/ Check-in [7c4cca6d]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Remove the obsolete sqlite3SafetyOn() mechanism. Add additional logging output for CORRUPT, and CANTOPEN errors.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:7c4cca6d1a23a6d1591b62f58c3716a944969947
User & Date: drh 2010-02-23 17:36:33
References
2010-02-25
02:32
Merge in all of the logging enhancements. This is a cherrypick merge of the following check-ins: [103321e37a], [a8076aede3], [6d910245ad], [7c4cca6d1a], [edea3bb740], [1a6d4bb130], [a8c984c1d6], [69a493182f], and [1168763d2c]. check-in: 46f406b2 user: drh tags: branch-3.6.22
Context
2010-02-23
18:05
Fix a segfault that can occur if a malloc fails in ATTACH in shared-cache mode. check-in: e3713737 user: dan tags: trunk
17:36
Remove the obsolete sqlite3SafetyOn() mechanism. Add additional logging output for CORRUPT, and CANTOPEN errors. check-in: 7c4cca6d user: drh tags: trunk
01:47
Add the ".log" command to the shell. This shows that some errors are logged multiple times and other errors are never logged at all. check-in: 6d910245 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/analyze.c.

   555    555   
   556    556     /* Load new statistics out of the sqlite_stat1 table */
   557    557     zSql = sqlite3MPrintf(db, 
   558    558         "SELECT idx, stat FROM %Q.sqlite_stat1", sInfo.zDatabase);
   559    559     if( zSql==0 ){
   560    560       rc = SQLITE_NOMEM;
   561    561     }else{
   562         -    (void)sqlite3SafetyOff(db);
   563    562       rc = sqlite3_exec(db, zSql, analysisLoader, &sInfo, 0);
   564         -    (void)sqlite3SafetyOn(db);
   565    563       sqlite3DbFree(db, zSql);
   566    564     }
   567    565   
   568    566   
   569    567     /* Load the statistics from the sqlite_stat2 table. */
   570    568   #ifdef SQLITE_ENABLE_STAT2
   571    569     if( rc==SQLITE_OK && !sqlite3FindTable(db, "sqlite_stat2", sInfo.zDatabase) ){
................................................................................
   575    573       sqlite3_stmt *pStmt = 0;
   576    574   
   577    575       zSql = sqlite3MPrintf(db, 
   578    576           "SELECT idx,sampleno,sample FROM %Q.sqlite_stat2", sInfo.zDatabase);
   579    577       if( !zSql ){
   580    578         rc = SQLITE_NOMEM;
   581    579       }else{
   582         -      (void)sqlite3SafetyOff(db);
   583    580         rc = sqlite3_prepare(db, zSql, -1, &pStmt, 0);
   584         -      (void)sqlite3SafetyOn(db);
   585    581         sqlite3DbFree(db, zSql);
   586    582       }
   587    583   
   588    584       if( rc==SQLITE_OK ){
   589         -      (void)sqlite3SafetyOff(db);
   590    585         while( sqlite3_step(pStmt)==SQLITE_ROW ){
   591    586           char *zIndex = (char *)sqlite3_column_text(pStmt, 0);
   592    587           Index *pIdx = sqlite3FindIndex(db, zIndex, sInfo.zDatabase);
   593    588           if( pIdx ){
   594    589             int iSample = sqlite3_column_int(pStmt, 1);
   595    590             sqlite3 *dbMem = pIdx->pTable->dbMem;
   596    591             assert( dbMem==db || dbMem==0 );
................................................................................
   632    627                   }
   633    628                 }
   634    629               }
   635    630             }
   636    631           }
   637    632         }
   638    633         rc = sqlite3_finalize(pStmt);
   639         -      (void)sqlite3SafetyOn(db);
   640    634       }
   641    635     }
   642    636   #endif
   643    637   
   644    638     if( rc==SQLITE_NOMEM ){
   645    639       db->mallocFailed = 1;
   646    640     }
   647    641     return rc;
   648    642   }
   649    643   
   650    644   
   651    645   #endif /* SQLITE_OMIT_ANALYZE */

Changes to src/attach.c.

   182    182   
   183    183     /* If the file was opened successfully, read the schema for the new database.
   184    184     ** If this fails, or if opening the file failed, then close the file and 
   185    185     ** remove the entry from the db->aDb[] array. i.e. put everything back the way
   186    186     ** we found it.
   187    187     */
   188    188     if( rc==SQLITE_OK ){
   189         -    (void)sqlite3SafetyOn(db);
   190    189       sqlite3BtreeEnterAll(db);
   191    190       rc = sqlite3Init(db, &zErrDyn);
   192    191       sqlite3BtreeLeaveAll(db);
   193         -    (void)sqlite3SafetyOff(db);
   194    192     }
   195    193     if( rc ){
   196    194       int iDb = db->nDb - 1;
   197    195       assert( iDb>=2 );
   198    196       if( db->aDb[iDb].pBt ){
   199    197         sqlite3BtreeClose(db->aDb[iDb].pBt);
   200    198         db->aDb[iDb].pBt = 0;

Changes to src/btree.c.

  5915   5915       subtotal += szCell[i] + 2;
  5916   5916       if( subtotal > usableSpace ){
  5917   5917         szNew[k] = subtotal - szCell[i];
  5918   5918         cntNew[k] = i;
  5919   5919         if( leafData ){ i--; }
  5920   5920         subtotal = 0;
  5921   5921         k++;
  5922         -      if( k>NB+1 ){ rc = SQLITE_CORRUPT; goto balance_cleanup; }
         5922  +      if( k>NB+1 ){ rc = SQLITE_CORRUPT_BKPT; goto balance_cleanup; }
  5923   5923       }
  5924   5924     }
  5925   5925     szNew[k] = subtotal;
  5926   5926     cntNew[k] = nCell;
  5927   5927     k++;
  5928   5928   
  5929   5929     /*
................................................................................
  5969   5969       nOld>=3 ? apOld[2]->pgno : 0
  5970   5970     ));
  5971   5971   
  5972   5972     /*
  5973   5973     ** Allocate k new pages.  Reuse old pages where possible.
  5974   5974     */
  5975   5975     if( apOld[0]->pgno<=1 ){
  5976         -    rc = SQLITE_CORRUPT;
         5976  +    rc = SQLITE_CORRUPT_BKPT;
  5977   5977       goto balance_cleanup;
  5978   5978     }
  5979   5979     pageFlags = apOld[0]->aData[0];
  5980   5980     for(i=0; i<k; i++){
  5981   5981       MemPage *pNew;
  5982   5982       if( i<nOld ){
  5983   5983         pNew = apNew[i] = apOld[i];

Changes to src/complete.c.


Changes to src/main.c.

  1935   1935   **
  1936   1936   ******* THIS IS AN EXPERIMENTAL API AND IS SUBJECT TO CHANGE ******
  1937   1937   */
  1938   1938   int sqlite3_get_autocommit(sqlite3 *db){
  1939   1939     return db->autoCommit;
  1940   1940   }
  1941   1941   
  1942         -#ifdef SQLITE_DEBUG
  1943   1942   /*
  1944         -** The following routine is subtituted for constant SQLITE_CORRUPT in
  1945         -** debugging builds.  This provides a way to set a breakpoint for when
  1946         -** corruption is first detected.
         1943  +** The following routines are subtitutes for constants SQLITE_CORRUPT,
         1944  +** SQLITE_MISUSE, SQLITE_CANTOPEN, SQLITE_IOERR and possibly other error
         1945  +** constants.  They server two purposes:
         1946  +**
         1947  +**   1.  Serve as a convenient place to set a breakpoint in a debugger
         1948  +**       to detect when version error conditions occurs.
         1949  +**
         1950  +**   2.  Invoke sqlite3_log() to provide the source code location where
         1951  +**       a low-level error is first detected.
  1947   1952   */
  1948         -int sqlite3Corrupt(void){
         1953  +int sqlite3CorruptError(int lineno){
         1954  +  sqlite3_log(SQLITE_CORRUPT,
         1955  +              "database corruption found by source line %d", lineno);
  1949   1956     return SQLITE_CORRUPT;
  1950   1957   }
  1951         -#endif
         1958  +int sqlite3MisuseError(int lineno){
         1959  +  sqlite3_log(SQLITE_MISUSE, "misuse detected by source line %d", lineno);
         1960  +  return SQLITE_MISUSE;
         1961  +}
         1962  +int sqlite3CantopenError(int lineno){
         1963  +  sqlite3_log(SQLITE_CANTOPEN, "cannot open file at source line %d", lineno);
         1964  +  return SQLITE_CANTOPEN;
         1965  +}
         1966  +
  1952   1967   
  1953   1968   #ifndef SQLITE_OMIT_DEPRECATED
  1954   1969   /*
  1955   1970   ** This is a convenience routine that makes sure that all thread-specific
  1956   1971   ** data for this thread has been deallocated.
  1957   1972   **
  1958   1973   ** SQLite no longer uses thread-specific data so this routine is now a
................................................................................
  1988   2003     char const *zCollSeq = 0;
  1989   2004     int notnull = 0;
  1990   2005     int primarykey = 0;
  1991   2006     int autoinc = 0;
  1992   2007   
  1993   2008     /* Ensure the database schema has been loaded */
  1994   2009     sqlite3_mutex_enter(db->mutex);
  1995         -  (void)sqlite3SafetyOn(db);
  1996   2010     sqlite3BtreeEnterAll(db);
  1997   2011     rc = sqlite3Init(db, &zErrMsg);
  1998   2012     if( SQLITE_OK!=rc ){
  1999   2013       goto error_out;
  2000   2014     }
  2001   2015   
  2002   2016     /* Locate the table in question */
................................................................................
  2047   2061     }
  2048   2062     if( !zCollSeq ){
  2049   2063       zCollSeq = "BINARY";
  2050   2064     }
  2051   2065   
  2052   2066   error_out:
  2053   2067     sqlite3BtreeLeaveAll(db);
  2054         -  (void)sqlite3SafetyOff(db);
  2055   2068   
  2056   2069     /* Whether the function call succeeded or failed, set the output parameters
  2057   2070     ** to whatever their local counterparts contain. If an error did occur,
  2058   2071     ** this has the effect of zeroing all output parameters.
  2059   2072     */
  2060   2073     if( pzDataType ) *pzDataType = zDataType;
  2061   2074     if( pzCollSeq ) *pzCollSeq = zCollSeq;

Changes to src/os_unix.c.

  3863   3863   #ifdef FD_CLOEXEC
  3864   3864         fcntl(fd, F_SETFD, fcntl(fd, F_GETFD, 0) | FD_CLOEXEC);
  3865   3865   #endif
  3866   3866         OSTRACE3("OPENDIR %-3d %s\n", fd, zDirname);
  3867   3867       }
  3868   3868     }
  3869   3869     *pFd = fd;
  3870         -  return (fd>=0?SQLITE_OK:SQLITE_CANTOPEN);
         3870  +  return (fd>=0?SQLITE_OK:SQLITE_CANTOPEN_BKPT);
  3871   3871   }
  3872   3872   
  3873   3873   /*
  3874   3874   ** Create a temporary file name in zBuf.  zBuf must be allocated
  3875   3875   ** by the calling process and must be big enough to hold at least
  3876   3876   ** pVfs->mxPathname bytes.
  3877   3877   */
................................................................................
  4126   4126         flags &= ~(SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE);
  4127   4127         openFlags &= ~(O_RDWR|O_CREAT);
  4128   4128         flags |= SQLITE_OPEN_READONLY;
  4129   4129         openFlags |= O_RDONLY;
  4130   4130         fd = open(zName, openFlags, openMode);
  4131   4131       }
  4132   4132       if( fd<0 ){
  4133         -      rc = SQLITE_CANTOPEN;
         4133  +      rc = SQLITE_CANTOPEN_BKPT;
  4134   4134         goto open_finished;
  4135   4135       }
  4136   4136     }
  4137   4137     assert( fd>=0 );
  4138   4138     if( pOutFlags ){
  4139   4139       *pOutFlags = flags;
  4140   4140     }
................................................................................
  4350   4350   
  4351   4351     zOut[nOut-1] = '\0';
  4352   4352     if( zPath[0]=='/' ){
  4353   4353       sqlite3_snprintf(nOut, zOut, "%s", zPath);
  4354   4354     }else{
  4355   4355       int nCwd;
  4356   4356       if( getcwd(zOut, nOut-1)==0 ){
  4357         -      return SQLITE_CANTOPEN;
         4357  +      return SQLITE_CANTOPEN_BKPT;
  4358   4358       }
  4359   4359       nCwd = (int)strlen(zOut);
  4360   4360       sqlite3_snprintf(nOut-nCwd, &zOut[nCwd], "/%s", zPath);
  4361   4361     }
  4362   4362     return SQLITE_OK;
  4363   4363   }
  4364   4364   
................................................................................
  4861   4861       }
  4862   4862       switch (terrno) {
  4863   4863         case EACCES:
  4864   4864           return SQLITE_PERM;
  4865   4865         case EIO: 
  4866   4866           return SQLITE_IOERR_LOCK; /* even though it is the conch */
  4867   4867         default:
  4868         -        return SQLITE_CANTOPEN;
         4868  +        return SQLITE_CANTOPEN_BKPT;
  4869   4869       }
  4870   4870     }
  4871   4871     
  4872   4872     pNew = (unixFile *)sqlite3_malloc(sizeof(*pNew));
  4873   4873     if( pNew==NULL ){
  4874   4874       rc = SQLITE_NOMEM;
  4875   4875       goto end_create_proxy;
................................................................................
  5245   5245           pFile->h = -1;
  5246   5246           int fd = open(pCtx->dbPath, pFile->openFlags,
  5247   5247                         SQLITE_DEFAULT_FILE_PERMISSIONS);
  5248   5248           OSTRACE2("TRANSPROXY: OPEN  %d\n", fd);
  5249   5249           if( fd>=0 ){
  5250   5250             pFile->h = fd;
  5251   5251           }else{
  5252         -          rc=SQLITE_CANTOPEN; /* SQLITE_BUSY? proxyTakeConch called
         5252  +          rc=SQLITE_CANTOPEN_BKPT; /* SQLITE_BUSY? proxyTakeConch called
  5253   5253              during locking */
  5254   5254           }
  5255   5255         }
  5256   5256         if( rc==SQLITE_OK && !pCtx->lockProxy ){
  5257   5257           char *path = tempLockPath ? tempLockPath : pCtx->lockProxyPath;
  5258   5258           rc = proxyCreateUnixFile(path, &pCtx->lockProxy, 1);
  5259   5259           if( rc!=SQLITE_OK && rc!=SQLITE_NOMEM && tryOldLockPath ){

Changes to src/os_win.c.

  1413   1413     }
  1414   1414     if( h==INVALID_HANDLE_VALUE ){
  1415   1415       free(zConverted);
  1416   1416       if( flags & SQLITE_OPEN_READWRITE ){
  1417   1417         return winOpen(pVfs, zName, id, 
  1418   1418                ((flags|SQLITE_OPEN_READONLY)&~SQLITE_OPEN_READWRITE), pOutFlags);
  1419   1419       }else{
  1420         -      return SQLITE_CANTOPEN;
         1420  +      return SQLITE_CANTOPEN_BKPT;
  1421   1421       }
  1422   1422     }
  1423   1423     if( pOutFlags ){
  1424   1424       if( flags & SQLITE_OPEN_READWRITE ){
  1425   1425         *pOutFlags = SQLITE_OPEN_READWRITE;
  1426   1426       }else{
  1427   1427         *pOutFlags = SQLITE_OPEN_READONLY;
................................................................................
  1435   1435   #if SQLITE_OS_WINCE
  1436   1436     if( (flags & (SQLITE_OPEN_READWRITE|SQLITE_OPEN_MAIN_DB)) ==
  1437   1437                  (SQLITE_OPEN_READWRITE|SQLITE_OPEN_MAIN_DB)
  1438   1438          && !winceCreateLock(zName, pFile)
  1439   1439     ){
  1440   1440       CloseHandle(h);
  1441   1441       free(zConverted);
  1442         -    return SQLITE_CANTOPEN;
         1442  +    return SQLITE_CANTOPEN_BKPT;
  1443   1443     }
  1444   1444     if( isTemp ){
  1445   1445       pFile->zDeleteOnClose = zConverted;
  1446   1446     }else
  1447   1447   #endif
  1448   1448     {
  1449   1449       free(zConverted);

Changes to src/pager.c.

  3158   3158       if( rc==SQLITE_OK && nPathname+8>pVfs->mxPathname ){
  3159   3159         /* This branch is taken when the journal path required by
  3160   3160         ** the database being opened will be more than pVfs->mxPathname
  3161   3161         ** bytes in length. This means the database cannot be opened,
  3162   3162         ** as it will not be possible to open the journal file or even
  3163   3163         ** check for a hot-journal before reading.
  3164   3164         */
  3165         -      rc = SQLITE_CANTOPEN;
         3165  +      rc = SQLITE_CANTOPEN_BKPT;
  3166   3166       }
  3167   3167       if( rc!=SQLITE_OK ){
  3168   3168         sqlite3_free(zPathname);
  3169   3169         return rc;
  3170   3170       }
  3171   3171     }
  3172   3172   
................................................................................
  3617   3617             if( res ){
  3618   3618               int fout = 0;
  3619   3619               int f = SQLITE_OPEN_READWRITE|SQLITE_OPEN_MAIN_JOURNAL;
  3620   3620               assert( !pPager->tempFile );
  3621   3621               rc = sqlite3OsOpen(pVfs, pPager->zJournal, pPager->jfd, f, &fout);
  3622   3622               assert( rc!=SQLITE_OK || isOpen(pPager->jfd) );
  3623   3623               if( rc==SQLITE_OK && fout&SQLITE_OPEN_READONLY ){
  3624         -              rc = SQLITE_CANTOPEN;
         3624  +              rc = SQLITE_CANTOPEN_BKPT;
  3625   3625                 sqlite3OsClose(pPager->jfd);
  3626   3626               }
  3627   3627             }else{
  3628   3628               /* If the journal does not exist, it usually means that some 
  3629   3629               ** other connection managed to get in and roll it back before 
  3630   3630               ** this connection obtained the exclusive lock above. Or, it 
  3631   3631               ** may mean that the pager was in the error-state when this

Changes to src/prepare.c.

   188    188     azArg[1] = "1";
   189    189     azArg[2] = zMasterSchema;
   190    190     azArg[3] = 0;
   191    191     initData.db = db;
   192    192     initData.iDb = iDb;
   193    193     initData.rc = SQLITE_OK;
   194    194     initData.pzErrMsg = pzErrMsg;
   195         -  (void)sqlite3SafetyOff(db);
   196    195     sqlite3InitCallback(&initData, 3, (char **)azArg, 0);
   197         -  (void)sqlite3SafetyOn(db);
   198    196     if( initData.rc ){
   199    197       rc = initData.rc;
   200    198       goto error_out;
   201    199     }
   202    200     pTab = sqlite3FindTable(db, zMasterName, db->aDb[iDb].zName);
   203    201     if( ALWAYS(pTab) ){
   204    202       pTab->tabFlags |= TF_Readonly;
................................................................................
   313    311     */
   314    312     assert( db->init.busy );
   315    313     {
   316    314       char *zSql;
   317    315       zSql = sqlite3MPrintf(db, 
   318    316           "SELECT name, rootpage, sql FROM '%q'.%s ORDER BY rowid",
   319    317           db->aDb[iDb].zName, zMasterName);
   320         -    (void)sqlite3SafetyOff(db);
   321    318   #ifndef SQLITE_OMIT_AUTHORIZATION
   322    319       {
   323    320         int (*xAuth)(void*,int,const char*,const char*,const char*,const char*);
   324    321         xAuth = db->xAuth;
   325    322         db->xAuth = 0;
   326    323   #endif
   327    324         rc = sqlite3_exec(db, zSql, sqlite3InitCallback, &initData, 0);
   328    325   #ifndef SQLITE_OMIT_AUTHORIZATION
   329    326         db->xAuth = xAuth;
   330    327       }
   331    328   #endif
   332    329       if( rc==SQLITE_OK ) rc = initData.rc;
   333         -    (void)sqlite3SafetyOn(db);
   334    330       sqlite3DbFree(db, zSql);
   335    331   #ifndef SQLITE_OMIT_ANALYZE
   336    332       if( rc==SQLITE_OK ){
   337    333         sqlite3AnalysisLoad(db, iDb);
   338    334       }
   339    335   #endif
   340    336     }
................................................................................
   535    531     /* Allocate the parsing context */
   536    532     pParse = sqlite3StackAllocZero(db, sizeof(*pParse));
   537    533     if( pParse==0 ){
   538    534       rc = SQLITE_NOMEM;
   539    535       goto end_prepare;
   540    536     }
   541    537     pParse->pReprepare = pReprepare;
   542         -
   543         -  if( sqlite3SafetyOn(db) ){
   544         -    rc = SQLITE_MISUSE;
   545         -    goto end_prepare;
   546         -  }
   547    538     assert( ppStmt && *ppStmt==0 );
   548    539     assert( !db->mallocFailed );
   549    540     assert( sqlite3_mutex_held(db->mutex) );
   550    541   
   551    542     /* Check to verify that it is possible to get a read lock on all
   552    543     ** database schemas.  The inability to get a read lock indicates that
   553    544     ** some other database connection is holding a write-lock, which in
................................................................................
   575    566       Btree *pBt = db->aDb[i].pBt;
   576    567       if( pBt ){
   577    568         assert( sqlite3BtreeHoldsMutex(pBt) );
   578    569         rc = sqlite3BtreeSchemaLocked(pBt);
   579    570         if( rc ){
   580    571           const char *zDb = db->aDb[i].zName;
   581    572           sqlite3Error(db, rc, "database schema is locked: %s", zDb);
   582         -        (void)sqlite3SafetyOff(db);
   583    573           testcase( db->flags & SQLITE_ReadUncommitted );
   584    574           goto end_prepare;
   585    575         }
   586    576       }
   587    577     }
   588    578   
   589    579     sqlite3VtabUnlockList(db);
................................................................................
   592    582     if( nBytes>=0 && (nBytes==0 || zSql[nBytes-1]!=0) ){
   593    583       char *zSqlCopy;
   594    584       int mxLen = db->aLimit[SQLITE_LIMIT_SQL_LENGTH];
   595    585       testcase( nBytes==mxLen );
   596    586       testcase( nBytes==mxLen+1 );
   597    587       if( nBytes>mxLen ){
   598    588         sqlite3Error(db, SQLITE_TOOBIG, "statement too long");
   599         -      (void)sqlite3SafetyOff(db);
   600    589         rc = sqlite3ApiExit(db, SQLITE_TOOBIG);
   601    590         goto end_prepare;
   602    591       }
   603    592       zSqlCopy = sqlite3DbStrNDup(db, zSql, nBytes);
   604    593       if( zSqlCopy ){
   605    594         sqlite3RunParser(pParse, zSqlCopy, &zErrMsg);
   606    595         sqlite3DbFree(db, zSqlCopy);
................................................................................
   649    638       for(i=iFirst; i<mx; i++){
   650    639         sqlite3VdbeSetColName(pParse->pVdbe, i-iFirst, COLNAME_NAME,
   651    640                               azColName[i], SQLITE_STATIC);
   652    641       }
   653    642     }
   654    643   #endif
   655    644   
   656         -  if( sqlite3SafetyOff(db) ){
   657         -    rc = SQLITE_MISUSE;
   658         -  }
   659         -
   660    645     assert( db->init.busy==0 || saveSqlFlag==0 );
   661    646     if( db->init.busy==0 ){
   662    647       Vdbe *pVdbe = pParse->pVdbe;
   663    648       sqlite3VdbeSetSql(pVdbe, zSql, (int)(pParse->zTail-zSql), saveSqlFlag);
   664    649     }
   665    650     if( pParse->pVdbe && (rc!=SQLITE_OK || db->mallocFailed) ){
   666    651       sqlite3VdbeFinalize(pParse->pVdbe);

Changes to src/sqliteInt.h.

  2410   2410   #define SQLITE_SKIP_UTF8(zIn) {                        \
  2411   2411     if( (*(zIn++))>=0xc0 ){                              \
  2412   2412       while( (*zIn & 0xc0)==0x80 ){ zIn++; }             \
  2413   2413     }                                                    \
  2414   2414   }
  2415   2415   
  2416   2416   /*
  2417         -** The SQLITE_CORRUPT_BKPT macro can be either a constant (for production
  2418         -** builds) or a function call (for debugging).  If it is a function call,
  2419         -** it allows the operator to set a breakpoint at the spot where database
  2420         -** corruption is first detected.
         2417  +** The SQLITE_*_BKPT macros are substitutes for the error codes with
         2418  +** the same name but without the _BKPT suffix.  These macros invoke
         2419  +** routines that report the line-number on which the error originated
         2420  +** using sqlite3_log().  The routines also provide a convenient place
         2421  +** to set a debugger breakpoint.
  2421   2422   */
  2422         -#ifdef SQLITE_DEBUG
  2423         -  int sqlite3Corrupt(void);
  2424         -# define SQLITE_CORRUPT_BKPT sqlite3Corrupt()
  2425         -#else
  2426         -# define SQLITE_CORRUPT_BKPT SQLITE_CORRUPT
  2427         -#endif
         2423  +int sqlite3CorruptError(int);
         2424  +int sqlite3MisuseError(int);
         2425  +int sqlite3CantopenError(int);
         2426  +#define SQLITE_CORRUPT_BKPT sqlite3CorruptError(__LINE__)
         2427  +#define SQLITE_MISUSE_BKPT sqlite3MisuseError(__LINE__)
         2428  +#define SQLITE_CANTOPEN_BKPT sqlite3CantopenError(__LINE__)
         2429  +
  2428   2430   
  2429   2431   /*
  2430   2432   ** FTS4 is really an extension for FTS3.  It is enabled using the
  2431   2433   ** SQLITE_ENABLE_FTS3 macro.  But to avoid confusion we also all
  2432   2434   ** the SQLITE_ENABLE_FTS4 macro to serve as an alisse for SQLITE_ENABLE_FTS3.
  2433   2435   */
  2434   2436   #if defined(SQLITE_ENABLE_FTS4) && !defined(SQLITE_ENABLE_FTS3)
................................................................................
  2720   2722   IdList *sqlite3IdListDup(sqlite3*,IdList*);
  2721   2723   Select *sqlite3SelectDup(sqlite3*,Select*,int);
  2722   2724   void sqlite3FuncDefInsert(FuncDefHash*, FuncDef*);
  2723   2725   FuncDef *sqlite3FindFunction(sqlite3*,const char*,int,int,u8,int);
  2724   2726   void sqlite3RegisterBuiltinFunctions(sqlite3*);
  2725   2727   void sqlite3RegisterDateTimeFunctions(void);
  2726   2728   void sqlite3RegisterGlobalFunctions(void);
  2727         -#ifdef SQLITE_DEBUG
  2728         -  int sqlite3SafetyOn(sqlite3*);
  2729         -  int sqlite3SafetyOff(sqlite3*);
  2730         -#else
  2731         -# define sqlite3SafetyOn(A) 0
  2732         -# define sqlite3SafetyOff(A) 0
  2733         -#endif
  2734   2729   int sqlite3SafetyCheckOk(sqlite3*);
  2735   2730   int sqlite3SafetyCheckSickOrOk(sqlite3*);
  2736   2731   void sqlite3ChangeCookie(Parse*, int);
  2737   2732   
  2738   2733   #if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
  2739   2734   void sqlite3MaterializeView(Parse*, Table*, Expr*, int);
  2740   2735   #endif

Changes to src/util.c.

   119    119       db->errCode = err_code;
   120    120       if( zFormat ){
   121    121         char *z;
   122    122         va_list ap;
   123    123         va_start(ap, zFormat);
   124    124         z = sqlite3VMPrintf(db, zFormat, ap);
   125    125         va_end(ap);
   126         -      sqlite3_log(err_code, "%s", z);
   127    126         sqlite3ValueSetStr(db->pErr, -1, z, SQLITE_UTF8, SQLITE_DYNAMIC);
   128    127       }else{
   129    128         sqlite3ValueSetStr(db->pErr, 0, 0, SQLITE_UTF8, SQLITE_STATIC);
   130    129       }
   131    130     }
   132    131   }
   133    132   
................................................................................
  1008   1007       zBlob[i/2] = 0;
  1009   1008     }
  1010   1009     return zBlob;
  1011   1010   }
  1012   1011   #endif /* !SQLITE_OMIT_BLOB_LITERAL || SQLITE_HAS_CODEC */
  1013   1012   
  1014   1013   
  1015         -/*
  1016         -** Change the sqlite.magic from SQLITE_MAGIC_OPEN to SQLITE_MAGIC_BUSY.
  1017         -** Return an error (non-zero) if the magic was not SQLITE_MAGIC_OPEN
  1018         -** when this routine is called.
  1019         -**
  1020         -** This routine is called when entering an SQLite API.  The SQLITE_MAGIC_OPEN
  1021         -** value indicates that the database connection passed into the API is
  1022         -** open and is not being used by another thread.  By changing the value
  1023         -** to SQLITE_MAGIC_BUSY we indicate that the connection is in use.
  1024         -** sqlite3SafetyOff() below will change the value back to SQLITE_MAGIC_OPEN
  1025         -** when the API exits. 
  1026         -**
  1027         -** This routine is a attempt to detect if two threads use the
  1028         -** same sqlite* pointer at the same time.  There is a race 
  1029         -** condition so it is possible that the error is not detected.
  1030         -** But usually the problem will be seen.  The result will be an
  1031         -** error which can be used to debug the application that is
  1032         -** using SQLite incorrectly.
  1033         -**
  1034         -** Ticket #202:  If db->magic is not a valid open value, take care not
  1035         -** to modify the db structure at all.  It could be that db is a stale
  1036         -** pointer.  In other words, it could be that there has been a prior
  1037         -** call to sqlite3_close(db) and db has been deallocated.  And we do
  1038         -** not want to write into deallocated memory.
  1039         -*/
  1040         -#ifdef SQLITE_DEBUG
  1041         -int sqlite3SafetyOn(sqlite3 *db){
  1042         -  if( db->magic==SQLITE_MAGIC_OPEN ){
  1043         -    db->magic = SQLITE_MAGIC_BUSY;
  1044         -    assert( sqlite3_mutex_held(db->mutex) );
  1045         -    return 0;
  1046         -  }else if( db->magic==SQLITE_MAGIC_BUSY ){
  1047         -    db->magic = SQLITE_MAGIC_ERROR;
  1048         -    db->u1.isInterrupted = 1;
  1049         -  }
  1050         -  return 1;
  1051         -}
  1052         -#endif
  1053         -
  1054         -/*
  1055         -** Change the magic from SQLITE_MAGIC_BUSY to SQLITE_MAGIC_OPEN.
  1056         -** Return an error (non-zero) if the magic was not SQLITE_MAGIC_BUSY
  1057         -** when this routine is called.
  1058         -*/
  1059         -#ifdef SQLITE_DEBUG
  1060         -int sqlite3SafetyOff(sqlite3 *db){
  1061         -  if( db->magic==SQLITE_MAGIC_BUSY ){
  1062         -    db->magic = SQLITE_MAGIC_OPEN;
  1063         -    assert( sqlite3_mutex_held(db->mutex) );
  1064         -    return 0;
  1065         -  }else{
  1066         -    db->magic = SQLITE_MAGIC_ERROR;
  1067         -    db->u1.isInterrupted = 1;
  1068         -    return 1;
  1069         -  }
  1070         -}
  1071         -#endif
  1072         -
  1073   1014   /*
  1074   1015   ** Check to make sure we have a valid db pointer.  This test is not
  1075   1016   ** foolproof but it does provide some measure of protection against
  1076   1017   ** misuse of the interface such as passing in db pointers that are
  1077   1018   ** NULL or which have been previously closed.  If this routine returns
  1078   1019   ** 1 it means that the db pointer is valid and 0 if it should not be
  1079   1020   ** dereferenced for any reason.  The calling function should invoke
................................................................................
  1084   1025   ** open properly and is not fit for general use but which can be
  1085   1026   ** used as an argument to sqlite3_errmsg() or sqlite3_close().
  1086   1027   */
  1087   1028   int sqlite3SafetyCheckOk(sqlite3 *db){
  1088   1029     u32 magic;
  1089   1030     if( db==0 ) return 0;
  1090   1031     magic = db->magic;
  1091         -  if( magic!=SQLITE_MAGIC_OPEN 
  1092         -#ifdef SQLITE_DEBUG
  1093         -     && magic!=SQLITE_MAGIC_BUSY
  1094         -#endif
  1095         -  ){
         1032  +  if( magic!=SQLITE_MAGIC_OPEN ){
  1096   1033       return 0;
  1097   1034     }else{
  1098   1035       return 1;
  1099   1036     }
  1100   1037   }
  1101   1038   int sqlite3SafetyCheckSickOrOk(sqlite3 *db){
  1102   1039     u32 magic;
  1103   1040     magic = db->magic;
  1104   1041     if( magic!=SQLITE_MAGIC_SICK &&
  1105   1042         magic!=SQLITE_MAGIC_OPEN &&
  1106   1043         magic!=SQLITE_MAGIC_BUSY ) return 0;
  1107   1044     return 1;
  1108   1045   }

Changes to src/vdbe.c.

   559    559   #ifdef VDBE_PROFILE
   560    560     u64 start;                 /* CPU clock count at start of opcode */
   561    561     int origPc;                /* Program counter at start of opcode */
   562    562   #endif
   563    563     /*** INSERT STACK UNION HERE ***/
   564    564   
   565    565     assert( p->magic==VDBE_MAGIC_RUN );  /* sqlite3_step() verifies this */
   566         -  assert( db->magic==SQLITE_MAGIC_BUSY );
   567    566     sqlite3VdbeMutexArrayEnter(p);
   568    567     if( p->rc==SQLITE_NOMEM ){
   569    568       /* This happens if a malloc() inside a call to sqlite3_column_text() or
   570    569       ** sqlite3_column_text16() failed.  */
   571    570       goto no_mem;
   572    571     }
   573    572     assert( p->rc==SQLITE_OK || p->rc==SQLITE_BUSY );
................................................................................
   644    643       ** sqlite3VdbeExec() or since last time the progress callback was called).
   645    644       ** If the progress callback returns non-zero, exit the virtual machine with
   646    645       ** a return code SQLITE_ABORT.
   647    646       */
   648    647       if( checkProgress ){
   649    648         if( db->nProgressOps==nProgressOps ){
   650    649           int prc;
   651         -        if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
   652         -        prc =db->xProgress(db->pProgressArg);
   653         -        if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
          650  +        prc = db->xProgress(db->pProgressArg);
   654    651           if( prc!=0 ){
   655    652             rc = SQLITE_INTERRUPT;
   656    653             goto vdbe_error_halt;
   657    654           }
   658    655           nProgressOps = 0;
   659    656         }
   660    657         nProgressOps++;
................................................................................
  1396   1393     ctx.isError = 0;
  1397   1394     if( ctx.pFunc->flags & SQLITE_FUNC_NEEDCOLL ){
  1398   1395       assert( pOp>aOp );
  1399   1396       assert( pOp[-1].p4type==P4_COLLSEQ );
  1400   1397       assert( pOp[-1].opcode==OP_CollSeq );
  1401   1398       ctx.pColl = pOp[-1].p4.pColl;
  1402   1399     }
  1403         -  if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  1404   1400     (*ctx.pFunc->xFunc)(&ctx, n, apVal);
  1405         -  if( sqlite3SafetyOn(db) ){
  1406         -    sqlite3VdbeMemRelease(&ctx.s);
  1407         -    goto abort_due_to_misuse;
  1408         -  }
  1409   1401     if( db->mallocFailed ){
  1410   1402       /* Even though a malloc() has failed, the implementation of the
  1411   1403       ** user function may have called an sqlite3_result_XXX() function
  1412   1404       ** to return a value. The following call releases any resources
  1413   1405       ** associated with such a value.
  1414         -    **
  1415         -    ** Note: Maybe MemRelease() should be called if sqlite3SafetyOn()
  1416         -    ** fails also (the if(...) statement above). But if people are
  1417         -    ** misusing sqlite, they have bigger problems than a leaked value.
  1418   1406       */
  1419   1407       sqlite3VdbeMemRelease(&ctx.s);
  1420   1408       goto no_mem;
  1421   1409     }
  1422   1410   
  1423   1411     /* If any auxiliary data functions have been called by this user function,
  1424   1412     ** immediately call the destructor for any non-static values.
................................................................................
  4045   4033     }else if( pC->deferredMoveto ){
  4046   4034       v = pC->movetoTarget;
  4047   4035   #ifndef SQLITE_OMIT_VIRTUALTABLE
  4048   4036     }else if( pC->pVtabCursor ){
  4049   4037       pVtab = pC->pVtabCursor->pVtab;
  4050   4038       pModule = pVtab->pModule;
  4051   4039       assert( pModule->xRowid );
  4052         -    if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  4053   4040       rc = pModule->xRowid(pC->pVtabCursor, &v);
  4054   4041       sqlite3DbFree(db, p->zErrMsg);
  4055   4042       p->zErrMsg = pVtab->zErrMsg;
  4056   4043       pVtab->zErrMsg = 0;
  4057         -    if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  4058   4044   #endif /* SQLITE_OMIT_VIRTUALTABLE */
  4059   4045     }else{
  4060   4046       assert( pC->pCursor!=0 );
  4061   4047       rc = sqlite3VdbeCursorMoveto(pC);
  4062   4048       if( rc ) goto abort_due_to_error;
  4063   4049       if( pC->rowidIsValid ){
  4064   4050         v = pC->lastRowid;
................................................................................
  4586   4572       initData.pzErrMsg = &p->zErrMsg;
  4587   4573       zSql = sqlite3MPrintf(db,
  4588   4574          "SELECT name, rootpage, sql FROM '%q'.%s WHERE %s ORDER BY rowid",
  4589   4575          db->aDb[iDb].zName, zMaster, pOp->p4.z);
  4590   4576       if( zSql==0 ){
  4591   4577         rc = SQLITE_NOMEM;
  4592   4578       }else{
  4593         -      (void)sqlite3SafetyOff(db);
  4594   4579         assert( db->init.busy==0 );
  4595   4580         db->init.busy = 1;
  4596   4581         initData.rc = SQLITE_OK;
  4597   4582         assert( !db->mallocFailed );
  4598   4583         rc = sqlite3_exec(db, zSql, sqlite3InitCallback, &initData, 0);
  4599   4584         if( rc==SQLITE_OK ) rc = initData.rc;
  4600   4585         sqlite3DbFree(db, zSql);
  4601   4586         db->init.busy = 0;
  4602         -      (void)sqlite3SafetyOn(db);
  4603   4587       }
  4604   4588     }
  4605   4589     sqlite3BtreeLeaveAll(db);
  4606   4590     if( rc==SQLITE_NOMEM ){
  4607   4591       goto no_mem;
  4608   4592     }
  4609   4593     break;  
................................................................................
  5165   5149   /* Opcode: Vacuum * * * * *
  5166   5150   **
  5167   5151   ** Vacuum the entire database.  This opcode will cause other virtual
  5168   5152   ** machines to be created and run.  It may not be called from within
  5169   5153   ** a transaction.
  5170   5154   */
  5171   5155   case OP_Vacuum: {
  5172         -  if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse; 
  5173   5156     rc = sqlite3RunVacuum(&p->zErrMsg, db);
  5174         -  if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  5175   5157     break;
  5176   5158   }
  5177   5159   #endif
  5178   5160   
  5179   5161   #if !defined(SQLITE_OMIT_AUTOVACUUM)
  5180   5162   /* Opcode: IncrVacuum P1 P2 * * *
  5181   5163   **
................................................................................
  5311   5293     sqlite3_module *pModule;
  5312   5294   
  5313   5295     pCur = 0;
  5314   5296     pVtabCursor = 0;
  5315   5297     pVtab = pOp->p4.pVtab->pVtab;
  5316   5298     pModule = (sqlite3_module *)pVtab->pModule;
  5317   5299     assert(pVtab && pModule);
  5318         -  if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  5319   5300     rc = pModule->xOpen(pVtab, &pVtabCursor);
  5320   5301     sqlite3DbFree(db, p->zErrMsg);
  5321   5302     p->zErrMsg = pVtab->zErrMsg;
  5322   5303     pVtab->zErrMsg = 0;
  5323         -  if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  5324   5304     if( SQLITE_OK==rc ){
  5325   5305       /* Initialize sqlite3_vtab_cursor base class */
  5326   5306       pVtabCursor->pVtab = pVtab;
  5327   5307   
  5328   5308       /* Initialise vdbe cursor object */
  5329   5309       pCur = allocateCursor(p, pOp->p1, 0, -1, 0);
  5330   5310       if( pCur ){
................................................................................
  5390   5370       res = 0;
  5391   5371       apArg = p->apArg;
  5392   5372       for(i = 0; i<nArg; i++){
  5393   5373         apArg[i] = &pArgc[i+1];
  5394   5374         sqlite3VdbeMemStoreType(apArg[i]);
  5395   5375       }
  5396   5376   
  5397         -    if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  5398   5377       p->inVtabMethod = 1;
  5399   5378       rc = pModule->xFilter(pVtabCursor, iQuery, pOp->p4.z, nArg, apArg);
  5400   5379       p->inVtabMethod = 0;
  5401   5380       sqlite3DbFree(db, p->zErrMsg);
  5402   5381       p->zErrMsg = pVtab->zErrMsg;
  5403   5382       pVtab->zErrMsg = 0;
  5404   5383       if( rc==SQLITE_OK ){
  5405   5384         res = pModule->xEof(pVtabCursor);
  5406   5385       }
  5407         -    if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  5408   5386   
  5409   5387       if( res ){
  5410   5388         pc = pOp->p2 - 1;
  5411   5389       }
  5412   5390     }
  5413   5391     pCur->nullRow = 0;
  5414   5392   
................................................................................
  5446   5424     ** the current contents to sContext.s so in case the user-function 
  5447   5425     ** can use the already allocated buffer instead of allocating a 
  5448   5426     ** new one.
  5449   5427     */
  5450   5428     sqlite3VdbeMemMove(&sContext.s, pDest);
  5451   5429     MemSetTypeFlag(&sContext.s, MEM_Null);
  5452   5430   
  5453         -  if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  5454   5431     rc = pModule->xColumn(pCur->pVtabCursor, &sContext, pOp->p2);
  5455   5432     sqlite3DbFree(db, p->zErrMsg);
  5456   5433     p->zErrMsg = pVtab->zErrMsg;
  5457   5434     pVtab->zErrMsg = 0;
  5458   5435     if( sContext.isError ){
  5459   5436       rc = sContext.isError;
  5460   5437     }
................................................................................
  5464   5441     ** dynamic allocation in sContext.s (a Mem struct) is  released.
  5465   5442     */
  5466   5443     sqlite3VdbeChangeEncoding(&sContext.s, encoding);
  5467   5444     sqlite3VdbeMemMove(pDest, &sContext.s);
  5468   5445     REGISTER_TRACE(pOp->p3, pDest);
  5469   5446     UPDATE_MAX_BLOBSIZE(pDest);
  5470   5447   
  5471         -  if( sqlite3SafetyOn(db) ){
  5472         -    goto abort_due_to_misuse;
  5473         -  }
  5474   5448     if( sqlite3VdbeMemTooBig(pDest) ){
  5475   5449       goto too_big;
  5476   5450     }
  5477   5451     break;
  5478   5452   }
  5479   5453   #endif /* SQLITE_OMIT_VIRTUALTABLE */
  5480   5454   
................................................................................
  5503   5477   
  5504   5478     /* Invoke the xNext() method of the module. There is no way for the
  5505   5479     ** underlying implementation to return an error if one occurs during
  5506   5480     ** xNext(). Instead, if an error occurs, true is returned (indicating that 
  5507   5481     ** data is available) and the error code returned when xColumn or
  5508   5482     ** some other method is next invoked on the save virtual table cursor.
  5509   5483     */
  5510         -  if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  5511   5484     p->inVtabMethod = 1;
  5512   5485     rc = pModule->xNext(pCur->pVtabCursor);
  5513   5486     p->inVtabMethod = 0;
  5514   5487     sqlite3DbFree(db, p->zErrMsg);
  5515   5488     p->zErrMsg = pVtab->zErrMsg;
  5516   5489     pVtab->zErrMsg = 0;
  5517   5490     if( rc==SQLITE_OK ){
  5518   5491       res = pModule->xEof(pCur->pVtabCursor);
  5519   5492     }
  5520         -  if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  5521   5493   
  5522   5494     if( !res ){
  5523   5495       /* If there is data, jump to P2 */
  5524   5496       pc = pOp->p2 - 1;
  5525   5497     }
  5526   5498     break;
  5527   5499   }
................................................................................
  5539   5511     Mem *pName;
  5540   5512   
  5541   5513     pVtab = pOp->p4.pVtab->pVtab;
  5542   5514     pName = &aMem[pOp->p1];
  5543   5515     assert( pVtab->pModule->xRename );
  5544   5516     REGISTER_TRACE(pOp->p1, pName);
  5545   5517     assert( pName->flags & MEM_Str );
  5546         -  if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  5547   5518     rc = pVtab->pModule->xRename(pVtab, pName->z);
  5548   5519     sqlite3DbFree(db, p->zErrMsg);
  5549   5520     p->zErrMsg = pVtab->zErrMsg;
  5550   5521     pVtab->zErrMsg = 0;
  5551         -  if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  5552   5522   
  5553   5523     break;
  5554   5524   }
  5555   5525   #endif
  5556   5526   
  5557   5527   #ifndef SQLITE_OMIT_VIRTUALTABLE
  5558   5528   /* Opcode: VUpdate P1 P2 P3 P4 *
................................................................................
  5595   5565       apArg = p->apArg;
  5596   5566       pX = &aMem[pOp->p3];
  5597   5567       for(i=0; i<nArg; i++){
  5598   5568         sqlite3VdbeMemStoreType(pX);
  5599   5569         apArg[i] = pX;
  5600   5570         pX++;
  5601   5571       }
  5602         -    if( sqlite3SafetyOff(db) ) goto abort_due_to_misuse;
  5603   5572       rc = pModule->xUpdate(pVtab, nArg, apArg, &rowid);
  5604   5573       sqlite3DbFree(db, p->zErrMsg);
  5605   5574       p->zErrMsg = pVtab->zErrMsg;
  5606   5575       pVtab->zErrMsg = 0;
  5607         -    if( sqlite3SafetyOn(db) ) goto abort_due_to_misuse;
  5608   5576       if( rc==SQLITE_OK && pOp->p1 ){
  5609   5577         assert( nArg>1 && apArg[0] && (apArg[0]->flags&MEM_Null) );
  5610   5578         db->lastRowid = rowid;
  5611   5579       }
  5612   5580       p->nChange++;
  5613   5581     }
  5614   5582     break;

Changes to src/vdbeapi.c.

   312    312     if( p->pc<=0 && p->expired ){
   313    313       if( ALWAYS(p->rc==SQLITE_OK || p->rc==SQLITE_SCHEMA) ){
   314    314         p->rc = SQLITE_SCHEMA;
   315    315       }
   316    316       rc = SQLITE_ERROR;
   317    317       goto end_of_step;
   318    318     }
   319         -  if( sqlite3SafetyOn(db) ){
   320         -    p->rc = SQLITE_MISUSE;
   321         -    return SQLITE_MISUSE;
   322         -  }
   323    319     if( p->pc<0 ){
   324    320       /* If there are no other statements currently running, then
   325    321       ** reset the interrupt flag.  This prevents a call to sqlite3_interrupt
   326    322       ** from interrupting a statement that has not yet started.
   327    323       */
   328    324       if( db->activeVdbeCnt==0 ){
   329    325         db->u1.isInterrupted = 0;
................................................................................
   348    344       rc = sqlite3VdbeList(p);
   349    345     }else
   350    346   #endif /* SQLITE_OMIT_EXPLAIN */
   351    347     {
   352    348       rc = sqlite3VdbeExec(p);
   353    349     }
   354    350   
   355         -  if( sqlite3SafetyOff(db) ){
   356         -    rc = SQLITE_MISUSE;
   357         -  }
   358         -
   359    351   #ifndef SQLITE_OMIT_TRACE
   360    352     /* Invoke the profile callback if there is one
   361    353     */
   362    354     if( rc!=SQLITE_ROW && db->xProfile && !db->init.busy && p->zSql ){
   363    355       double rNow;
   364    356       u64 elapseTime;
   365    357   

Changes to src/vdbeaux.c.

  1055   1055     sqlite3 *db = p->db;                 /* The database connection */
  1056   1056     int i;                               /* Loop counter */
  1057   1057     int rc = SQLITE_OK;                  /* Return code */
  1058   1058     Mem *pMem = p->pResultSet = &p->aMem[1];  /* First Mem of result set */
  1059   1059   
  1060   1060     assert( p->explain );
  1061   1061     assert( p->magic==VDBE_MAGIC_RUN );
  1062         -  assert( db->magic==SQLITE_MAGIC_BUSY );
  1063   1062     assert( p->rc==SQLITE_OK || p->rc==SQLITE_BUSY || p->rc==SQLITE_NOMEM );
  1064   1063   
  1065   1064     /* Even though this opcode does not use dynamic strings for
  1066   1065     ** the result, result columns may become dynamic if the user calls
  1067   1066     ** sqlite3_column_text16(), causing a translation to UTF-16 encoding.
  1068   1067     */
  1069   1068     releaseMemArray(pMem, 8);
................................................................................
  1470   1469       sqlite3BtreeCloseCursor(pCx->pCursor);
  1471   1470     }
  1472   1471   #ifndef SQLITE_OMIT_VIRTUALTABLE
  1473   1472     if( pCx->pVtabCursor ){
  1474   1473       sqlite3_vtab_cursor *pVtabCursor = pCx->pVtabCursor;
  1475   1474       const sqlite3_module *pModule = pCx->pModule;
  1476   1475       p->inVtabMethod = 1;
  1477         -    (void)sqlite3SafetyOff(p->db);
  1478   1476       pModule->xClose(pVtabCursor);
  1479         -    (void)sqlite3SafetyOn(p->db);
  1480   1477       p->inVtabMethod = 0;
  1481   1478     }
  1482   1479   #endif
  1483   1480   }
  1484   1481   
  1485   1482   /*
  1486   1483   ** Copy the values stored in the VdbeFrame structure to its Vdbe. This
................................................................................
  1653   1650         needXcommit = 1;
  1654   1651         if( i!=1 ) nTrans++;
  1655   1652       }
  1656   1653     }
  1657   1654   
  1658   1655     /* If there are any write-transactions at all, invoke the commit hook */
  1659   1656     if( needXcommit && db->xCommitCallback ){
  1660         -    (void)sqlite3SafetyOff(db);
  1661   1657       rc = db->xCommitCallback(db->pCommitArg);
  1662         -    (void)sqlite3SafetyOn(db);
  1663   1658       if( rc ){
  1664   1659         return SQLITE_CONSTRAINT;
  1665   1660       }
  1666   1661     }
  1667   1662   
  1668   1663     /* The simple case - no more than one database file (not counting the
  1669   1664     ** TEMP database) has a transaction active.   There is no need for the
................................................................................
  2209   2204     sqlite3 *db;
  2210   2205     db = p->db;
  2211   2206   
  2212   2207     /* If the VM did not run to completion or if it encountered an
  2213   2208     ** error, then it might not have been halted properly.  So halt
  2214   2209     ** it now.
  2215   2210     */
  2216         -  (void)sqlite3SafetyOn(db);
  2217   2211     sqlite3VdbeHalt(p);
  2218         -  (void)sqlite3SafetyOff(db);
  2219   2212   
  2220   2213     /* If the VDBE has be run even partially, then transfer the error code
  2221   2214     ** and error message from the VDBE into the main database structure.  But
  2222   2215     ** if the VDBE has just been set to run but has not actually executed any
  2223   2216     ** instructions yet, leave the main database error information unchanged.
  2224   2217     */
  2225   2218     if( p->pc>=0 ){
................................................................................
  3013   3006     assert( sqlite3BtreeCursorIsValid(pCur) );
  3014   3007     rc = sqlite3BtreeKeySize(pCur, &nCellKey);
  3015   3008     assert( rc==SQLITE_OK );    /* pCur is always valid so KeySize cannot fail */
  3016   3009     /* nCellKey will always be between 0 and 0xffffffff because of the say
  3017   3010     ** that btreeParseCellPtr() and sqlite3GetVarint32() are implemented */
  3018   3011     if( nCellKey<=0 || nCellKey>0x7fffffff ){
  3019   3012       *res = 0;
  3020         -    return SQLITE_CORRUPT;
         3013  +    return SQLITE_CORRUPT_BKPT;
  3021   3014     }
  3022   3015     memset(&m, 0, sizeof(m));
  3023   3016     rc = sqlite3VdbeMemFromBtree(pC->pCursor, 0, (int)nCellKey, 1, &m);
  3024   3017     if( rc ){
  3025   3018       return rc;
  3026   3019     }
  3027   3020     assert( pUnpacked->flags & UNPACKED_IGNORE_ROWID );

Changes to src/vdbeblob.c.

    91     91       rc = SQLITE_NOMEM;
    92     92       goto blob_open_out;
    93     93     }
    94     94     do {
    95     95       memset(pParse, 0, sizeof(Parse));
    96     96       pParse->db = db;
    97     97   
    98         -    if( sqlite3SafetyOn(db) ){
    99         -      sqlite3DbFree(db, zErr);
   100         -      sqlite3StackFree(db, pParse);
   101         -      sqlite3_mutex_leave(db->mutex);
   102         -      return SQLITE_MISUSE;
   103         -    }
   104         -
   105     98       sqlite3BtreeEnterAll(db);
   106     99       pTab = sqlite3LocateTable(pParse, 0, zTable, zDb);
   107    100       if( pTab && IsVirtual(pTab) ){
   108    101         pTab = 0;
   109    102         sqlite3ErrorMsg(pParse, "cannot open virtual table: %s", zTable);
   110    103       }
   111    104   #ifndef SQLITE_OMIT_VIEW
................................................................................
   117    110       if( !pTab ){
   118    111         if( pParse->zErrMsg ){
   119    112           sqlite3DbFree(db, zErr);
   120    113           zErr = pParse->zErrMsg;
   121    114           pParse->zErrMsg = 0;
   122    115         }
   123    116         rc = SQLITE_ERROR;
   124         -      (void)sqlite3SafetyOff(db);
   125    117         sqlite3BtreeLeaveAll(db);
   126    118         goto blob_open_out;
   127    119       }
   128    120   
   129    121       /* Now search pTab for the exact column. */
   130    122       for(iCol=0; iCol < pTab->nCol; iCol++) {
   131    123         if( sqlite3StrICmp(pTab->aCol[iCol].zName, zColumn)==0 ){
................................................................................
   132    124           break;
   133    125         }
   134    126       }
   135    127       if( iCol==pTab->nCol ){
   136    128         sqlite3DbFree(db, zErr);
   137    129         zErr = sqlite3MPrintf(db, "no such column: \"%s\"", zColumn);
   138    130         rc = SQLITE_ERROR;
   139         -      (void)sqlite3SafetyOff(db);
   140    131         sqlite3BtreeLeaveAll(db);
   141    132         goto blob_open_out;
   142    133       }
   143    134   
   144    135       /* If the value is being opened for writing, check that the
   145    136       ** column is not indexed, and that it is not part of a foreign key. 
   146    137       ** It is against the rules to open a column to which either of these
................................................................................
   173    164             }
   174    165           }
   175    166         }
   176    167         if( zFault ){
   177    168           sqlite3DbFree(db, zErr);
   178    169           zErr = sqlite3MPrintf(db, "cannot open %s column for writing", zFault);
   179    170           rc = SQLITE_ERROR;
   180         -        (void)sqlite3SafetyOff(db);
   181    171           sqlite3BtreeLeaveAll(db);
   182    172           goto blob_open_out;
   183    173         }
   184    174       }
   185    175   
   186    176       v = sqlite3VdbeCreate(db);
   187    177       if( v ){
................................................................................
   223    213         sqlite3VdbeChangeP2(v, 7, pTab->nCol);
   224    214         if( !db->mallocFailed ){
   225    215           sqlite3VdbeMakeReady(v, 1, 1, 1, 0, 0, 0);
   226    216         }
   227    217       }
   228    218      
   229    219       sqlite3BtreeLeaveAll(db);
   230         -    rc = sqlite3SafetyOff(db);
   231         -    if( NEVER(rc!=SQLITE_OK) || db->mallocFailed ){
          220  +    if( db->mallocFailed ){
   232    221         goto blob_open_out;
   233    222       }
   234    223   
   235    224       sqlite3_bind_int64((sqlite3_stmt *)v, 1, iRow);
   236    225       rc = sqlite3_step((sqlite3_stmt *)v);
   237    226       if( rc!=SQLITE_ROW ){
   238    227         nAttempt++;

Changes to src/vtab.c.

   119    119     assert( pVTab->nRef>0 );
   120    120     assert( sqlite3SafetyCheckOk(db) );
   121    121   
   122    122     pVTab->nRef--;
   123    123     if( pVTab->nRef==0 ){
   124    124       sqlite3_vtab *p = pVTab->pVtab;
   125    125       if( p ){
   126         -#ifdef SQLITE_DEBUG
   127         -      if( pVTab->db->magic==SQLITE_MAGIC_BUSY ){
   128         -        (void)sqlite3SafetyOff(db);
   129         -        p->pModule->xDisconnect(p);
   130         -        (void)sqlite3SafetyOn(db);
   131         -      } else
   132         -#endif
   133         -      {
   134         -        p->pModule->xDisconnect(p);
   135         -      }
          126  +      p->pModule->xDisconnect(p);
   136    127       }
   137    128       sqlite3DbFree(db, pVTab);
   138    129     }
   139    130   }
   140    131   
   141    132   /*
   142    133   ** Table p is a virtual table. This function moves all elements in the
................................................................................
   464    455     pVTable->pMod = pMod;
   465    456   
   466    457     assert( !db->pVTab );
   467    458     assert( xConstruct );
   468    459     db->pVTab = pTab;
   469    460   
   470    461     /* Invoke the virtual table constructor */
   471         -  (void)sqlite3SafetyOff(db);
   472    462     rc = xConstruct(db, pMod->pAux, nArg, azArg, &pVTable->pVtab, &zErr);
   473         -  (void)sqlite3SafetyOn(db);
   474    463     if( rc==SQLITE_NOMEM ) db->mallocFailed = 1;
   475    464   
   476    465     if( SQLITE_OK!=rc ){
   477    466       if( zErr==0 ){
   478    467         *pzErr = sqlite3MPrintf(db, "vtable constructor failed: %s", zModuleName);
   479    468       }else {
   480    469         *pzErr = sqlite3MPrintf(db, "%s", zErr);
................................................................................
   713    702     int rc = SQLITE_OK;
   714    703     Table *pTab;
   715    704   
   716    705     pTab = sqlite3FindTable(db, zTab, db->aDb[iDb].zName);
   717    706     if( ALWAYS(pTab!=0 && pTab->pVTable!=0) ){
   718    707       VTable *p = vtabDisconnectAll(db, pTab);
   719    708   
   720         -    rc = sqlite3SafetyOff(db);
   721    709       assert( rc==SQLITE_OK );
   722    710       rc = p->pMod->pModule->xDestroy(p->pVtab);
   723         -    (void)sqlite3SafetyOn(db);
   724    711   
   725    712       /* Remove the sqlite3_vtab* from the aVTrans[] array, if applicable */
   726    713       if( rc==SQLITE_OK ){
   727    714         assert( pTab->pVTable==p && p->pNext==0 );
   728    715         p->pVtab = 0;
   729    716         pTab->pVTable = 0;
   730    717         sqlite3VtabUnlock(p);
................................................................................
   768    755   **
   769    756   ** Set *pzErrmsg to point to a buffer that should be released using 
   770    757   ** sqlite3DbFree() containing an error message, if one is available.
   771    758   */
   772    759   int sqlite3VtabSync(sqlite3 *db, char **pzErrmsg){
   773    760     int i;
   774    761     int rc = SQLITE_OK;
   775         -  int rcsafety;
   776    762     VTable **aVTrans = db->aVTrans;
   777    763   
   778         -  rc = sqlite3SafetyOff(db);
   779    764     db->aVTrans = 0;
   780    765     for(i=0; rc==SQLITE_OK && i<db->nVTrans; i++){
   781    766       int (*x)(sqlite3_vtab *);
   782    767       sqlite3_vtab *pVtab = aVTrans[i]->pVtab;
   783    768       if( pVtab && (x = pVtab->pModule->xSync)!=0 ){
   784    769         rc = x(pVtab);
   785    770         sqlite3DbFree(db, *pzErrmsg);
   786    771         *pzErrmsg = pVtab->zErrMsg;
   787    772         pVtab->zErrMsg = 0;
   788    773       }
   789    774     }
   790    775     db->aVTrans = aVTrans;
   791         -  rcsafety = sqlite3SafetyOn(db);
   792         -
   793         -  if( rc==SQLITE_OK ){
   794         -    rc = rcsafety;
   795         -  }
   796    776     return rc;
   797    777   }
   798    778   
   799    779   /*
   800    780   ** Invoke the xRollback method of all virtual tables in the 
   801    781   ** sqlite3.aVTrans array. Then clear the array itself.
   802    782   */

Changes to src/where.c.

  1754   1754   ** that this is required.
  1755   1755   */
  1756   1756   static int vtabBestIndex(Parse *pParse, Table *pTab, sqlite3_index_info *p){
  1757   1757     sqlite3_vtab *pVtab = sqlite3GetVTable(pParse->db, pTab)->pVtab;
  1758   1758     int i;
  1759   1759     int rc;
  1760   1760   
  1761         -  (void)sqlite3SafetyOff(pParse->db);
  1762   1761     WHERETRACE(("xBestIndex for %s\n", pTab->zName));
  1763   1762     TRACE_IDX_INPUTS(p);
  1764   1763     rc = pVtab->pModule->xBestIndex(pVtab, p);
  1765   1764     TRACE_IDX_OUTPUTS(p);
  1766         -  (void)sqlite3SafetyOn(pParse->db);
  1767   1765   
  1768   1766     if( rc!=SQLITE_OK ){
  1769   1767       if( rc==SQLITE_NOMEM ){
  1770   1768         pParse->db->mallocFailed = 1;
  1771   1769       }else if( !pVtab->zErrMsg ){
  1772   1770         sqlite3ErrorMsg(pParse, "%s", sqlite3ErrStr(rc));
  1773   1771       }else{

Deleted test/safety.test.

     1         -# 2005 January 11
     2         -#
     3         -# The author disclaims copyright to this source code.  In place of
     4         -# a legal notice, here is a blessing:
     5         -#
     6         -#    May you do good and not evil.
     7         -#    May you find forgiveness for yourself and forgive others.
     8         -#    May you share freely, never taking more than you give.
     9         -#
    10         -#***********************************************************************
    11         -# This file implements regression tests for SQLite library.  The
    12         -# focus of this file is testing the sqlite3SafetyOn and sqlite3SafetyOff
    13         -# functions.  Those routines are not strictly necessary - they are
    14         -# designed to detect misuse of the library.
    15         -#
    16         -# $Id: safety.test,v 1.4 2008/03/18 13:46:53 drh Exp $
    17         -
    18         -set testdir [file dirname $argv0]
    19         -source $testdir/tester.tcl
    20         -
    21         -ifcapable !debug {
    22         -  puts "Skipping safety tests since SQLITE_DEBUG is off"
    23         -  finish_test
    24         -  return
    25         -}
    26         -
    27         -# Return the UTF-8 representation of the supplied UTF-16 string $str. 
    28         -proc utf8 {str} {
    29         -  # If $str ends in two 0x00 0x00 bytes, knock these off before
    30         -  # converting to UTF-8 using TCL.
    31         -  binary scan $str \c* vals
    32         -  if {[lindex $vals end]==0 && [lindex $vals end-1]==0} {
    33         -    set str [binary format \c* [lrange $vals 0 end-2]]
    34         -  }
    35         -
    36         -  set r [encoding convertfrom unicode $str]
    37         -  return $r
    38         -}
    39         -
    40         -
    41         -do_test safety-1.1 {
    42         -  set DB [sqlite3_connection_pointer db]
    43         -  db eval {CREATE TABLE t1(a)}
    44         -  sqlite_set_magic $DB SQLITE_MAGIC_BUSY
    45         -  catchsql {
    46         -    SELECT name FROM sqlite_master;
    47         -  }
    48         -} {1 {library routine called out of sequence}}
    49         -do_test safety-1.2 {
    50         -  sqlite_set_magic $DB SQLITE_MAGIC_OPEN
    51         -  catchsql {
    52         -    SELECT name FROM sqlite_master
    53         -  }
    54         -} {0 t1}
    55         -
    56         -do_test safety-2.1 {
    57         -  proc safety_on {} "sqlite_set_magic $DB SQLITE_MAGIC_BUSY"
    58         -  db function safety_on safety_on
    59         -  catchsql {
    60         -    SELECT safety_on(), name FROM sqlite_master
    61         -  }
    62         -} {1 {library routine called out of sequence}}
    63         -ifcapable {utf16} {
    64         -  do_test safety-2.1.1 {
    65         -    utf8 [sqlite3_errmsg16 db]
    66         -  } {library routine called out of sequence}
    67         -}
    68         -do_test safety-2.2 {
    69         -  catchsql {
    70         -    SELECT 'hello'
    71         -  }
    72         -} {1 {library routine called out of sequence}}
    73         -do_test safety-2.3 {
    74         -  sqlite3_close $DB
    75         -} {SQLITE_MISUSE}
    76         -do_test safety-2.4 {
    77         -  sqlite_set_magic $DB SQLITE_MAGIC_OPEN
    78         -  execsql {
    79         -    SELECT name FROM sqlite_master
    80         -  }
    81         -} {t1}
    82         -
    83         -do_test safety-3.1 {
    84         -  set rc [catch {
    85         -    db eval {SELECT name FROM sqlite_master} {
    86         -      sqlite_set_magic $DB SQLITE_MAGIC_BUSY
    87         -    }
    88         -  } msg]
    89         -  lappend rc $msg
    90         -} {1 {library routine called out of sequence}}
    91         -sqlite_set_magic $DB SQLITE_MAGIC_OPEN
    92         -
    93         -finish_test