SQLite

  }else{
    pFile->ctrlFlags |= mask;
  }
}

/* Forward declaration */
static int unixGetTempname(int nBuf, char *zBuf);
static int fcntlReadShm(unixFile*,void*);

/*
** Information and control of an open file handle.
*/
static int unixFileControl(sqlite3_file *id, int op, void *pArg){
  unixFile *pFile = (unixFile*)id;
  switch( op ){

      return rc ? SQLITE_IOERR_COMMIT_ATOMIC : SQLITE_OK;
    }
    case SQLITE_FCNTL_ROLLBACK_ATOMIC_WRITE: {
      int rc = osIoctl(pFile->h, F2FS_IOC_ABORT_VOLATILE_WRITE);
      return rc ? SQLITE_IOERR_ROLLBACK_ATOMIC : SQLITE_OK;
    }
#endif /* __linux__ && SQLITE_ENABLE_BATCH_ATOMIC_WRITE */

    case SQLITE_FCNTL_READ_SHM: {
      return fcntlReadShm(pFile, pArg);
    }

    case SQLITE_FCNTL_LOCKSTATE: {
      *(int*)pArg = pFile->eFileLock;
      return SQLITE_OK;
    }
    case SQLITE_FCNTL_LAST_ERRNO: {
      *(int*)pArg = pFile->lastErrno;

};

/*
** Constants used for locking
*/
#define UNIX_SHM_BASE   ((22+SQLITE_SHM_NLOCK)*4)         /* first lock byte */
#define UNIX_SHM_DMS    (UNIX_SHM_BASE+SQLITE_SHM_NLOCK)  /* deadman switch */

/*
** Implementation of file-control SQLITE_FCNTL_READ_SHM.
*/
static int fcntlReadShm(unixFile *pFile, void *pArg){
  struct ReadShmParam {
    void *pBuf;
    int nBuf;
  } *pParam = (struct ReadShmParam*)pArg;
  unixShmNode *pShmNode = pFile->pShm->pShmNode;
  int rc = SQLITE_OK;
  sqlite3_mutex_enter( pShmNode->mutex );
  if( pShmNode->isUnlocked==1 ){
    struct stat buf;          /* Used to hold return values of fstat() */
    if( osFstat(pShmNode->h, &buf) ){
      rc = SQLITE_IOERR_FSTAT;
    }else if( 0!=lseek(pShmNode->h, 0, SEEK_SET) ){
      rc = SQLITE_IOERR_READ;
    }else{
      int nRead = buf.st_size;
      if( nRead==0 ){
        pParam->nBuf = 0;
        pParam->pBuf = 0;
      }else{    
        pParam->pBuf = sqlite3_malloc(nRead);
        if( pParam->pBuf ){
          int res = osRead(pShmNode->h, pParam->pBuf, nRead);
          if( res!=nRead ){
            sqlite3_free(pParam->pBuf);
            pParam->pBuf = 0;
            rc = SQLITE_IOERR_READ;
          }else{
            pParam->nBuf = nRead;
          }
        }else{
          rc = SQLITE_NOMEM_BKPT;
        }
      }
    }
  }else{
    rc = SQLITE_BUSY;
  }
  sqlite3_mutex_leave( pShmNode->mutex );
  return rc;
}

/*
** Apply posix advisory locks for all bytes from ofst through ofst+n-1.
**
** Locks block if the mask is exactly UNIX_SHM_C and are non-blocking
** otherwise.
*/

#define SQLITE_FCNTL_VFS_POINTER            27
#define SQLITE_FCNTL_JOURNAL_POINTER        28
#define SQLITE_FCNTL_WIN32_GET_HANDLE       29
#define SQLITE_FCNTL_PDB                    30
#define SQLITE_FCNTL_BEGIN_ATOMIC_WRITE     31
#define SQLITE_FCNTL_COMMIT_ATOMIC_WRITE    32
#define SQLITE_FCNTL_ROLLBACK_ATOMIC_WRITE  33
#define SQLITE_FCNTL_READ_SHM               34

/* deprecated names */
#define SQLITE_GET_LOCKPROXYFILE      SQLITE_FCNTL_GET_LOCKPROXYFILE
#define SQLITE_SET_LOCKPROXYFILE      SQLITE_FCNTL_SET_LOCKPROXYFILE
#define SQLITE_LAST_ERRNO             SQLITE_FCNTL_LAST_ERRNO

  u8 exclusiveMode;          /* Non-zero if connection is in exclusive mode */
  u8 writeLock;              /* True if in a write transaction */
  u8 ckptLock;               /* True if holding a checkpoint lock */
  u8 readOnly;               /* WAL_RDWR, WAL_RDONLY, or WAL_SHM_RDONLY */
  u8 truncateOnCommit;       /* True to truncate WAL file on commit */
  u8 syncHeader;             /* Fsync the WAL header if true */
  u8 padToSectorBoundary;    /* Pad transactions out to the next sector */
  u8 bUnlocked;              /* A readonly_shm connection without DMS lock */
  WalIndexHdr hdr;           /* Wal-index header for current transaction */
  u32 minFrame;              /* Ignore wal frames before this one */
  u32 iReCksum;              /* On commit, recalculate checksums from here */
  const char *zWalName;      /* Name of WAL file */
  u32 nCkpt;                 /* Checkpoint sequence counter in the wal-header */
#ifdef SQLITE_DEBUG
  u8 lockError;              /* True if a locking error has occurred */

*/
#define HASHTABLE_NPAGE_ONE  (HASHTABLE_NPAGE - (WALINDEX_HDR_SIZE/sizeof(u32)))

/* The wal-index is divided into pages of WALINDEX_PGSZ bytes each. */
#define WALINDEX_PGSZ   (                                         \
    sizeof(ht_slot)*HASHTABLE_NSLOT + HASHTABLE_NPAGE*sizeof(u32) \
)

/*
** Grow the pWal->apWiData[] array so that it is at least nPage entries
** in size. Return SQLITE_NOMEM if an OOM error occurs, or SQLITE_OK 
** otherwise.
*/
static int walIndexGrowArray(Wal *pWal, int nPage){
  if( nPage>pWal->nWiData ){
    int nByte = sizeof(u32*)*nPage;
    volatile u32 **apNew;
    apNew = (volatile u32 **)sqlite3_realloc64((void *)pWal->apWiData, nByte);
    if( !apNew ){
      return SQLITE_NOMEM_BKPT;
    }
    memset((void*)&apNew[pWal->nWiData], 0,
           sizeof(u32*)*(nPage-pWal->nWiData));
    pWal->apWiData = apNew;
    pWal->nWiData = nPage;
  }
  return SQLITE_OK;
}

/*
** Obtain a pointer to the iPage'th page of the wal-index. The wal-index
** is broken into pages of WALINDEX_PGSZ bytes. Wal-index pages are
** numbered from zero.
**
** If this call is successful, *ppPage is set to point to the wal-index
** page and SQLITE_OK is returned. If an error (an OOM or VFS error) occurs,
** then an SQLite error code is returned and *ppPage is set to 0.
*/
static int walIndexPage(Wal *pWal, int iPage, volatile u32 **ppPage){
  int rc = SQLITE_OK;

  /* Enlarge the pWal->apWiData[] array if required */

  if( walIndexGrowArray(pWal, iPage+1) ){



    *ppPage = 0;
    return SQLITE_NOMEM;





  }

  /* Request a pointer to the required page from the VFS */
  if( pWal->apWiData[iPage]==0 ){
    if( pWal->exclusiveMode==WAL_HEAPMEMORY_MODE ){
      pWal->apWiData[iPage] = (u32 volatile *)sqlite3MallocZero(WALINDEX_PGSZ);
      if( !pWal->apWiData[iPage] ) rc = SQLITE_NOMEM_BKPT;

*/
static int walIndexRecover(Wal *pWal){
  int rc;                         /* Return Code */
  i64 nSize;                      /* Size of log file */
  u32 aFrameCksum[2] = {0, 0};
  int iLock;                      /* Lock offset to lock for checkpoint */

  /* Obtain an exclusive lock on all bytes in the locking range except
  ** WAL_READ_LOCK(0) not already locked by the caller. The caller is
  ** guaranteed to have locked the WAL_WRITE_LOCK byte, and may have also
  ** locked the WAL_CKPT_LOCK byte. If successful, the same bytes that are
  ** locked here are unlocked before this function returns.  */

  assert( pWal->ckptLock==1 || pWal->ckptLock==0 );
  assert( WAL_ALL_BUT_WRITE==WAL_WRITE_LOCK+1 );
  assert( WAL_CKPT_LOCK==WAL_ALL_BUT_WRITE );
  assert( pWal->writeLock );
  iLock = WAL_ALL_BUT_WRITE + pWal->ckptLock;
  rc = walLockExclusive(pWal, iLock, WAL_READ_LOCK(0)-iLock);
  if( rc==SQLITE_OK ){

  int badHdr;                     /* True if a header read failed */
  volatile u32 *page0;            /* Chunk of wal-index containing header */

  /* Ensure that page 0 of the wal-index (the page that contains the 
  ** wal-index header) is mapped. Return early if an error occurs here.
  */
  assert( pChanged );
  assert( pWal->bUnlocked==0 );
  rc = walIndexPage(pWal, 0, &page0);
  if( rc!=SQLITE_OK ){








    return rc;
  };
  assert( page0 || pWal->writeLock==0 );

  /* If the first page of the wal-index has been mapped, try to read the
  ** wal-index header immediately, without holding any lock. This usually
  ** works, but may fail if the wal-index header is corrupt or currently 
  ** being modified by another thread or process.
  */
  badHdr = (page0 ? walIndexTryHdr(pWal, pChanged) : 1);

  /* If the first attempt failed, it might have been due to a race
  ** with a writer.  So get a WRITE lock and try again.
  */
  assert( badHdr==0 || pWal->writeLock==0 );
  if( badHdr ){
    if( pWal->readOnly & WAL_SHM_RDONLY ){
      if( pWal->bUnlocked ){
        rc = SQLITE_READONLY_RECOVERY;
      }
      else if( SQLITE_OK==(rc = walLockShared(pWal, WAL_WRITE_LOCK)) ){
        walUnlockShared(pWal, WAL_WRITE_LOCK);
        rc = SQLITE_READONLY_RECOVERY;
      }
    }else if( SQLITE_OK==(rc = walLockExclusive(pWal, WAL_WRITE_LOCK, 1)) ){
      pWal->writeLock = 1;
      if( SQLITE_OK==(rc = walIndexPage(pWal, 0, &page0)) ){
        badHdr = walIndexTryHdr(pWal, pChanged);

}

/*
** This is the value that walTryBeginRead returns when it needs to
** be retried.
*/
#define WAL_RETRY  (-1)

/*
** When this function is called, a call to xShmMap has just returned
** SQLITE_READONLY_CANTLOCK, indicating that the *-shm file was opened
** read-only and that there were no other connections to the database 
** at that point.
*/
static int walBeginUnlocked(Wal *pWal, int *pChanged){
  struct ReadShmParam {
    void *pBuf;
    int nBuf;
  } buf = {0, 0};
  i64 nSize;
  int rc;
  volatile void *pDummy;

  assert( pWal->nWiData>0 && pWal->apWiData[0]==0 );
  assert( pWal->readOnly & WAL_SHM_RDONLY );
  
  /* Take WAL_READ_LOCK(0). This has the effect of preventing any
  ** live clients from running a checkpoint, but does not stop them
  ** from running recovery.  */
  rc = walLockShared(pWal, WAL_READ_LOCK(0));
  if( rc!=SQLITE_OK ){
    return (rc==SQLITE_BUSY ? WAL_RETRY : rc);
  }

  /* Try to map the *-shm file again. If it succeeds this time, then 
  ** a non-readonly_shm connection has already connected to the database.
  ** In this case, start over with opening the transaction.
  **
  ** The WAL_READ_LOCK(0) lock held by this client prevents a checkpoint
  ** from taking place. But it does not prevent the wal from being wrapped
  ** if a checkpoint has already taken place. This means that if another
  ** client is connected at this point, it may have already checkpointed 
  ** the entire wal. In that case it would not be safe to continue with
  ** the unlocked transaction, as the other client may overwrite wal 
  ** frames that this client is still using.  */
  rc = sqlite3OsShmMap(pWal->pDbFd, 0, WALINDEX_PGSZ, 0, &pDummy);
  if( rc!=SQLITE_READONLY_CANTLOCK ){
    rc = (rc==SQLITE_OK ? WAL_RETRY : rc);
    goto begin_unlocked_out;
  }
  pWal->readLock = 0;

  /* Figure out how large the wal file is. If it is zero bytes in size,
  ** do not bother loading the *-shm file. Just read from the db file
  ** exclusively like any other Wal.readLock==0 client. Otherwise,
  ** use SQLITE_FCNTL_READ_SHM to load the contents of the *-shm file 
  ** into heap memory. */
  rc = sqlite3OsFileSize(pWal->pWalFd, &nSize);
  if( rc!=SQLITE_OK ) return rc;

  memset(&pWal->hdr, 0, sizeof(WalIndexHdr));
  if( nSize>0 ){
    rc = sqlite3OsFileControl(pWal->pDbFd, SQLITE_FCNTL_READ_SHM, (void*)&buf);
    if( rc!=SQLITE_OK ){
      return rc==SQLITE_BUSY ? WAL_RETRY : rc;
    }
    if( buf.nBuf<WALINDEX_PGSZ ){
      rc = SQLITE_READONLY_RECOVERY;
    }else{
      int i;
      int nChunk = buf.nBuf/WALINDEX_PGSZ;
      if( walIndexGrowArray(pWal, nChunk) ){
        rc = SQLITE_NOMEM;
      }else{
        u8 *aBuf = (u8*)buf.pBuf;
        for(i=0; i<nChunk; i++){
          pWal->apWiData[i] = (volatile u32*)&aBuf[i*WALINDEX_PGSZ];
        }
        if( walIndexTryHdr(pWal, pChanged) ){
          rc = SQLITE_READONLY_RECOVERY;
        }
      }
    }
  }

 begin_unlocked_out:
  if( rc!=SQLITE_OK ){
    sqlite3_free(buf.pBuf);
    memset(pWal->apWiData, 0, pWal->nWiData*sizeof(u32*));
    walUnlockShared(pWal, WAL_READ_LOCK(0));
  }else{
    pWal->bUnlocked = 1;
    *pChanged = 1;
  }
  return rc;
}

/*
** Attempt to start a read transaction.  This might fail due to a race or
** other transient condition.  When that happens, it returns WAL_RETRY to
** indicate to the caller that it is safe to retry immediately.
**
** On success return SQLITE_OK.  On a permanent failure (such an

    }
    if( cnt>=10 ) nDelay = (cnt-9)*(cnt-9)*39;
    sqlite3OsSleep(pWal->pVfs, nDelay);
  }

  if( !useWal ){
    rc = walIndexReadHdr(pWal, pChanged);
    if( rc==SQLITE_READONLY_CANTLOCK ){
      /* This is a readonly_shm connection and there are no other connections
      ** to the database. So the *-shm file may not be accessed using mmap.
      ** Take WAL_READ_LOCK(0) before proceding.  */
      assert( pWal->nWiData>0 && pWal->apWiData[0]==0 );
      assert( pWal->readOnly & WAL_SHM_RDONLY );
      return walBeginUnlocked(pWal, pChanged);
    }
    if( rc==SQLITE_BUSY ){
      /* If there is not a recovery running in another thread or process
      ** then convert BUSY errors to WAL_RETRY.  If recovery is known to
      ** be running, convert BUSY to BUSY_RECOVERY.  There is a race here
      ** which might cause WAL_RETRY to be returned even if BUSY_RECOVERY
      ** would be technically correct.  But the race is benign since with
      ** WAL_RETRY this routine will be called again and will probably be

** read-lock.
*/
void sqlite3WalEndReadTransaction(Wal *pWal){
  sqlite3WalEndWriteTransaction(pWal);
  if( pWal->readLock>=0 ){
    walUnlockShared(pWal, WAL_READ_LOCK(pWal->readLock));
    pWal->readLock = -1;
    if( pWal->bUnlocked ){
      sqlite3_free((void*)pWal->apWiData[0]);
      memset(pWal->apWiData, 0, sizeof(u32*)*pWal->nWiData);
      pWal->bUnlocked = 0;
    }
  }
}

/*
** Search the wal file for page pgno. If found, set *piRead to the frame that
** contains the page. Otherwise, if pgno is not in the wal file, set *piRead
** to zero.

  /* If the "last page" field of the wal-index header snapshot is 0, then
  ** no data will be read from the wal under any circumstances. Return early
  ** in this case as an optimization.  Likewise, if pWal->readLock==0, 
  ** then the WAL is ignored by the reader so return early, as if the 
  ** WAL were empty.
  */
  if( iLast==0 || (pWal->readLock==0 && !pWal->bUnlocked) ){
    *piRead = 0;
    return SQLITE_OK;
  }

  /* Search the hash table or tables for an entry matching page number
  ** pgno. Each iteration of the following for() loop searches one
  ** hash table (each hash table indexes up to HASHTABLE_NPAGE frames).

  do_test 1.1.13  { sql2 "INSERT INTO t1 VALUES('i', 'j')" } {}

  do_test 1.2.1 {
    code2 { db2 close }
    code1 { db close }
    list [file exists test.db-wal] [file exists test.db-shm]
  } {1 1}

  do_test 1.2.2 {
    code1 { sqlite3 db file:test.db?readonly_shm=1 }
    sql1 { SELECT * FROM t1 }
  } {a b c d e f g h i j}

  do_test 1.2.3 {
    code1 { db close }
    file attributes test.db-shm -permissions rw-r--r--
    hexio_write test.db-shm 0 01020304 
    file attributes test.db-shm -permissions r--r--r--
    code1 { sqlite3 db file:test.db?readonly_shm=1 }
    csql1 { SELECT * FROM t1 }
  } {1 {attempt to write a readonly database}}
  do_test 1.2.4 {
    code1 { sqlite3_extended_errcode db } 
  } {SQLITE_READONLY_RECOVERY}

  do_test 1.2.5 {
    file attributes test.db-shm -permissions rw-r--r--
    code2 { sqlite3 db2 test.db }
    sql2 "SELECT * FROM t1" 
  } {a b c d e f g h i j}
  file attributes test.db-shm -permissions r--r--r--

    code2 { db2 close }
    file exists test.db-shm
  } {0}
  do_test 1.3.2.2 {
    code1 { sqlite3 db file:test.db?readonly_shm=1 }
    csql1 { SELECT * FROM sqlite_master }
  } {1 {unable to open database file}}

  # Update: This test used to fail (because a 0 byte *-shm file does not
  # contain a valid shm-header) but now succeeds (because a readonly_shm
  # connection ignores the *-shm file completely if the wal file is also
  # zero bytes in size).
  do_test 1.3.2.3 {
    code1 { db close }
    close [open test.db-shm w]
    file attributes test.db-shm -permissions r--r--r--
    code1 { sqlite3 db file:test.db?readonly_shm=1 }
    csql1 { SELECT * FROM t1 }
  } {0 {a b c d e f g h i j k l}}
  do_test 1.3.2.4 {
    code1 { sqlite3_extended_errcode db } 
  } {SQLITE_OK}

  #-----------------------------------------------------------------------
  # Test cases 1.4.* check that checkpoints and log wraps don't prevent
  # read-only connections from reading the database.
  do_test 1.4.1 {
    code1 { db close }
    forcedelete test.db-shm

      PRAGMA journal_mode = WAL;
      INSERT INTO t1 VALUES('a', 'b');
      INSERT INTO t1 VALUES('c', 'd');
    }
    file exists test.db-shm
  } {1}

  do_test 1.2.1 {
    forcecopy test.db test.db2
    forcecopy test.db-wal test.db2-wal
    forcecopy test.db-shm test.db2-shm
    code1 {
      sqlite3 db file:test.db2?readonly_shm=1
    }
  } {}
  do_test 1.2.2 {
    sql1 { SELECT * FROM t1 }
  } {a b c d}

  do_test 1.3.1 {
    code3 { sqlite3 db3 test.db2 }
    sql3 { SELECT * FROM t1 }
  } {a b c d}

  do_test 1.3.2 {

    code1 {
      sqlite3 db file:test.db2?readonly_shm=1
    }
    sql1 { 
      BEGIN;
      SELECT * FROM t1;
    }
  } {a b c d e f g h}

  do_test 2.3.1 {
    code3 { sqlite3 db3 test.db2 }
    sql3 { SELECT * FROM t1 }
  } {a b c d e f g h}

}

finish_test