1 /*
2 ** 2004 May 22
3 **
4 ** The author disclaims copyright to this source code. In place of
5 ** a legal notice, here is a blessing:
6 **
7 ** May you do good and not evil.
8 ** May you find forgiveness for yourself and forgive others.
9 ** May you share freely, never taking more than you give.
10 **
11 ******************************************************************************
12 **
13 ** This file contains code that modified the OS layer in order to simulate
14 ** the effect on the database file of an OS crash or power failure. This
15 ** is used to test the ability of SQLite to recover from those situations.
16 */
17 #if SQLITE_TEST /* This file is used for testing only */
18 #include "sqliteInt.h"
19 #if defined(INCLUDE_SQLITE_TCL_H)
20 # include "sqlite_tcl.h"
21 #else
22 # include "tcl.h"
23 #endif
24
25 #ifndef SQLITE_OMIT_DISKIO /* This file is a no-op if disk I/O is disabled */
26
27 /* #define TRACE_CRASHTEST */
28
29 typedef struct CrashFile CrashFile;
30 typedef struct CrashGlobal CrashGlobal;
31 typedef struct WriteBuffer WriteBuffer;
32
33 /*
34 ** Method:
35 **
36 ** This layer is implemented as a wrapper around the "real"
37 ** sqlite3_file object for the host system. Each time data is
38 ** written to the file object, instead of being written to the
39 ** underlying file, the write operation is stored in an in-memory
40 ** structure (type WriteBuffer). This structure is placed at the
41 ** end of a global ordered list (the write-list).
42 **
43 ** When data is read from a file object, the requested region is
44 ** first retrieved from the real file. The write-list is then
45 ** traversed and data copied from any overlapping WriteBuffer
46 ** structures to the output buffer. i.e. a read() operation following
47 ** one or more write() operations works as expected, even if no
48 ** data has actually been written out to the real file.
49 **
50 ** When a fsync() operation is performed, an operating system crash
51 ** may be simulated, in which case exit(-1) is called (the call to
52 ** xSync() never returns). Whether or not a crash is simulated,
53 ** the data associated with a subset of the WriteBuffer structures
54 ** stored in the write-list is written to the real underlying files
55 ** and the entries removed from the write-list. If a crash is simulated,
56 ** a subset of the buffers may be corrupted before the data is written.
57 **
58 ** The exact subset of the write-list written and/or corrupted is
59 ** determined by the simulated device characteristics and sector-size.
60 **
61 ** "Normal" mode:
62 **
63 ** Normal mode is used when the simulated device has none of the
64 ** SQLITE_IOCAP_XXX flags set.
65 **
66 ** In normal mode, if the fsync() is not a simulated crash, the
67 ** write-list is traversed from beginning to end. Each WriteBuffer
68 ** structure associated with the file handle used to call xSync()
69 ** is written to the real file and removed from the write-list.
70 **
71 ** If a crash is simulated, one of the following takes place for
72 ** each WriteBuffer in the write-list, regardless of which
73 ** file-handle it is associated with:
74 **
75 ** 1. The buffer is correctly written to the file, just as if
76 ** a crash were not being simulated.
77 **
78 ** 2. Nothing is done.
79 **
80 ** 3. Garbage data is written to all sectors of the file that
81 ** overlap the region specified by the WriteBuffer. Or garbage
82 ** data is written to some contiguous section within the
83 ** overlapped sectors.
84 **
85 ** Device Characteristic flag handling:
86 **
87 ** If the IOCAP_ATOMIC flag is set, then option (3) above is
88 ** never selected.
89 **
90 ** If the IOCAP_ATOMIC512 flag is set, and the WriteBuffer represents
91 ** an aligned write() of an integer number of 512 byte regions, then
92 ** option (3) above is never selected. Instead, each 512 byte region
93 ** is either correctly written or left completely untouched. Similar
94 ** logic governs the behavior if any of the other ATOMICXXX flags
95 ** is set.
96 **
97 ** If either the IOCAP_SAFEAPPEND or IOCAP_SEQUENTIAL flags are set
98 ** and a crash is being simulated, then an entry of the write-list is
99 ** selected at random. Everything in the list after the selected entry
100 ** is discarded before processing begins.
101 **
102 ** If IOCAP_SEQUENTIAL is set and a crash is being simulated, option
103 ** (1) is selected for all write-list entries except the last. If a
104 ** crash is not being simulated, then all entries in the write-list
105 ** that occur before at least one write() on the file-handle specified
106 ** as part of the xSync() are written to their associated real files.
107 **
108 ** If IOCAP_SAFEAPPEND is set and the first byte written by the write()
109 ** operation is one byte past the current end of the file, then option
110 ** (1) is always selected.
111 */
112
113 /*
114 ** Each write operation in the write-list is represented by an instance
115 ** of the following structure.
116 **
117 ** If zBuf is 0, then this structure represents a call to xTruncate(),
118 ** not xWrite(). In that case, iOffset is the size that the file is
119 ** truncated to.
120 */
121 struct WriteBuffer {
122 i64 iOffset; /* Byte offset of the start of this write() */
123 int nBuf; /* Number of bytes written */
124 u8 *zBuf; /* Pointer to copy of written data */
125 CrashFile *pFile; /* File this write() applies to */
126
127 WriteBuffer *pNext; /* Next in CrashGlobal.pWriteList */
128 };
129
130 struct CrashFile {
131 const sqlite3_io_methods *pMethod; /* Must be first */
132 sqlite3_file *pRealFile; /* Underlying "real" file handle */
133 char *zName;
134 int flags; /* Flags the file was opened with */
135
136 /* Cache of the entire file. This is used to speed up OsRead() and
137 ** OsFileSize() calls. Although both could be done by traversing the
138 ** write-list, in practice this is impractically slow.
139 */
140 u8 *zData; /* Buffer containing file contents */
141 int nData; /* Size of buffer allocated at zData */
142 i64 iSize; /* Size of file in bytes */
143 };
144
145 struct CrashGlobal {
146 WriteBuffer *pWriteList; /* Head of write-list */
147 WriteBuffer *pWriteListEnd; /* End of write-list */
148
149 int iSectorSize; /* Value of simulated sector size */
150 int iDeviceCharacteristics; /* Value of simulated device characteristics */
151
152 int iCrash; /* Crash on the iCrash'th call to xSync() */
153 char zCrashFile[500]; /* Crash during an xSync() on this file */
154 };
155
156 static CrashGlobal g = {0, 0, SQLITE_DEFAULT_SECTOR_SIZE, 0, 0};
157
158 /*
159 ** Set this global variable to 1 to enable crash testing.
160 */
161 static int sqlite3CrashTestEnable = 0;
162
crash_malloc(int nByte)163 static void *crash_malloc(int nByte){
164 return (void *)Tcl_AttemptAlloc((size_t)nByte);
165 }
crash_free(void * p)166 static void crash_free(void *p){
167 Tcl_Free(p);
168 }
crash_realloc(void * p,int n)169 static void *crash_realloc(void *p, int n){
170 return (void *)Tcl_AttemptRealloc(p, (size_t)n);
171 }
172
173 /*
174 ** Wrapper around the sqlite3OsWrite() function that avoids writing to the
175 ** 512 byte block begining at offset PENDING_BYTE.
176 */
writeDbFile(CrashFile * p,u8 * z,i64 iAmt,i64 iOff)177 static int writeDbFile(CrashFile *p, u8 *z, i64 iAmt, i64 iOff){
178 int rc = SQLITE_OK;
179 int iSkip = 0;
180 if( (iAmt-iSkip)>0 ){
181 rc = sqlite3OsWrite(p->pRealFile, &z[iSkip], (int)(iAmt-iSkip), iOff+iSkip);
182 }
183 return rc;
184 }
185
186 /*
187 ** Flush the write-list as if xSync() had been called on file handle
188 ** pFile. If isCrash is true, simulate a crash.
189 */
writeListSync(CrashFile * pFile,int isCrash)190 static int writeListSync(CrashFile *pFile, int isCrash){
191 int rc = SQLITE_OK;
192 int iDc = g.iDeviceCharacteristics;
193
194 WriteBuffer *pWrite;
195 WriteBuffer **ppPtr;
196
197 /* If this is not a crash simulation, set pFinal to point to the
198 ** last element of the write-list that is associated with file handle
199 ** pFile.
200 **
201 ** If this is a crash simulation, set pFinal to an arbitrarily selected
202 ** element of the write-list.
203 */
204 WriteBuffer *pFinal = 0;
205 if( !isCrash ){
206 for(pWrite=g.pWriteList; pWrite; pWrite=pWrite->pNext){
207 if( pWrite->pFile==pFile ){
208 pFinal = pWrite;
209 }
210 }
211 }else if( iDc&(SQLITE_IOCAP_SEQUENTIAL|SQLITE_IOCAP_SAFE_APPEND) ){
212 int nWrite = 0;
213 int iFinal;
214 for(pWrite=g.pWriteList; pWrite; pWrite=pWrite->pNext) nWrite++;
215 sqlite3_randomness(sizeof(int), &iFinal);
216 iFinal = ((iFinal<0)?-1*iFinal:iFinal)%nWrite;
217 for(pWrite=g.pWriteList; iFinal>0; pWrite=pWrite->pNext) iFinal--;
218 pFinal = pWrite;
219 }
220
221 #ifdef TRACE_CRASHTEST
222 if( pFile ){
223 printf("Sync %s (is %s crash)\n", pFile->zName, (isCrash?"a":"not a"));
224 }
225 #endif
226
227 ppPtr = &g.pWriteList;
228 for(pWrite=*ppPtr; rc==SQLITE_OK && pWrite; pWrite=*ppPtr){
229 sqlite3_file *pRealFile = pWrite->pFile->pRealFile;
230
231 /* (eAction==1) -> write block out normally,
232 ** (eAction==2) -> do nothing,
233 ** (eAction==3) -> trash sectors.
234 */
235 int eAction = 0;
236 if( !isCrash ){
237 eAction = 2;
238 if( (pWrite->pFile==pFile || iDc&SQLITE_IOCAP_SEQUENTIAL) ){
239 eAction = 1;
240 }
241 }else{
242 char random;
243 sqlite3_randomness(1, &random);
244
245 /* Do not select option 3 (sector trashing) if the IOCAP_ATOMIC flag
246 ** is set or this is an OsTruncate(), not an Oswrite().
247 */
248 if( (iDc&SQLITE_IOCAP_ATOMIC) || (pWrite->zBuf==0) ){
249 random &= 0x01;
250 }
251
252 /* If IOCAP_SEQUENTIAL is set and this is not the final entry
253 ** in the truncated write-list, always select option 1 (write
254 ** out correctly).
255 */
256 if( (iDc&SQLITE_IOCAP_SEQUENTIAL && pWrite!=pFinal) ){
257 random = 0;
258 }
259
260 /* If IOCAP_SAFE_APPEND is set and this OsWrite() operation is
261 ** an append (first byte of the written region is 1 byte past the
262 ** current EOF), always select option 1 (write out correctly).
263 */
264 if( iDc&SQLITE_IOCAP_SAFE_APPEND && pWrite->zBuf ){
265 i64 iSize;
266 sqlite3OsFileSize(pRealFile, &iSize);
267 if( iSize==pWrite->iOffset ){
268 random = 0;
269 }
270 }
271
272 if( (random&0x06)==0x06 ){
273 eAction = 3;
274 }else{
275 eAction = ((random&0x01)?2:1);
276 }
277 }
278
279 switch( eAction ){
280 case 1: { /* Write out correctly */
281 if( pWrite->zBuf ){
282 rc = writeDbFile(
283 pWrite->pFile, pWrite->zBuf, pWrite->nBuf, pWrite->iOffset
284 );
285 }else{
286 rc = sqlite3OsTruncate(pRealFile, pWrite->iOffset);
287 }
288 *ppPtr = pWrite->pNext;
289 #ifdef TRACE_CRASHTEST
290 if( isCrash ){
291 printf("Writing %d bytes @ %d (%s)\n",
292 pWrite->nBuf, (int)pWrite->iOffset, pWrite->pFile->zName
293 );
294 }
295 #endif
296 crash_free(pWrite);
297 break;
298 }
299 case 2: { /* Do nothing */
300 ppPtr = &pWrite->pNext;
301 #ifdef TRACE_CRASHTEST
302 if( isCrash ){
303 printf("Omiting %d bytes @ %d (%s)\n",
304 pWrite->nBuf, (int)pWrite->iOffset, pWrite->pFile->zName
305 );
306 }
307 #endif
308 break;
309 }
310 case 3: { /* Trash sectors */
311 u8 *zGarbage;
312 int iFirst = (int)(pWrite->iOffset/g.iSectorSize);
313 int iLast = (int)((pWrite->iOffset+pWrite->nBuf-1)/g.iSectorSize);
314
315 assert(pWrite->zBuf);
316
317 #ifdef TRACE_CRASHTEST
318 printf("Trashing %d sectors (%d bytes) @ %lld (sector %d) (%s)\n",
319 1+iLast-iFirst, (1+iLast-iFirst)*g.iSectorSize,
320 pWrite->iOffset, iFirst, pWrite->pFile->zName
321 );
322 #endif
323
324 zGarbage = crash_malloc(g.iSectorSize);
325 if( zGarbage ){
326 sqlite3_int64 i;
327 for(i=iFirst; rc==SQLITE_OK && i<=iLast; i++){
328 sqlite3_randomness(g.iSectorSize, zGarbage);
329 rc = writeDbFile(
330 pWrite->pFile, zGarbage, g.iSectorSize, i*g.iSectorSize
331 );
332 }
333 crash_free(zGarbage);
334 }else{
335 rc = SQLITE_NOMEM;
336 }
337
338 ppPtr = &pWrite->pNext;
339 break;
340 }
341
342 default:
343 assert(!"Cannot happen");
344 }
345
346 if( pWrite==pFinal ) break;
347 }
348
349 if( rc==SQLITE_OK && isCrash ){
350 exit(-1);
351 }
352
353 for(pWrite=g.pWriteList; pWrite && pWrite->pNext; pWrite=pWrite->pNext);
354 g.pWriteListEnd = pWrite;
355
356 return rc;
357 }
358
359 /*
360 ** Add an entry to the end of the write-list.
361 */
writeListAppend(sqlite3_file * pFile,sqlite3_int64 iOffset,const u8 * zBuf,int nBuf)362 static int writeListAppend(
363 sqlite3_file *pFile,
364 sqlite3_int64 iOffset,
365 const u8 *zBuf,
366 int nBuf
367 ){
368 WriteBuffer *pNew;
369
370 assert((zBuf && nBuf) || (!nBuf && !zBuf));
371
372 pNew = (WriteBuffer *)crash_malloc(sizeof(WriteBuffer) + nBuf);
373 if( pNew==0 ){
374 fprintf(stderr, "out of memory in the crash simulator\n");
375 }
376 memset(pNew, 0, sizeof(WriteBuffer)+nBuf);
377 pNew->iOffset = iOffset;
378 pNew->nBuf = nBuf;
379 pNew->pFile = (CrashFile *)pFile;
380 if( zBuf ){
381 pNew->zBuf = (u8 *)&pNew[1];
382 memcpy(pNew->zBuf, zBuf, nBuf);
383 }
384
385 if( g.pWriteList ){
386 assert(g.pWriteListEnd);
387 g.pWriteListEnd->pNext = pNew;
388 }else{
389 g.pWriteList = pNew;
390 }
391 g.pWriteListEnd = pNew;
392
393 return SQLITE_OK;
394 }
395
396 /*
397 ** Close a crash-file.
398 */
cfClose(sqlite3_file * pFile)399 static int cfClose(sqlite3_file *pFile){
400 CrashFile *pCrash = (CrashFile *)pFile;
401 writeListSync(pCrash, 0);
402 sqlite3OsClose(pCrash->pRealFile);
403 return SQLITE_OK;
404 }
405
406 /*
407 ** Read data from a crash-file.
408 */
cfRead(sqlite3_file * pFile,void * zBuf,int iAmt,sqlite_int64 iOfst)409 static int cfRead(
410 sqlite3_file *pFile,
411 void *zBuf,
412 int iAmt,
413 sqlite_int64 iOfst
414 ){
415 CrashFile *pCrash = (CrashFile *)pFile;
416 int nCopy = (int)MIN((i64)iAmt, (pCrash->iSize - iOfst));
417
418 if( nCopy>0 ){
419 memcpy(zBuf, &pCrash->zData[iOfst], nCopy);
420 }
421
422 /* Check the file-size to see if this is a short-read */
423 if( nCopy<iAmt ){
424 return SQLITE_IOERR_SHORT_READ;
425 }
426
427 return SQLITE_OK;
428 }
429
430 /*
431 ** Write data to a crash-file.
432 */
cfWrite(sqlite3_file * pFile,const void * zBuf,int iAmt,sqlite_int64 iOfst)433 static int cfWrite(
434 sqlite3_file *pFile,
435 const void *zBuf,
436 int iAmt,
437 sqlite_int64 iOfst
438 ){
439 CrashFile *pCrash = (CrashFile *)pFile;
440 if( iAmt+iOfst>pCrash->iSize ){
441 pCrash->iSize = (int)(iAmt+iOfst);
442 }
443 while( pCrash->iSize>pCrash->nData ){
444 u8 *zNew;
445 int nNew = (pCrash->nData*2) + 4096;
446 zNew = crash_realloc(pCrash->zData, nNew);
447 if( !zNew ){
448 return SQLITE_NOMEM;
449 }
450 memset(&zNew[pCrash->nData], 0, nNew-pCrash->nData);
451 pCrash->nData = nNew;
452 pCrash->zData = zNew;
453 }
454 memcpy(&pCrash->zData[iOfst], zBuf, iAmt);
455 return writeListAppend(pFile, iOfst, zBuf, iAmt);
456 }
457
458 /*
459 ** Truncate a crash-file.
460 */
cfTruncate(sqlite3_file * pFile,sqlite_int64 size)461 static int cfTruncate(sqlite3_file *pFile, sqlite_int64 size){
462 CrashFile *pCrash = (CrashFile *)pFile;
463 assert(size>=0);
464 if( pCrash->iSize>size ){
465 pCrash->iSize = (int)size;
466 }
467 return writeListAppend(pFile, size, 0, 0);
468 }
469
470 /*
471 ** Sync a crash-file.
472 */
cfSync(sqlite3_file * pFile,int flags)473 static int cfSync(sqlite3_file *pFile, int flags){
474 CrashFile *pCrash = (CrashFile *)pFile;
475 int isCrash = 0;
476
477 const char *zName = pCrash->zName;
478 const char *zCrashFile = g.zCrashFile;
479 int nName = (int)strlen(zName);
480 int nCrashFile = (int)strlen(zCrashFile);
481
482 if( nCrashFile>0 && zCrashFile[nCrashFile-1]=='*' ){
483 nCrashFile--;
484 if( nName>nCrashFile ) nName = nCrashFile;
485 }
486
487 #ifdef TRACE_CRASHTEST
488 printf("cfSync(): nName = %d, nCrashFile = %d, zName = %s, zCrashFile = %s\n",
489 nName, nCrashFile, zName, zCrashFile);
490 #endif
491
492 if( nName==nCrashFile && 0==memcmp(zName, zCrashFile, nName) ){
493 #ifdef TRACE_CRASHTEST
494 printf("cfSync(): name matched, g.iCrash = %d\n", g.iCrash);
495 #endif
496 if( (--g.iCrash)==0 ) isCrash = 1;
497 }
498
499 return writeListSync(pCrash, isCrash);
500 }
501
502 /*
503 ** Return the current file-size of the crash-file.
504 */
cfFileSize(sqlite3_file * pFile,sqlite_int64 * pSize)505 static int cfFileSize(sqlite3_file *pFile, sqlite_int64 *pSize){
506 CrashFile *pCrash = (CrashFile *)pFile;
507 *pSize = (i64)pCrash->iSize;
508 return SQLITE_OK;
509 }
510
511 /*
512 ** Calls related to file-locks are passed on to the real file handle.
513 */
cfLock(sqlite3_file * pFile,int eLock)514 static int cfLock(sqlite3_file *pFile, int eLock){
515 return sqlite3OsLock(((CrashFile *)pFile)->pRealFile, eLock);
516 }
cfUnlock(sqlite3_file * pFile,int eLock)517 static int cfUnlock(sqlite3_file *pFile, int eLock){
518 return sqlite3OsUnlock(((CrashFile *)pFile)->pRealFile, eLock);
519 }
cfCheckReservedLock(sqlite3_file * pFile,int * pResOut)520 static int cfCheckReservedLock(sqlite3_file *pFile, int *pResOut){
521 return sqlite3OsCheckReservedLock(((CrashFile *)pFile)->pRealFile, pResOut);
522 }
cfFileControl(sqlite3_file * pFile,int op,void * pArg)523 static int cfFileControl(sqlite3_file *pFile, int op, void *pArg){
524 if( op==SQLITE_FCNTL_SIZE_HINT ){
525 CrashFile *pCrash = (CrashFile *)pFile;
526 i64 nByte = *(i64 *)pArg;
527 if( nByte>pCrash->iSize ){
528 if( SQLITE_OK==writeListAppend(pFile, nByte, 0, 0) ){
529 pCrash->iSize = (int)nByte;
530 }
531 }
532 return SQLITE_OK;
533 }
534 return sqlite3OsFileControl(((CrashFile *)pFile)->pRealFile, op, pArg);
535 }
536
537 /*
538 ** The xSectorSize() and xDeviceCharacteristics() functions return
539 ** the global values configured by the [sqlite_crashparams] tcl
540 * interface.
541 */
cfSectorSize(sqlite3_file * pFile)542 static int cfSectorSize(sqlite3_file *pFile){
543 return g.iSectorSize;
544 }
cfDeviceCharacteristics(sqlite3_file * pFile)545 static int cfDeviceCharacteristics(sqlite3_file *pFile){
546 return g.iDeviceCharacteristics;
547 }
548
549 /*
550 ** Pass-throughs for WAL support.
551 */
cfShmLock(sqlite3_file * pFile,int ofst,int n,int flags)552 static int cfShmLock(sqlite3_file *pFile, int ofst, int n, int flags){
553 sqlite3_file *pReal = ((CrashFile*)pFile)->pRealFile;
554 return pReal->pMethods->xShmLock(pReal, ofst, n, flags);
555 }
cfShmBarrier(sqlite3_file * pFile)556 static void cfShmBarrier(sqlite3_file *pFile){
557 sqlite3_file *pReal = ((CrashFile*)pFile)->pRealFile;
558 pReal->pMethods->xShmBarrier(pReal);
559 }
cfShmUnmap(sqlite3_file * pFile,int delFlag)560 static int cfShmUnmap(sqlite3_file *pFile, int delFlag){
561 sqlite3_file *pReal = ((CrashFile*)pFile)->pRealFile;
562 return pReal->pMethods->xShmUnmap(pReal, delFlag);
563 }
cfShmMap(sqlite3_file * pFile,int iRegion,int sz,int w,void volatile ** pp)564 static int cfShmMap(
565 sqlite3_file *pFile, /* Handle open on database file */
566 int iRegion, /* Region to retrieve */
567 int sz, /* Size of regions */
568 int w, /* True to extend file if necessary */
569 void volatile **pp /* OUT: Mapped memory */
570 ){
571 sqlite3_file *pReal = ((CrashFile*)pFile)->pRealFile;
572 return pReal->pMethods->xShmMap(pReal, iRegion, sz, w, pp);
573 }
574
575 static const sqlite3_io_methods CrashFileVtab = {
576 2, /* iVersion */
577 cfClose, /* xClose */
578 cfRead, /* xRead */
579 cfWrite, /* xWrite */
580 cfTruncate, /* xTruncate */
581 cfSync, /* xSync */
582 cfFileSize, /* xFileSize */
583 cfLock, /* xLock */
584 cfUnlock, /* xUnlock */
585 cfCheckReservedLock, /* xCheckReservedLock */
586 cfFileControl, /* xFileControl */
587 cfSectorSize, /* xSectorSize */
588 cfDeviceCharacteristics, /* xDeviceCharacteristics */
589 cfShmMap, /* xShmMap */
590 cfShmLock, /* xShmLock */
591 cfShmBarrier, /* xShmBarrier */
592 cfShmUnmap /* xShmUnmap */
593 };
594
595 /*
596 ** Application data for the crash VFS
597 */
598 struct crashAppData {
599 sqlite3_vfs *pOrig; /* Wrapped vfs structure */
600 };
601
602 /*
603 ** Open a crash-file file handle.
604 **
605 ** The caller will have allocated pVfs->szOsFile bytes of space
606 ** at pFile. This file uses this space for the CrashFile structure
607 ** and allocates space for the "real" file structure using
608 ** sqlite3_malloc(). The assumption here is (pVfs->szOsFile) is
609 ** equal or greater than sizeof(CrashFile).
610 */
cfOpen(sqlite3_vfs * pCfVfs,const char * zName,sqlite3_file * pFile,int flags,int * pOutFlags)611 static int cfOpen(
612 sqlite3_vfs *pCfVfs,
613 const char *zName,
614 sqlite3_file *pFile,
615 int flags,
616 int *pOutFlags
617 ){
618 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
619 int rc;
620 CrashFile *pWrapper = (CrashFile *)pFile;
621 sqlite3_file *pReal = (sqlite3_file*)&pWrapper[1];
622
623 memset(pWrapper, 0, sizeof(CrashFile));
624 rc = sqlite3OsOpen(pVfs, zName, pReal, flags, pOutFlags);
625
626 if( rc==SQLITE_OK ){
627 i64 iSize;
628 pWrapper->pMethod = &CrashFileVtab;
629 pWrapper->zName = (char *)zName;
630 pWrapper->pRealFile = pReal;
631 rc = sqlite3OsFileSize(pReal, &iSize);
632 pWrapper->iSize = (int)iSize;
633 pWrapper->flags = flags;
634 }
635 if( rc==SQLITE_OK ){
636 pWrapper->nData = (int)(4096 + pWrapper->iSize);
637 pWrapper->zData = crash_malloc(pWrapper->nData);
638 if( pWrapper->zData ){
639 /* os_unix.c contains an assert() that fails if the caller attempts
640 ** to read data from the 512-byte locking region of a file opened
641 ** with the SQLITE_OPEN_MAIN_DB flag. This region of a database file
642 ** never contains valid data anyhow. So avoid doing such a read here.
643 **
644 ** UPDATE: It also contains an assert() verifying that each call
645 ** to the xRead() method reads less than 128KB of data.
646 */
647 i64 iOff;
648
649 memset(pWrapper->zData, 0, pWrapper->nData);
650 for(iOff=0; iOff<pWrapper->iSize; iOff += 512){
651 int nRead = (int)(pWrapper->iSize - iOff);
652 if( nRead>512 ) nRead = 512;
653 rc = sqlite3OsRead(pReal, &pWrapper->zData[iOff], nRead, iOff);
654 }
655 }else{
656 rc = SQLITE_NOMEM;
657 }
658 }
659 if( rc!=SQLITE_OK && pWrapper->pMethod ){
660 sqlite3OsClose(pFile);
661 }
662 return rc;
663 }
664
cfDelete(sqlite3_vfs * pCfVfs,const char * zPath,int dirSync)665 static int cfDelete(sqlite3_vfs *pCfVfs, const char *zPath, int dirSync){
666 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
667 return pVfs->xDelete(pVfs, zPath, dirSync);
668 }
cfAccess(sqlite3_vfs * pCfVfs,const char * zPath,int flags,int * pResOut)669 static int cfAccess(
670 sqlite3_vfs *pCfVfs,
671 const char *zPath,
672 int flags,
673 int *pResOut
674 ){
675 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
676 return pVfs->xAccess(pVfs, zPath, flags, pResOut);
677 }
cfFullPathname(sqlite3_vfs * pCfVfs,const char * zPath,int nPathOut,char * zPathOut)678 static int cfFullPathname(
679 sqlite3_vfs *pCfVfs,
680 const char *zPath,
681 int nPathOut,
682 char *zPathOut
683 ){
684 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
685 return pVfs->xFullPathname(pVfs, zPath, nPathOut, zPathOut);
686 }
cfDlOpen(sqlite3_vfs * pCfVfs,const char * zPath)687 static void *cfDlOpen(sqlite3_vfs *pCfVfs, const char *zPath){
688 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
689 return pVfs->xDlOpen(pVfs, zPath);
690 }
cfDlError(sqlite3_vfs * pCfVfs,int nByte,char * zErrMsg)691 static void cfDlError(sqlite3_vfs *pCfVfs, int nByte, char *zErrMsg){
692 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
693 pVfs->xDlError(pVfs, nByte, zErrMsg);
694 }
cfDlSym(sqlite3_vfs * pCfVfs,void * pH,const char * zSym)695 static void (*cfDlSym(sqlite3_vfs *pCfVfs, void *pH, const char *zSym))(void){
696 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
697 return pVfs->xDlSym(pVfs, pH, zSym);
698 }
cfDlClose(sqlite3_vfs * pCfVfs,void * pHandle)699 static void cfDlClose(sqlite3_vfs *pCfVfs, void *pHandle){
700 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
701 pVfs->xDlClose(pVfs, pHandle);
702 }
cfRandomness(sqlite3_vfs * pCfVfs,int nByte,char * zBufOut)703 static int cfRandomness(sqlite3_vfs *pCfVfs, int nByte, char *zBufOut){
704 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
705 return pVfs->xRandomness(pVfs, nByte, zBufOut);
706 }
cfSleep(sqlite3_vfs * pCfVfs,int nMicro)707 static int cfSleep(sqlite3_vfs *pCfVfs, int nMicro){
708 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
709 return pVfs->xSleep(pVfs, nMicro);
710 }
cfCurrentTime(sqlite3_vfs * pCfVfs,double * pTimeOut)711 static int cfCurrentTime(sqlite3_vfs *pCfVfs, double *pTimeOut){
712 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
713 return pVfs->xCurrentTime(pVfs, pTimeOut);
714 }
cfGetLastError(sqlite3_vfs * pCfVfs,int n,char * z)715 static int cfGetLastError(sqlite3_vfs *pCfVfs, int n, char *z){
716 sqlite3_vfs *pVfs = (sqlite3_vfs *)pCfVfs->pAppData;
717 return pVfs->xGetLastError(pVfs, n, z);
718 }
719
processDevSymArgs(Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[],int * piDeviceChar,int * piSectorSize)720 static int processDevSymArgs(
721 Tcl_Interp *interp,
722 int objc,
723 Tcl_Obj *CONST objv[],
724 int *piDeviceChar,
725 int *piSectorSize
726 ){
727 struct DeviceFlag {
728 char *zName;
729 int iValue;
730 } aFlag[] = {
731 { "atomic", SQLITE_IOCAP_ATOMIC },
732 { "atomic512", SQLITE_IOCAP_ATOMIC512 },
733 { "atomic1k", SQLITE_IOCAP_ATOMIC1K },
734 { "atomic2k", SQLITE_IOCAP_ATOMIC2K },
735 { "atomic4k", SQLITE_IOCAP_ATOMIC4K },
736 { "atomic8k", SQLITE_IOCAP_ATOMIC8K },
737 { "atomic16k", SQLITE_IOCAP_ATOMIC16K },
738 { "atomic32k", SQLITE_IOCAP_ATOMIC32K },
739 { "atomic64k", SQLITE_IOCAP_ATOMIC64K },
740 { "sequential", SQLITE_IOCAP_SEQUENTIAL },
741 { "safe_append", SQLITE_IOCAP_SAFE_APPEND },
742 { "powersafe_overwrite", SQLITE_IOCAP_POWERSAFE_OVERWRITE },
743 { "batch-atomic", SQLITE_IOCAP_BATCH_ATOMIC },
744 { 0, 0 }
745 };
746
747 int i;
748 int iDc = 0;
749 int iSectorSize = 0;
750 int setSectorsize = 0;
751 int setDeviceChar = 0;
752
753 for(i=0; i<objc; i+=2){
754 int nOpt;
755 char *zOpt = Tcl_GetStringFromObj(objv[i], &nOpt);
756
757 if( (nOpt>11 || nOpt<2 || strncmp("-sectorsize", zOpt, nOpt))
758 && (nOpt>16 || nOpt<2 || strncmp("-characteristics", zOpt, nOpt))
759 ){
760 Tcl_AppendResult(interp,
761 "Bad option: \"", zOpt,
762 "\" - must be \"-characteristics\" or \"-sectorsize\"", 0
763 );
764 return TCL_ERROR;
765 }
766 if( i==objc-1 ){
767 Tcl_AppendResult(interp, "Option requires an argument: \"", zOpt, "\"",0);
768 return TCL_ERROR;
769 }
770
771 if( zOpt[1]=='s' ){
772 if( Tcl_GetIntFromObj(interp, objv[i+1], &iSectorSize) ){
773 return TCL_ERROR;
774 }
775 setSectorsize = 1;
776 }else{
777 int j;
778 Tcl_Obj **apObj;
779 int nObj;
780 if( Tcl_ListObjGetElements(interp, objv[i+1], &nObj, &apObj) ){
781 return TCL_ERROR;
782 }
783 for(j=0; j<nObj; j++){
784 int rc;
785 int iChoice;
786 Tcl_Obj *pFlag = Tcl_DuplicateObj(apObj[j]);
787 Tcl_IncrRefCount(pFlag);
788 Tcl_UtfToLower(Tcl_GetString(pFlag));
789
790 rc = Tcl_GetIndexFromObjStruct(
791 interp, pFlag, aFlag, sizeof(aFlag[0]), "no such flag", 0, &iChoice
792 );
793 Tcl_DecrRefCount(pFlag);
794 if( rc ){
795 return TCL_ERROR;
796 }
797
798 iDc |= aFlag[iChoice].iValue;
799 }
800 setDeviceChar = 1;
801 }
802 }
803
804 if( setDeviceChar ){
805 *piDeviceChar = iDc;
806 }
807 if( setSectorsize ){
808 *piSectorSize = iSectorSize;
809 }
810
811 return TCL_OK;
812 }
813
814 /*
815 ** tclcmd: sqlite3_crash_now
816 **
817 ** Simulate a crash immediately. This function does not return
818 ** (writeListSync() calls exit(-1)).
819 */
crashNowCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])820 static int SQLITE_TCLAPI crashNowCmd(
821 void * clientData,
822 Tcl_Interp *interp,
823 int objc,
824 Tcl_Obj *CONST objv[]
825 ){
826 if( objc!=1 ){
827 Tcl_WrongNumArgs(interp, 1, objv, "");
828 return TCL_ERROR;
829 }
830 writeListSync(0, 1);
831 assert( 0 );
832 return TCL_OK;
833 }
834
835 /*
836 ** tclcmd: sqlite_crash_enable ENABLE ?DEFAULT?
837 **
838 ** Parameter ENABLE must be a boolean value. If true, then the "crash"
839 ** vfs is added to the system. If false, it is removed.
840 */
crashEnableCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])841 static int SQLITE_TCLAPI crashEnableCmd(
842 void * clientData,
843 Tcl_Interp *interp,
844 int objc,
845 Tcl_Obj *CONST objv[]
846 ){
847 int isEnable;
848 int isDefault = 0;
849 static sqlite3_vfs crashVfs = {
850 2, /* iVersion */
851 0, /* szOsFile */
852 0, /* mxPathname */
853 0, /* pNext */
854 "crash", /* zName */
855 0, /* pAppData */
856
857 cfOpen, /* xOpen */
858 cfDelete, /* xDelete */
859 cfAccess, /* xAccess */
860 cfFullPathname, /* xFullPathname */
861 cfDlOpen, /* xDlOpen */
862 cfDlError, /* xDlError */
863 cfDlSym, /* xDlSym */
864 cfDlClose, /* xDlClose */
865 cfRandomness, /* xRandomness */
866 cfSleep, /* xSleep */
867 cfCurrentTime, /* xCurrentTime */
868 cfGetLastError, /* xGetLastError */
869 0, /* xCurrentTimeInt64 */
870 };
871
872 if( objc!=2 && objc!=3 ){
873 Tcl_WrongNumArgs(interp, 1, objv, "ENABLE ?DEFAULT?");
874 return TCL_ERROR;
875 }
876
877 if( Tcl_GetBooleanFromObj(interp, objv[1], &isEnable) ){
878 return TCL_ERROR;
879 }
880 if( objc==3 && Tcl_GetBooleanFromObj(interp, objv[2], &isDefault) ){
881 return TCL_ERROR;
882 }
883
884 if( (isEnable && crashVfs.pAppData) || (!isEnable && !crashVfs.pAppData) ){
885 return TCL_OK;
886 }
887
888 if( crashVfs.pAppData==0 ){
889 sqlite3_vfs *pOriginalVfs = sqlite3_vfs_find(0);
890 crashVfs.mxPathname = pOriginalVfs->mxPathname;
891 crashVfs.pAppData = (void *)pOriginalVfs;
892 crashVfs.szOsFile = sizeof(CrashFile) + pOriginalVfs->szOsFile;
893 sqlite3_vfs_register(&crashVfs, isDefault);
894 }else{
895 crashVfs.pAppData = 0;
896 sqlite3_vfs_unregister(&crashVfs);
897 }
898
899 return TCL_OK;
900 }
901
902 /*
903 ** tclcmd: sqlite_crashparams ?OPTIONS? DELAY CRASHFILE
904 **
905 ** This procedure implements a TCL command that enables crash testing
906 ** in testfixture. Once enabled, crash testing cannot be disabled.
907 **
908 ** Available options are "-characteristics" and "-sectorsize". Both require
909 ** an argument. For -sectorsize, this is the simulated sector size in
910 ** bytes. For -characteristics, the argument must be a list of io-capability
911 ** flags to simulate. Valid flags are "atomic", "atomic512", "atomic1K",
912 ** "atomic2K", "atomic4K", "atomic8K", "atomic16K", "atomic32K",
913 ** "atomic64K", "sequential" and "safe_append".
914 **
915 ** Example:
916 **
917 ** sqlite_crashparams -sect 1024 -char {atomic sequential} ./test.db 1
918 **
919 */
crashParamsObjCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])920 static int SQLITE_TCLAPI crashParamsObjCmd(
921 void * clientData,
922 Tcl_Interp *interp,
923 int objc,
924 Tcl_Obj *CONST objv[]
925 ){
926 int iDelay;
927 const char *zCrashFile;
928 int nCrashFile, iDc, iSectorSize;
929
930 iDc = -1;
931 iSectorSize = -1;
932
933 if( objc<3 ){
934 Tcl_WrongNumArgs(interp, 1, objv, "?OPTIONS? DELAY CRASHFILE");
935 goto error;
936 }
937
938 zCrashFile = Tcl_GetStringFromObj(objv[objc-1], &nCrashFile);
939 if( nCrashFile>=sizeof(g.zCrashFile) ){
940 Tcl_AppendResult(interp, "Filename is too long: \"", zCrashFile, "\"", 0);
941 goto error;
942 }
943 if( Tcl_GetIntFromObj(interp, objv[objc-2], &iDelay) ){
944 goto error;
945 }
946
947 if( processDevSymArgs(interp, objc-3, &objv[1], &iDc, &iSectorSize) ){
948 return TCL_ERROR;
949 }
950
951 if( iDc>=0 ){
952 g.iDeviceCharacteristics = iDc;
953 }
954 if( iSectorSize>=0 ){
955 g.iSectorSize = iSectorSize;
956 }
957
958 g.iCrash = iDelay;
959 memcpy(g.zCrashFile, zCrashFile, nCrashFile+1);
960 sqlite3CrashTestEnable = 1;
961 return TCL_OK;
962
963 error:
964 return TCL_ERROR;
965 }
966
devSymObjCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])967 static int SQLITE_TCLAPI devSymObjCmd(
968 void * clientData,
969 Tcl_Interp *interp,
970 int objc,
971 Tcl_Obj *CONST objv[]
972 ){
973 void devsym_register(int iDeviceChar, int iSectorSize);
974
975 int iDc = -1;
976 int iSectorSize = -1;
977
978 if( processDevSymArgs(interp, objc-1, &objv[1], &iDc, &iSectorSize) ){
979 return TCL_ERROR;
980 }
981 devsym_register(iDc, iSectorSize);
982
983 return TCL_OK;
984 }
985
986 /*
987 ** tclcmd: sqlite3_crash_on_write N
988 */
writeCrashObjCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])989 static int SQLITE_TCLAPI writeCrashObjCmd(
990 void * clientData,
991 Tcl_Interp *interp,
992 int objc,
993 Tcl_Obj *CONST objv[]
994 ){
995 void devsym_crash_on_write(int);
996 int nWrite = 0;
997
998 if( objc!=2 ){
999 Tcl_WrongNumArgs(interp, 1, objv, "NWRITE");
1000 return TCL_ERROR;
1001 }
1002 if( Tcl_GetIntFromObj(interp, objv[1], &nWrite) ){
1003 return TCL_ERROR;
1004 }
1005
1006 devsym_crash_on_write(nWrite);
1007 return TCL_OK;
1008 }
1009
1010 /*
1011 ** tclcmd: unregister_devsim
1012 */
dsUnregisterObjCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])1013 static int SQLITE_TCLAPI dsUnregisterObjCmd(
1014 void * clientData,
1015 Tcl_Interp *interp,
1016 int objc,
1017 Tcl_Obj *CONST objv[]
1018 ){
1019 void devsym_unregister(void);
1020
1021 if( objc!=1 ){
1022 Tcl_WrongNumArgs(interp, 1, objv, "");
1023 return TCL_ERROR;
1024 }
1025
1026 devsym_unregister();
1027 return TCL_OK;
1028 }
1029
1030 /*
1031 ** tclcmd: register_jt_vfs ?-default? PARENT-VFS
1032 */
jtObjCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])1033 static int SQLITE_TCLAPI jtObjCmd(
1034 void * clientData,
1035 Tcl_Interp *interp,
1036 int objc,
1037 Tcl_Obj *CONST objv[]
1038 ){
1039 int jt_register(char *, int);
1040 char *zParent = 0;
1041
1042 if( objc!=2 && objc!=3 ){
1043 Tcl_WrongNumArgs(interp, 1, objv, "?-default? PARENT-VFS");
1044 return TCL_ERROR;
1045 }
1046 zParent = Tcl_GetString(objv[1]);
1047 if( objc==3 ){
1048 if( strcmp(zParent, "-default") ){
1049 Tcl_AppendResult(interp,
1050 "bad option \"", zParent, "\": must be -default", 0
1051 );
1052 return TCL_ERROR;
1053 }
1054 zParent = Tcl_GetString(objv[2]);
1055 }
1056
1057 if( !(*zParent) ){
1058 zParent = 0;
1059 }
1060 if( jt_register(zParent, objc==3) ){
1061 Tcl_AppendResult(interp, "Error in jt_register", 0);
1062 return TCL_ERROR;
1063 }
1064
1065 return TCL_OK;
1066 }
1067
1068 /*
1069 ** tclcmd: unregister_jt_vfs
1070 */
jtUnregisterObjCmd(void * clientData,Tcl_Interp * interp,int objc,Tcl_Obj * CONST objv[])1071 static int SQLITE_TCLAPI jtUnregisterObjCmd(
1072 void * clientData,
1073 Tcl_Interp *interp,
1074 int objc,
1075 Tcl_Obj *CONST objv[]
1076 ){
1077 void jt_unregister(void);
1078
1079 if( objc!=1 ){
1080 Tcl_WrongNumArgs(interp, 1, objv, "");
1081 return TCL_ERROR;
1082 }
1083
1084 jt_unregister();
1085 return TCL_OK;
1086 }
1087
1088 #endif /* SQLITE_OMIT_DISKIO */
1089
1090 /*
1091 ** This procedure registers the TCL procedures defined in this file.
1092 */
Sqlitetest6_Init(Tcl_Interp * interp)1093 int Sqlitetest6_Init(Tcl_Interp *interp){
1094 #ifndef SQLITE_OMIT_DISKIO
1095 Tcl_CreateObjCommand(interp, "sqlite3_crash_enable", crashEnableCmd, 0, 0);
1096 Tcl_CreateObjCommand(interp, "sqlite3_crashparams", crashParamsObjCmd, 0, 0);
1097 Tcl_CreateObjCommand(interp, "sqlite3_crash_now", crashNowCmd, 0, 0);
1098 Tcl_CreateObjCommand(interp, "sqlite3_simulate_device", devSymObjCmd, 0, 0);
1099 Tcl_CreateObjCommand(interp, "sqlite3_crash_on_write", writeCrashObjCmd,0,0);
1100 Tcl_CreateObjCommand(interp, "unregister_devsim", dsUnregisterObjCmd, 0, 0);
1101 Tcl_CreateObjCommand(interp, "register_jt_vfs", jtObjCmd, 0, 0);
1102 Tcl_CreateObjCommand(interp, "unregister_jt_vfs", jtUnregisterObjCmd, 0, 0);
1103 #endif
1104 return TCL_OK;
1105 }
1106
1107 #endif /* SQLITE_TEST */
1108