1 /*
2 ** 2004 April 6
3 **
4 ** The author disclaims copyright to this source code. In place of
5 ** a legal notice, here is a blessing:
6 **
7 ** May you do good and not evil.
8 ** May you find forgiveness for yourself and forgive others.
9 ** May you share freely, never taking more than you give.
10 **
11 *************************************************************************
12 ** This file implements a external (disk-based) database using BTrees.
13 ** See the header comment on "btreeInt.h" for additional information.
14 ** Including a description of file format and an overview of operation.
15 */
16 #include "btreeInt.h"
17
18 /*
19 ** The header string that appears at the beginning of every
20 ** SQLite database.
21 */
22 static const char zMagicHeader[] = SQLITE_FILE_HEADER;
23
24 /*
25 ** Set this global variable to 1 to enable tracing using the TRACE
26 ** macro.
27 */
28 #if 0
29 int sqlite3BtreeTrace=1; /* True to enable tracing */
30 # define TRACE(X) if(sqlite3BtreeTrace){printf X;fflush(stdout);}
31 #else
32 # define TRACE(X)
33 #endif
34
35 /*
36 ** Extract a 2-byte big-endian integer from an array of unsigned bytes.
37 ** But if the value is zero, make it 65536.
38 **
39 ** This routine is used to extract the "offset to cell content area" value
40 ** from the header of a btree page. If the page size is 65536 and the page
41 ** is empty, the offset should be 65536, but the 2-byte value stores zero.
42 ** This routine makes the necessary adjustment to 65536.
43 */
44 #define get2byteNotZero(X) (((((int)get2byte(X))-1)&0xffff)+1)
45
46 #ifndef SQLITE_OMIT_SHARED_CACHE
47 /*
48 ** A list of BtShared objects that are eligible for participation
49 ** in shared cache. This variable has file scope during normal builds,
50 ** but the test harness needs to access it so we make it global for
51 ** test builds.
52 **
53 ** Access to this variable is protected by SQLITE_MUTEX_STATIC_MASTER.
54 */
55 #ifdef SQLITE_TEST
56 BtShared *SQLITE_WSD sqlite3SharedCacheList = 0;
57 #else
58 static BtShared *SQLITE_WSD sqlite3SharedCacheList = 0;
59 #endif
60 #endif /* SQLITE_OMIT_SHARED_CACHE */
61
62 #ifndef SQLITE_OMIT_SHARED_CACHE
63 /*
64 ** Enable or disable the shared pager and schema features.
65 **
66 ** This routine has no effect on existing database connections.
67 ** The shared cache setting effects only future calls to
68 ** sqlite3_open(), sqlite3_open16(), or sqlite3_open_v2().
69 */
70 int sqlite3_enable_shared_cache(int enable){
71 sqlite3GlobalConfig.sharedCacheEnabled = enable;
72 return SQLITE_OK;
73 }
74 #endif
75
76
77
78 #ifdef SQLITE_OMIT_SHARED_CACHE
79 /*
80 ** The functions querySharedCacheTableLock(), setSharedCacheTableLock(),
81 ** and clearAllSharedCacheTableLocks()
82 ** manipulate entries in the BtShared.pLock linked list used to store
83 ** shared-cache table level locks. If the library is compiled with the
84 ** shared-cache feature disabled, then there is only ever one user
85 ** of each BtShared structure and so this locking is not necessary.
86 ** So define the lock related functions as no-ops.
87 */
88 #define querySharedCacheTableLock(a,b,c) SQLITE_OK
89 #define setSharedCacheTableLock(a,b,c) SQLITE_OK
90 #define clearAllSharedCacheTableLocks(a)
91 #define downgradeAllSharedCacheTableLocks(a)
92 #define hasSharedCacheTableLock(a,b,c,d) 1
93 #define hasReadConflicts(a, b) 0
94 #endif
95
96 #ifndef SQLITE_OMIT_SHARED_CACHE
97
98 #ifdef SQLITE_DEBUG
99 /*
100 **** This function is only used as part of an assert() statement. ***
101 **
102 ** Check to see if pBtree holds the required locks to read or write to the
103 ** table with root page iRoot. Return 1 if it does and 0 if not.
104 **
105 ** For example, when writing to a table with root-page iRoot via
106 ** Btree connection pBtree:
107 **
108 ** assert( hasSharedCacheTableLock(pBtree, iRoot, 0, WRITE_LOCK) );
109 **
110 ** When writing to an index that resides in a sharable database, the
111 ** caller should have first obtained a lock specifying the root page of
112 ** the corresponding table. This makes things a bit more complicated,
113 ** as this module treats each table as a separate structure. To determine
114 ** the table corresponding to the index being written, this
115 ** function has to search through the database schema.
116 **
117 ** Instead of a lock on the table/index rooted at page iRoot, the caller may
118 ** hold a write-lock on the schema table (root page 1). This is also
119 ** acceptable.
120 */
121 static int hasSharedCacheTableLock(
122 Btree *pBtree, /* Handle that must hold lock */
123 Pgno iRoot, /* Root page of b-tree */
124 int isIndex, /* True if iRoot is the root of an index b-tree */
125 int eLockType /* Required lock type (READ_LOCK or WRITE_LOCK) */
126 ){
127 Schema *pSchema = (Schema *)pBtree->pBt->pSchema;
128 Pgno iTab = 0;
129 BtLock *pLock;
130
131 /* If this database is not shareable, or if the client is reading
132 ** and has the read-uncommitted flag set, then no lock is required.
133 ** Return true immediately.
134 */
135 if( (pBtree->sharable==0)
136 || (eLockType==READ_LOCK && (pBtree->db->flags & SQLITE_ReadUncommitted))
137 ){
138 return 1;
139 }
140
141 /* If the client is reading or writing an index and the schema is
142 ** not loaded, then it is too difficult to actually check to see if
143 ** the correct locks are held. So do not bother - just return true.
144 ** This case does not come up very often anyhow.
145 */
146 if( isIndex && (!pSchema || (pSchema->flags&DB_SchemaLoaded)==0) ){
147 return 1;
148 }
149
150 /* Figure out the root-page that the lock should be held on. For table
151 ** b-trees, this is just the root page of the b-tree being read or
152 ** written. For index b-trees, it is the root page of the associated
153 ** table. */
154 if( isIndex ){
155 HashElem *p;
156 for(p=sqliteHashFirst(&pSchema->idxHash); p; p=sqliteHashNext(p)){
157 Index *pIdx = (Index *)sqliteHashData(p);
158 if( pIdx->tnum==(int)iRoot ){
159 iTab = pIdx->pTable->tnum;
160 }
161 }
162 }else{
163 iTab = iRoot;
164 }
165
166 /* Search for the required lock. Either a write-lock on root-page iTab, a
167 ** write-lock on the schema table, or (if the client is reading) a
168 ** read-lock on iTab will suffice. Return 1 if any of these are found. */
169 for(pLock=pBtree->pBt->pLock; pLock; pLock=pLock->pNext){
170 if( pLock->pBtree==pBtree
171 && (pLock->iTable==iTab || (pLock->eLock==WRITE_LOCK && pLock->iTable==1))
172 && pLock->eLock>=eLockType
173 ){
174 return 1;
175 }
176 }
177
178 /* Failed to find the required lock. */
179 return 0;
180 }
181 #endif /* SQLITE_DEBUG */
182
183 #ifdef SQLITE_DEBUG
184 /*
185 **** This function may be used as part of assert() statements only. ****
186 **
187 ** Return true if it would be illegal for pBtree to write into the
188 ** table or index rooted at iRoot because other shared connections are
189 ** simultaneously reading that same table or index.
190 **
191 ** It is illegal for pBtree to write if some other Btree object that
192 ** shares the same BtShared object is currently reading or writing
193 ** the iRoot table. Except, if the other Btree object has the
194 ** read-uncommitted flag set, then it is OK for the other object to
195 ** have a read cursor.
196 **
197 ** For example, before writing to any part of the table or index
198 ** rooted at page iRoot, one should call:
199 **
200 ** assert( !hasReadConflicts(pBtree, iRoot) );
201 */
202 static int hasReadConflicts(Btree *pBtree, Pgno iRoot){
203 BtCursor *p;
204 for(p=pBtree->pBt->pCursor; p; p=p->pNext){
205 if( p->pgnoRoot==iRoot
206 && p->pBtree!=pBtree
207 && 0==(p->pBtree->db->flags & SQLITE_ReadUncommitted)
208 ){
209 return 1;
210 }
211 }
212 return 0;
213 }
214 #endif /* #ifdef SQLITE_DEBUG */
215
216 /*
217 ** Query to see if Btree handle p may obtain a lock of type eLock
218 ** (READ_LOCK or WRITE_LOCK) on the table with root-page iTab. Return
219 ** SQLITE_OK if the lock may be obtained (by calling
220 ** setSharedCacheTableLock()), or SQLITE_LOCKED if not.
221 */
222 static int querySharedCacheTableLock(Btree *p, Pgno iTab, u8 eLock){
223 BtShared *pBt = p->pBt;
224 BtLock *pIter;
225
226 assert( sqlite3BtreeHoldsMutex(p) );
227 assert( eLock==READ_LOCK || eLock==WRITE_LOCK );
228 assert( p->db!=0 );
229 assert( !(p->db->flags&SQLITE_ReadUncommitted)||eLock==WRITE_LOCK||iTab==1 );
230
231 /* If requesting a write-lock, then the Btree must have an open write
232 ** transaction on this file. And, obviously, for this to be so there
233 ** must be an open write transaction on the file itself.
234 */
235 assert( eLock==READ_LOCK || (p==pBt->pWriter && p->inTrans==TRANS_WRITE) );
236 assert( eLock==READ_LOCK || pBt->inTransaction==TRANS_WRITE );
237
238 /* This routine is a no-op if the shared-cache is not enabled */
239 if( !p->sharable ){
240 return SQLITE_OK;
241 }
242
243 /* If some other connection is holding an exclusive lock, the
244 ** requested lock may not be obtained.
245 */
246 if( pBt->pWriter!=p && pBt->isExclusive ){
247 sqlite3ConnectionBlocked(p->db, pBt->pWriter->db);
248 return SQLITE_LOCKED_SHAREDCACHE;
249 }
250
251 for(pIter=pBt->pLock; pIter; pIter=pIter->pNext){
252 /* The condition (pIter->eLock!=eLock) in the following if(...)
253 ** statement is a simplification of:
254 **
255 ** (eLock==WRITE_LOCK || pIter->eLock==WRITE_LOCK)
256 **
257 ** since we know that if eLock==WRITE_LOCK, then no other connection
258 ** may hold a WRITE_LOCK on any table in this file (since there can
259 ** only be a single writer).
260 */
261 assert( pIter->eLock==READ_LOCK || pIter->eLock==WRITE_LOCK );
262 assert( eLock==READ_LOCK || pIter->pBtree==p || pIter->eLock==READ_LOCK);
263 if( pIter->pBtree!=p && pIter->iTable==iTab && pIter->eLock!=eLock ){
264 sqlite3ConnectionBlocked(p->db, pIter->pBtree->db);
265 if( eLock==WRITE_LOCK ){
266 assert( p==pBt->pWriter );
267 pBt->isPending = 1;
268 }
269 return SQLITE_LOCKED_SHAREDCACHE;
270 }
271 }
272 return SQLITE_OK;
273 }
274 #endif /* !SQLITE_OMIT_SHARED_CACHE */
275
276 #ifndef SQLITE_OMIT_SHARED_CACHE
277 /*
278 ** Add a lock on the table with root-page iTable to the shared-btree used
279 ** by Btree handle p. Parameter eLock must be either READ_LOCK or
280 ** WRITE_LOCK.
281 **
282 ** This function assumes the following:
283 **
284 ** (a) The specified Btree object p is connected to a sharable
285 ** database (one with the BtShared.sharable flag set), and
286 **
287 ** (b) No other Btree objects hold a lock that conflicts
288 ** with the requested lock (i.e. querySharedCacheTableLock() has
289 ** already been called and returned SQLITE_OK).
290 **
291 ** SQLITE_OK is returned if the lock is added successfully. SQLITE_NOMEM
292 ** is returned if a malloc attempt fails.
293 */
294 static int setSharedCacheTableLock(Btree *p, Pgno iTable, u8 eLock){
295 BtShared *pBt = p->pBt;
296 BtLock *pLock = 0;
297 BtLock *pIter;
298
299 assert( sqlite3BtreeHoldsMutex(p) );
300 assert( eLock==READ_LOCK || eLock==WRITE_LOCK );
301 assert( p->db!=0 );
302
303 /* A connection with the read-uncommitted flag set will never try to
304 ** obtain a read-lock using this function. The only read-lock obtained
305 ** by a connection in read-uncommitted mode is on the sqlite_master
306 ** table, and that lock is obtained in BtreeBeginTrans(). */
307 assert( 0==(p->db->flags&SQLITE_ReadUncommitted) || eLock==WRITE_LOCK );
308
309 /* This function should only be called on a sharable b-tree after it
310 ** has been determined that no other b-tree holds a conflicting lock. */
311 assert( p->sharable );
312 assert( SQLITE_OK==querySharedCacheTableLock(p, iTable, eLock) );
313
314 /* First search the list for an existing lock on this table. */
315 for(pIter=pBt->pLock; pIter; pIter=pIter->pNext){
316 if( pIter->iTable==iTable && pIter->pBtree==p ){
317 pLock = pIter;
318 break;
319 }
320 }
321
322 /* If the above search did not find a BtLock struct associating Btree p
323 ** with table iTable, allocate one and link it into the list.
324 */
325 if( !pLock ){
326 pLock = (BtLock *)sqlite3MallocZero(sizeof(BtLock));
327 if( !pLock ){
328 return SQLITE_NOMEM;
329 }
330 pLock->iTable = iTable;
331 pLock->pBtree = p;
332 pLock->pNext = pBt->pLock;
333 pBt->pLock = pLock;
334 }
335
336 /* Set the BtLock.eLock variable to the maximum of the current lock
337 ** and the requested lock. This means if a write-lock was already held
338 ** and a read-lock requested, we don't incorrectly downgrade the lock.
339 */
340 assert( WRITE_LOCK>READ_LOCK );
341 if( eLock>pLock->eLock ){
342 pLock->eLock = eLock;
343 }
344
345 return SQLITE_OK;
346 }
347 #endif /* !SQLITE_OMIT_SHARED_CACHE */
348
349 #ifndef SQLITE_OMIT_SHARED_CACHE
350 /*
351 ** Release all the table locks (locks obtained via calls to
352 ** the setSharedCacheTableLock() procedure) held by Btree object p.
353 **
354 ** This function assumes that Btree p has an open read or write
355 ** transaction. If it does not, then the BtShared.isPending variable
356 ** may be incorrectly cleared.
357 */
358 static void clearAllSharedCacheTableLocks(Btree *p){
359 BtShared *pBt = p->pBt;
360 BtLock **ppIter = &pBt->pLock;
361
362 assert( sqlite3BtreeHoldsMutex(p) );
363 assert( p->sharable || 0==*ppIter );
364 assert( p->inTrans>0 );
365
366 while( *ppIter ){
367 BtLock *pLock = *ppIter;
368 assert( pBt->isExclusive==0 || pBt->pWriter==pLock->pBtree );
369 assert( pLock->pBtree->inTrans>=pLock->eLock );
370 if( pLock->pBtree==p ){
371 *ppIter = pLock->pNext;
372 assert( pLock->iTable!=1 || pLock==&p->lock );
373 if( pLock->iTable!=1 ){
374 sqlite3_free(pLock);
375 }
376 }else{
377 ppIter = &pLock->pNext;
378 }
379 }
380
381 assert( pBt->isPending==0 || pBt->pWriter );
382 if( pBt->pWriter==p ){
383 pBt->pWriter = 0;
384 pBt->isExclusive = 0;
385 pBt->isPending = 0;
386 }else if( pBt->nTransaction==2 ){
387 /* This function is called when Btree p is concluding its
388 ** transaction. If there currently exists a writer, and p is not
389 ** that writer, then the number of locks held by connections other
390 ** than the writer must be about to drop to zero. In this case
391 ** set the isPending flag to 0.
392 **
393 ** If there is not currently a writer, then BtShared.isPending must
394 ** be zero already. So this next line is harmless in that case.
395 */
396 pBt->isPending = 0;
397 }
398 }
399
400 /*
401 ** This function changes all write-locks held by Btree p into read-locks.
402 */
403 static void downgradeAllSharedCacheTableLocks(Btree *p){
404 BtShared *pBt = p->pBt;
405 if( pBt->pWriter==p ){
406 BtLock *pLock;
407 pBt->pWriter = 0;
408 pBt->isExclusive = 0;
409 pBt->isPending = 0;
410 for(pLock=pBt->pLock; pLock; pLock=pLock->pNext){
411 assert( pLock->eLock==READ_LOCK || pLock->pBtree==p );
412 pLock->eLock = READ_LOCK;
413 }
414 }
415 }
416
417 #endif /* SQLITE_OMIT_SHARED_CACHE */
418
419 static void releasePage(MemPage *pPage); /* Forward reference */
420
421 /*
422 ***** This routine is used inside of assert() only ****
423 **
424 ** Verify that the cursor holds the mutex on its BtShared
425 */
426 #ifdef SQLITE_DEBUG
427 static int cursorHoldsMutex(BtCursor *p){
428 return sqlite3_mutex_held(p->pBt->mutex);
429 }
430 #endif
431
432
433 #ifndef SQLITE_OMIT_INCRBLOB
434 /*
435 ** Invalidate the overflow page-list cache for cursor pCur, if any.
436 */
437 static void invalidateOverflowCache(BtCursor *pCur){
438 assert( cursorHoldsMutex(pCur) );
439 sqlite3_free(pCur->aOverflow);
440 pCur->aOverflow = 0;
441 }
442
443 /*
444 ** Invalidate the overflow page-list cache for all cursors opened
445 ** on the shared btree structure pBt.
446 */
447 static void invalidateAllOverflowCache(BtShared *pBt){
448 BtCursor *p;
449 assert( sqlite3_mutex_held(pBt->mutex) );
450 for(p=pBt->pCursor; p; p=p->pNext){
451 invalidateOverflowCache(p);
452 }
453 }
454
455 /*
456 ** This function is called before modifying the contents of a table
457 ** to invalidate any incrblob cursors that are open on the
458 ** row or one of the rows being modified.
459 **
460 ** If argument isClearTable is true, then the entire contents of the
461 ** table is about to be deleted. In this case invalidate all incrblob
462 ** cursors open on any row within the table with root-page pgnoRoot.
463 **
464 ** Otherwise, if argument isClearTable is false, then the row with
465 ** rowid iRow is being replaced or deleted. In this case invalidate
466 ** only those incrblob cursors open on that specific row.
467 */
468 static void invalidateIncrblobCursors(
469 Btree *pBtree, /* The database file to check */
470 i64 iRow, /* The rowid that might be changing */
471 int isClearTable /* True if all rows are being deleted */
472 ){
473 BtCursor *p;
474 BtShared *pBt = pBtree->pBt;
475 assert( sqlite3BtreeHoldsMutex(pBtree) );
476 for(p=pBt->pCursor; p; p=p->pNext){
477 if( p->isIncrblobHandle && (isClearTable || p->info.nKey==iRow) ){
478 p->eState = CURSOR_INVALID;
479 }
480 }
481 }
482
483 #else
484 /* Stub functions when INCRBLOB is omitted */
485 #define invalidateOverflowCache(x)
486 #define invalidateAllOverflowCache(x)
487 #define invalidateIncrblobCursors(x,y,z)
488 #endif /* SQLITE_OMIT_INCRBLOB */
489
490 /*
491 ** Set bit pgno of the BtShared.pHasContent bitvec. This is called
492 ** when a page that previously contained data becomes a free-list leaf
493 ** page.
494 **
495 ** The BtShared.pHasContent bitvec exists to work around an obscure
496 ** bug caused by the interaction of two useful IO optimizations surrounding
497 ** free-list leaf pages:
498 **
499 ** 1) When all data is deleted from a page and the page becomes
500 ** a free-list leaf page, the page is not written to the database
501 ** (as free-list leaf pages contain no meaningful data). Sometimes
502 ** such a page is not even journalled (as it will not be modified,
503 ** why bother journalling it?).
504 **
505 ** 2) When a free-list leaf page is reused, its content is not read
506 ** from the database or written to the journal file (why should it
507 ** be, if it is not at all meaningful?).
508 **
509 ** By themselves, these optimizations work fine and provide a handy
510 ** performance boost to bulk delete or insert operations. However, if
511 ** a page is moved to the free-list and then reused within the same
512 ** transaction, a problem comes up. If the page is not journalled when
513 ** it is moved to the free-list and it is also not journalled when it
514 ** is extracted from the free-list and reused, then the original data
515 ** may be lost. In the event of a rollback, it may not be possible
516 ** to restore the database to its original configuration.
517 **
518 ** The solution is the BtShared.pHasContent bitvec. Whenever a page is
519 ** moved to become a free-list leaf page, the corresponding bit is
520 ** set in the bitvec. Whenever a leaf page is extracted from the free-list,
521 ** optimization 2 above is omitted if the corresponding bit is already
522 ** set in BtShared.pHasContent. The contents of the bitvec are cleared
523 ** at the end of every transaction.
524 */
525 static int btreeSetHasContent(BtShared *pBt, Pgno pgno){
526 int rc = SQLITE_OK;
527 if( !pBt->pHasContent ){
528 assert( pgno<=pBt->nPage );
529 pBt->pHasContent = sqlite3BitvecCreate(pBt->nPage);
530 if( !pBt->pHasContent ){
531 rc = SQLITE_NOMEM;
532 }
533 }
534 if( rc==SQLITE_OK && pgno<=sqlite3BitvecSize(pBt->pHasContent) ){
535 rc = sqlite3BitvecSet(pBt->pHasContent, pgno);
536 }
537 return rc;
538 }
539
540 /*
541 ** Query the BtShared.pHasContent vector.
542 **
543 ** This function is called when a free-list leaf page is removed from the
544 ** free-list for reuse. It returns false if it is safe to retrieve the
545 ** page from the pager layer with the 'no-content' flag set. True otherwise.
546 */
547 static int btreeGetHasContent(BtShared *pBt, Pgno pgno){
548 Bitvec *p = pBt->pHasContent;
549 return (p && (pgno>sqlite3BitvecSize(p) || sqlite3BitvecTest(p, pgno)));
550 }
551
552 /*
553 ** Clear (destroy) the BtShared.pHasContent bitvec. This should be
554 ** invoked at the conclusion of each write-transaction.
555 */
556 static void btreeClearHasContent(BtShared *pBt){
557 sqlite3BitvecDestroy(pBt->pHasContent);
558 pBt->pHasContent = 0;
559 }
560
561 /*
562 ** Save the current cursor position in the variables BtCursor.nKey
563 ** and BtCursor.pKey. The cursor's state is set to CURSOR_REQUIRESEEK.
564 **
565 ** The caller must ensure that the cursor is valid (has eState==CURSOR_VALID)
566 ** prior to calling this routine.
567 */
568 static int saveCursorPosition(BtCursor *pCur){
569 int rc;
570
571 assert( CURSOR_VALID==pCur->eState );
572 assert( 0==pCur->pKey );
573 assert( cursorHoldsMutex(pCur) );
574
575 rc = sqlite3BtreeKeySize(pCur, &pCur->nKey);
576 assert( rc==SQLITE_OK ); /* KeySize() cannot fail */
577
578 /* If this is an intKey table, then the above call to BtreeKeySize()
579 ** stores the integer key in pCur->nKey. In this case this value is
580 ** all that is required. Otherwise, if pCur is not open on an intKey
581 ** table, then malloc space for and store the pCur->nKey bytes of key
582 ** data.
583 */
584 if( 0==pCur->apPage[0]->intKey ){
585 void *pKey = sqlite3Malloc( (int)pCur->nKey );
586 if( pKey ){
587 rc = sqlite3BtreeKey(pCur, 0, (int)pCur->nKey, pKey);
588 if( rc==SQLITE_OK ){
589 pCur->pKey = pKey;
590 }else{
591 sqlite3_free(pKey);
592 }
593 }else{
594 rc = SQLITE_NOMEM;
595 }
596 }
597 assert( !pCur->apPage[0]->intKey || !pCur->pKey );
598
599 if( rc==SQLITE_OK ){
600 int i;
601 for(i=0; i<=pCur->iPage; i++){
602 releasePage(pCur->apPage[i]);
603 pCur->apPage[i] = 0;
604 }
605 pCur->iPage = -1;
606 pCur->eState = CURSOR_REQUIRESEEK;
607 }
608
609 invalidateOverflowCache(pCur);
610 return rc;
611 }
612
613 /*
614 ** Save the positions of all cursors (except pExcept) that are open on
615 ** the table with root-page iRoot. Usually, this is called just before cursor
616 ** pExcept is used to modify the table (BtreeDelete() or BtreeInsert()).
617 */
618 static int saveAllCursors(BtShared *pBt, Pgno iRoot, BtCursor *pExcept){
619 BtCursor *p;
620 assert( sqlite3_mutex_held(pBt->mutex) );
621 assert( pExcept==0 || pExcept->pBt==pBt );
622 for(p=pBt->pCursor; p; p=p->pNext){
623 if( p!=pExcept && (0==iRoot || p->pgnoRoot==iRoot) &&
624 p->eState==CURSOR_VALID ){
625 int rc = saveCursorPosition(p);
626 if( SQLITE_OK!=rc ){
627 return rc;
628 }
629 }
630 }
631 return SQLITE_OK;
632 }
633
634 /*
635 ** Clear the current cursor position.
636 */
637 void sqlite3BtreeClearCursor(BtCursor *pCur){
638 assert( cursorHoldsMutex(pCur) );
639 sqlite3_free(pCur->pKey);
640 pCur->pKey = 0;
641 pCur->eState = CURSOR_INVALID;
642 }
643
644 /*
645 ** In this version of BtreeMoveto, pKey is a packed index record
646 ** such as is generated by the OP_MakeRecord opcode. Unpack the
647 ** record and then call BtreeMovetoUnpacked() to do the work.
648 */
649 static int btreeMoveto(
650 BtCursor *pCur, /* Cursor open on the btree to be searched */
651 const void *pKey, /* Packed key if the btree is an index */
652 i64 nKey, /* Integer key for tables. Size of pKey for indices */
653 int bias, /* Bias search to the high end */
654 int *pRes /* Write search results here */
655 ){
656 int rc; /* Status code */
657 UnpackedRecord *pIdxKey; /* Unpacked index key */
658 char aSpace[150]; /* Temp space for pIdxKey - to avoid a malloc */
659 char *pFree = 0;
660
661 if( pKey ){
662 assert( nKey==(i64)(int)nKey );
663 pIdxKey = sqlite3VdbeAllocUnpackedRecord(
664 pCur->pKeyInfo, aSpace, sizeof(aSpace), &pFree
665 );
666 if( pIdxKey==0 ) return SQLITE_NOMEM;
667 sqlite3VdbeRecordUnpack(pCur->pKeyInfo, (int)nKey, pKey, pIdxKey);
668 }else{
669 pIdxKey = 0;
670 }
671 rc = sqlite3BtreeMovetoUnpacked(pCur, pIdxKey, nKey, bias, pRes);
672 if( pFree ){
673 sqlite3DbFree(pCur->pKeyInfo->db, pFree);
674 }
675 return rc;
676 }
677
678 /*
679 ** Restore the cursor to the position it was in (or as close to as possible)
680 ** when saveCursorPosition() was called. Note that this call deletes the
681 ** saved position info stored by saveCursorPosition(), so there can be
682 ** at most one effective restoreCursorPosition() call after each
683 ** saveCursorPosition().
684 */
685 static int btreeRestoreCursorPosition(BtCursor *pCur){
686 int rc;
687 assert( cursorHoldsMutex(pCur) );
688 assert( pCur->eState>=CURSOR_REQUIRESEEK );
689 if( pCur->eState==CURSOR_FAULT ){
690 return pCur->skipNext;
691 }
692 pCur->eState = CURSOR_INVALID;
693 rc = btreeMoveto(pCur, pCur->pKey, pCur->nKey, 0, &pCur->skipNext);
694 if( rc==SQLITE_OK ){
695 sqlite3_free(pCur->pKey);
696 pCur->pKey = 0;
697 assert( pCur->eState==CURSOR_VALID || pCur->eState==CURSOR_INVALID );
698 }
699 return rc;
700 }
701
702 #define restoreCursorPosition(p) \
703 (p->eState>=CURSOR_REQUIRESEEK ? \
704 btreeRestoreCursorPosition(p) : \
705 SQLITE_OK)
706
707 /*
708 ** Determine whether or not a cursor has moved from the position it
709 ** was last placed at. Cursors can move when the row they are pointing
710 ** at is deleted out from under them.
711 **
712 ** This routine returns an error code if something goes wrong. The
713 ** integer *pHasMoved is set to one if the cursor has moved and 0 if not.
714 */
715 int sqlite3BtreeCursorHasMoved(BtCursor *pCur, int *pHasMoved){
716 int rc;
717
718 rc = restoreCursorPosition(pCur);
719 if( rc ){
720 *pHasMoved = 1;
721 return rc;
722 }
723 if( pCur->eState!=CURSOR_VALID || pCur->skipNext!=0 ){
724 *pHasMoved = 1;
725 }else{
726 *pHasMoved = 0;
727 }
728 return SQLITE_OK;
729 }
730
731 #ifndef SQLITE_OMIT_AUTOVACUUM
732 /*
733 ** Given a page number of a regular database page, return the page
734 ** number for the pointer-map page that contains the entry for the
735 ** input page number.
736 **
737 ** Return 0 (not a valid page) for pgno==1 since there is
738 ** no pointer map associated with page 1. The integrity_check logic
739 ** requires that ptrmapPageno(*,1)!=1.
740 */
741 static Pgno ptrmapPageno(BtShared *pBt, Pgno pgno){
742 int nPagesPerMapPage;
743 Pgno iPtrMap, ret;
744 assert( sqlite3_mutex_held(pBt->mutex) );
745 if( pgno<2 ) return 0;
746 nPagesPerMapPage = (pBt->usableSize/5)+1;
747 iPtrMap = (pgno-2)/nPagesPerMapPage;
748 ret = (iPtrMap*nPagesPerMapPage) + 2;
749 if( ret==PENDING_BYTE_PAGE(pBt) ){
750 ret++;
751 }
752 return ret;
753 }
754
755 /*
756 ** Write an entry into the pointer map.
757 **
758 ** This routine updates the pointer map entry for page number 'key'
759 ** so that it maps to type 'eType' and parent page number 'pgno'.
760 **
761 ** If *pRC is initially non-zero (non-SQLITE_OK) then this routine is
762 ** a no-op. If an error occurs, the appropriate error code is written
763 ** into *pRC.
764 */
765 static void ptrmapPut(BtShared *pBt, Pgno key, u8 eType, Pgno parent, int *pRC){
766 DbPage *pDbPage; /* The pointer map page */
767 u8 *pPtrmap; /* The pointer map data */
768 Pgno iPtrmap; /* The pointer map page number */
769 int offset; /* Offset in pointer map page */
770 int rc; /* Return code from subfunctions */
771
772 if( *pRC ) return;
773
774 assert( sqlite3_mutex_held(pBt->mutex) );
775 /* The master-journal page number must never be used as a pointer map page */
776 assert( 0==PTRMAP_ISPAGE(pBt, PENDING_BYTE_PAGE(pBt)) );
777
778 assert( pBt->autoVacuum );
779 if( key==0 ){
780 *pRC = SQLITE_CORRUPT_BKPT;
781 return;
782 }
783 iPtrmap = PTRMAP_PAGENO(pBt, key);
784 rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage);
785 if( rc!=SQLITE_OK ){
786 *pRC = rc;
787 return;
788 }
789 offset = PTRMAP_PTROFFSET(iPtrmap, key);
790 if( offset<0 ){
791 *pRC = SQLITE_CORRUPT_BKPT;
792 goto ptrmap_exit;
793 }
794 assert( offset <= (int)pBt->usableSize-5 );
795 pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
796
797 if( eType!=pPtrmap[offset] || get4byte(&pPtrmap[offset+1])!=parent ){
798 TRACE(("PTRMAP_UPDATE: %d->(%d,%d)\n", key, eType, parent));
799 *pRC= rc = sqlite3PagerWrite(pDbPage);
800 if( rc==SQLITE_OK ){
801 pPtrmap[offset] = eType;
802 put4byte(&pPtrmap[offset+1], parent);
803 }
804 }
805
806 ptrmap_exit:
807 sqlite3PagerUnref(pDbPage);
808 }
809
810 /*
811 ** Read an entry from the pointer map.
812 **
813 ** This routine retrieves the pointer map entry for page 'key', writing
814 ** the type and parent page number to *pEType and *pPgno respectively.
815 ** An error code is returned if something goes wrong, otherwise SQLITE_OK.
816 */
817 static int ptrmapGet(BtShared *pBt, Pgno key, u8 *pEType, Pgno *pPgno){
818 DbPage *pDbPage; /* The pointer map page */
819 int iPtrmap; /* Pointer map page index */
820 u8 *pPtrmap; /* Pointer map page data */
821 int offset; /* Offset of entry in pointer map */
822 int rc;
823
824 assert( sqlite3_mutex_held(pBt->mutex) );
825
826 iPtrmap = PTRMAP_PAGENO(pBt, key);
827 rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage);
828 if( rc!=0 ){
829 return rc;
830 }
831 pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
832
833 offset = PTRMAP_PTROFFSET(iPtrmap, key);
834 if( offset<0 ){
835 sqlite3PagerUnref(pDbPage);
836 return SQLITE_CORRUPT_BKPT;
837 }
838 assert( offset <= (int)pBt->usableSize-5 );
839 assert( pEType!=0 );
840 *pEType = pPtrmap[offset];
841 if( pPgno ) *pPgno = get4byte(&pPtrmap[offset+1]);
842
843 sqlite3PagerUnref(pDbPage);
844 if( *pEType<1 || *pEType>5 ) return SQLITE_CORRUPT_BKPT;
845 return SQLITE_OK;
846 }
847
848 #else /* if defined SQLITE_OMIT_AUTOVACUUM */
849 #define ptrmapPut(w,x,y,z,rc)
850 #define ptrmapGet(w,x,y,z) SQLITE_OK
851 #define ptrmapPutOvflPtr(x, y, rc)
852 #endif
853
854 /*
855 ** Given a btree page and a cell index (0 means the first cell on
856 ** the page, 1 means the second cell, and so forth) return a pointer
857 ** to the cell content.
858 **
859 ** This routine works only for pages that do not contain overflow cells.
860 */
861 #define findCell(P,I) \
862 ((P)->aData + ((P)->maskPage & get2byte(&(P)->aCellIdx[2*(I)])))
863 #define findCellv2(D,M,O,I) (D+(M&get2byte(D+(O+2*(I)))))
864
865
866 /*
867 ** This a more complex version of findCell() that works for
868 ** pages that do contain overflow cells.
869 */
870 static u8 *findOverflowCell(MemPage *pPage, int iCell){
871 int i;
872 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
873 for(i=pPage->nOverflow-1; i>=0; i--){
874 int k;
875 struct _OvflCell *pOvfl;
876 pOvfl = &pPage->aOvfl[i];
877 k = pOvfl->idx;
878 if( k<=iCell ){
879 if( k==iCell ){
880 return pOvfl->pCell;
881 }
882 iCell--;
883 }
884 }
885 return findCell(pPage, iCell);
886 }
887
888 /*
889 ** Parse a cell content block and fill in the CellInfo structure. There
890 ** are two versions of this function. btreeParseCell() takes a
891 ** cell index as the second argument and btreeParseCellPtr()
892 ** takes a pointer to the body of the cell as its second argument.
893 **
894 ** Within this file, the parseCell() macro can be called instead of
895 ** btreeParseCellPtr(). Using some compilers, this will be faster.
896 */
897 static void btreeParseCellPtr(
898 MemPage *pPage, /* Page containing the cell */
899 u8 *pCell, /* Pointer to the cell text. */
900 CellInfo *pInfo /* Fill in this structure */
901 ){
902 u16 n; /* Number bytes in cell content header */
903 u32 nPayload; /* Number of bytes of cell payload */
904
905 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
906
907 pInfo->pCell = pCell;
908 assert( pPage->leaf==0 || pPage->leaf==1 );
909 n = pPage->childPtrSize;
910 assert( n==4-4*pPage->leaf );
911 if( pPage->intKey ){
912 if( pPage->hasData ){
913 n += getVarint32(&pCell[n], nPayload);
914 }else{
915 nPayload = 0;
916 }
917 n += getVarint(&pCell[n], (u64*)&pInfo->nKey);
918 pInfo->nData = nPayload;
919 }else{
920 pInfo->nData = 0;
921 n += getVarint32(&pCell[n], nPayload);
922 pInfo->nKey = nPayload;
923 }
924 pInfo->nPayload = nPayload;
925 pInfo->nHeader = n;
926 testcase( nPayload==pPage->maxLocal );
927 testcase( nPayload==pPage->maxLocal+1 );
928 if( likely(nPayload<=pPage->maxLocal) ){
929 /* This is the (easy) common case where the entire payload fits
930 ** on the local page. No overflow is required.
931 */
932 if( (pInfo->nSize = (u16)(n+nPayload))<4 ) pInfo->nSize = 4;
933 pInfo->nLocal = (u16)nPayload;
934 pInfo->iOverflow = 0;
935 }else{
936 /* If the payload will not fit completely on the local page, we have
937 ** to decide how much to store locally and how much to spill onto
938 ** overflow pages. The strategy is to minimize the amount of unused
939 ** space on overflow pages while keeping the amount of local storage
940 ** in between minLocal and maxLocal.
941 **
942 ** Warning: changing the way overflow payload is distributed in any
943 ** way will result in an incompatible file format.
944 */
945 int minLocal; /* Minimum amount of payload held locally */
946 int maxLocal; /* Maximum amount of payload held locally */
947 int surplus; /* Overflow payload available for local storage */
948
949 minLocal = pPage->minLocal;
950 maxLocal = pPage->maxLocal;
951 surplus = minLocal + (nPayload - minLocal)%(pPage->pBt->usableSize - 4);
952 testcase( surplus==maxLocal );
953 testcase( surplus==maxLocal+1 );
954 if( surplus <= maxLocal ){
955 pInfo->nLocal = (u16)surplus;
956 }else{
957 pInfo->nLocal = (u16)minLocal;
958 }
959 pInfo->iOverflow = (u16)(pInfo->nLocal + n);
960 pInfo->nSize = pInfo->iOverflow + 4;
961 }
962 }
963 #define parseCell(pPage, iCell, pInfo) \
964 btreeParseCellPtr((pPage), findCell((pPage), (iCell)), (pInfo))
965 static void btreeParseCell(
966 MemPage *pPage, /* Page containing the cell */
967 int iCell, /* The cell index. First cell is 0 */
968 CellInfo *pInfo /* Fill in this structure */
969 ){
970 parseCell(pPage, iCell, pInfo);
971 }
972
973 /*
974 ** Compute the total number of bytes that a Cell needs in the cell
975 ** data area of the btree-page. The return number includes the cell
976 ** data header and the local payload, but not any overflow page or
977 ** the space used by the cell pointer.
978 */
979 static u16 cellSizePtr(MemPage *pPage, u8 *pCell){
980 u8 *pIter = &pCell[pPage->childPtrSize];
981 u32 nSize;
982
983 #ifdef SQLITE_DEBUG
984 /* The value returned by this function should always be the same as
985 ** the (CellInfo.nSize) value found by doing a full parse of the
986 ** cell. If SQLITE_DEBUG is defined, an assert() at the bottom of
987 ** this function verifies that this invariant is not violated. */
988 CellInfo debuginfo;
989 btreeParseCellPtr(pPage, pCell, &debuginfo);
990 #endif
991
992 if( pPage->intKey ){
993 u8 *pEnd;
994 if( pPage->hasData ){
995 pIter += getVarint32(pIter, nSize);
996 }else{
997 nSize = 0;
998 }
999
1000 /* pIter now points at the 64-bit integer key value, a variable length
1001 ** integer. The following block moves pIter to point at the first byte
1002 ** past the end of the key value. */
1003 pEnd = &pIter[9];
1004 while( (*pIter++)&0x80 && pIter<pEnd );
1005 }else{
1006 pIter += getVarint32(pIter, nSize);
1007 }
1008
1009 testcase( nSize==pPage->maxLocal );
1010 testcase( nSize==pPage->maxLocal+1 );
1011 if( nSize>pPage->maxLocal ){
1012 int minLocal = pPage->minLocal;
1013 nSize = minLocal + (nSize - minLocal) % (pPage->pBt->usableSize - 4);
1014 testcase( nSize==pPage->maxLocal );
1015 testcase( nSize==pPage->maxLocal+1 );
1016 if( nSize>pPage->maxLocal ){
1017 nSize = minLocal;
1018 }
1019 nSize += 4;
1020 }
1021 nSize += (u32)(pIter - pCell);
1022
1023 /* The minimum size of any cell is 4 bytes. */
1024 if( nSize<4 ){
1025 nSize = 4;
1026 }
1027
1028 assert( nSize==debuginfo.nSize );
1029 return (u16)nSize;
1030 }
1031
1032 #ifdef SQLITE_DEBUG
1033 /* This variation on cellSizePtr() is used inside of assert() statements
1034 ** only. */
1035 static u16 cellSize(MemPage *pPage, int iCell){
1036 return cellSizePtr(pPage, findCell(pPage, iCell));
1037 }
1038 #endif
1039
1040 #ifndef SQLITE_OMIT_AUTOVACUUM
1041 /*
1042 ** If the cell pCell, part of page pPage contains a pointer
1043 ** to an overflow page, insert an entry into the pointer-map
1044 ** for the overflow page.
1045 */
1046 static void ptrmapPutOvflPtr(MemPage *pPage, u8 *pCell, int *pRC){
1047 CellInfo info;
1048 if( *pRC ) return;
1049 assert( pCell!=0 );
1050 btreeParseCellPtr(pPage, pCell, &info);
1051 assert( (info.nData+(pPage->intKey?0:info.nKey))==info.nPayload );
1052 if( info.iOverflow ){
1053 Pgno ovfl = get4byte(&pCell[info.iOverflow]);
1054 ptrmapPut(pPage->pBt, ovfl, PTRMAP_OVERFLOW1, pPage->pgno, pRC);
1055 }
1056 }
1057 #endif
1058
1059
1060 /*
1061 ** Defragment the page given. All Cells are moved to the
1062 ** end of the page and all free space is collected into one
1063 ** big FreeBlk that occurs in between the header and cell
1064 ** pointer array and the cell content area.
1065 */
1066 static int defragmentPage(MemPage *pPage){
1067 int i; /* Loop counter */
1068 int pc; /* Address of a i-th cell */
1069 int hdr; /* Offset to the page header */
1070 int size; /* Size of a cell */
1071 int usableSize; /* Number of usable bytes on a page */
1072 int cellOffset; /* Offset to the cell pointer array */
1073 int cbrk; /* Offset to the cell content area */
1074 int nCell; /* Number of cells on the page */
1075 unsigned char *data; /* The page data */
1076 unsigned char *temp; /* Temp area for cell content */
1077 int iCellFirst; /* First allowable cell index */
1078 int iCellLast; /* Last possible cell index */
1079
1080
1081 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
1082 assert( pPage->pBt!=0 );
1083 assert( pPage->pBt->usableSize <= SQLITE_MAX_PAGE_SIZE );
1084 assert( pPage->nOverflow==0 );
1085 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1086 temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
1087 data = pPage->aData;
1088 hdr = pPage->hdrOffset;
1089 cellOffset = pPage->cellOffset;
1090 nCell = pPage->nCell;
1091 assert( nCell==get2byte(&data[hdr+3]) );
1092 usableSize = pPage->pBt->usableSize;
1093 cbrk = get2byte(&data[hdr+5]);
1094 memcpy(&temp[cbrk], &data[cbrk], usableSize - cbrk);
1095 cbrk = usableSize;
1096 iCellFirst = cellOffset + 2*nCell;
1097 iCellLast = usableSize - 4;
1098 for(i=0; i<nCell; i++){
1099 u8 *pAddr; /* The i-th cell pointer */
1100 pAddr = &data[cellOffset + i*2];
1101 pc = get2byte(pAddr);
1102 testcase( pc==iCellFirst );
1103 testcase( pc==iCellLast );
1104 #if !defined(SQLITE_ENABLE_OVERSIZE_CELL_CHECK)
1105 /* These conditions have already been verified in btreeInitPage()
1106 ** if SQLITE_ENABLE_OVERSIZE_CELL_CHECK is defined
1107 */
1108 if( pc<iCellFirst || pc>iCellLast ){
1109 return SQLITE_CORRUPT_BKPT;
1110 }
1111 #endif
1112 assert( pc>=iCellFirst && pc<=iCellLast );
1113 size = cellSizePtr(pPage, &temp[pc]);
1114 cbrk -= size;
1115 #if defined(SQLITE_ENABLE_OVERSIZE_CELL_CHECK)
1116 if( cbrk<iCellFirst ){
1117 return SQLITE_CORRUPT_BKPT;
1118 }
1119 #else
1120 if( cbrk<iCellFirst || pc+size>usableSize ){
1121 return SQLITE_CORRUPT_BKPT;
1122 }
1123 #endif
1124 assert( cbrk+size<=usableSize && cbrk>=iCellFirst );
1125 testcase( cbrk+size==usableSize );
1126 testcase( pc+size==usableSize );
1127 memcpy(&data[cbrk], &temp[pc], size);
1128 put2byte(pAddr, cbrk);
1129 }
1130 assert( cbrk>=iCellFirst );
1131 put2byte(&data[hdr+5], cbrk);
1132 data[hdr+1] = 0;
1133 data[hdr+2] = 0;
1134 data[hdr+7] = 0;
1135 memset(&data[iCellFirst], 0, cbrk-iCellFirst);
1136 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
1137 if( cbrk-iCellFirst!=pPage->nFree ){
1138 return SQLITE_CORRUPT_BKPT;
1139 }
1140 return SQLITE_OK;
1141 }
1142
1143 /*
1144 ** Allocate nByte bytes of space from within the B-Tree page passed
1145 ** as the first argument. Write into *pIdx the index into pPage->aData[]
1146 ** of the first byte of allocated space. Return either SQLITE_OK or
1147 ** an error code (usually SQLITE_CORRUPT).
1148 **
1149 ** The caller guarantees that there is sufficient space to make the
1150 ** allocation. This routine might need to defragment in order to bring
1151 ** all the space together, however. This routine will avoid using
1152 ** the first two bytes past the cell pointer area since presumably this
1153 ** allocation is being made in order to insert a new cell, so we will
1154 ** also end up needing a new cell pointer.
1155 */
1156 static int allocateSpace(MemPage *pPage, int nByte, int *pIdx){
1157 const int hdr = pPage->hdrOffset; /* Local cache of pPage->hdrOffset */
1158 u8 * const data = pPage->aData; /* Local cache of pPage->aData */
1159 int nFrag; /* Number of fragmented bytes on pPage */
1160 int top; /* First byte of cell content area */
1161 int gap; /* First byte of gap between cell pointers and cell content */
1162 int rc; /* Integer return code */
1163 int usableSize; /* Usable size of the page */
1164
1165 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
1166 assert( pPage->pBt );
1167 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1168 assert( nByte>=0 ); /* Minimum cell size is 4 */
1169 assert( pPage->nFree>=nByte );
1170 assert( pPage->nOverflow==0 );
1171 usableSize = pPage->pBt->usableSize;
1172 assert( nByte < usableSize-8 );
1173
1174 nFrag = data[hdr+7];
1175 assert( pPage->cellOffset == hdr + 12 - 4*pPage->leaf );
1176 gap = pPage->cellOffset + 2*pPage->nCell;
1177 top = get2byteNotZero(&data[hdr+5]);
1178 if( gap>top ) return SQLITE_CORRUPT_BKPT;
1179 testcase( gap+2==top );
1180 testcase( gap+1==top );
1181 testcase( gap==top );
1182
1183 if( nFrag>=60 ){
1184 /* Always defragment highly fragmented pages */
1185 rc = defragmentPage(pPage);
1186 if( rc ) return rc;
1187 top = get2byteNotZero(&data[hdr+5]);
1188 }else if( gap+2<=top ){
1189 /* Search the freelist looking for a free slot big enough to satisfy
1190 ** the request. The allocation is made from the first free slot in
1191 ** the list that is large enough to accomadate it.
1192 */
1193 int pc, addr;
1194 for(addr=hdr+1; (pc = get2byte(&data[addr]))>0; addr=pc){
1195 int size; /* Size of the free slot */
1196 if( pc>usableSize-4 || pc<addr+4 ){
1197 return SQLITE_CORRUPT_BKPT;
1198 }
1199 size = get2byte(&data[pc+2]);
1200 if( size>=nByte ){
1201 int x = size - nByte;
1202 testcase( x==4 );
1203 testcase( x==3 );
1204 if( x<4 ){
1205 /* Remove the slot from the free-list. Update the number of
1206 ** fragmented bytes within the page. */
1207 memcpy(&data[addr], &data[pc], 2);
1208 data[hdr+7] = (u8)(nFrag + x);
1209 }else if( size+pc > usableSize ){
1210 return SQLITE_CORRUPT_BKPT;
1211 }else{
1212 /* The slot remains on the free-list. Reduce its size to account
1213 ** for the portion used by the new allocation. */
1214 put2byte(&data[pc+2], x);
1215 }
1216 *pIdx = pc + x;
1217 return SQLITE_OK;
1218 }
1219 }
1220 }
1221
1222 /* Check to make sure there is enough space in the gap to satisfy
1223 ** the allocation. If not, defragment.
1224 */
1225 testcase( gap+2+nByte==top );
1226 if( gap+2+nByte>top ){
1227 rc = defragmentPage(pPage);
1228 if( rc ) return rc;
1229 top = get2byteNotZero(&data[hdr+5]);
1230 assert( gap+nByte<=top );
1231 }
1232
1233
1234 /* Allocate memory from the gap in between the cell pointer array
1235 ** and the cell content area. The btreeInitPage() call has already
1236 ** validated the freelist. Given that the freelist is valid, there
1237 ** is no way that the allocation can extend off the end of the page.
1238 ** The assert() below verifies the previous sentence.
1239 */
1240 top -= nByte;
1241 put2byte(&data[hdr+5], top);
1242 assert( top+nByte <= (int)pPage->pBt->usableSize );
1243 *pIdx = top;
1244 return SQLITE_OK;
1245 }
1246
1247 /*
1248 ** Return a section of the pPage->aData to the freelist.
1249 ** The first byte of the new free block is pPage->aDisk[start]
1250 ** and the size of the block is "size" bytes.
1251 **
1252 ** Most of the effort here is involved in coalesing adjacent
1253 ** free blocks into a single big free block.
1254 */
1255 static int freeSpace(MemPage *pPage, int start, int size){
1256 int addr, pbegin, hdr;
1257 int iLast; /* Largest possible freeblock offset */
1258 unsigned char *data = pPage->aData;
1259
1260 assert( pPage->pBt!=0 );
1261 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
1262 assert( start>=pPage->hdrOffset+6+pPage->childPtrSize );
1263 assert( (start + size) <= (int)pPage->pBt->usableSize );
1264 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1265 assert( size>=0 ); /* Minimum cell size is 4 */
1266
1267 if( pPage->pBt->secureDelete ){
1268 /* Overwrite deleted information with zeros when the secure_delete
1269 ** option is enabled */
1270 memset(&data[start], 0, size);
1271 }
1272
1273 /* Add the space back into the linked list of freeblocks. Note that
1274 ** even though the freeblock list was checked by btreeInitPage(),
1275 ** btreeInitPage() did not detect overlapping cells or
1276 ** freeblocks that overlapped cells. Nor does it detect when the
1277 ** cell content area exceeds the value in the page header. If these
1278 ** situations arise, then subsequent insert operations might corrupt
1279 ** the freelist. So we do need to check for corruption while scanning
1280 ** the freelist.
1281 */
1282 hdr = pPage->hdrOffset;
1283 addr = hdr + 1;
1284 iLast = pPage->pBt->usableSize - 4;
1285 assert( start<=iLast );
1286 while( (pbegin = get2byte(&data[addr]))<start && pbegin>0 ){
1287 if( pbegin<addr+4 ){
1288 return SQLITE_CORRUPT_BKPT;
1289 }
1290 addr = pbegin;
1291 }
1292 if( pbegin>iLast ){
1293 return SQLITE_CORRUPT_BKPT;
1294 }
1295 assert( pbegin>addr || pbegin==0 );
1296 put2byte(&data[addr], start);
1297 put2byte(&data[start], pbegin);
1298 put2byte(&data[start+2], size);
1299 pPage->nFree = pPage->nFree + (u16)size;
1300
1301 /* Coalesce adjacent free blocks */
1302 addr = hdr + 1;
1303 while( (pbegin = get2byte(&data[addr]))>0 ){
1304 int pnext, psize, x;
1305 assert( pbegin>addr );
1306 assert( pbegin <= (int)pPage->pBt->usableSize-4 );
1307 pnext = get2byte(&data[pbegin]);
1308 psize = get2byte(&data[pbegin+2]);
1309 if( pbegin + psize + 3 >= pnext && pnext>0 ){
1310 int frag = pnext - (pbegin+psize);
1311 if( (frag<0) || (frag>(int)data[hdr+7]) ){
1312 return SQLITE_CORRUPT_BKPT;
1313 }
1314 data[hdr+7] -= (u8)frag;
1315 x = get2byte(&data[pnext]);
1316 put2byte(&data[pbegin], x);
1317 x = pnext + get2byte(&data[pnext+2]) - pbegin;
1318 put2byte(&data[pbegin+2], x);
1319 }else{
1320 addr = pbegin;
1321 }
1322 }
1323
1324 /* If the cell content area begins with a freeblock, remove it. */
1325 if( data[hdr+1]==data[hdr+5] && data[hdr+2]==data[hdr+6] ){
1326 int top;
1327 pbegin = get2byte(&data[hdr+1]);
1328 memcpy(&data[hdr+1], &data[pbegin], 2);
1329 top = get2byte(&data[hdr+5]) + get2byte(&data[pbegin+2]);
1330 put2byte(&data[hdr+5], top);
1331 }
1332 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
1333 return SQLITE_OK;
1334 }
1335
1336 /*
1337 ** Decode the flags byte (the first byte of the header) for a page
1338 ** and initialize fields of the MemPage structure accordingly.
1339 **
1340 ** Only the following combinations are supported. Anything different
1341 ** indicates a corrupt database files:
1342 **
1343 ** PTF_ZERODATA
1344 ** PTF_ZERODATA | PTF_LEAF
1345 ** PTF_LEAFDATA | PTF_INTKEY
1346 ** PTF_LEAFDATA | PTF_INTKEY | PTF_LEAF
1347 */
1348 static int decodeFlags(MemPage *pPage, int flagByte){
1349 BtShared *pBt; /* A copy of pPage->pBt */
1350
1351 assert( pPage->hdrOffset==(pPage->pgno==1 ? 100 : 0) );
1352 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1353 pPage->leaf = (u8)(flagByte>>3); assert( PTF_LEAF == 1<<3 );
1354 flagByte &= ~PTF_LEAF;
1355 pPage->childPtrSize = 4-4*pPage->leaf;
1356 pBt = pPage->pBt;
1357 if( flagByte==(PTF_LEAFDATA | PTF_INTKEY) ){
1358 pPage->intKey = 1;
1359 pPage->hasData = pPage->leaf;
1360 pPage->maxLocal = pBt->maxLeaf;
1361 pPage->minLocal = pBt->minLeaf;
1362 }else if( flagByte==PTF_ZERODATA ){
1363 pPage->intKey = 0;
1364 pPage->hasData = 0;
1365 pPage->maxLocal = pBt->maxLocal;
1366 pPage->minLocal = pBt->minLocal;
1367 }else{
1368 return SQLITE_CORRUPT_BKPT;
1369 }
1370 return SQLITE_OK;
1371 }
1372
1373 /*
1374 ** Initialize the auxiliary information for a disk block.
1375 **
1376 ** Return SQLITE_OK on success. If we see that the page does
1377 ** not contain a well-formed database page, then return
1378 ** SQLITE_CORRUPT. Note that a return of SQLITE_OK does not
1379 ** guarantee that the page is well-formed. It only shows that
1380 ** we failed to detect any corruption.
1381 */
1382 static int btreeInitPage(MemPage *pPage){
1383
1384 assert( pPage->pBt!=0 );
1385 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1386 assert( pPage->pgno==sqlite3PagerPagenumber(pPage->pDbPage) );
1387 assert( pPage == sqlite3PagerGetExtra(pPage->pDbPage) );
1388 assert( pPage->aData == sqlite3PagerGetData(pPage->pDbPage) );
1389
1390 if( !pPage->isInit ){
1391 u16 pc; /* Address of a freeblock within pPage->aData[] */
1392 u8 hdr; /* Offset to beginning of page header */
1393 u8 *data; /* Equal to pPage->aData */
1394 BtShared *pBt; /* The main btree structure */
1395 int usableSize; /* Amount of usable space on each page */
1396 u16 cellOffset; /* Offset from start of page to first cell pointer */
1397 int nFree; /* Number of unused bytes on the page */
1398 int top; /* First byte of the cell content area */
1399 int iCellFirst; /* First allowable cell or freeblock offset */
1400 int iCellLast; /* Last possible cell or freeblock offset */
1401
1402 pBt = pPage->pBt;
1403
1404 hdr = pPage->hdrOffset;
1405 data = pPage->aData;
1406 if( decodeFlags(pPage, data[hdr]) ) return SQLITE_CORRUPT_BKPT;
1407 assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
1408 pPage->maskPage = (u16)(pBt->pageSize - 1);
1409 pPage->nOverflow = 0;
1410 usableSize = pBt->usableSize;
1411 pPage->cellOffset = cellOffset = hdr + 12 - 4*pPage->leaf;
1412 pPage->aDataEnd = &data[usableSize];
1413 pPage->aCellIdx = &data[cellOffset];
1414 top = get2byteNotZero(&data[hdr+5]);
1415 pPage->nCell = get2byte(&data[hdr+3]);
1416 if( pPage->nCell>MX_CELL(pBt) ){
1417 /* To many cells for a single page. The page must be corrupt */
1418 return SQLITE_CORRUPT_BKPT;
1419 }
1420 testcase( pPage->nCell==MX_CELL(pBt) );
1421
1422 /* A malformed database page might cause us to read past the end
1423 ** of page when parsing a cell.
1424 **
1425 ** The following block of code checks early to see if a cell extends
1426 ** past the end of a page boundary and causes SQLITE_CORRUPT to be
1427 ** returned if it does.
1428 */
1429 iCellFirst = cellOffset + 2*pPage->nCell;
1430 iCellLast = usableSize - 4;
1431 #if defined(SQLITE_ENABLE_OVERSIZE_CELL_CHECK)
1432 {
1433 int i; /* Index into the cell pointer array */
1434 int sz; /* Size of a cell */
1435
1436 if( !pPage->leaf ) iCellLast--;
1437 for(i=0; i<pPage->nCell; i++){
1438 pc = get2byte(&data[cellOffset+i*2]);
1439 testcase( pc==iCellFirst );
1440 testcase( pc==iCellLast );
1441 if( pc<iCellFirst || pc>iCellLast ){
1442 return SQLITE_CORRUPT_BKPT;
1443 }
1444 sz = cellSizePtr(pPage, &data[pc]);
1445 testcase( pc+sz==usableSize );
1446 if( pc+sz>usableSize ){
1447 return SQLITE_CORRUPT_BKPT;
1448 }
1449 }
1450 if( !pPage->leaf ) iCellLast++;
1451 }
1452 #endif
1453
1454 /* Compute the total free space on the page */
1455 pc = get2byte(&data[hdr+1]);
1456 nFree = data[hdr+7] + top;
1457 while( pc>0 ){
1458 u16 next, size;
1459 if( pc<iCellFirst || pc>iCellLast ){
1460 /* Start of free block is off the page */
1461 return SQLITE_CORRUPT_BKPT;
1462 }
1463 next = get2byte(&data[pc]);
1464 size = get2byte(&data[pc+2]);
1465 if( (next>0 && next<=pc+size+3) || pc+size>usableSize ){
1466 /* Free blocks must be in ascending order. And the last byte of
1467 ** the free-block must lie on the database page. */
1468 return SQLITE_CORRUPT_BKPT;
1469 }
1470 nFree = nFree + size;
1471 pc = next;
1472 }
1473
1474 /* At this point, nFree contains the sum of the offset to the start
1475 ** of the cell-content area plus the number of free bytes within
1476 ** the cell-content area. If this is greater than the usable-size
1477 ** of the page, then the page must be corrupted. This check also
1478 ** serves to verify that the offset to the start of the cell-content
1479 ** area, according to the page header, lies within the page.
1480 */
1481 if( nFree>usableSize ){
1482 return SQLITE_CORRUPT_BKPT;
1483 }
1484 pPage->nFree = (u16)(nFree - iCellFirst);
1485 pPage->isInit = 1;
1486 }
1487 return SQLITE_OK;
1488 }
1489
1490 /*
1491 ** Set up a raw page so that it looks like a database page holding
1492 ** no entries.
1493 */
1494 static void zeroPage(MemPage *pPage, int flags){
1495 unsigned char *data = pPage->aData;
1496 BtShared *pBt = pPage->pBt;
1497 u8 hdr = pPage->hdrOffset;
1498 u16 first;
1499
1500 assert( sqlite3PagerPagenumber(pPage->pDbPage)==pPage->pgno );
1501 assert( sqlite3PagerGetExtra(pPage->pDbPage) == (void*)pPage );
1502 assert( sqlite3PagerGetData(pPage->pDbPage) == data );
1503 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
1504 assert( sqlite3_mutex_held(pBt->mutex) );
1505 if( pBt->secureDelete ){
1506 memset(&data[hdr], 0, pBt->usableSize - hdr);
1507 }
1508 data[hdr] = (char)flags;
1509 first = hdr + 8 + 4*((flags&PTF_LEAF)==0 ?1:0);
1510 memset(&data[hdr+1], 0, 4);
1511 data[hdr+7] = 0;
1512 put2byte(&data[hdr+5], pBt->usableSize);
1513 pPage->nFree = (u16)(pBt->usableSize - first);
1514 decodeFlags(pPage, flags);
1515 pPage->hdrOffset = hdr;
1516 pPage->cellOffset = first;
1517 pPage->aDataEnd = &data[pBt->usableSize];
1518 pPage->aCellIdx = &data[first];
1519 pPage->nOverflow = 0;
1520 assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
1521 pPage->maskPage = (u16)(pBt->pageSize - 1);
1522 pPage->nCell = 0;
1523 pPage->isInit = 1;
1524 }
1525
1526
1527 /*
1528 ** Convert a DbPage obtained from the pager into a MemPage used by
1529 ** the btree layer.
1530 */
1531 static MemPage *btreePageFromDbPage(DbPage *pDbPage, Pgno pgno, BtShared *pBt){
1532 MemPage *pPage = (MemPage*)sqlite3PagerGetExtra(pDbPage);
1533 pPage->aData = sqlite3PagerGetData(pDbPage);
1534 pPage->pDbPage = pDbPage;
1535 pPage->pBt = pBt;
1536 pPage->pgno = pgno;
1537 pPage->hdrOffset = pPage->pgno==1 ? 100 : 0;
1538 return pPage;
1539 }
1540
1541 /*
1542 ** Get a page from the pager. Initialize the MemPage.pBt and
1543 ** MemPage.aData elements if needed.
1544 **
1545 ** If the noContent flag is set, it means that we do not care about
1546 ** the content of the page at this time. So do not go to the disk
1547 ** to fetch the content. Just fill in the content with zeros for now.
1548 ** If in the future we call sqlite3PagerWrite() on this page, that
1549 ** means we have started to be concerned about content and the disk
1550 ** read should occur at that point.
1551 */
1552 static int btreeGetPage(
1553 BtShared *pBt, /* The btree */
1554 Pgno pgno, /* Number of the page to fetch */
1555 MemPage **ppPage, /* Return the page in this parameter */
1556 int noContent /* Do not load page content if true */
1557 ){
1558 int rc;
1559 DbPage *pDbPage;
1560
1561 assert( sqlite3_mutex_held(pBt->mutex) );
1562 rc = sqlite3PagerAcquire(pBt->pPager, pgno, (DbPage**)&pDbPage, noContent);
1563 if( rc ) return rc;
1564 *ppPage = btreePageFromDbPage(pDbPage, pgno, pBt);
1565 return SQLITE_OK;
1566 }
1567
1568 /*
1569 ** Retrieve a page from the pager cache. If the requested page is not
1570 ** already in the pager cache return NULL. Initialize the MemPage.pBt and
1571 ** MemPage.aData elements if needed.
1572 */
1573 static MemPage *btreePageLookup(BtShared *pBt, Pgno pgno){
1574 DbPage *pDbPage;
1575 assert( sqlite3_mutex_held(pBt->mutex) );
1576 pDbPage = sqlite3PagerLookup(pBt->pPager, pgno);
1577 if( pDbPage ){
1578 return btreePageFromDbPage(pDbPage, pgno, pBt);
1579 }
1580 return 0;
1581 }
1582
1583 /*
1584 ** Return the size of the database file in pages. If there is any kind of
1585 ** error, return ((unsigned int)-1).
1586 */
1587 static Pgno btreePagecount(BtShared *pBt){
1588 return pBt->nPage;
1589 }
1590 u32 sqlite3BtreeLastPage(Btree *p){
1591 assert( sqlite3BtreeHoldsMutex(p) );
1592 assert( ((p->pBt->nPage)&0x8000000)==0 );
1593 return (int)btreePagecount(p->pBt);
1594 }
1595
1596 /*
1597 ** Get a page from the pager and initialize it. This routine is just a
1598 ** convenience wrapper around separate calls to btreeGetPage() and
1599 ** btreeInitPage().
1600 **
1601 ** If an error occurs, then the value *ppPage is set to is undefined. It
1602 ** may remain unchanged, or it may be set to an invalid value.
1603 */
1604 static int getAndInitPage(
1605 BtShared *pBt, /* The database file */
1606 Pgno pgno, /* Number of the page to get */
1607 MemPage **ppPage /* Write the page pointer here */
1608 ){
1609 int rc;
1610 assert( sqlite3_mutex_held(pBt->mutex) );
1611
1612 if( pgno>btreePagecount(pBt) ){
1613 rc = SQLITE_CORRUPT_BKPT;
1614 }else{
1615 rc = btreeGetPage(pBt, pgno, ppPage, 0);
1616 if( rc==SQLITE_OK ){
1617 rc = btreeInitPage(*ppPage);
1618 if( rc!=SQLITE_OK ){
1619 releasePage(*ppPage);
1620 }
1621 }
1622 }
1623
1624 testcase( pgno==0 );
1625 assert( pgno!=0 || rc==SQLITE_CORRUPT );
1626 return rc;
1627 }
1628
1629 /*
1630 ** Release a MemPage. This should be called once for each prior
1631 ** call to btreeGetPage.
1632 */
1633 static void releasePage(MemPage *pPage){
1634 if( pPage ){
1635 assert( pPage->aData );
1636 assert( pPage->pBt );
1637 assert( sqlite3PagerGetExtra(pPage->pDbPage) == (void*)pPage );
1638 assert( sqlite3PagerGetData(pPage->pDbPage)==pPage->aData );
1639 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1640 sqlite3PagerUnref(pPage->pDbPage);
1641 }
1642 }
1643
1644 /*
1645 ** During a rollback, when the pager reloads information into the cache
1646 ** so that the cache is restored to its original state at the start of
1647 ** the transaction, for each page restored this routine is called.
1648 **
1649 ** This routine needs to reset the extra data section at the end of the
1650 ** page to agree with the restored data.
1651 */
1652 static void pageReinit(DbPage *pData){
1653 MemPage *pPage;
1654 pPage = (MemPage *)sqlite3PagerGetExtra(pData);
1655 assert( sqlite3PagerPageRefcount(pData)>0 );
1656 if( pPage->isInit ){
1657 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
1658 pPage->isInit = 0;
1659 if( sqlite3PagerPageRefcount(pData)>1 ){
1660 /* pPage might not be a btree page; it might be an overflow page
1661 ** or ptrmap page or a free page. In those cases, the following
1662 ** call to btreeInitPage() will likely return SQLITE_CORRUPT.
1663 ** But no harm is done by this. And it is very important that
1664 ** btreeInitPage() be called on every btree page so we make
1665 ** the call for every page that comes in for re-initing. */
1666 btreeInitPage(pPage);
1667 }
1668 }
1669 }
1670
1671 /*
1672 ** Invoke the busy handler for a btree.
1673 */
1674 static int btreeInvokeBusyHandler(void *pArg){
1675 BtShared *pBt = (BtShared*)pArg;
1676 assert( pBt->db );
1677 assert( sqlite3_mutex_held(pBt->db->mutex) );
1678 return sqlite3InvokeBusyHandler(&pBt->db->busyHandler);
1679 }
1680
1681 /*
1682 ** Open a database file.
1683 **
1684 ** zFilename is the name of the database file. If zFilename is NULL
1685 ** then an ephemeral database is created. The ephemeral database might
1686 ** be exclusively in memory, or it might use a disk-based memory cache.
1687 ** Either way, the ephemeral database will be automatically deleted
1688 ** when sqlite3BtreeClose() is called.
1689 **
1690 ** If zFilename is ":memory:" then an in-memory database is created
1691 ** that is automatically destroyed when it is closed.
1692 **
1693 ** The "flags" parameter is a bitmask that might contain bits
1694 ** BTREE_OMIT_JOURNAL and/or BTREE_NO_READLOCK. The BTREE_NO_READLOCK
1695 ** bit is also set if the SQLITE_NoReadlock flags is set in db->flags.
1696 ** These flags are passed through into sqlite3PagerOpen() and must
1697 ** be the same values as PAGER_OMIT_JOURNAL and PAGER_NO_READLOCK.
1698 **
1699 ** If the database is already opened in the same database connection
1700 ** and we are in shared cache mode, then the open will fail with an
1701 ** SQLITE_CONSTRAINT error. We cannot allow two or more BtShared
1702 ** objects in the same database connection since doing so will lead
1703 ** to problems with locking.
1704 */
1705 int sqlite3BtreeOpen(
1706 sqlite3_vfs *pVfs, /* VFS to use for this b-tree */
1707 const char *zFilename, /* Name of the file containing the BTree database */
1708 sqlite3 *db, /* Associated database handle */
1709 Btree **ppBtree, /* Pointer to new Btree object written here */
1710 int flags, /* Options */
1711 int vfsFlags /* Flags passed through to sqlite3_vfs.xOpen() */
1712 ){
1713 BtShared *pBt = 0; /* Shared part of btree structure */
1714 Btree *p; /* Handle to return */
1715 sqlite3_mutex *mutexOpen = 0; /* Prevents a race condition. Ticket #3537 */
1716 int rc = SQLITE_OK; /* Result code from this function */
1717 u8 nReserve; /* Byte of unused space on each page */
1718 unsigned char zDbHeader[100]; /* Database header content */
1719
1720 /* True if opening an ephemeral, temporary database */
1721 const int isTempDb = zFilename==0 || zFilename[0]==0;
1722
1723 /* Set the variable isMemdb to true for an in-memory database, or
1724 ** false for a file-based database.
1725 */
1726 #ifdef SQLITE_OMIT_MEMORYDB
1727 const int isMemdb = 0;
1728 #else
1729 const int isMemdb = (zFilename && strcmp(zFilename, ":memory:")==0)
1730 || (isTempDb && sqlite3TempInMemory(db));
1731 #endif
1732
1733 assert( db!=0 );
1734 assert( pVfs!=0 );
1735 assert( sqlite3_mutex_held(db->mutex) );
1736 assert( (flags&0xff)==flags ); /* flags fit in 8 bits */
1737
1738 /* Only a BTREE_SINGLE database can be BTREE_UNORDERED */
1739 assert( (flags & BTREE_UNORDERED)==0 || (flags & BTREE_SINGLE)!=0 );
1740
1741 /* A BTREE_SINGLE database is always a temporary and/or ephemeral */
1742 assert( (flags & BTREE_SINGLE)==0 || isTempDb );
1743
1744 if( db->flags & SQLITE_NoReadlock ){
1745 flags |= BTREE_NO_READLOCK;
1746 }
1747 if( isMemdb ){
1748 flags |= BTREE_MEMORY;
1749 }
1750 if( (vfsFlags & SQLITE_OPEN_MAIN_DB)!=0 && (isMemdb || isTempDb) ){
1751 vfsFlags = (vfsFlags & ~SQLITE_OPEN_MAIN_DB) | SQLITE_OPEN_TEMP_DB;
1752 }
1753 p = sqlite3MallocZero(sizeof(Btree));
1754 if( !p ){
1755 return SQLITE_NOMEM;
1756 }
1757 p->inTrans = TRANS_NONE;
1758 p->db = db;
1759 #ifndef SQLITE_OMIT_SHARED_CACHE
1760 p->lock.pBtree = p;
1761 p->lock.iTable = 1;
1762 #endif
1763
1764 #if !defined(SQLITE_OMIT_SHARED_CACHE) && !defined(SQLITE_OMIT_DISKIO)
1765 /*
1766 ** If this Btree is a candidate for shared cache, try to find an
1767 ** existing BtShared object that we can share with
1768 */
1769 if( isMemdb==0 && isTempDb==0 ){
1770 if( vfsFlags & SQLITE_OPEN_SHAREDCACHE ){
1771 int nFullPathname = pVfs->mxPathname+1;
1772 char *zFullPathname = sqlite3Malloc(nFullPathname);
1773 MUTEX_LOGIC( sqlite3_mutex *mutexShared; )
1774 p->sharable = 1;
1775 if( !zFullPathname ){
1776 sqlite3_free(p);
1777 return SQLITE_NOMEM;
1778 }
1779 rc = sqlite3OsFullPathname(pVfs, zFilename, nFullPathname, zFullPathname);
1780 if( rc ){
1781 sqlite3_free(zFullPathname);
1782 sqlite3_free(p);
1783 return rc;
1784 }
1785 #if SQLITE_THREADSAFE
1786 mutexOpen = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_OPEN);
1787 sqlite3_mutex_enter(mutexOpen);
1788 mutexShared = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);
1789 sqlite3_mutex_enter(mutexShared);
1790 #endif
1791 for(pBt=GLOBAL(BtShared*,sqlite3SharedCacheList); pBt; pBt=pBt->pNext){
1792 assert( pBt->nRef>0 );
1793 if( 0==strcmp(zFullPathname, sqlite3PagerFilename(pBt->pPager))
1794 && sqlite3PagerVfs(pBt->pPager)==pVfs ){
1795 int iDb;
1796 for(iDb=db->nDb-1; iDb>=0; iDb--){
1797 Btree *pExisting = db->aDb[iDb].pBt;
1798 if( pExisting && pExisting->pBt==pBt ){
1799 sqlite3_mutex_leave(mutexShared);
1800 sqlite3_mutex_leave(mutexOpen);
1801 sqlite3_free(zFullPathname);
1802 sqlite3_free(p);
1803 return SQLITE_CONSTRAINT;
1804 }
1805 }
1806 p->pBt = pBt;
1807 pBt->nRef++;
1808 break;
1809 }
1810 }
1811 sqlite3_mutex_leave(mutexShared);
1812 sqlite3_free(zFullPathname);
1813 }
1814 #ifdef SQLITE_DEBUG
1815 else{
1816 /* In debug mode, we mark all persistent databases as sharable
1817 ** even when they are not. This exercises the locking code and
1818 ** gives more opportunity for asserts(sqlite3_mutex_held())
1819 ** statements to find locking problems.
1820 */
1821 p->sharable = 1;
1822 }
1823 #endif
1824 }
1825 #endif
1826 if( pBt==0 ){
1827 /*
1828 ** The following asserts make sure that structures used by the btree are
1829 ** the right size. This is to guard against size changes that result
1830 ** when compiling on a different architecture.
1831 */
1832 assert( sizeof(i64)==8 || sizeof(i64)==4 );
1833 assert( sizeof(u64)==8 || sizeof(u64)==4 );
1834 assert( sizeof(u32)==4 );
1835 assert( sizeof(u16)==2 );
1836 assert( sizeof(Pgno)==4 );
1837
1838 pBt = sqlite3MallocZero( sizeof(*pBt) );
1839 if( pBt==0 ){
1840 rc = SQLITE_NOMEM;
1841 goto btree_open_out;
1842 }
1843 rc = sqlite3PagerOpen(pVfs, &pBt->pPager, zFilename,
1844 EXTRA_SIZE, flags, vfsFlags, pageReinit);
1845 if( rc==SQLITE_OK ){
1846 rc = sqlite3PagerReadFileheader(pBt->pPager,sizeof(zDbHeader),zDbHeader);
1847 }
1848 if( rc!=SQLITE_OK ){
1849 goto btree_open_out;
1850 }
1851 pBt->openFlags = (u8)flags;
1852 pBt->db = db;
1853 sqlite3PagerSetBusyhandler(pBt->pPager, btreeInvokeBusyHandler, pBt);
1854 p->pBt = pBt;
1855
1856 pBt->pCursor = 0;
1857 pBt->pPage1 = 0;
1858 pBt->readOnly = sqlite3PagerIsreadonly(pBt->pPager);
1859 #ifdef SQLITE_SECURE_DELETE
1860 pBt->secureDelete = 1;
1861 #endif
1862 pBt->pageSize = (zDbHeader[16]<<8) | (zDbHeader[17]<<16);
1863 if( pBt->pageSize<512 || pBt->pageSize>SQLITE_MAX_PAGE_SIZE
1864 || ((pBt->pageSize-1)&pBt->pageSize)!=0 ){
1865 pBt->pageSize = 0;
1866 #ifndef SQLITE_OMIT_AUTOVACUUM
1867 /* If the magic name ":memory:" will create an in-memory database, then
1868 ** leave the autoVacuum mode at 0 (do not auto-vacuum), even if
1869 ** SQLITE_DEFAULT_AUTOVACUUM is true. On the other hand, if
1870 ** SQLITE_OMIT_MEMORYDB has been defined, then ":memory:" is just a
1871 ** regular file-name. In this case the auto-vacuum applies as per normal.
1872 */
1873 if( zFilename && !isMemdb ){
1874 pBt->autoVacuum = (SQLITE_DEFAULT_AUTOVACUUM ? 1 : 0);
1875 pBt->incrVacuum = (SQLITE_DEFAULT_AUTOVACUUM==2 ? 1 : 0);
1876 }
1877 #endif
1878 nReserve = 0;
1879 }else{
1880 nReserve = zDbHeader[20];
1881 pBt->pageSizeFixed = 1;
1882 #ifndef SQLITE_OMIT_AUTOVACUUM
1883 pBt->autoVacuum = (get4byte(&zDbHeader[36 + 4*4])?1:0);
1884 pBt->incrVacuum = (get4byte(&zDbHeader[36 + 7*4])?1:0);
1885 #endif
1886 }
1887 rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize, nReserve);
1888 if( rc ) goto btree_open_out;
1889 pBt->usableSize = pBt->pageSize - nReserve;
1890 assert( (pBt->pageSize & 7)==0 ); /* 8-byte alignment of pageSize */
1891
1892 #if !defined(SQLITE_OMIT_SHARED_CACHE) && !defined(SQLITE_OMIT_DISKIO)
1893 /* Add the new BtShared object to the linked list sharable BtShareds.
1894 */
1895 if( p->sharable ){
1896 MUTEX_LOGIC( sqlite3_mutex *mutexShared; )
1897 pBt->nRef = 1;
1898 MUTEX_LOGIC( mutexShared = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER);)
1899 if( SQLITE_THREADSAFE && sqlite3GlobalConfig.bCoreMutex ){
1900 pBt->mutex = sqlite3MutexAlloc(SQLITE_MUTEX_FAST);
1901 if( pBt->mutex==0 ){
1902 rc = SQLITE_NOMEM;
1903 db->mallocFailed = 0;
1904 goto btree_open_out;
1905 }
1906 }
1907 sqlite3_mutex_enter(mutexShared);
1908 pBt->pNext = GLOBAL(BtShared*,sqlite3SharedCacheList);
1909 GLOBAL(BtShared*,sqlite3SharedCacheList) = pBt;
1910 sqlite3_mutex_leave(mutexShared);
1911 }
1912 #endif
1913 }
1914
1915 #if !defined(SQLITE_OMIT_SHARED_CACHE) && !defined(SQLITE_OMIT_DISKIO)
1916 /* If the new Btree uses a sharable pBtShared, then link the new
1917 ** Btree into the list of all sharable Btrees for the same connection.
1918 ** The list is kept in ascending order by pBt address.
1919 */
1920 if( p->sharable ){
1921 int i;
1922 Btree *pSib;
1923 for(i=0; i<db->nDb; i++){
1924 if( (pSib = db->aDb[i].pBt)!=0 && pSib->sharable ){
1925 while( pSib->pPrev ){ pSib = pSib->pPrev; }
1926 if( p->pBt<pSib->pBt ){
1927 p->pNext = pSib;
1928 p->pPrev = 0;
1929 pSib->pPrev = p;
1930 }else{
1931 while( pSib->pNext && pSib->pNext->pBt<p->pBt ){
1932 pSib = pSib->pNext;
1933 }
1934 p->pNext = pSib->pNext;
1935 p->pPrev = pSib;
1936 if( p->pNext ){
1937 p->pNext->pPrev = p;
1938 }
1939 pSib->pNext = p;
1940 }
1941 break;
1942 }
1943 }
1944 }
1945 #endif
1946 *ppBtree = p;
1947
1948 btree_open_out:
1949 if( rc!=SQLITE_OK ){
1950 if( pBt && pBt->pPager ){
1951 sqlite3PagerClose(pBt->pPager);
1952 }
1953 sqlite3_free(pBt);
1954 sqlite3_free(p);
1955 *ppBtree = 0;
1956 }else{
1957 /* If the B-Tree was successfully opened, set the pager-cache size to the
1958 ** default value. Except, when opening on an existing shared pager-cache,
1959 ** do not change the pager-cache size.
1960 */
1961 if( sqlite3BtreeSchema(p, 0, 0)==0 ){
1962 sqlite3PagerSetCachesize(p->pBt->pPager, SQLITE_DEFAULT_CACHE_SIZE);
1963 }
1964 }
1965 if( mutexOpen ){
1966 assert( sqlite3_mutex_held(mutexOpen) );
1967 sqlite3_mutex_leave(mutexOpen);
1968 }
1969 return rc;
1970 }
1971
1972 /*
1973 ** Decrement the BtShared.nRef counter. When it reaches zero,
1974 ** remove the BtShared structure from the sharing list. Return
1975 ** true if the BtShared.nRef counter reaches zero and return
1976 ** false if it is still positive.
1977 */
1978 static int removeFromSharingList(BtShared *pBt){
1979 #ifndef SQLITE_OMIT_SHARED_CACHE
1980 MUTEX_LOGIC( sqlite3_mutex *pMaster; )
1981 BtShared *pList;
1982 int removed = 0;
1983
1984 assert( sqlite3_mutex_notheld(pBt->mutex) );
1985 MUTEX_LOGIC( pMaster = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER); )
1986 sqlite3_mutex_enter(pMaster);
1987 pBt->nRef--;
1988 if( pBt->nRef<=0 ){
1989 if( GLOBAL(BtShared*,sqlite3SharedCacheList)==pBt ){
1990 GLOBAL(BtShared*,sqlite3SharedCacheList) = pBt->pNext;
1991 }else{
1992 pList = GLOBAL(BtShared*,sqlite3SharedCacheList);
1993 while( ALWAYS(pList) && pList->pNext!=pBt ){
1994 pList=pList->pNext;
1995 }
1996 if( ALWAYS(pList) ){
1997 pList->pNext = pBt->pNext;
1998 }
1999 }
2000 if( SQLITE_THREADSAFE ){
2001 sqlite3_mutex_free(pBt->mutex);
2002 }
2003 removed = 1;
2004 }
2005 sqlite3_mutex_leave(pMaster);
2006 return removed;
2007 #else
2008 return 1;
2009 #endif
2010 }
2011
2012 /*
2013 ** Make sure pBt->pTmpSpace points to an allocation of
2014 ** MX_CELL_SIZE(pBt) bytes.
2015 */
2016 static void allocateTempSpace(BtShared *pBt){
2017 if( !pBt->pTmpSpace ){
2018 pBt->pTmpSpace = sqlite3PageMalloc( pBt->pageSize );
2019 }
2020 }
2021
2022 /*
2023 ** Free the pBt->pTmpSpace allocation
2024 */
2025 static void freeTempSpace(BtShared *pBt){
2026 sqlite3PageFree( pBt->pTmpSpace);
2027 pBt->pTmpSpace = 0;
2028 }
2029
2030 /*
2031 ** Close an open database and invalidate all cursors.
2032 */
2033 int sqlite3BtreeClose(Btree *p){
2034 BtShared *pBt = p->pBt;
2035 BtCursor *pCur;
2036
2037 /* Close all cursors opened via this handle. */
2038 assert( sqlite3_mutex_held(p->db->mutex) );
2039 sqlite3BtreeEnter(p);
2040 pCur = pBt->pCursor;
2041 while( pCur ){
2042 BtCursor *pTmp = pCur;
2043 pCur = pCur->pNext;
2044 if( pTmp->pBtree==p ){
2045 sqlite3BtreeCloseCursor(pTmp);
2046 }
2047 }
2048
2049 /* Rollback any active transaction and free the handle structure.
2050 ** The call to sqlite3BtreeRollback() drops any table-locks held by
2051 ** this handle.
2052 */
2053 sqlite3BtreeRollback(p);
2054 sqlite3BtreeLeave(p);
2055
2056 /* If there are still other outstanding references to the shared-btree
2057 ** structure, return now. The remainder of this procedure cleans
2058 ** up the shared-btree.
2059 */
2060 assert( p->wantToLock==0 && p->locked==0 );
2061 if( !p->sharable || removeFromSharingList(pBt) ){
2062 /* The pBt is no longer on the sharing list, so we can access
2063 ** it without having to hold the mutex.
2064 **
2065 ** Clean out and delete the BtShared object.
2066 */
2067 assert( !pBt->pCursor );
2068 sqlite3PagerClose(pBt->pPager);
2069 if( pBt->xFreeSchema && pBt->pSchema ){
2070 pBt->xFreeSchema(pBt->pSchema);
2071 }
2072 sqlite3DbFree(0, pBt->pSchema);
2073 freeTempSpace(pBt);
2074 sqlite3_free(pBt);
2075 }
2076
2077 #ifndef SQLITE_OMIT_SHARED_CACHE
2078 assert( p->wantToLock==0 );
2079 assert( p->locked==0 );
2080 if( p->pPrev ) p->pPrev->pNext = p->pNext;
2081 if( p->pNext ) p->pNext->pPrev = p->pPrev;
2082 #endif
2083
2084 sqlite3_free(p);
2085 return SQLITE_OK;
2086 }
2087
2088 /*
2089 ** Change the limit on the number of pages allowed in the cache.
2090 **
2091 ** The maximum number of cache pages is set to the absolute
2092 ** value of mxPage. If mxPage is negative, the pager will
2093 ** operate asynchronously - it will not stop to do fsync()s
2094 ** to insure data is written to the disk surface before
2095 ** continuing. Transactions still work if synchronous is off,
2096 ** and the database cannot be corrupted if this program
2097 ** crashes. But if the operating system crashes or there is
2098 ** an abrupt power failure when synchronous is off, the database
2099 ** could be left in an inconsistent and unrecoverable state.
2100 ** Synchronous is on by default so database corruption is not
2101 ** normally a worry.
2102 */
2103 int sqlite3BtreeSetCacheSize(Btree *p, int mxPage){
2104 BtShared *pBt = p->pBt;
2105 assert( sqlite3_mutex_held(p->db->mutex) );
2106 sqlite3BtreeEnter(p);
2107 sqlite3PagerSetCachesize(pBt->pPager, mxPage);
2108 sqlite3BtreeLeave(p);
2109 return SQLITE_OK;
2110 }
2111
2112 /*
2113 ** Change the way data is synced to disk in order to increase or decrease
2114 ** how well the database resists damage due to OS crashes and power
2115 ** failures. Level 1 is the same as asynchronous (no syncs() occur and
2116 ** there is a high probability of damage) Level 2 is the default. There
2117 ** is a very low but non-zero probability of damage. Level 3 reduces the
2118 ** probability of damage to near zero but with a write performance reduction.
2119 */
2120 #ifndef SQLITE_OMIT_PAGER_PRAGMAS
2121 int sqlite3BtreeSetSafetyLevel(
2122 Btree *p, /* The btree to set the safety level on */
2123 int level, /* PRAGMA synchronous. 1=OFF, 2=NORMAL, 3=FULL */
2124 int fullSync, /* PRAGMA fullfsync. */
2125 int ckptFullSync /* PRAGMA checkpoint_fullfync */
2126 ){
2127 BtShared *pBt = p->pBt;
2128 assert( sqlite3_mutex_held(p->db->mutex) );
2129 assert( level>=1 && level<=3 );
2130 sqlite3BtreeEnter(p);
2131 sqlite3PagerSetSafetyLevel(pBt->pPager, level, fullSync, ckptFullSync);
2132 sqlite3BtreeLeave(p);
2133 return SQLITE_OK;
2134 }
2135 #endif
2136
2137 /*
2138 ** Return TRUE if the given btree is set to safety level 1. In other
2139 ** words, return TRUE if no sync() occurs on the disk files.
2140 */
2141 int sqlite3BtreeSyncDisabled(Btree *p){
2142 BtShared *pBt = p->pBt;
2143 int rc;
2144 assert( sqlite3_mutex_held(p->db->mutex) );
2145 sqlite3BtreeEnter(p);
2146 assert( pBt && pBt->pPager );
2147 rc = sqlite3PagerNosync(pBt->pPager);
2148 sqlite3BtreeLeave(p);
2149 return rc;
2150 }
2151
2152 /*
2153 ** Change the default pages size and the number of reserved bytes per page.
2154 ** Or, if the page size has already been fixed, return SQLITE_READONLY
2155 ** without changing anything.
2156 **
2157 ** The page size must be a power of 2 between 512 and 65536. If the page
2158 ** size supplied does not meet this constraint then the page size is not
2159 ** changed.
2160 **
2161 ** Page sizes are constrained to be a power of two so that the region
2162 ** of the database file used for locking (beginning at PENDING_BYTE,
2163 ** the first byte past the 1GB boundary, 0x40000000) needs to occur
2164 ** at the beginning of a page.
2165 **
2166 ** If parameter nReserve is less than zero, then the number of reserved
2167 ** bytes per page is left unchanged.
2168 **
2169 ** If the iFix!=0 then the pageSizeFixed flag is set so that the page size
2170 ** and autovacuum mode can no longer be changed.
2171 */
2172 int sqlite3BtreeSetPageSize(Btree *p, int pageSize, int nReserve, int iFix){
2173 int rc = SQLITE_OK;
2174 BtShared *pBt = p->pBt;
2175 assert( nReserve>=-1 && nReserve<=255 );
2176 sqlite3BtreeEnter(p);
2177 if( pBt->pageSizeFixed ){
2178 sqlite3BtreeLeave(p);
2179 return SQLITE_READONLY;
2180 }
2181 if( nReserve<0 ){
2182 nReserve = pBt->pageSize - pBt->usableSize;
2183 }
2184 assert( nReserve>=0 && nReserve<=255 );
2185 if( pageSize>=512 && pageSize<=SQLITE_MAX_PAGE_SIZE &&
2186 ((pageSize-1)&pageSize)==0 ){
2187 assert( (pageSize & 7)==0 );
2188 assert( !pBt->pPage1 && !pBt->pCursor );
2189 pBt->pageSize = (u32)pageSize;
2190 freeTempSpace(pBt);
2191 }
2192 rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize, nReserve);
2193 pBt->usableSize = pBt->pageSize - (u16)nReserve;
2194 if( iFix ) pBt->pageSizeFixed = 1;
2195 sqlite3BtreeLeave(p);
2196 return rc;
2197 }
2198
2199 /*
2200 ** Return the currently defined page size
2201 */
2202 int sqlite3BtreeGetPageSize(Btree *p){
2203 return p->pBt->pageSize;
2204 }
2205
2206 #if !defined(SQLITE_OMIT_PAGER_PRAGMAS) || !defined(SQLITE_OMIT_VACUUM)
2207 /*
2208 ** Return the number of bytes of space at the end of every page that
2209 ** are intentually left unused. This is the "reserved" space that is
2210 ** sometimes used by extensions.
2211 */
2212 int sqlite3BtreeGetReserve(Btree *p){
2213 int n;
2214 sqlite3BtreeEnter(p);
2215 n = p->pBt->pageSize - p->pBt->usableSize;
2216 sqlite3BtreeLeave(p);
2217 return n;
2218 }
2219
2220 /*
2221 ** Set the maximum page count for a database if mxPage is positive.
2222 ** No changes are made if mxPage is 0 or negative.
2223 ** Regardless of the value of mxPage, return the maximum page count.
2224 */
2225 int sqlite3BtreeMaxPageCount(Btree *p, int mxPage){
2226 int n;
2227 sqlite3BtreeEnter(p);
2228 n = sqlite3PagerMaxPageCount(p->pBt->pPager, mxPage);
2229 sqlite3BtreeLeave(p);
2230 return n;
2231 }
2232
2233 /*
2234 ** Set the secureDelete flag if newFlag is 0 or 1. If newFlag is -1,
2235 ** then make no changes. Always return the value of the secureDelete
2236 ** setting after the change.
2237 */
2238 int sqlite3BtreeSecureDelete(Btree *p, int newFlag){
2239 int b;
2240 if( p==0 ) return 0;
2241 sqlite3BtreeEnter(p);
2242 if( newFlag>=0 ){
2243 p->pBt->secureDelete = (newFlag!=0) ? 1 : 0;
2244 }
2245 b = p->pBt->secureDelete;
2246 sqlite3BtreeLeave(p);
2247 return b;
2248 }
2249 #endif /* !defined(SQLITE_OMIT_PAGER_PRAGMAS) || !defined(SQLITE_OMIT_VACUUM) */
2250
2251 /*
2252 ** Change the 'auto-vacuum' property of the database. If the 'autoVacuum'
2253 ** parameter is non-zero, then auto-vacuum mode is enabled. If zero, it
2254 ** is disabled. The default value for the auto-vacuum property is
2255 ** determined by the SQLITE_DEFAULT_AUTOVACUUM macro.
2256 */
2257 int sqlite3BtreeSetAutoVacuum(Btree *p, int autoVacuum){
2258 #ifdef SQLITE_OMIT_AUTOVACUUM
2259 return SQLITE_READONLY;
2260 #else
2261 BtShared *pBt = p->pBt;
2262 int rc = SQLITE_OK;
2263 u8 av = (u8)autoVacuum;
2264
2265 sqlite3BtreeEnter(p);
2266 if( pBt->pageSizeFixed && (av ?1:0)!=pBt->autoVacuum ){
2267 rc = SQLITE_READONLY;
2268 }else{
2269 pBt->autoVacuum = av ?1:0;
2270 pBt->incrVacuum = av==2 ?1:0;
2271 }
2272 sqlite3BtreeLeave(p);
2273 return rc;
2274 #endif
2275 }
2276
2277 /*
2278 ** Return the value of the 'auto-vacuum' property. If auto-vacuum is
2279 ** enabled 1 is returned. Otherwise 0.
2280 */
2281 int sqlite3BtreeGetAutoVacuum(Btree *p){
2282 #ifdef SQLITE_OMIT_AUTOVACUUM
2283 return BTREE_AUTOVACUUM_NONE;
2284 #else
2285 int rc;
2286 sqlite3BtreeEnter(p);
2287 rc = (
2288 (!p->pBt->autoVacuum)?BTREE_AUTOVACUUM_NONE:
2289 (!p->pBt->incrVacuum)?BTREE_AUTOVACUUM_FULL:
2290 BTREE_AUTOVACUUM_INCR
2291 );
2292 sqlite3BtreeLeave(p);
2293 return rc;
2294 #endif
2295 }
2296
2297
2298 /*
2299 ** Get a reference to pPage1 of the database file. This will
2300 ** also acquire a readlock on that file.
2301 **
2302 ** SQLITE_OK is returned on success. If the file is not a
2303 ** well-formed database file, then SQLITE_CORRUPT is returned.
2304 ** SQLITE_BUSY is returned if the database is locked. SQLITE_NOMEM
2305 ** is returned if we run out of memory.
2306 */
2307 static int lockBtree(BtShared *pBt){
2308 int rc; /* Result code from subfunctions */
2309 MemPage *pPage1; /* Page 1 of the database file */
2310 int nPage; /* Number of pages in the database */
2311 int nPageFile = 0; /* Number of pages in the database file */
2312 int nPageHeader; /* Number of pages in the database according to hdr */
2313
2314 assert( sqlite3_mutex_held(pBt->mutex) );
2315 assert( pBt->pPage1==0 );
2316 rc = sqlite3PagerSharedLock(pBt->pPager);
2317 if( rc!=SQLITE_OK ) return rc;
2318 rc = btreeGetPage(pBt, 1, &pPage1, 0);
2319 if( rc!=SQLITE_OK ) return rc;
2320
2321 /* Do some checking to help insure the file we opened really is
2322 ** a valid database file.
2323 */
2324 nPage = nPageHeader = get4byte(28+(u8*)pPage1->aData);
2325 sqlite3PagerPagecount(pBt->pPager, &nPageFile);
2326 if( nPage==0 || memcmp(24+(u8*)pPage1->aData, 92+(u8*)pPage1->aData,4)!=0 ){
2327 nPage = nPageFile;
2328 }
2329 if( nPage>0 ){
2330 u32 pageSize;
2331 u32 usableSize;
2332 u8 *page1 = pPage1->aData;
2333 rc = SQLITE_NOTADB;
2334 if( memcmp(page1, zMagicHeader, 16)!=0 ){
2335 goto page1_init_failed;
2336 }
2337
2338 #ifdef SQLITE_OMIT_WAL
2339 if( page1[18]>1 ){
2340 pBt->readOnly = 1;
2341 }
2342 if( page1[19]>1 ){
2343 goto page1_init_failed;
2344 }
2345 #else
2346 if( page1[18]>2 ){
2347 pBt->readOnly = 1;
2348 }
2349 if( page1[19]>2 ){
2350 goto page1_init_failed;
2351 }
2352
2353 /* If the write version is set to 2, this database should be accessed
2354 ** in WAL mode. If the log is not already open, open it now. Then
2355 ** return SQLITE_OK and return without populating BtShared.pPage1.
2356 ** The caller detects this and calls this function again. This is
2357 ** required as the version of page 1 currently in the page1 buffer
2358 ** may not be the latest version - there may be a newer one in the log
2359 ** file.
2360 */
2361 if( page1[19]==2 && pBt->doNotUseWAL==0 ){
2362 int isOpen = 0;
2363 rc = sqlite3PagerOpenWal(pBt->pPager, &isOpen);
2364 if( rc!=SQLITE_OK ){
2365 goto page1_init_failed;
2366 }else if( isOpen==0 ){
2367 releasePage(pPage1);
2368 return SQLITE_OK;
2369 }
2370 rc = SQLITE_NOTADB;
2371 }
2372 #endif
2373
2374 /* The maximum embedded fraction must be exactly 25%. And the minimum
2375 ** embedded fraction must be 12.5% for both leaf-data and non-leaf-data.
2376 ** The original design allowed these amounts to vary, but as of
2377 ** version 3.6.0, we require them to be fixed.
2378 */
2379 if( memcmp(&page1[21], "\100\040\040",3)!=0 ){
2380 goto page1_init_failed;
2381 }
2382 pageSize = (page1[16]<<8) | (page1[17]<<16);
2383 if( ((pageSize-1)&pageSize)!=0
2384 || pageSize>SQLITE_MAX_PAGE_SIZE
2385 || pageSize<=256
2386 ){
2387 goto page1_init_failed;
2388 }
2389 assert( (pageSize & 7)==0 );
2390 usableSize = pageSize - page1[20];
2391 if( (u32)pageSize!=pBt->pageSize ){
2392 /* After reading the first page of the database assuming a page size
2393 ** of BtShared.pageSize, we have discovered that the page-size is
2394 ** actually pageSize. Unlock the database, leave pBt->pPage1 at
2395 ** zero and return SQLITE_OK. The caller will call this function
2396 ** again with the correct page-size.
2397 */
2398 releasePage(pPage1);
2399 pBt->usableSize = usableSize;
2400 pBt->pageSize = pageSize;
2401 freeTempSpace(pBt);
2402 rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize,
2403 pageSize-usableSize);
2404 return rc;
2405 }
2406 if( (pBt->db->flags & SQLITE_RecoveryMode)==0 && nPage>nPageFile ){
2407 rc = SQLITE_CORRUPT_BKPT;
2408 goto page1_init_failed;
2409 }
2410 if( usableSize<480 ){
2411 goto page1_init_failed;
2412 }
2413 pBt->pageSize = pageSize;
2414 pBt->usableSize = usableSize;
2415 #ifndef SQLITE_OMIT_AUTOVACUUM
2416 pBt->autoVacuum = (get4byte(&page1[36 + 4*4])?1:0);
2417 pBt->incrVacuum = (get4byte(&page1[36 + 7*4])?1:0);
2418 #endif
2419 }
2420
2421 /* maxLocal is the maximum amount of payload to store locally for
2422 ** a cell. Make sure it is small enough so that at least minFanout
2423 ** cells can will fit on one page. We assume a 10-byte page header.
2424 ** Besides the payload, the cell must store:
2425 ** 2-byte pointer to the cell
2426 ** 4-byte child pointer
2427 ** 9-byte nKey value
2428 ** 4-byte nData value
2429 ** 4-byte overflow page pointer
2430 ** So a cell consists of a 2-byte pointer, a header which is as much as
2431 ** 17 bytes long, 0 to N bytes of payload, and an optional 4 byte overflow
2432 ** page pointer.
2433 */
2434 pBt->maxLocal = (u16)((pBt->usableSize-12)*64/255 - 23);
2435 pBt->minLocal = (u16)((pBt->usableSize-12)*32/255 - 23);
2436 pBt->maxLeaf = (u16)(pBt->usableSize - 35);
2437 pBt->minLeaf = (u16)((pBt->usableSize-12)*32/255 - 23);
2438 assert( pBt->maxLeaf + 23 <= MX_CELL_SIZE(pBt) );
2439 pBt->pPage1 = pPage1;
2440 pBt->nPage = nPage;
2441 return SQLITE_OK;
2442
2443 page1_init_failed:
2444 releasePage(pPage1);
2445 pBt->pPage1 = 0;
2446 return rc;
2447 }
2448
2449 /*
2450 ** If there are no outstanding cursors and we are not in the middle
2451 ** of a transaction but there is a read lock on the database, then
2452 ** this routine unrefs the first page of the database file which
2453 ** has the effect of releasing the read lock.
2454 **
2455 ** If there is a transaction in progress, this routine is a no-op.
2456 */
2457 static void unlockBtreeIfUnused(BtShared *pBt){
2458 assert( sqlite3_mutex_held(pBt->mutex) );
2459 assert( pBt->pCursor==0 || pBt->inTransaction>TRANS_NONE );
2460 if( pBt->inTransaction==TRANS_NONE && pBt->pPage1!=0 ){
2461 assert( pBt->pPage1->aData );
2462 assert( sqlite3PagerRefcount(pBt->pPager)==1 );
2463 assert( pBt->pPage1->aData );
2464 releasePage(pBt->pPage1);
2465 pBt->pPage1 = 0;
2466 }
2467 }
2468
2469 /*
2470 ** If pBt points to an empty file then convert that empty file
2471 ** into a new empty database by initializing the first page of
2472 ** the database.
2473 */
2474 static int newDatabase(BtShared *pBt){
2475 MemPage *pP1;
2476 unsigned char *data;
2477 int rc;
2478
2479 assert( sqlite3_mutex_held(pBt->mutex) );
2480 if( pBt->nPage>0 ){
2481 return SQLITE_OK;
2482 }
2483 pP1 = pBt->pPage1;
2484 assert( pP1!=0 );
2485 data = pP1->aData;
2486 rc = sqlite3PagerWrite(pP1->pDbPage);
2487 if( rc ) return rc;
2488 memcpy(data, zMagicHeader, sizeof(zMagicHeader));
2489 assert( sizeof(zMagicHeader)==16 );
2490 data[16] = (u8)((pBt->pageSize>>8)&0xff);
2491 data[17] = (u8)((pBt->pageSize>>16)&0xff);
2492 data[18] = 1;
2493 data[19] = 1;
2494 assert( pBt->usableSize<=pBt->pageSize && pBt->usableSize+255>=pBt->pageSize);
2495 data[20] = (u8)(pBt->pageSize - pBt->usableSize);
2496 data[21] = 64;
2497 data[22] = 32;
2498 data[23] = 32;
2499 memset(&data[24], 0, 100-24);
2500 zeroPage(pP1, PTF_INTKEY|PTF_LEAF|PTF_LEAFDATA );
2501 pBt->pageSizeFixed = 1;
2502 #ifndef SQLITE_OMIT_AUTOVACUUM
2503 assert( pBt->autoVacuum==1 || pBt->autoVacuum==0 );
2504 assert( pBt->incrVacuum==1 || pBt->incrVacuum==0 );
2505 put4byte(&data[36 + 4*4], pBt->autoVacuum);
2506 put4byte(&data[36 + 7*4], pBt->incrVacuum);
2507 #endif
2508 pBt->nPage = 1;
2509 data[31] = 1;
2510 return SQLITE_OK;
2511 }
2512
2513 /*
2514 ** Attempt to start a new transaction. A write-transaction
2515 ** is started if the second argument is nonzero, otherwise a read-
2516 ** transaction. If the second argument is 2 or more and exclusive
2517 ** transaction is started, meaning that no other process is allowed
2518 ** to access the database. A preexisting transaction may not be
2519 ** upgraded to exclusive by calling this routine a second time - the
2520 ** exclusivity flag only works for a new transaction.
2521 **
2522 ** A write-transaction must be started before attempting any
2523 ** changes to the database. None of the following routines
2524 ** will work unless a transaction is started first:
2525 **
2526 ** sqlite3BtreeCreateTable()
2527 ** sqlite3BtreeCreateIndex()
2528 ** sqlite3BtreeClearTable()
2529 ** sqlite3BtreeDropTable()
2530 ** sqlite3BtreeInsert()
2531 ** sqlite3BtreeDelete()
2532 ** sqlite3BtreeUpdateMeta()
2533 **
2534 ** If an initial attempt to acquire the lock fails because of lock contention
2535 ** and the database was previously unlocked, then invoke the busy handler
2536 ** if there is one. But if there was previously a read-lock, do not
2537 ** invoke the busy handler - just return SQLITE_BUSY. SQLITE_BUSY is
2538 ** returned when there is already a read-lock in order to avoid a deadlock.
2539 **
2540 ** Suppose there are two processes A and B. A has a read lock and B has
2541 ** a reserved lock. B tries to promote to exclusive but is blocked because
2542 ** of A's read lock. A tries to promote to reserved but is blocked by B.
2543 ** One or the other of the two processes must give way or there can be
2544 ** no progress. By returning SQLITE_BUSY and not invoking the busy callback
2545 ** when A already has a read lock, we encourage A to give up and let B
2546 ** proceed.
2547 */
2548 int sqlite3BtreeBeginTrans(Btree *p, int wrflag){
2549 sqlite3 *pBlock = 0;
2550 BtShared *pBt = p->pBt;
2551 int rc = SQLITE_OK;
2552
2553 sqlite3BtreeEnter(p);
2554 btreeIntegrity(p);
2555
2556 /* If the btree is already in a write-transaction, or it
2557 ** is already in a read-transaction and a read-transaction
2558 ** is requested, this is a no-op.
2559 */
2560 if( p->inTrans==TRANS_WRITE || (p->inTrans==TRANS_READ && !wrflag) ){
2561 goto trans_begun;
2562 }
2563
2564 /* Write transactions are not possible on a read-only database */
2565 if( pBt->readOnly && wrflag ){
2566 rc = SQLITE_READONLY;
2567 goto trans_begun;
2568 }
2569
2570 #ifndef SQLITE_OMIT_SHARED_CACHE
2571 /* If another database handle has already opened a write transaction
2572 ** on this shared-btree structure and a second write transaction is
2573 ** requested, return SQLITE_LOCKED.
2574 */
2575 if( (wrflag && pBt->inTransaction==TRANS_WRITE) || pBt->isPending ){
2576 pBlock = pBt->pWriter->db;
2577 }else if( wrflag>1 ){
2578 BtLock *pIter;
2579 for(pIter=pBt->pLock; pIter; pIter=pIter->pNext){
2580 if( pIter->pBtree!=p ){
2581 pBlock = pIter->pBtree->db;
2582 break;
2583 }
2584 }
2585 }
2586 if( pBlock ){
2587 sqlite3ConnectionBlocked(p->db, pBlock);
2588 rc = SQLITE_LOCKED_SHAREDCACHE;
2589 goto trans_begun;
2590 }
2591 #endif
2592
2593 /* Any read-only or read-write transaction implies a read-lock on
2594 ** page 1. So if some other shared-cache client already has a write-lock
2595 ** on page 1, the transaction cannot be opened. */
2596 rc = querySharedCacheTableLock(p, MASTER_ROOT, READ_LOCK);
2597 if( SQLITE_OK!=rc ) goto trans_begun;
2598
2599 pBt->initiallyEmpty = (u8)(pBt->nPage==0);
2600 do {
2601 /* Call lockBtree() until either pBt->pPage1 is populated or
2602 ** lockBtree() returns something other than SQLITE_OK. lockBtree()
2603 ** may return SQLITE_OK but leave pBt->pPage1 set to 0 if after
2604 ** reading page 1 it discovers that the page-size of the database
2605 ** file is not pBt->pageSize. In this case lockBtree() will update
2606 ** pBt->pageSize to the page-size of the file on disk.
2607 */
2608 while( pBt->pPage1==0 && SQLITE_OK==(rc = lockBtree(pBt)) );
2609
2610 if( rc==SQLITE_OK && wrflag ){
2611 if( pBt->readOnly ){
2612 rc = SQLITE_READONLY;
2613 }else{
2614 rc = sqlite3PagerBegin(pBt->pPager,wrflag>1,sqlite3TempInMemory(p->db));
2615 if( rc==SQLITE_OK ){
2616 rc = newDatabase(pBt);
2617 }
2618 }
2619 }
2620
2621 if( rc!=SQLITE_OK ){
2622 unlockBtreeIfUnused(pBt);
2623 }
2624 }while( (rc&0xFF)==SQLITE_BUSY && pBt->inTransaction==TRANS_NONE &&
2625 btreeInvokeBusyHandler(pBt) );
2626
2627 if( rc==SQLITE_OK ){
2628 if( p->inTrans==TRANS_NONE ){
2629 pBt->nTransaction++;
2630 #ifndef SQLITE_OMIT_SHARED_CACHE
2631 if( p->sharable ){
2632 assert( p->lock.pBtree==p && p->lock.iTable==1 );
2633 p->lock.eLock = READ_LOCK;
2634 p->lock.pNext = pBt->pLock;
2635 pBt->pLock = &p->lock;
2636 }
2637 #endif
2638 }
2639 p->inTrans = (wrflag?TRANS_WRITE:TRANS_READ);
2640 if( p->inTrans>pBt->inTransaction ){
2641 pBt->inTransaction = p->inTrans;
2642 }
2643 if( wrflag ){
2644 MemPage *pPage1 = pBt->pPage1;
2645 #ifndef SQLITE_OMIT_SHARED_CACHE
2646 assert( !pBt->pWriter );
2647 pBt->pWriter = p;
2648 pBt->isExclusive = (u8)(wrflag>1);
2649 #endif
2650
2651 /* If the db-size header field is incorrect (as it may be if an old
2652 ** client has been writing the database file), update it now. Doing
2653 ** this sooner rather than later means the database size can safely
2654 ** re-read the database size from page 1 if a savepoint or transaction
2655 ** rollback occurs within the transaction.
2656 */
2657 if( pBt->nPage!=get4byte(&pPage1->aData[28]) ){
2658 rc = sqlite3PagerWrite(pPage1->pDbPage);
2659 if( rc==SQLITE_OK ){
2660 put4byte(&pPage1->aData[28], pBt->nPage);
2661 }
2662 }
2663 }
2664 }
2665
2666
2667 trans_begun:
2668 if( rc==SQLITE_OK && wrflag ){
2669 /* This call makes sure that the pager has the correct number of
2670 ** open savepoints. If the second parameter is greater than 0 and
2671 ** the sub-journal is not already open, then it will be opened here.
2672 */
2673 rc = sqlite3PagerOpenSavepoint(pBt->pPager, p->db->nSavepoint);
2674 }
2675
2676 btreeIntegrity(p);
2677 sqlite3BtreeLeave(p);
2678 return rc;
2679 }
2680
2681 #ifndef SQLITE_OMIT_AUTOVACUUM
2682
2683 /*
2684 ** Set the pointer-map entries for all children of page pPage. Also, if
2685 ** pPage contains cells that point to overflow pages, set the pointer
2686 ** map entries for the overflow pages as well.
2687 */
2688 static int setChildPtrmaps(MemPage *pPage){
2689 int i; /* Counter variable */
2690 int nCell; /* Number of cells in page pPage */
2691 int rc; /* Return code */
2692 BtShared *pBt = pPage->pBt;
2693 u8 isInitOrig = pPage->isInit;
2694 Pgno pgno = pPage->pgno;
2695
2696 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
2697 rc = btreeInitPage(pPage);
2698 if( rc!=SQLITE_OK ){
2699 goto set_child_ptrmaps_out;
2700 }
2701 nCell = pPage->nCell;
2702
2703 for(i=0; i<nCell; i++){
2704 u8 *pCell = findCell(pPage, i);
2705
2706 ptrmapPutOvflPtr(pPage, pCell, &rc);
2707
2708 if( !pPage->leaf ){
2709 Pgno childPgno = get4byte(pCell);
2710 ptrmapPut(pBt, childPgno, PTRMAP_BTREE, pgno, &rc);
2711 }
2712 }
2713
2714 if( !pPage->leaf ){
2715 Pgno childPgno = get4byte(&pPage->aData[pPage->hdrOffset+8]);
2716 ptrmapPut(pBt, childPgno, PTRMAP_BTREE, pgno, &rc);
2717 }
2718
2719 set_child_ptrmaps_out:
2720 pPage->isInit = isInitOrig;
2721 return rc;
2722 }
2723
2724 /*
2725 ** Somewhere on pPage is a pointer to page iFrom. Modify this pointer so
2726 ** that it points to iTo. Parameter eType describes the type of pointer to
2727 ** be modified, as follows:
2728 **
2729 ** PTRMAP_BTREE: pPage is a btree-page. The pointer points at a child
2730 ** page of pPage.
2731 **
2732 ** PTRMAP_OVERFLOW1: pPage is a btree-page. The pointer points at an overflow
2733 ** page pointed to by one of the cells on pPage.
2734 **
2735 ** PTRMAP_OVERFLOW2: pPage is an overflow-page. The pointer points at the next
2736 ** overflow page in the list.
2737 */
2738 static int modifyPagePointer(MemPage *pPage, Pgno iFrom, Pgno iTo, u8 eType){
2739 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
2740 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
2741 if( eType==PTRMAP_OVERFLOW2 ){
2742 /* The pointer is always the first 4 bytes of the page in this case. */
2743 if( get4byte(pPage->aData)!=iFrom ){
2744 return SQLITE_CORRUPT_BKPT;
2745 }
2746 put4byte(pPage->aData, iTo);
2747 }else{
2748 u8 isInitOrig = pPage->isInit;
2749 int i;
2750 int nCell;
2751
2752 btreeInitPage(pPage);
2753 nCell = pPage->nCell;
2754
2755 for(i=0; i<nCell; i++){
2756 u8 *pCell = findCell(pPage, i);
2757 if( eType==PTRMAP_OVERFLOW1 ){
2758 CellInfo info;
2759 btreeParseCellPtr(pPage, pCell, &info);
2760 if( info.iOverflow
2761 && pCell+info.iOverflow+3<=pPage->aData+pPage->maskPage
2762 && iFrom==get4byte(&pCell[info.iOverflow])
2763 ){
2764 put4byte(&pCell[info.iOverflow], iTo);
2765 break;
2766 }
2767 }else{
2768 if( get4byte(pCell)==iFrom ){
2769 put4byte(pCell, iTo);
2770 break;
2771 }
2772 }
2773 }
2774
2775 if( i==nCell ){
2776 if( eType!=PTRMAP_BTREE ||
2777 get4byte(&pPage->aData[pPage->hdrOffset+8])!=iFrom ){
2778 return SQLITE_CORRUPT_BKPT;
2779 }
2780 put4byte(&pPage->aData[pPage->hdrOffset+8], iTo);
2781 }
2782
2783 pPage->isInit = isInitOrig;
2784 }
2785 return SQLITE_OK;
2786 }
2787
2788
2789 /*
2790 ** Move the open database page pDbPage to location iFreePage in the
2791 ** database. The pDbPage reference remains valid.
2792 **
2793 ** The isCommit flag indicates that there is no need to remember that
2794 ** the journal needs to be sync()ed before database page pDbPage->pgno
2795 ** can be written to. The caller has already promised not to write to that
2796 ** page.
2797 */
2798 static int relocatePage(
2799 BtShared *pBt, /* Btree */
2800 MemPage *pDbPage, /* Open page to move */
2801 u8 eType, /* Pointer map 'type' entry for pDbPage */
2802 Pgno iPtrPage, /* Pointer map 'page-no' entry for pDbPage */
2803 Pgno iFreePage, /* The location to move pDbPage to */
2804 int isCommit /* isCommit flag passed to sqlite3PagerMovepage */
2805 ){
2806 MemPage *pPtrPage; /* The page that contains a pointer to pDbPage */
2807 Pgno iDbPage = pDbPage->pgno;
2808 Pager *pPager = pBt->pPager;
2809 int rc;
2810
2811 assert( eType==PTRMAP_OVERFLOW2 || eType==PTRMAP_OVERFLOW1 ||
2812 eType==PTRMAP_BTREE || eType==PTRMAP_ROOTPAGE );
2813 assert( sqlite3_mutex_held(pBt->mutex) );
2814 assert( pDbPage->pBt==pBt );
2815
2816 /* Move page iDbPage from its current location to page number iFreePage */
2817 TRACE(("AUTOVACUUM: Moving %d to free page %d (ptr page %d type %d)\n",
2818 iDbPage, iFreePage, iPtrPage, eType));
2819 rc = sqlite3PagerMovepage(pPager, pDbPage->pDbPage, iFreePage, isCommit);
2820 if( rc!=SQLITE_OK ){
2821 return rc;
2822 }
2823 pDbPage->pgno = iFreePage;
2824
2825 /* If pDbPage was a btree-page, then it may have child pages and/or cells
2826 ** that point to overflow pages. The pointer map entries for all these
2827 ** pages need to be changed.
2828 **
2829 ** If pDbPage is an overflow page, then the first 4 bytes may store a
2830 ** pointer to a subsequent overflow page. If this is the case, then
2831 ** the pointer map needs to be updated for the subsequent overflow page.
2832 */
2833 if( eType==PTRMAP_BTREE || eType==PTRMAP_ROOTPAGE ){
2834 rc = setChildPtrmaps(pDbPage);
2835 if( rc!=SQLITE_OK ){
2836 return rc;
2837 }
2838 }else{
2839 Pgno nextOvfl = get4byte(pDbPage->aData);
2840 if( nextOvfl!=0 ){
2841 ptrmapPut(pBt, nextOvfl, PTRMAP_OVERFLOW2, iFreePage, &rc);
2842 if( rc!=SQLITE_OK ){
2843 return rc;
2844 }
2845 }
2846 }
2847
2848 /* Fix the database pointer on page iPtrPage that pointed at iDbPage so
2849 ** that it points at iFreePage. Also fix the pointer map entry for
2850 ** iPtrPage.
2851 */
2852 if( eType!=PTRMAP_ROOTPAGE ){
2853 rc = btreeGetPage(pBt, iPtrPage, &pPtrPage, 0);
2854 if( rc!=SQLITE_OK ){
2855 return rc;
2856 }
2857 rc = sqlite3PagerWrite(pPtrPage->pDbPage);
2858 if( rc!=SQLITE_OK ){
2859 releasePage(pPtrPage);
2860 return rc;
2861 }
2862 rc = modifyPagePointer(pPtrPage, iDbPage, iFreePage, eType);
2863 releasePage(pPtrPage);
2864 if( rc==SQLITE_OK ){
2865 ptrmapPut(pBt, iFreePage, eType, iPtrPage, &rc);
2866 }
2867 }
2868 return rc;
2869 }
2870
2871 /* Forward declaration required by incrVacuumStep(). */
2872 static int allocateBtreePage(BtShared *, MemPage **, Pgno *, Pgno, u8);
2873
2874 /*
2875 ** Perform a single step of an incremental-vacuum. If successful,
2876 ** return SQLITE_OK. If there is no work to do (and therefore no
2877 ** point in calling this function again), return SQLITE_DONE.
2878 **
2879 ** More specificly, this function attempts to re-organize the
2880 ** database so that the last page of the file currently in use
2881 ** is no longer in use.
2882 **
2883 ** If the nFin parameter is non-zero, this function assumes
2884 ** that the caller will keep calling incrVacuumStep() until
2885 ** it returns SQLITE_DONE or an error, and that nFin is the
2886 ** number of pages the database file will contain after this
2887 ** process is complete. If nFin is zero, it is assumed that
2888 ** incrVacuumStep() will be called a finite amount of times
2889 ** which may or may not empty the freelist. A full autovacuum
2890 ** has nFin>0. A "PRAGMA incremental_vacuum" has nFin==0.
2891 */
2892 static int incrVacuumStep(BtShared *pBt, Pgno nFin, Pgno iLastPg){
2893 Pgno nFreeList; /* Number of pages still on the free-list */
2894 int rc;
2895
2896 assert( sqlite3_mutex_held(pBt->mutex) );
2897 assert( iLastPg>nFin );
2898
2899 if( !PTRMAP_ISPAGE(pBt, iLastPg) && iLastPg!=PENDING_BYTE_PAGE(pBt) ){
2900 u8 eType;
2901 Pgno iPtrPage;
2902
2903 nFreeList = get4byte(&pBt->pPage1->aData[36]);
2904 if( nFreeList==0 ){
2905 return SQLITE_DONE;
2906 }
2907
2908 rc = ptrmapGet(pBt, iLastPg, &eType, &iPtrPage);
2909 if( rc!=SQLITE_OK ){
2910 return rc;
2911 }
2912 if( eType==PTRMAP_ROOTPAGE ){
2913 return SQLITE_CORRUPT_BKPT;
2914 }
2915
2916 if( eType==PTRMAP_FREEPAGE ){
2917 if( nFin==0 ){
2918 /* Remove the page from the files free-list. This is not required
2919 ** if nFin is non-zero. In that case, the free-list will be
2920 ** truncated to zero after this function returns, so it doesn't
2921 ** matter if it still contains some garbage entries.
2922 */
2923 Pgno iFreePg;
2924 MemPage *pFreePg;
2925 rc = allocateBtreePage(pBt, &pFreePg, &iFreePg, iLastPg, 1);
2926 if( rc!=SQLITE_OK ){
2927 return rc;
2928 }
2929 assert( iFreePg==iLastPg );
2930 releasePage(pFreePg);
2931 }
2932 } else {
2933 Pgno iFreePg; /* Index of free page to move pLastPg to */
2934 MemPage *pLastPg;
2935
2936 rc = btreeGetPage(pBt, iLastPg, &pLastPg, 0);
2937 if( rc!=SQLITE_OK ){
2938 return rc;
2939 }
2940
2941 /* If nFin is zero, this loop runs exactly once and page pLastPg
2942 ** is swapped with the first free page pulled off the free list.
2943 **
2944 ** On the other hand, if nFin is greater than zero, then keep
2945 ** looping until a free-page located within the first nFin pages
2946 ** of the file is found.
2947 */
2948 do {
2949 MemPage *pFreePg;
2950 rc = allocateBtreePage(pBt, &pFreePg, &iFreePg, 0, 0);
2951 if( rc!=SQLITE_OK ){
2952 releasePage(pLastPg);
2953 return rc;
2954 }
2955 releasePage(pFreePg);
2956 }while( nFin!=0 && iFreePg>nFin );
2957 assert( iFreePg<iLastPg );
2958
2959 rc = sqlite3PagerWrite(pLastPg->pDbPage);
2960 if( rc==SQLITE_OK ){
2961 rc = relocatePage(pBt, pLastPg, eType, iPtrPage, iFreePg, nFin!=0);
2962 }
2963 releasePage(pLastPg);
2964 if( rc!=SQLITE_OK ){
2965 return rc;
2966 }
2967 }
2968 }
2969
2970 if( nFin==0 ){
2971 iLastPg--;
2972 while( iLastPg==PENDING_BYTE_PAGE(pBt)||PTRMAP_ISPAGE(pBt, iLastPg) ){
2973 if( PTRMAP_ISPAGE(pBt, iLastPg) ){
2974 MemPage *pPg;
2975 rc = btreeGetPage(pBt, iLastPg, &pPg, 0);
2976 if( rc!=SQLITE_OK ){
2977 return rc;
2978 }
2979 rc = sqlite3PagerWrite(pPg->pDbPage);
2980 releasePage(pPg);
2981 if( rc!=SQLITE_OK ){
2982 return rc;
2983 }
2984 }
2985 iLastPg--;
2986 }
2987 sqlite3PagerTruncateImage(pBt->pPager, iLastPg);
2988 pBt->nPage = iLastPg;
2989 }
2990 return SQLITE_OK;
2991 }
2992
2993 /*
2994 ** A write-transaction must be opened before calling this function.
2995 ** It performs a single unit of work towards an incremental vacuum.
2996 **
2997 ** If the incremental vacuum is finished after this function has run,
2998 ** SQLITE_DONE is returned. If it is not finished, but no error occurred,
2999 ** SQLITE_OK is returned. Otherwise an SQLite error code.
3000 */
3001 int sqlite3BtreeIncrVacuum(Btree *p){
3002 int rc;
3003 BtShared *pBt = p->pBt;
3004
3005 sqlite3BtreeEnter(p);
3006 assert( pBt->inTransaction==TRANS_WRITE && p->inTrans==TRANS_WRITE );
3007 if( !pBt->autoVacuum ){
3008 rc = SQLITE_DONE;
3009 }else{
3010 invalidateAllOverflowCache(pBt);
3011 rc = incrVacuumStep(pBt, 0, btreePagecount(pBt));
3012 if( rc==SQLITE_OK ){
3013 rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
3014 put4byte(&pBt->pPage1->aData[28], pBt->nPage);
3015 }
3016 }
3017 sqlite3BtreeLeave(p);
3018 return rc;
3019 }
3020
3021 /*
3022 ** This routine is called prior to sqlite3PagerCommit when a transaction
3023 ** is commited for an auto-vacuum database.
3024 **
3025 ** If SQLITE_OK is returned, then *pnTrunc is set to the number of pages
3026 ** the database file should be truncated to during the commit process.
3027 ** i.e. the database has been reorganized so that only the first *pnTrunc
3028 ** pages are in use.
3029 */
3030 static int autoVacuumCommit(BtShared *pBt){
3031 int rc = SQLITE_OK;
3032 Pager *pPager = pBt->pPager;
3033 VVA_ONLY( int nRef = sqlite3PagerRefcount(pPager) );
3034
3035 assert( sqlite3_mutex_held(pBt->mutex) );
3036 invalidateAllOverflowCache(pBt);
3037 assert(pBt->autoVacuum);
3038 if( !pBt->incrVacuum ){
3039 Pgno nFin; /* Number of pages in database after autovacuuming */
3040 Pgno nFree; /* Number of pages on the freelist initially */
3041 Pgno nPtrmap; /* Number of PtrMap pages to be freed */
3042 Pgno iFree; /* The next page to be freed */
3043 int nEntry; /* Number of entries on one ptrmap page */
3044 Pgno nOrig; /* Database size before freeing */
3045
3046 nOrig = btreePagecount(pBt);
3047 if( PTRMAP_ISPAGE(pBt, nOrig) || nOrig==PENDING_BYTE_PAGE(pBt) ){
3048 /* It is not possible to create a database for which the final page
3049 ** is either a pointer-map page or the pending-byte page. If one
3050 ** is encountered, this indicates corruption.
3051 */
3052 return SQLITE_CORRUPT_BKPT;
3053 }
3054
3055 nFree = get4byte(&pBt->pPage1->aData[36]);
3056 nEntry = pBt->usableSize/5;
3057 nPtrmap = (nFree-nOrig+PTRMAP_PAGENO(pBt, nOrig)+nEntry)/nEntry;
3058 nFin = nOrig - nFree - nPtrmap;
3059 if( nOrig>PENDING_BYTE_PAGE(pBt) && nFin<PENDING_BYTE_PAGE(pBt) ){
3060 nFin--;
3061 }
3062 while( PTRMAP_ISPAGE(pBt, nFin) || nFin==PENDING_BYTE_PAGE(pBt) ){
3063 nFin--;
3064 }
3065 if( nFin>nOrig ) return SQLITE_CORRUPT_BKPT;
3066
3067 for(iFree=nOrig; iFree>nFin && rc==SQLITE_OK; iFree--){
3068 rc = incrVacuumStep(pBt, nFin, iFree);
3069 }
3070 if( (rc==SQLITE_DONE || rc==SQLITE_OK) && nFree>0 ){
3071 rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
3072 put4byte(&pBt->pPage1->aData[32], 0);
3073 put4byte(&pBt->pPage1->aData[36], 0);
3074 put4byte(&pBt->pPage1->aData[28], nFin);
3075 sqlite3PagerTruncateImage(pBt->pPager, nFin);
3076 pBt->nPage = nFin;
3077 }
3078 if( rc!=SQLITE_OK ){
3079 sqlite3PagerRollback(pPager);
3080 }
3081 }
3082
3083 assert( nRef==sqlite3PagerRefcount(pPager) );
3084 return rc;
3085 }
3086
3087 #else /* ifndef SQLITE_OMIT_AUTOVACUUM */
3088 # define setChildPtrmaps(x) SQLITE_OK
3089 #endif
3090
3091 /*
3092 ** This routine does the first phase of a two-phase commit. This routine
3093 ** causes a rollback journal to be created (if it does not already exist)
3094 ** and populated with enough information so that if a power loss occurs
3095 ** the database can be restored to its original state by playing back
3096 ** the journal. Then the contents of the journal are flushed out to
3097 ** the disk. After the journal is safely on oxide, the changes to the
3098 ** database are written into the database file and flushed to oxide.
3099 ** At the end of this call, the rollback journal still exists on the
3100 ** disk and we are still holding all locks, so the transaction has not
3101 ** committed. See sqlite3BtreeCommitPhaseTwo() for the second phase of the
3102 ** commit process.
3103 **
3104 ** This call is a no-op if no write-transaction is currently active on pBt.
3105 **
3106 ** Otherwise, sync the database file for the btree pBt. zMaster points to
3107 ** the name of a master journal file that should be written into the
3108 ** individual journal file, or is NULL, indicating no master journal file
3109 ** (single database transaction).
3110 **
3111 ** When this is called, the master journal should already have been
3112 ** created, populated with this journal pointer and synced to disk.
3113 **
3114 ** Once this is routine has returned, the only thing required to commit
3115 ** the write-transaction for this database file is to delete the journal.
3116 */
3117 int sqlite3BtreeCommitPhaseOne(Btree *p, const char *zMaster){
3118 int rc = SQLITE_OK;
3119 if( p->inTrans==TRANS_WRITE ){
3120 BtShared *pBt = p->pBt;
3121 sqlite3BtreeEnter(p);
3122 #ifndef SQLITE_OMIT_AUTOVACUUM
3123 if( pBt->autoVacuum ){
3124 rc = autoVacuumCommit(pBt);
3125 if( rc!=SQLITE_OK ){
3126 sqlite3BtreeLeave(p);
3127 return rc;
3128 }
3129 }
3130 #endif
3131 rc = sqlite3PagerCommitPhaseOne(pBt->pPager, zMaster, 0);
3132 sqlite3BtreeLeave(p);
3133 }
3134 return rc;
3135 }
3136
3137 /*
3138 ** This function is called from both BtreeCommitPhaseTwo() and BtreeRollback()
3139 ** at the conclusion of a transaction.
3140 */
3141 static void btreeEndTransaction(Btree *p){
3142 BtShared *pBt = p->pBt;
3143 assert( sqlite3BtreeHoldsMutex(p) );
3144
3145 btreeClearHasContent(pBt);
3146 if( p->inTrans>TRANS_NONE && p->db->activeVdbeCnt>1 ){
3147 /* If there are other active statements that belong to this database
3148 ** handle, downgrade to a read-only transaction. The other statements
3149 ** may still be reading from the database. */
3150 downgradeAllSharedCacheTableLocks(p);
3151 p->inTrans = TRANS_READ;
3152 }else{
3153 /* If the handle had any kind of transaction open, decrement the
3154 ** transaction count of the shared btree. If the transaction count
3155 ** reaches 0, set the shared state to TRANS_NONE. The unlockBtreeIfUnused()
3156 ** call below will unlock the pager. */
3157 if( p->inTrans!=TRANS_NONE ){
3158 clearAllSharedCacheTableLocks(p);
3159 pBt->nTransaction--;
3160 if( 0==pBt->nTransaction ){
3161 pBt->inTransaction = TRANS_NONE;
3162 }
3163 }
3164
3165 /* Set the current transaction state to TRANS_NONE and unlock the
3166 ** pager if this call closed the only read or write transaction. */
3167 p->inTrans = TRANS_NONE;
3168 unlockBtreeIfUnused(pBt);
3169 }
3170
3171 btreeIntegrity(p);
3172 }
3173
3174 /*
3175 ** Commit the transaction currently in progress.
3176 **
3177 ** This routine implements the second phase of a 2-phase commit. The
3178 ** sqlite3BtreeCommitPhaseOne() routine does the first phase and should
3179 ** be invoked prior to calling this routine. The sqlite3BtreeCommitPhaseOne()
3180 ** routine did all the work of writing information out to disk and flushing the
3181 ** contents so that they are written onto the disk platter. All this
3182 ** routine has to do is delete or truncate or zero the header in the
3183 ** the rollback journal (which causes the transaction to commit) and
3184 ** drop locks.
3185 **
3186 ** Normally, if an error occurs while the pager layer is attempting to
3187 ** finalize the underlying journal file, this function returns an error and
3188 ** the upper layer will attempt a rollback. However, if the second argument
3189 ** is non-zero then this b-tree transaction is part of a multi-file
3190 ** transaction. In this case, the transaction has already been committed
3191 ** (by deleting a master journal file) and the caller will ignore this
3192 ** functions return code. So, even if an error occurs in the pager layer,
3193 ** reset the b-tree objects internal state to indicate that the write
3194 ** transaction has been closed. This is quite safe, as the pager will have
3195 ** transitioned to the error state.
3196 **
3197 ** This will release the write lock on the database file. If there
3198 ** are no active cursors, it also releases the read lock.
3199 */
3200 int sqlite3BtreeCommitPhaseTwo(Btree *p, int bCleanup){
3201
3202 if( p->inTrans==TRANS_NONE ) return SQLITE_OK;
3203 sqlite3BtreeEnter(p);
3204 btreeIntegrity(p);
3205
3206 /* If the handle has a write-transaction open, commit the shared-btrees
3207 ** transaction and set the shared state to TRANS_READ.
3208 */
3209 if( p->inTrans==TRANS_WRITE ){
3210 int rc;
3211 BtShared *pBt = p->pBt;
3212 assert( pBt->inTransaction==TRANS_WRITE );
3213 assert( pBt->nTransaction>0 );
3214 rc = sqlite3PagerCommitPhaseTwo(pBt->pPager);
3215 if( rc!=SQLITE_OK && bCleanup==0 ){
3216 sqlite3BtreeLeave(p);
3217 return rc;
3218 }
3219 pBt->inTransaction = TRANS_READ;
3220 }
3221
3222 btreeEndTransaction(p);
3223 sqlite3BtreeLeave(p);
3224 return SQLITE_OK;
3225 }
3226
3227 /*
3228 ** Do both phases of a commit.
3229 */
3230 int sqlite3BtreeCommit(Btree *p){
3231 int rc;
3232 sqlite3BtreeEnter(p);
3233 rc = sqlite3BtreeCommitPhaseOne(p, 0);
3234 if( rc==SQLITE_OK ){
3235 rc = sqlite3BtreeCommitPhaseTwo(p, 0);
3236 }
3237 sqlite3BtreeLeave(p);
3238 return rc;
3239 }
3240
3241 #ifndef NDEBUG
3242 /*
3243 ** Return the number of write-cursors open on this handle. This is for use
3244 ** in assert() expressions, so it is only compiled if NDEBUG is not
3245 ** defined.
3246 **
3247 ** For the purposes of this routine, a write-cursor is any cursor that
3248 ** is capable of writing to the databse. That means the cursor was
3249 ** originally opened for writing and the cursor has not be disabled
3250 ** by having its state changed to CURSOR_FAULT.
3251 */
3252 static int countWriteCursors(BtShared *pBt){
3253 BtCursor *pCur;
3254 int r = 0;
3255 for(pCur=pBt->pCursor; pCur; pCur=pCur->pNext){
3256 if( pCur->wrFlag && pCur->eState!=CURSOR_FAULT ) r++;
3257 }
3258 return r;
3259 }
3260 #endif
3261
3262 /*
3263 ** This routine sets the state to CURSOR_FAULT and the error
3264 ** code to errCode for every cursor on BtShared that pBtree
3265 ** references.
3266 **
3267 ** Every cursor is tripped, including cursors that belong
3268 ** to other database connections that happen to be sharing
3269 ** the cache with pBtree.
3270 **
3271 ** This routine gets called when a rollback occurs.
3272 ** All cursors using the same cache must be tripped
3273 ** to prevent them from trying to use the btree after
3274 ** the rollback. The rollback may have deleted tables
3275 ** or moved root pages, so it is not sufficient to
3276 ** save the state of the cursor. The cursor must be
3277 ** invalidated.
3278 */
3279 void sqlite3BtreeTripAllCursors(Btree *pBtree, int errCode){
3280 BtCursor *p;
3281 sqlite3BtreeEnter(pBtree);
3282 for(p=pBtree->pBt->pCursor; p; p=p->pNext){
3283 int i;
3284 sqlite3BtreeClearCursor(p);
3285 p->eState = CURSOR_FAULT;
3286 p->skipNext = errCode;
3287 for(i=0; i<=p->iPage; i++){
3288 releasePage(p->apPage[i]);
3289 p->apPage[i] = 0;
3290 }
3291 }
3292 sqlite3BtreeLeave(pBtree);
3293 }
3294
3295 /*
3296 ** Rollback the transaction in progress. All cursors will be
3297 ** invalided by this operation. Any attempt to use a cursor
3298 ** that was open at the beginning of this operation will result
3299 ** in an error.
3300 **
3301 ** This will release the write lock on the database file. If there
3302 ** are no active cursors, it also releases the read lock.
3303 */
3304 int sqlite3BtreeRollback(Btree *p){
3305 int rc;
3306 BtShared *pBt = p->pBt;
3307 MemPage *pPage1;
3308
3309 sqlite3BtreeEnter(p);
3310 rc = saveAllCursors(pBt, 0, 0);
3311 #ifndef SQLITE_OMIT_SHARED_CACHE
3312 if( rc!=SQLITE_OK ){
3313 /* This is a horrible situation. An IO or malloc() error occurred whilst
3314 ** trying to save cursor positions. If this is an automatic rollback (as
3315 ** the result of a constraint, malloc() failure or IO error) then
3316 ** the cache may be internally inconsistent (not contain valid trees) so
3317 ** we cannot simply return the error to the caller. Instead, abort
3318 ** all queries that may be using any of the cursors that failed to save.
3319 */
3320 sqlite3BtreeTripAllCursors(p, rc);
3321 }
3322 #endif
3323 btreeIntegrity(p);
3324
3325 if( p->inTrans==TRANS_WRITE ){
3326 int rc2;
3327
3328 assert( TRANS_WRITE==pBt->inTransaction );
3329 rc2 = sqlite3PagerRollback(pBt->pPager);
3330 if( rc2!=SQLITE_OK ){
3331 rc = rc2;
3332 }
3333
3334 /* The rollback may have destroyed the pPage1->aData value. So
3335 ** call btreeGetPage() on page 1 again to make
3336 ** sure pPage1->aData is set correctly. */
3337 if( btreeGetPage(pBt, 1, &pPage1, 0)==SQLITE_OK ){
3338 int nPage = get4byte(28+(u8*)pPage1->aData);
3339 testcase( nPage==0 );
3340 if( nPage==0 ) sqlite3PagerPagecount(pBt->pPager, &nPage);
3341 testcase( pBt->nPage!=nPage );
3342 pBt->nPage = nPage;
3343 releasePage(pPage1);
3344 }
3345 assert( countWriteCursors(pBt)==0 );
3346 pBt->inTransaction = TRANS_READ;
3347 }
3348
3349 btreeEndTransaction(p);
3350 sqlite3BtreeLeave(p);
3351 return rc;
3352 }
3353
3354 /*
3355 ** Start a statement subtransaction. The subtransaction can can be rolled
3356 ** back independently of the main transaction. You must start a transaction
3357 ** before starting a subtransaction. The subtransaction is ended automatically
3358 ** if the main transaction commits or rolls back.
3359 **
3360 ** Statement subtransactions are used around individual SQL statements
3361 ** that are contained within a BEGIN...COMMIT block. If a constraint
3362 ** error occurs within the statement, the effect of that one statement
3363 ** can be rolled back without having to rollback the entire transaction.
3364 **
3365 ** A statement sub-transaction is implemented as an anonymous savepoint. The
3366 ** value passed as the second parameter is the total number of savepoints,
3367 ** including the new anonymous savepoint, open on the B-Tree. i.e. if there
3368 ** are no active savepoints and no other statement-transactions open,
3369 ** iStatement is 1. This anonymous savepoint can be released or rolled back
3370 ** using the sqlite3BtreeSavepoint() function.
3371 */
3372 int sqlite3BtreeBeginStmt(Btree *p, int iStatement){
3373 int rc;
3374 BtShared *pBt = p->pBt;
3375 sqlite3BtreeEnter(p);
3376 assert( p->inTrans==TRANS_WRITE );
3377 assert( pBt->readOnly==0 );
3378 assert( iStatement>0 );
3379 assert( iStatement>p->db->nSavepoint );
3380 assert( pBt->inTransaction==TRANS_WRITE );
3381 /* At the pager level, a statement transaction is a savepoint with
3382 ** an index greater than all savepoints created explicitly using
3383 ** SQL statements. It is illegal to open, release or rollback any
3384 ** such savepoints while the statement transaction savepoint is active.
3385 */
3386 rc = sqlite3PagerOpenSavepoint(pBt->pPager, iStatement);
3387 sqlite3BtreeLeave(p);
3388 return rc;
3389 }
3390
3391 /*
3392 ** The second argument to this function, op, is always SAVEPOINT_ROLLBACK
3393 ** or SAVEPOINT_RELEASE. This function either releases or rolls back the
3394 ** savepoint identified by parameter iSavepoint, depending on the value
3395 ** of op.
3396 **
3397 ** Normally, iSavepoint is greater than or equal to zero. However, if op is
3398 ** SAVEPOINT_ROLLBACK, then iSavepoint may also be -1. In this case the
3399 ** contents of the entire transaction are rolled back. This is different
3400 ** from a normal transaction rollback, as no locks are released and the
3401 ** transaction remains open.
3402 */
3403 int sqlite3BtreeSavepoint(Btree *p, int op, int iSavepoint){
3404 int rc = SQLITE_OK;
3405 if( p && p->inTrans==TRANS_WRITE ){
3406 BtShared *pBt = p->pBt;
3407 assert( op==SAVEPOINT_RELEASE || op==SAVEPOINT_ROLLBACK );
3408 assert( iSavepoint>=0 || (iSavepoint==-1 && op==SAVEPOINT_ROLLBACK) );
3409 sqlite3BtreeEnter(p);
3410 rc = sqlite3PagerSavepoint(pBt->pPager, op, iSavepoint);
3411 if( rc==SQLITE_OK ){
3412 if( iSavepoint<0 && pBt->initiallyEmpty ) pBt->nPage = 0;
3413 rc = newDatabase(pBt);
3414 pBt->nPage = get4byte(28 + pBt->pPage1->aData);
3415
3416 /* The database size was written into the offset 28 of the header
3417 ** when the transaction started, so we know that the value at offset
3418 ** 28 is nonzero. */
3419 assert( pBt->nPage>0 );
3420 }
3421 sqlite3BtreeLeave(p);
3422 }
3423 return rc;
3424 }
3425
3426 /*
3427 ** Create a new cursor for the BTree whose root is on the page
3428 ** iTable. If a read-only cursor is requested, it is assumed that
3429 ** the caller already has at least a read-only transaction open
3430 ** on the database already. If a write-cursor is requested, then
3431 ** the caller is assumed to have an open write transaction.
3432 **
3433 ** If wrFlag==0, then the cursor can only be used for reading.
3434 ** If wrFlag==1, then the cursor can be used for reading or for
3435 ** writing if other conditions for writing are also met. These
3436 ** are the conditions that must be met in order for writing to
3437 ** be allowed:
3438 **
3439 ** 1: The cursor must have been opened with wrFlag==1
3440 **
3441 ** 2: Other database connections that share the same pager cache
3442 ** but which are not in the READ_UNCOMMITTED state may not have
3443 ** cursors open with wrFlag==0 on the same table. Otherwise
3444 ** the changes made by this write cursor would be visible to
3445 ** the read cursors in the other database connection.
3446 **
3447 ** 3: The database must be writable (not on read-only media)
3448 **
3449 ** 4: There must be an active transaction.
3450 **
3451 ** No checking is done to make sure that page iTable really is the
3452 ** root page of a b-tree. If it is not, then the cursor acquired
3453 ** will not work correctly.
3454 **
3455 ** It is assumed that the sqlite3BtreeCursorZero() has been called
3456 ** on pCur to initialize the memory space prior to invoking this routine.
3457 */
3458 static int btreeCursor(
3459 Btree *p, /* The btree */
3460 int iTable, /* Root page of table to open */
3461 int wrFlag, /* 1 to write. 0 read-only */
3462 struct KeyInfo *pKeyInfo, /* First arg to comparison function */
3463 BtCursor *pCur /* Space for new cursor */
3464 ){
3465 BtShared *pBt = p->pBt; /* Shared b-tree handle */
3466
3467 assert( sqlite3BtreeHoldsMutex(p) );
3468 assert( wrFlag==0 || wrFlag==1 );
3469
3470 /* The following assert statements verify that if this is a sharable
3471 ** b-tree database, the connection is holding the required table locks,
3472 ** and that no other connection has any open cursor that conflicts with
3473 ** this lock. */
3474 assert( hasSharedCacheTableLock(p, iTable, pKeyInfo!=0, wrFlag+1) );
3475 assert( wrFlag==0 || !hasReadConflicts(p, iTable) );
3476
3477 /* Assert that the caller has opened the required transaction. */
3478 assert( p->inTrans>TRANS_NONE );
3479 assert( wrFlag==0 || p->inTrans==TRANS_WRITE );
3480 assert( pBt->pPage1 && pBt->pPage1->aData );
3481
3482 if( NEVER(wrFlag && pBt->readOnly) ){
3483 return SQLITE_READONLY;
3484 }
3485 if( iTable==1 && btreePagecount(pBt)==0 ){
3486 assert( wrFlag==0 );
3487 iTable = 0;
3488 }
3489
3490 /* Now that no other errors can occur, finish filling in the BtCursor
3491 ** variables and link the cursor into the BtShared list. */
3492 pCur->pgnoRoot = (Pgno)iTable;
3493 pCur->iPage = -1;
3494 pCur->pKeyInfo = pKeyInfo;
3495 pCur->pBtree = p;
3496 pCur->pBt = pBt;
3497 pCur->wrFlag = (u8)wrFlag;
3498 pCur->pNext = pBt->pCursor;
3499 if( pCur->pNext ){
3500 pCur->pNext->pPrev = pCur;
3501 }
3502 pBt->pCursor = pCur;
3503 pCur->eState = CURSOR_INVALID;
3504 pCur->cachedRowid = 0;
3505 return SQLITE_OK;
3506 }
3507 int sqlite3BtreeCursor(
3508 Btree *p, /* The btree */
3509 int iTable, /* Root page of table to open */
3510 int wrFlag, /* 1 to write. 0 read-only */
3511 struct KeyInfo *pKeyInfo, /* First arg to xCompare() */
3512 BtCursor *pCur /* Write new cursor here */
3513 ){
3514 int rc;
3515 sqlite3BtreeEnter(p);
3516 rc = btreeCursor(p, iTable, wrFlag, pKeyInfo, pCur);
3517 sqlite3BtreeLeave(p);
3518 return rc;
3519 }
3520
3521 /*
3522 ** Return the size of a BtCursor object in bytes.
3523 **
3524 ** This interfaces is needed so that users of cursors can preallocate
3525 ** sufficient storage to hold a cursor. The BtCursor object is opaque
3526 ** to users so they cannot do the sizeof() themselves - they must call
3527 ** this routine.
3528 */
3529 int sqlite3BtreeCursorSize(void){
3530 return ROUND8(sizeof(BtCursor));
3531 }
3532
3533 /*
3534 ** Initialize memory that will be converted into a BtCursor object.
3535 **
3536 ** The simple approach here would be to memset() the entire object
3537 ** to zero. But it turns out that the apPage[] and aiIdx[] arrays
3538 ** do not need to be zeroed and they are large, so we can save a lot
3539 ** of run-time by skipping the initialization of those elements.
3540 */
3541 void sqlite3BtreeCursorZero(BtCursor *p){
3542 memset(p, 0, offsetof(BtCursor, iPage));
3543 }
3544
3545 /*
3546 ** Set the cached rowid value of every cursor in the same database file
3547 ** as pCur and having the same root page number as pCur. The value is
3548 ** set to iRowid.
3549 **
3550 ** Only positive rowid values are considered valid for this cache.
3551 ** The cache is initialized to zero, indicating an invalid cache.
3552 ** A btree will work fine with zero or negative rowids. We just cannot
3553 ** cache zero or negative rowids, which means tables that use zero or
3554 ** negative rowids might run a little slower. But in practice, zero
3555 ** or negative rowids are very uncommon so this should not be a problem.
3556 */
3557 void sqlite3BtreeSetCachedRowid(BtCursor *pCur, sqlite3_int64 iRowid){
3558 BtCursor *p;
3559 for(p=pCur->pBt->pCursor; p; p=p->pNext){
3560 if( p->pgnoRoot==pCur->pgnoRoot ) p->cachedRowid = iRowid;
3561 }
3562 assert( pCur->cachedRowid==iRowid );
3563 }
3564
3565 /*
3566 ** Return the cached rowid for the given cursor. A negative or zero
3567 ** return value indicates that the rowid cache is invalid and should be
3568 ** ignored. If the rowid cache has never before been set, then a
3569 ** zero is returned.
3570 */
3571 sqlite3_int64 sqlite3BtreeGetCachedRowid(BtCursor *pCur){
3572 return pCur->cachedRowid;
3573 }
3574
3575 /*
3576 ** Close a cursor. The read lock on the database file is released
3577 ** when the last cursor is closed.
3578 */
3579 int sqlite3BtreeCloseCursor(BtCursor *pCur){
3580 Btree *pBtree = pCur->pBtree;
3581 if( pBtree ){
3582 int i;
3583 BtShared *pBt = pCur->pBt;
3584 sqlite3BtreeEnter(pBtree);
3585 sqlite3BtreeClearCursor(pCur);
3586 if( pCur->pPrev ){
3587 pCur->pPrev->pNext = pCur->pNext;
3588 }else{
3589 pBt->pCursor = pCur->pNext;
3590 }
3591 if( pCur->pNext ){
3592 pCur->pNext->pPrev = pCur->pPrev;
3593 }
3594 for(i=0; i<=pCur->iPage; i++){
3595 releasePage(pCur->apPage[i]);
3596 }
3597 unlockBtreeIfUnused(pBt);
3598 invalidateOverflowCache(pCur);
3599 /* sqlite3_free(pCur); */
3600 sqlite3BtreeLeave(pBtree);
3601 }
3602 return SQLITE_OK;
3603 }
3604
3605 /*
3606 ** Make sure the BtCursor* given in the argument has a valid
3607 ** BtCursor.info structure. If it is not already valid, call
3608 ** btreeParseCell() to fill it in.
3609 **
3610 ** BtCursor.info is a cache of the information in the current cell.
3611 ** Using this cache reduces the number of calls to btreeParseCell().
3612 **
3613 ** 2007-06-25: There is a bug in some versions of MSVC that cause the
3614 ** compiler to crash when getCellInfo() is implemented as a macro.
3615 ** But there is a measureable speed advantage to using the macro on gcc
3616 ** (when less compiler optimizations like -Os or -O0 are used and the
3617 ** compiler is not doing agressive inlining.) So we use a real function
3618 ** for MSVC and a macro for everything else. Ticket #2457.
3619 */
3620 #ifndef NDEBUG
3621 static void assertCellInfo(BtCursor *pCur){
3622 CellInfo info;
3623 int iPage = pCur->iPage;
3624 memset(&info, 0, sizeof(info));
3625 btreeParseCell(pCur->apPage[iPage], pCur->aiIdx[iPage], &info);
3626 assert( memcmp(&info, &pCur->info, sizeof(info))==0 );
3627 }
3628 #else
3629 #define assertCellInfo(x)
3630 #endif
3631 #ifdef _MSC_VER
3632 /* Use a real function in MSVC to work around bugs in that compiler. */
3633 static void getCellInfo(BtCursor *pCur){
3634 if( pCur->info.nSize==0 ){
3635 int iPage = pCur->iPage;
3636 btreeParseCell(pCur->apPage[iPage],pCur->aiIdx[iPage],&pCur->info);
3637 pCur->validNKey = 1;
3638 }else{
3639 assertCellInfo(pCur);
3640 }
3641 }
3642 #else /* if not _MSC_VER */
3643 /* Use a macro in all other compilers so that the function is inlined */
3644 #define getCellInfo(pCur) \
3645 if( pCur->info.nSize==0 ){ \
3646 int iPage = pCur->iPage; \
3647 btreeParseCell(pCur->apPage[iPage],pCur->aiIdx[iPage],&pCur->info); \
3648 pCur->validNKey = 1; \
3649 }else{ \
3650 assertCellInfo(pCur); \
3651 }
3652 #endif /* _MSC_VER */
3653
3654 #ifndef NDEBUG /* The next routine used only within assert() statements */
3655 /*
3656 ** Return true if the given BtCursor is valid. A valid cursor is one
3657 ** that is currently pointing to a row in a (non-empty) table.
3658 ** This is a verification routine is used only within assert() statements.
3659 */
3660 int sqlite3BtreeCursorIsValid(BtCursor *pCur){
3661 return pCur && pCur->eState==CURSOR_VALID;
3662 }
3663 #endif /* NDEBUG */
3664
3665 /*
3666 ** Set *pSize to the size of the buffer needed to hold the value of
3667 ** the key for the current entry. If the cursor is not pointing
3668 ** to a valid entry, *pSize is set to 0.
3669 **
3670 ** For a table with the INTKEY flag set, this routine returns the key
3671 ** itself, not the number of bytes in the key.
3672 **
3673 ** The caller must position the cursor prior to invoking this routine.
3674 **
3675 ** This routine cannot fail. It always returns SQLITE_OK.
3676 */
3677 int sqlite3BtreeKeySize(BtCursor *pCur, i64 *pSize){
3678 assert( cursorHoldsMutex(pCur) );
3679 assert( pCur->eState==CURSOR_INVALID || pCur->eState==CURSOR_VALID );
3680 if( pCur->eState!=CURSOR_VALID ){
3681 *pSize = 0;
3682 }else{
3683 getCellInfo(pCur);
3684 *pSize = pCur->info.nKey;
3685 }
3686 return SQLITE_OK;
3687 }
3688
3689 /*
3690 ** Set *pSize to the number of bytes of data in the entry the
3691 ** cursor currently points to.
3692 **
3693 ** The caller must guarantee that the cursor is pointing to a non-NULL
3694 ** valid entry. In other words, the calling procedure must guarantee
3695 ** that the cursor has Cursor.eState==CURSOR_VALID.
3696 **
3697 ** Failure is not possible. This function always returns SQLITE_OK.
3698 ** It might just as well be a procedure (returning void) but we continue
3699 ** to return an integer result code for historical reasons.
3700 */
3701 int sqlite3BtreeDataSize(BtCursor *pCur, u32 *pSize){
3702 assert( cursorHoldsMutex(pCur) );
3703 assert( pCur->eState==CURSOR_VALID );
3704 getCellInfo(pCur);
3705 *pSize = pCur->info.nData;
3706 return SQLITE_OK;
3707 }
3708
3709 /*
3710 ** Given the page number of an overflow page in the database (parameter
3711 ** ovfl), this function finds the page number of the next page in the
3712 ** linked list of overflow pages. If possible, it uses the auto-vacuum
3713 ** pointer-map data instead of reading the content of page ovfl to do so.
3714 **
3715 ** If an error occurs an SQLite error code is returned. Otherwise:
3716 **
3717 ** The page number of the next overflow page in the linked list is
3718 ** written to *pPgnoNext. If page ovfl is the last page in its linked
3719 ** list, *pPgnoNext is set to zero.
3720 **
3721 ** If ppPage is not NULL, and a reference to the MemPage object corresponding
3722 ** to page number pOvfl was obtained, then *ppPage is set to point to that
3723 ** reference. It is the responsibility of the caller to call releasePage()
3724 ** on *ppPage to free the reference. In no reference was obtained (because
3725 ** the pointer-map was used to obtain the value for *pPgnoNext), then
3726 ** *ppPage is set to zero.
3727 */
3728 static int getOverflowPage(
3729 BtShared *pBt, /* The database file */
3730 Pgno ovfl, /* Current overflow page number */
3731 MemPage **ppPage, /* OUT: MemPage handle (may be NULL) */
3732 Pgno *pPgnoNext /* OUT: Next overflow page number */
3733 ){
3734 Pgno next = 0;
3735 MemPage *pPage = 0;
3736 int rc = SQLITE_OK;
3737
3738 assert( sqlite3_mutex_held(pBt->mutex) );
3739 assert(pPgnoNext);
3740
3741 #ifndef SQLITE_OMIT_AUTOVACUUM
3742 /* Try to find the next page in the overflow list using the
3743 ** autovacuum pointer-map pages. Guess that the next page in
3744 ** the overflow list is page number (ovfl+1). If that guess turns
3745 ** out to be wrong, fall back to loading the data of page
3746 ** number ovfl to determine the next page number.
3747 */
3748 if( pBt->autoVacuum ){
3749 Pgno pgno;
3750 Pgno iGuess = ovfl+1;
3751 u8 eType;
3752
3753 while( PTRMAP_ISPAGE(pBt, iGuess) || iGuess==PENDING_BYTE_PAGE(pBt) ){
3754 iGuess++;
3755 }
3756
3757 if( iGuess<=btreePagecount(pBt) ){
3758 rc = ptrmapGet(pBt, iGuess, &eType, &pgno);
3759 if( rc==SQLITE_OK && eType==PTRMAP_OVERFLOW2 && pgno==ovfl ){
3760 next = iGuess;
3761 rc = SQLITE_DONE;
3762 }
3763 }
3764 }
3765 #endif
3766
3767 assert( next==0 || rc==SQLITE_DONE );
3768 if( rc==SQLITE_OK ){
3769 rc = btreeGetPage(pBt, ovfl, &pPage, 0);
3770 assert( rc==SQLITE_OK || pPage==0 );
3771 if( rc==SQLITE_OK ){
3772 next = get4byte(pPage->aData);
3773 }
3774 }
3775
3776 *pPgnoNext = next;
3777 if( ppPage ){
3778 *ppPage = pPage;
3779 }else{
3780 releasePage(pPage);
3781 }
3782 return (rc==SQLITE_DONE ? SQLITE_OK : rc);
3783 }
3784
3785 /*
3786 ** Copy data from a buffer to a page, or from a page to a buffer.
3787 **
3788 ** pPayload is a pointer to data stored on database page pDbPage.
3789 ** If argument eOp is false, then nByte bytes of data are copied
3790 ** from pPayload to the buffer pointed at by pBuf. If eOp is true,
3791 ** then sqlite3PagerWrite() is called on pDbPage and nByte bytes
3792 ** of data are copied from the buffer pBuf to pPayload.
3793 **
3794 ** SQLITE_OK is returned on success, otherwise an error code.
3795 */
3796 static int copyPayload(
3797 void *pPayload, /* Pointer to page data */
3798 void *pBuf, /* Pointer to buffer */
3799 int nByte, /* Number of bytes to copy */
3800 int eOp, /* 0 -> copy from page, 1 -> copy to page */
3801 DbPage *pDbPage /* Page containing pPayload */
3802 ){
3803 if( eOp ){
3804 /* Copy data from buffer to page (a write operation) */
3805 int rc = sqlite3PagerWrite(pDbPage);
3806 if( rc!=SQLITE_OK ){
3807 return rc;
3808 }
3809 memcpy(pPayload, pBuf, nByte);
3810 }else{
3811 /* Copy data from page to buffer (a read operation) */
3812 memcpy(pBuf, pPayload, nByte);
3813 }
3814 return SQLITE_OK;
3815 }
3816
3817 /*
3818 ** This function is used to read or overwrite payload information
3819 ** for the entry that the pCur cursor is pointing to. If the eOp
3820 ** parameter is 0, this is a read operation (data copied into
3821 ** buffer pBuf). If it is non-zero, a write (data copied from
3822 ** buffer pBuf).
3823 **
3824 ** A total of "amt" bytes are read or written beginning at "offset".
3825 ** Data is read to or from the buffer pBuf.
3826 **
3827 ** The content being read or written might appear on the main page
3828 ** or be scattered out on multiple overflow pages.
3829 **
3830 ** If the BtCursor.isIncrblobHandle flag is set, and the current
3831 ** cursor entry uses one or more overflow pages, this function
3832 ** allocates space for and lazily popluates the overflow page-list
3833 ** cache array (BtCursor.aOverflow). Subsequent calls use this
3834 ** cache to make seeking to the supplied offset more efficient.
3835 **
3836 ** Once an overflow page-list cache has been allocated, it may be
3837 ** invalidated if some other cursor writes to the same table, or if
3838 ** the cursor is moved to a different row. Additionally, in auto-vacuum
3839 ** mode, the following events may invalidate an overflow page-list cache.
3840 **
3841 ** * An incremental vacuum,
3842 ** * A commit in auto_vacuum="full" mode,
3843 ** * Creating a table (may require moving an overflow page).
3844 */
3845 static int accessPayload(
3846 BtCursor *pCur, /* Cursor pointing to entry to read from */
3847 u32 offset, /* Begin reading this far into payload */
3848 u32 amt, /* Read this many bytes */
3849 unsigned char *pBuf, /* Write the bytes into this buffer */
3850 int eOp /* zero to read. non-zero to write. */
3851 ){
3852 unsigned char *aPayload;
3853 int rc = SQLITE_OK;
3854 u32 nKey;
3855 int iIdx = 0;
3856 MemPage *pPage = pCur->apPage[pCur->iPage]; /* Btree page of current entry */
3857 BtShared *pBt = pCur->pBt; /* Btree this cursor belongs to */
3858
3859 assert( pPage );
3860 assert( pCur->eState==CURSOR_VALID );
3861 assert( pCur->aiIdx[pCur->iPage]<pPage->nCell );
3862 assert( cursorHoldsMutex(pCur) );
3863
3864 getCellInfo(pCur);
3865 aPayload = pCur->info.pCell + pCur->info.nHeader;
3866 nKey = (pPage->intKey ? 0 : (int)pCur->info.nKey);
3867
3868 if( NEVER(offset+amt > nKey+pCur->info.nData)
3869 || &aPayload[pCur->info.nLocal] > &pPage->aData[pBt->usableSize]
3870 ){
3871 /* Trying to read or write past the end of the data is an error */
3872 return SQLITE_CORRUPT_BKPT;
3873 }
3874
3875 /* Check if data must be read/written to/from the btree page itself. */
3876 if( offset<pCur->info.nLocal ){
3877 int a = amt;
3878 if( a+offset>pCur->info.nLocal ){
3879 a = pCur->info.nLocal - offset;
3880 }
3881 rc = copyPayload(&aPayload[offset], pBuf, a, eOp, pPage->pDbPage);
3882 offset = 0;
3883 pBuf += a;
3884 amt -= a;
3885 }else{
3886 offset -= pCur->info.nLocal;
3887 }
3888
3889 if( rc==SQLITE_OK && amt>0 ){
3890 const u32 ovflSize = pBt->usableSize - 4; /* Bytes content per ovfl page */
3891 Pgno nextPage;
3892
3893 nextPage = get4byte(&aPayload[pCur->info.nLocal]);
3894
3895 #ifndef SQLITE_OMIT_INCRBLOB
3896 /* If the isIncrblobHandle flag is set and the BtCursor.aOverflow[]
3897 ** has not been allocated, allocate it now. The array is sized at
3898 ** one entry for each overflow page in the overflow chain. The
3899 ** page number of the first overflow page is stored in aOverflow[0],
3900 ** etc. A value of 0 in the aOverflow[] array means "not yet known"
3901 ** (the cache is lazily populated).
3902 */
3903 if( pCur->isIncrblobHandle && !pCur->aOverflow ){
3904 int nOvfl = (pCur->info.nPayload-pCur->info.nLocal+ovflSize-1)/ovflSize;
3905 pCur->aOverflow = (Pgno *)sqlite3MallocZero(sizeof(Pgno)*nOvfl);
3906 /* nOvfl is always positive. If it were zero, fetchPayload would have
3907 ** been used instead of this routine. */
3908 if( ALWAYS(nOvfl) && !pCur->aOverflow ){
3909 rc = SQLITE_NOMEM;
3910 }
3911 }
3912
3913 /* If the overflow page-list cache has been allocated and the
3914 ** entry for the first required overflow page is valid, skip
3915 ** directly to it.
3916 */
3917 if( pCur->aOverflow && pCur->aOverflow[offset/ovflSize] ){
3918 iIdx = (offset/ovflSize);
3919 nextPage = pCur->aOverflow[iIdx];
3920 offset = (offset%ovflSize);
3921 }
3922 #endif
3923
3924 for( ; rc==SQLITE_OK && amt>0 && nextPage; iIdx++){
3925
3926 #ifndef SQLITE_OMIT_INCRBLOB
3927 /* If required, populate the overflow page-list cache. */
3928 if( pCur->aOverflow ){
3929 assert(!pCur->aOverflow[iIdx] || pCur->aOverflow[iIdx]==nextPage);
3930 pCur->aOverflow[iIdx] = nextPage;
3931 }
3932 #endif
3933
3934 if( offset>=ovflSize ){
3935 /* The only reason to read this page is to obtain the page
3936 ** number for the next page in the overflow chain. The page
3937 ** data is not required. So first try to lookup the overflow
3938 ** page-list cache, if any, then fall back to the getOverflowPage()
3939 ** function.
3940 */
3941 #ifndef SQLITE_OMIT_INCRBLOB
3942 if( pCur->aOverflow && pCur->aOverflow[iIdx+1] ){
3943 nextPage = pCur->aOverflow[iIdx+1];
3944 } else
3945 #endif
3946 rc = getOverflowPage(pBt, nextPage, 0, &nextPage);
3947 offset -= ovflSize;
3948 }else{
3949 /* Need to read this page properly. It contains some of the
3950 ** range of data that is being read (eOp==0) or written (eOp!=0).
3951 */
3952 #ifdef SQLITE_DIRECT_OVERFLOW_READ
3953 sqlite3_file *fd;
3954 #endif
3955 int a = amt;
3956 if( a + offset > ovflSize ){
3957 a = ovflSize - offset;
3958 }
3959
3960 #ifdef SQLITE_DIRECT_OVERFLOW_READ
3961 /* If all the following are true:
3962 **
3963 ** 1) this is a read operation, and
3964 ** 2) data is required from the start of this overflow page, and
3965 ** 3) the database is file-backed, and
3966 ** 4) there is no open write-transaction, and
3967 ** 5) the database is not a WAL database,
3968 **
3969 ** then data can be read directly from the database file into the
3970 ** output buffer, bypassing the page-cache altogether. This speeds
3971 ** up loading large records that span many overflow pages.
3972 */
3973 if( eOp==0 /* (1) */
3974 && offset==0 /* (2) */
3975 && pBt->inTransaction==TRANS_READ /* (4) */
3976 && (fd = sqlite3PagerFile(pBt->pPager))->pMethods /* (3) */
3977 && pBt->pPage1->aData[19]==0x01 /* (5) */
3978 ){
3979 u8 aSave[4];
3980 u8 *aWrite = &pBuf[-4];
3981 memcpy(aSave, aWrite, 4);
3982 rc = sqlite3OsRead(fd, aWrite, a+4, pBt->pageSize * (nextPage-1));
3983 nextPage = get4byte(aWrite);
3984 memcpy(aWrite, aSave, 4);
3985 }else
3986 #endif
3987
3988 {
3989 DbPage *pDbPage;
3990 rc = sqlite3PagerGet(pBt->pPager, nextPage, &pDbPage);
3991 if( rc==SQLITE_OK ){
3992 aPayload = sqlite3PagerGetData(pDbPage);
3993 nextPage = get4byte(aPayload);
3994 rc = copyPayload(&aPayload[offset+4], pBuf, a, eOp, pDbPage);
3995 sqlite3PagerUnref(pDbPage);
3996 offset = 0;
3997 }
3998 }
3999 amt -= a;
4000 pBuf += a;
4001 }
4002 }
4003 }
4004
4005 if( rc==SQLITE_OK && amt>0 ){
4006 return SQLITE_CORRUPT_BKPT;
4007 }
4008 return rc;
4009 }
4010
4011 /*
4012 ** Read part of the key associated with cursor pCur. Exactly
4013 ** "amt" bytes will be transfered into pBuf[]. The transfer
4014 ** begins at "offset".
4015 **
4016 ** The caller must ensure that pCur is pointing to a valid row
4017 ** in the table.
4018 **
4019 ** Return SQLITE_OK on success or an error code if anything goes
4020 ** wrong. An error is returned if "offset+amt" is larger than
4021 ** the available payload.
4022 */
4023 int sqlite3BtreeKey(BtCursor *pCur, u32 offset, u32 amt, void *pBuf){
4024 assert( cursorHoldsMutex(pCur) );
4025 assert( pCur->eState==CURSOR_VALID );
4026 assert( pCur->iPage>=0 && pCur->apPage[pCur->iPage] );
4027 assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
4028 return accessPayload(pCur, offset, amt, (unsigned char*)pBuf, 0);
4029 }
4030
4031 /*
4032 ** Read part of the data associated with cursor pCur. Exactly
4033 ** "amt" bytes will be transfered into pBuf[]. The transfer
4034 ** begins at "offset".
4035 **
4036 ** Return SQLITE_OK on success or an error code if anything goes
4037 ** wrong. An error is returned if "offset+amt" is larger than
4038 ** the available payload.
4039 */
4040 int sqlite3BtreeData(BtCursor *pCur, u32 offset, u32 amt, void *pBuf){
4041 int rc;
4042
4043 #ifndef SQLITE_OMIT_INCRBLOB
4044 if ( pCur->eState==CURSOR_INVALID ){
4045 return SQLITE_ABORT;
4046 }
4047 #endif
4048
4049 assert( cursorHoldsMutex(pCur) );
4050 rc = restoreCursorPosition(pCur);
4051 if( rc==SQLITE_OK ){
4052 assert( pCur->eState==CURSOR_VALID );
4053 assert( pCur->iPage>=0 && pCur->apPage[pCur->iPage] );
4054 assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
4055 rc = accessPayload(pCur, offset, amt, pBuf, 0);
4056 }
4057 return rc;
4058 }
4059
4060 /*
4061 ** Return a pointer to payload information from the entry that the
4062 ** pCur cursor is pointing to. The pointer is to the beginning of
4063 ** the key if skipKey==0 and it points to the beginning of data if
4064 ** skipKey==1. The number of bytes of available key/data is written
4065 ** into *pAmt. If *pAmt==0, then the value returned will not be
4066 ** a valid pointer.
4067 **
4068 ** This routine is an optimization. It is common for the entire key
4069 ** and data to fit on the local page and for there to be no overflow
4070 ** pages. When that is so, this routine can be used to access the
4071 ** key and data without making a copy. If the key and/or data spills
4072 ** onto overflow pages, then accessPayload() must be used to reassemble
4073 ** the key/data and copy it into a preallocated buffer.
4074 **
4075 ** The pointer returned by this routine looks directly into the cached
4076 ** page of the database. The data might change or move the next time
4077 ** any btree routine is called.
4078 */
4079 static const unsigned char *fetchPayload(
4080 BtCursor *pCur, /* Cursor pointing to entry to read from */
4081 int *pAmt, /* Write the number of available bytes here */
4082 int skipKey /* read beginning at data if this is true */
4083 ){
4084 unsigned char *aPayload;
4085 MemPage *pPage;
4086 u32 nKey;
4087 u32 nLocal;
4088
4089 assert( pCur!=0 && pCur->iPage>=0 && pCur->apPage[pCur->iPage]);
4090 assert( pCur->eState==CURSOR_VALID );
4091 assert( cursorHoldsMutex(pCur) );
4092 pPage = pCur->apPage[pCur->iPage];
4093 assert( pCur->aiIdx[pCur->iPage]<pPage->nCell );
4094 if( NEVER(pCur->info.nSize==0) ){
4095 btreeParseCell(pCur->apPage[pCur->iPage], pCur->aiIdx[pCur->iPage],
4096 &pCur->info);
4097 }
4098 aPayload = pCur->info.pCell;
4099 aPayload += pCur->info.nHeader;
4100 if( pPage->intKey ){
4101 nKey = 0;
4102 }else{
4103 nKey = (int)pCur->info.nKey;
4104 }
4105 if( skipKey ){
4106 aPayload += nKey;
4107 nLocal = pCur->info.nLocal - nKey;
4108 }else{
4109 nLocal = pCur->info.nLocal;
4110 assert( nLocal<=nKey );
4111 }
4112 *pAmt = nLocal;
4113 return aPayload;
4114 }
4115
4116
4117 /*
4118 ** For the entry that cursor pCur is point to, return as
4119 ** many bytes of the key or data as are available on the local
4120 ** b-tree page. Write the number of available bytes into *pAmt.
4121 **
4122 ** The pointer returned is ephemeral. The key/data may move
4123 ** or be destroyed on the next call to any Btree routine,
4124 ** including calls from other threads against the same cache.
4125 ** Hence, a mutex on the BtShared should be held prior to calling
4126 ** this routine.
4127 **
4128 ** These routines is used to get quick access to key and data
4129 ** in the common case where no overflow pages are used.
4130 */
4131 const void *sqlite3BtreeKeyFetch(BtCursor *pCur, int *pAmt){
4132 const void *p = 0;
4133 assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
4134 assert( cursorHoldsMutex(pCur) );
4135 if( ALWAYS(pCur->eState==CURSOR_VALID) ){
4136 p = (const void*)fetchPayload(pCur, pAmt, 0);
4137 }
4138 return p;
4139 }
4140 const void *sqlite3BtreeDataFetch(BtCursor *pCur, int *pAmt){
4141 const void *p = 0;
4142 assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
4143 assert( cursorHoldsMutex(pCur) );
4144 if( ALWAYS(pCur->eState==CURSOR_VALID) ){
4145 p = (const void*)fetchPayload(pCur, pAmt, 1);
4146 }
4147 return p;
4148 }
4149
4150
4151 /*
4152 ** Move the cursor down to a new child page. The newPgno argument is the
4153 ** page number of the child page to move to.
4154 **
4155 ** This function returns SQLITE_CORRUPT if the page-header flags field of
4156 ** the new child page does not match the flags field of the parent (i.e.
4157 ** if an intkey page appears to be the parent of a non-intkey page, or
4158 ** vice-versa).
4159 */
4160 static int moveToChild(BtCursor *pCur, u32 newPgno){
4161 int rc;
4162 int i = pCur->iPage;
4163 MemPage *pNewPage;
4164 BtShared *pBt = pCur->pBt;
4165
4166 assert( cursorHoldsMutex(pCur) );
4167 assert( pCur->eState==CURSOR_VALID );
4168 assert( pCur->iPage<BTCURSOR_MAX_DEPTH );
4169 if( pCur->iPage>=(BTCURSOR_MAX_DEPTH-1) ){
4170 return SQLITE_CORRUPT_BKPT;
4171 }
4172 rc = getAndInitPage(pBt, newPgno, &pNewPage);
4173 if( rc ) return rc;
4174 pCur->apPage[i+1] = pNewPage;
4175 pCur->aiIdx[i+1] = 0;
4176 pCur->iPage++;
4177
4178 pCur->info.nSize = 0;
4179 pCur->validNKey = 0;
4180 if( pNewPage->nCell<1 || pNewPage->intKey!=pCur->apPage[i]->intKey ){
4181 return SQLITE_CORRUPT_BKPT;
4182 }
4183 return SQLITE_OK;
4184 }
4185
4186 #ifndef NDEBUG
4187 /*
4188 ** Page pParent is an internal (non-leaf) tree page. This function
4189 ** asserts that page number iChild is the left-child if the iIdx'th
4190 ** cell in page pParent. Or, if iIdx is equal to the total number of
4191 ** cells in pParent, that page number iChild is the right-child of
4192 ** the page.
4193 */
4194 static void assertParentIndex(MemPage *pParent, int iIdx, Pgno iChild){
4195 assert( iIdx<=pParent->nCell );
4196 if( iIdx==pParent->nCell ){
4197 assert( get4byte(&pParent->aData[pParent->hdrOffset+8])==iChild );
4198 }else{
4199 assert( get4byte(findCell(pParent, iIdx))==iChild );
4200 }
4201 }
4202 #else
4203 # define assertParentIndex(x,y,z)
4204 #endif
4205
4206 /*
4207 ** Move the cursor up to the parent page.
4208 **
4209 ** pCur->idx is set to the cell index that contains the pointer
4210 ** to the page we are coming from. If we are coming from the
4211 ** right-most child page then pCur->idx is set to one more than
4212 ** the largest cell index.
4213 */
4214 static void moveToParent(BtCursor *pCur){
4215 assert( cursorHoldsMutex(pCur) );
4216 assert( pCur->eState==CURSOR_VALID );
4217 assert( pCur->iPage>0 );
4218 assert( pCur->apPage[pCur->iPage] );
4219 assertParentIndex(
4220 pCur->apPage[pCur->iPage-1],
4221 pCur->aiIdx[pCur->iPage-1],
4222 pCur->apPage[pCur->iPage]->pgno
4223 );
4224 releasePage(pCur->apPage[pCur->iPage]);
4225 pCur->iPage--;
4226 pCur->info.nSize = 0;
4227 pCur->validNKey = 0;
4228 }
4229
4230 /*
4231 ** Move the cursor to point to the root page of its b-tree structure.
4232 **
4233 ** If the table has a virtual root page, then the cursor is moved to point
4234 ** to the virtual root page instead of the actual root page. A table has a
4235 ** virtual root page when the actual root page contains no cells and a
4236 ** single child page. This can only happen with the table rooted at page 1.
4237 **
4238 ** If the b-tree structure is empty, the cursor state is set to
4239 ** CURSOR_INVALID. Otherwise, the cursor is set to point to the first
4240 ** cell located on the root (or virtual root) page and the cursor state
4241 ** is set to CURSOR_VALID.
4242 **
4243 ** If this function returns successfully, it may be assumed that the
4244 ** page-header flags indicate that the [virtual] root-page is the expected
4245 ** kind of b-tree page (i.e. if when opening the cursor the caller did not
4246 ** specify a KeyInfo structure the flags byte is set to 0x05 or 0x0D,
4247 ** indicating a table b-tree, or if the caller did specify a KeyInfo
4248 ** structure the flags byte is set to 0x02 or 0x0A, indicating an index
4249 ** b-tree).
4250 */
4251 static int moveToRoot(BtCursor *pCur){
4252 MemPage *pRoot;
4253 int rc = SQLITE_OK;
4254 Btree *p = pCur->pBtree;
4255 BtShared *pBt = p->pBt;
4256
4257 assert( cursorHoldsMutex(pCur) );
4258 assert( CURSOR_INVALID < CURSOR_REQUIRESEEK );
4259 assert( CURSOR_VALID < CURSOR_REQUIRESEEK );
4260 assert( CURSOR_FAULT > CURSOR_REQUIRESEEK );
4261 if( pCur->eState>=CURSOR_REQUIRESEEK ){
4262 if( pCur->eState==CURSOR_FAULT ){
4263 assert( pCur->skipNext!=SQLITE_OK );
4264 return pCur->skipNext;
4265 }
4266 sqlite3BtreeClearCursor(pCur);
4267 }
4268
4269 if( pCur->iPage>=0 ){
4270 int i;
4271 for(i=1; i<=pCur->iPage; i++){
4272 releasePage(pCur->apPage[i]);
4273 }
4274 pCur->iPage = 0;
4275 }else if( pCur->pgnoRoot==0 ){
4276 pCur->eState = CURSOR_INVALID;
4277 return SQLITE_OK;
4278 }else{
4279 rc = getAndInitPage(pBt, pCur->pgnoRoot, &pCur->apPage[0]);
4280 if( rc!=SQLITE_OK ){
4281 pCur->eState = CURSOR_INVALID;
4282 return rc;
4283 }
4284 pCur->iPage = 0;
4285
4286 /* If pCur->pKeyInfo is not NULL, then the caller that opened this cursor
4287 ** expected to open it on an index b-tree. Otherwise, if pKeyInfo is
4288 ** NULL, the caller expects a table b-tree. If this is not the case,
4289 ** return an SQLITE_CORRUPT error. */
4290 assert( pCur->apPage[0]->intKey==1 || pCur->apPage[0]->intKey==0 );
4291 if( (pCur->pKeyInfo==0)!=pCur->apPage[0]->intKey ){
4292 return SQLITE_CORRUPT_BKPT;
4293 }
4294 }
4295
4296 /* Assert that the root page is of the correct type. This must be the
4297 ** case as the call to this function that loaded the root-page (either
4298 ** this call or a previous invocation) would have detected corruption
4299 ** if the assumption were not true, and it is not possible for the flags
4300 ** byte to have been modified while this cursor is holding a reference
4301 ** to the page. */
4302 pRoot = pCur->apPage[0];
4303 assert( pRoot->pgno==pCur->pgnoRoot );
4304 assert( pRoot->isInit && (pCur->pKeyInfo==0)==pRoot->intKey );
4305
4306 pCur->aiIdx[0] = 0;
4307 pCur->info.nSize = 0;
4308 pCur->atLast = 0;
4309 pCur->validNKey = 0;
4310
4311 if( pRoot->nCell==0 && !pRoot->leaf ){
4312 Pgno subpage;
4313 if( pRoot->pgno!=1 ) return SQLITE_CORRUPT_BKPT;
4314 subpage = get4byte(&pRoot->aData[pRoot->hdrOffset+8]);
4315 pCur->eState = CURSOR_VALID;
4316 rc = moveToChild(pCur, subpage);
4317 }else{
4318 pCur->eState = ((pRoot->nCell>0)?CURSOR_VALID:CURSOR_INVALID);
4319 }
4320 return rc;
4321 }
4322
4323 /*
4324 ** Move the cursor down to the left-most leaf entry beneath the
4325 ** entry to which it is currently pointing.
4326 **
4327 ** The left-most leaf is the one with the smallest key - the first
4328 ** in ascending order.
4329 */
4330 static int moveToLeftmost(BtCursor *pCur){
4331 Pgno pgno;
4332 int rc = SQLITE_OK;
4333 MemPage *pPage;
4334
4335 assert( cursorHoldsMutex(pCur) );
4336 assert( pCur->eState==CURSOR_VALID );
4337 while( rc==SQLITE_OK && !(pPage = pCur->apPage[pCur->iPage])->leaf ){
4338 assert( pCur->aiIdx[pCur->iPage]<pPage->nCell );
4339 pgno = get4byte(findCell(pPage, pCur->aiIdx[pCur->iPage]));
4340 rc = moveToChild(pCur, pgno);
4341 }
4342 return rc;
4343 }
4344
4345 /*
4346 ** Move the cursor down to the right-most leaf entry beneath the
4347 ** page to which it is currently pointing. Notice the difference
4348 ** between moveToLeftmost() and moveToRightmost(). moveToLeftmost()
4349 ** finds the left-most entry beneath the *entry* whereas moveToRightmost()
4350 ** finds the right-most entry beneath the *page*.
4351 **
4352 ** The right-most entry is the one with the largest key - the last
4353 ** key in ascending order.
4354 */
4355 static int moveToRightmost(BtCursor *pCur){
4356 Pgno pgno;
4357 int rc = SQLITE_OK;
4358 MemPage *pPage = 0;
4359
4360 assert( cursorHoldsMutex(pCur) );
4361 assert( pCur->eState==CURSOR_VALID );
4362 while( rc==SQLITE_OK && !(pPage = pCur->apPage[pCur->iPage])->leaf ){
4363 pgno = get4byte(&pPage->aData[pPage->hdrOffset+8]);
4364 pCur->aiIdx[pCur->iPage] = pPage->nCell;
4365 rc = moveToChild(pCur, pgno);
4366 }
4367 if( rc==SQLITE_OK ){
4368 pCur->aiIdx[pCur->iPage] = pPage->nCell-1;
4369 pCur->info.nSize = 0;
4370 pCur->validNKey = 0;
4371 }
4372 return rc;
4373 }
4374
4375 /* Move the cursor to the first entry in the table. Return SQLITE_OK
4376 ** on success. Set *pRes to 0 if the cursor actually points to something
4377 ** or set *pRes to 1 if the table is empty.
4378 */
4379 int sqlite3BtreeFirst(BtCursor *pCur, int *pRes){
4380 int rc;
4381
4382 assert( cursorHoldsMutex(pCur) );
4383 assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
4384 rc = moveToRoot(pCur);
4385 if( rc==SQLITE_OK ){
4386 if( pCur->eState==CURSOR_INVALID ){
4387 assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->nCell==0 );
4388 *pRes = 1;
4389 }else{
4390 assert( pCur->apPage[pCur->iPage]->nCell>0 );
4391 *pRes = 0;
4392 rc = moveToLeftmost(pCur);
4393 }
4394 }
4395 return rc;
4396 }
4397
4398 /* Move the cursor to the last entry in the table. Return SQLITE_OK
4399 ** on success. Set *pRes to 0 if the cursor actually points to something
4400 ** or set *pRes to 1 if the table is empty.
4401 */
4402 int sqlite3BtreeLast(BtCursor *pCur, int *pRes){
4403 int rc;
4404
4405 assert( cursorHoldsMutex(pCur) );
4406 assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
4407
4408 /* If the cursor already points to the last entry, this is a no-op. */
4409 if( CURSOR_VALID==pCur->eState && pCur->atLast ){
4410 #ifdef SQLITE_DEBUG
4411 /* This block serves to assert() that the cursor really does point
4412 ** to the last entry in the b-tree. */
4413 int ii;
4414 for(ii=0; ii<pCur->iPage; ii++){
4415 assert( pCur->aiIdx[ii]==pCur->apPage[ii]->nCell );
4416 }
4417 assert( pCur->aiIdx[pCur->iPage]==pCur->apPage[pCur->iPage]->nCell-1 );
4418 assert( pCur->apPage[pCur->iPage]->leaf );
4419 #endif
4420 return SQLITE_OK;
4421 }
4422
4423 rc = moveToRoot(pCur);
4424 if( rc==SQLITE_OK ){
4425 if( CURSOR_INVALID==pCur->eState ){
4426 assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->nCell==0 );
4427 *pRes = 1;
4428 }else{
4429 assert( pCur->eState==CURSOR_VALID );
4430 *pRes = 0;
4431 rc = moveToRightmost(pCur);
4432 pCur->atLast = rc==SQLITE_OK ?1:0;
4433 }
4434 }
4435 return rc;
4436 }
4437
4438 /* Move the cursor so that it points to an entry near the key
4439 ** specified by pIdxKey or intKey. Return a success code.
4440 **
4441 ** For INTKEY tables, the intKey parameter is used. pIdxKey
4442 ** must be NULL. For index tables, pIdxKey is used and intKey
4443 ** is ignored.
4444 **
4445 ** If an exact match is not found, then the cursor is always
4446 ** left pointing at a leaf page which would hold the entry if it
4447 ** were present. The cursor might point to an entry that comes
4448 ** before or after the key.
4449 **
4450 ** An integer is written into *pRes which is the result of
4451 ** comparing the key with the entry to which the cursor is
4452 ** pointing. The meaning of the integer written into
4453 ** *pRes is as follows:
4454 **
4455 ** *pRes<0 The cursor is left pointing at an entry that
4456 ** is smaller than intKey/pIdxKey or if the table is empty
4457 ** and the cursor is therefore left point to nothing.
4458 **
4459 ** *pRes==0 The cursor is left pointing at an entry that
4460 ** exactly matches intKey/pIdxKey.
4461 **
4462 ** *pRes>0 The cursor is left pointing at an entry that
4463 ** is larger than intKey/pIdxKey.
4464 **
4465 */
4466 int sqlite3BtreeMovetoUnpacked(
4467 BtCursor *pCur, /* The cursor to be moved */
4468 UnpackedRecord *pIdxKey, /* Unpacked index key */
4469 i64 intKey, /* The table key */
4470 int biasRight, /* If true, bias the search to the high end */
4471 int *pRes /* Write search results here */
4472 ){
4473 int rc;
4474
4475 assert( cursorHoldsMutex(pCur) );
4476 assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
4477 assert( pRes );
4478 assert( (pIdxKey==0)==(pCur->pKeyInfo==0) );
4479
4480 /* If the cursor is already positioned at the point we are trying
4481 ** to move to, then just return without doing any work */
4482 if( pCur->eState==CURSOR_VALID && pCur->validNKey
4483 && pCur->apPage[0]->intKey
4484 ){
4485 if( pCur->info.nKey==intKey ){
4486 *pRes = 0;
4487 return SQLITE_OK;
4488 }
4489 if( pCur->atLast && pCur->info.nKey<intKey ){
4490 *pRes = -1;
4491 return SQLITE_OK;
4492 }
4493 }
4494
4495 rc = moveToRoot(pCur);
4496 if( rc ){
4497 return rc;
4498 }
4499 assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage] );
4500 assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->isInit );
4501 assert( pCur->eState==CURSOR_INVALID || pCur->apPage[pCur->iPage]->nCell>0 );
4502 if( pCur->eState==CURSOR_INVALID ){
4503 *pRes = -1;
4504 assert( pCur->pgnoRoot==0 || pCur->apPage[pCur->iPage]->nCell==0 );
4505 return SQLITE_OK;
4506 }
4507 assert( pCur->apPage[0]->intKey || pIdxKey );
4508 for(;;){
4509 int lwr, upr, idx;
4510 Pgno chldPg;
4511 MemPage *pPage = pCur->apPage[pCur->iPage];
4512 int c;
4513
4514 /* pPage->nCell must be greater than zero. If this is the root-page
4515 ** the cursor would have been INVALID above and this for(;;) loop
4516 ** not run. If this is not the root-page, then the moveToChild() routine
4517 ** would have already detected db corruption. Similarly, pPage must
4518 ** be the right kind (index or table) of b-tree page. Otherwise
4519 ** a moveToChild() or moveToRoot() call would have detected corruption. */
4520 assert( pPage->nCell>0 );
4521 assert( pPage->intKey==(pIdxKey==0) );
4522 lwr = 0;
4523 upr = pPage->nCell-1;
4524 if( biasRight ){
4525 pCur->aiIdx[pCur->iPage] = (u16)(idx = upr);
4526 }else{
4527 pCur->aiIdx[pCur->iPage] = (u16)(idx = (upr+lwr)/2);
4528 }
4529 for(;;){
4530 u8 *pCell; /* Pointer to current cell in pPage */
4531
4532 assert( idx==pCur->aiIdx[pCur->iPage] );
4533 pCur->info.nSize = 0;
4534 pCell = findCell(pPage, idx) + pPage->childPtrSize;
4535 if( pPage->intKey ){
4536 i64 nCellKey;
4537 if( pPage->hasData ){
4538 u32 dummy;
4539 pCell += getVarint32(pCell, dummy);
4540 }
4541 getVarint(pCell, (u64*)&nCellKey);
4542 if( nCellKey==intKey ){
4543 c = 0;
4544 }else if( nCellKey<intKey ){
4545 c = -1;
4546 }else{
4547 assert( nCellKey>intKey );
4548 c = +1;
4549 }
4550 pCur->validNKey = 1;
4551 pCur->info.nKey = nCellKey;
4552 }else{
4553 /* The maximum supported page-size is 65536 bytes. This means that
4554 ** the maximum number of record bytes stored on an index B-Tree
4555 ** page is less than 16384 bytes and may be stored as a 2-byte
4556 ** varint. This information is used to attempt to avoid parsing
4557 ** the entire cell by checking for the cases where the record is
4558 ** stored entirely within the b-tree page by inspecting the first
4559 ** 2 bytes of the cell.
4560 */
4561 int nCell = pCell[0];
4562 if( !(nCell & 0x80)
4563 && nCell<=pPage->maxLocal
4564 && (pCell+nCell+1)<=pPage->aDataEnd
4565 ){
4566 /* This branch runs if the record-size field of the cell is a
4567 ** single byte varint and the record fits entirely on the main
4568 ** b-tree page. */
4569 testcase( pCell+nCell+1==pPage->aDataEnd );
4570 c = sqlite3VdbeRecordCompare(nCell, (void*)&pCell[1], pIdxKey);
4571 }else if( !(pCell[1] & 0x80)
4572 && (nCell = ((nCell&0x7f)<<7) + pCell[1])<=pPage->maxLocal
4573 && (pCell+nCell+2)<=pPage->aDataEnd
4574 ){
4575 /* The record-size field is a 2 byte varint and the record
4576 ** fits entirely on the main b-tree page. */
4577 testcase( pCell+nCell+2==pPage->aDataEnd );
4578 c = sqlite3VdbeRecordCompare(nCell, (void*)&pCell[2], pIdxKey);
4579 }else{
4580 /* The record flows over onto one or more overflow pages. In
4581 ** this case the whole cell needs to be parsed, a buffer allocated
4582 ** and accessPayload() used to retrieve the record into the
4583 ** buffer before VdbeRecordCompare() can be called. */
4584 void *pCellKey;
4585 u8 * const pCellBody = pCell - pPage->childPtrSize;
4586 btreeParseCellPtr(pPage, pCellBody, &pCur->info);
4587 nCell = (int)pCur->info.nKey;
4588 pCellKey = sqlite3Malloc( nCell );
4589 if( pCellKey==0 ){
4590 rc = SQLITE_NOMEM;
4591 goto moveto_finish;
4592 }
4593 rc = accessPayload(pCur, 0, nCell, (unsigned char*)pCellKey, 0);
4594 if( rc ){
4595 sqlite3_free(pCellKey);
4596 goto moveto_finish;
4597 }
4598 c = sqlite3VdbeRecordCompare(nCell, pCellKey, pIdxKey);
4599 sqlite3_free(pCellKey);
4600 }
4601 }
4602 if( c==0 ){
4603 if( pPage->intKey && !pPage->leaf ){
4604 lwr = idx;
4605 break;
4606 }else{
4607 *pRes = 0;
4608 rc = SQLITE_OK;
4609 goto moveto_finish;
4610 }
4611 }
4612 if( c<0 ){
4613 lwr = idx+1;
4614 }else{
4615 upr = idx-1;
4616 }
4617 if( lwr>upr ){
4618 break;
4619 }
4620 pCur->aiIdx[pCur->iPage] = (u16)(idx = (lwr+upr)/2);
4621 }
4622 assert( lwr==upr+1 || (pPage->intKey && !pPage->leaf) );
4623 assert( pPage->isInit );
4624 if( pPage->leaf ){
4625 chldPg = 0;
4626 }else if( lwr>=pPage->nCell ){
4627 chldPg = get4byte(&pPage->aData[pPage->hdrOffset+8]);
4628 }else{
4629 chldPg = get4byte(findCell(pPage, lwr));
4630 }
4631 if( chldPg==0 ){
4632 assert( pCur->aiIdx[pCur->iPage]<pCur->apPage[pCur->iPage]->nCell );
4633 *pRes = c;
4634 rc = SQLITE_OK;
4635 goto moveto_finish;
4636 }
4637 pCur->aiIdx[pCur->iPage] = (u16)lwr;
4638 pCur->info.nSize = 0;
4639 pCur->validNKey = 0;
4640 rc = moveToChild(pCur, chldPg);
4641 if( rc ) goto moveto_finish;
4642 }
4643 moveto_finish:
4644 return rc;
4645 }
4646
4647
4648 /*
4649 ** Return TRUE if the cursor is not pointing at an entry of the table.
4650 **
4651 ** TRUE will be returned after a call to sqlite3BtreeNext() moves
4652 ** past the last entry in the table or sqlite3BtreePrev() moves past
4653 ** the first entry. TRUE is also returned if the table is empty.
4654 */
4655 int sqlite3BtreeEof(BtCursor *pCur){
4656 /* TODO: What if the cursor is in CURSOR_REQUIRESEEK but all table entries
4657 ** have been deleted? This API will need to change to return an error code
4658 ** as well as the boolean result value.
4659 */
4660 return (CURSOR_VALID!=pCur->eState);
4661 }
4662
4663 /*
4664 ** Advance the cursor to the next entry in the database. If
4665 ** successful then set *pRes=0. If the cursor
4666 ** was already pointing to the last entry in the database before
4667 ** this routine was called, then set *pRes=1.
4668 */
4669 int sqlite3BtreeNext(BtCursor *pCur, int *pRes){
4670 int rc;
4671 int idx;
4672 MemPage *pPage;
4673
4674 assert( cursorHoldsMutex(pCur) );
4675 rc = restoreCursorPosition(pCur);
4676 if( rc!=SQLITE_OK ){
4677 return rc;
4678 }
4679 assert( pRes!=0 );
4680 if( CURSOR_INVALID==pCur->eState ){
4681 *pRes = 1;
4682 return SQLITE_OK;
4683 }
4684 if( pCur->skipNext>0 ){
4685 pCur->skipNext = 0;
4686 *pRes = 0;
4687 return SQLITE_OK;
4688 }
4689 pCur->skipNext = 0;
4690
4691 pPage = pCur->apPage[pCur->iPage];
4692 idx = ++pCur->aiIdx[pCur->iPage];
4693 assert( pPage->isInit );
4694 assert( idx<=pPage->nCell );
4695
4696 pCur->info.nSize = 0;
4697 pCur->validNKey = 0;
4698 if( idx>=pPage->nCell ){
4699 if( !pPage->leaf ){
4700 rc = moveToChild(pCur, get4byte(&pPage->aData[pPage->hdrOffset+8]));
4701 if( rc ) return rc;
4702 rc = moveToLeftmost(pCur);
4703 *pRes = 0;
4704 return rc;
4705 }
4706 do{
4707 if( pCur->iPage==0 ){
4708 *pRes = 1;
4709 pCur->eState = CURSOR_INVALID;
4710 return SQLITE_OK;
4711 }
4712 moveToParent(pCur);
4713 pPage = pCur->apPage[pCur->iPage];
4714 }while( pCur->aiIdx[pCur->iPage]>=pPage->nCell );
4715 *pRes = 0;
4716 if( pPage->intKey ){
4717 rc = sqlite3BtreeNext(pCur, pRes);
4718 }else{
4719 rc = SQLITE_OK;
4720 }
4721 return rc;
4722 }
4723 *pRes = 0;
4724 if( pPage->leaf ){
4725 return SQLITE_OK;
4726 }
4727 rc = moveToLeftmost(pCur);
4728 return rc;
4729 }
4730
4731
4732 /*
4733 ** Step the cursor to the back to the previous entry in the database. If
4734 ** successful then set *pRes=0. If the cursor
4735 ** was already pointing to the first entry in the database before
4736 ** this routine was called, then set *pRes=1.
4737 */
4738 int sqlite3BtreePrevious(BtCursor *pCur, int *pRes){
4739 int rc;
4740 MemPage *pPage;
4741
4742 assert( cursorHoldsMutex(pCur) );
4743 rc = restoreCursorPosition(pCur);
4744 if( rc!=SQLITE_OK ){
4745 return rc;
4746 }
4747 pCur->atLast = 0;
4748 if( CURSOR_INVALID==pCur->eState ){
4749 *pRes = 1;
4750 return SQLITE_OK;
4751 }
4752 if( pCur->skipNext<0 ){
4753 pCur->skipNext = 0;
4754 *pRes = 0;
4755 return SQLITE_OK;
4756 }
4757 pCur->skipNext = 0;
4758
4759 pPage = pCur->apPage[pCur->iPage];
4760 assert( pPage->isInit );
4761 if( !pPage->leaf ){
4762 int idx = pCur->aiIdx[pCur->iPage];
4763 rc = moveToChild(pCur, get4byte(findCell(pPage, idx)));
4764 if( rc ){
4765 return rc;
4766 }
4767 rc = moveToRightmost(pCur);
4768 }else{
4769 while( pCur->aiIdx[pCur->iPage]==0 ){
4770 if( pCur->iPage==0 ){
4771 pCur->eState = CURSOR_INVALID;
4772 *pRes = 1;
4773 return SQLITE_OK;
4774 }
4775 moveToParent(pCur);
4776 }
4777 pCur->info.nSize = 0;
4778 pCur->validNKey = 0;
4779
4780 pCur->aiIdx[pCur->iPage]--;
4781 pPage = pCur->apPage[pCur->iPage];
4782 if( pPage->intKey && !pPage->leaf ){
4783 rc = sqlite3BtreePrevious(pCur, pRes);
4784 }else{
4785 rc = SQLITE_OK;
4786 }
4787 }
4788 *pRes = 0;
4789 return rc;
4790 }
4791
4792 /*
4793 ** Allocate a new page from the database file.
4794 **
4795 ** The new page is marked as dirty. (In other words, sqlite3PagerWrite()
4796 ** has already been called on the new page.) The new page has also
4797 ** been referenced and the calling routine is responsible for calling
4798 ** sqlite3PagerUnref() on the new page when it is done.
4799 **
4800 ** SQLITE_OK is returned on success. Any other return value indicates
4801 ** an error. *ppPage and *pPgno are undefined in the event of an error.
4802 ** Do not invoke sqlite3PagerUnref() on *ppPage if an error is returned.
4803 **
4804 ** If the "nearby" parameter is not 0, then a (feeble) effort is made to
4805 ** locate a page close to the page number "nearby". This can be used in an
4806 ** attempt to keep related pages close to each other in the database file,
4807 ** which in turn can make database access faster.
4808 **
4809 ** If the "exact" parameter is not 0, and the page-number nearby exists
4810 ** anywhere on the free-list, then it is guarenteed to be returned. This
4811 ** is only used by auto-vacuum databases when allocating a new table.
4812 */
4813 static int allocateBtreePage(
4814 BtShared *pBt,
4815 MemPage **ppPage,
4816 Pgno *pPgno,
4817 Pgno nearby,
4818 u8 exact
4819 ){
4820 MemPage *pPage1;
4821 int rc;
4822 u32 n; /* Number of pages on the freelist */
4823 u32 k; /* Number of leaves on the trunk of the freelist */
4824 MemPage *pTrunk = 0;
4825 MemPage *pPrevTrunk = 0;
4826 Pgno mxPage; /* Total size of the database file */
4827
4828 assert( sqlite3_mutex_held(pBt->mutex) );
4829 pPage1 = pBt->pPage1;
4830 mxPage = btreePagecount(pBt);
4831 n = get4byte(&pPage1->aData[36]);
4832 testcase( n==mxPage-1 );
4833 if( n>=mxPage ){
4834 return SQLITE_CORRUPT_BKPT;
4835 }
4836 if( n>0 ){
4837 /* There are pages on the freelist. Reuse one of those pages. */
4838 Pgno iTrunk;
4839 u8 searchList = 0; /* If the free-list must be searched for 'nearby' */
4840
4841 /* If the 'exact' parameter was true and a query of the pointer-map
4842 ** shows that the page 'nearby' is somewhere on the free-list, then
4843 ** the entire-list will be searched for that page.
4844 */
4845 #ifndef SQLITE_OMIT_AUTOVACUUM
4846 if( exact && nearby<=mxPage ){
4847 u8 eType;
4848 assert( nearby>0 );
4849 assert( pBt->autoVacuum );
4850 rc = ptrmapGet(pBt, nearby, &eType, 0);
4851 if( rc ) return rc;
4852 if( eType==PTRMAP_FREEPAGE ){
4853 searchList = 1;
4854 }
4855 *pPgno = nearby;
4856 }
4857 #endif
4858
4859 /* Decrement the free-list count by 1. Set iTrunk to the index of the
4860 ** first free-list trunk page. iPrevTrunk is initially 1.
4861 */
4862 rc = sqlite3PagerWrite(pPage1->pDbPage);
4863 if( rc ) return rc;
4864 put4byte(&pPage1->aData[36], n-1);
4865
4866 /* The code within this loop is run only once if the 'searchList' variable
4867 ** is not true. Otherwise, it runs once for each trunk-page on the
4868 ** free-list until the page 'nearby' is located.
4869 */
4870 do {
4871 pPrevTrunk = pTrunk;
4872 if( pPrevTrunk ){
4873 iTrunk = get4byte(&pPrevTrunk->aData[0]);
4874 }else{
4875 iTrunk = get4byte(&pPage1->aData[32]);
4876 }
4877 testcase( iTrunk==mxPage );
4878 if( iTrunk>mxPage ){
4879 rc = SQLITE_CORRUPT_BKPT;
4880 }else{
4881 rc = btreeGetPage(pBt, iTrunk, &pTrunk, 0);
4882 }
4883 if( rc ){
4884 pTrunk = 0;
4885 goto end_allocate_page;
4886 }
4887 assert( pTrunk!=0 );
4888 assert( pTrunk->aData!=0 );
4889
4890 k = get4byte(&pTrunk->aData[4]); /* # of leaves on this trunk page */
4891 if( k==0 && !searchList ){
4892 /* The trunk has no leaves and the list is not being searched.
4893 ** So extract the trunk page itself and use it as the newly
4894 ** allocated page */
4895 assert( pPrevTrunk==0 );
4896 rc = sqlite3PagerWrite(pTrunk->pDbPage);
4897 if( rc ){
4898 goto end_allocate_page;
4899 }
4900 *pPgno = iTrunk;
4901 memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
4902 *ppPage = pTrunk;
4903 pTrunk = 0;
4904 TRACE(("ALLOCATE: %d trunk - %d free pages left\n", *pPgno, n-1));
4905 }else if( k>(u32)(pBt->usableSize/4 - 2) ){
4906 /* Value of k is out of range. Database corruption */
4907 rc = SQLITE_CORRUPT_BKPT;
4908 goto end_allocate_page;
4909 #ifndef SQLITE_OMIT_AUTOVACUUM
4910 }else if( searchList && nearby==iTrunk ){
4911 /* The list is being searched and this trunk page is the page
4912 ** to allocate, regardless of whether it has leaves.
4913 */
4914 assert( *pPgno==iTrunk );
4915 *ppPage = pTrunk;
4916 searchList = 0;
4917 rc = sqlite3PagerWrite(pTrunk->pDbPage);
4918 if( rc ){
4919 goto end_allocate_page;
4920 }
4921 if( k==0 ){
4922 if( !pPrevTrunk ){
4923 memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
4924 }else{
4925 rc = sqlite3PagerWrite(pPrevTrunk->pDbPage);
4926 if( rc!=SQLITE_OK ){
4927 goto end_allocate_page;
4928 }
4929 memcpy(&pPrevTrunk->aData[0], &pTrunk->aData[0], 4);
4930 }
4931 }else{
4932 /* The trunk page is required by the caller but it contains
4933 ** pointers to free-list leaves. The first leaf becomes a trunk
4934 ** page in this case.
4935 */
4936 MemPage *pNewTrunk;
4937 Pgno iNewTrunk = get4byte(&pTrunk->aData[8]);
4938 if( iNewTrunk>mxPage ){
4939 rc = SQLITE_CORRUPT_BKPT;
4940 goto end_allocate_page;
4941 }
4942 testcase( iNewTrunk==mxPage );
4943 rc = btreeGetPage(pBt, iNewTrunk, &pNewTrunk, 0);
4944 if( rc!=SQLITE_OK ){
4945 goto end_allocate_page;
4946 }
4947 rc = sqlite3PagerWrite(pNewTrunk->pDbPage);
4948 if( rc!=SQLITE_OK ){
4949 releasePage(pNewTrunk);
4950 goto end_allocate_page;
4951 }
4952 memcpy(&pNewTrunk->aData[0], &pTrunk->aData[0], 4);
4953 put4byte(&pNewTrunk->aData[4], k-1);
4954 memcpy(&pNewTrunk->aData[8], &pTrunk->aData[12], (k-1)*4);
4955 releasePage(pNewTrunk);
4956 if( !pPrevTrunk ){
4957 assert( sqlite3PagerIswriteable(pPage1->pDbPage) );
4958 put4byte(&pPage1->aData[32], iNewTrunk);
4959 }else{
4960 rc = sqlite3PagerWrite(pPrevTrunk->pDbPage);
4961 if( rc ){
4962 goto end_allocate_page;
4963 }
4964 put4byte(&pPrevTrunk->aData[0], iNewTrunk);
4965 }
4966 }
4967 pTrunk = 0;
4968 TRACE(("ALLOCATE: %d trunk - %d free pages left\n", *pPgno, n-1));
4969 #endif
4970 }else if( k>0 ){
4971 /* Extract a leaf from the trunk */
4972 u32 closest;
4973 Pgno iPage;
4974 unsigned char *aData = pTrunk->aData;
4975 if( nearby>0 ){
4976 u32 i;
4977 int dist;
4978 closest = 0;
4979 dist = sqlite3AbsInt32(get4byte(&aData[8]) - nearby);
4980 for(i=1; i<k; i++){
4981 int d2 = sqlite3AbsInt32(get4byte(&aData[8+i*4]) - nearby);
4982 if( d2<dist ){
4983 closest = i;
4984 dist = d2;
4985 }
4986 }
4987 }else{
4988 closest = 0;
4989 }
4990
4991 iPage = get4byte(&aData[8+closest*4]);
4992 testcase( iPage==mxPage );
4993 if( iPage>mxPage ){
4994 rc = SQLITE_CORRUPT_BKPT;
4995 goto end_allocate_page;
4996 }
4997 testcase( iPage==mxPage );
4998 if( !searchList || iPage==nearby ){
4999 int noContent;
5000 *pPgno = iPage;
5001 TRACE(("ALLOCATE: %d was leaf %d of %d on trunk %d"
5002 ": %d more free pages\n",
5003 *pPgno, closest+1, k, pTrunk->pgno, n-1));
5004 rc = sqlite3PagerWrite(pTrunk->pDbPage);
5005 if( rc ) goto end_allocate_page;
5006 if( closest<k-1 ){
5007 memcpy(&aData[8+closest*4], &aData[4+k*4], 4);
5008 }
5009 put4byte(&aData[4], k-1);
5010 noContent = !btreeGetHasContent(pBt, *pPgno);
5011 rc = btreeGetPage(pBt, *pPgno, ppPage, noContent);
5012 if( rc==SQLITE_OK ){
5013 rc = sqlite3PagerWrite((*ppPage)->pDbPage);
5014 if( rc!=SQLITE_OK ){
5015 releasePage(*ppPage);
5016 }
5017 }
5018 searchList = 0;
5019 }
5020 }
5021 releasePage(pPrevTrunk);
5022 pPrevTrunk = 0;
5023 }while( searchList );
5024 }else{
5025 /* There are no pages on the freelist, so create a new page at the
5026 ** end of the file */
5027 rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
5028 if( rc ) return rc;
5029 pBt->nPage++;
5030 if( pBt->nPage==PENDING_BYTE_PAGE(pBt) ) pBt->nPage++;
5031
5032 #ifndef SQLITE_OMIT_AUTOVACUUM
5033 if( pBt->autoVacuum && PTRMAP_ISPAGE(pBt, pBt->nPage) ){
5034 /* If *pPgno refers to a pointer-map page, allocate two new pages
5035 ** at the end of the file instead of one. The first allocated page
5036 ** becomes a new pointer-map page, the second is used by the caller.
5037 */
5038 MemPage *pPg = 0;
5039 TRACE(("ALLOCATE: %d from end of file (pointer-map page)\n", pBt->nPage));
5040 assert( pBt->nPage!=PENDING_BYTE_PAGE(pBt) );
5041 rc = btreeGetPage(pBt, pBt->nPage, &pPg, 1);
5042 if( rc==SQLITE_OK ){
5043 rc = sqlite3PagerWrite(pPg->pDbPage);
5044 releasePage(pPg);
5045 }
5046 if( rc ) return rc;
5047 pBt->nPage++;
5048 if( pBt->nPage==PENDING_BYTE_PAGE(pBt) ){ pBt->nPage++; }
5049 }
5050 #endif
5051 put4byte(28 + (u8*)pBt->pPage1->aData, pBt->nPage);
5052 *pPgno = pBt->nPage;
5053
5054 assert( *pPgno!=PENDING_BYTE_PAGE(pBt) );
5055 rc = btreeGetPage(pBt, *pPgno, ppPage, 1);
5056 if( rc ) return rc;
5057 rc = sqlite3PagerWrite((*ppPage)->pDbPage);
5058 if( rc!=SQLITE_OK ){
5059 releasePage(*ppPage);
5060 }
5061 TRACE(("ALLOCATE: %d from end of file\n", *pPgno));
5062 }
5063
5064 assert( *pPgno!=PENDING_BYTE_PAGE(pBt) );
5065
5066 end_allocate_page:
5067 releasePage(pTrunk);
5068 releasePage(pPrevTrunk);
5069 if( rc==SQLITE_OK ){
5070 if( sqlite3PagerPageRefcount((*ppPage)->pDbPage)>1 ){
5071 releasePage(*ppPage);
5072 return SQLITE_CORRUPT_BKPT;
5073 }
5074 (*ppPage)->isInit = 0;
5075 }else{
5076 *ppPage = 0;
5077 }
5078 assert( rc!=SQLITE_OK || sqlite3PagerIswriteable((*ppPage)->pDbPage) );
5079 return rc;
5080 }
5081
5082 /*
5083 ** This function is used to add page iPage to the database file free-list.
5084 ** It is assumed that the page is not already a part of the free-list.
5085 **
5086 ** The value passed as the second argument to this function is optional.
5087 ** If the caller happens to have a pointer to the MemPage object
5088 ** corresponding to page iPage handy, it may pass it as the second value.
5089 ** Otherwise, it may pass NULL.
5090 **
5091 ** If a pointer to a MemPage object is passed as the second argument,
5092 ** its reference count is not altered by this function.
5093 */
5094 static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
5095 MemPage *pTrunk = 0; /* Free-list trunk page */
5096 Pgno iTrunk = 0; /* Page number of free-list trunk page */
5097 MemPage *pPage1 = pBt->pPage1; /* Local reference to page 1 */
5098 MemPage *pPage; /* Page being freed. May be NULL. */
5099 int rc; /* Return Code */
5100 int nFree; /* Initial number of pages on free-list */
5101
5102 assert( sqlite3_mutex_held(pBt->mutex) );
5103 assert( iPage>1 );
5104 assert( !pMemPage || pMemPage->pgno==iPage );
5105
5106 if( pMemPage ){
5107 pPage = pMemPage;
5108 sqlite3PagerRef(pPage->pDbPage);
5109 }else{
5110 pPage = btreePageLookup(pBt, iPage);
5111 }
5112
5113 /* Increment the free page count on pPage1 */
5114 rc = sqlite3PagerWrite(pPage1->pDbPage);
5115 if( rc ) goto freepage_out;
5116 nFree = get4byte(&pPage1->aData[36]);
5117 put4byte(&pPage1->aData[36], nFree+1);
5118
5119 if( pBt->secureDelete ){
5120 /* If the secure_delete option is enabled, then
5121 ** always fully overwrite deleted information with zeros.
5122 */
5123 if( (!pPage && ((rc = btreeGetPage(pBt, iPage, &pPage, 0))!=0) )
5124 || ((rc = sqlite3PagerWrite(pPage->pDbPage))!=0)
5125 ){
5126 goto freepage_out;
5127 }
5128 memset(pPage->aData, 0, pPage->pBt->pageSize);
5129 }
5130
5131 /* If the database supports auto-vacuum, write an entry in the pointer-map
5132 ** to indicate that the page is free.
5133 */
5134 if( ISAUTOVACUUM ){
5135 ptrmapPut(pBt, iPage, PTRMAP_FREEPAGE, 0, &rc);
5136 if( rc ) goto freepage_out;
5137 }
5138
5139 /* Now manipulate the actual database free-list structure. There are two
5140 ** possibilities. If the free-list is currently empty, or if the first
5141 ** trunk page in the free-list is full, then this page will become a
5142 ** new free-list trunk page. Otherwise, it will become a leaf of the
5143 ** first trunk page in the current free-list. This block tests if it
5144 ** is possible to add the page as a new free-list leaf.
5145 */
5146 if( nFree!=0 ){
5147 u32 nLeaf; /* Initial number of leaf cells on trunk page */
5148
5149 iTrunk = get4byte(&pPage1->aData[32]);
5150 rc = btreeGetPage(pBt, iTrunk, &pTrunk, 0);
5151 if( rc!=SQLITE_OK ){
5152 goto freepage_out;
5153 }
5154
5155 nLeaf = get4byte(&pTrunk->aData[4]);
5156 assert( pBt->usableSize>32 );
5157 if( nLeaf > (u32)pBt->usableSize/4 - 2 ){
5158 rc = SQLITE_CORRUPT_BKPT;
5159 goto freepage_out;
5160 }
5161 if( nLeaf < (u32)pBt->usableSize/4 - 8 ){
5162 /* In this case there is room on the trunk page to insert the page
5163 ** being freed as a new leaf.
5164 **
5165 ** Note that the trunk page is not really full until it contains
5166 ** usableSize/4 - 2 entries, not usableSize/4 - 8 entries as we have
5167 ** coded. But due to a coding error in versions of SQLite prior to
5168 ** 3.6.0, databases with freelist trunk pages holding more than
5169 ** usableSize/4 - 8 entries will be reported as corrupt. In order
5170 ** to maintain backwards compatibility with older versions of SQLite,
5171 ** we will continue to restrict the number of entries to usableSize/4 - 8
5172 ** for now. At some point in the future (once everyone has upgraded
5173 ** to 3.6.0 or later) we should consider fixing the conditional above
5174 ** to read "usableSize/4-2" instead of "usableSize/4-8".
5175 */
5176 rc = sqlite3PagerWrite(pTrunk->pDbPage);
5177 if( rc==SQLITE_OK ){
5178 put4byte(&pTrunk->aData[4], nLeaf+1);
5179 put4byte(&pTrunk->aData[8+nLeaf*4], iPage);
5180 if( pPage && !pBt->secureDelete ){
5181 sqlite3PagerDontWrite(pPage->pDbPage);
5182 }
5183 rc = btreeSetHasContent(pBt, iPage);
5184 }
5185 TRACE(("FREE-PAGE: %d leaf on trunk page %d\n",pPage->pgno,pTrunk->pgno));
5186 goto freepage_out;
5187 }
5188 }
5189
5190 /* If control flows to this point, then it was not possible to add the
5191 ** the page being freed as a leaf page of the first trunk in the free-list.
5192 ** Possibly because the free-list is empty, or possibly because the
5193 ** first trunk in the free-list is full. Either way, the page being freed
5194 ** will become the new first trunk page in the free-list.
5195 */
5196 if( pPage==0 && SQLITE_OK!=(rc = btreeGetPage(pBt, iPage, &pPage, 0)) ){
5197 goto freepage_out;
5198 }
5199 rc = sqlite3PagerWrite(pPage->pDbPage);
5200 if( rc!=SQLITE_OK ){
5201 goto freepage_out;
5202 }
5203 put4byte(pPage->aData, iTrunk);
5204 put4byte(&pPage->aData[4], 0);
5205 put4byte(&pPage1->aData[32], iPage);
5206 TRACE(("FREE-PAGE: %d new trunk page replacing %d\n", pPage->pgno, iTrunk));
5207
5208 freepage_out:
5209 if( pPage ){
5210 pPage->isInit = 0;
5211 }
5212 releasePage(pPage);
5213 releasePage(pTrunk);
5214 return rc;
5215 }
5216 static void freePage(MemPage *pPage, int *pRC){
5217 if( (*pRC)==SQLITE_OK ){
5218 *pRC = freePage2(pPage->pBt, pPage, pPage->pgno);
5219 }
5220 }
5221
5222 /*
5223 ** Free any overflow pages associated with the given Cell.
5224 */
5225 static int clearCell(MemPage *pPage, unsigned char *pCell){
5226 BtShared *pBt = pPage->pBt;
5227 CellInfo info;
5228 Pgno ovflPgno;
5229 int rc;
5230 int nOvfl;
5231 u32 ovflPageSize;
5232
5233 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
5234 btreeParseCellPtr(pPage, pCell, &info);
5235 if( info.iOverflow==0 ){
5236 return SQLITE_OK; /* No overflow pages. Return without doing anything */
5237 }
5238 if( pCell+info.iOverflow+3 > pPage->aData+pPage->maskPage ){
5239 return SQLITE_CORRUPT; /* Cell extends past end of page */
5240 }
5241 ovflPgno = get4byte(&pCell[info.iOverflow]);
5242 assert( pBt->usableSize > 4 );
5243 ovflPageSize = pBt->usableSize - 4;
5244 nOvfl = (info.nPayload - info.nLocal + ovflPageSize - 1)/ovflPageSize;
5245 assert( ovflPgno==0 || nOvfl>0 );
5246 while( nOvfl-- ){
5247 Pgno iNext = 0;
5248 MemPage *pOvfl = 0;
5249 if( ovflPgno<2 || ovflPgno>btreePagecount(pBt) ){
5250 /* 0 is not a legal page number and page 1 cannot be an
5251 ** overflow page. Therefore if ovflPgno<2 or past the end of the
5252 ** file the database must be corrupt. */
5253 return SQLITE_CORRUPT_BKPT;
5254 }
5255 if( nOvfl ){
5256 rc = getOverflowPage(pBt, ovflPgno, &pOvfl, &iNext);
5257 if( rc ) return rc;
5258 }
5259
5260 if( ( pOvfl || ((pOvfl = btreePageLookup(pBt, ovflPgno))!=0) )
5261 && sqlite3PagerPageRefcount(pOvfl->pDbPage)!=1
5262 ){
5263 /* There is no reason any cursor should have an outstanding reference
5264 ** to an overflow page belonging to a cell that is being deleted/updated.
5265 ** So if there exists more than one reference to this page, then it
5266 ** must not really be an overflow page and the database must be corrupt.
5267 ** It is helpful to detect this before calling freePage2(), as
5268 ** freePage2() may zero the page contents if secure-delete mode is
5269 ** enabled. If this 'overflow' page happens to be a page that the
5270 ** caller is iterating through or using in some other way, this
5271 ** can be problematic.
5272 */
5273 rc = SQLITE_CORRUPT_BKPT;
5274 }else{
5275 rc = freePage2(pBt, pOvfl, ovflPgno);
5276 }
5277
5278 if( pOvfl ){
5279 sqlite3PagerUnref(pOvfl->pDbPage);
5280 }
5281 if( rc ) return rc;
5282 ovflPgno = iNext;
5283 }
5284 return SQLITE_OK;
5285 }
5286
5287 /*
5288 ** Create the byte sequence used to represent a cell on page pPage
5289 ** and write that byte sequence into pCell[]. Overflow pages are
5290 ** allocated and filled in as necessary. The calling procedure
5291 ** is responsible for making sure sufficient space has been allocated
5292 ** for pCell[].
5293 **
5294 ** Note that pCell does not necessary need to point to the pPage->aData
5295 ** area. pCell might point to some temporary storage. The cell will
5296 ** be constructed in this temporary area then copied into pPage->aData
5297 ** later.
5298 */
5299 static int fillInCell(
5300 MemPage *pPage, /* The page that contains the cell */
5301 unsigned char *pCell, /* Complete text of the cell */
5302 const void *pKey, i64 nKey, /* The key */
5303 const void *pData,int nData, /* The data */
5304 int nZero, /* Extra zero bytes to append to pData */
5305 int *pnSize /* Write cell size here */
5306 ){
5307 int nPayload;
5308 const u8 *pSrc;
5309 int nSrc, n, rc;
5310 int spaceLeft;
5311 MemPage *pOvfl = 0;
5312 MemPage *pToRelease = 0;
5313 unsigned char *pPrior;
5314 unsigned char *pPayload;
5315 BtShared *pBt = pPage->pBt;
5316 Pgno pgnoOvfl = 0;
5317 int nHeader;
5318 CellInfo info;
5319
5320 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
5321
5322 /* pPage is not necessarily writeable since pCell might be auxiliary
5323 ** buffer space that is separate from the pPage buffer area */
5324 assert( pCell<pPage->aData || pCell>=&pPage->aData[pBt->pageSize]
5325 || sqlite3PagerIswriteable(pPage->pDbPage) );
5326
5327 /* Fill in the header. */
5328 nHeader = 0;
5329 if( !pPage->leaf ){
5330 nHeader += 4;
5331 }
5332 if( pPage->hasData ){
5333 nHeader += putVarint(&pCell[nHeader], nData+nZero);
5334 }else{
5335 nData = nZero = 0;
5336 }
5337 nHeader += putVarint(&pCell[nHeader], *(u64*)&nKey);
5338 btreeParseCellPtr(pPage, pCell, &info);
5339 assert( info.nHeader==nHeader );
5340 assert( info.nKey==nKey );
5341 assert( info.nData==(u32)(nData+nZero) );
5342
5343 /* Fill in the payload */
5344 nPayload = nData + nZero;
5345 if( pPage->intKey ){
5346 pSrc = pData;
5347 nSrc = nData;
5348 nData = 0;
5349 }else{
5350 if( NEVER(nKey>0x7fffffff || pKey==0) ){
5351 return SQLITE_CORRUPT_BKPT;
5352 }
5353 nPayload += (int)nKey;
5354 pSrc = pKey;
5355 nSrc = (int)nKey;
5356 }
5357 *pnSize = info.nSize;
5358 spaceLeft = info.nLocal;
5359 pPayload = &pCell[nHeader];
5360 pPrior = &pCell[info.iOverflow];
5361
5362 while( nPayload>0 ){
5363 if( spaceLeft==0 ){
5364 #ifndef SQLITE_OMIT_AUTOVACUUM
5365 Pgno pgnoPtrmap = pgnoOvfl; /* Overflow page pointer-map entry page */
5366 if( pBt->autoVacuum ){
5367 do{
5368 pgnoOvfl++;
5369 } while(
5370 PTRMAP_ISPAGE(pBt, pgnoOvfl) || pgnoOvfl==PENDING_BYTE_PAGE(pBt)
5371 );
5372 }
5373 #endif
5374 rc = allocateBtreePage(pBt, &pOvfl, &pgnoOvfl, pgnoOvfl, 0);
5375 #ifndef SQLITE_OMIT_AUTOVACUUM
5376 /* If the database supports auto-vacuum, and the second or subsequent
5377 ** overflow page is being allocated, add an entry to the pointer-map
5378 ** for that page now.
5379 **
5380 ** If this is the first overflow page, then write a partial entry
5381 ** to the pointer-map. If we write nothing to this pointer-map slot,
5382 ** then the optimistic overflow chain processing in clearCell()
5383 ** may misinterpret the uninitialised values and delete the
5384 ** wrong pages from the database.
5385 */
5386 if( pBt->autoVacuum && rc==SQLITE_OK ){
5387 u8 eType = (pgnoPtrmap?PTRMAP_OVERFLOW2:PTRMAP_OVERFLOW1);
5388 ptrmapPut(pBt, pgnoOvfl, eType, pgnoPtrmap, &rc);
5389 if( rc ){
5390 releasePage(pOvfl);
5391 }
5392 }
5393 #endif
5394 if( rc ){
5395 releasePage(pToRelease);
5396 return rc;
5397 }
5398
5399 /* If pToRelease is not zero than pPrior points into the data area
5400 ** of pToRelease. Make sure pToRelease is still writeable. */
5401 assert( pToRelease==0 || sqlite3PagerIswriteable(pToRelease->pDbPage) );
5402
5403 /* If pPrior is part of the data area of pPage, then make sure pPage
5404 ** is still writeable */
5405 assert( pPrior<pPage->aData || pPrior>=&pPage->aData[pBt->pageSize]
5406 || sqlite3PagerIswriteable(pPage->pDbPage) );
5407
5408 put4byte(pPrior, pgnoOvfl);
5409 releasePage(pToRelease);
5410 pToRelease = pOvfl;
5411 pPrior = pOvfl->aData;
5412 put4byte(pPrior, 0);
5413 pPayload = &pOvfl->aData[4];
5414 spaceLeft = pBt->usableSize - 4;
5415 }
5416 n = nPayload;
5417 if( n>spaceLeft ) n = spaceLeft;
5418
5419 /* If pToRelease is not zero than pPayload points into the data area
5420 ** of pToRelease. Make sure pToRelease is still writeable. */
5421 assert( pToRelease==0 || sqlite3PagerIswriteable(pToRelease->pDbPage) );
5422
5423 /* If pPayload is part of the data area of pPage, then make sure pPage
5424 ** is still writeable */
5425 assert( pPayload<pPage->aData || pPayload>=&pPage->aData[pBt->pageSize]
5426 || sqlite3PagerIswriteable(pPage->pDbPage) );
5427
5428 if( nSrc>0 ){
5429 if( n>nSrc ) n = nSrc;
5430 assert( pSrc );
5431 memcpy(pPayload, pSrc, n);
5432 }else{
5433 memset(pPayload, 0, n);
5434 }
5435 nPayload -= n;
5436 pPayload += n;
5437 pSrc += n;
5438 nSrc -= n;
5439 spaceLeft -= n;
5440 if( nSrc==0 ){
5441 nSrc = nData;
5442 pSrc = pData;
5443 }
5444 }
5445 releasePage(pToRelease);
5446 return SQLITE_OK;
5447 }
5448
5449 /*
5450 ** Remove the i-th cell from pPage. This routine effects pPage only.
5451 ** The cell content is not freed or deallocated. It is assumed that
5452 ** the cell content has been copied someplace else. This routine just
5453 ** removes the reference to the cell from pPage.
5454 **
5455 ** "sz" must be the number of bytes in the cell.
5456 */
5457 static void dropCell(MemPage *pPage, int idx, int sz, int *pRC){
5458 u32 pc; /* Offset to cell content of cell being deleted */
5459 u8 *data; /* pPage->aData */
5460 u8 *ptr; /* Used to move bytes around within data[] */
5461 u8 *endPtr; /* End of loop */
5462 int rc; /* The return code */
5463 int hdr; /* Beginning of the header. 0 most pages. 100 page 1 */
5464
5465 if( *pRC ) return;
5466
5467 assert( idx>=0 && idx<pPage->nCell );
5468 assert( sz==cellSize(pPage, idx) );
5469 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
5470 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
5471 data = pPage->aData;
5472 ptr = &pPage->aCellIdx[2*idx];
5473 pc = get2byte(ptr);
5474 hdr = pPage->hdrOffset;
5475 testcase( pc==get2byte(&data[hdr+5]) );
5476 testcase( pc+sz==pPage->pBt->usableSize );
5477 if( pc < (u32)get2byte(&data[hdr+5]) || pc+sz > pPage->pBt->usableSize ){
5478 *pRC = SQLITE_CORRUPT_BKPT;
5479 return;
5480 }
5481 rc = freeSpace(pPage, pc, sz);
5482 if( rc ){
5483 *pRC = rc;
5484 return;
5485 }
5486 endPtr = &pPage->aCellIdx[2*pPage->nCell - 2];
5487 assert( (SQLITE_PTR_TO_INT(ptr)&1)==0 ); /* ptr is always 2-byte aligned */
5488 while( ptr<endPtr ){
5489 *(u16*)ptr = *(u16*)&ptr[2];
5490 ptr += 2;
5491 }
5492 pPage->nCell--;
5493 put2byte(&data[hdr+3], pPage->nCell);
5494 pPage->nFree += 2;
5495 }
5496
5497 /*
5498 ** Insert a new cell on pPage at cell index "i". pCell points to the
5499 ** content of the cell.
5500 **
5501 ** If the cell content will fit on the page, then put it there. If it
5502 ** will not fit, then make a copy of the cell content into pTemp if
5503 ** pTemp is not null. Regardless of pTemp, allocate a new entry
5504 ** in pPage->aOvfl[] and make it point to the cell content (either
5505 ** in pTemp or the original pCell) and also record its index.
5506 ** Allocating a new entry in pPage->aCell[] implies that
5507 ** pPage->nOverflow is incremented.
5508 **
5509 ** If nSkip is non-zero, then do not copy the first nSkip bytes of the
5510 ** cell. The caller will overwrite them after this function returns. If
5511 ** nSkip is non-zero, then pCell may not point to an invalid memory location
5512 ** (but pCell+nSkip is always valid).
5513 */
5514 static void insertCell(
5515 MemPage *pPage, /* Page into which we are copying */
5516 int i, /* New cell becomes the i-th cell of the page */
5517 u8 *pCell, /* Content of the new cell */
5518 int sz, /* Bytes of content in pCell */
5519 u8 *pTemp, /* Temp storage space for pCell, if needed */
5520 Pgno iChild, /* If non-zero, replace first 4 bytes with this value */
5521 int *pRC /* Read and write return code from here */
5522 ){
5523 int idx = 0; /* Where to write new cell content in data[] */
5524 int j; /* Loop counter */
5525 int end; /* First byte past the last cell pointer in data[] */
5526 int ins; /* Index in data[] where new cell pointer is inserted */
5527 int cellOffset; /* Address of first cell pointer in data[] */
5528 u8 *data; /* The content of the whole page */
5529 u8 *ptr; /* Used for moving information around in data[] */
5530 u8 *endPtr; /* End of the loop */
5531
5532 int nSkip = (iChild ? 4 : 0);
5533
5534 if( *pRC ) return;
5535
5536 assert( i>=0 && i<=pPage->nCell+pPage->nOverflow );
5537 assert( pPage->nCell<=MX_CELL(pPage->pBt) && MX_CELL(pPage->pBt)<=10921 );
5538 assert( pPage->nOverflow<=ArraySize(pPage->aOvfl) );
5539 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
5540 /* The cell should normally be sized correctly. However, when moving a
5541 ** malformed cell from a leaf page to an interior page, if the cell size
5542 ** wanted to be less than 4 but got rounded up to 4 on the leaf, then size
5543 ** might be less than 8 (leaf-size + pointer) on the interior node. Hence
5544 ** the term after the || in the following assert(). */
5545 assert( sz==cellSizePtr(pPage, pCell) || (sz==8 && iChild>0) );
5546 if( pPage->nOverflow || sz+2>pPage->nFree ){
5547 if( pTemp ){
5548 memcpy(pTemp+nSkip, pCell+nSkip, sz-nSkip);
5549 pCell = pTemp;
5550 }
5551 if( iChild ){
5552 put4byte(pCell, iChild);
5553 }
5554 j = pPage->nOverflow++;
5555 assert( j<(int)(sizeof(pPage->aOvfl)/sizeof(pPage->aOvfl[0])) );
5556 pPage->aOvfl[j].pCell = pCell;
5557 pPage->aOvfl[j].idx = (u16)i;
5558 }else{
5559 int rc = sqlite3PagerWrite(pPage->pDbPage);
5560 if( rc!=SQLITE_OK ){
5561 *pRC = rc;
5562 return;
5563 }
5564 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
5565 data = pPage->aData;
5566 cellOffset = pPage->cellOffset;
5567 end = cellOffset + 2*pPage->nCell;
5568 ins = cellOffset + 2*i;
5569 rc = allocateSpace(pPage, sz, &idx);
5570 if( rc ){ *pRC = rc; return; }
5571 /* The allocateSpace() routine guarantees the following two properties
5572 ** if it returns success */
5573 assert( idx >= end+2 );
5574 assert( idx+sz <= (int)pPage->pBt->usableSize );
5575 pPage->nCell++;
5576 pPage->nFree -= (u16)(2 + sz);
5577 memcpy(&data[idx+nSkip], pCell+nSkip, sz-nSkip);
5578 if( iChild ){
5579 put4byte(&data[idx], iChild);
5580 }
5581 ptr = &data[end];
5582 endPtr = &data[ins];
5583 assert( (SQLITE_PTR_TO_INT(ptr)&1)==0 ); /* ptr is always 2-byte aligned */
5584 while( ptr>endPtr ){
5585 *(u16*)ptr = *(u16*)&ptr[-2];
5586 ptr -= 2;
5587 }
5588 put2byte(&data[ins], idx);
5589 put2byte(&data[pPage->hdrOffset+3], pPage->nCell);
5590 #ifndef SQLITE_OMIT_AUTOVACUUM
5591 if( pPage->pBt->autoVacuum ){
5592 /* The cell may contain a pointer to an overflow page. If so, write
5593 ** the entry for the overflow page into the pointer map.
5594 */
5595 ptrmapPutOvflPtr(pPage, pCell, pRC);
5596 }
5597 #endif
5598 }
5599 }
5600
5601 /*
5602 ** Add a list of cells to a page. The page should be initially empty.
5603 ** The cells are guaranteed to fit on the page.
5604 */
5605 static void assemblePage(
5606 MemPage *pPage, /* The page to be assemblied */
5607 int nCell, /* The number of cells to add to this page */
5608 u8 **apCell, /* Pointers to cell bodies */
5609 u16 *aSize /* Sizes of the cells */
5610 ){
5611 int i; /* Loop counter */
5612 u8 *pCellptr; /* Address of next cell pointer */
5613 int cellbody; /* Address of next cell body */
5614 u8 * const data = pPage->aData; /* Pointer to data for pPage */
5615 const int hdr = pPage->hdrOffset; /* Offset of header on pPage */
5616 const int nUsable = pPage->pBt->usableSize; /* Usable size of page */
5617
5618 assert( pPage->nOverflow==0 );
5619 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
5620 assert( nCell>=0 && nCell<=(int)MX_CELL(pPage->pBt)
5621 && (int)MX_CELL(pPage->pBt)<=10921);
5622 assert( sqlite3PagerIswriteable(pPage->pDbPage) );
5623
5624 /* Check that the page has just been zeroed by zeroPage() */
5625 assert( pPage->nCell==0 );
5626 assert( get2byteNotZero(&data[hdr+5])==nUsable );
5627
5628 pCellptr = &pPage->aCellIdx[nCell*2];
5629 cellbody = nUsable;
5630 for(i=nCell-1; i>=0; i--){
5631 u16 sz = aSize[i];
5632 pCellptr -= 2;
5633 cellbody -= sz;
5634 put2byte(pCellptr, cellbody);
5635 memcpy(&data[cellbody], apCell[i], sz);
5636 }
5637 put2byte(&data[hdr+3], nCell);
5638 put2byte(&data[hdr+5], cellbody);
5639 pPage->nFree -= (nCell*2 + nUsable - cellbody);
5640 pPage->nCell = (u16)nCell;
5641 }
5642
5643 /*
5644 ** The following parameters determine how many adjacent pages get involved
5645 ** in a balancing operation. NN is the number of neighbors on either side
5646 ** of the page that participate in the balancing operation. NB is the
5647 ** total number of pages that participate, including the target page and
5648 ** NN neighbors on either side.
5649 **
5650 ** The minimum value of NN is 1 (of course). Increasing NN above 1
5651 ** (to 2 or 3) gives a modest improvement in SELECT and DELETE performance
5652 ** in exchange for a larger degradation in INSERT and UPDATE performance.
5653 ** The value of NN appears to give the best results overall.
5654 */
5655 #define NN 1 /* Number of neighbors on either side of pPage */
5656 #define NB (NN*2+1) /* Total pages involved in the balance */
5657
5658
5659 #ifndef SQLITE_OMIT_QUICKBALANCE
5660 /*
5661 ** This version of balance() handles the common special case where
5662 ** a new entry is being inserted on the extreme right-end of the
5663 ** tree, in other words, when the new entry will become the largest
5664 ** entry in the tree.
5665 **
5666 ** Instead of trying to balance the 3 right-most leaf pages, just add
5667 ** a new page to the right-hand side and put the one new entry in
5668 ** that page. This leaves the right side of the tree somewhat
5669 ** unbalanced. But odds are that we will be inserting new entries
5670 ** at the end soon afterwards so the nearly empty page will quickly
5671 ** fill up. On average.
5672 **
5673 ** pPage is the leaf page which is the right-most page in the tree.
5674 ** pParent is its parent. pPage must have a single overflow entry
5675 ** which is also the right-most entry on the page.
5676 **
5677 ** The pSpace buffer is used to store a temporary copy of the divider
5678 ** cell that will be inserted into pParent. Such a cell consists of a 4
5679 ** byte page number followed by a variable length integer. In other
5680 ** words, at most 13 bytes. Hence the pSpace buffer must be at
5681 ** least 13 bytes in size.
5682 */
5683 static int balance_quick(MemPage *pParent, MemPage *pPage, u8 *pSpace){
5684 BtShared *const pBt = pPage->pBt; /* B-Tree Database */
5685 MemPage *pNew; /* Newly allocated page */
5686 int rc; /* Return Code */
5687 Pgno pgnoNew; /* Page number of pNew */
5688
5689 assert( sqlite3_mutex_held(pPage->pBt->mutex) );
5690 assert( sqlite3PagerIswriteable(pParent->pDbPage) );
5691 assert( pPage->nOverflow==1 );
5692
5693 /* This error condition is now caught prior to reaching this function */
5694 if( pPage->nCell<=0 ) return SQLITE_CORRUPT_BKPT;
5695
5696 /* Allocate a new page. This page will become the right-sibling of
5697 ** pPage. Make the parent page writable, so that the new divider cell
5698 ** may be inserted. If both these operations are successful, proceed.
5699 */
5700 rc = allocateBtreePage(pBt, &pNew, &pgnoNew, 0, 0);
5701
5702 if( rc==SQLITE_OK ){
5703
5704 u8 *pOut = &pSpace[4];
5705 u8 *pCell = pPage->aOvfl[0].pCell;
5706 u16 szCell = cellSizePtr(pPage, pCell);
5707 u8 *pStop;
5708
5709 assert( sqlite3PagerIswriteable(pNew->pDbPage) );
5710 assert( pPage->aData[0]==(PTF_INTKEY|PTF_LEAFDATA|PTF_LEAF) );
5711 zeroPage(pNew, PTF_INTKEY|PTF_LEAFDATA|PTF_LEAF);
5712 assemblePage(pNew, 1, &pCell, &szCell);
5713
5714 /* If this is an auto-vacuum database, update the pointer map
5715 ** with entries for the new page, and any pointer from the
5716 ** cell on the page to an overflow page. If either of these
5717 ** operations fails, the return code is set, but the contents
5718 ** of the parent page are still manipulated by thh code below.
5719 ** That is Ok, at this point the parent page is guaranteed to
5720 ** be marked as dirty. Returning an error code will cause a
5721 ** rollback, undoing any changes made to the parent page.
5722 */
5723 if( ISAUTOVACUUM ){
5724 ptrmapPut(pBt, pgnoNew, PTRMAP_BTREE, pParent->pgno, &rc);
5725 if( szCell>pNew->minLocal ){
5726 ptrmapPutOvflPtr(pNew, pCell, &rc);
5727 }
5728 }
5729
5730 /* Create a divider cell to insert into pParent. The divider cell
5731 ** consists of a 4-byte page number (the page number of pPage) and
5732 ** a variable length key value (which must be the same value as the
5733 ** largest key on pPage).
5734 **
5735 ** To find the largest key value on pPage, first find the right-most
5736 ** cell on pPage. The first two fields of this cell are the
5737 ** record-length (a variable length integer at most 32-bits in size)
5738 ** and the key value (a variable length integer, may have any value).
5739 ** The first of the while(...) loops below skips over the record-length
5740 ** field. The second while(...) loop copies the key value from the
5741 ** cell on pPage into the pSpace buffer.
5742 */
5743 pCell = findCell(pPage, pPage->nCell-1);
5744 pStop = &pCell[9];
5745 while( (*(pCell++)&0x80) && pCell<pStop );
5746 pStop = &pCell[9];
5747 while( ((*(pOut++) = *(pCell++))&0x80) && pCell<pStop );
5748
5749 /* Insert the new divider cell into pParent. */
5750 insertCell(pParent, pParent->nCell, pSpace, (int)(pOut-pSpace),
5751 0, pPage->pgno, &rc);
5752
5753 /* Set the right-child pointer of pParent to point to the new page. */
5754 put4byte(&pParent->aData[pParent->hdrOffset+8], pgnoNew);
5755
5756 /* Release the reference to the new page. */
5757 releasePage(pNew);
5758 }
5759
5760 return rc;
5761 }
5762 #endif /* SQLITE_OMIT_QUICKBALANCE */
5763
5764 #if 0
5765 /*
5766 ** This function does not contribute anything to the operation of SQLite.
5767 ** it is sometimes activated temporarily while debugging code responsible
5768 ** for setting pointer-map entries.
5769 */
5770 static int ptrmapCheckPages(MemPage **apPage, int nPage){
5771 int i, j;
5772 for(i=0; i<nPage; i++){
5773 Pgno n;
5774 u8 e;
5775 MemPage *pPage = apPage[i];
5776 BtShared *pBt = pPage->pBt;
5777 assert( pPage->isInit );
5778
5779 for(j=0; j<pPage->nCell; j++){
5780 CellInfo info;
5781 u8 *z;
5782
5783 z = findCell(pPage, j);
5784 btreeParseCellPtr(pPage, z, &info);
5785 if( info.iOverflow ){
5786 Pgno ovfl = get4byte(&z[info.iOverflow]);
5787 ptrmapGet(pBt, ovfl, &e, &n);
5788 assert( n==pPage->pgno && e==PTRMAP_OVERFLOW1 );
5789 }
5790 if( !pPage->leaf ){
5791 Pgno child = get4byte(z);
5792 ptrmapGet(pBt, child, &e, &n);
5793 assert( n==pPage->pgno && e==PTRMAP_BTREE );
5794 }
5795 }
5796 if( !pPage->leaf ){
5797 Pgno child = get4byte(&pPage->aData[pPage->hdrOffset+8]);
5798 ptrmapGet(pBt, child, &e, &n);
5799 assert( n==pPage->pgno && e==PTRMAP_BTREE );
5800 }
5801 }
5802 return 1;
5803 }
5804 #endif
5805
5806 /*
5807 ** This function is used to copy the contents of the b-tree node stored
5808 ** on page pFrom to page pTo. If page pFrom was not a leaf page, then
5809 ** the pointer-map entries for each child page are updated so that the
5810 ** parent page stored in the pointer map is page pTo. If pFrom contained
5811 ** any cells with overflow page pointers, then the corresponding pointer
5812 ** map entries are also updated so that the parent page is page pTo.
5813 **
5814 ** If pFrom is currently carrying any overflow cells (entries in the
5815 ** MemPage.aOvfl[] array), they are not copied to pTo.
5816 **
5817 ** Before returning, page pTo is reinitialized using btreeInitPage().
5818 **
5819 ** The performance of this function is not critical. It is only used by
5820 ** the balance_shallower() and balance_deeper() procedures, neither of
5821 ** which are called often under normal circumstances.
5822 */
5823 static void copyNodeContent(MemPage *pFrom, MemPage *pTo, int *pRC){
5824 if( (*pRC)==SQLITE_OK ){
5825 BtShared * const pBt = pFrom->pBt;
5826 u8 * const aFrom = pFrom->aData;
5827 u8 * const aTo = pTo->aData;
5828 int const iFromHdr = pFrom->hdrOffset;
5829 int const iToHdr = ((pTo->pgno==1) ? 100 : 0);
5830 int rc;
5831 int iData;
5832
5833
5834 assert( pFrom->isInit );
5835 assert( pFrom->nFree>=iToHdr );
5836 assert( get2byte(&aFrom[iFromHdr+5]) <= (int)pBt->usableSize );
5837
5838 /* Copy the b-tree node content from page pFrom to page pTo. */
5839 iData = get2byte(&aFrom[iFromHdr+5]);
5840 memcpy(&aTo[iData], &aFrom[iData], pBt->usableSize-iData);
5841 memcpy(&aTo[iToHdr], &aFrom[iFromHdr], pFrom->cellOffset + 2*pFrom->nCell);
5842
5843 /* Reinitialize page pTo so that the contents of the MemPage structure
5844 ** match the new data. The initialization of pTo can actually fail under
5845 ** fairly obscure circumstances, even though it is a copy of initialized
5846 ** page pFrom.
5847 */
5848 pTo->isInit = 0;
5849 rc = btreeInitPage(pTo);
5850 if( rc!=SQLITE_OK ){
5851 *pRC = rc;
5852 return;
5853 }
5854
5855 /* If this is an auto-vacuum database, update the pointer-map entries
5856 ** for any b-tree or overflow pages that pTo now contains the pointers to.
5857 */
5858 if( ISAUTOVACUUM ){
5859 *pRC = setChildPtrmaps(pTo);
5860 }
5861 }
5862 }
5863
5864 /*
5865 ** This routine redistributes cells on the iParentIdx'th child of pParent
5866 ** (hereafter "the page") and up to 2 siblings so that all pages have about the
5867 ** same amount of free space. Usually a single sibling on either side of the
5868 ** page are used in the balancing, though both siblings might come from one
5869 ** side if the page is the first or last child of its parent. If the page
5870 ** has fewer than 2 siblings (something which can only happen if the page
5871 ** is a root page or a child of a root page) then all available siblings
5872 ** participate in the balancing.
5873 **
5874 ** The number of siblings of the page might be increased or decreased by
5875 ** one or two in an effort to keep pages nearly full but not over full.
5876 **
5877 ** Note that when this routine is called, some of the cells on the page
5878 ** might not actually be stored in MemPage.aData[]. This can happen
5879 ** if the page is overfull. This routine ensures that all cells allocated
5880 ** to the page and its siblings fit into MemPage.aData[] before returning.
5881 **
5882 ** In the course of balancing the page and its siblings, cells may be
5883 ** inserted into or removed from the parent page (pParent). Doing so
5884 ** may cause the parent page to become overfull or underfull. If this
5885 ** happens, it is the responsibility of the caller to invoke the correct
5886 ** balancing routine to fix this problem (see the balance() routine).
5887 **
5888 ** If this routine fails for any reason, it might leave the database
5889 ** in a corrupted state. So if this routine fails, the database should
5890 ** be rolled back.
5891 **
5892 ** The third argument to this function, aOvflSpace, is a pointer to a
5893 ** buffer big enough to hold one page. If while inserting cells into the parent
5894 ** page (pParent) the parent page becomes overfull, this buffer is
5895 ** used to store the parent's overflow cells. Because this function inserts
5896 ** a maximum of four divider cells into the parent page, and the maximum
5897 ** size of a cell stored within an internal node is always less than 1/4
5898 ** of the page-size, the aOvflSpace[] buffer is guaranteed to be large
5899 ** enough for all overflow cells.
5900 **
5901 ** If aOvflSpace is set to a null pointer, this function returns
5902 ** SQLITE_NOMEM.
5903 */
5904 static int balance_nonroot(
5905 MemPage *pParent, /* Parent page of siblings being balanced */
5906 int iParentIdx, /* Index of "the page" in pParent */
5907 u8 *aOvflSpace, /* page-size bytes of space for parent ovfl */
5908 int isRoot /* True if pParent is a root-page */
5909 ){
5910 BtShared *pBt; /* The whole database */
5911 int nCell = 0; /* Number of cells in apCell[] */
5912 int nMaxCells = 0; /* Allocated size of apCell, szCell, aFrom. */
5913 int nNew = 0; /* Number of pages in apNew[] */
5914 int nOld; /* Number of pages in apOld[] */
5915 int i, j, k; /* Loop counters */
5916 int nxDiv; /* Next divider slot in pParent->aCell[] */
5917 int rc = SQLITE_OK; /* The return code */
5918 u16 leafCorrection; /* 4 if pPage is a leaf. 0 if not */
5919 int leafData; /* True if pPage is a leaf of a LEAFDATA tree */
5920 int usableSpace; /* Bytes in pPage beyond the header */
5921 int pageFlags; /* Value of pPage->aData[0] */
5922 int subtotal; /* Subtotal of bytes in cells on one page */
5923 int iSpace1 = 0; /* First unused byte of aSpace1[] */
5924 int iOvflSpace = 0; /* First unused byte of aOvflSpace[] */
5925 int szScratch; /* Size of scratch memory requested */
5926 MemPage *apOld[NB]; /* pPage and up to two siblings */
5927 MemPage *apCopy[NB]; /* Private copies of apOld[] pages */
5928 MemPage *apNew[NB+2]; /* pPage and up to NB siblings after balancing */
5929 u8 *pRight; /* Location in parent of right-sibling pointer */
5930 u8 *apDiv[NB-1]; /* Divider cells in pParent */
5931 int cntNew[NB+2]; /* Index in aCell[] of cell after i-th page */
5932 int szNew[NB+2]; /* Combined size of cells place on i-th page */
5933 u8 **apCell = 0; /* All cells begin balanced */
5934 u16 *szCell; /* Local size of all cells in apCell[] */
5935 u8 *aSpace1; /* Space for copies of dividers cells */
5936 Pgno pgno; /* Temp var to store a page number in */
5937
5938 pBt = pParent->pBt;
5939 assert( sqlite3_mutex_held(pBt->mutex) );
5940 assert( sqlite3PagerIswriteable(pParent->pDbPage) );
5941
5942 #if 0
5943 TRACE(("BALANCE: begin page %d child of %d\n", pPage->pgno, pParent->pgno));
5944 #endif
5945
5946 /* At this point pParent may have at most one overflow cell. And if
5947 ** this overflow cell is present, it must be the cell with
5948 ** index iParentIdx. This scenario comes about when this function
5949 ** is called (indirectly) from sqlite3BtreeDelete().
5950 */
5951 assert( pParent->nOverflow==0 || pParent->nOverflow==1 );
5952 assert( pParent->nOverflow==0 || pParent->aOvfl[0].idx==iParentIdx );
5953
5954 if( !aOvflSpace ){
5955 return SQLITE_NOMEM;
5956 }
5957
5958 /* Find the sibling pages to balance. Also locate the cells in pParent
5959 ** that divide the siblings. An attempt is made to find NN siblings on
5960 ** either side of pPage. More siblings are taken from one side, however,
5961 ** if there are fewer than NN siblings on the other side. If pParent
5962 ** has NB or fewer children then all children of pParent are taken.
5963 **
5964 ** This loop also drops the divider cells from the parent page. This
5965 ** way, the remainder of the function does not have to deal with any
5966 ** overflow cells in the parent page, since if any existed they will
5967 ** have already been removed.
5968 */
5969 i = pParent->nOverflow + pParent->nCell;
5970 if( i<2 ){
5971 nxDiv = 0;
5972 nOld = i+1;
5973 }else{
5974 nOld = 3;
5975 if( iParentIdx==0 ){
5976 nxDiv = 0;
5977 }else if( iParentIdx==i ){
5978 nxDiv = i-2;
5979 }else{
5980 nxDiv = iParentIdx-1;
5981 }
5982 i = 2;
5983 }
5984 if( (i+nxDiv-pParent->nOverflow)==pParent->nCell ){
5985 pRight = &pParent->aData[pParent->hdrOffset+8];
5986 }else{
5987 pRight = findCell(pParent, i+nxDiv-pParent->nOverflow);
5988 }
5989 pgno = get4byte(pRight);
5990 while( 1 ){
5991 rc = getAndInitPage(pBt, pgno, &apOld[i]);
5992 if( rc ){
5993 memset(apOld, 0, (i+1)*sizeof(MemPage*));
5994 goto balance_cleanup;
5995 }
5996 nMaxCells += 1+apOld[i]->nCell+apOld[i]->nOverflow;
5997 if( (i--)==0 ) break;
5998
5999 if( i+nxDiv==pParent->aOvfl[0].idx && pParent->nOverflow ){
6000 apDiv[i] = pParent->aOvfl[0].pCell;
6001 pgno = get4byte(apDiv[i]);
6002 szNew[i] = cellSizePtr(pParent, apDiv[i]);
6003 pParent->nOverflow = 0;
6004 }else{
6005 apDiv[i] = findCell(pParent, i+nxDiv-pParent->nOverflow);
6006 pgno = get4byte(apDiv[i]);
6007 szNew[i] = cellSizePtr(pParent, apDiv[i]);
6008
6009 /* Drop the cell from the parent page. apDiv[i] still points to
6010 ** the cell within the parent, even though it has been dropped.
6011 ** This is safe because dropping a cell only overwrites the first
6012 ** four bytes of it, and this function does not need the first
6013 ** four bytes of the divider cell. So the pointer is safe to use
6014 ** later on.
6015 **
6016 ** But not if we are in secure-delete mode. In secure-delete mode,
6017 ** the dropCell() routine will overwrite the entire cell with zeroes.
6018 ** In this case, temporarily copy the cell into the aOvflSpace[]
6019 ** buffer. It will be copied out again as soon as the aSpace[] buffer
6020 ** is allocated. */
6021 if( pBt->secureDelete ){
6022 int iOff;
6023
6024 iOff = SQLITE_PTR_TO_INT(apDiv[i]) - SQLITE_PTR_TO_INT(pParent->aData);
6025 if( (iOff+szNew[i])>(int)pBt->usableSize ){
6026 rc = SQLITE_CORRUPT_BKPT;
6027 memset(apOld, 0, (i+1)*sizeof(MemPage*));
6028 goto balance_cleanup;
6029 }else{
6030 memcpy(&aOvflSpace[iOff], apDiv[i], szNew[i]);
6031 apDiv[i] = &aOvflSpace[apDiv[i]-pParent->aData];
6032 }
6033 }
6034 dropCell(pParent, i+nxDiv-pParent->nOverflow, szNew[i], &rc);
6035 }
6036 }
6037
6038 /* Make nMaxCells a multiple of 4 in order to preserve 8-byte
6039 ** alignment */
6040 nMaxCells = (nMaxCells + 3)&~3;
6041
6042 /*
6043 ** Allocate space for memory structures
6044 */
6045 k = pBt->pageSize + ROUND8(sizeof(MemPage));
6046 szScratch =
6047 nMaxCells*sizeof(u8*) /* apCell */
6048 + nMaxCells*sizeof(u16) /* szCell */
6049 + pBt->pageSize /* aSpace1 */
6050 + k*nOld; /* Page copies (apCopy) */
6051 apCell = sqlite3ScratchMalloc( szScratch );
6052 if( apCell==0 ){
6053 rc = SQLITE_NOMEM;
6054 goto balance_cleanup;
6055 }
6056 szCell = (u16*)&apCell[nMaxCells];
6057 aSpace1 = (u8*)&szCell[nMaxCells];
6058 assert( EIGHT_BYTE_ALIGNMENT(aSpace1) );
6059
6060 /*
6061 ** Load pointers to all cells on sibling pages and the divider cells
6062 ** into the local apCell[] array. Make copies of the divider cells
6063 ** into space obtained from aSpace1[] and remove the the divider Cells
6064 ** from pParent.
6065 **
6066 ** If the siblings are on leaf pages, then the child pointers of the
6067 ** divider cells are stripped from the cells before they are copied
6068 ** into aSpace1[]. In this way, all cells in apCell[] are without
6069 ** child pointers. If siblings are not leaves, then all cell in
6070 ** apCell[] include child pointers. Either way, all cells in apCell[]
6071 ** are alike.
6072 **
6073 ** leafCorrection: 4 if pPage is a leaf. 0 if pPage is not a leaf.
6074 ** leafData: 1 if pPage holds key+data and pParent holds only keys.
6075 */
6076 leafCorrection = apOld[0]->leaf*4;
6077 leafData = apOld[0]->hasData;
6078 for(i=0; i<nOld; i++){
6079 int limit;
6080
6081 /* Before doing anything else, take a copy of the i'th original sibling
6082 ** The rest of this function will use data from the copies rather
6083 ** that the original pages since the original pages will be in the
6084 ** process of being overwritten. */
6085 MemPage *pOld = apCopy[i] = (MemPage*)&aSpace1[pBt->pageSize + k*i];
6086 memcpy(pOld, apOld[i], sizeof(MemPage));
6087 pOld->aData = (void*)&pOld[1];
6088 memcpy(pOld->aData, apOld[i]->aData, pBt->pageSize);
6089
6090 limit = pOld->nCell+pOld->nOverflow;
6091 if( pOld->nOverflow>0 ){
6092 for(j=0; j<limit; j++){
6093 assert( nCell<nMaxCells );
6094 apCell[nCell] = findOverflowCell(pOld, j);
6095 szCell[nCell] = cellSizePtr(pOld, apCell[nCell]);
6096 nCell++;
6097 }
6098 }else{
6099 u8 *aData = pOld->aData;
6100 u16 maskPage = pOld->maskPage;
6101 u16 cellOffset = pOld->cellOffset;
6102 for(j=0; j<limit; j++){
6103 assert( nCell<nMaxCells );
6104 apCell[nCell] = findCellv2(aData, maskPage, cellOffset, j);
6105 szCell[nCell] = cellSizePtr(pOld, apCell[nCell]);
6106 nCell++;
6107 }
6108 }
6109 if( i<nOld-1 && !leafData){
6110 u16 sz = (u16)szNew[i];
6111 u8 *pTemp;
6112 assert( nCell<nMaxCells );
6113 szCell[nCell] = sz;
6114 pTemp = &aSpace1[iSpace1];
6115 iSpace1 += sz;
6116 assert( sz<=pBt->maxLocal+23 );
6117 assert( iSpace1 <= (int)pBt->pageSize );
6118 memcpy(pTemp, apDiv[i], sz);
6119 apCell[nCell] = pTemp+leafCorrection;
6120 assert( leafCorrection==0 || leafCorrection==4 );
6121 szCell[nCell] = szCell[nCell] - leafCorrection;
6122 if( !pOld->leaf ){
6123 assert( leafCorrection==0 );
6124 assert( pOld->hdrOffset==0 );
6125 /* The right pointer of the child page pOld becomes the left
6126 ** pointer of the divider cell */
6127 memcpy(apCell[nCell], &pOld->aData[8], 4);
6128 }else{
6129 assert( leafCorrection==4 );
6130 if( szCell[nCell]<4 ){
6131 /* Do not allow any cells smaller than 4 bytes. */
6132 szCell[nCell] = 4;
6133 }
6134 }
6135 nCell++;
6136 }
6137 }
6138
6139 /*
6140 ** Figure out the number of pages needed to hold all nCell cells.
6141 ** Store this number in "k". Also compute szNew[] which is the total
6142 ** size of all cells on the i-th page and cntNew[] which is the index
6143 ** in apCell[] of the cell that divides page i from page i+1.
6144 ** cntNew[k] should equal nCell.
6145 **
6146 ** Values computed by this block:
6147 **
6148 ** k: The total number of sibling pages
6149 ** szNew[i]: Spaced used on the i-th sibling page.
6150 ** cntNew[i]: Index in apCell[] and szCell[] for the first cell to
6151 ** the right of the i-th sibling page.
6152 ** usableSpace: Number of bytes of space available on each sibling.
6153 **
6154 */
6155 usableSpace = pBt->usableSize - 12 + leafCorrection;
6156 for(subtotal=k=i=0; i<nCell; i++){
6157 assert( i<nMaxCells );
6158 subtotal += szCell[i] + 2;
6159 if( subtotal > usableSpace ){
6160 szNew[k] = subtotal - szCell[i];
6161 cntNew[k] = i;
6162 if( leafData ){ i--; }
6163 subtotal = 0;
6164 k++;
6165 if( k>NB+1 ){ rc = SQLITE_CORRUPT_BKPT; goto balance_cleanup; }
6166 }
6167 }
6168 szNew[k] = subtotal;
6169 cntNew[k] = nCell;
6170 k++;
6171
6172 /*
6173 ** The packing computed by the previous block is biased toward the siblings
6174 ** on the left side. The left siblings are always nearly full, while the
6175 ** right-most sibling might be nearly empty. This block of code attempts
6176 ** to adjust the packing of siblings to get a better balance.
6177 **
6178 ** This adjustment is more than an optimization. The packing above might
6179 ** be so out of balance as to be illegal. For example, the right-most
6180 ** sibling might be completely empty. This adjustment is not optional.
6181 */
6182 for(i=k-1; i>0; i--){
6183 int szRight = szNew[i]; /* Size of sibling on the right */
6184 int szLeft = szNew[i-1]; /* Size of sibling on the left */
6185 int r; /* Index of right-most cell in left sibling */
6186 int d; /* Index of first cell to the left of right sibling */
6187
6188 r = cntNew[i-1] - 1;
6189 d = r + 1 - leafData;
6190 assert( d<nMaxCells );
6191 assert( r<nMaxCells );
6192 while( szRight==0 || szRight+szCell[d]+2<=szLeft-(szCell[r]+2) ){
6193 szRight += szCell[d] + 2;
6194 szLeft -= szCell[r] + 2;
6195 cntNew[i-1]--;
6196 r = cntNew[i-1] - 1;
6197 d = r + 1 - leafData;
6198 }
6199 szNew[i] = szRight;
6200 szNew[i-1] = szLeft;
6201 }
6202
6203 /* Either we found one or more cells (cntnew[0])>0) or pPage is
6204 ** a virtual root page. A virtual root page is when the real root
6205 ** page is page 1 and we are the only child of that page.
6206 */
6207 assert( cntNew[0]>0 || (pParent->pgno==1 && pParent->nCell==0) );
6208
6209 TRACE(("BALANCE: old: %d %d %d ",
6210 apOld[0]->pgno,
6211 nOld>=2 ? apOld[1]->pgno : 0,
6212 nOld>=3 ? apOld[2]->pgno : 0
6213 ));
6214
6215 /*
6216 ** Allocate k new pages. Reuse old pages where possible.
6217 */
6218 if( apOld[0]->pgno<=1 ){
6219 rc = SQLITE_CORRUPT_BKPT;
6220 goto balance_cleanup;
6221 }
6222 pageFlags = apOld[0]->aData[0];
6223 for(i=0; i<k; i++){
6224 MemPage *pNew;
6225 if( i<nOld ){
6226 pNew = apNew[i] = apOld[i];
6227 apOld[i] = 0;
6228 rc = sqlite3PagerWrite(pNew->pDbPage);
6229 nNew++;
6230 if( rc ) goto balance_cleanup;
6231 }else{
6232 assert( i>0 );
6233 rc = allocateBtreePage(pBt, &pNew, &pgno, pgno, 0);
6234 if( rc ) goto balance_cleanup;
6235 apNew[i] = pNew;
6236 nNew++;
6237
6238 /* Set the pointer-map entry for the new sibling page. */
6239 if( ISAUTOVACUUM ){
6240 ptrmapPut(pBt, pNew->pgno, PTRMAP_BTREE, pParent->pgno, &rc);
6241 if( rc!=SQLITE_OK ){
6242 goto balance_cleanup;
6243 }
6244 }
6245 }
6246 }
6247
6248 /* Free any old pages that were not reused as new pages.
6249 */
6250 while( i<nOld ){
6251 freePage(apOld[i], &rc);
6252 if( rc ) goto balance_cleanup;
6253 releasePage(apOld[i]);
6254 apOld[i] = 0;
6255 i++;
6256 }
6257
6258 /*
6259 ** Put the new pages in accending order. This helps to
6260 ** keep entries in the disk file in order so that a scan
6261 ** of the table is a linear scan through the file. That
6262 ** in turn helps the operating system to deliver pages
6263 ** from the disk more rapidly.
6264 **
6265 ** An O(n^2) insertion sort algorithm is used, but since
6266 ** n is never more than NB (a small constant), that should
6267 ** not be a problem.
6268 **
6269 ** When NB==3, this one optimization makes the database
6270 ** about 25% faster for large insertions and deletions.
6271 */
6272 for(i=0; i<k-1; i++){
6273 int minV = apNew[i]->pgno;
6274 int minI = i;
6275 for(j=i+1; j<k; j++){
6276 if( apNew[j]->pgno<(unsigned)minV ){
6277 minI = j;
6278 minV = apNew[j]->pgno;
6279 }
6280 }
6281 if( minI>i ){
6282 MemPage *pT;
6283 pT = apNew[i];
6284 apNew[i] = apNew[minI];
6285 apNew[minI] = pT;
6286 }
6287 }
6288 TRACE(("new: %d(%d) %d(%d) %d(%d) %d(%d) %d(%d)\n",
6289 apNew[0]->pgno, szNew[0],
6290 nNew>=2 ? apNew[1]->pgno : 0, nNew>=2 ? szNew[1] : 0,
6291 nNew>=3 ? apNew[2]->pgno : 0, nNew>=3 ? szNew[2] : 0,
6292 nNew>=4 ? apNew[3]->pgno : 0, nNew>=4 ? szNew[3] : 0,
6293 nNew>=5 ? apNew[4]->pgno : 0, nNew>=5 ? szNew[4] : 0));
6294
6295 assert( sqlite3PagerIswriteable(pParent->pDbPage) );
6296 put4byte(pRight, apNew[nNew-1]->pgno);
6297
6298 /*
6299 ** Evenly distribute the data in apCell[] across the new pages.
6300 ** Insert divider cells into pParent as necessary.
6301 */
6302 j = 0;
6303 for(i=0; i<nNew; i++){
6304 /* Assemble the new sibling page. */
6305 MemPage *pNew = apNew[i];
6306 assert( j<nMaxCells );
6307 zeroPage(pNew, pageFlags);
6308 assemblePage(pNew, cntNew[i]-j, &apCell[j], &szCell[j]);
6309 assert( pNew->nCell>0 || (nNew==1 && cntNew[0]==0) );
6310 assert( pNew->nOverflow==0 );
6311
6312 j = cntNew[i];
6313
6314 /* If the sibling page assembled above was not the right-most sibling,
6315 ** insert a divider cell into the parent page.
6316 */
6317 assert( i<nNew-1 || j==nCell );
6318 if( j<nCell ){
6319 u8 *pCell;
6320 u8 *pTemp;
6321 int sz;
6322
6323 assert( j<nMaxCells );
6324 pCell = apCell[j];
6325 sz = szCell[j] + leafCorrection;
6326 pTemp = &aOvflSpace[iOvflSpace];
6327 if( !pNew->leaf ){
6328 memcpy(&pNew->aData[8], pCell, 4);
6329 }else if( leafData ){
6330 /* If the tree is a leaf-data tree, and the siblings are leaves,
6331 ** then there is no divider cell in apCell[]. Instead, the divider
6332 ** cell consists of the integer key for the right-most cell of
6333 ** the sibling-page assembled above only.
6334 */
6335 CellInfo info;
6336 j--;
6337 btreeParseCellPtr(pNew, apCell[j], &info);
6338 pCell = pTemp;
6339 sz = 4 + putVarint(&pCell[4], info.nKey);
6340 pTemp = 0;
6341 }else{
6342 pCell -= 4;
6343 /* Obscure case for non-leaf-data trees: If the cell at pCell was
6344 ** previously stored on a leaf node, and its reported size was 4
6345 ** bytes, then it may actually be smaller than this
6346 ** (see btreeParseCellPtr(), 4 bytes is the minimum size of
6347 ** any cell). But it is important to pass the correct size to
6348 ** insertCell(), so reparse the cell now.
6349 **
6350 ** Note that this can never happen in an SQLite data file, as all
6351 ** cells are at least 4 bytes. It only happens in b-trees used
6352 ** to evaluate "IN (SELECT ...)" and similar clauses.
6353 */
6354 if( szCell[j]==4 ){
6355 assert(leafCorrection==4);
6356 sz = cellSizePtr(pParent, pCell);
6357 }
6358 }
6359 iOvflSpace += sz;
6360 assert( sz<=pBt->maxLocal+23 );
6361 assert( iOvflSpace <= (int)pBt->pageSize );
6362 insertCell(pParent, nxDiv, pCell, sz, pTemp, pNew->pgno, &rc);
6363 if( rc!=SQLITE_OK ) goto balance_cleanup;
6364 assert( sqlite3PagerIswriteable(pParent->pDbPage) );
6365
6366 j++;
6367 nxDiv++;
6368 }
6369 }
6370 assert( j==nCell );
6371 assert( nOld>0 );
6372 assert( nNew>0 );
6373 if( (pageFlags & PTF_LEAF)==0 ){
6374 u8 *zChild = &apCopy[nOld-1]->aData[8];
6375 memcpy(&apNew[nNew-1]->aData[8], zChild, 4);
6376 }
6377
6378 if( isRoot && pParent->nCell==0 && pParent->hdrOffset<=apNew[0]->nFree ){
6379 /* The root page of the b-tree now contains no cells. The only sibling
6380 ** page is the right-child of the parent. Copy the contents of the
6381 ** child page into the parent, decreasing the overall height of the
6382 ** b-tree structure by one. This is described as the "balance-shallower"
6383 ** sub-algorithm in some documentation.
6384 **
6385 ** If this is an auto-vacuum database, the call to copyNodeContent()
6386 ** sets all pointer-map entries corresponding to database image pages
6387 ** for which the pointer is stored within the content being copied.
6388 **
6389 ** The second assert below verifies that the child page is defragmented
6390 ** (it must be, as it was just reconstructed using assemblePage()). This
6391 ** is important if the parent page happens to be page 1 of the database
6392 ** image. */
6393 assert( nNew==1 );
6394 assert( apNew[0]->nFree ==
6395 (get2byte(&apNew[0]->aData[5])-apNew[0]->cellOffset-apNew[0]->nCell*2)
6396 );
6397 copyNodeContent(apNew[0], pParent, &rc);
6398 freePage(apNew[0], &rc);
6399 }else if( ISAUTOVACUUM ){
6400 /* Fix the pointer-map entries for all the cells that were shifted around.
6401 ** There are several different types of pointer-map entries that need to
6402 ** be dealt with by this routine. Some of these have been set already, but
6403 ** many have not. The following is a summary:
6404 **
6405 ** 1) The entries associated with new sibling pages that were not
6406 ** siblings when this function was called. These have already
6407 ** been set. We don't need to worry about old siblings that were
6408 ** moved to the free-list - the freePage() code has taken care
6409 ** of those.
6410 **
6411 ** 2) The pointer-map entries associated with the first overflow
6412 ** page in any overflow chains used by new divider cells. These
6413 ** have also already been taken care of by the insertCell() code.
6414 **
6415 ** 3) If the sibling pages are not leaves, then the child pages of
6416 ** cells stored on the sibling pages may need to be updated.
6417 **
6418 ** 4) If the sibling pages are not internal intkey nodes, then any
6419 ** overflow pages used by these cells may need to be updated
6420 ** (internal intkey nodes never contain pointers to overflow pages).
6421 **
6422 ** 5) If the sibling pages are not leaves, then the pointer-map
6423 ** entries for the right-child pages of each sibling may need
6424 ** to be updated.
6425 **
6426 ** Cases 1 and 2 are dealt with above by other code. The next
6427 ** block deals with cases 3 and 4 and the one after that, case 5. Since
6428 ** setting a pointer map entry is a relatively expensive operation, this
6429 ** code only sets pointer map entries for child or overflow pages that have
6430 ** actually moved between pages. */
6431 MemPage *pNew = apNew[0];
6432 MemPage *pOld = apCopy[0];
6433 int nOverflow = pOld->nOverflow;
6434 int iNextOld = pOld->nCell + nOverflow;
6435 int iOverflow = (nOverflow ? pOld->aOvfl[0].idx : -1);
6436 j = 0; /* Current 'old' sibling page */
6437 k = 0; /* Current 'new' sibling page */
6438 for(i=0; i<nCell; i++){
6439 int isDivider = 0;
6440 while( i==iNextOld ){
6441 /* Cell i is the cell immediately following the last cell on old
6442 ** sibling page j. If the siblings are not leaf pages of an
6443 ** intkey b-tree, then cell i was a divider cell. */
6444 assert( j+1 < ArraySize(apCopy) );
6445 pOld = apCopy[++j];
6446 iNextOld = i + !leafData + pOld->nCell + pOld->nOverflow;
6447 if( pOld->nOverflow ){
6448 nOverflow = pOld->nOverflow;
6449 iOverflow = i + !leafData + pOld->aOvfl[0].idx;
6450 }
6451 isDivider = !leafData;
6452 }
6453
6454 assert(nOverflow>0 || iOverflow<i );
6455 assert(nOverflow<2 || pOld->aOvfl[0].idx==pOld->aOvfl[1].idx-1);
6456 assert(nOverflow<3 || pOld->aOvfl[1].idx==pOld->aOvfl[2].idx-1);
6457 if( i==iOverflow ){
6458 isDivider = 1;
6459 if( (--nOverflow)>0 ){
6460 iOverflow++;
6461 }
6462 }
6463
6464 if( i==cntNew[k] ){
6465 /* Cell i is the cell immediately following the last cell on new
6466 ** sibling page k. If the siblings are not leaf pages of an
6467 ** intkey b-tree, then cell i is a divider cell. */
6468 pNew = apNew[++k];
6469 if( !leafData ) continue;
6470 }
6471 assert( j<nOld );
6472 assert( k<nNew );
6473
6474 /* If the cell was originally divider cell (and is not now) or
6475 ** an overflow cell, or if the cell was located on a different sibling
6476 ** page before the balancing, then the pointer map entries associated
6477 ** with any child or overflow pages need to be updated. */
6478 if( isDivider || pOld->pgno!=pNew->pgno ){
6479 if( !leafCorrection ){
6480 ptrmapPut(pBt, get4byte(apCell[i]), PTRMAP_BTREE, pNew->pgno, &rc);
6481 }
6482 if( szCell[i]>pNew->minLocal ){
6483 ptrmapPutOvflPtr(pNew, apCell[i], &rc);
6484 }
6485 }
6486 }
6487
6488 if( !leafCorrection ){
6489 for(i=0; i<nNew; i++){
6490 u32 key = get4byte(&apNew[i]->aData[8]);
6491 ptrmapPut(pBt, key, PTRMAP_BTREE, apNew[i]->pgno, &rc);
6492 }
6493 }
6494
6495 #if 0
6496 /* The ptrmapCheckPages() contains assert() statements that verify that
6497 ** all pointer map pages are set correctly. This is helpful while
6498 ** debugging. This is usually disabled because a corrupt database may
6499 ** cause an assert() statement to fail. */
6500 ptrmapCheckPages(apNew, nNew);
6501 ptrmapCheckPages(&pParent, 1);
6502 #endif
6503 }
6504
6505 assert( pParent->isInit );
6506 TRACE(("BALANCE: finished: old=%d new=%d cells=%d\n",
6507 nOld, nNew, nCell));
6508
6509 /*
6510 ** Cleanup before returning.
6511 */
6512 balance_cleanup:
6513 sqlite3ScratchFree(apCell);
6514 for(i=0; i<nOld; i++){
6515 releasePage(apOld[i]);
6516 }
6517 for(i=0; i<nNew; i++){
6518 releasePage(apNew[i]);
6519 }
6520
6521 return rc;
6522 }
6523
6524
6525 /*
6526 ** This function is called when the root page of a b-tree structure is
6527 ** overfull (has one or more overflow pages).
6528 **
6529 ** A new child page is allocated and the contents of the current root
6530 ** page, including overflow cells, are copied into the child. The root
6531 ** page is then overwritten to make it an empty page with the right-child
6532 ** pointer pointing to the new page.
6533 **
6534 ** Before returning, all pointer-map entries corresponding to pages
6535 ** that the new child-page now contains pointers to are updated. The
6536 ** entry corresponding to the new right-child pointer of the root
6537 ** page is also updated.
6538 **
6539 ** If successful, *ppChild is set to contain a reference to the child
6540 ** page and SQLITE_OK is returned. In this case the caller is required
6541 ** to call releasePage() on *ppChild exactly once. If an error occurs,
6542 ** an error code is returned and *ppChild is set to 0.
6543 */
6544 static int balance_deeper(MemPage *pRoot, MemPage **ppChild){
6545 int rc; /* Return value from subprocedures */
6546 MemPage *pChild = 0; /* Pointer to a new child page */
6547 Pgno pgnoChild = 0; /* Page number of the new child page */
6548 BtShared *pBt = pRoot->pBt; /* The BTree */
6549
6550 assert( pRoot->nOverflow>0 );
6551 assert( sqlite3_mutex_held(pBt->mutex) );
6552
6553 /* Make pRoot, the root page of the b-tree, writable. Allocate a new
6554 ** page that will become the new right-child of pPage. Copy the contents
6555 ** of the node stored on pRoot into the new child page.
6556 */
6557 rc = sqlite3PagerWrite(pRoot->pDbPage);
6558 if( rc==SQLITE_OK ){
6559 rc = allocateBtreePage(pBt,&pChild,&pgnoChild,pRoot->pgno,0);
6560 copyNodeContent(pRoot, pChild, &rc);
6561 if( ISAUTOVACUUM ){
6562 ptrmapPut(pBt, pgnoChild, PTRMAP_BTREE, pRoot->pgno, &rc);
6563 }
6564 }
6565 if( rc ){
6566 *ppChild = 0;
6567 releasePage(pChild);
6568 return rc;
6569 }
6570 assert( sqlite3PagerIswriteable(pChild->pDbPage) );
6571 assert( sqlite3PagerIswriteable(pRoot->pDbPage) );
6572 assert( pChild->nCell==pRoot->nCell );
6573
6574 TRACE(("BALANCE: copy root %d into %d\n", pRoot->pgno, pChild->pgno));
6575
6576 /* Copy the overflow cells from pRoot to pChild */
6577 memcpy(pChild->aOvfl, pRoot->aOvfl, pRoot->nOverflow*sizeof(pRoot->aOvfl[0]));
6578 pChild->nOverflow = pRoot->nOverflow;
6579
6580 /* Zero the contents of pRoot. Then install pChild as the right-child. */
6581 zeroPage(pRoot, pChild->aData[0] & ~PTF_LEAF);
6582 put4byte(&pRoot->aData[pRoot->hdrOffset+8], pgnoChild);
6583
6584 *ppChild = pChild;
6585 return SQLITE_OK;
6586 }
6587
6588 /*
6589 ** The page that pCur currently points to has just been modified in
6590 ** some way. This function figures out if this modification means the
6591 ** tree needs to be balanced, and if so calls the appropriate balancing
6592 ** routine. Balancing routines are:
6593 **
6594 ** balance_quick()
6595 ** balance_deeper()
6596 ** balance_nonroot()
6597 */
6598 static int balance(BtCursor *pCur){
6599 int rc = SQLITE_OK;
6600 const int nMin = pCur->pBt->usableSize * 2 / 3;
6601 u8 aBalanceQuickSpace[13];
6602 u8 *pFree = 0;
6603
6604 TESTONLY( int balance_quick_called = 0 );
6605 TESTONLY( int balance_deeper_called = 0 );
6606
6607 do {
6608 int iPage = pCur->iPage;
6609 MemPage *pPage = pCur->apPage[iPage];
6610
6611 if( iPage==0 ){
6612 if( pPage->nOverflow ){
6613 /* The root page of the b-tree is overfull. In this case call the
6614 ** balance_deeper() function to create a new child for the root-page
6615 ** and copy the current contents of the root-page to it. The
6616 ** next iteration of the do-loop will balance the child page.
6617 */
6618 assert( (balance_deeper_called++)==0 );
6619 rc = balance_deeper(pPage, &pCur->apPage[1]);
6620 if( rc==SQLITE_OK ){
6621 pCur->iPage = 1;
6622 pCur->aiIdx[0] = 0;
6623 pCur->aiIdx[1] = 0;
6624 assert( pCur->apPage[1]->nOverflow );
6625 }
6626 }else{
6627 break;
6628 }
6629 }else if( pPage->nOverflow==0 && pPage->nFree<=nMin ){
6630 break;
6631 }else{
6632 MemPage * const pParent = pCur->apPage[iPage-1];
6633 int const iIdx = pCur->aiIdx[iPage-1];
6634
6635 rc = sqlite3PagerWrite(pParent->pDbPage);
6636 if( rc==SQLITE_OK ){
6637 #ifndef SQLITE_OMIT_QUICKBALANCE
6638 if( pPage->hasData
6639 && pPage->nOverflow==1
6640 && pPage->aOvfl[0].idx==pPage->nCell
6641 && pParent->pgno!=1
6642 && pParent->nCell==iIdx
6643 ){
6644 /* Call balance_quick() to create a new sibling of pPage on which
6645 ** to store the overflow cell. balance_quick() inserts a new cell
6646 ** into pParent, which may cause pParent overflow. If this
6647 ** happens, the next interation of the do-loop will balance pParent
6648 ** use either balance_nonroot() or balance_deeper(). Until this
6649 ** happens, the overflow cell is stored in the aBalanceQuickSpace[]
6650 ** buffer.
6651 **
6652 ** The purpose of the following assert() is to check that only a
6653 ** single call to balance_quick() is made for each call to this
6654 ** function. If this were not verified, a subtle bug involving reuse
6655 ** of the aBalanceQuickSpace[] might sneak in.
6656 */
6657 assert( (balance_quick_called++)==0 );
6658 rc = balance_quick(pParent, pPage, aBalanceQuickSpace);
6659 }else
6660 #endif
6661 {
6662 /* In this case, call balance_nonroot() to redistribute cells
6663 ** between pPage and up to 2 of its sibling pages. This involves
6664 ** modifying the contents of pParent, which may cause pParent to
6665 ** become overfull or underfull. The next iteration of the do-loop
6666 ** will balance the parent page to correct this.
6667 **
6668 ** If the parent page becomes overfull, the overflow cell or cells
6669 ** are stored in the pSpace buffer allocated immediately below.
6670 ** A subsequent iteration of the do-loop will deal with this by
6671 ** calling balance_nonroot() (balance_deeper() may be called first,
6672 ** but it doesn't deal with overflow cells - just moves them to a
6673 ** different page). Once this subsequent call to balance_nonroot()
6674 ** has completed, it is safe to release the pSpace buffer used by
6675 ** the previous call, as the overflow cell data will have been
6676 ** copied either into the body of a database page or into the new
6677 ** pSpace buffer passed to the latter call to balance_nonroot().
6678 */
6679 u8 *pSpace = sqlite3PageMalloc(pCur->pBt->pageSize);
6680 rc = balance_nonroot(pParent, iIdx, pSpace, iPage==1);
6681 if( pFree ){
6682 /* If pFree is not NULL, it points to the pSpace buffer used
6683 ** by a previous call to balance_nonroot(). Its contents are
6684 ** now stored either on real database pages or within the
6685 ** new pSpace buffer, so it may be safely freed here. */
6686 sqlite3PageFree(pFree);
6687 }
6688
6689 /* The pSpace buffer will be freed after the next call to
6690 ** balance_nonroot(), or just before this function returns, whichever
6691 ** comes first. */
6692 pFree = pSpace;
6693 }
6694 }
6695
6696 pPage->nOverflow = 0;
6697
6698 /* The next iteration of the do-loop balances the parent page. */
6699 releasePage(pPage);
6700 pCur->iPage--;
6701 }
6702 }while( rc==SQLITE_OK );
6703
6704 if( pFree ){
6705 sqlite3PageFree(pFree);
6706 }
6707 return rc;
6708 }
6709
6710
6711 /*
6712 ** Insert a new record into the BTree. The key is given by (pKey,nKey)
6713 ** and the data is given by (pData,nData). The cursor is used only to
6714 ** define what table the record should be inserted into. The cursor
6715 ** is left pointing at a random location.
6716 **
6717 ** For an INTKEY table, only the nKey value of the key is used. pKey is
6718 ** ignored. For a ZERODATA table, the pData and nData are both ignored.
6719 **
6720 ** If the seekResult parameter is non-zero, then a successful call to
6721 ** MovetoUnpacked() to seek cursor pCur to (pKey, nKey) has already
6722 ** been performed. seekResult is the search result returned (a negative
6723 ** number if pCur points at an entry that is smaller than (pKey, nKey), or
6724 ** a positive value if pCur points at an etry that is larger than
6725 ** (pKey, nKey)).
6726 **
6727 ** If the seekResult parameter is non-zero, then the caller guarantees that
6728 ** cursor pCur is pointing at the existing copy of a row that is to be
6729 ** overwritten. If the seekResult parameter is 0, then cursor pCur may
6730 ** point to any entry or to no entry at all and so this function has to seek
6731 ** the cursor before the new key can be inserted.
6732 */
6733 int sqlite3BtreeInsert(
6734 BtCursor *pCur, /* Insert data into the table of this cursor */
6735 const void *pKey, i64 nKey, /* The key of the new record */
6736 const void *pData, int nData, /* The data of the new record */
6737 int nZero, /* Number of extra 0 bytes to append to data */
6738 int appendBias, /* True if this is likely an append */
6739 int seekResult /* Result of prior MovetoUnpacked() call */
6740 ){
6741 int rc;
6742 int loc = seekResult; /* -1: before desired location +1: after */
6743 int szNew = 0;
6744 int idx;
6745 MemPage *pPage;
6746 Btree *p = pCur->pBtree;
6747 BtShared *pBt = p->pBt;
6748 unsigned char *oldCell;
6749 unsigned char *newCell = 0;
6750
6751 if( pCur->eState==CURSOR_FAULT ){
6752 assert( pCur->skipNext!=SQLITE_OK );
6753 return pCur->skipNext;
6754 }
6755
6756 assert( cursorHoldsMutex(pCur) );
6757 assert( pCur->wrFlag && pBt->inTransaction==TRANS_WRITE && !pBt->readOnly );
6758 assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
6759
6760 /* Assert that the caller has been consistent. If this cursor was opened
6761 ** expecting an index b-tree, then the caller should be inserting blob
6762 ** keys with no associated data. If the cursor was opened expecting an
6763 ** intkey table, the caller should be inserting integer keys with a
6764 ** blob of associated data. */
6765 assert( (pKey==0)==(pCur->pKeyInfo==0) );
6766
6767 /* If this is an insert into a table b-tree, invalidate any incrblob
6768 ** cursors open on the row being replaced (assuming this is a replace
6769 ** operation - if it is not, the following is a no-op). */
6770 if( pCur->pKeyInfo==0 ){
6771 invalidateIncrblobCursors(p, nKey, 0);
6772 }
6773
6774 /* Save the positions of any other cursors open on this table.
6775 **
6776 ** In some cases, the call to btreeMoveto() below is a no-op. For
6777 ** example, when inserting data into a table with auto-generated integer
6778 ** keys, the VDBE layer invokes sqlite3BtreeLast() to figure out the
6779 ** integer key to use. It then calls this function to actually insert the
6780 ** data into the intkey B-Tree. In this case btreeMoveto() recognizes
6781 ** that the cursor is already where it needs to be and returns without
6782 ** doing any work. To avoid thwarting these optimizations, it is important
6783 ** not to clear the cursor here.
6784 */
6785 rc = saveAllCursors(pBt, pCur->pgnoRoot, pCur);
6786 if( rc ) return rc;
6787 if( !loc ){
6788 rc = btreeMoveto(pCur, pKey, nKey, appendBias, &loc);
6789 if( rc ) return rc;
6790 }
6791 assert( pCur->eState==CURSOR_VALID || (pCur->eState==CURSOR_INVALID && loc) );
6792
6793 pPage = pCur->apPage[pCur->iPage];
6794 assert( pPage->intKey || nKey>=0 );
6795 assert( pPage->leaf || !pPage->intKey );
6796
6797 TRACE(("INSERT: table=%d nkey=%lld ndata=%d page=%d %s\n",
6798 pCur->pgnoRoot, nKey, nData, pPage->pgno,
6799 loc==0 ? "overwrite" : "new entry"));
6800 assert( pPage->isInit );
6801 allocateTempSpace(pBt);
6802 newCell = pBt->pTmpSpace;
6803 if( newCell==0 ) return SQLITE_NOMEM;
6804 rc = fillInCell(pPage, newCell, pKey, nKey, pData, nData, nZero, &szNew);
6805 if( rc ) goto end_insert;
6806 assert( szNew==cellSizePtr(pPage, newCell) );
6807 assert( szNew <= MX_CELL_SIZE(pBt) );
6808 idx = pCur->aiIdx[pCur->iPage];
6809 if( loc==0 ){
6810 u16 szOld;
6811 assert( idx<pPage->nCell );
6812 rc = sqlite3PagerWrite(pPage->pDbPage);
6813 if( rc ){
6814 goto end_insert;
6815 }
6816 oldCell = findCell(pPage, idx);
6817 if( !pPage->leaf ){
6818 memcpy(newCell, oldCell, 4);
6819 }
6820 szOld = cellSizePtr(pPage, oldCell);
6821 rc = clearCell(pPage, oldCell);
6822 dropCell(pPage, idx, szOld, &rc);
6823 if( rc ) goto end_insert;
6824 }else if( loc<0 && pPage->nCell>0 ){
6825 assert( pPage->leaf );
6826 idx = ++pCur->aiIdx[pCur->iPage];
6827 }else{
6828 assert( pPage->leaf );
6829 }
6830 insertCell(pPage, idx, newCell, szNew, 0, 0, &rc);
6831 assert( rc!=SQLITE_OK || pPage->nCell>0 || pPage->nOverflow>0 );
6832
6833 /* If no error has occured and pPage has an overflow cell, call balance()
6834 ** to redistribute the cells within the tree. Since balance() may move
6835 ** the cursor, zero the BtCursor.info.nSize and BtCursor.validNKey
6836 ** variables.
6837 **
6838 ** Previous versions of SQLite called moveToRoot() to move the cursor
6839 ** back to the root page as balance() used to invalidate the contents
6840 ** of BtCursor.apPage[] and BtCursor.aiIdx[]. Instead of doing that,
6841 ** set the cursor state to "invalid". This makes common insert operations
6842 ** slightly faster.
6843 **
6844 ** There is a subtle but important optimization here too. When inserting
6845 ** multiple records into an intkey b-tree using a single cursor (as can
6846 ** happen while processing an "INSERT INTO ... SELECT" statement), it
6847 ** is advantageous to leave the cursor pointing to the last entry in
6848 ** the b-tree if possible. If the cursor is left pointing to the last
6849 ** entry in the table, and the next row inserted has an integer key
6850 ** larger than the largest existing key, it is possible to insert the
6851 ** row without seeking the cursor. This can be a big performance boost.
6852 */
6853 pCur->info.nSize = 0;
6854 pCur->validNKey = 0;
6855 if( rc==SQLITE_OK && pPage->nOverflow ){
6856 rc = balance(pCur);
6857
6858 /* Must make sure nOverflow is reset to zero even if the balance()
6859 ** fails. Internal data structure corruption will result otherwise.
6860 ** Also, set the cursor state to invalid. This stops saveCursorPosition()
6861 ** from trying to save the current position of the cursor. */
6862 pCur->apPage[pCur->iPage]->nOverflow = 0;
6863 pCur->eState = CURSOR_INVALID;
6864 }
6865 assert( pCur->apPage[pCur->iPage]->nOverflow==0 );
6866
6867 end_insert:
6868 return rc;
6869 }
6870
6871 /*
6872 ** Delete the entry that the cursor is pointing to. The cursor
6873 ** is left pointing at a arbitrary location.
6874 */
6875 int sqlite3BtreeDelete(BtCursor *pCur){
6876 Btree *p = pCur->pBtree;
6877 BtShared *pBt = p->pBt;
6878 int rc; /* Return code */
6879 MemPage *pPage; /* Page to delete cell from */
6880 unsigned char *pCell; /* Pointer to cell to delete */
6881 int iCellIdx; /* Index of cell to delete */
6882 int iCellDepth; /* Depth of node containing pCell */
6883
6884 assert( cursorHoldsMutex(pCur) );
6885 assert( pBt->inTransaction==TRANS_WRITE );
6886 assert( !pBt->readOnly );
6887 assert( pCur->wrFlag );
6888 assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
6889 assert( !hasReadConflicts(p, pCur->pgnoRoot) );
6890
6891 if( NEVER(pCur->aiIdx[pCur->iPage]>=pCur->apPage[pCur->iPage]->nCell)
6892 || NEVER(pCur->eState!=CURSOR_VALID)
6893 ){
6894 return SQLITE_ERROR; /* Something has gone awry. */
6895 }
6896
6897 /* If this is a delete operation to remove a row from a table b-tree,
6898 ** invalidate any incrblob cursors open on the row being deleted. */
6899 if( pCur->pKeyInfo==0 ){
6900 invalidateIncrblobCursors(p, pCur->info.nKey, 0);
6901 }
6902
6903 iCellDepth = pCur->iPage;
6904 iCellIdx = pCur->aiIdx[iCellDepth];
6905 pPage = pCur->apPage[iCellDepth];
6906 pCell = findCell(pPage, iCellIdx);
6907
6908 /* If the page containing the entry to delete is not a leaf page, move
6909 ** the cursor to the largest entry in the tree that is smaller than
6910 ** the entry being deleted. This cell will replace the cell being deleted
6911 ** from the internal node. The 'previous' entry is used for this instead
6912 ** of the 'next' entry, as the previous entry is always a part of the
6913 ** sub-tree headed by the child page of the cell being deleted. This makes
6914 ** balancing the tree following the delete operation easier. */
6915 if( !pPage->leaf ){
6916 int notUsed;
6917 rc = sqlite3BtreePrevious(pCur, ¬Used);
6918 if( rc ) return rc;
6919 }
6920
6921 /* Save the positions of any other cursors open on this table before
6922 ** making any modifications. Make the page containing the entry to be
6923 ** deleted writable. Then free any overflow pages associated with the
6924 ** entry and finally remove the cell itself from within the page.
6925 */
6926 rc = saveAllCursors(pBt, pCur->pgnoRoot, pCur);
6927 if( rc ) return rc;
6928 rc = sqlite3PagerWrite(pPage->pDbPage);
6929 if( rc ) return rc;
6930 rc = clearCell(pPage, pCell);
6931 dropCell(pPage, iCellIdx, cellSizePtr(pPage, pCell), &rc);
6932 if( rc ) return rc;
6933
6934 /* If the cell deleted was not located on a leaf page, then the cursor
6935 ** is currently pointing to the largest entry in the sub-tree headed
6936 ** by the child-page of the cell that was just deleted from an internal
6937 ** node. The cell from the leaf node needs to be moved to the internal
6938 ** node to replace the deleted cell. */
6939 if( !pPage->leaf ){
6940 MemPage *pLeaf = pCur->apPage[pCur->iPage];
6941 int nCell;
6942 Pgno n = pCur->apPage[iCellDepth+1]->pgno;
6943 unsigned char *pTmp;
6944
6945 pCell = findCell(pLeaf, pLeaf->nCell-1);
6946 nCell = cellSizePtr(pLeaf, pCell);
6947 assert( MX_CELL_SIZE(pBt) >= nCell );
6948
6949 allocateTempSpace(pBt);
6950 pTmp = pBt->pTmpSpace;
6951
6952 rc = sqlite3PagerWrite(pLeaf->pDbPage);
6953 insertCell(pPage, iCellIdx, pCell-4, nCell+4, pTmp, n, &rc);
6954 dropCell(pLeaf, pLeaf->nCell-1, nCell, &rc);
6955 if( rc ) return rc;
6956 }
6957
6958 /* Balance the tree. If the entry deleted was located on a leaf page,
6959 ** then the cursor still points to that page. In this case the first
6960 ** call to balance() repairs the tree, and the if(...) condition is
6961 ** never true.
6962 **
6963 ** Otherwise, if the entry deleted was on an internal node page, then
6964 ** pCur is pointing to the leaf page from which a cell was removed to
6965 ** replace the cell deleted from the internal node. This is slightly
6966 ** tricky as the leaf node may be underfull, and the internal node may
6967 ** be either under or overfull. In this case run the balancing algorithm
6968 ** on the leaf node first. If the balance proceeds far enough up the
6969 ** tree that we can be sure that any problem in the internal node has
6970 ** been corrected, so be it. Otherwise, after balancing the leaf node,
6971 ** walk the cursor up the tree to the internal node and balance it as
6972 ** well. */
6973 rc = balance(pCur);
6974 if( rc==SQLITE_OK && pCur->iPage>iCellDepth ){
6975 while( pCur->iPage>iCellDepth ){
6976 releasePage(pCur->apPage[pCur->iPage--]);
6977 }
6978 rc = balance(pCur);
6979 }
6980
6981 if( rc==SQLITE_OK ){
6982 moveToRoot(pCur);
6983 }
6984 return rc;
6985 }
6986
6987 /*
6988 ** Create a new BTree table. Write into *piTable the page
6989 ** number for the root page of the new table.
6990 **
6991 ** The type of type is determined by the flags parameter. Only the
6992 ** following values of flags are currently in use. Other values for
6993 ** flags might not work:
6994 **
6995 ** BTREE_INTKEY|BTREE_LEAFDATA Used for SQL tables with rowid keys
6996 ** BTREE_ZERODATA Used for SQL indices
6997 */
6998 static int btreeCreateTable(Btree *p, int *piTable, int createTabFlags){
6999 BtShared *pBt = p->pBt;
7000 MemPage *pRoot;
7001 Pgno pgnoRoot;
7002 int rc;
7003 int ptfFlags; /* Page-type flage for the root page of new table */
7004
7005 assert( sqlite3BtreeHoldsMutex(p) );
7006 assert( pBt->inTransaction==TRANS_WRITE );
7007 assert( !pBt->readOnly );
7008
7009 #ifdef SQLITE_OMIT_AUTOVACUUM
7010 rc = allocateBtreePage(pBt, &pRoot, &pgnoRoot, 1, 0);
7011 if( rc ){
7012 return rc;
7013 }
7014 #else
7015 if( pBt->autoVacuum ){
7016 Pgno pgnoMove; /* Move a page here to make room for the root-page */
7017 MemPage *pPageMove; /* The page to move to. */
7018
7019 /* Creating a new table may probably require moving an existing database
7020 ** to make room for the new tables root page. In case this page turns
7021 ** out to be an overflow page, delete all overflow page-map caches
7022 ** held by open cursors.
7023 */
7024 invalidateAllOverflowCache(pBt);
7025
7026 /* Read the value of meta[3] from the database to determine where the
7027 ** root page of the new table should go. meta[3] is the largest root-page
7028 ** created so far, so the new root-page is (meta[3]+1).
7029 */
7030 sqlite3BtreeGetMeta(p, BTREE_LARGEST_ROOT_PAGE, &pgnoRoot);
7031 pgnoRoot++;
7032
7033 /* The new root-page may not be allocated on a pointer-map page, or the
7034 ** PENDING_BYTE page.
7035 */
7036 while( pgnoRoot==PTRMAP_PAGENO(pBt, pgnoRoot) ||
7037 pgnoRoot==PENDING_BYTE_PAGE(pBt) ){
7038 pgnoRoot++;
7039 }
7040 assert( pgnoRoot>=3 );
7041
7042 /* Allocate a page. The page that currently resides at pgnoRoot will
7043 ** be moved to the allocated page (unless the allocated page happens
7044 ** to reside at pgnoRoot).
7045 */
7046 rc = allocateBtreePage(pBt, &pPageMove, &pgnoMove, pgnoRoot, 1);
7047 if( rc!=SQLITE_OK ){
7048 return rc;
7049 }
7050
7051 if( pgnoMove!=pgnoRoot ){
7052 /* pgnoRoot is the page that will be used for the root-page of
7053 ** the new table (assuming an error did not occur). But we were
7054 ** allocated pgnoMove. If required (i.e. if it was not allocated
7055 ** by extending the file), the current page at position pgnoMove
7056 ** is already journaled.
7057 */
7058 u8 eType = 0;
7059 Pgno iPtrPage = 0;
7060
7061 releasePage(pPageMove);
7062
7063 /* Move the page currently at pgnoRoot to pgnoMove. */
7064 rc = btreeGetPage(pBt, pgnoRoot, &pRoot, 0);
7065 if( rc!=SQLITE_OK ){
7066 return rc;
7067 }
7068 rc = ptrmapGet(pBt, pgnoRoot, &eType, &iPtrPage);
7069 if( eType==PTRMAP_ROOTPAGE || eType==PTRMAP_FREEPAGE ){
7070 rc = SQLITE_CORRUPT_BKPT;
7071 }
7072 if( rc!=SQLITE_OK ){
7073 releasePage(pRoot);
7074 return rc;
7075 }
7076 assert( eType!=PTRMAP_ROOTPAGE );
7077 assert( eType!=PTRMAP_FREEPAGE );
7078 rc = relocatePage(pBt, pRoot, eType, iPtrPage, pgnoMove, 0);
7079 releasePage(pRoot);
7080
7081 /* Obtain the page at pgnoRoot */
7082 if( rc!=SQLITE_OK ){
7083 return rc;
7084 }
7085 rc = btreeGetPage(pBt, pgnoRoot, &pRoot, 0);
7086 if( rc!=SQLITE_OK ){
7087 return rc;
7088 }
7089 rc = sqlite3PagerWrite(pRoot->pDbPage);
7090 if( rc!=SQLITE_OK ){
7091 releasePage(pRoot);
7092 return rc;
7093 }
7094 }else{
7095 pRoot = pPageMove;
7096 }
7097
7098 /* Update the pointer-map and meta-data with the new root-page number. */
7099 ptrmapPut(pBt, pgnoRoot, PTRMAP_ROOTPAGE, 0, &rc);
7100 if( rc ){
7101 releasePage(pRoot);
7102 return rc;
7103 }
7104
7105 /* When the new root page was allocated, page 1 was made writable in
7106 ** order either to increase the database filesize, or to decrement the
7107 ** freelist count. Hence, the sqlite3BtreeUpdateMeta() call cannot fail.
7108 */
7109 assert( sqlite3PagerIswriteable(pBt->pPage1->pDbPage) );
7110 rc = sqlite3BtreeUpdateMeta(p, 4, pgnoRoot);
7111 if( NEVER(rc) ){
7112 releasePage(pRoot);
7113 return rc;
7114 }
7115
7116 }else{
7117 rc = allocateBtreePage(pBt, &pRoot, &pgnoRoot, 1, 0);
7118 if( rc ) return rc;
7119 }
7120 #endif
7121 assert( sqlite3PagerIswriteable(pRoot->pDbPage) );
7122 if( createTabFlags & BTREE_INTKEY ){
7123 ptfFlags = PTF_INTKEY | PTF_LEAFDATA | PTF_LEAF;
7124 }else{
7125 ptfFlags = PTF_ZERODATA | PTF_LEAF;
7126 }
7127 zeroPage(pRoot, ptfFlags);
7128 sqlite3PagerUnref(pRoot->pDbPage);
7129 assert( (pBt->openFlags & BTREE_SINGLE)==0 || pgnoRoot==2 );
7130 *piTable = (int)pgnoRoot;
7131 return SQLITE_OK;
7132 }
7133 int sqlite3BtreeCreateTable(Btree *p, int *piTable, int flags){
7134 int rc;
7135 sqlite3BtreeEnter(p);
7136 rc = btreeCreateTable(p, piTable, flags);
7137 sqlite3BtreeLeave(p);
7138 return rc;
7139 }
7140
7141 /*
7142 ** Erase the given database page and all its children. Return
7143 ** the page to the freelist.
7144 */
7145 static int clearDatabasePage(
7146 BtShared *pBt, /* The BTree that contains the table */
7147 Pgno pgno, /* Page number to clear */
7148 int freePageFlag, /* Deallocate page if true */
7149 int *pnChange /* Add number of Cells freed to this counter */
7150 ){
7151 MemPage *pPage;
7152 int rc;
7153 unsigned char *pCell;
7154 int i;
7155
7156 assert( sqlite3_mutex_held(pBt->mutex) );
7157 if( pgno>btreePagecount(pBt) ){
7158 return SQLITE_CORRUPT_BKPT;
7159 }
7160
7161 rc = getAndInitPage(pBt, pgno, &pPage);
7162 if( rc ) return rc;
7163 for(i=0; i<pPage->nCell; i++){
7164 pCell = findCell(pPage, i);
7165 if( !pPage->leaf ){
7166 rc = clearDatabasePage(pBt, get4byte(pCell), 1, pnChange);
7167 if( rc ) goto cleardatabasepage_out;
7168 }
7169 rc = clearCell(pPage, pCell);
7170 if( rc ) goto cleardatabasepage_out;
7171 }
7172 if( !pPage->leaf ){
7173 rc = clearDatabasePage(pBt, get4byte(&pPage->aData[8]), 1, pnChange);
7174 if( rc ) goto cleardatabasepage_out;
7175 }else if( pnChange ){
7176 assert( pPage->intKey );
7177 *pnChange += pPage->nCell;
7178 }
7179 if( freePageFlag ){
7180 freePage(pPage, &rc);
7181 }else if( (rc = sqlite3PagerWrite(pPage->pDbPage))==0 ){
7182 zeroPage(pPage, pPage->aData[0] | PTF_LEAF);
7183 }
7184
7185 cleardatabasepage_out:
7186 releasePage(pPage);
7187 return rc;
7188 }
7189
7190 /*
7191 ** Delete all information from a single table in the database. iTable is
7192 ** the page number of the root of the table. After this routine returns,
7193 ** the root page is empty, but still exists.
7194 **
7195 ** This routine will fail with SQLITE_LOCKED if there are any open
7196 ** read cursors on the table. Open write cursors are moved to the
7197 ** root of the table.
7198 **
7199 ** If pnChange is not NULL, then table iTable must be an intkey table. The
7200 ** integer value pointed to by pnChange is incremented by the number of
7201 ** entries in the table.
7202 */
7203 int sqlite3BtreeClearTable(Btree *p, int iTable, int *pnChange){
7204 int rc;
7205 BtShared *pBt = p->pBt;
7206 sqlite3BtreeEnter(p);
7207 assert( p->inTrans==TRANS_WRITE );
7208
7209 /* Invalidate all incrblob cursors open on table iTable (assuming iTable
7210 ** is the root of a table b-tree - if it is not, the following call is
7211 ** a no-op). */
7212 invalidateIncrblobCursors(p, 0, 1);
7213
7214 rc = saveAllCursors(pBt, (Pgno)iTable, 0);
7215 if( SQLITE_OK==rc ){
7216 rc = clearDatabasePage(pBt, (Pgno)iTable, 0, pnChange);
7217 }
7218 sqlite3BtreeLeave(p);
7219 return rc;
7220 }
7221
7222 /*
7223 ** Erase all information in a table and add the root of the table to
7224 ** the freelist. Except, the root of the principle table (the one on
7225 ** page 1) is never added to the freelist.
7226 **
7227 ** This routine will fail with SQLITE_LOCKED if there are any open
7228 ** cursors on the table.
7229 **
7230 ** If AUTOVACUUM is enabled and the page at iTable is not the last
7231 ** root page in the database file, then the last root page
7232 ** in the database file is moved into the slot formerly occupied by
7233 ** iTable and that last slot formerly occupied by the last root page
7234 ** is added to the freelist instead of iTable. In this say, all
7235 ** root pages are kept at the beginning of the database file, which
7236 ** is necessary for AUTOVACUUM to work right. *piMoved is set to the
7237 ** page number that used to be the last root page in the file before
7238 ** the move. If no page gets moved, *piMoved is set to 0.
7239 ** The last root page is recorded in meta[3] and the value of
7240 ** meta[3] is updated by this procedure.
7241 */
7242 static int btreeDropTable(Btree *p, Pgno iTable, int *piMoved){
7243 int rc;
7244 MemPage *pPage = 0;
7245 BtShared *pBt = p->pBt;
7246
7247 assert( sqlite3BtreeHoldsMutex(p) );
7248 assert( p->inTrans==TRANS_WRITE );
7249
7250 /* It is illegal to drop a table if any cursors are open on the
7251 ** database. This is because in auto-vacuum mode the backend may
7252 ** need to move another root-page to fill a gap left by the deleted
7253 ** root page. If an open cursor was using this page a problem would
7254 ** occur.
7255 **
7256 ** This error is caught long before control reaches this point.
7257 */
7258 if( NEVER(pBt->pCursor) ){
7259 sqlite3ConnectionBlocked(p->db, pBt->pCursor->pBtree->db);
7260 return SQLITE_LOCKED_SHAREDCACHE;
7261 }
7262
7263 rc = btreeGetPage(pBt, (Pgno)iTable, &pPage, 0);
7264 if( rc ) return rc;
7265 rc = sqlite3BtreeClearTable(p, iTable, 0);
7266 if( rc ){
7267 releasePage(pPage);
7268 return rc;
7269 }
7270
7271 *piMoved = 0;
7272
7273 if( iTable>1 ){
7274 #ifdef SQLITE_OMIT_AUTOVACUUM
7275 freePage(pPage, &rc);
7276 releasePage(pPage);
7277 #else
7278 if( pBt->autoVacuum ){
7279 Pgno maxRootPgno;
7280 sqlite3BtreeGetMeta(p, BTREE_LARGEST_ROOT_PAGE, &maxRootPgno);
7281
7282 if( iTable==maxRootPgno ){
7283 /* If the table being dropped is the table with the largest root-page
7284 ** number in the database, put the root page on the free list.
7285 */
7286 freePage(pPage, &rc);
7287 releasePage(pPage);
7288 if( rc!=SQLITE_OK ){
7289 return rc;
7290 }
7291 }else{
7292 /* The table being dropped does not have the largest root-page
7293 ** number in the database. So move the page that does into the
7294 ** gap left by the deleted root-page.
7295 */
7296 MemPage *pMove;
7297 releasePage(pPage);
7298 rc = btreeGetPage(pBt, maxRootPgno, &pMove, 0);
7299 if( rc!=SQLITE_OK ){
7300 return rc;
7301 }
7302 rc = relocatePage(pBt, pMove, PTRMAP_ROOTPAGE, 0, iTable, 0);
7303 releasePage(pMove);
7304 if( rc!=SQLITE_OK ){
7305 return rc;
7306 }
7307 pMove = 0;
7308 rc = btreeGetPage(pBt, maxRootPgno, &pMove, 0);
7309 freePage(pMove, &rc);
7310 releasePage(pMove);
7311 if( rc!=SQLITE_OK ){
7312 return rc;
7313 }
7314 *piMoved = maxRootPgno;
7315 }
7316
7317 /* Set the new 'max-root-page' value in the database header. This
7318 ** is the old value less one, less one more if that happens to
7319 ** be a root-page number, less one again if that is the
7320 ** PENDING_BYTE_PAGE.
7321 */
7322 maxRootPgno--;
7323 while( maxRootPgno==PENDING_BYTE_PAGE(pBt)
7324 || PTRMAP_ISPAGE(pBt, maxRootPgno) ){
7325 maxRootPgno--;
7326 }
7327 assert( maxRootPgno!=PENDING_BYTE_PAGE(pBt) );
7328
7329 rc = sqlite3BtreeUpdateMeta(p, 4, maxRootPgno);
7330 }else{
7331 freePage(pPage, &rc);
7332 releasePage(pPage);
7333 }
7334 #endif
7335 }else{
7336 /* If sqlite3BtreeDropTable was called on page 1.
7337 ** This really never should happen except in a corrupt
7338 ** database.
7339 */
7340 zeroPage(pPage, PTF_INTKEY|PTF_LEAF );
7341 releasePage(pPage);
7342 }
7343 return rc;
7344 }
7345 int sqlite3BtreeDropTable(Btree *p, int iTable, int *piMoved){
7346 int rc;
7347 sqlite3BtreeEnter(p);
7348 rc = btreeDropTable(p, iTable, piMoved);
7349 sqlite3BtreeLeave(p);
7350 return rc;
7351 }
7352
7353
7354 /*
7355 ** This function may only be called if the b-tree connection already
7356 ** has a read or write transaction open on the database.
7357 **
7358 ** Read the meta-information out of a database file. Meta[0]
7359 ** is the number of free pages currently in the database. Meta[1]
7360 ** through meta[15] are available for use by higher layers. Meta[0]
7361 ** is read-only, the others are read/write.
7362 **
7363 ** The schema layer numbers meta values differently. At the schema
7364 ** layer (and the SetCookie and ReadCookie opcodes) the number of
7365 ** free pages is not visible. So Cookie[0] is the same as Meta[1].
7366 */
7367 void sqlite3BtreeGetMeta(Btree *p, int idx, u32 *pMeta){
7368 BtShared *pBt = p->pBt;
7369
7370 sqlite3BtreeEnter(p);
7371 assert( p->inTrans>TRANS_NONE );
7372 assert( SQLITE_OK==querySharedCacheTableLock(p, MASTER_ROOT, READ_LOCK) );
7373 assert( pBt->pPage1 );
7374 assert( idx>=0 && idx<=15 );
7375
7376 *pMeta = get4byte(&pBt->pPage1->aData[36 + idx*4]);
7377
7378 /* If auto-vacuum is disabled in this build and this is an auto-vacuum
7379 ** database, mark the database as read-only. */
7380 #ifdef SQLITE_OMIT_AUTOVACUUM
7381 if( idx==BTREE_LARGEST_ROOT_PAGE && *pMeta>0 ) pBt->readOnly = 1;
7382 #endif
7383
7384 sqlite3BtreeLeave(p);
7385 }
7386
7387 /*
7388 ** Write meta-information back into the database. Meta[0] is
7389 ** read-only and may not be written.
7390 */
7391 int sqlite3BtreeUpdateMeta(Btree *p, int idx, u32 iMeta){
7392 BtShared *pBt = p->pBt;
7393 unsigned char *pP1;
7394 int rc;
7395 assert( idx>=1 && idx<=15 );
7396 sqlite3BtreeEnter(p);
7397 assert( p->inTrans==TRANS_WRITE );
7398 assert( pBt->pPage1!=0 );
7399 pP1 = pBt->pPage1->aData;
7400 rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
7401 if( rc==SQLITE_OK ){
7402 put4byte(&pP1[36 + idx*4], iMeta);
7403 #ifndef SQLITE_OMIT_AUTOVACUUM
7404 if( idx==BTREE_INCR_VACUUM ){
7405 assert( pBt->autoVacuum || iMeta==0 );
7406 assert( iMeta==0 || iMeta==1 );
7407 pBt->incrVacuum = (u8)iMeta;
7408 }
7409 #endif
7410 }
7411 sqlite3BtreeLeave(p);
7412 return rc;
7413 }
7414
7415 #ifndef SQLITE_OMIT_BTREECOUNT
7416 /*
7417 ** The first argument, pCur, is a cursor opened on some b-tree. Count the
7418 ** number of entries in the b-tree and write the result to *pnEntry.
7419 **
7420 ** SQLITE_OK is returned if the operation is successfully executed.
7421 ** Otherwise, if an error is encountered (i.e. an IO error or database
7422 ** corruption) an SQLite error code is returned.
7423 */
7424 int sqlite3BtreeCount(BtCursor *pCur, i64 *pnEntry){
7425 i64 nEntry = 0; /* Value to return in *pnEntry */
7426 int rc; /* Return code */
7427
7428 if( pCur->pgnoRoot==0 ){
7429 *pnEntry = 0;
7430 return SQLITE_OK;
7431 }
7432 rc = moveToRoot(pCur);
7433
7434 /* Unless an error occurs, the following loop runs one iteration for each
7435 ** page in the B-Tree structure (not including overflow pages).
7436 */
7437 while( rc==SQLITE_OK ){
7438 int iIdx; /* Index of child node in parent */
7439 MemPage *pPage; /* Current page of the b-tree */
7440
7441 /* If this is a leaf page or the tree is not an int-key tree, then
7442 ** this page contains countable entries. Increment the entry counter
7443 ** accordingly.
7444 */
7445 pPage = pCur->apPage[pCur->iPage];
7446 if( pPage->leaf || !pPage->intKey ){
7447 nEntry += pPage->nCell;
7448 }
7449
7450 /* pPage is a leaf node. This loop navigates the cursor so that it
7451 ** points to the first interior cell that it points to the parent of
7452 ** the next page in the tree that has not yet been visited. The
7453 ** pCur->aiIdx[pCur->iPage] value is set to the index of the parent cell
7454 ** of the page, or to the number of cells in the page if the next page
7455 ** to visit is the right-child of its parent.
7456 **
7457 ** If all pages in the tree have been visited, return SQLITE_OK to the
7458 ** caller.
7459 */
7460 if( pPage->leaf ){
7461 do {
7462 if( pCur->iPage==0 ){
7463 /* All pages of the b-tree have been visited. Return successfully. */
7464 *pnEntry = nEntry;
7465 return SQLITE_OK;
7466 }
7467 moveToParent(pCur);
7468 }while ( pCur->aiIdx[pCur->iPage]>=pCur->apPage[pCur->iPage]->nCell );
7469
7470 pCur->aiIdx[pCur->iPage]++;
7471 pPage = pCur->apPage[pCur->iPage];
7472 }
7473
7474 /* Descend to the child node of the cell that the cursor currently
7475 ** points at. This is the right-child if (iIdx==pPage->nCell).
7476 */
7477 iIdx = pCur->aiIdx[pCur->iPage];
7478 if( iIdx==pPage->nCell ){
7479 rc = moveToChild(pCur, get4byte(&pPage->aData[pPage->hdrOffset+8]));
7480 }else{
7481 rc = moveToChild(pCur, get4byte(findCell(pPage, iIdx)));
7482 }
7483 }
7484
7485 /* An error has occurred. Return an error code. */
7486 return rc;
7487 }
7488 #endif
7489
7490 /*
7491 ** Return the pager associated with a BTree. This routine is used for
7492 ** testing and debugging only.
7493 */
7494 Pager *sqlite3BtreePager(Btree *p){
7495 return p->pBt->pPager;
7496 }
7497
7498 #ifndef SQLITE_OMIT_INTEGRITY_CHECK
7499 /*
7500 ** Append a message to the error message string.
7501 */
7502 static void checkAppendMsg(
7503 IntegrityCk *pCheck,
7504 char *zMsg1,
7505 const char *zFormat,
7506 ...
7507 ){
7508 va_list ap;
7509 if( !pCheck->mxErr ) return;
7510 pCheck->mxErr--;
7511 pCheck->nErr++;
7512 va_start(ap, zFormat);
7513 if( pCheck->errMsg.nChar ){
7514 sqlite3StrAccumAppend(&pCheck->errMsg, "\n", 1);
7515 }
7516 if( zMsg1 ){
7517 sqlite3StrAccumAppend(&pCheck->errMsg, zMsg1, -1);
7518 }
7519 sqlite3VXPrintf(&pCheck->errMsg, 1, zFormat, ap);
7520 va_end(ap);
7521 if( pCheck->errMsg.mallocFailed ){
7522 pCheck->mallocFailed = 1;
7523 }
7524 }
7525 #endif /* SQLITE_OMIT_INTEGRITY_CHECK */
7526
7527 #ifndef SQLITE_OMIT_INTEGRITY_CHECK
7528 /*
7529 ** Add 1 to the reference count for page iPage. If this is the second
7530 ** reference to the page, add an error message to pCheck->zErrMsg.
7531 ** Return 1 if there are 2 ore more references to the page and 0 if
7532 ** if this is the first reference to the page.
7533 **
7534 ** Also check that the page number is in bounds.
7535 */
7536 static int checkRef(IntegrityCk *pCheck, Pgno iPage, char *zContext){
7537 if( iPage==0 ) return 1;
7538 if( iPage>pCheck->nPage ){
7539 checkAppendMsg(pCheck, zContext, "invalid page number %d", iPage);
7540 return 1;
7541 }
7542 if( pCheck->anRef[iPage]==1 ){
7543 checkAppendMsg(pCheck, zContext, "2nd reference to page %d", iPage);
7544 return 1;
7545 }
7546 return (pCheck->anRef[iPage]++)>1;
7547 }
7548
7549 #ifndef SQLITE_OMIT_AUTOVACUUM
7550 /*
7551 ** Check that the entry in the pointer-map for page iChild maps to
7552 ** page iParent, pointer type ptrType. If not, append an error message
7553 ** to pCheck.
7554 */
7555 static void checkPtrmap(
7556 IntegrityCk *pCheck, /* Integrity check context */
7557 Pgno iChild, /* Child page number */
7558 u8 eType, /* Expected pointer map type */
7559 Pgno iParent, /* Expected pointer map parent page number */
7560 char *zContext /* Context description (used for error msg) */
7561 ){
7562 int rc;
7563 u8 ePtrmapType;
7564 Pgno iPtrmapParent;
7565
7566 rc = ptrmapGet(pCheck->pBt, iChild, &ePtrmapType, &iPtrmapParent);
7567 if( rc!=SQLITE_OK ){
7568 if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ) pCheck->mallocFailed = 1;
7569 checkAppendMsg(pCheck, zContext, "Failed to read ptrmap key=%d", iChild);
7570 return;
7571 }
7572
7573 if( ePtrmapType!=eType || iPtrmapParent!=iParent ){
7574 checkAppendMsg(pCheck, zContext,
7575 "Bad ptr map entry key=%d expected=(%d,%d) got=(%d,%d)",
7576 iChild, eType, iParent, ePtrmapType, iPtrmapParent);
7577 }
7578 }
7579 #endif
7580
7581 /*
7582 ** Check the integrity of the freelist or of an overflow page list.
7583 ** Verify that the number of pages on the list is N.
7584 */
7585 static void checkList(
7586 IntegrityCk *pCheck, /* Integrity checking context */
7587 int isFreeList, /* True for a freelist. False for overflow page list */
7588 int iPage, /* Page number for first page in the list */
7589 int N, /* Expected number of pages in the list */
7590 char *zContext /* Context for error messages */
7591 ){
7592 int i;
7593 int expected = N;
7594 int iFirst = iPage;
7595 while( N-- > 0 && pCheck->mxErr ){
7596 DbPage *pOvflPage;
7597 unsigned char *pOvflData;
7598 if( iPage<1 ){
7599 checkAppendMsg(pCheck, zContext,
7600 "%d of %d pages missing from overflow list starting at %d",
7601 N+1, expected, iFirst);
7602 break;
7603 }
7604 if( checkRef(pCheck, iPage, zContext) ) break;
7605 if( sqlite3PagerGet(pCheck->pPager, (Pgno)iPage, &pOvflPage) ){
7606 checkAppendMsg(pCheck, zContext, "failed to get page %d", iPage);
7607 break;
7608 }
7609 pOvflData = (unsigned char *)sqlite3PagerGetData(pOvflPage);
7610 if( isFreeList ){
7611 int n = get4byte(&pOvflData[4]);
7612 #ifndef SQLITE_OMIT_AUTOVACUUM
7613 if( pCheck->pBt->autoVacuum ){
7614 checkPtrmap(pCheck, iPage, PTRMAP_FREEPAGE, 0, zContext);
7615 }
7616 #endif
7617 if( n>(int)pCheck->pBt->usableSize/4-2 ){
7618 checkAppendMsg(pCheck, zContext,
7619 "freelist leaf count too big on page %d", iPage);
7620 N--;
7621 }else{
7622 for(i=0; i<n; i++){
7623 Pgno iFreePage = get4byte(&pOvflData[8+i*4]);
7624 #ifndef SQLITE_OMIT_AUTOVACUUM
7625 if( pCheck->pBt->autoVacuum ){
7626 checkPtrmap(pCheck, iFreePage, PTRMAP_FREEPAGE, 0, zContext);
7627 }
7628 #endif
7629 checkRef(pCheck, iFreePage, zContext);
7630 }
7631 N -= n;
7632 }
7633 }
7634 #ifndef SQLITE_OMIT_AUTOVACUUM
7635 else{
7636 /* If this database supports auto-vacuum and iPage is not the last
7637 ** page in this overflow list, check that the pointer-map entry for
7638 ** the following page matches iPage.
7639 */
7640 if( pCheck->pBt->autoVacuum && N>0 ){
7641 i = get4byte(pOvflData);
7642 checkPtrmap(pCheck, i, PTRMAP_OVERFLOW2, iPage, zContext);
7643 }
7644 }
7645 #endif
7646 iPage = get4byte(pOvflData);
7647 sqlite3PagerUnref(pOvflPage);
7648 }
7649 }
7650 #endif /* SQLITE_OMIT_INTEGRITY_CHECK */
7651
7652 #ifndef SQLITE_OMIT_INTEGRITY_CHECK
7653 /*
7654 ** Do various sanity checks on a single page of a tree. Return
7655 ** the tree depth. Root pages return 0. Parents of root pages
7656 ** return 1, and so forth.
7657 **
7658 ** These checks are done:
7659 **
7660 ** 1. Make sure that cells and freeblocks do not overlap
7661 ** but combine to completely cover the page.
7662 ** NO 2. Make sure cell keys are in order.
7663 ** NO 3. Make sure no key is less than or equal to zLowerBound.
7664 ** NO 4. Make sure no key is greater than or equal to zUpperBound.
7665 ** 5. Check the integrity of overflow pages.
7666 ** 6. Recursively call checkTreePage on all children.
7667 ** 7. Verify that the depth of all children is the same.
7668 ** 8. Make sure this page is at least 33% full or else it is
7669 ** the root of the tree.
7670 */
7671 static int checkTreePage(
7672 IntegrityCk *pCheck, /* Context for the sanity check */
7673 int iPage, /* Page number of the page to check */
7674 char *zParentContext, /* Parent context */
7675 i64 *pnParentMinKey,
7676 i64 *pnParentMaxKey
7677 ){
7678 MemPage *pPage;
7679 int i, rc, depth, d2, pgno, cnt;
7680 int hdr, cellStart;
7681 int nCell;
7682 u8 *data;
7683 BtShared *pBt;
7684 int usableSize;
7685 char zContext[100];
7686 char *hit = 0;
7687 i64 nMinKey = 0;
7688 i64 nMaxKey = 0;
7689
7690 sqlite3_snprintf(sizeof(zContext), zContext, "Page %d: ", iPage);
7691
7692 /* Check that the page exists
7693 */
7694 pBt = pCheck->pBt;
7695 usableSize = pBt->usableSize;
7696 if( iPage==0 ) return 0;
7697 if( checkRef(pCheck, iPage, zParentContext) ) return 0;
7698 if( (rc = btreeGetPage(pBt, (Pgno)iPage, &pPage, 0))!=0 ){
7699 checkAppendMsg(pCheck, zContext,
7700 "unable to get the page. error code=%d", rc);
7701 return 0;
7702 }
7703
7704 /* Clear MemPage.isInit to make sure the corruption detection code in
7705 ** btreeInitPage() is executed. */
7706 pPage->isInit = 0;
7707 if( (rc = btreeInitPage(pPage))!=0 ){
7708 assert( rc==SQLITE_CORRUPT ); /* The only possible error from InitPage */
7709 checkAppendMsg(pCheck, zContext,
7710 "btreeInitPage() returns error code %d", rc);
7711 releasePage(pPage);
7712 return 0;
7713 }
7714
7715 /* Check out all the cells.
7716 */
7717 depth = 0;
7718 for(i=0; i<pPage->nCell && pCheck->mxErr; i++){
7719 u8 *pCell;
7720 u32 sz;
7721 CellInfo info;
7722
7723 /* Check payload overflow pages
7724 */
7725 sqlite3_snprintf(sizeof(zContext), zContext,
7726 "On tree page %d cell %d: ", iPage, i);
7727 pCell = findCell(pPage,i);
7728 btreeParseCellPtr(pPage, pCell, &info);
7729 sz = info.nData;
7730 if( !pPage->intKey ) sz += (int)info.nKey;
7731 /* For intKey pages, check that the keys are in order.
7732 */
7733 else if( i==0 ) nMinKey = nMaxKey = info.nKey;
7734 else{
7735 if( info.nKey <= nMaxKey ){
7736 checkAppendMsg(pCheck, zContext,
7737 "Rowid %lld out of order (previous was %lld)", info.nKey, nMaxKey);
7738 }
7739 nMaxKey = info.nKey;
7740 }
7741 assert( sz==info.nPayload );
7742 if( (sz>info.nLocal)
7743 && (&pCell[info.iOverflow]<=&pPage->aData[pBt->usableSize])
7744 ){
7745 int nPage = (sz - info.nLocal + usableSize - 5)/(usableSize - 4);
7746 Pgno pgnoOvfl = get4byte(&pCell[info.iOverflow]);
7747 #ifndef SQLITE_OMIT_AUTOVACUUM
7748 if( pBt->autoVacuum ){
7749 checkPtrmap(pCheck, pgnoOvfl, PTRMAP_OVERFLOW1, iPage, zContext);
7750 }
7751 #endif
7752 checkList(pCheck, 0, pgnoOvfl, nPage, zContext);
7753 }
7754
7755 /* Check sanity of left child page.
7756 */
7757 if( !pPage->leaf ){
7758 pgno = get4byte(pCell);
7759 #ifndef SQLITE_OMIT_AUTOVACUUM
7760 if( pBt->autoVacuum ){
7761 checkPtrmap(pCheck, pgno, PTRMAP_BTREE, iPage, zContext);
7762 }
7763 #endif
7764 d2 = checkTreePage(pCheck, pgno, zContext, &nMinKey, i==0 ? NULL : &nMaxKey);
7765 if( i>0 && d2!=depth ){
7766 checkAppendMsg(pCheck, zContext, "Child page depth differs");
7767 }
7768 depth = d2;
7769 }
7770 }
7771
7772 if( !pPage->leaf ){
7773 pgno = get4byte(&pPage->aData[pPage->hdrOffset+8]);
7774 sqlite3_snprintf(sizeof(zContext), zContext,
7775 "On page %d at right child: ", iPage);
7776 #ifndef SQLITE_OMIT_AUTOVACUUM
7777 if( pBt->autoVacuum ){
7778 checkPtrmap(pCheck, pgno, PTRMAP_BTREE, iPage, zContext);
7779 }
7780 #endif
7781 checkTreePage(pCheck, pgno, zContext, NULL, !pPage->nCell ? NULL : &nMaxKey);
7782 }
7783
7784 /* For intKey leaf pages, check that the min/max keys are in order
7785 ** with any left/parent/right pages.
7786 */
7787 if( pPage->leaf && pPage->intKey ){
7788 /* if we are a left child page */
7789 if( pnParentMinKey ){
7790 /* if we are the left most child page */
7791 if( !pnParentMaxKey ){
7792 if( nMaxKey > *pnParentMinKey ){
7793 checkAppendMsg(pCheck, zContext,
7794 "Rowid %lld out of order (max larger than parent min of %lld)",
7795 nMaxKey, *pnParentMinKey);
7796 }
7797 }else{
7798 if( nMinKey <= *pnParentMinKey ){
7799 checkAppendMsg(pCheck, zContext,
7800 "Rowid %lld out of order (min less than parent min of %lld)",
7801 nMinKey, *pnParentMinKey);
7802 }
7803 if( nMaxKey > *pnParentMaxKey ){
7804 checkAppendMsg(pCheck, zContext,
7805 "Rowid %lld out of order (max larger than parent max of %lld)",
7806 nMaxKey, *pnParentMaxKey);
7807 }
7808 *pnParentMinKey = nMaxKey;
7809 }
7810 /* else if we're a right child page */
7811 } else if( pnParentMaxKey ){
7812 if( nMinKey <= *pnParentMaxKey ){
7813 checkAppendMsg(pCheck, zContext,
7814 "Rowid %lld out of order (min less than parent max of %lld)",
7815 nMinKey, *pnParentMaxKey);
7816 }
7817 }
7818 }
7819
7820 /* Check for complete coverage of the page
7821 */
7822 data = pPage->aData;
7823 hdr = pPage->hdrOffset;
7824 hit = sqlite3PageMalloc( pBt->pageSize );
7825 if( hit==0 ){
7826 pCheck->mallocFailed = 1;
7827 }else{
7828 int contentOffset = get2byteNotZero(&data[hdr+5]);
7829 assert( contentOffset<=usableSize ); /* Enforced by btreeInitPage() */
7830 memset(hit+contentOffset, 0, usableSize-contentOffset);
7831 memset(hit, 1, contentOffset);
7832 nCell = get2byte(&data[hdr+3]);
7833 cellStart = hdr + 12 - 4*pPage->leaf;
7834 for(i=0; i<nCell; i++){
7835 int pc = get2byte(&data[cellStart+i*2]);
7836 u32 size = 65536;
7837 int j;
7838 if( pc<=usableSize-4 ){
7839 size = cellSizePtr(pPage, &data[pc]);
7840 }
7841 if( (int)(pc+size-1)>=usableSize ){
7842 checkAppendMsg(pCheck, 0,
7843 "Corruption detected in cell %d on page %d",i,iPage);
7844 }else{
7845 for(j=pc+size-1; j>=pc; j--) hit[j]++;
7846 }
7847 }
7848 i = get2byte(&data[hdr+1]);
7849 while( i>0 ){
7850 int size, j;
7851 assert( i<=usableSize-4 ); /* Enforced by btreeInitPage() */
7852 size = get2byte(&data[i+2]);
7853 assert( i+size<=usableSize ); /* Enforced by btreeInitPage() */
7854 for(j=i+size-1; j>=i; j--) hit[j]++;
7855 j = get2byte(&data[i]);
7856 assert( j==0 || j>i+size ); /* Enforced by btreeInitPage() */
7857 assert( j<=usableSize-4 ); /* Enforced by btreeInitPage() */
7858 i = j;
7859 }
7860 for(i=cnt=0; i<usableSize; i++){
7861 if( hit[i]==0 ){
7862 cnt++;
7863 }else if( hit[i]>1 ){
7864 checkAppendMsg(pCheck, 0,
7865 "Multiple uses for byte %d of page %d", i, iPage);
7866 break;
7867 }
7868 }
7869 if( cnt!=data[hdr+7] ){
7870 checkAppendMsg(pCheck, 0,
7871 "Fragmentation of %d bytes reported as %d on page %d",
7872 cnt, data[hdr+7], iPage);
7873 }
7874 }
7875 sqlite3PageFree(hit);
7876 releasePage(pPage);
7877 return depth+1;
7878 }
7879 #endif /* SQLITE_OMIT_INTEGRITY_CHECK */
7880
7881 #ifndef SQLITE_OMIT_INTEGRITY_CHECK
7882 /*
7883 ** This routine does a complete check of the given BTree file. aRoot[] is
7884 ** an array of pages numbers were each page number is the root page of
7885 ** a table. nRoot is the number of entries in aRoot.
7886 **
7887 ** A read-only or read-write transaction must be opened before calling
7888 ** this function.
7889 **
7890 ** Write the number of error seen in *pnErr. Except for some memory
7891 ** allocation errors, an error message held in memory obtained from
7892 ** malloc is returned if *pnErr is non-zero. If *pnErr==0 then NULL is
7893 ** returned. If a memory allocation error occurs, NULL is returned.
7894 */
7895 char *sqlite3BtreeIntegrityCheck(
7896 Btree *p, /* The btree to be checked */
7897 int *aRoot, /* An array of root pages numbers for individual trees */
7898 int nRoot, /* Number of entries in aRoot[] */
7899 int mxErr, /* Stop reporting errors after this many */
7900 int *pnErr /* Write number of errors seen to this variable */
7901 ){
7902 Pgno i;
7903 int nRef;
7904 IntegrityCk sCheck;
7905 BtShared *pBt = p->pBt;
7906 char zErr[100];
7907
7908 sqlite3BtreeEnter(p);
7909 assert( p->inTrans>TRANS_NONE && pBt->inTransaction>TRANS_NONE );
7910 nRef = sqlite3PagerRefcount(pBt->pPager);
7911 sCheck.pBt = pBt;
7912 sCheck.pPager = pBt->pPager;
7913 sCheck.nPage = btreePagecount(sCheck.pBt);
7914 sCheck.mxErr = mxErr;
7915 sCheck.nErr = 0;
7916 sCheck.mallocFailed = 0;
7917 *pnErr = 0;
7918 if( sCheck.nPage==0 ){
7919 sqlite3BtreeLeave(p);
7920 return 0;
7921 }
7922 sCheck.anRef = sqlite3Malloc( (sCheck.nPage+1)*sizeof(sCheck.anRef[0]) );
7923 if( !sCheck.anRef ){
7924 *pnErr = 1;
7925 sqlite3BtreeLeave(p);
7926 return 0;
7927 }
7928 for(i=0; i<=sCheck.nPage; i++){ sCheck.anRef[i] = 0; }
7929 i = PENDING_BYTE_PAGE(pBt);
7930 if( i<=sCheck.nPage ){
7931 sCheck.anRef[i] = 1;
7932 }
7933 sqlite3StrAccumInit(&sCheck.errMsg, zErr, sizeof(zErr), 20000);
7934 sCheck.errMsg.useMalloc = 2;
7935
7936 /* Check the integrity of the freelist
7937 */
7938 checkList(&sCheck, 1, get4byte(&pBt->pPage1->aData[32]),
7939 get4byte(&pBt->pPage1->aData[36]), "Main freelist: ");
7940
7941 /* Check all the tables.
7942 */
7943 for(i=0; (int)i<nRoot && sCheck.mxErr; i++){
7944 if( aRoot[i]==0 ) continue;
7945 #ifndef SQLITE_OMIT_AUTOVACUUM
7946 if( pBt->autoVacuum && aRoot[i]>1 ){
7947 checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0, 0);
7948 }
7949 #endif
7950 checkTreePage(&sCheck, aRoot[i], "List of tree roots: ", NULL, NULL);
7951 }
7952
7953 /* Make sure every page in the file is referenced
7954 */
7955 for(i=1; i<=sCheck.nPage && sCheck.mxErr; i++){
7956 #ifdef SQLITE_OMIT_AUTOVACUUM
7957 if( sCheck.anRef[i]==0 ){
7958 checkAppendMsg(&sCheck, 0, "Page %d is never used", i);
7959 }
7960 #else
7961 /* If the database supports auto-vacuum, make sure no tables contain
7962 ** references to pointer-map pages.
7963 */
7964 if( sCheck.anRef[i]==0 &&
7965 (PTRMAP_PAGENO(pBt, i)!=i || !pBt->autoVacuum) ){
7966 checkAppendMsg(&sCheck, 0, "Page %d is never used", i);
7967 }
7968 if( sCheck.anRef[i]!=0 &&
7969 (PTRMAP_PAGENO(pBt, i)==i && pBt->autoVacuum) ){
7970 checkAppendMsg(&sCheck, 0, "Pointer map page %d is referenced", i);
7971 }
7972 #endif
7973 }
7974
7975 /* Make sure this analysis did not leave any unref() pages.
7976 ** This is an internal consistency check; an integrity check
7977 ** of the integrity check.
7978 */
7979 if( NEVER(nRef != sqlite3PagerRefcount(pBt->pPager)) ){
7980 checkAppendMsg(&sCheck, 0,
7981 "Outstanding page count goes from %d to %d during this analysis",
7982 nRef, sqlite3PagerRefcount(pBt->pPager)
7983 );
7984 }
7985
7986 /* Clean up and report errors.
7987 */
7988 sqlite3BtreeLeave(p);
7989 sqlite3_free(sCheck.anRef);
7990 if( sCheck.mallocFailed ){
7991 sqlite3StrAccumReset(&sCheck.errMsg);
7992 *pnErr = sCheck.nErr+1;
7993 return 0;
7994 }
7995 *pnErr = sCheck.nErr;
7996 if( sCheck.nErr==0 ) sqlite3StrAccumReset(&sCheck.errMsg);
7997 return sqlite3StrAccumFinish(&sCheck.errMsg);
7998 }
7999 #endif /* SQLITE_OMIT_INTEGRITY_CHECK */
8000
8001 /*
8002 ** Return the full pathname of the underlying database file.
8003 **
8004 ** The pager filename is invariant as long as the pager is
8005 ** open so it is safe to access without the BtShared mutex.
8006 */
8007 const char *sqlite3BtreeGetFilename(Btree *p){
8008 assert( p->pBt->pPager!=0 );
8009 return sqlite3PagerFilename(p->pBt->pPager);
8010 }
8011
8012 /*
8013 ** Return the pathname of the journal file for this database. The return
8014 ** value of this routine is the same regardless of whether the journal file
8015 ** has been created or not.
8016 **
8017 ** The pager journal filename is invariant as long as the pager is
8018 ** open so it is safe to access without the BtShared mutex.
8019 */
8020 const char *sqlite3BtreeGetJournalname(Btree *p){
8021 assert( p->pBt->pPager!=0 );
8022 return sqlite3PagerJournalname(p->pBt->pPager);
8023 }
8024
8025 /*
8026 ** Return non-zero if a transaction is active.
8027 */
8028 int sqlite3BtreeIsInTrans(Btree *p){
8029 assert( p==0 || sqlite3_mutex_held(p->db->mutex) );
8030 return (p && (p->inTrans==TRANS_WRITE));
8031 }
8032
8033 #ifndef SQLITE_OMIT_WAL
8034 /*
8035 ** Run a checkpoint on the Btree passed as the first argument.
8036 **
8037 ** Return SQLITE_LOCKED if this or any other connection has an open
8038 ** transaction on the shared-cache the argument Btree is connected to.
8039 **
8040 ** Parameter eMode is one of SQLITE_CHECKPOINT_PASSIVE, FULL or RESTART.
8041 */
8042 int sqlite3BtreeCheckpoint(Btree *p, int eMode, int *pnLog, int *pnCkpt){
8043 int rc = SQLITE_OK;
8044 if( p ){
8045 BtShared *pBt = p->pBt;
8046 sqlite3BtreeEnter(p);
8047 if( pBt->inTransaction!=TRANS_NONE ){
8048 rc = SQLITE_LOCKED;
8049 }else{
8050 rc = sqlite3PagerCheckpoint(pBt->pPager, eMode, pnLog, pnCkpt);
8051 }
8052 sqlite3BtreeLeave(p);
8053 }
8054 return rc;
8055 }
8056 #endif
8057
8058 /*
8059 ** Return non-zero if a read (or write) transaction is active.
8060 */
8061 int sqlite3BtreeIsInReadTrans(Btree *p){
8062 assert( p );
8063 assert( sqlite3_mutex_held(p->db->mutex) );
8064 return p->inTrans!=TRANS_NONE;
8065 }
8066
8067 int sqlite3BtreeIsInBackup(Btree *p){
8068 assert( p );
8069 assert( sqlite3_mutex_held(p->db->mutex) );
8070 return p->nBackup!=0;
8071 }
8072
8073 /*
8074 ** This function returns a pointer to a blob of memory associated with
8075 ** a single shared-btree. The memory is used by client code for its own
8076 ** purposes (for example, to store a high-level schema associated with
8077 ** the shared-btree). The btree layer manages reference counting issues.
8078 **
8079 ** The first time this is called on a shared-btree, nBytes bytes of memory
8080 ** are allocated, zeroed, and returned to the caller. For each subsequent
8081 ** call the nBytes parameter is ignored and a pointer to the same blob
8082 ** of memory returned.
8083 **
8084 ** If the nBytes parameter is 0 and the blob of memory has not yet been
8085 ** allocated, a null pointer is returned. If the blob has already been
8086 ** allocated, it is returned as normal.
8087 **
8088 ** Just before the shared-btree is closed, the function passed as the
8089 ** xFree argument when the memory allocation was made is invoked on the
8090 ** blob of allocated memory. The xFree function should not call sqlite3_free()
8091 ** on the memory, the btree layer does that.
8092 */
8093 void *sqlite3BtreeSchema(Btree *p, int nBytes, void(*xFree)(void *)){
8094 BtShared *pBt = p->pBt;
8095 sqlite3BtreeEnter(p);
8096 if( !pBt->pSchema && nBytes ){
8097 pBt->pSchema = sqlite3DbMallocZero(0, nBytes);
8098 pBt->xFreeSchema = xFree;
8099 }
8100 sqlite3BtreeLeave(p);
8101 return pBt->pSchema;
8102 }
8103
8104 /*
8105 ** Return SQLITE_LOCKED_SHAREDCACHE if another user of the same shared
8106 ** btree as the argument handle holds an exclusive lock on the
8107 ** sqlite_master table. Otherwise SQLITE_OK.
8108 */
8109 int sqlite3BtreeSchemaLocked(Btree *p){
8110 int rc;
8111 assert( sqlite3_mutex_held(p->db->mutex) );
8112 sqlite3BtreeEnter(p);
8113 rc = querySharedCacheTableLock(p, MASTER_ROOT, READ_LOCK);
8114 assert( rc==SQLITE_OK || rc==SQLITE_LOCKED_SHAREDCACHE );
8115 sqlite3BtreeLeave(p);
8116 return rc;
8117 }
8118
8119
8120 #ifndef SQLITE_OMIT_SHARED_CACHE
8121 /*
8122 ** Obtain a lock on the table whose root page is iTab. The
8123 ** lock is a write lock if isWritelock is true or a read lock
8124 ** if it is false.
8125 */
8126 int sqlite3BtreeLockTable(Btree *p, int iTab, u8 isWriteLock){
8127 int rc = SQLITE_OK;
8128 assert( p->inTrans!=TRANS_NONE );
8129 if( p->sharable ){
8130 u8 lockType = READ_LOCK + isWriteLock;
8131 assert( READ_LOCK+1==WRITE_LOCK );
8132 assert( isWriteLock==0 || isWriteLock==1 );
8133
8134 sqlite3BtreeEnter(p);
8135 rc = querySharedCacheTableLock(p, iTab, lockType);
8136 if( rc==SQLITE_OK ){
8137 rc = setSharedCacheTableLock(p, iTab, lockType);
8138 }
8139 sqlite3BtreeLeave(p);
8140 }
8141 return rc;
8142 }
8143 #endif
8144
8145 #ifndef SQLITE_OMIT_INCRBLOB
8146 /*
8147 ** Argument pCsr must be a cursor opened for writing on an
8148 ** INTKEY table currently pointing at a valid table entry.
8149 ** This function modifies the data stored as part of that entry.
8150 **
8151 ** Only the data content may only be modified, it is not possible to
8152 ** change the length of the data stored. If this function is called with
8153 ** parameters that attempt to write past the end of the existing data,
8154 ** no modifications are made and SQLITE_CORRUPT is returned.
8155 */
8156 int sqlite3BtreePutData(BtCursor *pCsr, u32 offset, u32 amt, void *z){
8157 int rc;
8158 assert( cursorHoldsMutex(pCsr) );
8159 assert( sqlite3_mutex_held(pCsr->pBtree->db->mutex) );
8160 assert( pCsr->isIncrblobHandle );
8161
8162 rc = restoreCursorPosition(pCsr);
8163 if( rc!=SQLITE_OK ){
8164 return rc;
8165 }
8166 assert( pCsr->eState!=CURSOR_REQUIRESEEK );
8167 if( pCsr->eState!=CURSOR_VALID ){
8168 return SQLITE_ABORT;
8169 }
8170
8171 /* Check some assumptions:
8172 ** (a) the cursor is open for writing,
8173 ** (b) there is a read/write transaction open,
8174 ** (c) the connection holds a write-lock on the table (if required),
8175 ** (d) there are no conflicting read-locks, and
8176 ** (e) the cursor points at a valid row of an intKey table.
8177 */
8178 if( !pCsr->wrFlag ){
8179 return SQLITE_READONLY;
8180 }
8181 assert( !pCsr->pBt->readOnly && pCsr->pBt->inTransaction==TRANS_WRITE );
8182 assert( hasSharedCacheTableLock(pCsr->pBtree, pCsr->pgnoRoot, 0, 2) );
8183 assert( !hasReadConflicts(pCsr->pBtree, pCsr->pgnoRoot) );
8184 assert( pCsr->apPage[pCsr->iPage]->intKey );
8185
8186 return accessPayload(pCsr, offset, amt, (unsigned char *)z, 1);
8187 }
8188
8189 /*
8190 ** Set a flag on this cursor to cache the locations of pages from the
8191 ** overflow list for the current row. This is used by cursors opened
8192 ** for incremental blob IO only.
8193 **
8194 ** This function sets a flag only. The actual page location cache
8195 ** (stored in BtCursor.aOverflow[]) is allocated and used by function
8196 ** accessPayload() (the worker function for sqlite3BtreeData() and
8197 ** sqlite3BtreePutData()).
8198 */
8199 void sqlite3BtreeCacheOverflow(BtCursor *pCur){
8200 assert( cursorHoldsMutex(pCur) );
8201 assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
8202 invalidateOverflowCache(pCur);
8203 pCur->isIncrblobHandle = 1;
8204 }
8205 #endif
8206
8207 /*
8208 ** Set both the "read version" (single byte at byte offset 18) and
8209 ** "write version" (single byte at byte offset 19) fields in the database
8210 ** header to iVersion.
8211 */
8212 int sqlite3BtreeSetVersion(Btree *pBtree, int iVersion){
8213 BtShared *pBt = pBtree->pBt;
8214 int rc; /* Return code */
8215
8216 assert( iVersion==1 || iVersion==2 );
8217
8218 /* If setting the version fields to 1, do not automatically open the
8219 ** WAL connection, even if the version fields are currently set to 2.
8220 */
8221 pBt->doNotUseWAL = (u8)(iVersion==1);
8222
8223 rc = sqlite3BtreeBeginTrans(pBtree, 0);
8224 if( rc==SQLITE_OK ){
8225 u8 *aData = pBt->pPage1->aData;
8226 if( aData[18]!=(u8)iVersion || aData[19]!=(u8)iVersion ){
8227 rc = sqlite3BtreeBeginTrans(pBtree, 2);
8228 if( rc==SQLITE_OK ){
8229 rc = sqlite3PagerWrite(pBt->pPage1->pDbPage);
8230 if( rc==SQLITE_OK ){
8231 aData[18] = (u8)iVersion;
8232 aData[19] = (u8)iVersion;
8233 }
8234 }
8235 }
8236 }
8237
8238 pBt->doNotUseWAL = 0;
8239 return rc;
8240 }