2290 ** to mark the page as clean. This is because marking the page as 2291 ** clean will clear the PGHDR_NEED_SYNC flag. Since the page is 2292 ** already in the journal file (recorded in Pager.pInJournal) and 2293 ** the PGHDR_NEED_SYNC flag is cleared, if the page is written to 2294 ** again within this transaction, it will be marked as dirty but 2295 ** the PGHDR_NEED_SYNC flag will not be set. It could then potentially 2296 ** be written out into the database file before its journal file 2297 ** segment is synced. If a crash occurs during or following this, 2298 ** database corruption may ensue. 2299 */ 2300 assert( !pagerUseWal(pPager) ); 2301 sqlite3PcacheMakeClean(pPg); 2302 } 2303 pager_set_pagehash(pPg); 2304 2305 /* If this was page 1, then restore the value of Pager.dbFileVers. 2306 ** Do this before any decoding. */ 2307 if( pgno==1 ){ 2308 memcpy(&pPager->dbFileVers, &((u8*)pData)[24],sizeof(pPager->dbFileVers)); 2309 } 2310 2311 /* Decode the page just read from disk */ 2312 CODEC1(pPager, pData, pPg->pgno, 3, rc=SQLITE_NOMEM); 2313 sqlite3PcacheRelease(pPg); 2314 } 2315 return rc; 2316 } 2317 2318 /* 2319 ** Parameter zMaster is the name of a master journal file. A single journal 2320 ** file that referred to the master journal file has just been rolled back. 2321 ** This routine checks if it is possible to delete the master journal file, 2322 ** and does so if it is. 2323 ** 2324 ** Argument zMaster may point to Pager.pTmpSpace. So that buffer is not 2325 ** available for use within this function. 2326 ** 2327 ** When a master journal file is created, it is populated with the names 2328 ** of all of its child journals, one after another, formatted as utf-8 2329 ** encoded text. The end of each child journal file is marked with a 2330 ** nul-terminator byte (0x00). i.e. the entire contents of a master journal 2331 ** file for a transaction involving two databases might be: 2332 ** 2333 ** "/home/bill/a.db-journal\x00/home/bill/b.db-journal\x00" 2334 ** 2335 ** A master journal file may only be deleted once all of its child 2336 ** journals have been rolled back. 2337 ** 2338 ** This function reads the contents of the master-journal file into 2339 ** memory and loops through each of the child journal names. For 2340 ** each child journal, it checks if: 2341 ** 2342 ** * if the child journal exists, and if so 2343 ** * if the child journal contains a reference to master journal 2344 ** file zMaster 2345 ** 2346 ** If a child journal can be found that matches both of the criteria 2347 ** above, this function returns without doing anything. Otherwise, if 2348 ** no such child journal can be found, file zMaster is deleted from 2349 ** the file-system using sqlite3OsDelete(). 2350 ** 2351 ** If an IO error within this function, an error code is returned. This 2352 ** function allocates memory by calling sqlite3Malloc(). If an allocation 2353 ** fails, SQLITE_NOMEM is returned. Otherwise, if no IO or malloc errors 2354 ** occur, SQLITE_OK is returned. 2355 ** 2356 ** TODO: This function allocates a single block of memory to load 2357 ** the entire contents of the master journal file. This could be 2358 ** a couple of kilobytes or so - potentially larger than the page 2359 ** size. 2360 */ 2361 static int pager_delmaster(Pager *pPager, const char *zMaster){ 2362 sqlite3_vfs *pVfs = pPager->pVfs; 2363 int rc; /* Return code */ 2364 sqlite3_file *pMaster; /* Malloc'd master-journal file descriptor */ 2365 sqlite3_file *pJournal; /* Malloc'd child-journal file descriptor */ 2366 char *zMasterJournal = 0; /* Contents of master journal file */ 2367 i64 nMasterJournal; /* Size of master journal file */ 2368 char *zJournal; /* Pointer to one journal within MJ file */ 2369 char *zMasterPtr; /* Space to hold MJ filename from a journal file */ 2370 int nMasterPtr; /* Amount of space allocated to zMasterPtr[] */ 2371 2372 /* Allocate space for both the pJournal and pMaster file descriptors. 2373 ** If successful, open the master journal file for reading. 2374 */ 2375 pMaster = (sqlite3_file *)sqlite3MallocZero(pVfs->szOsFile * 2); 2376 pJournal = (sqlite3_file *)(((u8 *)pMaster) + pVfs->szOsFile); 2377 if( !pMaster ){ 2378 rc = SQLITE_NOMEM; 2379 }else{ 2380 const int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_MASTER_JOURNAL); 2381 rc = sqlite3OsOpen(pVfs, zMaster, pMaster, flags, 0); 2382 } 2383 if( rc!=SQLITE_OK ) goto delmaster_out; 2384 2385 /* Load the entire master journal file into space obtained from 2386 ** sqlite3_malloc() and pointed to by zMasterJournal. Also obtain 2387 ** sufficient space (in zMasterPtr) to hold the names of master 2388 ** journal files extracted from regular rollback-journals. 2389 */ 2390 rc = sqlite3OsFileSize(pMaster, &nMasterJournal); 2391 if( rc!=SQLITE_OK ) goto delmaster_out; 2392 nMasterPtr = pVfs->mxPathname+1; 2393 zMasterJournal = sqlite3Malloc((int)nMasterJournal + nMasterPtr + 1); 2394 if( !zMasterJournal ){ 2395 rc = SQLITE_NOMEM; 2396 goto delmaster_out; 2397 } 2398 zMasterPtr = &zMasterJournal[nMasterJournal+1]; 2399 rc = sqlite3OsRead(pMaster, zMasterJournal, (int)nMasterJournal, 0); 2400 if( rc!=SQLITE_OK ) goto delmaster_out; 2401 zMasterJournal[nMasterJournal] = 0; 2402 2403 zJournal = zMasterJournal; 2404 while( (zJournal-zMasterJournal)<nMasterJournal ){ 2405 int exists; 2406 rc = sqlite3OsAccess(pVfs, zJournal, SQLITE_ACCESS_EXISTS, &exists); 2407 if( rc!=SQLITE_OK ){ 2408 goto delmaster_out; 2409 } 2410 if( exists ){ 2411 /* One of the journals pointed to by the master journal exists. 2412 ** Open it and check if it points at the master journal. If 2413 ** so, return without deleting the master journal file. 2414 */ 2415 int c; 2416 int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_MAIN_JOURNAL); 2417 rc = sqlite3OsOpen(pVfs, zJournal, pJournal, flags, 0); 2418 if( rc!=SQLITE_OK ){ 2419 goto delmaster_out; 2420 } 2421 2422 rc = readMasterJournal(pJournal, zMasterPtr, nMasterPtr); 2423 sqlite3OsClose(pJournal); 2424 if( rc!=SQLITE_OK ){ 2425 goto delmaster_out; 2426 } 2427 2428 c = zMasterPtr[0]!=0 && strcmp(zMasterPtr, zMaster)==0; 2429 if( c ){ 2430 /* We have a match. Do not delete the master journal file. */ 2431 goto delmaster_out; 2432 } 2433 } 2434 zJournal += (sqlite3Strlen30(zJournal)+1); 2435 } 2436 2437 sqlite3OsClose(pMaster); 2438 rc = sqlite3OsDelete(pVfs, zMaster, 0); 2439 2440 delmaster_out: 2441 sqlite3_free(zMasterJournal); 2442 if( pMaster ){ 2443 sqlite3OsClose(pMaster); 2444 assert( !isOpen(pJournal) ); 2445 sqlite3_free(pMaster); 2446 } 2447 return rc; 2448 } 2449 2450 2451 /* 2452 ** This function is used to change the actual size of the database 2453 ** file in the file-system. This only happens when committing a transaction, 2454 ** or rolling back a transaction (including rolling back a hot-journal). 2455 ** 2456 ** If the main database file is not open, or the pager is not in either 2457 ** DBMOD or OPEN state, this function is a no-op. Otherwise, the size 2458 ** of the file is changed to nPage pages (nPage*pPager->pageSize bytes). 2459 ** If the file on disk is currently larger than nPage pages, then use the VFS 2460 ** xTruncate() method to truncate it. 2461 ** 2462 ** Or, it might might be the case that the file on disk is smaller than 2463 ** nPage pages. Some operating system implementations can get confused if 2464 ** you try to truncate a file to some size that is larger than it 2465 ** currently is, so detect this case and write a single zero byte to 2466 ** the end of the new file instead. 2467 ** 2468 ** If successful, return SQLITE_OK. If an IO error occurs while modifying 2469 ** the database file, return the error code to the caller. 2470 */ 2471 static int pager_truncate(Pager *pPager, Pgno nPage){ 2472 int rc = SQLITE_OK; 2473 assert( pPager->eState!=PAGER_ERROR ); 2474 assert( pPager->eState!=PAGER_READER ); 2475 2476 if( isOpen(pPager->fd) 2477 && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN) 2478 ){ 2479 i64 currentSize, newSize; 2480 int szPage = pPager->pageSize; 2481 assert( pPager->eLock==EXCLUSIVE_LOCK ); 2482 /* TODO: Is it safe to use Pager.dbFileSize here? */ 2483 rc = sqlite3OsFileSize(pPager->fd, ¤tSize); 2484 newSize = szPage*(i64)nPage; 2485 if( rc==SQLITE_OK && currentSize!=newSize ){ 2486 if( currentSize>newSize ){ 2487 rc = sqlite3OsTruncate(pPager->fd, newSize); 2488 }else{ 2489 char *pTmp = pPager->pTmpSpace; 2490 memset(pTmp, 0, szPage); 2491 testcase( (newSize-szPage) < currentSize ); 2492 testcase( (newSize-szPage) == currentSize ); 2493 testcase( (newSize-szPage) > currentSize ); 2494 rc = sqlite3OsWrite(pPager->fd, pTmp, szPage, newSize-szPage); 2495 } 2496 if( rc==SQLITE_OK ){ 2497 pPager->dbFileSize = nPage; 2498 } 2499 } 2500 } 2501 return rc; 2502 } 2503 2504 /* 2505 ** Set the value of the Pager.sectorSize variable for the given 2506 ** pager based on the value returned by the xSectorSize method 2507 ** of the open database file. The sector size will be used used 2508 ** to determine the size and alignment of journal header and 2509 ** master journal pointers within created journal files. 2510 ** 2511 ** For temporary files the effective sector size is always 512 bytes. 2512 ** 2513 ** Otherwise, for non-temporary files, the effective sector size is 2514 ** the value returned by the xSectorSize() method rounded up to 32 if 2515 ** it is less than 32, or rounded down to MAX_SECTOR_SIZE if it 2516 ** is greater than MAX_SECTOR_SIZE. 2517 */ 2518 static void setSectorSize(Pager *pPager){ 2519 assert( isOpen(pPager->fd) || pPager->tempFile ); 2520 2521 if( !pPager->tempFile ){ 2522 /* Sector size doesn't matter for temporary files. Also, the file 2523 ** may not have been opened yet, in which case the OsSectorSize() 2524 ** call will segfault. 2525 */ 2526 pPager->sectorSize = sqlite3OsSectorSize(pPager->fd); 2527 } 2528 if( pPager->sectorSize<32 ){ 2529 pPager->sectorSize = 512; 2530 } 2531 if( pPager->sectorSize>MAX_SECTOR_SIZE ){ 2532 assert( MAX_SECTOR_SIZE>=512 ); 2533 pPager->sectorSize = MAX_SECTOR_SIZE; 2534 } 2535 } 2536 2537 /* 2538 ** Playback the journal and thus restore the database file to 2539 ** the state it was in before we started making changes. 2540 ** 2541 ** The journal file format is as follows: 2542 ** 2543 ** (1) 8 byte prefix. A copy of aJournalMagic[]. 2544 ** (2) 4 byte big-endian integer which is the number of valid page records 2545 ** in the journal. If this value is 0xffffffff, then compute the 2546 ** number of page records from the journal size. 2547 ** (3) 4 byte big-endian integer which is the initial value for the 2548 ** sanity checksum. 2549 ** (4) 4 byte integer which is the number of pages to truncate the 2550 ** database to during a rollback. 2551 ** (5) 4 byte big-endian integer which is the sector size. The header 2552 ** is this many bytes in size. 2553 ** (6) 4 byte big-endian integer which is the page size. 2554 ** (7) zero padding out to the next sector size. 2555 ** (8) Zero or more pages instances, each as follows: 2556 ** + 4 byte page number. 2557 ** + pPager->pageSize bytes of data. 2558 ** + 4 byte checksum 2559 ** 2560 ** When we speak of the journal header, we mean the first 7 items above. 2561 ** Each entry in the journal is an instance of the 8th item. 2562 ** 2563 ** Call the value from the second bullet "nRec". nRec is the number of 2564 ** valid page entries in the journal. In most cases, you can compute the 2565 ** value of nRec from the size of the journal file. But if a power 2566 ** failure occurred while the journal was being written, it could be the 2567 ** case that the size of the journal file had already been increased but 2568 ** the extra entries had not yet made it safely to disk. In such a case, 2569 ** the value of nRec computed from the file size would be too large. For 2570 ** that reason, we always use the nRec value in the header. 2571 ** 2572 ** If the nRec value is 0xffffffff it means that nRec should be computed 2573 ** from the file size. This value is used when the user selects the 2574 ** no-sync option for the journal. A power failure could lead to corruption 2575 ** in this case. But for things like temporary table (which will be 2576 ** deleted when the power is restored) we don't care. 2577 ** 2578 ** If the file opened as the journal file is not a well-formed 2579 ** journal file then all pages up to the first corrupted page are rolled 2580 ** back (or no pages if the journal header is corrupted). The journal file 2581 ** is then deleted and SQLITE_OK returned, just as if no corruption had 2582 ** been encountered. 2583 ** 2584 ** If an I/O or malloc() error occurs, the journal-file is not deleted 2585 ** and an error code is returned. 2586 ** 2587 ** The isHot parameter indicates that we are trying to rollback a journal 2588 ** that might be a hot journal. Or, it could be that the journal is 2589 ** preserved because of JOURNALMODE_PERSIST or JOURNALMODE_TRUNCATE. 2590 ** If the journal really is hot, reset the pager cache prior rolling 2591 ** back any content. If the journal is merely persistent, no reset is 2592 ** needed. 2593 */ 2594 static int pager_playback(Pager *pPager, int isHot){ 2595 sqlite3_vfs *pVfs = pPager->pVfs; 2596 i64 szJ; /* Size of the journal file in bytes */ 2597 u32 nRec; /* Number of Records in the journal */ 2598 u32 u; /* Unsigned loop counter */ 2599 Pgno mxPg = 0; /* Size of the original file in pages */ 2600 int rc; /* Result code of a subroutine */ 2601 int res = 1; /* Value returned by sqlite3OsAccess() */ 2602 char *zMaster = 0; /* Name of master journal file if any */ 2603 int needPagerReset; /* True to reset page prior to first page rollback */ 2604 2605 /* Figure out how many records are in the journal. Abort early if 2606 ** the journal is empty. 2607 */ 2608 assert( isOpen(pPager->jfd) ); 2609 rc = sqlite3OsFileSize(pPager->jfd, &szJ); 2610 if( rc!=SQLITE_OK ){ 2611 goto end_playback; 2612 } 2613 2614 /* Read the master journal name from the journal, if it is present. 2615 ** If a master journal file name is specified, but the file is not 2616 ** present on disk, then the journal is not hot and does not need to be 2617 ** played back. 2618 ** 2619 ** TODO: Technically the following is an error because it assumes that 2620 ** buffer Pager.pTmpSpace is (mxPathname+1) bytes or larger. i.e. that 2621 ** (pPager->pageSize >= pPager->pVfs->mxPathname+1). Using os_unix.c, 2622 ** mxPathname is 512, which is the same as the minimum allowable value 2623 ** for pageSize. 2624 */ 2625 zMaster = pPager->pTmpSpace; 2626 rc = readMasterJournal(pPager->jfd, zMaster, pPager->pVfs->mxPathname+1); 2627 if( rc==SQLITE_OK && zMaster[0] ){ 2628 rc = sqlite3OsAccess(pVfs, zMaster, SQLITE_ACCESS_EXISTS, &res); 2629 } 2630 zMaster = 0; 2631 if( rc!=SQLITE_OK || !res ){ 2632 goto end_playback; 2633 } 2634 pPager->journalOff = 0; 2635 needPagerReset = isHot; 2636 2637 /* This loop terminates either when a readJournalHdr() or 2638 ** pager_playback_one_page() call returns SQLITE_DONE or an IO error 2639 ** occurs. 2640 */ 2641 while( 1 ){ 2642 /* Read the next journal header from the journal file. If there are 2643 ** not enough bytes left in the journal file for a complete header, or 2644 ** it is corrupted, then a process must have failed while writing it. 2645 ** This indicates nothing more needs to be rolled back. 2646 */ 2647 rc = readJournalHdr(pPager, isHot, szJ, &nRec, &mxPg); 2648 if( rc!=SQLITE_OK ){ 2649 if( rc==SQLITE_DONE ){ 2650 rc = SQLITE_OK; 2651 } 2652 goto end_playback; 2653 } 2654 2655 /* If nRec is 0xffffffff, then this journal was created by a process 2656 ** working in no-sync mode. This means that the rest of the journal 2657 ** file consists of pages, there are no more journal headers. Compute 2658 ** the value of nRec based on this assumption. 2659 */ 2660 if( nRec==0xffffffff ){ 2661 assert( pPager->journalOff==JOURNAL_HDR_SZ(pPager) ); 2662 nRec = (int)((szJ - JOURNAL_HDR_SZ(pPager))/JOURNAL_PG_SZ(pPager)); 2663 } 2664 2665 /* If nRec is 0 and this rollback is of a transaction created by this 2666 ** process and if this is the final header in the journal, then it means 2667 ** that this part of the journal was being filled but has not yet been 2668 ** synced to disk. Compute the number of pages based on the remaining 2669 ** size of the file. 2670 ** 2671 ** The third term of the test was added to fix ticket #2565. 2672 ** When rolling back a hot journal, nRec==0 always means that the next 2673 ** chunk of the journal contains zero pages to be rolled back. But 2674 ** when doing a ROLLBACK and the nRec==0 chunk is the last chunk in 2675 ** the journal, it means that the journal might contain additional 2676 ** pages that need to be rolled back and that the number of pages 2677 ** should be computed based on the journal file size. 2678 */ 2679 if( nRec==0 && !isHot && 2680 pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff ){ 2681 nRec = (int)((szJ - pPager->journalOff) / JOURNAL_PG_SZ(pPager)); 2682 } 2683 2684 /* If this is the first header read from the journal, truncate the 2685 ** database file back to its original size. 2686 */ 2687 if( pPager->journalOff==JOURNAL_HDR_SZ(pPager) ){ 2688 rc = pager_truncate(pPager, mxPg); 2689 if( rc!=SQLITE_OK ){ 2690 goto end_playback; 2691 } 2692 pPager->dbSize = mxPg; 2693 } 2694 2695 /* Copy original pages out of the journal and back into the 2696 ** database file and/or page cache. 2697 */ 2698 for(u=0; u<nRec; u++){ 2699 if( needPagerReset ){ 2700 pager_reset(pPager); 2701 needPagerReset = 0; 2702 } 2703 rc = pager_playback_one_page(pPager,&pPager->journalOff,0,1,0); 2704 if( rc!=SQLITE_OK ){ 2705 if( rc==SQLITE_DONE ){ 2706 rc = SQLITE_OK; 2707 pPager->journalOff = szJ; 2708 break; 2709 }else if( rc==SQLITE_IOERR_SHORT_READ ){ 2710 /* If the journal has been truncated, simply stop reading and 2711 ** processing the journal. This might happen if the journal was 2712 ** not completely written and synced prior to a crash. In that 2713 ** case, the database should have never been written in the 2714 ** first place so it is OK to simply abandon the rollback. */ 2715 rc = SQLITE_OK; 2716 goto end_playback; 2717 }else{ 2718 /* If we are unable to rollback, quit and return the error 2719 ** code. This will cause the pager to enter the error state 2720 ** so that no further harm will be done. Perhaps the next 2721 ** process to come along will be able to rollback the database. 2722 */ 2723 goto end_playback; 2724 } 2725 } 2726 } 2727 } 2728 /*NOTREACHED*/ 2729 assert( 0 ); 2730 2731 end_playback: 2732 /* Following a rollback, the database file should be back in its original 2733 ** state prior to the start of the transaction, so invoke the 2734 ** SQLITE_FCNTL_DB_UNCHANGED file-control method to disable the 2735 ** assertion that the transaction counter was modified. 2736 */ 2737 assert( 2738 pPager->fd->pMethods==0 || 2739 sqlite3OsFileControl(pPager->fd,SQLITE_FCNTL_DB_UNCHANGED,0)>=SQLITE_OK 2740 ); 2741 2742 /* If this playback is happening automatically as a result of an IO or 2743 ** malloc error that occurred after the change-counter was updated but 2744 ** before the transaction was committed, then the change-counter 2745 ** modification may just have been reverted. If this happens in exclusive 2746 ** mode, then subsequent transactions performed by the connection will not 2747 ** update the change-counter at all. This may lead to cache inconsistency 2748 ** problems for other processes at some point in the future. So, just 2749 ** in case this has happened, clear the changeCountDone flag now. 2750 */ 2751 pPager->changeCountDone = pPager->tempFile; 2752 2753 if( rc==SQLITE_OK ){ 2754 zMaster = pPager->pTmpSpace; 2755 rc = readMasterJournal(pPager->jfd, zMaster, pPager->pVfs->mxPathname+1); 2756 testcase( rc!=SQLITE_OK ); 2757 } 2758 if( rc==SQLITE_OK 2759 && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN) 2760 ){ 2761 rc = sqlite3PagerSync(pPager); 2762 } 2763 if( rc==SQLITE_OK ){ 2764 rc = pager_end_transaction(pPager, zMaster[0]!='\0'); 2765 testcase( rc!=SQLITE_OK ); 2766 } 2767 if( rc==SQLITE_OK && zMaster[0] && res ){ 2768 /* If there was a master journal and this routine will return success, 2769 ** see if it is possible to delete the master journal. 2770 */ 2771 rc = pager_delmaster(pPager, zMaster); 2772 testcase( rc!=SQLITE_OK ); 2773 } 2774 2775 /* The Pager.sectorSize variable may have been updated while rolling 2776 ** back a journal created by a process with a different sector size 2777 ** value. Reset it to the correct value for this process. 2778 */ 2779 setSectorSize(pPager); 2780 return rc; 2781 } 2782 2783 2784 /* 2785 ** Read the content for page pPg out of the database file and into 2786 ** pPg->pData. A shared lock or greater must be held on the database 2787 ** file before this function is called. 2788 ** 2789 ** If page 1 is read, then the value of Pager.dbFileVers[] is set to 2790 ** the value read from the database file. 2791 ** 2792 ** If an IO error occurs, then the IO error is returned to the caller. 2793 ** Otherwise, SQLITE_OK is returned. 2794 */ 2795 static int readDbPage(PgHdr *pPg){ 2796 Pager *pPager = pPg->pPager; /* Pager object associated with page pPg */ 2797 Pgno pgno = pPg->pgno; /* Page number to read */ 2798 int rc = SQLITE_OK; /* Return code */ 2799 int isInWal = 0; /* True if page is in log file */ 2800 int pgsz = pPager->pageSize; /* Number of bytes to read */ 2801 2802 assert( pPager->eState>=PAGER_READER && !MEMDB ); 2803 assert( isOpen(pPager->fd) ); 2804 2805 if( NEVER(!isOpen(pPager->fd)) ){ 2806 assert( pPager->tempFile ); 2807 memset(pPg->pData, 0, pPager->pageSize); 2808 return SQLITE_OK; 2809 } 2810 2811 if( pagerUseWal(pPager) ){ 2812 /* Try to pull the page from the write-ahead log. */ 2813 rc = sqlite3WalRead(pPager->pWal, pgno, &isInWal, pgsz, pPg->pData); 2814 } 2815 if( rc==SQLITE_OK && !isInWal ){ 2816 i64 iOffset = (pgno-1)*(i64)pPager->pageSize; 2817 rc = sqlite3OsRead(pPager->fd, pPg->pData, pgsz, iOffset); 2818 if( rc==SQLITE_IOERR_SHORT_READ ){ 2819 rc = SQLITE_OK; 2820 } 2821 } 2822 2823 if( pgno==1 ){ 2824 if( rc ){ 2825 /* If the read is unsuccessful, set the dbFileVers[] to something 2826 ** that will never be a valid file version. dbFileVers[] is a copy 2827 ** of bytes 24..39 of the database. Bytes 28..31 should always be 2828 ** zero or the size of the database in page. Bytes 32..35 and 35..39 2829 ** should be page numbers which are never 0xffffffff. So filling 2830 ** pPager->dbFileVers[] with all 0xff bytes should suffice. 2831 ** 2832 ** For an encrypted database, the situation is more complex: bytes 2833 ** 24..39 of the database are white noise. But the probability of 2834 ** white noising equaling 16 bytes of 0xff is vanishingly small so 2835 ** we should still be ok. 2836 */ 2837 memset(pPager->dbFileVers, 0xff, sizeof(pPager->dbFileVers)); 2838 }else{ 2839 u8 *dbFileVers = &((u8*)pPg->pData)[24]; 2840 memcpy(&pPager->dbFileVers, dbFileVers, sizeof(pPager->dbFileVers)); 2841 } 2842 } 2843 CODEC1(pPager, pPg->pData, pgno, 3, rc = SQLITE_NOMEM); 2844 2845 PAGER_INCR(sqlite3_pager_readdb_count); 2846 PAGER_INCR(pPager->nRead); 2847 IOTRACE(("PGIN %p %d\n", pPager, pgno)); 2848 PAGERTRACE(("FETCH %d page %d hash(%08x)\n", 2849 PAGERID(pPager), pgno, pager_pagehash(pPg))); 2850 2851 return rc; 2852 } 2853 2854 /* 2855 ** Update the value of the change-counter at offsets 24 and 92 in 2856 ** the header and the sqlite version number at offset 96. 2857 ** 2858 ** This is an unconditional update. See also the pager_incr_changecounter() 2859 ** routine which only updates the change-counter if the update is actually 2860 ** needed, as determined by the pPager->changeCountDone state variable. 2861 */ 2862 static void pager_write_changecounter(PgHdr *pPg){ 2863 u32 change_counter; 2864 2865 /* Increment the value just read and write it back to byte 24. */ 2866 change_counter = sqlite3Get4byte((u8*)pPg->pPager->dbFileVers)+1; 2867 put32bits(((char*)pPg->pData)+24, change_counter); 2868 2869 /* Also store the SQLite version number in bytes 96..99 and in 2870 ** bytes 92..95 store the change counter for which the version number 2871 ** is valid. */ 2872 put32bits(((char*)pPg->pData)+92, change_counter); 2873 put32bits(((char*)pPg->pData)+96, SQLITE_VERSION_NUMBER); 2874 } 2875 2876 #ifndef SQLITE_OMIT_WAL 2877 /* 2878 ** This function is invoked once for each page that has already been 2879 ** written into the log file when a WAL transaction is rolled back. 2880 ** Parameter iPg is the page number of said page. The pCtx argument 2881 ** is actually a pointer to the Pager structure. 2882 ** 2883 ** If page iPg is present in the cache, and has no outstanding references, 2884 ** it is discarded. Otherwise, if there are one or more outstanding 2885 ** references, the page content is reloaded from the database. If the 2886 ** attempt to reload content from the database is required and fails, 2887 ** return an SQLite error code. Otherwise, SQLITE_OK. 2888 */ 2889 static int pagerUndoCallback(void *pCtx, Pgno iPg){ 2890 int rc = SQLITE_OK; 2891 Pager *pPager = (Pager *)pCtx; 2892 PgHdr *pPg; 2893 2894 pPg = sqlite3PagerLookup(pPager, iPg); 2895 if( pPg ){ 2896 if( sqlite3PcachePageRefcount(pPg)==1 ){ 2897 sqlite3PcacheDrop(pPg); 2898 }else{ 2899 rc = readDbPage(pPg); 2900 if( rc==SQLITE_OK ){ 2901 pPager->xReiniter(pPg); 2902 } 2903 sqlite3PagerUnref(pPg); 2904 } 2905 } 2906 2907 /* Normally, if a transaction is rolled back, any backup processes are 2908 ** updated as data is copied out of the rollback journal and into the 2909 ** database. This is not generally possible with a WAL database, as 2910 ** rollback involves simply truncating the log file. Therefore, if one 2911 ** or more frames have already been written to the log (and therefore 2912 ** also copied into the backup databases) as part of this transaction, 2913 ** the backups must be restarted. 2914 */ 2915 sqlite3BackupRestart(pPager->pBackup); 2916 2917 return rc; 2918 } 2919 2920 /* 2921 ** This function is called to rollback a transaction on a WAL database. 2922 */ 2923 static int pagerRollbackWal(Pager *pPager){ 2924 int rc; /* Return Code */ 2925 PgHdr *pList; /* List of dirty pages to revert */ 2926 2927 /* For all pages in the cache that are currently dirty or have already 2928 ** been written (but not committed) to the log file, do one of the 2929 ** following: 2930 ** 2931 ** + Discard the cached page (if refcount==0), or 2932 ** + Reload page content from the database (if refcount>0). 2933 */ 2934 pPager->dbSize = pPager->dbOrigSize; 2935 rc = sqlite3WalUndo(pPager->pWal, pagerUndoCallback, (void *)pPager); 2936 pList = sqlite3PcacheDirtyList(pPager->pPCache); 2937 while( pList && rc==SQLITE_OK ){ 2938 PgHdr *pNext = pList->pDirty; 2939 rc = pagerUndoCallback((void *)pPager, pList->pgno); 2940 pList = pNext; 2941 } 2942 2943 return rc; 2944 } 2945 2946 /* 2947 ** This function is a wrapper around sqlite3WalFrames(). As well as logging 2948 ** the contents of the list of pages headed by pList (connected by pDirty), 2949 ** this function notifies any active backup processes that the pages have 2950 ** changed. 2951 ** 2952 ** The list of pages passed into this routine is always sorted by page number. 2953 ** Hence, if page 1 appears anywhere on the list, it will be the first page. 2954 */ 2955 static int pagerWalFrames( 2956 Pager *pPager, /* Pager object */ 2957 PgHdr *pList, /* List of frames to log */ 2958 Pgno nTruncate, /* Database size after this commit */ 2959 int isCommit, /* True if this is a commit */ 2960 int syncFlags /* Flags to pass to OsSync() (or 0) */ 2961 ){ 2962 int rc; /* Return code */ 2963 #if defined(SQLITE_DEBUG) || defined(SQLITE_CHECK_PAGES) 2964 PgHdr *p; /* For looping over pages */ 2965 #endif 2966 2967 assert( pPager->pWal ); 2968 #ifdef SQLITE_DEBUG 2969 /* Verify that the page list is in accending order */ 2970 for(p=pList; p && p->pDirty; p=p->pDirty){ 2971 assert( p->pgno < p->pDirty->pgno ); 2972 } 2973 #endif 2974 2975 if( isCommit ){ 2976 /* If a WAL transaction is being committed, there is no point in writing 2977 ** any pages with page numbers greater than nTruncate into the WAL file. 2978 ** They will never be read by any client. So remove them from the pDirty 2979 ** list here. */ 2980 PgHdr *p; 2981 PgHdr **ppNext = &pList; 2982 for(p=pList; (*ppNext = p); p=p->pDirty){ 2983 if( p->pgno<=nTruncate ) ppNext = &p->pDirty; 2984 } 2985 assert( pList ); 2986 } 2987 2988 if( pList->pgno==1 ) pager_write_changecounter(pList); 2989 rc = sqlite3WalFrames(pPager->pWal, 2990 pPager->pageSize, pList, nTruncate, isCommit, syncFlags 2991 ); 2992 if( rc==SQLITE_OK && pPager->pBackup ){ 2993 PgHdr *p; 2994 for(p=pList; p; p=p->pDirty){ 2995 sqlite3BackupUpdate(pPager->pBackup, p->pgno, (u8 *)p->pData); 2996 } 2997 } 2998 2999 #ifdef SQLITE_CHECK_PAGES 3000 pList = sqlite3PcacheDirtyList(pPager->pPCache); 3001 for(p=pList; p; p=p->pDirty){ 3002 pager_set_pagehash(p); 3003 } 3004 #endif 3005 3006 return rc; 3007 } 3008 3009 /* 3010 ** Begin a read transaction on the WAL. 3011 ** 3012 ** This routine used to be called "pagerOpenSnapshot()" because it essentially 3013 ** makes a snapshot of the database at the current point in time and preserves 3014 ** that snapshot for use by the reader in spite of concurrently changes by 3015 ** other writers or checkpointers. 3016 */ 3017 static int pagerBeginReadTransaction(Pager *pPager){ 3018 int rc; /* Return code */ 3019 int changed = 0; /* True if cache must be reset */ 3020 3021 assert( pagerUseWal(pPager) ); 3022 assert( pPager->eState==PAGER_OPEN || pPager->eState==PAGER_READER ); 3023 3024 /* sqlite3WalEndReadTransaction() was not called for the previous 3025 ** transaction in locking_mode=EXCLUSIVE. So call it now. If we 3026 ** are in locking_mode=NORMAL and EndRead() was previously called, 3027 ** the duplicate call is harmless. 3028 */ 3029 sqlite3WalEndReadTransaction(pPager->pWal); 3030 3031 rc = sqlite3WalBeginReadTransaction(pPager->pWal, &changed); 3032 if( rc!=SQLITE_OK || changed ){ 3033 pager_reset(pPager); 3034 } 3035 3036 return rc; 3037 } 3038 #endif 3039 3040 /* 3041 ** This function is called as part of the transition from PAGER_OPEN 3042 ** to PAGER_READER state to determine the size of the database file 3043 ** in pages (assuming the page size currently stored in Pager.pageSize). 3044 ** 3045 ** If no error occurs, SQLITE_OK is returned and the size of the database 3046 ** in pages is stored in *pnPage. Otherwise, an error code (perhaps 3047 ** SQLITE_IOERR_FSTAT) is returned and *pnPage is left unmodified. 3048 */ 3049 static int pagerPagecount(Pager *pPager, Pgno *pnPage){ 3050 Pgno nPage; /* Value to return via *pnPage */ 3051 3052 /* Query the WAL sub-system for the database size. The WalDbsize() 3053 ** function returns zero if the WAL is not open (i.e. Pager.pWal==0), or 3054 ** if the database size is not available. The database size is not 3055 ** available from the WAL sub-system if the log file is empty or 3056 ** contains no valid committed transactions. 3057 */ 3058 assert( pPager->eState==PAGER_OPEN ); 3059 assert( pPager->eLock>=SHARED_LOCK || pPager->noReadlock ); 3060 nPage = sqlite3WalDbsize(pPager->pWal); 3061 3062 /* If the database size was not available from the WAL sub-system, 3063 ** determine it based on the size of the database file. If the size 3064 ** of the database file is not an integer multiple of the page-size, 3065 ** round down to the nearest page. Except, any file larger than 0 3066 ** bytes in size is considered to contain at least one page. 3067 */ 3068 if( nPage==0 ){ 3069 i64 n = 0; /* Size of db file in bytes */ 3070 assert( isOpen(pPager->fd) || pPager->tempFile ); 3071 if( isOpen(pPager->fd) ){ 3072 int rc = sqlite3OsFileSize(pPager->fd, &n); 3073 if( rc!=SQLITE_OK ){ 3074 return rc; 3075 } 3076 } 3077 nPage = (Pgno)(n / pPager->pageSize); 3078 if( nPage==0 && n>0 ){ 3079 nPage = 1; 3080 } 3081 } 3082 3083 /* If the current number of pages in the file is greater than the 3084 ** configured maximum pager number, increase the allowed limit so 3085 ** that the file can be read. 3086 */ 3087 if( nPage>pPager->mxPgno ){ 3088 pPager->mxPgno = (Pgno)nPage; 3089 } 3090 3091 *pnPage = nPage; 3092 return SQLITE_OK; 3093 } 3094 3095 #ifndef SQLITE_OMIT_WAL 3096 /* 3097 ** Check if the *-wal file that corresponds to the database opened by pPager 3098 ** exists if the database is not empy, or verify that the *-wal file does 3099 ** not exist (by deleting it) if the database file is empty. 3100 ** 3101 ** If the database is not empty and the *-wal file exists, open the pager 3102 ** in WAL mode. If the database is empty or if no *-wal file exists and 3103 ** if no error occurs, make sure Pager.journalMode is not set to 3104 ** PAGER_JOURNALMODE_WAL. 3105 ** 3106 ** Return SQLITE_OK or an error code. 3107 ** 3108 ** The caller must hold a SHARED lock on the database file to call this 3109 ** function. Because an EXCLUSIVE lock on the db file is required to delete 3110 ** a WAL on a none-empty database, this ensures there is no race condition 3111 ** between the xAccess() below and an xDelete() being executed by some 3112 ** other connection. 3113 */ 3114 static int pagerOpenWalIfPresent(Pager *pPager){ 3115 int rc = SQLITE_OK; 3116 assert( pPager->eState==PAGER_OPEN ); 3117 assert( pPager->eLock>=SHARED_LOCK || pPager->noReadlock ); 3118 3119 if( !pPager->tempFile ){ 3120 int isWal; /* True if WAL file exists */ 3121 Pgno nPage; /* Size of the database file */ 3122 3123 rc = pagerPagecount(pPager, &nPage); 3124 if( rc ) return rc; 3125 if( nPage==0 ){ 3126 rc = sqlite3OsDelete(pPager->pVfs, pPager->zWal, 0); 3127 isWal = 0; 3128 }else{ 3129 rc = sqlite3OsAccess( 3130 pPager->pVfs, pPager->zWal, SQLITE_ACCESS_EXISTS, &isWal 3131 ); 3132 } 3133 if( rc==SQLITE_OK ){ 3134 if( isWal ){ 3135 testcase( sqlite3PcachePagecount(pPager->pPCache)==0 ); 3136 rc = sqlite3PagerOpenWal(pPager, 0); 3137 }else if( pPager->journalMode==PAGER_JOURNALMODE_WAL ){ 3138 pPager->journalMode = PAGER_JOURNALMODE_DELETE; 3139 } 3140 } 3141 } 3142 return rc; 3143 } 3144 #endif 3145 3146 /* 3147 ** Playback savepoint pSavepoint. Or, if pSavepoint==NULL, then playback 3148 ** the entire master journal file. The case pSavepoint==NULL occurs when 3149 ** a ROLLBACK TO command is invoked on a SAVEPOINT that is a transaction 3150 ** savepoint. 3151 ** 3152 ** When pSavepoint is not NULL (meaning a non-transaction savepoint is 3153 ** being rolled back), then the rollback consists of up to three stages, 3154 ** performed in the order specified: 3155 ** 3156 ** * Pages are played back from the main journal starting at byte 3157 ** offset PagerSavepoint.iOffset and continuing to 3158 ** PagerSavepoint.iHdrOffset, or to the end of the main journal 3159 ** file if PagerSavepoint.iHdrOffset is zero. 3160 ** 3161 ** * If PagerSavepoint.iHdrOffset is not zero, then pages are played 3162 ** back starting from the journal header immediately following 3163 ** PagerSavepoint.iHdrOffset to the end of the main journal file. 3164 ** 3165 ** * Pages are then played back from the sub-journal file, starting 3166 ** with the PagerSavepoint.iSubRec and continuing to the end of 3167 ** the journal file. 3168 ** 3169 ** Throughout the rollback process, each time a page is rolled back, the 3170 ** corresponding bit is set in a bitvec structure (variable pDone in the 3171 ** implementation below). This is used to ensure that a page is only 3172 ** rolled back the first time it is encountered in either journal. 3173 ** 3174 ** If pSavepoint is NULL, then pages are only played back from the main 3175 ** journal file. There is no need for a bitvec in this case. 3176 ** 3177 ** In either case, before playback commences the Pager.dbSize variable 3178 ** is reset to the value that it held at the start of the savepoint 3179 ** (or transaction). No page with a page-number greater than this value 3180 ** is played back. If one is encountered it is simply skipped. 3181 */ 3182 static int pagerPlaybackSavepoint(Pager *pPager, PagerSavepoint *pSavepoint){ 3183 i64 szJ; /* Effective size of the main journal */ 3184 i64 iHdrOff; /* End of first segment of main-journal records */ 3185 int rc = SQLITE_OK; /* Return code */ 3186 Bitvec *pDone = 0; /* Bitvec to ensure pages played back only once */ 3187 3188 assert( pPager->eState!=PAGER_ERROR ); 3189 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 3190 3191 /* Allocate a bitvec to use to store the set of pages rolled back */ 3192 if( pSavepoint ){ 3193 pDone = sqlite3BitvecCreate(pSavepoint->nOrig); 3194 if( !pDone ){ 3195 return SQLITE_NOMEM; 3196 } 3197 } 3198 3199 /* Set the database size back to the value it was before the savepoint 3200 ** being reverted was opened. 3201 */ 3202 pPager->dbSize = pSavepoint ? pSavepoint->nOrig : pPager->dbOrigSize; 3203 pPager->changeCountDone = pPager->tempFile; 3204 3205 if( !pSavepoint && pagerUseWal(pPager) ){ 3206 return pagerRollbackWal(pPager); 3207 } 3208 3209 /* Use pPager->journalOff as the effective size of the main rollback 3210 ** journal. The actual file might be larger than this in 3211 ** PAGER_JOURNALMODE_TRUNCATE or PAGER_JOURNALMODE_PERSIST. But anything 3212 ** past pPager->journalOff is off-limits to us. 3213 */ 3214 szJ = pPager->journalOff; 3215 assert( pagerUseWal(pPager)==0 || szJ==0 ); 3216 3217 /* Begin by rolling back records from the main journal starting at 3218 ** PagerSavepoint.iOffset and continuing to the next journal header. 3219 ** There might be records in the main journal that have a page number 3220 ** greater than the current database size (pPager->dbSize) but those 3221 ** will be skipped automatically. Pages are added to pDone as they 3222 ** are played back. 3223 */ 3224 if( pSavepoint && !pagerUseWal(pPager) ){ 3225 iHdrOff = pSavepoint->iHdrOffset ? pSavepoint->iHdrOffset : szJ; 3226 pPager->journalOff = pSavepoint->iOffset; 3227 while( rc==SQLITE_OK && pPager->journalOff<iHdrOff ){ 3228 rc = pager_playback_one_page(pPager, &pPager->journalOff, pDone, 1, 1); 3229 } 3230 assert( rc!=SQLITE_DONE ); 3231 }else{ 3232 pPager->journalOff = 0; 3233 } 3234 3235 /* Continue rolling back records out of the main journal starting at 3236 ** the first journal header seen and continuing until the effective end 3237 ** of the main journal file. Continue to skip out-of-range pages and 3238 ** continue adding pages rolled back to pDone. 3239 */ 3240 while( rc==SQLITE_OK && pPager->journalOff<szJ ){ 3241 u32 ii; /* Loop counter */ 3242 u32 nJRec = 0; /* Number of Journal Records */ 3243 u32 dummy; 3244 rc = readJournalHdr(pPager, 0, szJ, &nJRec, &dummy); 3245 assert( rc!=SQLITE_DONE ); 3246 3247 /* 3248 ** The "pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff" 3249 ** test is related to ticket #2565. See the discussion in the 3250 ** pager_playback() function for additional information. 3251 */ 3252 if( nJRec==0 3253 && pPager->journalHdr+JOURNAL_HDR_SZ(pPager)==pPager->journalOff 3254 ){ 3255 nJRec = (u32)((szJ - pPager->journalOff)/JOURNAL_PG_SZ(pPager)); 3256 } 3257 for(ii=0; rc==SQLITE_OK && ii<nJRec && pPager->journalOff<szJ; ii++){ 3258 rc = pager_playback_one_page(pPager, &pPager->journalOff, pDone, 1, 1); 3259 } 3260 assert( rc!=SQLITE_DONE ); 3261 } 3262 assert( rc!=SQLITE_OK || pPager->journalOff>=szJ ); 3263 3264 /* Finally, rollback pages from the sub-journal. Page that were 3265 ** previously rolled back out of the main journal (and are hence in pDone) 3266 ** will be skipped. Out-of-range pages are also skipped. 3267 */ 3268 if( pSavepoint ){ 3269 u32 ii; /* Loop counter */ 3270 i64 offset = pSavepoint->iSubRec*(4+pPager->pageSize); 3271 3272 if( pagerUseWal(pPager) ){ 3273 rc = sqlite3WalSavepointUndo(pPager->pWal, pSavepoint->aWalData); 3274 } 3275 for(ii=pSavepoint->iSubRec; rc==SQLITE_OK && ii<pPager->nSubRec; ii++){ 3276 assert( offset==ii*(4+pPager->pageSize) ); 3277 rc = pager_playback_one_page(pPager, &offset, pDone, 0, 1); 3278 } 3279 assert( rc!=SQLITE_DONE ); 3280 } 3281 3282 sqlite3BitvecDestroy(pDone); 3283 if( rc==SQLITE_OK ){ 3284 pPager->journalOff = szJ; 3285 } 3286 3287 return rc; 3288 } 3289 3290 /* 3291 ** Change the maximum number of in-memory pages that are allowed. 3292 */ 3293 void sqlite3PagerSetCachesize(Pager *pPager, int mxPage){ 3294 sqlite3PcacheSetCachesize(pPager->pPCache, mxPage); 3295 } 3296 3297 /* 3298 ** Adjust the robustness of the database to damage due to OS crashes 3299 ** or power failures by changing the number of syncs()s when writing 3300 ** the rollback journal. There are three levels: 3301 ** 3302 ** OFF sqlite3OsSync() is never called. This is the default 3303 ** for temporary and transient files. 3304 ** 3305 ** NORMAL The journal is synced once before writes begin on the 3306 ** database. This is normally adequate protection, but 3307 ** it is theoretically possible, though very unlikely, 3308 ** that an inopertune power failure could leave the journal 3309 ** in a state which would cause damage to the database 3310 ** when it is rolled back. 3311 ** 3312 ** FULL The journal is synced twice before writes begin on the 3313 ** database (with some additional information - the nRec field 3314 ** of the journal header - being written in between the two 3315 ** syncs). If we assume that writing a 3316 ** single disk sector is atomic, then this mode provides 3317 ** assurance that the journal will not be corrupted to the 3318 ** point of causing damage to the database during rollback. 3319 ** 3320 ** The above is for a rollback-journal mode. For WAL mode, OFF continues 3321 ** to mean that no syncs ever occur. NORMAL means that the WAL is synced 3322 ** prior to the start of checkpoint and that the database file is synced 3323 ** at the conclusion of the checkpoint if the entire content of the WAL 3324 ** was written back into the database. But no sync operations occur for 3325 ** an ordinary commit in NORMAL mode with WAL. FULL means that the WAL 3326 ** file is synced following each commit operation, in addition to the 3327 ** syncs associated with NORMAL. 3328 ** 3329 ** Do not confuse synchronous=FULL with SQLITE_SYNC_FULL. The 3330 ** SQLITE_SYNC_FULL macro means to use the MacOSX-style full-fsync 3331 ** using fcntl(F_FULLFSYNC). SQLITE_SYNC_NORMAL means to do an 3332 ** ordinary fsync() call. There is no difference between SQLITE_SYNC_FULL 3333 ** and SQLITE_SYNC_NORMAL on platforms other than MacOSX. But the 3334 ** synchronous=FULL versus synchronous=NORMAL setting determines when 3335 ** the xSync primitive is called and is relevant to all platforms. 3336 ** 3337 ** Numeric values associated with these states are OFF==1, NORMAL=2, 3338 ** and FULL=3. 3339 */ 3340 #ifndef SQLITE_OMIT_PAGER_PRAGMAS 3341 void sqlite3PagerSetSafetyLevel( 3342 Pager *pPager, /* The pager to set safety level for */ 3343 int level, /* PRAGMA synchronous. 1=OFF, 2=NORMAL, 3=FULL */ 3344 int bFullFsync, /* PRAGMA fullfsync */ 3345 int bCkptFullFsync /* PRAGMA checkpoint_fullfsync */ 3346 ){ 3347 assert( level>=1 && level<=3 ); 3348 pPager->noSync = (level==1 || pPager->tempFile) ?1:0; 3349 pPager->fullSync = (level==3 && !pPager->tempFile) ?1:0; 3350 if( pPager->noSync ){ 3351 pPager->syncFlags = 0; 3352 pPager->ckptSyncFlags = 0; 3353 }else if( bFullFsync ){ 3354 pPager->syncFlags = SQLITE_SYNC_FULL; 3355 pPager->ckptSyncFlags = SQLITE_SYNC_FULL; 3356 }else if( bCkptFullFsync ){ 3357 pPager->syncFlags = SQLITE_SYNC_NORMAL; 3358 pPager->ckptSyncFlags = SQLITE_SYNC_FULL; 3359 }else{ 3360 pPager->syncFlags = SQLITE_SYNC_NORMAL; 3361 pPager->ckptSyncFlags = SQLITE_SYNC_NORMAL; 3362 } 3363 } 3364 #endif 3365 3366 /* 3367 ** The following global variable is incremented whenever the library 3368 ** attempts to open a temporary file. This information is used for 3369 ** testing and analysis only. 3370 */ 3371 #ifdef SQLITE_TEST 3372 int sqlite3_opentemp_count = 0; 3373 #endif 3374 3375 /* 3376 ** Open a temporary file. 3377 ** 3378 ** Write the file descriptor into *pFile. Return SQLITE_OK on success 3379 ** or some other error code if we fail. The OS will automatically 3380 ** delete the temporary file when it is closed. 3381 ** 3382 ** The flags passed to the VFS layer xOpen() call are those specified 3383 ** by parameter vfsFlags ORed with the following: 3384 ** 3385 ** SQLITE_OPEN_READWRITE 3386 ** SQLITE_OPEN_CREATE 3387 ** SQLITE_OPEN_EXCLUSIVE 3388 ** SQLITE_OPEN_DELETEONCLOSE 3389 */ 3390 static int pagerOpentemp( 3391 Pager *pPager, /* The pager object */ 3392 sqlite3_file *pFile, /* Write the file descriptor here */ 3393 int vfsFlags /* Flags passed through to the VFS */ 3394 ){ 3395 int rc; /* Return code */ 3396 3397 #ifdef SQLITE_TEST 3398 sqlite3_opentemp_count++; /* Used for testing and analysis only */ 3399 #endif 3400 3401 vfsFlags |= SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE | 3402 SQLITE_OPEN_EXCLUSIVE | SQLITE_OPEN_DELETEONCLOSE; 3403 rc = sqlite3OsOpen(pPager->pVfs, 0, pFile, vfsFlags, 0); 3404 assert( rc!=SQLITE_OK || isOpen(pFile) ); 3405 return rc; 3406 } 3407 3408 /* 3409 ** Set the busy handler function. 3410 ** 3411 ** The pager invokes the busy-handler if sqlite3OsLock() returns 3412 ** SQLITE_BUSY when trying to upgrade from no-lock to a SHARED lock, 3413 ** or when trying to upgrade from a RESERVED lock to an EXCLUSIVE 3414 ** lock. It does *not* invoke the busy handler when upgrading from 3415 ** SHARED to RESERVED, or when upgrading from SHARED to EXCLUSIVE 3416 ** (which occurs during hot-journal rollback). Summary: 3417 ** 3418 ** Transition | Invokes xBusyHandler 3419 ** -------------------------------------------------------- 3420 ** NO_LOCK -> SHARED_LOCK | Yes 3421 ** SHARED_LOCK -> RESERVED_LOCK | No 3422 ** SHARED_LOCK -> EXCLUSIVE_LOCK | No 3423 ** RESERVED_LOCK -> EXCLUSIVE_LOCK | Yes 3424 ** 3425 ** If the busy-handler callback returns non-zero, the lock is 3426 ** retried. If it returns zero, then the SQLITE_BUSY error is 3427 ** returned to the caller of the pager API function. 3428 */ 3429 void sqlite3PagerSetBusyhandler( 3430 Pager *pPager, /* Pager object */ 3431 int (*xBusyHandler)(void *), /* Pointer to busy-handler function */ 3432 void *pBusyHandlerArg /* Argument to pass to xBusyHandler */ 3433 ){ 3434 pPager->xBusyHandler = xBusyHandler; 3435 pPager->pBusyHandlerArg = pBusyHandlerArg; 3436 } 3437 3438 /* 3439 ** Change the page size used by the Pager object. The new page size 3440 ** is passed in *pPageSize. 3441 ** 3442 ** If the pager is in the error state when this function is called, it 3443 ** is a no-op. The value returned is the error state error code (i.e. 3444 ** one of SQLITE_IOERR, an SQLITE_IOERR_xxx sub-code or SQLITE_FULL). 3445 ** 3446 ** Otherwise, if all of the following are true: 3447 ** 3448 ** * the new page size (value of *pPageSize) is valid (a power 3449 ** of two between 512 and SQLITE_MAX_PAGE_SIZE, inclusive), and 3450 ** 3451 ** * there are no outstanding page references, and 3452 ** 3453 ** * the database is either not an in-memory database or it is 3454 ** an in-memory database that currently consists of zero pages. 3455 ** 3456 ** then the pager object page size is set to *pPageSize. 3457 ** 3458 ** If the page size is changed, then this function uses sqlite3PagerMalloc() 3459 ** to obtain a new Pager.pTmpSpace buffer. If this allocation attempt 3460 ** fails, SQLITE_NOMEM is returned and the page size remains unchanged. 3461 ** In all other cases, SQLITE_OK is returned. 3462 ** 3463 ** If the page size is not changed, either because one of the enumerated 3464 ** conditions above is not true, the pager was in error state when this 3465 ** function was called, or because the memory allocation attempt failed, 3466 ** then *pPageSize is set to the old, retained page size before returning. 3467 */ 3468 int sqlite3PagerSetPagesize(Pager *pPager, u32 *pPageSize, int nReserve){ 3469 int rc = SQLITE_OK; 3470 3471 /* It is not possible to do a full assert_pager_state() here, as this 3472 ** function may be called from within PagerOpen(), before the state 3473 ** of the Pager object is internally consistent. 3474 ** 3475 ** At one point this function returned an error if the pager was in 3476 ** PAGER_ERROR state. But since PAGER_ERROR state guarantees that 3477 ** there is at least one outstanding page reference, this function 3478 ** is a no-op for that case anyhow. 3479 */ 3480 3481 u32 pageSize = *pPageSize; 3482 assert( pageSize==0 || (pageSize>=512 && pageSize<=SQLITE_MAX_PAGE_SIZE) ); 3483 if( (pPager->memDb==0 || pPager->dbSize==0) 3484 && sqlite3PcacheRefCount(pPager->pPCache)==0 3485 && pageSize && pageSize!=(u32)pPager->pageSize 3486 ){ 3487 char *pNew = NULL; /* New temp space */ 3488 i64 nByte = 0; 3489 3490 if( pPager->eState>PAGER_OPEN && isOpen(pPager->fd) ){ 3491 rc = sqlite3OsFileSize(pPager->fd, &nByte); 3492 } 3493 if( rc==SQLITE_OK ){ 3494 pNew = (char *)sqlite3PageMalloc(pageSize); 3495 if( !pNew ) rc = SQLITE_NOMEM; 3496 } 3497 3498 if( rc==SQLITE_OK ){ 3499 pager_reset(pPager); 3500 pPager->dbSize = (Pgno)(nByte/pageSize); 3501 pPager->pageSize = pageSize; 3502 sqlite3PageFree(pPager->pTmpSpace); 3503 pPager->pTmpSpace = pNew; 3504 sqlite3PcacheSetPageSize(pPager->pPCache, pageSize); 3505 } 3506 } 3507 3508 *pPageSize = pPager->pageSize; 3509 if( rc==SQLITE_OK ){ 3510 if( nReserve<0 ) nReserve = pPager->nReserve; 3511 assert( nReserve>=0 && nReserve<1000 ); 3512 pPager->nReserve = (i16)nReserve; 3513 pagerReportSize(pPager); 3514 } 3515 return rc; 3516 } 3517 3518 /* 3519 ** Return a pointer to the "temporary page" buffer held internally 3520 ** by the pager. This is a buffer that is big enough to hold the 3521 ** entire content of a database page. This buffer is used internally 3522 ** during rollback and will be overwritten whenever a rollback 3523 ** occurs. But other modules are free to use it too, as long as 3524 ** no rollbacks are happening. 3525 */ 3526 void *sqlite3PagerTempSpace(Pager *pPager){ 3527 return pPager->pTmpSpace; 3528 } 3529 3530 /* 3531 ** Attempt to set the maximum database page count if mxPage is positive. 3532 ** Make no changes if mxPage is zero or negative. And never reduce the 3533 ** maximum page count below the current size of the database. 3534 ** 3535 ** Regardless of mxPage, return the current maximum page count. 3536 */ 3537 int sqlite3PagerMaxPageCount(Pager *pPager, int mxPage){ 3538 if( mxPage>0 ){ 3539 pPager->mxPgno = mxPage; 3540 } 3541 assert( pPager->eState!=PAGER_OPEN ); /* Called only by OP_MaxPgcnt */ 3542 assert( pPager->mxPgno>=pPager->dbSize ); /* OP_MaxPgcnt enforces this */ 3543 return pPager->mxPgno; 3544 } 3545 3546 /* 3547 ** The following set of routines are used to disable the simulated 3548 ** I/O error mechanism. These routines are used to avoid simulated 3549 ** errors in places where we do not care about errors. 3550 ** 3551 ** Unless -DSQLITE_TEST=1 is used, these routines are all no-ops 3552 ** and generate no code. 3553 */ 3554 #ifdef SQLITE_TEST 3555 extern int sqlite3_io_error_pending; 3556 extern int sqlite3_io_error_hit; 3557 static int saved_cnt; 3558 void disable_simulated_io_errors(void){ 3559 saved_cnt = sqlite3_io_error_pending; 3560 sqlite3_io_error_pending = -1; 3561 } 3562 void enable_simulated_io_errors(void){ 3563 sqlite3_io_error_pending = saved_cnt; 3564 } 3565 #else 3566 # define disable_simulated_io_errors() 3567 # define enable_simulated_io_errors() 3568 #endif 3569 3570 /* 3571 ** Read the first N bytes from the beginning of the file into memory 3572 ** that pDest points to. 3573 ** 3574 ** If the pager was opened on a transient file (zFilename==""), or 3575 ** opened on a file less than N bytes in size, the output buffer is 3576 ** zeroed and SQLITE_OK returned. The rationale for this is that this 3577 ** function is used to read database headers, and a new transient or 3578 ** zero sized database has a header than consists entirely of zeroes. 3579 ** 3580 ** If any IO error apart from SQLITE_IOERR_SHORT_READ is encountered, 3581 ** the error code is returned to the caller and the contents of the 3582 ** output buffer undefined. 3583 */ 3584 int sqlite3PagerReadFileheader(Pager *pPager, int N, unsigned char *pDest){ 3585 int rc = SQLITE_OK; 3586 memset(pDest, 0, N); 3587 assert( isOpen(pPager->fd) || pPager->tempFile ); 3588 3589 /* This routine is only called by btree immediately after creating 3590 ** the Pager object. There has not been an opportunity to transition 3591 ** to WAL mode yet. 3592 */ 3593 assert( !pagerUseWal(pPager) ); 3594 3595 if( isOpen(pPager->fd) ){ 3596 IOTRACE(("DBHDR %p 0 %d\n", pPager, N)) 3597 rc = sqlite3OsRead(pPager->fd, pDest, N, 0); 3598 if( rc==SQLITE_IOERR_SHORT_READ ){ 3599 rc = SQLITE_OK; 3600 } 3601 } 3602 return rc; 3603 } 3604 3605 /* 3606 ** This function may only be called when a read-transaction is open on 3607 ** the pager. It returns the total number of pages in the database. 3608 ** 3609 ** However, if the file is between 1 and <page-size> bytes in size, then 3610 ** this is considered a 1 page file. 3611 */ 3612 void sqlite3PagerPagecount(Pager *pPager, int *pnPage){ 3613 assert( pPager->eState>=PAGER_READER ); 3614 assert( pPager->eState!=PAGER_WRITER_FINISHED ); 3615 *pnPage = (int)pPager->dbSize; 3616 } 3617 3618 3619 /* 3620 ** Try to obtain a lock of type locktype on the database file. If 3621 ** a similar or greater lock is already held, this function is a no-op 3622 ** (returning SQLITE_OK immediately). 3623 ** 3624 ** Otherwise, attempt to obtain the lock using sqlite3OsLock(). Invoke 3625 ** the busy callback if the lock is currently not available. Repeat 3626 ** until the busy callback returns false or until the attempt to 3627 ** obtain the lock succeeds. 3628 ** 3629 ** Return SQLITE_OK on success and an error code if we cannot obtain 3630 ** the lock. If the lock is obtained successfully, set the Pager.state 3631 ** variable to locktype before returning. 3632 */ 3633 static int pager_wait_on_lock(Pager *pPager, int locktype){ 3634 int rc; /* Return code */ 3635 3636 /* Check that this is either a no-op (because the requested lock is 3637 ** already held, or one of the transistions that the busy-handler 3638 ** may be invoked during, according to the comment above 3639 ** sqlite3PagerSetBusyhandler(). 3640 */ 3641 assert( (pPager->eLock>=locktype) 3642 || (pPager->eLock==NO_LOCK && locktype==SHARED_LOCK) 3643 || (pPager->eLock==RESERVED_LOCK && locktype==EXCLUSIVE_LOCK) 3644 ); 3645 3646 do { 3647 rc = pagerLockDb(pPager, locktype); 3648 }while( rc==SQLITE_BUSY && pPager->xBusyHandler(pPager->pBusyHandlerArg) ); 3649 return rc; 3650 } 3651 3652 /* 3653 ** Function assertTruncateConstraint(pPager) checks that one of the 3654 ** following is true for all dirty pages currently in the page-cache: 3655 ** 3656 ** a) The page number is less than or equal to the size of the 3657 ** current database image, in pages, OR 3658 ** 3659 ** b) if the page content were written at this time, it would not 3660 ** be necessary to write the current content out to the sub-journal 3661 ** (as determined by function subjRequiresPage()). 3662 ** 3663 ** If the condition asserted by this function were not true, and the 3664 ** dirty page were to be discarded from the cache via the pagerStress() 3665 ** routine, pagerStress() would not write the current page content to 3666 ** the database file. If a savepoint transaction were rolled back after 3667 ** this happened, the correct behaviour would be to restore the current 3668 ** content of the page. However, since this content is not present in either 3669 ** the database file or the portion of the rollback journal and 3670 ** sub-journal rolled back the content could not be restored and the 3671 ** database image would become corrupt. It is therefore fortunate that 3672 ** this circumstance cannot arise. 3673 */ 3674 #if defined(SQLITE_DEBUG) 3675 static void assertTruncateConstraintCb(PgHdr *pPg){ 3676 assert( pPg->flags&PGHDR_DIRTY ); 3677 assert( !subjRequiresPage(pPg) || pPg->pgno<=pPg->pPager->dbSize ); 3678 } 3679 static void assertTruncateConstraint(Pager *pPager){ 3680 sqlite3PcacheIterateDirty(pPager->pPCache, assertTruncateConstraintCb); 3681 } 3682 #else 3683 # define assertTruncateConstraint(pPager) 3684 #endif 3685 3686 /* 3687 ** Truncate the in-memory database file image to nPage pages. This 3688 ** function does not actually modify the database file on disk. It 3689 ** just sets the internal state of the pager object so that the 3690 ** truncation will be done when the current transaction is committed. 3691 */ 3692 void sqlite3PagerTruncateImage(Pager *pPager, Pgno nPage){ 3693 assert( pPager->dbSize>=nPage ); 3694 assert( pPager->eState>=PAGER_WRITER_CACHEMOD ); 3695 pPager->dbSize = nPage; 3696 assertTruncateConstraint(pPager); 3697 } 3698 3699 3700 /* 3701 ** This function is called before attempting a hot-journal rollback. It 3702 ** syncs the journal file to disk, then sets pPager->journalHdr to the 3703 ** size of the journal file so that the pager_playback() routine knows 3704 ** that the entire journal file has been synced. 3705 ** 3706 ** Syncing a hot-journal to disk before attempting to roll it back ensures 3707 ** that if a power-failure occurs during the rollback, the process that 3708 ** attempts rollback following system recovery sees the same journal 3709 ** content as this process. 3710 ** 3711 ** If everything goes as planned, SQLITE_OK is returned. Otherwise, 3712 ** an SQLite error code. 3713 */ 3714 static int pagerSyncHotJournal(Pager *pPager){ 3715 int rc = SQLITE_OK; 3716 if( !pPager->noSync ){ 3717 rc = sqlite3OsSync(pPager->jfd, SQLITE_SYNC_NORMAL); 3718 } 3719 if( rc==SQLITE_OK ){ 3720 rc = sqlite3OsFileSize(pPager->jfd, &pPager->journalHdr); 3721 } 3722 return rc; 3723 } 3724 3725 /* 3726 ** Shutdown the page cache. Free all memory and close all files. 3727 ** 3728 ** If a transaction was in progress when this routine is called, that 3729 ** transaction is rolled back. All outstanding pages are invalidated 3730 ** and their memory is freed. Any attempt to use a page associated 3731 ** with this page cache after this function returns will likely 3732 ** result in a coredump. 3733 ** 3734 ** This function always succeeds. If a transaction is active an attempt 3735 ** is made to roll it back. If an error occurs during the rollback 3736 ** a hot journal may be left in the filesystem but no error is returned 3737 ** to the caller. 3738 */ 3739 int sqlite3PagerClose(Pager *pPager){ 3740 u8 *pTmp = (u8 *)pPager->pTmpSpace; 3741 3742 disable_simulated_io_errors(); 3743 sqlite3BeginBenignMalloc(); 3744 /* pPager->errCode = 0; */ 3745 pPager->exclusiveMode = 0; 3746 #ifndef SQLITE_OMIT_WAL 3747 sqlite3WalClose(pPager->pWal, pPager->ckptSyncFlags, pPager->pageSize, pTmp); 3748 pPager->pWal = 0; 3749 #endif 3750 pager_reset(pPager); 3751 if( MEMDB ){ 3752 pager_unlock(pPager); 3753 }else{ 3754 /* If it is open, sync the journal file before calling UnlockAndRollback. 3755 ** If this is not done, then an unsynced portion of the open journal 3756 ** file may be played back into the database. If a power failure occurs 3757 ** while this is happening, the database could become corrupt. 3758 ** 3759 ** If an error occurs while trying to sync the journal, shift the pager 3760 ** into the ERROR state. This causes UnlockAndRollback to unlock the 3761 ** database and close the journal file without attempting to roll it 3762 ** back or finalize it. The next database user will have to do hot-journal 3763 ** rollback before accessing the database file. 3764 */ 3765 if( isOpen(pPager->jfd) ){ 3766 pager_error(pPager, pagerSyncHotJournal(pPager)); 3767 } 3768 pagerUnlockAndRollback(pPager); 3769 } 3770 sqlite3EndBenignMalloc(); 3771 enable_simulated_io_errors(); 3772 PAGERTRACE(("CLOSE %d\n", PAGERID(pPager))); 3773 IOTRACE(("CLOSE %p\n", pPager)) 3774 sqlite3OsClose(pPager->jfd); 3775 sqlite3OsClose(pPager->fd); 3776 sqlite3PageFree(pTmp); 3777 sqlite3PcacheClose(pPager->pPCache); 3778 3779 #ifdef SQLITE_HAS_CODEC 3780 if( pPager->xCodecFree ) pPager->xCodecFree(pPager->pCodec); 3781 #endif 3782 3783 assert( !pPager->aSavepoint && !pPager->pInJournal ); 3784 assert( !isOpen(pPager->jfd) && !isOpen(pPager->sjfd) ); 3785 3786 sqlite3_free(pPager); 3787 return SQLITE_OK; 3788 } 3789 3790 #if !defined(NDEBUG) || defined(SQLITE_TEST) 3791 /* 3792 ** Return the page number for page pPg. 3793 */ 3794 Pgno sqlite3PagerPagenumber(DbPage *pPg){ 3795 return pPg->pgno; 3796 } 3797 #endif 3798 3799 /* 3800 ** Increment the reference count for page pPg. 3801 */ 3802 void sqlite3PagerRef(DbPage *pPg){ 3803 sqlite3PcacheRef(pPg); 3804 } 3805 3806 /* 3807 ** Sync the journal. In other words, make sure all the pages that have 3808 ** been written to the journal have actually reached the surface of the 3809 ** disk and can be restored in the event of a hot-journal rollback. 3810 ** 3811 ** If the Pager.noSync flag is set, then this function is a no-op. 3812 ** Otherwise, the actions required depend on the journal-mode and the 3813 ** device characteristics of the the file-system, as follows: 3814 ** 3815 ** * If the journal file is an in-memory journal file, no action need 3816 ** be taken. 3817 ** 3818 ** * Otherwise, if the device does not support the SAFE_APPEND property, 3819 ** then the nRec field of the most recently written journal header 3820 ** is updated to contain the number of journal records that have 3821 ** been written following it. If the pager is operating in full-sync 3822 ** mode, then the journal file is synced before this field is updated. 3823 ** 3824 ** * If the device does not support the SEQUENTIAL property, then 3825 ** journal file is synced. 3826 ** 3827 ** Or, in pseudo-code: 3828 ** 3829 ** if( NOT <in-memory journal> ){ 3830 ** if( NOT SAFE_APPEND ){ 3831 ** if( <full-sync mode> ) xSync(<journal file>); 3832 ** <update nRec field> 3833 ** } 3834 ** if( NOT SEQUENTIAL ) xSync(<journal file>); 3835 ** } 3836 ** 3837 ** If successful, this routine clears the PGHDR_NEED_SYNC flag of every 3838 ** page currently held in memory before returning SQLITE_OK. If an IO 3839 ** error is encountered, then the IO error code is returned to the caller. 3840 */ 3841 static int syncJournal(Pager *pPager, int newHdr){ 3842 int rc; /* Return code */ 3843 3844 assert( pPager->eState==PAGER_WRITER_CACHEMOD 3845 || pPager->eState==PAGER_WRITER_DBMOD 3846 ); 3847 assert( assert_pager_state(pPager) ); 3848 assert( !pagerUseWal(pPager) ); 3849 3850 rc = sqlite3PagerExclusiveLock(pPager); 3851 if( rc!=SQLITE_OK ) return rc; 3852 3853 if( !pPager->noSync ){ 3854 assert( !pPager->tempFile ); 3855 if( isOpen(pPager->jfd) && pPager->journalMode!=PAGER_JOURNALMODE_MEMORY ){ 3856 const int iDc = sqlite3OsDeviceCharacteristics(pPager->fd); 3857 assert( isOpen(pPager->jfd) ); 3858 3859 if( 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){ 3860 /* This block deals with an obscure problem. If the last connection 3861 ** that wrote to this database was operating in persistent-journal 3862 ** mode, then the journal file may at this point actually be larger 3863 ** than Pager.journalOff bytes. If the next thing in the journal 3864 ** file happens to be a journal-header (written as part of the 3865 ** previous connection's transaction), and a crash or power-failure 3866 ** occurs after nRec is updated but before this connection writes 3867 ** anything else to the journal file (or commits/rolls back its 3868 ** transaction), then SQLite may become confused when doing the 3869 ** hot-journal rollback following recovery. It may roll back all 3870 ** of this connections data, then proceed to rolling back the old, 3871 ** out-of-date data that follows it. Database corruption. 3872 ** 3873 ** To work around this, if the journal file does appear to contain 3874 ** a valid header following Pager.journalOff, then write a 0x00 3875 ** byte to the start of it to prevent it from being recognized. 3876 ** 3877 ** Variable iNextHdrOffset is set to the offset at which this 3878 ** problematic header will occur, if it exists. aMagic is used 3879 ** as a temporary buffer to inspect the first couple of bytes of 3880 ** the potential journal header. 3881 */ 3882 i64 iNextHdrOffset; 3883 u8 aMagic[8]; 3884 u8 zHeader[sizeof(aJournalMagic)+4]; 3885 3886 memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic)); 3887 put32bits(&zHeader[sizeof(aJournalMagic)], pPager->nRec); 3888 3889 iNextHdrOffset = journalHdrOffset(pPager); 3890 rc = sqlite3OsRead(pPager->jfd, aMagic, 8, iNextHdrOffset); 3891 if( rc==SQLITE_OK && 0==memcmp(aMagic, aJournalMagic, 8) ){ 3892 static const u8 zerobyte = 0; 3893 rc = sqlite3OsWrite(pPager->jfd, &zerobyte, 1, iNextHdrOffset); 3894 } 3895 if( rc!=SQLITE_OK && rc!=SQLITE_IOERR_SHORT_READ ){ 3896 return rc; 3897 } 3898 3899 /* Write the nRec value into the journal file header. If in 3900 ** full-synchronous mode, sync the journal first. This ensures that 3901 ** all data has really hit the disk before nRec is updated to mark 3902 ** it as a candidate for rollback. 3903 ** 3904 ** This is not required if the persistent media supports the 3905 ** SAFE_APPEND property. Because in this case it is not possible 3906 ** for garbage data to be appended to the file, the nRec field 3907 ** is populated with 0xFFFFFFFF when the journal header is written 3908 ** and never needs to be updated. 3909 */ 3910 if( pPager->fullSync && 0==(iDc&SQLITE_IOCAP_SEQUENTIAL) ){ 3911 PAGERTRACE(("SYNC journal of %d\n", PAGERID(pPager))); 3912 IOTRACE(("JSYNC %p\n", pPager)) 3913 rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags); 3914 if( rc!=SQLITE_OK ) return rc; 3915 } 3916 IOTRACE(("JHDR %p %lld\n", pPager, pPager->journalHdr)); 3917 rc = sqlite3OsWrite( 3918 pPager->jfd, zHeader, sizeof(zHeader), pPager->journalHdr 3919 ); 3920 if( rc!=SQLITE_OK ) return rc; 3921 } 3922 if( 0==(iDc&SQLITE_IOCAP_SEQUENTIAL) ){ 3923 PAGERTRACE(("SYNC journal of %d\n", PAGERID(pPager))); 3924 IOTRACE(("JSYNC %p\n", pPager)) 3925 rc = sqlite3OsSync(pPager->jfd, pPager->syncFlags| 3926 (pPager->syncFlags==SQLITE_SYNC_FULL?SQLITE_SYNC_DATAONLY:0) 3927 ); 3928 if( rc!=SQLITE_OK ) return rc; 3929 } 3930 3931 pPager->journalHdr = pPager->journalOff; 3932 if( newHdr && 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){ 3933 pPager->nRec = 0; 3934 rc = writeJournalHdr(pPager); 3935 if( rc!=SQLITE_OK ) return rc; 3936 } 3937 }else{ 3938 pPager->journalHdr = pPager->journalOff; 3939 } 3940 } 3941 3942 /* Unless the pager is in noSync mode, the journal file was just 3943 ** successfully synced. Either way, clear the PGHDR_NEED_SYNC flag on 3944 ** all pages. 3945 */ 3946 sqlite3PcacheClearSyncFlags(pPager->pPCache); 3947 pPager->eState = PAGER_WRITER_DBMOD; 3948 assert( assert_pager_state(pPager) ); 3949 return SQLITE_OK; 3950 } 3951 3952 /* 3953 ** The argument is the first in a linked list of dirty pages connected 3954 ** by the PgHdr.pDirty pointer. This function writes each one of the 3955 ** in-memory pages in the list to the database file. The argument may 3956 ** be NULL, representing an empty list. In this case this function is 3957 ** a no-op. 3958 ** 3959 ** The pager must hold at least a RESERVED lock when this function 3960 ** is called. Before writing anything to the database file, this lock 3961 ** is upgraded to an EXCLUSIVE lock. If the lock cannot be obtained, 3962 ** SQLITE_BUSY is returned and no data is written to the database file. 3963 ** 3964 ** If the pager is a temp-file pager and the actual file-system file 3965 ** is not yet open, it is created and opened before any data is 3966 ** written out. 3967 ** 3968 ** Once the lock has been upgraded and, if necessary, the file opened, 3969 ** the pages are written out to the database file in list order. Writing 3970 ** a page is skipped if it meets either of the following criteria: 3971 ** 3972 ** * The page number is greater than Pager.dbSize, or 3973 ** * The PGHDR_DONT_WRITE flag is set on the page. 3974 ** 3975 ** If writing out a page causes the database file to grow, Pager.dbFileSize 3976 ** is updated accordingly. If page 1 is written out, then the value cached 3977 ** in Pager.dbFileVers[] is updated to match the new value stored in 3978 ** the database file. 3979 ** 3980 ** If everything is successful, SQLITE_OK is returned. If an IO error 3981 ** occurs, an IO error code is returned. Or, if the EXCLUSIVE lock cannot 3982 ** be obtained, SQLITE_BUSY is returned. 3983 */ 3984 static int pager_write_pagelist(Pager *pPager, PgHdr *pList){ 3985 int rc = SQLITE_OK; /* Return code */ 3986 3987 /* This function is only called for rollback pagers in WRITER_DBMOD state. */ 3988 assert( !pagerUseWal(pPager) ); 3989 assert( pPager->eState==PAGER_WRITER_DBMOD ); 3990 assert( pPager->eLock==EXCLUSIVE_LOCK ); 3991 3992 /* If the file is a temp-file has not yet been opened, open it now. It 3993 ** is not possible for rc to be other than SQLITE_OK if this branch 3994 ** is taken, as pager_wait_on_lock() is a no-op for temp-files. 3995 */ 3996 if( !isOpen(pPager->fd) ){ 3997 assert( pPager->tempFile && rc==SQLITE_OK ); 3998 rc = pagerOpentemp(pPager, pPager->fd, pPager->vfsFlags); 3999 } 4000 4001 /* Before the first write, give the VFS a hint of what the final 4002 ** file size will be. 4003 */ 4004 assert( rc!=SQLITE_OK || isOpen(pPager->fd) ); 4005 if( rc==SQLITE_OK && pPager->dbSize>pPager->dbHintSize ){ 4006 sqlite3_int64 szFile = pPager->pageSize * (sqlite3_int64)pPager->dbSize; 4007 sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_SIZE_HINT, &szFile); 4008 pPager->dbHintSize = pPager->dbSize; 4009 } 4010 4011 while( rc==SQLITE_OK && pList ){ 4012 Pgno pgno = pList->pgno; 4013 4014 /* If there are dirty pages in the page cache with page numbers greater 4015 ** than Pager.dbSize, this means sqlite3PagerTruncateImage() was called to 4016 ** make the file smaller (presumably by auto-vacuum code). Do not write 4017 ** any such pages to the file. 4018 ** 4019 ** Also, do not write out any page that has the PGHDR_DONT_WRITE flag 4020 ** set (set by sqlite3PagerDontWrite()). 4021 */ 4022 if( pgno<=pPager->dbSize && 0==(pList->flags&PGHDR_DONT_WRITE) ){ 4023 i64 offset = (pgno-1)*(i64)pPager->pageSize; /* Offset to write */ 4024 char *pData; /* Data to write */ 4025 4026 assert( (pList->flags&PGHDR_NEED_SYNC)==0 ); 4027 if( pList->pgno==1 ) pager_write_changecounter(pList); 4028 4029 /* Encode the database */ 4030 CODEC2(pPager, pList->pData, pgno, 6, return SQLITE_NOMEM, pData); 4031 4032 /* Write out the page data. */ 4033 rc = sqlite3OsWrite(pPager->fd, pData, pPager->pageSize, offset); 4034 4035 /* If page 1 was just written, update Pager.dbFileVers to match 4036 ** the value now stored in the database file. If writing this 4037 ** page caused the database file to grow, update dbFileSize. 4038 */ 4039 if( pgno==1 ){ 4040 memcpy(&pPager->dbFileVers, &pData[24], sizeof(pPager->dbFileVers)); 4041 } 4042 if( pgno>pPager->dbFileSize ){ 4043 pPager->dbFileSize = pgno; 4044 } 4045 4046 /* Update any backup objects copying the contents of this pager. */ 4047 sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)pList->pData); 4048 4049 PAGERTRACE(("STORE %d page %d hash(%08x)\n", 4050 PAGERID(pPager), pgno, pager_pagehash(pList))); 4051 IOTRACE(("PGOUT %p %d\n", pPager, pgno)); 4052 PAGER_INCR(sqlite3_pager_writedb_count); 4053 PAGER_INCR(pPager->nWrite); 4054 }else{ 4055 PAGERTRACE(("NOSTORE %d page %d\n", PAGERID(pPager), pgno)); 4056 } 4057 pager_set_pagehash(pList); 4058 pList = pList->pDirty; 4059 } 4060 4061 return rc; 4062 } 4063 4064 /* 4065 ** Ensure that the sub-journal file is open. If it is already open, this 4066 ** function is a no-op. 4067 ** 4068 ** SQLITE_OK is returned if everything goes according to plan. An 4069 ** SQLITE_IOERR_XXX error code is returned if a call to sqlite3OsOpen() 4070 ** fails. 4071 */ 4072 static int openSubJournal(Pager *pPager){ 4073 int rc = SQLITE_OK; 4074 if( !isOpen(pPager->sjfd) ){ 4075 if( pPager->journalMode==PAGER_JOURNALMODE_MEMORY || pPager->subjInMemory ){ 4076 sqlite3MemJournalOpen(pPager->sjfd); 4077 }else{ 4078 rc = pagerOpentemp(pPager, pPager->sjfd, SQLITE_OPEN_SUBJOURNAL); 4079 } 4080 } 4081 return rc; 4082 } 4083 4084 /* 4085 ** Append a record of the current state of page pPg to the sub-journal. 4086 ** It is the callers responsibility to use subjRequiresPage() to check 4087 ** that it is really required before calling this function. 4088 ** 4089 ** If successful, set the bit corresponding to pPg->pgno in the bitvecs 4090 ** for all open savepoints before returning. 4091 ** 4092 ** This function returns SQLITE_OK if everything is successful, an IO 4093 ** error code if the attempt to write to the sub-journal fails, or 4094 ** SQLITE_NOMEM if a malloc fails while setting a bit in a savepoint 4095 ** bitvec. 4096 */ 4097 static int subjournalPage(PgHdr *pPg){ 4098 int rc = SQLITE_OK; 4099 Pager *pPager = pPg->pPager; 4100 if( pPager->journalMode!=PAGER_JOURNALMODE_OFF ){ 4101 4102 /* Open the sub-journal, if it has not already been opened */ 4103 assert( pPager->useJournal ); 4104 assert( isOpen(pPager->jfd) || pagerUseWal(pPager) ); 4105 assert( isOpen(pPager->sjfd) || pPager->nSubRec==0 ); 4106 assert( pagerUseWal(pPager) 4107 || pageInJournal(pPg) 4108 || pPg->pgno>pPager->dbOrigSize 4109 ); 4110 rc = openSubJournal(pPager); 4111 4112 /* If the sub-journal was opened successfully (or was already open), 4113 ** write the journal record into the file. */ 4114 if( rc==SQLITE_OK ){ 4115 void *pData = pPg->pData; 4116 i64 offset = pPager->nSubRec*(4+pPager->pageSize); 4117 char *pData2; 4118 4119 CODEC2(pPager, pData, pPg->pgno, 7, return SQLITE_NOMEM, pData2); 4120 PAGERTRACE(("STMT-JOURNAL %d page %d\n", PAGERID(pPager), pPg->pgno)); 4121 rc = write32bits(pPager->sjfd, offset, pPg->pgno); 4122 if( rc==SQLITE_OK ){ 4123 rc = sqlite3OsWrite(pPager->sjfd, pData2, pPager->pageSize, offset+4); 4124 } 4125 } 4126 } 4127 if( rc==SQLITE_OK ){ 4128 pPager->nSubRec++; 4129 assert( pPager->nSavepoint>0 ); 4130 rc = addToSavepointBitvecs(pPager, pPg->pgno); 4131 } 4132 return rc; 4133 } 4134 4135 /* 4136 ** This function is called by the pcache layer when it has reached some 4137 ** soft memory limit. The first argument is a pointer to a Pager object 4138 ** (cast as a void*). The pager is always 'purgeable' (not an in-memory 4139 ** database). The second argument is a reference to a page that is 4140 ** currently dirty but has no outstanding references. The page 4141 ** is always associated with the Pager object passed as the first 4142 ** argument. 4143 ** 4144 ** The job of this function is to make pPg clean by writing its contents 4145 ** out to the database file, if possible. This may involve syncing the 4146 ** journal file. 4147 ** 4148 ** If successful, sqlite3PcacheMakeClean() is called on the page and 4149 ** SQLITE_OK returned. If an IO error occurs while trying to make the 4150 ** page clean, the IO error code is returned. If the page cannot be 4151 ** made clean for some other reason, but no error occurs, then SQLITE_OK 4152 ** is returned by sqlite3PcacheMakeClean() is not called. 4153 */ 4154 static int pagerStress(void *p, PgHdr *pPg){ 4155 Pager *pPager = (Pager *)p; 4156 int rc = SQLITE_OK; 4157 4158 assert( pPg->pPager==pPager ); 4159 assert( pPg->flags&PGHDR_DIRTY ); 4160 4161 /* The doNotSyncSpill flag is set during times when doing a sync of 4162 ** journal (and adding a new header) is not allowed. This occurs 4163 ** during calls to sqlite3PagerWrite() while trying to journal multiple 4164 ** pages belonging to the same sector. 4165 ** 4166 ** The doNotSpill flag inhibits all cache spilling regardless of whether 4167 ** or not a sync is required. This is set during a rollback. 4168 ** 4169 ** Spilling is also prohibited when in an error state since that could 4170 ** lead to database corruption. In the current implementaton it 4171 ** is impossible for sqlite3PCacheFetch() to be called with createFlag==1 4172 ** while in the error state, hence it is impossible for this routine to 4173 ** be called in the error state. Nevertheless, we include a NEVER() 4174 ** test for the error state as a safeguard against future changes. 4175 */ 4176 if( NEVER(pPager->errCode) ) return SQLITE_OK; 4177 if( pPager->doNotSpill ) return SQLITE_OK; 4178 if( pPager->doNotSyncSpill && (pPg->flags & PGHDR_NEED_SYNC)!=0 ){ 4179 return SQLITE_OK; 4180 } 4181 4182 pPg->pDirty = 0; 4183 if( pagerUseWal(pPager) ){ 4184 /* Write a single frame for this page to the log. */ 4185 if( subjRequiresPage(pPg) ){ 4186 rc = subjournalPage(pPg); 4187 } 4188 if( rc==SQLITE_OK ){ 4189 rc = pagerWalFrames(pPager, pPg, 0, 0, 0); 4190 } 4191 }else{ 4192 4193 /* Sync the journal file if required. */ 4194 if( pPg->flags&PGHDR_NEED_SYNC 4195 || pPager->eState==PAGER_WRITER_CACHEMOD 4196 ){ 4197 rc = syncJournal(pPager, 1); 4198 } 4199 4200 /* If the page number of this page is larger than the current size of 4201 ** the database image, it may need to be written to the sub-journal. 4202 ** This is because the call to pager_write_pagelist() below will not 4203 ** actually write data to the file in this case. 4204 ** 4205 ** Consider the following sequence of events: 4206 ** 4207 ** BEGIN; 4208 ** <journal page X> 4209 ** <modify page X> 4210 ** SAVEPOINT sp; 4211 ** <shrink database file to Y pages> 4212 ** pagerStress(page X) 4213 ** ROLLBACK TO sp; 4214 ** 4215 ** If (X>Y), then when pagerStress is called page X will not be written 4216 ** out to the database file, but will be dropped from the cache. Then, 4217 ** following the "ROLLBACK TO sp" statement, reading page X will read 4218 ** data from the database file. This will be the copy of page X as it 4219 ** was when the transaction started, not as it was when "SAVEPOINT sp" 4220 ** was executed. 4221 ** 4222 ** The solution is to write the current data for page X into the 4223 ** sub-journal file now (if it is not already there), so that it will 4224 ** be restored to its current value when the "ROLLBACK TO sp" is 4225 ** executed. 4226 */ 4227 if( NEVER( 4228 rc==SQLITE_OK && pPg->pgno>pPager->dbSize && subjRequiresPage(pPg) 4229 ) ){ 4230 rc = subjournalPage(pPg); 4231 } 4232 4233 /* Write the contents of the page out to the database file. */ 4234 if( rc==SQLITE_OK ){ 4235 assert( (pPg->flags&PGHDR_NEED_SYNC)==0 ); 4236 rc = pager_write_pagelist(pPager, pPg); 4237 } 4238 } 4239 4240 /* Mark the page as clean. */ 4241 if( rc==SQLITE_OK ){ 4242 PAGERTRACE(("STRESS %d page %d\n", PAGERID(pPager), pPg->pgno)); 4243 sqlite3PcacheMakeClean(pPg); 4244 } 4245 4246 return pager_error(pPager, rc); 4247 } 4248 4249 4250 /* 4251 ** Allocate and initialize a new Pager object and put a pointer to it 4252 ** in *ppPager. The pager should eventually be freed by passing it 4253 ** to sqlite3PagerClose(). 4254 ** 4255 ** The zFilename argument is the path to the database file to open. 4256 ** If zFilename is NULL then a randomly-named temporary file is created 4257 ** and used as the file to be cached. Temporary files are be deleted 4258 ** automatically when they are closed. If zFilename is ":memory:" then 4259 ** all information is held in cache. It is never written to disk. 4260 ** This can be used to implement an in-memory database. 4261 ** 4262 ** The nExtra parameter specifies the number of bytes of space allocated 4263 ** along with each page reference. This space is available to the user 4264 ** via the sqlite3PagerGetExtra() API. 4265 ** 4266 ** The flags argument is used to specify properties that affect the 4267 ** operation of the pager. It should be passed some bitwise combination 4268 ** of the PAGER_OMIT_JOURNAL and PAGER_NO_READLOCK flags. 4269 ** 4270 ** The vfsFlags parameter is a bitmask to pass to the flags parameter 4271 ** of the xOpen() method of the supplied VFS when opening files. 4272 ** 4273 ** If the pager object is allocated and the specified file opened 4274 ** successfully, SQLITE_OK is returned and *ppPager set to point to 4275 ** the new pager object. If an error occurs, *ppPager is set to NULL 4276 ** and error code returned. This function may return SQLITE_NOMEM 4277 ** (sqlite3Malloc() is used to allocate memory), SQLITE_CANTOPEN or 4278 ** various SQLITE_IO_XXX errors. 4279 */ 4280 int sqlite3PagerOpen( 4281 sqlite3_vfs *pVfs, /* The virtual file system to use */ 4282 Pager **ppPager, /* OUT: Return the Pager structure here */ 4283 const char *zFilename, /* Name of the database file to open */ 4284 int nExtra, /* Extra bytes append to each in-memory page */ 4285 int flags, /* flags controlling this file */ 4286 int vfsFlags, /* flags passed through to sqlite3_vfs.xOpen() */ 4287 void (*xReinit)(DbPage*) /* Function to reinitialize pages */ 4288 ){ 4289 u8 *pPtr; 4290 Pager *pPager = 0; /* Pager object to allocate and return */ 4291 int rc = SQLITE_OK; /* Return code */ 4292 int tempFile = 0; /* True for temp files (incl. in-memory files) */ 4293 int memDb = 0; /* True if this is an in-memory file */ 4294 int readOnly = 0; /* True if this is a read-only file */ 4295 int journalFileSize; /* Bytes to allocate for each journal fd */ 4296 char *zPathname = 0; /* Full path to database file */ 4297 int nPathname = 0; /* Number of bytes in zPathname */ 4298 int useJournal = (flags & PAGER_OMIT_JOURNAL)==0; /* False to omit journal */ 4299 int noReadlock = (flags & PAGER_NO_READLOCK)!=0; /* True to omit read-lock */ 4300 int pcacheSize = sqlite3PcacheSize(); /* Bytes to allocate for PCache */ 4301 u32 szPageDflt = SQLITE_DEFAULT_PAGE_SIZE; /* Default page size */ 4302 4303 /* Figure out how much space is required for each journal file-handle 4304 ** (there are two of them, the main journal and the sub-journal). This 4305 ** is the maximum space required for an in-memory journal file handle 4306 ** and a regular journal file-handle. Note that a "regular journal-handle" 4307 ** may be a wrapper capable of caching the first portion of the journal 4308 ** file in memory to implement the atomic-write optimization (see 4309 ** source file journal.c). 4310 */ 4311 if( sqlite3JournalSize(pVfs)>sqlite3MemJournalSize() ){ 4312 journalFileSize = ROUND8(sqlite3JournalSize(pVfs)); 4313 }else{ 4314 journalFileSize = ROUND8(sqlite3MemJournalSize()); 4315 } 4316 4317 /* Set the output variable to NULL in case an error occurs. */ 4318 *ppPager = 0; 4319 4320 #ifndef SQLITE_OMIT_MEMORYDB 4321 if( flags & PAGER_MEMORY ){ 4322 memDb = 1; 4323 zFilename = 0; 4324 } 4325 #endif 4326 4327 /* Compute and store the full pathname in an allocated buffer pointed 4328 ** to by zPathname, length nPathname. Or, if this is a temporary file, 4329 ** leave both nPathname and zPathname set to 0. 4330 */ 4331 if( zFilename && zFilename[0] ){ 4332 nPathname = pVfs->mxPathname+1; 4333 zPathname = sqlite3Malloc(nPathname*2); 4334 if( zPathname==0 ){ 4335 return SQLITE_NOMEM; 4336 } 4337 zPathname[0] = 0; /* Make sure initialized even if FullPathname() fails */ 4338 rc = sqlite3OsFullPathname(pVfs, zFilename, nPathname, zPathname); 4339 nPathname = sqlite3Strlen30(zPathname); 4340 if( rc==SQLITE_OK && nPathname+8>pVfs->mxPathname ){ 4341 /* This branch is taken when the journal path required by 4342 ** the database being opened will be more than pVfs->mxPathname 4343 ** bytes in length. This means the database cannot be opened, 4344 ** as it will not be possible to open the journal file or even 4345 ** check for a hot-journal before reading. 4346 */ 4347 rc = SQLITE_CANTOPEN_BKPT; 4348 } 4349 if( rc!=SQLITE_OK ){ 4350 sqlite3_free(zPathname); 4351 return rc; 4352 } 4353 } 4354 4355 /* Allocate memory for the Pager structure, PCache object, the 4356 ** three file descriptors, the database file name and the journal 4357 ** file name. The layout in memory is as follows: 4358 ** 4359 ** Pager object (sizeof(Pager) bytes) 4360 ** PCache object (sqlite3PcacheSize() bytes) 4361 ** Database file handle (pVfs->szOsFile bytes) 4362 ** Sub-journal file handle (journalFileSize bytes) 4363 ** Main journal file handle (journalFileSize bytes) 4364 ** Database file name (nPathname+1 bytes) 4365 ** Journal file name (nPathname+8+1 bytes) 4366 */ 4367 pPtr = (u8 *)sqlite3MallocZero( 4368 ROUND8(sizeof(*pPager)) + /* Pager structure */ 4369 ROUND8(pcacheSize) + /* PCache object */ 4370 ROUND8(pVfs->szOsFile) + /* The main db file */ 4371 journalFileSize * 2 + /* The two journal files */ 4372 nPathname + 1 + /* zFilename */ 4373 nPathname + 8 + 1 /* zJournal */ 4374 #ifndef SQLITE_OMIT_WAL 4375 + nPathname + 4 + 1 /* zWal */ 4376 #endif 4377 ); 4378 assert( EIGHT_BYTE_ALIGNMENT(SQLITE_INT_TO_PTR(journalFileSize)) ); 4379 if( !pPtr ){ 4380 sqlite3_free(zPathname); 4381 return SQLITE_NOMEM; 4382 } 4383 pPager = (Pager*)(pPtr); 4384 pPager->pPCache = (PCache*)(pPtr += ROUND8(sizeof(*pPager))); 4385 pPager->fd = (sqlite3_file*)(pPtr += ROUND8(pcacheSize)); 4386 pPager->sjfd = (sqlite3_file*)(pPtr += ROUND8(pVfs->szOsFile)); 4387 pPager->jfd = (sqlite3_file*)(pPtr += journalFileSize); 4388 pPager->zFilename = (char*)(pPtr += journalFileSize); 4389 assert( EIGHT_BYTE_ALIGNMENT(pPager->jfd) ); 4390 4391 /* Fill in the Pager.zFilename and Pager.zJournal buffers, if required. */ 4392 if( zPathname ){ 4393 assert( nPathname>0 ); 4394 pPager->zJournal = (char*)(pPtr += nPathname + 1); 4395 memcpy(pPager->zFilename, zPathname, nPathname); 4396 memcpy(pPager->zJournal, zPathname, nPathname); 4397 memcpy(&pPager->zJournal[nPathname], "-journal", 8); 4398 #ifndef SQLITE_OMIT_WAL 4399 pPager->zWal = &pPager->zJournal[nPathname+8+1]; 4400 memcpy(pPager->zWal, zPathname, nPathname); 4401 memcpy(&pPager->zWal[nPathname], "-wal", 4); 4402 #endif 4403 sqlite3_free(zPathname); 4404 } 4405 pPager->pVfs = pVfs; 4406 pPager->vfsFlags = vfsFlags; 4407 4408 /* Open the pager file. 4409 */ 4410 if( zFilename && zFilename[0] ){ 4411 int fout = 0; /* VFS flags returned by xOpen() */ 4412 rc = sqlite3OsOpen(pVfs, pPager->zFilename, pPager->fd, vfsFlags, &fout); 4413 assert( !memDb ); 4414 readOnly = (fout&SQLITE_OPEN_READONLY); 4415 4416 /* If the file was successfully opened for read/write access, 4417 ** choose a default page size in case we have to create the 4418 ** database file. The default page size is the maximum of: 4419 ** 4420 ** + SQLITE_DEFAULT_PAGE_SIZE, 4421 ** + The value returned by sqlite3OsSectorSize() 4422 ** + The largest page size that can be written atomically. 4423 */ 4424 if( rc==SQLITE_OK && !readOnly ){ 4425 setSectorSize(pPager); 4426 assert(SQLITE_DEFAULT_PAGE_SIZE<=SQLITE_MAX_DEFAULT_PAGE_SIZE); 4427 if( szPageDflt<pPager->sectorSize ){ 4428 if( pPager->sectorSize>SQLITE_MAX_DEFAULT_PAGE_SIZE ){ 4429 szPageDflt = SQLITE_MAX_DEFAULT_PAGE_SIZE; 4430 }else{ 4431 szPageDflt = (u32)pPager->sectorSize; 4432 } 4433 } 4434 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 4435 { 4436 int iDc = sqlite3OsDeviceCharacteristics(pPager->fd); 4437 int ii; 4438 assert(SQLITE_IOCAP_ATOMIC512==(512>>8)); 4439 assert(SQLITE_IOCAP_ATOMIC64K==(65536>>8)); 4440 assert(SQLITE_MAX_DEFAULT_PAGE_SIZE<=65536); 4441 for(ii=szPageDflt; ii<=SQLITE_MAX_DEFAULT_PAGE_SIZE; ii=ii*2){ 4442 if( iDc&(SQLITE_IOCAP_ATOMIC|(ii>>8)) ){ 4443 szPageDflt = ii; 4444 } 4445 } 4446 } 4447 #endif 4448 } 4449 }else{ 4450 /* If a temporary file is requested, it is not opened immediately. 4451 ** In this case we accept the default page size and delay actually 4452 ** opening the file until the first call to OsWrite(). 4453 ** 4454 ** This branch is also run for an in-memory database. An in-memory 4455 ** database is the same as a temp-file that is never written out to 4456 ** disk and uses an in-memory rollback journal. 4457 */ 4458 tempFile = 1; 4459 pPager->eState = PAGER_READER; 4460 pPager->eLock = EXCLUSIVE_LOCK; 4461 readOnly = (vfsFlags&SQLITE_OPEN_READONLY); 4462 } 4463 4464 /* The following call to PagerSetPagesize() serves to set the value of 4465 ** Pager.pageSize and to allocate the Pager.pTmpSpace buffer. 4466 */ 4467 if( rc==SQLITE_OK ){ 4468 assert( pPager->memDb==0 ); 4469 rc = sqlite3PagerSetPagesize(pPager, &szPageDflt, -1); 4470 testcase( rc!=SQLITE_OK ); 4471 } 4472 4473 /* If an error occurred in either of the blocks above, free the 4474 ** Pager structure and close the file. 4475 */ 4476 if( rc!=SQLITE_OK ){ 4477 assert( !pPager->pTmpSpace ); 4478 sqlite3OsClose(pPager->fd); 4479 sqlite3_free(pPager); 4480 return rc; 4481 } 4482 4483 /* Initialize the PCache object. */ 4484 assert( nExtra<1000 ); 4485 nExtra = ROUND8(nExtra); 4486 sqlite3PcacheOpen(szPageDflt, nExtra, !memDb, 4487 !memDb?pagerStress:0, (void *)pPager, pPager->pPCache); 4488 4489 PAGERTRACE(("OPEN %d %s\n", FILEHANDLEID(pPager->fd), pPager->zFilename)); 4490 IOTRACE(("OPEN %p %s\n", pPager, pPager->zFilename)) 4491 4492 pPager->useJournal = (u8)useJournal; 4493 pPager->noReadlock = (noReadlock && readOnly) ?1:0; 4494 /* pPager->stmtOpen = 0; */ 4495 /* pPager->stmtInUse = 0; */ 4496 /* pPager->nRef = 0; */ 4497 /* pPager->stmtSize = 0; */ 4498 /* pPager->stmtJSize = 0; */ 4499 /* pPager->nPage = 0; */ 4500 pPager->mxPgno = SQLITE_MAX_PAGE_COUNT; 4501 /* pPager->state = PAGER_UNLOCK; */ 4502 #if 0 4503 assert( pPager->state == (tempFile ? PAGER_EXCLUSIVE : PAGER_UNLOCK) ); 4504 #endif 4505 /* pPager->errMask = 0; */ 4506 pPager->tempFile = (u8)tempFile; 4507 assert( tempFile==PAGER_LOCKINGMODE_NORMAL 4508 || tempFile==PAGER_LOCKINGMODE_EXCLUSIVE ); 4509 assert( PAGER_LOCKINGMODE_EXCLUSIVE==1 ); 4510 pPager->exclusiveMode = (u8)tempFile; 4511 pPager->changeCountDone = pPager->tempFile; 4512 pPager->memDb = (u8)memDb; 4513 pPager->readOnly = (u8)readOnly; 4514 assert( useJournal || pPager->tempFile ); 4515 pPager->noSync = pPager->tempFile; 4516 pPager->fullSync = pPager->noSync ?0:1; 4517 pPager->syncFlags = pPager->noSync ? 0 : SQLITE_SYNC_NORMAL; 4518 pPager->ckptSyncFlags = pPager->syncFlags; 4519 /* pPager->pFirst = 0; */ 4520 /* pPager->pFirstSynced = 0; */ 4521 /* pPager->pLast = 0; */ 4522 pPager->nExtra = (u16)nExtra; 4523 pPager->journalSizeLimit = SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT; 4524 assert( isOpen(pPager->fd) || tempFile ); 4525 setSectorSize(pPager); 4526 if( !useJournal ){ 4527 pPager->journalMode = PAGER_JOURNALMODE_OFF; 4528 }else if( memDb ){ 4529 pPager->journalMode = PAGER_JOURNALMODE_MEMORY; 4530 } 4531 /* pPager->xBusyHandler = 0; */ 4532 /* pPager->pBusyHandlerArg = 0; */ 4533 pPager->xReiniter = xReinit; 4534 /* memset(pPager->aHash, 0, sizeof(pPager->aHash)); */ 4535 4536 *ppPager = pPager; 4537 return SQLITE_OK; 4538 } 4539 4540 4541 4542 /* 4543 ** This function is called after transitioning from PAGER_UNLOCK to 4544 ** PAGER_SHARED state. It tests if there is a hot journal present in 4545 ** the file-system for the given pager. A hot journal is one that 4546 ** needs to be played back. According to this function, a hot-journal 4547 ** file exists if the following criteria are met: 4548 ** 4549 ** * The journal file exists in the file system, and 4550 ** * No process holds a RESERVED or greater lock on the database file, and 4551 ** * The database file itself is greater than 0 bytes in size, and 4552 ** * The first byte of the journal file exists and is not 0x00. 4553 ** 4554 ** If the current size of the database file is 0 but a journal file 4555 ** exists, that is probably an old journal left over from a prior 4556 ** database with the same name. In this case the journal file is 4557 ** just deleted using OsDelete, *pExists is set to 0 and SQLITE_OK 4558 ** is returned. 4559 ** 4560 ** This routine does not check if there is a master journal filename 4561 ** at the end of the file. If there is, and that master journal file 4562 ** does not exist, then the journal file is not really hot. In this 4563 ** case this routine will return a false-positive. The pager_playback() 4564 ** routine will discover that the journal file is not really hot and 4565 ** will not roll it back. 4566 ** 4567 ** If a hot-journal file is found to exist, *pExists is set to 1 and 4568 ** SQLITE_OK returned. If no hot-journal file is present, *pExists is 4569 ** set to 0 and SQLITE_OK returned. If an IO error occurs while trying 4570 ** to determine whether or not a hot-journal file exists, the IO error 4571 ** code is returned and the value of *pExists is undefined. 4572 */ 4573 static int hasHotJournal(Pager *pPager, int *pExists){ 4574 sqlite3_vfs * const pVfs = pPager->pVfs; 4575 int rc = SQLITE_OK; /* Return code */ 4576 int exists = 1; /* True if a journal file is present */ 4577 int jrnlOpen = !!isOpen(pPager->jfd); 4578 4579 assert( pPager->useJournal ); 4580 assert( isOpen(pPager->fd) ); 4581 assert( pPager->eState==PAGER_OPEN ); 4582 4583 assert( jrnlOpen==0 || ( sqlite3OsDeviceCharacteristics(pPager->jfd) & 4584 SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN 4585 )); 4586 4587 *pExists = 0; 4588 if( !jrnlOpen ){ 4589 rc = sqlite3OsAccess(pVfs, pPager->zJournal, SQLITE_ACCESS_EXISTS, &exists); 4590 } 4591 if( rc==SQLITE_OK && exists ){ 4592 int locked = 0; /* True if some process holds a RESERVED lock */ 4593 4594 /* Race condition here: Another process might have been holding the 4595 ** the RESERVED lock and have a journal open at the sqlite3OsAccess() 4596 ** call above, but then delete the journal and drop the lock before 4597 ** we get to the following sqlite3OsCheckReservedLock() call. If that 4598 ** is the case, this routine might think there is a hot journal when 4599 ** in fact there is none. This results in a false-positive which will 4600 ** be dealt with by the playback routine. Ticket #3883. 4601 */ 4602 rc = sqlite3OsCheckReservedLock(pPager->fd, &locked); 4603 if( rc==SQLITE_OK && !locked ){ 4604 Pgno nPage; /* Number of pages in database file */ 4605 4606 /* Check the size of the database file. If it consists of 0 pages, 4607 ** then delete the journal file. See the header comment above for 4608 ** the reasoning here. Delete the obsolete journal file under 4609 ** a RESERVED lock to avoid race conditions and to avoid violating 4610 ** [H33020]. 4611 */ 4612 rc = pagerPagecount(pPager, &nPage); 4613 if( rc==SQLITE_OK ){ 4614 if( nPage==0 ){ 4615 sqlite3BeginBenignMalloc(); 4616 if( pagerLockDb(pPager, RESERVED_LOCK)==SQLITE_OK ){ 4617 sqlite3OsDelete(pVfs, pPager->zJournal, 0); 4618 if( !pPager->exclusiveMode ) pagerUnlockDb(pPager, SHARED_LOCK); 4619 } 4620 sqlite3EndBenignMalloc(); 4621 }else{ 4622 /* The journal file exists and no other connection has a reserved 4623 ** or greater lock on the database file. Now check that there is 4624 ** at least one non-zero bytes at the start of the journal file. 4625 ** If there is, then we consider this journal to be hot. If not, 4626 ** it can be ignored. 4627 */ 4628 if( !jrnlOpen ){ 4629 int f = SQLITE_OPEN_READONLY|SQLITE_OPEN_MAIN_JOURNAL; 4630 rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &f); 4631 } 4632 if( rc==SQLITE_OK ){ 4633 u8 first = 0; 4634 rc = sqlite3OsRead(pPager->jfd, (void *)&first, 1, 0); 4635 if( rc==SQLITE_IOERR_SHORT_READ ){ 4636 rc = SQLITE_OK; 4637 } 4638 if( !jrnlOpen ){ 4639 sqlite3OsClose(pPager->jfd); 4640 } 4641 *pExists = (first!=0); 4642 }else if( rc==SQLITE_CANTOPEN ){ 4643 /* If we cannot open the rollback journal file in order to see if 4644 ** its has a zero header, that might be due to an I/O error, or 4645 ** it might be due to the race condition described above and in 4646 ** ticket #3883. Either way, assume that the journal is hot. 4647 ** This might be a false positive. But if it is, then the 4648 ** automatic journal playback and recovery mechanism will deal 4649 ** with it under an EXCLUSIVE lock where we do not need to 4650 ** worry so much with race conditions. 4651 */ 4652 *pExists = 1; 4653 rc = SQLITE_OK; 4654 } 4655 } 4656 } 4657 } 4658 } 4659 4660 return rc; 4661 } 4662 4663 /* 4664 ** This function is called to obtain a shared lock on the database file. 4665 ** It is illegal to call sqlite3PagerAcquire() until after this function 4666 ** has been successfully called. If a shared-lock is already held when 4667 ** this function is called, it is a no-op. 4668 ** 4669 ** The following operations are also performed by this function. 4670 ** 4671 ** 1) If the pager is currently in PAGER_OPEN state (no lock held 4672 ** on the database file), then an attempt is made to obtain a 4673 ** SHARED lock on the database file. Immediately after obtaining 4674 ** the SHARED lock, the file-system is checked for a hot-journal, 4675 ** which is played back if present. Following any hot-journal 4676 ** rollback, the contents of the cache are validated by checking 4677 ** the 'change-counter' field of the database file header and 4678 ** discarded if they are found to be invalid. 4679 ** 4680 ** 2) If the pager is running in exclusive-mode, and there are currently 4681 ** no outstanding references to any pages, and is in the error state, 4682 ** then an attempt is made to clear the error state by discarding 4683 ** the contents of the page cache and rolling back any open journal 4684 ** file. 4685 ** 4686 ** If everything is successful, SQLITE_OK is returned. If an IO error 4687 ** occurs while locking the database, checking for a hot-journal file or 4688 ** rolling back a journal file, the IO error code is returned. 4689 */ 4690 int sqlite3PagerSharedLock(Pager *pPager){ 4691 int rc = SQLITE_OK; /* Return code */ 4692 4693 /* This routine is only called from b-tree and only when there are no 4694 ** outstanding pages. This implies that the pager state should either 4695 ** be OPEN or READER. READER is only possible if the pager is or was in 4696 ** exclusive access mode. 4697 */ 4698 assert( sqlite3PcacheRefCount(pPager->pPCache)==0 ); 4699 assert( assert_pager_state(pPager) ); 4700 assert( pPager->eState==PAGER_OPEN || pPager->eState==PAGER_READER ); 4701 if( NEVER(MEMDB && pPager->errCode) ){ return pPager->errCode; } 4702 4703 if( !pagerUseWal(pPager) && pPager->eState==PAGER_OPEN ){ 4704 int bHotJournal = 1; /* True if there exists a hot journal-file */ 4705 4706 assert( !MEMDB ); 4707 assert( pPager->noReadlock==0 || pPager->readOnly ); 4708 4709 if( pPager->noReadlock==0 ){ 4710 rc = pager_wait_on_lock(pPager, SHARED_LOCK); 4711 if( rc!=SQLITE_OK ){ 4712 assert( pPager->eLock==NO_LOCK || pPager->eLock==UNKNOWN_LOCK ); 4713 goto failed; 4714 } 4715 } 4716 4717 /* If a journal file exists, and there is no RESERVED lock on the 4718 ** database file, then it either needs to be played back or deleted. 4719 */ 4720 if( pPager->eLock<=SHARED_LOCK ){ 4721 rc = hasHotJournal(pPager, &bHotJournal); 4722 } 4723 if( rc!=SQLITE_OK ){ 4724 goto failed; 4725 } 4726 if( bHotJournal ){ 4727 /* Get an EXCLUSIVE lock on the database file. At this point it is 4728 ** important that a RESERVED lock is not obtained on the way to the 4729 ** EXCLUSIVE lock. If it were, another process might open the 4730 ** database file, detect the RESERVED lock, and conclude that the 4731 ** database is safe to read while this process is still rolling the 4732 ** hot-journal back. 4733 ** 4734 ** Because the intermediate RESERVED lock is not requested, any 4735 ** other process attempting to access the database file will get to 4736 ** this point in the code and fail to obtain its own EXCLUSIVE lock 4737 ** on the database file. 4738 ** 4739 ** Unless the pager is in locking_mode=exclusive mode, the lock is 4740 ** downgraded to SHARED_LOCK before this function returns. 4741 */ 4742 rc = pagerLockDb(pPager, EXCLUSIVE_LOCK); 4743 if( rc!=SQLITE_OK ){ 4744 goto failed; 4745 } 4746 4747 /* If it is not already open and the file exists on disk, open the 4748 ** journal for read/write access. Write access is required because 4749 ** in exclusive-access mode the file descriptor will be kept open 4750 ** and possibly used for a transaction later on. Also, write-access 4751 ** is usually required to finalize the journal in journal_mode=persist 4752 ** mode (and also for journal_mode=truncate on some systems). 4753 ** 4754 ** If the journal does not exist, it usually means that some 4755 ** other connection managed to get in and roll it back before 4756 ** this connection obtained the exclusive lock above. Or, it 4757 ** may mean that the pager was in the error-state when this 4758 ** function was called and the journal file does not exist. 4759 */ 4760 if( !isOpen(pPager->jfd) ){ 4761 sqlite3_vfs * const pVfs = pPager->pVfs; 4762 int bExists; /* True if journal file exists */ 4763 rc = sqlite3OsAccess( 4764 pVfs, pPager->zJournal, SQLITE_ACCESS_EXISTS, &bExists); 4765 if( rc==SQLITE_OK && bExists ){ 4766 int fout = 0; 4767 int f = SQLITE_OPEN_READWRITE|SQLITE_OPEN_MAIN_JOURNAL; 4768 assert( !pPager->tempFile ); 4769 rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &fout); 4770 assert( rc!=SQLITE_OK || isOpen(pPager->jfd) ); 4771 if( rc==SQLITE_OK && fout&SQLITE_OPEN_READONLY ){ 4772 rc = SQLITE_CANTOPEN_BKPT; 4773 sqlite3OsClose(pPager->jfd); 4774 } 4775 } 4776 } 4777 4778 /* Playback and delete the journal. Drop the database write 4779 ** lock and reacquire the read lock. Purge the cache before 4780 ** playing back the hot-journal so that we don't end up with 4781 ** an inconsistent cache. Sync the hot journal before playing 4782 ** it back since the process that crashed and left the hot journal 4783 ** probably did not sync it and we are required to always sync 4784 ** the journal before playing it back. 4785 */ 4786 if( isOpen(pPager->jfd) ){ 4787 assert( rc==SQLITE_OK ); 4788 rc = pagerSyncHotJournal(pPager); 4789 if( rc==SQLITE_OK ){ 4790 rc = pager_playback(pPager, 1); 4791 pPager->eState = PAGER_OPEN; 4792 } 4793 }else if( !pPager->exclusiveMode ){ 4794 pagerUnlockDb(pPager, SHARED_LOCK); 4795 } 4796 4797 if( rc!=SQLITE_OK ){ 4798 /* This branch is taken if an error occurs while trying to open 4799 ** or roll back a hot-journal while holding an EXCLUSIVE lock. The 4800 ** pager_unlock() routine will be called before returning to unlock 4801 ** the file. If the unlock attempt fails, then Pager.eLock must be 4802 ** set to UNKNOWN_LOCK (see the comment above the #define for 4803 ** UNKNOWN_LOCK above for an explanation). 4804 ** 4805 ** In order to get pager_unlock() to do this, set Pager.eState to 4806 ** PAGER_ERROR now. This is not actually counted as a transition 4807 ** to ERROR state in the state diagram at the top of this file, 4808 ** since we know that the same call to pager_unlock() will very 4809 ** shortly transition the pager object to the OPEN state. Calling 4810 ** assert_pager_state() would fail now, as it should not be possible 4811 ** to be in ERROR state when there are zero outstanding page 4812 ** references. 4813 */ 4814 pager_error(pPager, rc); 4815 goto failed; 4816 } 4817 4818 assert( pPager->eState==PAGER_OPEN ); 4819 assert( (pPager->eLock==SHARED_LOCK) 4820 || (pPager->exclusiveMode && pPager->eLock>SHARED_LOCK) 4821 ); 4822 } 4823 4824 if( !pPager->tempFile 4825 && (pPager->pBackup || sqlite3PcachePagecount(pPager->pPCache)>0) 4826 ){ 4827 /* The shared-lock has just been acquired on the database file 4828 ** and there are already pages in the cache (from a previous 4829 ** read or write transaction). Check to see if the database 4830 ** has been modified. If the database has changed, flush the 4831 ** cache. 4832 ** 4833 ** Database changes is detected by looking at 15 bytes beginning 4834 ** at offset 24 into the file. The first 4 of these 16 bytes are 4835 ** a 32-bit counter that is incremented with each change. The 4836 ** other bytes change randomly with each file change when 4837 ** a codec is in use. 4838 ** 4839 ** There is a vanishingly small chance that a change will not be 4840 ** detected. The chance of an undetected change is so small that 4841 ** it can be neglected. 4842 */ 4843 Pgno nPage = 0; 4844 char dbFileVers[sizeof(pPager->dbFileVers)]; 4845 4846 rc = pagerPagecount(pPager, &nPage); 4847 if( rc ) goto failed; 4848 4849 if( nPage>0 ){ 4850 IOTRACE(("CKVERS %p %d\n", pPager, sizeof(dbFileVers))); 4851 rc = sqlite3OsRead(pPager->fd, &dbFileVers, sizeof(dbFileVers), 24); 4852 if( rc!=SQLITE_OK ){ 4853 goto failed; 4854 } 4855 }else{ 4856 memset(dbFileVers, 0, sizeof(dbFileVers)); 4857 } 4858 4859 if( memcmp(pPager->dbFileVers, dbFileVers, sizeof(dbFileVers))!=0 ){ 4860 pager_reset(pPager); 4861 } 4862 } 4863 4864 /* If there is a WAL file in the file-system, open this database in WAL 4865 ** mode. Otherwise, the following function call is a no-op. 4866 */ 4867 rc = pagerOpenWalIfPresent(pPager); 4868 #ifndef SQLITE_OMIT_WAL 4869 assert( pPager->pWal==0 || rc==SQLITE_OK ); 4870 #endif 4871 } 4872 4873 if( pagerUseWal(pPager) ){ 4874 assert( rc==SQLITE_OK ); 4875 rc = pagerBeginReadTransaction(pPager); 4876 } 4877 4878 if( pPager->eState==PAGER_OPEN && rc==SQLITE_OK ){ 4879 rc = pagerPagecount(pPager, &pPager->dbSize); 4880 } 4881 4882 failed: 4883 if( rc!=SQLITE_OK ){ 4884 assert( !MEMDB ); 4885 pager_unlock(pPager); 4886 assert( pPager->eState==PAGER_OPEN ); 4887 }else{ 4888 pPager->eState = PAGER_READER; 4889 } 4890 return rc; 4891 } 4892 4893 /* 4894 ** If the reference count has reached zero, rollback any active 4895 ** transaction and unlock the pager. 4896 ** 4897 ** Except, in locking_mode=EXCLUSIVE when there is nothing to in 4898 ** the rollback journal, the unlock is not performed and there is 4899 ** nothing to rollback, so this routine is a no-op. 4900 */ 4901 static void pagerUnlockIfUnused(Pager *pPager){ 4902 if( (sqlite3PcacheRefCount(pPager->pPCache)==0) ){ 4903 pagerUnlockAndRollback(pPager); 4904 } 4905 } 4906 4907 /* 4908 ** Acquire a reference to page number pgno in pager pPager (a page 4909 ** reference has type DbPage*). If the requested reference is 4910 ** successfully obtained, it is copied to *ppPage and SQLITE_OK returned. 4911 ** 4912 ** If the requested page is already in the cache, it is returned. 4913 ** Otherwise, a new page object is allocated and populated with data 4914 ** read from the database file. In some cases, the pcache module may 4915 ** choose not to allocate a new page object and may reuse an existing 4916 ** object with no outstanding references. 4917 ** 4918 ** The extra data appended to a page is always initialized to zeros the 4919 ** first time a page is loaded into memory. If the page requested is 4920 ** already in the cache when this function is called, then the extra 4921 ** data is left as it was when the page object was last used. 4922 ** 4923 ** If the database image is smaller than the requested page or if a 4924 ** non-zero value is passed as the noContent parameter and the 4925 ** requested page is not already stored in the cache, then no 4926 ** actual disk read occurs. In this case the memory image of the 4927 ** page is initialized to all zeros. 4928 ** 4929 ** If noContent is true, it means that we do not care about the contents 4930 ** of the page. This occurs in two seperate scenarios: 4931 ** 4932 ** a) When reading a free-list leaf page from the database, and 4933 ** 4934 ** b) When a savepoint is being rolled back and we need to load 4935 ** a new page into the cache to be filled with the data read 4936 ** from the savepoint journal. 4937 ** 4938 ** If noContent is true, then the data returned is zeroed instead of 4939 ** being read from the database. Additionally, the bits corresponding 4940 ** to pgno in Pager.pInJournal (bitvec of pages already written to the 4941 ** journal file) and the PagerSavepoint.pInSavepoint bitvecs of any open 4942 ** savepoints are set. This means if the page is made writable at any 4943 ** point in the future, using a call to sqlite3PagerWrite(), its contents 4944 ** will not be journaled. This saves IO. 4945 ** 4946 ** The acquisition might fail for several reasons. In all cases, 4947 ** an appropriate error code is returned and *ppPage is set to NULL. 4948 ** 4949 ** See also sqlite3PagerLookup(). Both this routine and Lookup() attempt 4950 ** to find a page in the in-memory cache first. If the page is not already 4951 ** in memory, this routine goes to disk to read it in whereas Lookup() 4952 ** just returns 0. This routine acquires a read-lock the first time it 4953 ** has to go to disk, and could also playback an old journal if necessary. 4954 ** Since Lookup() never goes to disk, it never has to deal with locks 4955 ** or journal files. 4956 */ 4957 int sqlite3PagerAcquire( 4958 Pager *pPager, /* The pager open on the database file */ 4959 Pgno pgno, /* Page number to fetch */ 4960 DbPage **ppPage, /* Write a pointer to the page here */ 4961 int noContent /* Do not bother reading content from disk if true */ 4962 ){ 4963 int rc; 4964 PgHdr *pPg; 4965 4966 assert( pPager->eState>=PAGER_READER ); 4967 assert( assert_pager_state(pPager) ); 4968 4969 if( pgno==0 ){ 4970 return SQLITE_CORRUPT_BKPT; 4971 } 4972 4973 /* If the pager is in the error state, return an error immediately. 4974 ** Otherwise, request the page from the PCache layer. */ 4975 if( pPager->errCode!=SQLITE_OK ){ 4976 rc = pPager->errCode; 4977 }else{ 4978 rc = sqlite3PcacheFetch(pPager->pPCache, pgno, 1, ppPage); 4979 } 4980 4981 if( rc!=SQLITE_OK ){ 4982 /* Either the call to sqlite3PcacheFetch() returned an error or the 4983 ** pager was already in the error-state when this function was called. 4984 ** Set pPg to 0 and jump to the exception handler. */ 4985 pPg = 0; 4986 goto pager_acquire_err; 4987 } 4988 assert( (*ppPage)->pgno==pgno ); 4989 assert( (*ppPage)->pPager==pPager || (*ppPage)->pPager==0 ); 4990 4991 if( (*ppPage)->pPager && !noContent ){ 4992 /* In this case the pcache already contains an initialized copy of 4993 ** the page. Return without further ado. */ 4994 assert( pgno<=PAGER_MAX_PGNO && pgno!=PAGER_MJ_PGNO(pPager) ); 4995 PAGER_INCR(pPager->nHit); 4996 return SQLITE_OK; 4997 4998 }else{ 4999 /* The pager cache has created a new page. Its content needs to 5000 ** be initialized. */ 5001 5002 PAGER_INCR(pPager->nMiss); 5003 pPg = *ppPage; 5004 pPg->pPager = pPager; 5005 5006 /* The maximum page number is 2^31. Return SQLITE_CORRUPT if a page 5007 ** number greater than this, or the unused locking-page, is requested. */ 5008 if( pgno>PAGER_MAX_PGNO || pgno==PAGER_MJ_PGNO(pPager) ){ 5009 rc = SQLITE_CORRUPT_BKPT; 5010 goto pager_acquire_err; 5011 } 5012 5013 if( MEMDB || pPager->dbSize<pgno || noContent || !isOpen(pPager->fd) ){ 5014 if( pgno>pPager->mxPgno ){ 5015 rc = SQLITE_FULL; 5016 goto pager_acquire_err; 5017 } 5018 if( noContent ){ 5019 /* Failure to set the bits in the InJournal bit-vectors is benign. 5020 ** It merely means that we might do some extra work to journal a 5021 ** page that does not need to be journaled. Nevertheless, be sure 5022 ** to test the case where a malloc error occurs while trying to set 5023 ** a bit in a bit vector. 5024 */ 5025 sqlite3BeginBenignMalloc(); 5026 if( pgno<=pPager->dbOrigSize ){ 5027 TESTONLY( rc = ) sqlite3BitvecSet(pPager->pInJournal, pgno); 5028 testcase( rc==SQLITE_NOMEM ); 5029 } 5030 TESTONLY( rc = ) addToSavepointBitvecs(pPager, pgno); 5031 testcase( rc==SQLITE_NOMEM ); 5032 sqlite3EndBenignMalloc(); 5033 } 5034 memset(pPg->pData, 0, pPager->pageSize); 5035 IOTRACE(("ZERO %p %d\n", pPager, pgno)); 5036 }else{ 5037 assert( pPg->pPager==pPager ); 5038 rc = readDbPage(pPg); 5039 if( rc!=SQLITE_OK ){ 5040 goto pager_acquire_err; 5041 } 5042 } 5043 pager_set_pagehash(pPg); 5044 } 5045 5046 return SQLITE_OK; 5047 5048 pager_acquire_err: 5049 assert( rc!=SQLITE_OK ); 5050 if( pPg ){ 5051 sqlite3PcacheDrop(pPg); 5052 } 5053 pagerUnlockIfUnused(pPager); 5054 5055 *ppPage = 0; 5056 return rc; 5057 } 5058 5059 /* 5060 ** Acquire a page if it is already in the in-memory cache. Do 5061 ** not read the page from disk. Return a pointer to the page, 5062 ** or 0 if the page is not in cache. 5063 ** 5064 ** See also sqlite3PagerGet(). The difference between this routine 5065 ** and sqlite3PagerGet() is that _get() will go to the disk and read 5066 ** in the page if the page is not already in cache. This routine 5067 ** returns NULL if the page is not in cache or if a disk I/O error 5068 ** has ever happened. 5069 */ 5070 DbPage *sqlite3PagerLookup(Pager *pPager, Pgno pgno){ 5071 PgHdr *pPg = 0; 5072 assert( pPager!=0 ); 5073 assert( pgno!=0 ); 5074 assert( pPager->pPCache!=0 ); 5075 assert( pPager->eState>=PAGER_READER && pPager->eState!=PAGER_ERROR ); 5076 sqlite3PcacheFetch(pPager->pPCache, pgno, 0, &pPg); 5077 return pPg; 5078 } 5079 5080 /* 5081 ** Release a page reference. 5082 ** 5083 ** If the number of references to the page drop to zero, then the 5084 ** page is added to the LRU list. When all references to all pages 5085 ** are released, a rollback occurs and the lock on the database is 5086 ** removed. 5087 */ 5088 void sqlite3PagerUnref(DbPage *pPg){ 5089 if( pPg ){ 5090 Pager *pPager = pPg->pPager; 5091 sqlite3PcacheRelease(pPg); 5092 pagerUnlockIfUnused(pPager); 5093 } 5094 } 5095 5096 #if defined(__APPLE__) 5097 /* 5098 ** Create and return a CFURLRef given a cstring containing the path to a file. 5099 */ 5100 static CFURLRef create_cfurl_from_cstring(const char* filePath){ 5101 CFStringRef urlString = CFStringCreateWithFileSystemRepresentation( 5102 kCFAllocatorDefault, filePath); 5103 CFURLRef urlRef = CFURLCreateWithFileSystemPath(kCFAllocatorDefault, 5104 urlString, kCFURLPOSIXPathStyle, FALSE); 5105 CFRelease(urlString); 5106 return urlRef; 5107 } 5108 #endif 5109 5110 /* 5111 ** This function is called at the start of every write transaction. 5112 ** There must already be a RESERVED or EXCLUSIVE lock on the database 5113 ** file when this routine is called. 5114 ** 5115 ** Open the journal file for pager pPager and write a journal header 5116 ** to the start of it. If there are active savepoints, open the sub-journal 5117 ** as well. This function is only used when the journal file is being 5118 ** opened to write a rollback log for a transaction. It is not used 5119 ** when opening a hot journal file to roll it back. 5120 ** 5121 ** If the journal file is already open (as it may be in exclusive mode), 5122 ** then this function just writes a journal header to the start of the 5123 ** already open file. 5124 ** 5125 ** Whether or not the journal file is opened by this function, the 5126 ** Pager.pInJournal bitvec structure is allocated. 5127 ** 5128 ** Return SQLITE_OK if everything is successful. Otherwise, return 5129 ** SQLITE_NOMEM if the attempt to allocate Pager.pInJournal fails, or 5130 ** an IO error code if opening or writing the journal file fails. 5131 */ 5132 static int pager_open_journal(Pager *pPager){ 5133 int rc = SQLITE_OK; /* Return code */ 5134 sqlite3_vfs * const pVfs = pPager->pVfs; /* Local cache of vfs pointer */ 5135 5136 assert( pPager->eState==PAGER_WRITER_LOCKED ); 5137 assert( assert_pager_state(pPager) ); 5138 assert( pPager->pInJournal==0 ); 5139 5140 /* If already in the error state, this function is a no-op. But on 5141 ** the other hand, this routine is never called if we are already in 5142 ** an error state. */ 5143 if( NEVER(pPager->errCode) ) return pPager->errCode; 5144 5145 if( !pagerUseWal(pPager) && pPager->journalMode!=PAGER_JOURNALMODE_OFF ){ 5146 pPager->pInJournal = sqlite3BitvecCreate(pPager->dbSize); 5147 if( pPager->pInJournal==0 ){ 5148 return SQLITE_NOMEM; 5149 } 5150 5151 /* Open the journal file if it is not already open. */ 5152 if( !isOpen(pPager->jfd) ){ 5153 if( pPager->journalMode==PAGER_JOURNALMODE_MEMORY ){ 5154 sqlite3MemJournalOpen(pPager->jfd); 5155 }else{ 5156 const int flags = /* VFS flags to open journal file */ 5157 SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE| 5158 (pPager->tempFile ? 5159 (SQLITE_OPEN_DELETEONCLOSE|SQLITE_OPEN_TEMP_JOURNAL): 5160 (SQLITE_OPEN_MAIN_JOURNAL) 5161 ); 5162 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 5163 rc = sqlite3JournalOpen( 5164 pVfs, pPager->zJournal, pPager->jfd, flags, jrnlBufferSize(pPager) 5165 ); 5166 #else 5167 rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, flags, 0); 5168 #endif 5169 #if defined(__APPLE__) 5170 /* Set the TimeMachine exclusion metadata for the journal if it has 5171 ** been set for the database. Only do this for unix-type vfs 5172 ** implementations. */ 5173 if( rc==SQLITE_OK && pPager->zFilename!=NULL 5174 && strlen(pPager->zFilename)>0 5175 && strncmp(pVfs->zName, "unix", 4)==0 5176 && ( pVfs->zName[4]=='-' || pVfs->zName[4]=='\0' ) ){ 5177 CFURLRef database = create_cfurl_from_cstring(pPager->zFilename); 5178 if( CSBackupIsItemExcluded(database, NULL) ){ 5179 CFURLRef journal = create_cfurl_from_cstring(pPager->zJournal); 5180 /* Ignore errors from the following exclusion call. */ 5181 CSBackupSetItemExcluded(journal, TRUE, FALSE); 5182 CFRelease(journal); 5183 } 5184 CFRelease(database); 5185 } 5186 #endif 5187 } 5188 assert( rc!=SQLITE_OK || isOpen(pPager->jfd) ); 5189 } 5190 5191 5192 /* Write the first journal header to the journal file and open 5193 ** the sub-journal if necessary. 5194 */ 5195 if( rc==SQLITE_OK ){ 5196 /* TODO: Check if all of these are really required. */ 5197 pPager->nRec = 0; 5198 pPager->journalOff = 0; 5199 pPager->setMaster = 0; 5200 pPager->journalHdr = 0; 5201 rc = writeJournalHdr(pPager); 5202 } 5203 } 5204 5205 if( rc!=SQLITE_OK ){ 5206 sqlite3BitvecDestroy(pPager->pInJournal); 5207 pPager->pInJournal = 0; 5208 }else{ 5209 assert( pPager->eState==PAGER_WRITER_LOCKED ); 5210 pPager->eState = PAGER_WRITER_CACHEMOD; 5211 } 5212 5213 return rc; 5214 } 5215 5216 /* 5217 ** Begin a write-transaction on the specified pager object. If a 5218 ** write-transaction has already been opened, this function is a no-op. 5219 ** 5220 ** If the exFlag argument is false, then acquire at least a RESERVED 5221 ** lock on the database file. If exFlag is true, then acquire at least 5222 ** an EXCLUSIVE lock. If such a lock is already held, no locking 5223 ** functions need be called. 5224 ** 5225 ** If the subjInMemory argument is non-zero, then any sub-journal opened 5226 ** within this transaction will be opened as an in-memory file. This 5227 ** has no effect if the sub-journal is already opened (as it may be when 5228 ** running in exclusive mode) or if the transaction does not require a 5229 ** sub-journal. If the subjInMemory argument is zero, then any required 5230 ** sub-journal is implemented in-memory if pPager is an in-memory database, 5231 ** or using a temporary file otherwise. 5232 */ 5233 int sqlite3PagerBegin(Pager *pPager, int exFlag, int subjInMemory){ 5234 int rc = SQLITE_OK; 5235 5236 if( pPager->errCode ) return pPager->errCode; 5237 assert( pPager->eState>=PAGER_READER && pPager->eState<PAGER_ERROR ); 5238 pPager->subjInMemory = (u8)subjInMemory; 5239 5240 if( ALWAYS(pPager->eState==PAGER_READER) ){ 5241 assert( pPager->pInJournal==0 ); 5242 5243 if( pagerUseWal(pPager) ){ 5244 /* If the pager is configured to use locking_mode=exclusive, and an 5245 ** exclusive lock on the database is not already held, obtain it now. 5246 */ 5247 if( pPager->exclusiveMode && sqlite3WalExclusiveMode(pPager->pWal, -1) ){ 5248 rc = pagerLockDb(pPager, EXCLUSIVE_LOCK); 5249 if( rc!=SQLITE_OK ){ 5250 return rc; 5251 } 5252 sqlite3WalExclusiveMode(pPager->pWal, 1); 5253 } 5254 5255 /* Grab the write lock on the log file. If successful, upgrade to 5256 ** PAGER_RESERVED state. Otherwise, return an error code to the caller. 5257 ** The busy-handler is not invoked if another connection already 5258 ** holds the write-lock. If possible, the upper layer will call it. 5259 */ 5260 rc = sqlite3WalBeginWriteTransaction(pPager->pWal); 5261 }else{ 5262 /* Obtain a RESERVED lock on the database file. If the exFlag parameter 5263 ** is true, then immediately upgrade this to an EXCLUSIVE lock. The 5264 ** busy-handler callback can be used when upgrading to the EXCLUSIVE 5265 ** lock, but not when obtaining the RESERVED lock. 5266 */ 5267 rc = pagerLockDb(pPager, RESERVED_LOCK); 5268 if( rc==SQLITE_OK && exFlag ){ 5269 rc = pager_wait_on_lock(pPager, EXCLUSIVE_LOCK); 5270 } 5271 } 5272 5273 if( rc==SQLITE_OK ){ 5274 /* Change to WRITER_LOCKED state. 5275 ** 5276 ** WAL mode sets Pager.eState to PAGER_WRITER_LOCKED or CACHEMOD 5277 ** when it has an open transaction, but never to DBMOD or FINISHED. 5278 ** This is because in those states the code to roll back savepoint 5279 ** transactions may copy data from the sub-journal into the database 5280 ** file as well as into the page cache. Which would be incorrect in 5281 ** WAL mode. 5282 */ 5283 pPager->eState = PAGER_WRITER_LOCKED; 5284 pPager->dbHintSize = pPager->dbSize; 5285 pPager->dbFileSize = pPager->dbSize; 5286 pPager->dbOrigSize = pPager->dbSize; 5287 pPager->journalOff = 0; 5288 } 5289 5290 assert( rc==SQLITE_OK || pPager->eState==PAGER_READER ); 5291 assert( rc!=SQLITE_OK || pPager->eState==PAGER_WRITER_LOCKED ); 5292 assert( assert_pager_state(pPager) ); 5293 } 5294 5295 PAGERTRACE(("TRANSACTION %d\n", PAGERID(pPager))); 5296 return rc; 5297 } 5298 5299 /* 5300 ** Mark a single data page as writeable. The page is written into the 5301 ** main journal or sub-journal as required. If the page is written into 5302 ** one of the journals, the corresponding bit is set in the 5303 ** Pager.pInJournal bitvec and the PagerSavepoint.pInSavepoint bitvecs 5304 ** of any open savepoints as appropriate. 5305 */ 5306 static int pager_write(PgHdr *pPg){ 5307 void *pData = pPg->pData; 5308 Pager *pPager = pPg->pPager; 5309 int rc = SQLITE_OK; 5310 5311 /* This routine is not called unless a write-transaction has already 5312 ** been started. The journal file may or may not be open at this point. 5313 ** It is never called in the ERROR state. 5314 */ 5315 assert( pPager->eState==PAGER_WRITER_LOCKED 5316 || pPager->eState==PAGER_WRITER_CACHEMOD 5317 || pPager->eState==PAGER_WRITER_DBMOD 5318 ); 5319 assert( assert_pager_state(pPager) ); 5320 5321 /* If an error has been previously detected, report the same error 5322 ** again. This should not happen, but the check provides robustness. */ 5323 if( NEVER(pPager->errCode) ) return pPager->errCode; 5324 5325 /* Higher-level routines never call this function if database is not 5326 ** writable. But check anyway, just for robustness. */ 5327 if( NEVER(pPager->readOnly) ) return SQLITE_PERM; 5328 5329 CHECK_PAGE(pPg); 5330 5331 /* The journal file needs to be opened. Higher level routines have already 5332 ** obtained the necessary locks to begin the write-transaction, but the 5333 ** rollback journal might not yet be open. Open it now if this is the case. 5334 ** 5335 ** This is done before calling sqlite3PcacheMakeDirty() on the page. 5336 ** Otherwise, if it were done after calling sqlite3PcacheMakeDirty(), then 5337 ** an error might occur and the pager would end up in WRITER_LOCKED state 5338 ** with pages marked as dirty in the cache. 5339 */ 5340 if( pPager->eState==PAGER_WRITER_LOCKED ){ 5341 rc = pager_open_journal(pPager); 5342 if( rc!=SQLITE_OK ) return rc; 5343 } 5344 assert( pPager->eState>=PAGER_WRITER_CACHEMOD ); 5345 assert( assert_pager_state(pPager) ); 5346 5347 /* Mark the page as dirty. If the page has already been written 5348 ** to the journal then we can return right away. 5349 */ 5350 sqlite3PcacheMakeDirty(pPg); 5351 if( pageInJournal(pPg) && !subjRequiresPage(pPg) ){ 5352 assert( !pagerUseWal(pPager) ); 5353 }else{ 5354 5355 /* The transaction journal now exists and we have a RESERVED or an 5356 ** EXCLUSIVE lock on the main database file. Write the current page to 5357 ** the transaction journal if it is not there already. 5358 */ 5359 if( !pageInJournal(pPg) && !pagerUseWal(pPager) ){ 5360 assert( pagerUseWal(pPager)==0 ); 5361 if( pPg->pgno<=pPager->dbOrigSize && isOpen(pPager->jfd) ){ 5362 u32 cksum; 5363 char *pData2; 5364 i64 iOff = pPager->journalOff; 5365 5366 /* We should never write to the journal file the page that 5367 ** contains the database locks. The following assert verifies 5368 ** that we do not. */ 5369 assert( pPg->pgno!=PAGER_MJ_PGNO(pPager) ); 5370 5371 assert( pPager->journalHdr<=pPager->journalOff ); 5372 CODEC2(pPager, pData, pPg->pgno, 7, return SQLITE_NOMEM, pData2); 5373 cksum = pager_cksum(pPager, (u8*)pData2); 5374 5375 /* Even if an IO or diskfull error occurs while journalling the 5376 ** page in the block above, set the need-sync flag for the page. 5377 ** Otherwise, when the transaction is rolled back, the logic in 5378 ** playback_one_page() will think that the page needs to be restored 5379 ** in the database file. And if an IO error occurs while doing so, 5380 ** then corruption may follow. 5381 */ 5382 pPg->flags |= PGHDR_NEED_SYNC; 5383 5384 rc = write32bits(pPager->jfd, iOff, pPg->pgno); 5385 if( rc!=SQLITE_OK ) return rc; 5386 rc = sqlite3OsWrite(pPager->jfd, pData2, pPager->pageSize, iOff+4); 5387 if( rc!=SQLITE_OK ) return rc; 5388 rc = write32bits(pPager->jfd, iOff+pPager->pageSize+4, cksum); 5389 if( rc!=SQLITE_OK ) return rc; 5390 5391 IOTRACE(("JOUT %p %d %lld %d\n", pPager, pPg->pgno, 5392 pPager->journalOff, pPager->pageSize)); 5393 PAGER_INCR(sqlite3_pager_writej_count); 5394 PAGERTRACE(("JOURNAL %d page %d needSync=%d hash(%08x)\n", 5395 PAGERID(pPager), pPg->pgno, 5396 ((pPg->flags&PGHDR_NEED_SYNC)?1:0), pager_pagehash(pPg))); 5397 5398 pPager->journalOff += 8 + pPager->pageSize; 5399 pPager->nRec++; 5400 assert( pPager->pInJournal!=0 ); 5401 rc = sqlite3BitvecSet(pPager->pInJournal, pPg->pgno); 5402 testcase( rc==SQLITE_NOMEM ); 5403 assert( rc==SQLITE_OK || rc==SQLITE_NOMEM ); 5404 rc |= addToSavepointBitvecs(pPager, pPg->pgno); 5405 if( rc!=SQLITE_OK ){ 5406 assert( rc==SQLITE_NOMEM ); 5407 return rc; 5408 } 5409 }else{ 5410 if( pPager->eState!=PAGER_WRITER_DBMOD ){ 5411 pPg->flags |= PGHDR_NEED_SYNC; 5412 } 5413 PAGERTRACE(("APPEND %d page %d needSync=%d\n", 5414 PAGERID(pPager), pPg->pgno, 5415 ((pPg->flags&PGHDR_NEED_SYNC)?1:0))); 5416 } 5417 } 5418 5419 /* If the statement journal is open and the page is not in it, 5420 ** then write the current page to the statement journal. Note that 5421 ** the statement journal format differs from the standard journal format 5422 ** in that it omits the checksums and the header. 5423 */ 5424 if( subjRequiresPage(pPg) ){ 5425 rc = subjournalPage(pPg); 5426 } 5427 } 5428 5429 /* Update the database size and return. 5430 */ 5431 if( pPager->dbSize<pPg->pgno ){ 5432 pPager->dbSize = pPg->pgno; 5433 } 5434 return rc; 5435 } 5436 5437 /* 5438 ** Mark a data page as writeable. This routine must be called before 5439 ** making changes to a page. The caller must check the return value 5440 ** of this function and be careful not to change any page data unless 5441 ** this routine returns SQLITE_OK. 5442 ** 5443 ** The difference between this function and pager_write() is that this 5444 ** function also deals with the special case where 2 or more pages 5445 ** fit on a single disk sector. In this case all co-resident pages 5446 ** must have been written to the journal file before returning. 5447 ** 5448 ** If an error occurs, SQLITE_NOMEM or an IO error code is returned 5449 ** as appropriate. Otherwise, SQLITE_OK. 5450 */ 5451 int sqlite3PagerWrite(DbPage *pDbPage){ 5452 int rc = SQLITE_OK; 5453 5454 PgHdr *pPg = pDbPage; 5455 Pager *pPager = pPg->pPager; 5456 Pgno nPagePerSector = (pPager->sectorSize/pPager->pageSize); 5457 5458 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 5459 assert( pPager->eState!=PAGER_ERROR ); 5460 assert( assert_pager_state(pPager) ); 5461 5462 if( nPagePerSector>1 ){ 5463 Pgno nPageCount; /* Total number of pages in database file */ 5464 Pgno pg1; /* First page of the sector pPg is located on. */ 5465 int nPage = 0; /* Number of pages starting at pg1 to journal */ 5466 int ii; /* Loop counter */ 5467 int needSync = 0; /* True if any page has PGHDR_NEED_SYNC */ 5468 5469 /* Set the doNotSyncSpill flag to 1. This is because we cannot allow 5470 ** a journal header to be written between the pages journaled by 5471 ** this function. 5472 */ 5473 assert( !MEMDB ); 5474 assert( pPager->doNotSyncSpill==0 ); 5475 pPager->doNotSyncSpill++; 5476 5477 /* This trick assumes that both the page-size and sector-size are 5478 ** an integer power of 2. It sets variable pg1 to the identifier 5479 ** of the first page of the sector pPg is located on. 5480 */ 5481 pg1 = ((pPg->pgno-1) & ~(nPagePerSector-1)) + 1; 5482 5483 nPageCount = pPager->dbSize; 5484 if( pPg->pgno>nPageCount ){ 5485 nPage = (pPg->pgno - pg1)+1; 5486 }else if( (pg1+nPagePerSector-1)>nPageCount ){ 5487 nPage = nPageCount+1-pg1; 5488 }else{ 5489 nPage = nPagePerSector; 5490 } 5491 assert(nPage>0); 5492 assert(pg1<=pPg->pgno); 5493 assert((pg1+nPage)>pPg->pgno); 5494 5495 for(ii=0; ii<nPage && rc==SQLITE_OK; ii++){ 5496 Pgno pg = pg1+ii; 5497 PgHdr *pPage; 5498 if( pg==pPg->pgno || !sqlite3BitvecTest(pPager->pInJournal, pg) ){ 5499 if( pg!=PAGER_MJ_PGNO(pPager) ){ 5500 rc = sqlite3PagerGet(pPager, pg, &pPage); 5501 if( rc==SQLITE_OK ){ 5502 rc = pager_write(pPage); 5503 if( pPage->flags&PGHDR_NEED_SYNC ){ 5504 needSync = 1; 5505 } 5506 sqlite3PagerUnref(pPage); 5507 } 5508 } 5509 }else if( (pPage = pager_lookup(pPager, pg))!=0 ){ 5510 if( pPage->flags&PGHDR_NEED_SYNC ){ 5511 needSync = 1; 5512 } 5513 sqlite3PagerUnref(pPage); 5514 } 5515 } 5516 5517 /* If the PGHDR_NEED_SYNC flag is set for any of the nPage pages 5518 ** starting at pg1, then it needs to be set for all of them. Because 5519 ** writing to any of these nPage pages may damage the others, the 5520 ** journal file must contain sync()ed copies of all of them 5521 ** before any of them can be written out to the database file. 5522 */ 5523 if( rc==SQLITE_OK && needSync ){ 5524 assert( !MEMDB ); 5525 for(ii=0; ii<nPage; ii++){ 5526 PgHdr *pPage = pager_lookup(pPager, pg1+ii); 5527 if( pPage ){ 5528 pPage->flags |= PGHDR_NEED_SYNC; 5529 sqlite3PagerUnref(pPage); 5530 } 5531 } 5532 } 5533 5534 assert( pPager->doNotSyncSpill==1 ); 5535 pPager->doNotSyncSpill--; 5536 }else{ 5537 rc = pager_write(pDbPage); 5538 } 5539 return rc; 5540 } 5541 5542 /* 5543 ** Return TRUE if the page given in the argument was previously passed 5544 ** to sqlite3PagerWrite(). In other words, return TRUE if it is ok 5545 ** to change the content of the page. 5546 */ 5547 #ifndef NDEBUG 5548 int sqlite3PagerIswriteable(DbPage *pPg){ 5549 return pPg->flags&PGHDR_DIRTY; 5550 } 5551 #endif 5552 5553 /* 5554 ** A call to this routine tells the pager that it is not necessary to 5555 ** write the information on page pPg back to the disk, even though 5556 ** that page might be marked as dirty. This happens, for example, when 5557 ** the page has been added as a leaf of the freelist and so its 5558 ** content no longer matters. 5559 ** 5560 ** The overlying software layer calls this routine when all of the data 5561 ** on the given page is unused. The pager marks the page as clean so 5562 ** that it does not get written to disk. 5563 ** 5564 ** Tests show that this optimization can quadruple the speed of large 5565 ** DELETE operations. 5566 */ 5567 void sqlite3PagerDontWrite(PgHdr *pPg){ 5568 Pager *pPager = pPg->pPager; 5569 if( (pPg->flags&PGHDR_DIRTY) && pPager->nSavepoint==0 ){ 5570 PAGERTRACE(("DONT_WRITE page %d of %d\n", pPg->pgno, PAGERID(pPager))); 5571 IOTRACE(("CLEAN %p %d\n", pPager, pPg->pgno)) 5572 pPg->flags |= PGHDR_DONT_WRITE; 5573 pager_set_pagehash(pPg); 5574 } 5575 } 5576 5577 /* 5578 ** This routine is called to increment the value of the database file 5579 ** change-counter, stored as a 4-byte big-endian integer starting at 5580 ** byte offset 24 of the pager file. The secondary change counter at 5581 ** 92 is also updated, as is the SQLite version number at offset 96. 5582 ** 5583 ** But this only happens if the pPager->changeCountDone flag is false. 5584 ** To avoid excess churning of page 1, the update only happens once. 5585 ** See also the pager_write_changecounter() routine that does an 5586 ** unconditional update of the change counters. 5587 ** 5588 ** If the isDirectMode flag is zero, then this is done by calling 5589 ** sqlite3PagerWrite() on page 1, then modifying the contents of the 5590 ** page data. In this case the file will be updated when the current 5591 ** transaction is committed. 5592 ** 5593 ** The isDirectMode flag may only be non-zero if the library was compiled 5594 ** with the SQLITE_ENABLE_ATOMIC_WRITE macro defined. In this case, 5595 ** if isDirect is non-zero, then the database file is updated directly 5596 ** by writing an updated version of page 1 using a call to the 5597 ** sqlite3OsWrite() function. 5598 */ 5599 static int pager_incr_changecounter(Pager *pPager, int isDirectMode){ 5600 int rc = SQLITE_OK; 5601 5602 assert( pPager->eState==PAGER_WRITER_CACHEMOD 5603 || pPager->eState==PAGER_WRITER_DBMOD 5604 ); 5605 assert( assert_pager_state(pPager) ); 5606 5607 /* Declare and initialize constant integer 'isDirect'. If the 5608 ** atomic-write optimization is enabled in this build, then isDirect 5609 ** is initialized to the value passed as the isDirectMode parameter 5610 ** to this function. Otherwise, it is always set to zero. 5611 ** 5612 ** The idea is that if the atomic-write optimization is not 5613 ** enabled at compile time, the compiler can omit the tests of 5614 ** 'isDirect' below, as well as the block enclosed in the 5615 ** "if( isDirect )" condition. 5616 */ 5617 #ifndef SQLITE_ENABLE_ATOMIC_WRITE 5618 # define DIRECT_MODE 0 5619 assert( isDirectMode==0 ); 5620 UNUSED_PARAMETER(isDirectMode); 5621 #else 5622 # define DIRECT_MODE isDirectMode 5623 #endif 5624 5625 if( !pPager->changeCountDone && pPager->dbSize>0 ){ 5626 PgHdr *pPgHdr; /* Reference to page 1 */ 5627 5628 assert( !pPager->tempFile && isOpen(pPager->fd) ); 5629 5630 /* Open page 1 of the file for writing. */ 5631 rc = sqlite3PagerGet(pPager, 1, &pPgHdr); 5632 assert( pPgHdr==0 || rc==SQLITE_OK ); 5633 5634 /* If page one was fetched successfully, and this function is not 5635 ** operating in direct-mode, make page 1 writable. When not in 5636 ** direct mode, page 1 is always held in cache and hence the PagerGet() 5637 ** above is always successful - hence the ALWAYS on rc==SQLITE_OK. 5638 */ 5639 if( !DIRECT_MODE && ALWAYS(rc==SQLITE_OK) ){ 5640 rc = sqlite3PagerWrite(pPgHdr); 5641 } 5642 5643 if( rc==SQLITE_OK ){ 5644 /* Actually do the update of the change counter */ 5645 pager_write_changecounter(pPgHdr); 5646 5647 /* If running in direct mode, write the contents of page 1 to the file. */ 5648 if( DIRECT_MODE ){ 5649 const void *zBuf; 5650 assert( pPager->dbFileSize>0 ); 5651 CODEC2(pPager, pPgHdr->pData, 1, 6, rc=SQLITE_NOMEM, zBuf); 5652 if( rc==SQLITE_OK ){ 5653 rc = sqlite3OsWrite(pPager->fd, zBuf, pPager->pageSize, 0); 5654 } 5655 if( rc==SQLITE_OK ){ 5656 pPager->changeCountDone = 1; 5657 } 5658 }else{ 5659 pPager->changeCountDone = 1; 5660 } 5661 } 5662 5663 /* Release the page reference. */ 5664 sqlite3PagerUnref(pPgHdr); 5665 } 5666 return rc; 5667 } 5668 5669 /* 5670 ** Sync the database file to disk. This is a no-op for in-memory databases 5671 ** or pages with the Pager.noSync flag set. 5672 ** 5673 ** If successful, or if called on a pager for which it is a no-op, this 5674 ** function returns SQLITE_OK. Otherwise, an IO error code is returned. 5675 */ 5676 int sqlite3PagerSync(Pager *pPager){ 5677 int rc = SQLITE_OK; 5678 if( !pPager->noSync ){ 5679 assert( !MEMDB ); 5680 rc = sqlite3OsSync(pPager->fd, pPager->syncFlags); 5681 }else if( isOpen(pPager->fd) ){ 5682 assert( !MEMDB ); 5683 sqlite3OsFileControl(pPager->fd, SQLITE_FCNTL_SYNC_OMITTED, (void *)&rc); 5684 } 5685 return rc; 5686 } 5687 5688 /* 5689 ** This function may only be called while a write-transaction is active in 5690 ** rollback. If the connection is in WAL mode, this call is a no-op. 5691 ** Otherwise, if the connection does not already have an EXCLUSIVE lock on 5692 ** the database file, an attempt is made to obtain one. 5693 ** 5694 ** If the EXCLUSIVE lock is already held or the attempt to obtain it is 5695 ** successful, or the connection is in WAL mode, SQLITE_OK is returned. 5696 ** Otherwise, either SQLITE_BUSY or an SQLITE_IOERR_XXX error code is 5697 ** returned. 5698 */ 5699 int sqlite3PagerExclusiveLock(Pager *pPager){ 5700 int rc = SQLITE_OK; 5701 assert( pPager->eState==PAGER_WRITER_CACHEMOD 5702 || pPager->eState==PAGER_WRITER_DBMOD 5703 || pPager->eState==PAGER_WRITER_LOCKED 5704 ); 5705 assert( assert_pager_state(pPager) ); 5706 if( 0==pagerUseWal(pPager) ){ 5707 rc = pager_wait_on_lock(pPager, EXCLUSIVE_LOCK); 5708 } 5709 return rc; 5710 } 5711 5712 /* 5713 ** Sync the database file for the pager pPager. zMaster points to the name 5714 ** of a master journal file that should be written into the individual 5715 ** journal file. zMaster may be NULL, which is interpreted as no master 5716 ** journal (a single database transaction). 5717 ** 5718 ** This routine ensures that: 5719 ** 5720 ** * The database file change-counter is updated, 5721 ** * the journal is synced (unless the atomic-write optimization is used), 5722 ** * all dirty pages are written to the database file, 5723 ** * the database file is truncated (if required), and 5724 ** * the database file synced. 5725 ** 5726 ** The only thing that remains to commit the transaction is to finalize 5727 ** (delete, truncate or zero the first part of) the journal file (or 5728 ** delete the master journal file if specified). 5729 ** 5730 ** Note that if zMaster==NULL, this does not overwrite a previous value 5731 ** passed to an sqlite3PagerCommitPhaseOne() call. 5732 ** 5733 ** If the final parameter - noSync - is true, then the database file itself 5734 ** is not synced. The caller must call sqlite3PagerSync() directly to 5735 ** sync the database file before calling CommitPhaseTwo() to delete the 5736 ** journal file in this case. 5737 */ 5738 int sqlite3PagerCommitPhaseOne( 5739 Pager *pPager, /* Pager object */ 5740 const char *zMaster, /* If not NULL, the master journal name */ 5741 int noSync /* True to omit the xSync on the db file */ 5742 ){ 5743 int rc = SQLITE_OK; /* Return code */ 5744 5745 assert( pPager->eState==PAGER_WRITER_LOCKED 5746 || pPager->eState==PAGER_WRITER_CACHEMOD 5747 || pPager->eState==PAGER_WRITER_DBMOD 5748 || pPager->eState==PAGER_ERROR 5749 ); 5750 assert( assert_pager_state(pPager) ); 5751 5752 /* If a prior error occurred, report that error again. */ 5753 if( NEVER(pPager->errCode) ) return pPager->errCode; 5754 5755 PAGERTRACE(("DATABASE SYNC: File=%s zMaster=%s nSize=%d\n", 5756 pPager->zFilename, zMaster, pPager->dbSize)); 5757 5758 /* If no database changes have been made, return early. */ 5759 if( pPager->eState<PAGER_WRITER_CACHEMOD ) return SQLITE_OK; 5760 5761 if( MEMDB ){ 5762 /* If this is an in-memory db, or no pages have been written to, or this 5763 ** function has already been called, it is mostly a no-op. However, any 5764 ** backup in progress needs to be restarted. 5765 */ 5766 sqlite3BackupRestart(pPager->pBackup); 5767 }else{ 5768 if( pagerUseWal(pPager) ){ 5769 PgHdr *pList = sqlite3PcacheDirtyList(pPager->pPCache); 5770 PgHdr *pPageOne = 0; 5771 if( pList==0 ){ 5772 /* Must have at least one page for the WAL commit flag. 5773 ** Ticket [2d1a5c67dfc2363e44f29d9bbd57f] 2011-05-18 */ 5774 rc = sqlite3PagerGet(pPager, 1, &pPageOne); 5775 pList = pPageOne; 5776 pList->pDirty = 0; 5777 } 5778 assert( pList!=0 || rc!=SQLITE_OK ); 5779 if( pList ){ 5780 rc = pagerWalFrames(pPager, pList, pPager->dbSize, 1, 5781 (pPager->fullSync ? pPager->syncFlags : 0) 5782 ); 5783 } 5784 sqlite3PagerUnref(pPageOne); 5785 if( rc==SQLITE_OK ){ 5786 sqlite3PcacheCleanAll(pPager->pPCache); 5787 } 5788 }else{ 5789 /* The following block updates the change-counter. Exactly how it 5790 ** does this depends on whether or not the atomic-update optimization 5791 ** was enabled at compile time, and if this transaction meets the 5792 ** runtime criteria to use the operation: 5793 ** 5794 ** * The file-system supports the atomic-write property for 5795 ** blocks of size page-size, and 5796 ** * This commit is not part of a multi-file transaction, and 5797 ** * Exactly one page has been modified and store in the journal file. 5798 ** 5799 ** If the optimization was not enabled at compile time, then the 5800 ** pager_incr_changecounter() function is called to update the change 5801 ** counter in 'indirect-mode'. If the optimization is compiled in but 5802 ** is not applicable to this transaction, call sqlite3JournalCreate() 5803 ** to make sure the journal file has actually been created, then call 5804 ** pager_incr_changecounter() to update the change-counter in indirect 5805 ** mode. 5806 ** 5807 ** Otherwise, if the optimization is both enabled and applicable, 5808 ** then call pager_incr_changecounter() to update the change-counter 5809 ** in 'direct' mode. In this case the journal file will never be 5810 ** created for this transaction. 5811 */ 5812 #ifdef SQLITE_ENABLE_ATOMIC_WRITE 5813 PgHdr *pPg; 5814 assert( isOpen(pPager->jfd) 5815 || pPager->journalMode==PAGER_JOURNALMODE_OFF 5816 || pPager->journalMode==PAGER_JOURNALMODE_WAL 5817 ); 5818 if( !zMaster && isOpen(pPager->jfd) 5819 && pPager->journalOff==jrnlBufferSize(pPager) 5820 && pPager->dbSize>=pPager->dbOrigSize 5821 && (0==(pPg = sqlite3PcacheDirtyList(pPager->pPCache)) || 0==pPg->pDirty) 5822 ){ 5823 /* Update the db file change counter via the direct-write method. The 5824 ** following call will modify the in-memory representation of page 1 5825 ** to include the updated change counter and then write page 1 5826 ** directly to the database file. Because of the atomic-write 5827 ** property of the host file-system, this is safe. 5828 */ 5829 rc = pager_incr_changecounter(pPager, 1); 5830 }else{ 5831 rc = sqlite3JournalCreate(pPager->jfd); 5832 if( rc==SQLITE_OK ){ 5833 rc = pager_incr_changecounter(pPager, 0); 5834 } 5835 } 5836 #else 5837 rc = pager_incr_changecounter(pPager, 0); 5838 #endif 5839 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 5840 5841 /* If this transaction has made the database smaller, then all pages 5842 ** being discarded by the truncation must be written to the journal 5843 ** file. This can only happen in auto-vacuum mode. 5844 ** 5845 ** Before reading the pages with page numbers larger than the 5846 ** current value of Pager.dbSize, set dbSize back to the value 5847 ** that it took at the start of the transaction. Otherwise, the 5848 ** calls to sqlite3PagerGet() return zeroed pages instead of 5849 ** reading data from the database file. 5850 */ 5851 #ifndef SQLITE_OMIT_AUTOVACUUM 5852 if( pPager->dbSize<pPager->dbOrigSize 5853 && pPager->journalMode!=PAGER_JOURNALMODE_OFF 5854 ){ 5855 Pgno i; /* Iterator variable */ 5856 const Pgno iSkip = PAGER_MJ_PGNO(pPager); /* Pending lock page */ 5857 const Pgno dbSize = pPager->dbSize; /* Database image size */ 5858 pPager->dbSize = pPager->dbOrigSize; 5859 for( i=dbSize+1; i<=pPager->dbOrigSize; i++ ){ 5860 if( !sqlite3BitvecTest(pPager->pInJournal, i) && i!=iSkip ){ 5861 PgHdr *pPage; /* Page to journal */ 5862 rc = sqlite3PagerGet(pPager, i, &pPage); 5863 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 5864 rc = sqlite3PagerWrite(pPage); 5865 sqlite3PagerUnref(pPage); 5866 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 5867 } 5868 } 5869 pPager->dbSize = dbSize; 5870 } 5871 #endif 5872 5873 /* Write the master journal name into the journal file. If a master 5874 ** journal file name has already been written to the journal file, 5875 ** or if zMaster is NULL (no master journal), then this call is a no-op. 5876 */ 5877 rc = writeMasterJournal(pPager, zMaster); 5878 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 5879 5880 /* Sync the journal file and write all dirty pages to the database. 5881 ** If the atomic-update optimization is being used, this sync will not 5882 ** create the journal file or perform any real IO. 5883 ** 5884 ** Because the change-counter page was just modified, unless the 5885 ** atomic-update optimization is used it is almost certain that the 5886 ** journal requires a sync here. However, in locking_mode=exclusive 5887 ** on a system under memory pressure it is just possible that this is 5888 ** not the case. In this case it is likely enough that the redundant 5889 ** xSync() call will be changed to a no-op by the OS anyhow. 5890 */ 5891 rc = syncJournal(pPager, 0); 5892 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 5893 5894 rc = pager_write_pagelist(pPager,sqlite3PcacheDirtyList(pPager->pPCache)); 5895 if( rc!=SQLITE_OK ){ 5896 assert( rc!=SQLITE_IOERR_BLOCKED ); 5897 goto commit_phase_one_exit; 5898 } 5899 sqlite3PcacheCleanAll(pPager->pPCache); 5900 5901 /* If the file on disk is not the same size as the database image, 5902 ** then use pager_truncate to grow or shrink the file here. 5903 */ 5904 if( pPager->dbSize!=pPager->dbFileSize ){ 5905 Pgno nNew = pPager->dbSize - (pPager->dbSize==PAGER_MJ_PGNO(pPager)); 5906 assert( pPager->eState==PAGER_WRITER_DBMOD ); 5907 rc = pager_truncate(pPager, nNew); 5908 if( rc!=SQLITE_OK ) goto commit_phase_one_exit; 5909 } 5910 5911 /* Finally, sync the database file. */ 5912 if( !noSync ){ 5913 rc = sqlite3PagerSync(pPager); 5914 } 5915 IOTRACE(("DBSYNC %p\n", pPager)) 5916 } 5917 } 5918 5919 commit_phase_one_exit: 5920 if( rc==SQLITE_OK && !pagerUseWal(pPager) ){ 5921 pPager->eState = PAGER_WRITER_FINISHED; 5922 } 5923 return rc; 5924 } 5925 5926 5927 /* 5928 ** When this function is called, the database file has been completely 5929 ** updated to reflect the changes made by the current transaction and 5930 ** synced to disk. The journal file still exists in the file-system 5931 ** though, and if a failure occurs at this point it will eventually 5932 ** be used as a hot-journal and the current transaction rolled back. 5933 ** 5934 ** This function finalizes the journal file, either by deleting, 5935 ** truncating or partially zeroing it, so that it cannot be used 5936 ** for hot-journal rollback. Once this is done the transaction is 5937 ** irrevocably committed. 5938 ** 5939 ** If an error occurs, an IO error code is returned and the pager 5940 ** moves into the error state. Otherwise, SQLITE_OK is returned. 5941 */ 5942 int sqlite3PagerCommitPhaseTwo(Pager *pPager){ 5943 int rc = SQLITE_OK; /* Return code */ 5944 5945 /* This routine should not be called if a prior error has occurred. 5946 ** But if (due to a coding error elsewhere in the system) it does get 5947 ** called, just return the same error code without doing anything. */ 5948 if( NEVER(pPager->errCode) ) return pPager->errCode; 5949 5950 assert( pPager->eState==PAGER_WRITER_LOCKED 5951 || pPager->eState==PAGER_WRITER_FINISHED 5952 || (pagerUseWal(pPager) && pPager->eState==PAGER_WRITER_CACHEMOD) 5953 ); 5954 assert( assert_pager_state(pPager) ); 5955 5956 /* An optimization. If the database was not actually modified during 5957 ** this transaction, the pager is running in exclusive-mode and is 5958 ** using persistent journals, then this function is a no-op. 5959 ** 5960 ** The start of the journal file currently contains a single journal 5961 ** header with the nRec field set to 0. If such a journal is used as 5962 ** a hot-journal during hot-journal rollback, 0 changes will be made 5963 ** to the database file. So there is no need to zero the journal 5964 ** header. Since the pager is in exclusive mode, there is no need 5965 ** to drop any locks either. 5966 */ 5967 if( pPager->eState==PAGER_WRITER_LOCKED 5968 && pPager->exclusiveMode 5969 && pPager->journalMode==PAGER_JOURNALMODE_PERSIST 5970 ){ 5971 assert( pPager->journalOff==JOURNAL_HDR_SZ(pPager) || !pPager->journalOff ); 5972 pPager->eState = PAGER_READER; 5973 return SQLITE_OK; 5974 } 5975 5976 PAGERTRACE(("COMMIT %d\n", PAGERID(pPager))); 5977 rc = pager_end_transaction(pPager, pPager->setMaster); 5978 return pager_error(pPager, rc); 5979 } 5980 5981 /* 5982 ** If a write transaction is open, then all changes made within the 5983 ** transaction are reverted and the current write-transaction is closed. 5984 ** The pager falls back to PAGER_READER state if successful, or PAGER_ERROR 5985 ** state if an error occurs. 5986 ** 5987 ** If the pager is already in PAGER_ERROR state when this function is called, 5988 ** it returns Pager.errCode immediately. No work is performed in this case. 5989 ** 5990 ** Otherwise, in rollback mode, this function performs two functions: 5991 ** 5992 ** 1) It rolls back the journal file, restoring all database file and 5993 ** in-memory cache pages to the state they were in when the transaction 5994 ** was opened, and 5995 ** 5996 ** 2) It finalizes the journal file, so that it is not used for hot 5997 ** rollback at any point in the future. 5998 ** 5999 ** Finalization of the journal file (task 2) is only performed if the 6000 ** rollback is successful. 6001 ** 6002 ** In WAL mode, all cache-entries containing data modified within the 6003 ** current transaction are either expelled from the cache or reverted to 6004 ** their pre-transaction state by re-reading data from the database or 6005 ** WAL files. The WAL transaction is then closed. 6006 */ 6007 int sqlite3PagerRollback(Pager *pPager){ 6008 int rc = SQLITE_OK; /* Return code */ 6009 PAGERTRACE(("ROLLBACK %d\n", PAGERID(pPager))); 6010 6011 /* PagerRollback() is a no-op if called in READER or OPEN state. If 6012 ** the pager is already in the ERROR state, the rollback is not 6013 ** attempted here. Instead, the error code is returned to the caller. 6014 */ 6015 assert( assert_pager_state(pPager) ); 6016 if( pPager->eState==PAGER_ERROR ) return pPager->errCode; 6017 if( pPager->eState<=PAGER_READER ) return SQLITE_OK; 6018 6019 if( pagerUseWal(pPager) ){ 6020 int rc2; 6021 rc = sqlite3PagerSavepoint(pPager, SAVEPOINT_ROLLBACK, -1); 6022 rc2 = pager_end_transaction(pPager, pPager->setMaster); 6023 if( rc==SQLITE_OK ) rc = rc2; 6024 }else if( !isOpen(pPager->jfd) || pPager->eState==PAGER_WRITER_LOCKED ){ 6025 int eState = pPager->eState; 6026 rc = pager_end_transaction(pPager, 0); 6027 if( !MEMDB && eState>PAGER_WRITER_LOCKED ){ 6028 /* This can happen using journal_mode=off. Move the pager to the error 6029 ** state to indicate that the contents of the cache may not be trusted. 6030 ** Any active readers will get SQLITE_ABORT. 6031 */ 6032 pPager->errCode = SQLITE_ABORT; 6033 pPager->eState = PAGER_ERROR; 6034 return rc; 6035 } 6036 }else{ 6037 rc = pager_playback(pPager, 0); 6038 } 6039 6040 assert( pPager->eState==PAGER_READER || rc!=SQLITE_OK ); 6041 assert( rc==SQLITE_OK || rc==SQLITE_FULL || (rc&0xFF)==SQLITE_IOERR ); 6042 6043 /* If an error occurs during a ROLLBACK, we can no longer trust the pager 6044 ** cache. So call pager_error() on the way out to make any error persistent. 6045 */ 6046 return pager_error(pPager, rc); 6047 } 6048 6049 /* 6050 ** Return TRUE if the database file is opened read-only. Return FALSE 6051 ** if the database is (in theory) writable. 6052 */ 6053 u8 sqlite3PagerIsreadonly(Pager *pPager){ 6054 return pPager->readOnly; 6055 } 6056 6057 /* 6058 ** Return the number of references to the pager. 6059 */ 6060 int sqlite3PagerRefcount(Pager *pPager){ 6061 return sqlite3PcacheRefCount(pPager->pPCache); 6062 } 6063 6064 /* 6065 ** Return the approximate number of bytes of memory currently 6066 ** used by the pager and its associated cache. 6067 */ 6068 int sqlite3PagerMemUsed(Pager *pPager){ 6069 int perPageSize = pPager->pageSize + pPager->nExtra + sizeof(PgHdr) 6070 + 5*sizeof(void*); 6071 return perPageSize*sqlite3PcachePagecount(pPager->pPCache) 6072 + sqlite3MallocSize(pPager) 6073 + pPager->pageSize; 6074 } 6075 6076 /* 6077 ** Return the number of references to the specified page. 6078 */ 6079 int sqlite3PagerPageRefcount(DbPage *pPage){ 6080 return sqlite3PcachePageRefcount(pPage); 6081 } 6082 6083 #ifdef SQLITE_TEST 6084 /* 6085 ** This routine is used for testing and analysis only. 6086 */ 6087 int *sqlite3PagerStats(Pager *pPager){ 6088 static int a[11]; 6089 a[0] = sqlite3PcacheRefCount(pPager->pPCache); 6090 a[1] = sqlite3PcachePagecount(pPager->pPCache); 6091 a[2] = sqlite3PcacheGetCachesize(pPager->pPCache); 6092 a[3] = pPager->eState==PAGER_OPEN ? -1 : (int) pPager->dbSize; 6093 a[4] = pPager->eState; 6094 a[5] = pPager->errCode; 6095 a[6] = pPager->nHit; 6096 a[7] = pPager->nMiss; 6097 a[8] = 0; /* Used to be pPager->nOvfl */ 6098 a[9] = pPager->nRead; 6099 a[10] = pPager->nWrite; 6100 return a; 6101 } 6102 #endif 6103 6104 /* 6105 ** Return true if this is an in-memory pager. 6106 */ 6107 int sqlite3PagerIsMemdb(Pager *pPager){ 6108 return MEMDB; 6109 } 6110 6111 /* 6112 ** Check that there are at least nSavepoint savepoints open. If there are 6113 ** currently less than nSavepoints open, then open one or more savepoints 6114 ** to make up the difference. If the number of savepoints is already 6115 ** equal to nSavepoint, then this function is a no-op. 6116 ** 6117 ** If a memory allocation fails, SQLITE_NOMEM is returned. If an error 6118 ** occurs while opening the sub-journal file, then an IO error code is 6119 ** returned. Otherwise, SQLITE_OK. 6120 */ 6121 int sqlite3PagerOpenSavepoint(Pager *pPager, int nSavepoint){ 6122 int rc = SQLITE_OK; /* Return code */ 6123 int nCurrent = pPager->nSavepoint; /* Current number of savepoints */ 6124 6125 assert( pPager->eState>=PAGER_WRITER_LOCKED ); 6126 assert( assert_pager_state(pPager) ); 6127 6128 if( nSavepoint>nCurrent && pPager->useJournal ){ 6129 int ii; /* Iterator variable */ 6130 PagerSavepoint *aNew; /* New Pager.aSavepoint array */ 6131 6132 /* Grow the Pager.aSavepoint array using realloc(). Return SQLITE_NOMEM 6133 ** if the allocation fails. Otherwise, zero the new portion in case a 6134 ** malloc failure occurs while populating it in the for(...) loop below. 6135 */ 6136 aNew = (PagerSavepoint *)sqlite3Realloc( 6137 pPager->aSavepoint, sizeof(PagerSavepoint)*nSavepoint 6138 ); 6139 if( !aNew ){ 6140 return SQLITE_NOMEM; 6141 } 6142 memset(&aNew[nCurrent], 0, (nSavepoint-nCurrent) * sizeof(PagerSavepoint)); 6143 pPager->aSavepoint = aNew; 6144 6145 /* Populate the PagerSavepoint structures just allocated. */ 6146 for(ii=nCurrent; ii<nSavepoint; ii++){ 6147 aNew[ii].nOrig = pPager->dbSize; 6148 if( isOpen(pPager->jfd) && pPager->journalOff>0 ){ 6149 aNew[ii].iOffset = pPager->journalOff; 6150 }else{ 6151 aNew[ii].iOffset = JOURNAL_HDR_SZ(pPager); 6152 } 6153 aNew[ii].iSubRec = pPager->nSubRec; 6154 aNew[ii].pInSavepoint = sqlite3BitvecCreate(pPager->dbSize); 6155 if( !aNew[ii].pInSavepoint ){ 6156 return SQLITE_NOMEM; 6157 } 6158 if( pagerUseWal(pPager) ){ 6159 sqlite3WalSavepoint(pPager->pWal, aNew[ii].aWalData); 6160 } 6161 pPager->nSavepoint = ii+1; 6162 } 6163 assert( pPager->nSavepoint==nSavepoint ); 6164 assertTruncateConstraint(pPager); 6165 } 6166 6167 return rc; 6168 } 6169 6170 /* 6171 ** This function is called to rollback or release (commit) a savepoint. 6172 ** The savepoint to release or rollback need not be the most recently 6173 ** created savepoint. 6174 ** 6175 ** Parameter op is always either SAVEPOINT_ROLLBACK or SAVEPOINT_RELEASE. 6176 ** If it is SAVEPOINT_RELEASE, then release and destroy the savepoint with 6177 ** index iSavepoint. If it is SAVEPOINT_ROLLBACK, then rollback all changes 6178 ** that have occurred since the specified savepoint was created. 6179 ** 6180 ** The savepoint to rollback or release is identified by parameter 6181 ** iSavepoint. A value of 0 means to operate on the outermost savepoint 6182 ** (the first created). A value of (Pager.nSavepoint-1) means operate 6183 ** on the most recently created savepoint. If iSavepoint is greater than 6184 ** (Pager.nSavepoint-1), then this function is a no-op. 6185 ** 6186 ** If a negative value is passed to this function, then the current 6187 ** transaction is rolled back. This is different to calling 6188 ** sqlite3PagerRollback() because this function does not terminate 6189 ** the transaction or unlock the database, it just restores the 6190 ** contents of the database to its original state. 6191 ** 6192 ** In any case, all savepoints with an index greater than iSavepoint 6193 ** are destroyed. If this is a release operation (op==SAVEPOINT_RELEASE), 6194 ** then savepoint iSavepoint is also destroyed. 6195 ** 6196 ** This function may return SQLITE_NOMEM if a memory allocation fails, 6197 ** or an IO error code if an IO error occurs while rolling back a 6198 ** savepoint. If no errors occur, SQLITE_OK is returned. 6199 */ 6200 int sqlite3PagerSavepoint(Pager *pPager, int op, int iSavepoint){ 6201 int rc = pPager->errCode; /* Return code */ 6202 6203 assert( op==SAVEPOINT_RELEASE || op==SAVEPOINT_ROLLBACK ); 6204 assert( iSavepoint>=0 || op==SAVEPOINT_ROLLBACK ); 6205 6206 if( rc==SQLITE_OK && iSavepoint<pPager->nSavepoint ){ 6207 int ii; /* Iterator variable */ 6208 int nNew; /* Number of remaining savepoints after this op. */ 6209 6210 /* Figure out how many savepoints will still be active after this 6211 ** operation. Store this value in nNew. Then free resources associated 6212 ** with any savepoints that are destroyed by this operation. 6213 */ 6214 nNew = iSavepoint + (( op==SAVEPOINT_RELEASE ) ? 0 : 1); 6215 for(ii=nNew; ii<pPager->nSavepoint; ii++){ 6216 sqlite3BitvecDestroy(pPager->aSavepoint[ii].pInSavepoint); 6217 } 6218 pPager->nSavepoint = nNew; 6219 6220 /* If this is a release of the outermost savepoint, truncate 6221 ** the sub-journal to zero bytes in size. */ 6222 if( op==SAVEPOINT_RELEASE ){ 6223 if( nNew==0 && isOpen(pPager->sjfd) ){ 6224 /* Only truncate if it is an in-memory sub-journal. */ 6225 if( sqlite3IsMemJournal(pPager->sjfd) ){ 6226 rc = sqlite3OsTruncate(pPager->sjfd, 0); 6227 assert( rc==SQLITE_OK ); 6228 } 6229 pPager->nSubRec = 0; 6230 } 6231 } 6232 /* Else this is a rollback operation, playback the specified savepoint. 6233 ** If this is a temp-file, it is possible that the journal file has 6234 ** not yet been opened. In this case there have been no changes to 6235 ** the database file, so the playback operation can be skipped. 6236 */ 6237 else if( pagerUseWal(pPager) || isOpen(pPager->jfd) ){ 6238 PagerSavepoint *pSavepoint = (nNew==0)?0:&pPager->aSavepoint[nNew-1]; 6239 rc = pagerPlaybackSavepoint(pPager, pSavepoint); 6240 assert(rc!=SQLITE_DONE); 6241 } 6242 } 6243 6244 return rc; 6245 } 6246 6247 /* 6248 ** Return the full pathname of the database file. 6249 */ 6250 const char *sqlite3PagerFilename(Pager *pPager){ 6251 return pPager->zFilename; 6252 } 6253 6254 /* 6255 ** Return the VFS structure for the pager. 6256 */ 6257 const sqlite3_vfs *sqlite3PagerVfs(Pager *pPager){ 6258 return pPager->pVfs; 6259 } 6260 6261 /* 6262 ** Return the file handle for the database file associated 6263 ** with the pager. This might return NULL if the file has 6264 ** not yet been opened. 6265 */ 6266 sqlite3_file *sqlite3PagerFile(Pager *pPager){ 6267 return pPager->fd; 6268 } 6269 6270 /* 6271 ** Return the full pathname of the journal file. 6272 */ 6273 const char *sqlite3PagerJournalname(Pager *pPager){ 6274 return pPager->zJournal; 6275 } 6276 6277 /* 6278 ** Return true if fsync() calls are disabled for this pager. Return FALSE 6279 ** if fsync()s are executed normally. 6280 */ 6281 int sqlite3PagerNosync(Pager *pPager){ 6282 return pPager->noSync; 6283 } 6284 6285 #ifdef SQLITE_HAS_CODEC 6286 /* 6287 ** Set or retrieve the codec for this pager 6288 */ 6289 void sqlite3PagerSetCodec( 6290 Pager *pPager, 6291 void *(*xCodec)(void*,void*,Pgno,int), 6292 void (*xCodecSizeChng)(void*,int,int), 6293 void (*xCodecFree)(void*), 6294 void *pCodec 6295 ){ 6296 if( pPager->xCodecFree ) pPager->xCodecFree(pPager->pCodec); 6297 pPager->xCodec = pPager->memDb ? 0 : xCodec; 6298 pPager->xCodecSizeChng = xCodecSizeChng; 6299 pPager->xCodecFree = xCodecFree; 6300 pPager->pCodec = pCodec; 6301 pagerReportSize(pPager); 6302 } 6303 void *sqlite3PagerGetCodec(Pager *pPager){ 6304 return pPager->pCodec; 6305 } 6306 #endif 6307 6308 #ifndef SQLITE_OMIT_AUTOVACUUM 6309 /* 6310 ** Move the page pPg to location pgno in the file. 6311 ** 6312 ** There must be no references to the page previously located at 6313 ** pgno (which we call pPgOld) though that page is allowed to be 6314 ** in cache. If the page previously located at pgno is not already 6315 ** in the rollback journal, it is not put there by by this routine. 6316 ** 6317 ** References to the page pPg remain valid. Updating any 6318 ** meta-data associated with pPg (i.e. data stored in the nExtra bytes 6319 ** allocated along with the page) is the responsibility of the caller. 6320 ** 6321 ** A transaction must be active when this routine is called. It used to be 6322 ** required that a statement transaction was not active, but this restriction 6323 ** has been removed (CREATE INDEX needs to move a page when a statement 6324 ** transaction is active). 6325 ** 6326 ** If the fourth argument, isCommit, is non-zero, then this page is being 6327 ** moved as part of a database reorganization just before the transaction 6328 ** is being committed. In this case, it is guaranteed that the database page 6329 ** pPg refers to will not be written to again within this transaction. 6330 ** 6331 ** This function may return SQLITE_NOMEM or an IO error code if an error 6332 ** occurs. Otherwise, it returns SQLITE_OK. 6333 */ 6334 int sqlite3PagerMovepage(Pager *pPager, DbPage *pPg, Pgno pgno, int isCommit){ 6335 PgHdr *pPgOld; /* The page being overwritten. */ 6336 Pgno needSyncPgno = 0; /* Old value of pPg->pgno, if sync is required */ 6337 int rc; /* Return code */ 6338 Pgno origPgno; /* The original page number */ 6339 6340 assert( pPg->nRef>0 ); 6341 assert( pPager->eState==PAGER_WRITER_CACHEMOD 6342 || pPager->eState==PAGER_WRITER_DBMOD 6343 ); 6344 assert( assert_pager_state(pPager) ); 6345 6346 /* In order to be able to rollback, an in-memory database must journal 6347 ** the page we are moving from. 6348 */ 6349 if( MEMDB ){ 6350 rc = sqlite3PagerWrite(pPg); 6351 if( rc ) return rc; 6352 } 6353 6354 /* If the page being moved is dirty and has not been saved by the latest 6355 ** savepoint, then save the current contents of the page into the 6356 ** sub-journal now. This is required to handle the following scenario: 6357 ** 6358 ** BEGIN; 6359 ** <journal page X, then modify it in memory> 6360 ** SAVEPOINT one; 6361 ** <Move page X to location Y> 6362 ** ROLLBACK TO one; 6363 ** 6364 ** If page X were not written to the sub-journal here, it would not 6365 ** be possible to restore its contents when the "ROLLBACK TO one" 6366 ** statement were is processed. 6367 ** 6368 ** subjournalPage() may need to allocate space to store pPg->pgno into 6369 ** one or more savepoint bitvecs. This is the reason this function 6370 ** may return SQLITE_NOMEM. 6371 */ 6372 if( pPg->flags&PGHDR_DIRTY 6373 && subjRequiresPage(pPg) 6374 && SQLITE_OK!=(rc = subjournalPage(pPg)) 6375 ){ 6376 return rc; 6377 } 6378 6379 PAGERTRACE(("MOVE %d page %d (needSync=%d) moves to %d\n", 6380 PAGERID(pPager), pPg->pgno, (pPg->flags&PGHDR_NEED_SYNC)?1:0, pgno)); 6381 IOTRACE(("MOVE %p %d %d\n", pPager, pPg->pgno, pgno)) 6382 6383 /* If the journal needs to be sync()ed before page pPg->pgno can 6384 ** be written to, store pPg->pgno in local variable needSyncPgno. 6385 ** 6386 ** If the isCommit flag is set, there is no need to remember that 6387 ** the journal needs to be sync()ed before database page pPg->pgno 6388 ** can be written to. The caller has already promised not to write to it. 6389 */ 6390 if( (pPg->flags&PGHDR_NEED_SYNC) && !isCommit ){ 6391 needSyncPgno = pPg->pgno; 6392 assert( pageInJournal(pPg) || pPg->pgno>pPager->dbOrigSize ); 6393 assert( pPg->flags&PGHDR_DIRTY ); 6394 } 6395 6396 /* If the cache contains a page with page-number pgno, remove it 6397 ** from its hash chain. Also, if the PGHDR_NEED_SYNC flag was set for 6398 ** page pgno before the 'move' operation, it needs to be retained 6399 ** for the page moved there. 6400 */ 6401 pPg->flags &= ~PGHDR_NEED_SYNC; 6402 pPgOld = pager_lookup(pPager, pgno); 6403 assert( !pPgOld || pPgOld->nRef==1 ); 6404 if( pPgOld ){ 6405 pPg->flags |= (pPgOld->flags&PGHDR_NEED_SYNC); 6406 if( MEMDB ){ 6407 /* Do not discard pages from an in-memory database since we might 6408 ** need to rollback later. Just move the page out of the way. */ 6409 sqlite3PcacheMove(pPgOld, pPager->dbSize+1); 6410 }else{ 6411 sqlite3PcacheDrop(pPgOld); 6412 } 6413 } 6414 6415 origPgno = pPg->pgno; 6416 sqlite3PcacheMove(pPg, pgno); 6417 sqlite3PcacheMakeDirty(pPg); 6418 6419 /* For an in-memory database, make sure the original page continues 6420 ** to exist, in case the transaction needs to roll back. Use pPgOld 6421 ** as the original page since it has already been allocated. 6422 */ 6423 if( MEMDB ){ 6424 assert( pPgOld ); 6425 sqlite3PcacheMove(pPgOld, origPgno); 6426 sqlite3PagerUnref(pPgOld); 6427 } 6428 6429 if( needSyncPgno ){ 6430 /* If needSyncPgno is non-zero, then the journal file needs to be 6431 ** sync()ed before any data is written to database file page needSyncPgno. 6432 ** Currently, no such page exists in the page-cache and the 6433 ** "is journaled" bitvec flag has been set. This needs to be remedied by 6434 ** loading the page into the pager-cache and setting the PGHDR_NEED_SYNC 6435 ** flag. 6436 ** 6437 ** If the attempt to load the page into the page-cache fails, (due 6438 ** to a malloc() or IO failure), clear the bit in the pInJournal[] 6439 ** array. Otherwise, if the page is loaded and written again in 6440 ** this transaction, it may be written to the database file before 6441 ** it is synced into the journal file. This way, it may end up in 6442 ** the journal file twice, but that is not a problem. 6443 */ 6444 PgHdr *pPgHdr; 6445 rc = sqlite3PagerGet(pPager, needSyncPgno, &pPgHdr); 6446 if( rc!=SQLITE_OK ){ 6447 if( needSyncPgno<=pPager->dbOrigSize ){ 6448 assert( pPager->pTmpSpace!=0 ); 6449 sqlite3BitvecClear(pPager->pInJournal, needSyncPgno, pPager->pTmpSpace); 6450 } 6451 return rc; 6452 } 6453 pPgHdr->flags |= PGHDR_NEED_SYNC; 6454 sqlite3PcacheMakeDirty(pPgHdr); 6455 sqlite3PagerUnref(pPgHdr); 6456 } 6457 6458 return SQLITE_OK; 6459 } 6460 #endif 6461 6462 /* 6463 ** Return a pointer to the data for the specified page. 6464 */ 6465 void *sqlite3PagerGetData(DbPage *pPg){ 6466 assert( pPg->nRef>0 || pPg->pPager->memDb ); 6467 return pPg->pData; 6468 } 6469 6470 /* 6471 ** Return a pointer to the Pager.nExtra bytes of "extra" space 6472 ** allocated along with the specified page. 6473 */ 6474 void *sqlite3PagerGetExtra(DbPage *pPg){ 6475 return pPg->pExtra; 6476 } 6477 6478 /* 6479 ** Get/set the locking-mode for this pager. Parameter eMode must be one 6480 ** of PAGER_LOCKINGMODE_QUERY, PAGER_LOCKINGMODE_NORMAL or 6481 ** PAGER_LOCKINGMODE_EXCLUSIVE. If the parameter is not _QUERY, then 6482 ** the locking-mode is set to the value specified. 6483 ** 6484 ** The returned value is either PAGER_LOCKINGMODE_NORMAL or 6485 ** PAGER_LOCKINGMODE_EXCLUSIVE, indicating the current (possibly updated) 6486 ** locking-mode. 6487 */ 6488 int sqlite3PagerLockingMode(Pager *pPager, int eMode){ 6489 assert( eMode==PAGER_LOCKINGMODE_QUERY 6490 || eMode==PAGER_LOCKINGMODE_NORMAL 6491 || eMode==PAGER_LOCKINGMODE_EXCLUSIVE ); 6492 assert( PAGER_LOCKINGMODE_QUERY<0 ); 6493 assert( PAGER_LOCKINGMODE_NORMAL>=0 && PAGER_LOCKINGMODE_EXCLUSIVE>=0 ); 6494 assert( pPager->exclusiveMode || 0==sqlite3WalHeapMemory(pPager->pWal) ); 6495 if( eMode>=0 && !pPager->tempFile && !sqlite3WalHeapMemory(pPager->pWal) ){ 6496 pPager->exclusiveMode = (u8)eMode; 6497 } 6498 return (int)pPager->exclusiveMode; 6499 } 6500 6501 /* 6502 ** Set the journal-mode for this pager. Parameter eMode must be one of: 6503 ** 6504 ** PAGER_JOURNALMODE_DELETE 6505 ** PAGER_JOURNALMODE_TRUNCATE 6506 ** PAGER_JOURNALMODE_PERSIST 6507 ** PAGER_JOURNALMODE_OFF 6508 ** PAGER_JOURNALMODE_MEMORY 6509 ** PAGER_JOURNALMODE_WAL 6510 ** 6511 ** The journalmode is set to the value specified if the change is allowed. 6512 ** The change may be disallowed for the following reasons: 6513 ** 6514 ** * An in-memory database can only have its journal_mode set to _OFF 6515 ** or _MEMORY. 6516 ** 6517 ** * Temporary databases cannot have _WAL journalmode. 6518 ** 6519 ** The returned indicate the current (possibly updated) journal-mode. 6520 */ 6521 int sqlite3PagerSetJournalMode(Pager *pPager, int eMode){ 6522 u8 eOld = pPager->journalMode; /* Prior journalmode */ 6523 6524 #ifdef SQLITE_DEBUG 6525 /* The print_pager_state() routine is intended to be used by the debugger 6526 ** only. We invoke it once here to suppress a compiler warning. */ 6527 print_pager_state(pPager); 6528 #endif 6529 6530 6531 /* The eMode parameter is always valid */ 6532 assert( eMode==PAGER_JOURNALMODE_DELETE 6533 || eMode==PAGER_JOURNALMODE_TRUNCATE 6534 || eMode==PAGER_JOURNALMODE_PERSIST 6535 || eMode==PAGER_JOURNALMODE_OFF 6536 || eMode==PAGER_JOURNALMODE_WAL 6537 || eMode==PAGER_JOURNALMODE_MEMORY ); 6538 6539 /* This routine is only called from the OP_JournalMode opcode, and 6540 ** the logic there will never allow a temporary file to be changed 6541 ** to WAL mode. 6542 */ 6543 assert( pPager->tempFile==0 || eMode!=PAGER_JOURNALMODE_WAL ); 6544 6545 /* Do allow the journalmode of an in-memory database to be set to 6546 ** anything other than MEMORY or OFF 6547 */ 6548 if( MEMDB ){ 6549 assert( eOld==PAGER_JOURNALMODE_MEMORY || eOld==PAGER_JOURNALMODE_OFF ); 6550 if( eMode!=PAGER_JOURNALMODE_MEMORY && eMode!=PAGER_JOURNALMODE_OFF ){ 6551 eMode = eOld; 6552 } 6553 } 6554 6555 if( eMode!=eOld ){ 6556 6557 /* Change the journal mode. */ 6558 assert( pPager->eState!=PAGER_ERROR ); 6559 pPager->journalMode = (u8)eMode; 6560 6561 /* When transistioning from TRUNCATE or PERSIST to any other journal 6562 ** mode except WAL, unless the pager is in locking_mode=exclusive mode, 6563 ** delete the journal file. 6564 */ 6565 assert( (PAGER_JOURNALMODE_TRUNCATE & 5)==1 ); 6566 assert( (PAGER_JOURNALMODE_PERSIST & 5)==1 ); 6567 assert( (PAGER_JOURNALMODE_DELETE & 5)==0 ); 6568 assert( (PAGER_JOURNALMODE_MEMORY & 5)==4 ); 6569 assert( (PAGER_JOURNALMODE_OFF & 5)==0 ); 6570 assert( (PAGER_JOURNALMODE_WAL & 5)==5 ); 6571 6572 assert( isOpen(pPager->fd) || pPager->exclusiveMode ); 6573 if( !pPager->exclusiveMode && (eOld & 5)==1 && (eMode & 1)==0 ){ 6574 6575 /* In this case we would like to delete the journal file. If it is 6576 ** not possible, then that is not a problem. Deleting the journal file 6577 ** here is an optimization only. 6578 ** 6579 ** Before deleting the journal file, obtain a RESERVED lock on the 6580 ** database file. This ensures that the journal file is not deleted 6581 ** while it is in use by some other client. 6582 */ 6583 sqlite3OsClose(pPager->jfd); 6584 if( pPager->eLock>=RESERVED_LOCK ){ 6585 sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0); 6586 }else{ 6587 int rc = SQLITE_OK; 6588 int state = pPager->eState; 6589 assert( state==PAGER_OPEN || state==PAGER_READER ); 6590 if( state==PAGER_OPEN ){ 6591 rc = sqlite3PagerSharedLock(pPager); 6592 } 6593 if( pPager->eState==PAGER_READER ){ 6594 assert( rc==SQLITE_OK ); 6595 rc = pagerLockDb(pPager, RESERVED_LOCK); 6596 } 6597 if( rc==SQLITE_OK ){ 6598 sqlite3OsDelete(pPager->pVfs, pPager->zJournal, 0); 6599 } 6600 if( rc==SQLITE_OK && state==PAGER_READER ){ 6601 pagerUnlockDb(pPager, SHARED_LOCK); 6602 }else if( state==PAGER_OPEN ){ 6603 pager_unlock(pPager); 6604 } 6605 assert( state==pPager->eState ); 6606 } 6607 } 6608 } 6609 6610 /* Return the new journal mode */ 6611 return (int)pPager->journalMode; 6612 } 6613 6614 /* 6615 ** Return the current journal mode. 6616 */ 6617 int sqlite3PagerGetJournalMode(Pager *pPager){ 6618 return (int)pPager->journalMode; 6619 } 6620 6621 /* 6622 ** Return TRUE if the pager is in a state where it is OK to change the 6623 ** journalmode. Journalmode changes can only happen when the database 6624 ** is unmodified. 6625 */ 6626 int sqlite3PagerOkToChangeJournalMode(Pager *pPager){ 6627 assert( assert_pager_state(pPager) ); 6628 if( pPager->eState>=PAGER_WRITER_CACHEMOD ) return 0; 6629 if( NEVER(isOpen(pPager->jfd) && pPager->journalOff>0) ) return 0; 6630 return 1; 6631 } 6632 6633 /* 6634 ** Get/set the size-limit used for persistent journal files. 6635 ** 6636 ** Setting the size limit to -1 means no limit is enforced. 6637 ** An attempt to set a limit smaller than -1 is a no-op. 6638 */ 6639 i64 sqlite3PagerJournalSizeLimit(Pager *pPager, i64 iLimit){ 6640 if( iLimit>=-1 ){ 6641 pPager->journalSizeLimit = iLimit; 6642 } 6643 return pPager->journalSizeLimit; 6644 } 6645 6646 /* 6647 ** Return a pointer to the pPager->pBackup variable. The backup module 6648 ** in backup.c maintains the content of this variable. This module 6649 ** uses it opaquely as an argument to sqlite3BackupRestart() and 6650 ** sqlite3BackupUpdate() only. 6651 */ 6652 sqlite3_backup **sqlite3PagerBackupPtr(Pager *pPager){ 6653 return &pPager->pBackup; 6654 } 6655 6656 #ifndef SQLITE_OMIT_WAL 6657 /* 6658 ** This function is called when the user invokes "PRAGMA wal_checkpoint", 6659 ** "PRAGMA wal_blocking_checkpoint" or calls the sqlite3_wal_checkpoint() 6660 ** or wal_blocking_checkpoint() API functions. 6661 ** 6662 ** Parameter eMode is one of SQLITE_CHECKPOINT_PASSIVE, FULL or RESTART. 6663 */ 6664 int sqlite3PagerCheckpoint(Pager *pPager, int eMode, int *pnLog, int *pnCkpt){ 6665 int rc = SQLITE_OK; 6666 if( pPager->pWal ){ 6667 rc = sqlite3WalCheckpoint(pPager->pWal, eMode, 6668 pPager->xBusyHandler, pPager->pBusyHandlerArg, 6669 pPager->ckptSyncFlags, pPager->pageSize, (u8 *)pPager->pTmpSpace, 6670 pnLog, pnCkpt 6671 ); 6672 } 6673 return rc; 6674 } 6675 6676 int sqlite3PagerWalCallback(Pager *pPager){ 6677 return sqlite3WalCallback(pPager->pWal); 6678 } 6679 6680 /* 6681 ** Return true if the underlying VFS for the given pager supports the 6682 ** primitives necessary for write-ahead logging. 6683 */ 6684 int sqlite3PagerWalSupported(Pager *pPager){ 6685 const sqlite3_io_methods *pMethods = pPager->fd->pMethods; 6686 return pPager->exclusiveMode || (pMethods->iVersion>=2 && pMethods->xShmMap); 6687 } 6688 6689 /* 6690 ** Attempt to take an exclusive lock on the database file. If a PENDING lock 6691 ** is obtained instead, immediately release it. 6692 */ 6693 static int pagerExclusiveLock(Pager *pPager){ 6694 int rc; /* Return code */ 6695 6696 assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK ); 6697 rc = pagerLockDb(pPager, EXCLUSIVE_LOCK); 6698 if( rc!=SQLITE_OK ){ 6699 /* If the attempt to grab the exclusive lock failed, release the 6700 ** pending lock that may have been obtained instead. */ 6701 pagerUnlockDb(pPager, SHARED_LOCK); 6702 } 6703 6704 return rc; 6705 } 6706 6707 /* 6708 ** Call sqlite3WalOpen() to open the WAL handle. If the pager is in 6709 ** exclusive-locking mode when this function is called, take an EXCLUSIVE 6710 ** lock on the database file and use heap-memory to store the wal-index 6711 ** in. Otherwise, use the normal shared-memory. 6712 */ 6713 static int pagerOpenWal(Pager *pPager){ 6714 int rc = SQLITE_OK; 6715 6716 assert( pPager->pWal==0 && pPager->tempFile==0 ); 6717 assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK || pPager->noReadlock); 6718 6719 /* If the pager is already in exclusive-mode, the WAL module will use 6720 ** heap-memory for the wal-index instead of the VFS shared-memory 6721 ** implementation. Take the exclusive lock now, before opening the WAL 6722 ** file, to make sure this is safe. 6723 */ 6724 if( pPager->exclusiveMode ){ 6725 rc = pagerExclusiveLock(pPager); 6726 } 6727 6728 /* Open the connection to the log file. If this operation fails, 6729 ** (e.g. due to malloc() failure), return an error code. 6730 */ 6731 if( rc==SQLITE_OK ){ 6732 rc = sqlite3WalOpen(pPager->pVfs, 6733 pPager->fd, pPager->zWal, pPager->exclusiveMode, &pPager->pWal 6734 ); 6735 } 6736 6737 return rc; 6738 } 6739 6740 6741 /* 6742 ** The caller must be holding a SHARED lock on the database file to call 6743 ** this function. 6744 ** 6745 ** If the pager passed as the first argument is open on a real database 6746 ** file (not a temp file or an in-memory database), and the WAL file 6747 ** is not already open, make an attempt to open it now. If successful, 6748 ** return SQLITE_OK. If an error occurs or the VFS used by the pager does 6749 ** not support the xShmXXX() methods, return an error code. *pbOpen is 6750 ** not modified in either case. 6751 ** 6752 ** If the pager is open on a temp-file (or in-memory database), or if 6753 ** the WAL file is already open, set *pbOpen to 1 and return SQLITE_OK 6754 ** without doing anything. 6755 */ 6756 int sqlite3PagerOpenWal( 6757 Pager *pPager, /* Pager object */ 6758 int *pbOpen /* OUT: Set to true if call is a no-op */ 6759 ){ 6760 int rc = SQLITE_OK; /* Return code */ 6761 6762 assert( assert_pager_state(pPager) ); 6763 assert( pPager->eState==PAGER_OPEN || pbOpen ); 6764 assert( pPager->eState==PAGER_READER || !pbOpen ); 6765 assert( pbOpen==0 || *pbOpen==0 ); 6766 assert( pbOpen!=0 || (!pPager->tempFile && !pPager->pWal) ); 6767 6768 if( !pPager->tempFile && !pPager->pWal ){ 6769 if( !sqlite3PagerWalSupported(pPager) ) return SQLITE_CANTOPEN; 6770 6771 /* Close any rollback journal previously open */ 6772 sqlite3OsClose(pPager->jfd); 6773 6774 rc = pagerOpenWal(pPager); 6775 if( rc==SQLITE_OK ){ 6776 pPager->journalMode = PAGER_JOURNALMODE_WAL; 6777 pPager->eState = PAGER_OPEN; 6778 } 6779 }else{ 6780 *pbOpen = 1; 6781 } 6782 6783 return rc; 6784 } 6785 6786 /* 6787 ** This function is called to close the connection to the log file prior 6788 ** to switching from WAL to rollback mode. 6789 ** 6790 ** Before closing the log file, this function attempts to take an 6791 ** EXCLUSIVE lock on the database file. If this cannot be obtained, an 6792 ** error (SQLITE_BUSY) is returned and the log connection is not closed. 6793 ** If successful, the EXCLUSIVE lock is not released before returning. 6794 */ 6795 int sqlite3PagerCloseWal(Pager *pPager){ 6796 int rc = SQLITE_OK; 6797 6798 assert( pPager->journalMode==PAGER_JOURNALMODE_WAL ); 6799 6800 /* If the log file is not already open, but does exist in the file-system, 6801 ** it may need to be checkpointed before the connection can switch to 6802 ** rollback mode. Open it now so this can happen. 6803 */ 6804 if( !pPager->pWal ){ 6805 int logexists = 0; 6806 rc = pagerLockDb(pPager, SHARED_LOCK); 6807 if( rc==SQLITE_OK ){ 6808 rc = sqlite3OsAccess( 6809 pPager->pVfs, pPager->zWal, SQLITE_ACCESS_EXISTS, &logexists 6810 ); 6811 } 6812 if( rc==SQLITE_OK && logexists ){ 6813 rc = pagerOpenWal(pPager); 6814 } 6815 } 6816 6817 /* Checkpoint and close the log. Because an EXCLUSIVE lock is held on 6818 ** the database file, the log and log-summary files will be deleted. 6819 */ 6820 if( rc==SQLITE_OK && pPager->pWal ){ 6821 rc = pagerExclusiveLock(pPager); 6822 if( rc==SQLITE_OK ){ 6823 rc = sqlite3WalClose(pPager->pWal, pPager->ckptSyncFlags, 6824 pPager->pageSize, (u8*)pPager->pTmpSpace); 6825 pPager->pWal = 0; 6826 } 6827 } 6828 return rc; 6829 } 6830 6831 #ifdef SQLITE_HAS_CODEC 6832 /* 6833 ** This function is called by the wal module when writing page content 6834 ** into the log file. 6835 ** 6836 ** This function returns a pointer to a buffer containing the encrypted 6837 ** page content. If a malloc fails, this function may return NULL. 6838 */ 6839 void *sqlite3PagerCodec(PgHdr *pPg){ 6840 void *aData = 0; 6841 CODEC2(pPg->pPager, pPg->pData, pPg->pgno, 6, return 0, aData); 6842 return aData; 6843 } 6844 #endif /* SQLITE_HAS_CODEC */ 6845 6846 #endif /* !SQLITE_OMIT_WAL */ 6847 6848 #endif /* SQLITE_OMIT_DISKIO */ 6849
