From c41cc395c552232f36a0da1d47b03fd52c418a60 Mon Sep 17 00:00:00 2001 From: danielk1977 Date: Thu, 15 May 2008 08:34:54 +0000 Subject: [PATCH] Do not write pages to disk to free memory after an IO error occurs. (CVS 5132) FossilOrigin-Name: 10ea8287d090ae610416b4754c0838f13b51fd78 --- manifest | 15 ++--- manifest.uuid | 2 +- src/pager.c | 43 +++++++------- test/ioerr5.test | 151 +++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 182 insertions(+), 29 deletions(-) create mode 100644 test/ioerr5.test diff --git a/manifest b/manifest index 66ecdfc09e..15ea0f387e 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Version\s3.5.9\s(CVS\s5131) -D 2008-05-14T16:18:11 +C Do\snot\swrite\spages\sto\sdisk\sto\sfree\smemory\safter\san\sIO\serror\soccurs.\s(CVS\s5132) +D 2008-05-15T08:34:54 F Makefile.arm-wince-mingw32ce-gcc ac5f7b2cef0cd850d6f755ba6ee4ab961b1fadf7 F Makefile.in 79aeba12300a54903f1b1257c1e7c190234045dd F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654 @@ -121,7 +121,7 @@ F src/os_common.h e8b748b2f2ecc8a498e50bfe5d8721f189c19d2a F src/os_os2.c 0c3a5802bc4fdb7cb5f66771552b081c4e48a216 F src/os_unix.c a810e2aefdaddacf479407f76f8f4ca381d231b2 F src/os_win.c 3a60bddd07ea6f8adb2314dd5996ac97b988f403 -F src/pager.c 2607309c4848bfb8a5766d94d74157b54a44c6c0 +F src/pager.c eae53a807a85e6f68454e42a1a81754abe4216e3 F src/pager.h 4f051fd856de6fd3c19aef5f82eace54122b9173 F src/parse.y fc4bd35c6088901f7c8daead26c6fb11c87d22e7 F src/pragma.c 2e4bb2e76e48a32750529fdc4bfe86ac5f54e01b @@ -345,6 +345,7 @@ F test/ioerr.test 32cff40562447bda194ba67ad601170edbaed49b F test/ioerr2.test b9c9a0491a812707762a7c002876553be54d9969 F test/ioerr3.test d3cec5e1a11ad6d27527d0d38573fbff14c71bdd F test/ioerr4.test fc6eddfec2efc2f1ed217b9eae4c1c1d3516ce86 +F test/ioerr5.test f3295451261feae164eb1cd210d7dd33969126a9 F test/join.test af0443185378b64878750aa1cf4b83c216f246b4 F test/join2.test f2171c265e57ee298a27e57e7051d22962f9f324 F test/join3.test 6f0c774ff1ba0489e6c88a3e77b9d3528fb4fda0 @@ -634,7 +635,7 @@ F www/tclsqlite.tcl 8be95ee6dba05eabcd27a9d91331c803f2ce2130 F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0 F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b F www/whentouse.tcl fc46eae081251c3c181bd79c5faef8195d7991a5 -P e4aab150042bd22868ab02645151cb69a1c02ba0 -R c25ac8c50b83839e3cddbf23a801f9cb -U drh -Z 5d9759a5b998826f7607e53c2a3b8fed +P b6129f4cc28f6ba55d19039545555b33857ffd72 +R 78624488c85c554a6f210fb3ce986d3b +U danielk1977 +Z f06731727f080dbdbd1ab0290cb50f86 diff --git a/manifest.uuid b/manifest.uuid index b6a07d33f1..af34301087 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -b6129f4cc28f6ba55d19039545555b33857ffd72 \ No newline at end of file +10ea8287d090ae610416b4754c0838f13b51fd78 \ No newline at end of file diff --git a/src/pager.c b/src/pager.c index a8d7b4200e..106883f4a4 100644 --- a/src/pager.c +++ b/src/pager.c @@ -18,7 +18,7 @@ ** file simultaneously, or one process from reading the database while ** another is writing. ** -** @(#) $Id: pager.c,v 1.446 2008/05/13 13:27:34 drh Exp $ +** @(#) $Id: pager.c,v 1.447 2008/05/15 08:34:54 danielk1977 Exp $ */ #ifndef SQLITE_OMIT_DISKIO #include "sqliteInt.h" @@ -2870,7 +2870,6 @@ static int syncJournal(Pager *pPager){ PgHdr *pPg; int rc = SQLITE_OK; - /* Sync the journal before modifying the main database ** (assuming there is a journal and it needs to be synced.) */ @@ -3182,26 +3181,28 @@ static int pager_recycle(Pager *pPager, PgHdr **ppPg){ ** very slow operation, so we work hard to avoid it. But sometimes ** it can't be helped. */ - if( pPg==0 && pPager->lru.pFirst){ - int iDc = sqlite3OsDeviceCharacteristics(pPager->fd); - int rc = syncJournal(pPager); - if( rc!=0 ){ - return rc; - } - if( pPager->fullSync && 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){ - /* If in full-sync mode, write a new journal header into the - ** journal file. This is done to avoid ever modifying a journal - ** header that is involved in the rollback of pages that have - ** already been written to the database (in case the header is - ** trashed when the nRec field is updated). - */ - pPager->nRec = 0; - assert( pPager->journalOff > 0 ); - assert( pPager->doNotSync==0 ); - rc = writeJournalHdr(pPager); + if( pPg==0 && pPager->lru.pFirst ){ + if( !pPager->errCode ){ + int iDc = sqlite3OsDeviceCharacteristics(pPager->fd); + int rc = syncJournal(pPager); if( rc!=0 ){ return rc; } + if( pPager->fullSync && 0==(iDc&SQLITE_IOCAP_SAFE_APPEND) ){ + /* If in full-sync mode, write a new journal header into the + ** journal file. This is done to avoid ever modifying a journal + ** header that is involved in the rollback of pages that have + ** already been written to the database (in case the header is + ** trashed when the nRec field is updated). + */ + pPager->nRec = 0; + assert( pPager->journalOff > 0 ); + assert( pPager->doNotSync==0 ); + rc = writeJournalHdr(pPager); + if( rc!=0 ){ + return rc; + } + } } pPg = pPager->lru.pFirst; } @@ -3210,7 +3211,7 @@ static int pager_recycle(Pager *pPager, PgHdr **ppPg){ /* Write the page to the database file if it is dirty. */ - if( pPg->dirty ){ + if( pPg->dirty && !pPager->errCode ){ int rc; assert( pPg->needSync==0 ); makeClean(pPg); @@ -3222,7 +3223,7 @@ static int pager_recycle(Pager *pPager, PgHdr **ppPg){ return rc; } } - assert( pPg->dirty==0 ); + assert( pPg->dirty==0 || pPager->errCode ); /* If the page we are recycling is marked as alwaysRollback, then ** set the global alwaysRollback flag, thus disabling the diff --git a/test/ioerr5.test b/test/ioerr5.test new file mode 100644 index 0000000000..92d4299592 --- /dev/null +++ b/test/ioerr5.test @@ -0,0 +1,151 @@ +# 2008 May 12 +# +# The author disclaims copyright to this source code. In place of +# a legal notice, here is a blessing: +# +# May you do good and not evil. +# May you find forgiveness for yourself and forgive others. +# May you share freely, never taking more than you give. +# +#*********************************************************************** +# +# This file tests that if sqlite3_release_memory() is called to reclaim +# memory from a pager that is in the error-state, SQLite does not +# incorrectly write dirty pages out to the database (not safe to do +# once the pager is in error state). +# +# $Id: ioerr5.test,v 1.1 2008/05/15 08:34:54 danielk1977 Exp $ + +set testdir [file dirname $argv0] +source $testdir/tester.tcl + +ifcapable !memorymanage||!shared_cache { + finish_test + return +} + +db close + +set ::enable_shared_cache [sqlite3_enable_shared_cache 1] +set ::soft_limit [sqlite3_soft_heap_limit 1048576] + +# This procedure prepares, steps and finalizes an SQL statement via the +# UTF-16 APIs. The text representation of an SQLite error code is returned +# ("SQLITE_OK", "SQLITE_IOERR" etc.). The actual results returned by the +# SQL statement, if it is a SELECT, are not available. +# +# This can be useful for testing because it forces SQLite to make an extra +# call to sqlite3_malloc() when translating from the supplied UTF-16 to +# the UTF-8 encoding used internally. +# +proc dosql16 {zSql {db db}} { + set sql [encoding convertto unicode $zSql] + append sql "\00\00" + set stmt [sqlite3_prepare16 $db $sql -1 {}] + sqlite3_step $stmt + set rc [sqlite3_finalize $stmt] +} + +proc compilesql16 {zSql {db db}} { + set sql [encoding convertto unicode $zSql] + append sql "\00\00" + set stmt [sqlite3_prepare16 $db $sql -1 {}] + set rc [sqlite3_finalize $stmt] +} + +# Open two database connections (handle db and db2) to database "test.db". +# +proc opendatabases {} { + catch {db close} + catch {db2 close} + sqlite3 db test.db + sqlite3 db2 test.db + db2 cache size 0 + db cache size 0 + execsql { + pragma page_size=512; + pragma auto_vacuum=2; + pragma cache_size=16; + } +} + +# Open two database connections and create a single table in the db. +# +do_test ioerr5-1.0 { + opendatabases + execsql { CREATE TABLE A(Id INTEGER, Name TEXT) } +} {} + +foreach locking_mode {normal exclusive} { + for {set iFail 1} {$iFail<200} {incr iFail} { + sqlite3_soft_heap_limit 1048576 + opendatabases + execsql { pragma locking_mode=exclusive } + set nRow [db one {SELECT count(*) FROM a}] + + # Dirty (at least) one of the pages in the cache. + do_test ioerr5-$locking_mode-$iFail.1 { + execsql { + BEGIN EXCLUSIVE; + INSERT INTO a VALUES(1, 'ABCDEFGHIJKLMNOP'); + } + } {} + + # Now try to commit the transaction. Cause an IO error to occur + # within this operation, which moves the pager into the error state. + # + set ::sqlite_io_error_persist 1 + set ::sqlite_io_error_pending $iFail + do_test ioerr5-$locking_mode-$iFail.2 { + set rc [catchsql {COMMIT}] + list + } {} + set ::sqlite_io_error_hit 0 + set ::sqlite_io_error_persist 0 + set ::sqlite_io_error_pending 0 + + # Read the contents of the database file into a Tcl variable. + # + set fd [open test.db] + fconfigure $fd -translation binary -encoding binary + set zDatabase [read $fd] + close $fd + + # Set a very low soft-limit and then try to compile an SQL statement + # from UTF-16 text. To do this, SQLite will need to reclaim memory + # from the pager that is in error state. Including that associated + # with the dirty page. + # + do_test ioerr5-$locking_mode-$iFail.3 { + sqlite3_soft_heap_limit 1024 + compilesql16 "SELECT 10" + set bt [btree_from_db db] + array set stats [btree_pager_stats $bt] + set stats(page) + } {0} + + # Ensure that nothing was written to the database while reclaiming + # memory from the pager in error state. + # + do_test ioerr5-$locking_mode-$iFail.4 { + set fd [open test.db] + fconfigure $fd -translation binary -encoding binary + set zDatabase2 [read $fd] + close $fd + expr {$zDatabase eq $zDatabase2} + } {1} + + if {$rc eq [list 0 {}]} { + do_test ioerr5-$locking_mode-$iFail.3 { + execsql { SELECT count(*) FROM a } + } [expr $nRow+1] + break + } + } +} + +sqlite3_enable_shared_cache $::enable_shared_cache +sqlite3_soft_heap_limit $::soft_limit + +finish_test +