Enhanced documentation and minor code tweaks in preparation for hardening

the sqlite3_initialize/shutdown interfaces against initialization failures.

FossilOrigin-Name: 98c49e6135ae6268a80de88f8b0284f88ef32e1d

diff --git a/manifest b/manifest
index 39d7c1941879e259ccdab3cdf06efee73523e990..5af92176a54498039fda99725583b1dc690b8f85 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,8 @@
-C Add\sa\stest\sto\sverify\sthat\s3.6.17\sreleases\sread-locks\sobtained\sto\sread\sthe\sdatabase\sschema\seven\sif\sthe\sconnection\sis\snot\scurrently\sin\sauto-commit\smode.
-D 2009-08-17T09:29:09
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+C Enhanced\sdocumentation\sand\sminor\scode\stweaks\sin\spreparation\sfor\shardening\nthe\ssqlite3_initialize/shutdown\sinterfaces\sagainst\sinitialization\sfailures.
+D 2009-08-17T13:42:30
 F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
 F Makefile.in 0f7761c5d1c62ae7a841e3393ffaff1fa0f5c00a
 F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
@@ -117,7 +120,7 @@ F src/delete.c dcf07632d8ca3d4086df8b65ea907a47278e6382
 F src/expr.c d069ba1e060f296ea4f18fb85198fafefd00b22f
 F src/fault.c dc88c821842157460750d2d61a8a8b4197d047ff
 F src/func.c e536218d193b8d326aab91120bc4c6f28aa2b606
-F src/global.c 448419c44ce0701104c2121b0e06919b44514c0c
+F src/global.c 263dea92c89956eef9335fe2cf6af8e3fa34646b
 F src/hash.c ebcaa921ffd9d86f7ea5ae16a0a29d1c871130a7
 F src/hash.h 35b216c13343d0b4f87d9f21969ac55ad72174e1
 F src/hwtime.h 4a1d45f4cae1f402ea19686acf24acf4f0cb53cb
@@ -126,8 +129,8 @@ F src/journal.c e00df0c0da8413ab6e1bb7d7cab5665d4a9000d0
 F src/legacy.c 303b4ffcf1ae652fcf5ef635846c563c254564f6
 F src/lempar.c 0c4d1ab0a5ef2b0381eb81a732c54f68f27a574d
 F src/loadext.c 0e88a335665db0b2fb4cece3e49dcb65d832635a
-F src/main.c a474b32f050fc663fb2205577043f36e99a65ffb
-F src/malloc.c 561710bf4b84084e2d047584ab3e7c7094e22a56
+F src/main.c 6873986c416ce78e8102b5189aef1179053be4e9
+F src/malloc.c ae9fef00398ead775630cad97e228d527178eb3a
 F src/mem0.c f2f84062d1f35814d6535c9f9e33de3bfb3b132c
 F src/mem1.c e6d5c23941288df8191b8a98c28e3f57771e2270
 F src/mem2.c d02bd6a5b34f2d59012a852615621939d9c09548
@@ -139,7 +142,7 @@ F src/mutex.h 9e686e83a88838dac8b9c51271c651e833060f1e
 F src/mutex_noop.c f5a07671f25a1a9bd7c10ad7107bc2585446200f
 F src/mutex_os2.c 6b5a74f812082a8483c3df05b47bbaac2424b9a0
 F src/mutex_unix.c 2f936339dfef1a4c142db290d575a3509b77315f
-F src/mutex_w32.c cee867e12fc3c02674d8ea6ea16032a3671aff3c
+F src/mutex_w32.c a54086ca4af5356120e7e56efcdcee12602e3109
 F src/notify.c 0127121816d8a861deb0dfd111b495346bf233db
 F src/os.c 5029ae6c88d1869ad9034008a9531658d53438e4
 F src/os.h fa3f4aa0119ff721a2da4b47ffd74406ac864c05
@@ -161,7 +164,7 @@ F src/resolve.c 4a61d03e49b15440878096e6030863fc628828f0
 F src/rowset.c c64dafba1f9fd876836c8db8682966b9d197eb1f
 F src/select.c 67b0778c9585905c8aa75aaa469e76ef3c1d315a
 F src/shell.c db2643650b9268df89a4bedca3f1c6d9e786f1bb
-F src/sqlite.h.in a6850e9034df1336e8139c4d6964d7d2f0f52337
+F src/sqlite.h.in b309f8f5ecc76fc2d56a32d6563b3636901befb1
 F src/sqlite3ext.h 1db7d63ab5de4b3e6b83dd03d1a4e64fef6d2a17
 F src/sqliteInt.h 6a90791138ba3447572d184d0798c24f3cbbec98
 F src/sqliteLimit.h ffe93f5a0c4e7bd13e70cd7bf84cfb5c3465f45d
@@ -744,7 +747,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
 F tool/vdbe-compress.tcl 672f81d693a03f80f5ae60bfefacd8a349e76746
-P 0d5b058717858c9cda8ca120a3d814453a94a0e6
-R 21fd0dcb0488b2f1e8b12f7c75a25ab9
-U dan
-Z 8c3d02897968f0c8db675a4b60c055a9
+P 78dfe8321db9debfcd4a7f3daf4223d0cbf23ab9
+R 59b834c230f554631ea111aff633ae3d
+U drh
+Z 14a85d4458d8211ec1ee47b0a57f04f9
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.6 (GNU/Linux)
+
+iD8DBQFKiV5JoxKgR168RlERAhxLAJ9VpGZymsNQGLlIzDsn3KQPM4CSYgCfR70O
+KCNsn02bCPSvHz/OQJ5kVZc=
+=CGmi
+-----END PGP SIGNATURE-----

diff --git a/manifest.uuid b/manifest.uuid
index e7f37cb88ebe49d21b1ae27738f7477edc48186b..4fa49fe48ac81e22121776aa46e045ccbea2bab0 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-78dfe8321db9debfcd4a7f3daf4223d0cbf23ab9
\ No newline at end of file
+98c49e6135ae6268a80de88f8b0284f88ef32e1d
\ No newline at end of file

diff --git a/src/global.c b/src/global.c
index 003043a2073516fa2afdaa4ac3e504c83e7a0f4d..5b5524b0e44901c5d141ce2410ee1d263e6c4e3f 100644 (file)
--- a/src/global.c
+++ b/src/global.c
@@ -153,7 +153,7 @@ SQLITE_WSD struct Sqlite3Config sqlite3Config = {
    0,                         /* nPage */
    0,                         /* mxParserStack */
    0,                         /* sharedCacheEnabled */
-   /* All the rest need to always be zero */
+   /* All the rest should always be initialized to zero */
    0,                         /* isInit */
    0,                         /* inProgress */
    0,                         /* isMallocInit */

diff --git a/src/main.c b/src/main.c
index b739d0d20d52c132a6367170bccaaac1bae086d7..05473701d067150809a0cbf4576db8a39cbd5824 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -130,7 +130,8 @@ int sqlite3_initialize(void){
   if( rc==SQLITE_OK ){
     sqlite3GlobalConfig.isMallocInit = 1;
     if( !sqlite3GlobalConfig.pInitMutex ){
-      sqlite3GlobalConfig.pInitMutex = sqlite3MutexAlloc(SQLITE_MUTEX_RECURSIVE);
+      sqlite3GlobalConfig.pInitMutex =
+           sqlite3MutexAlloc(SQLITE_MUTEX_RECURSIVE);
       if( sqlite3GlobalConfig.bCoreMutex && !sqlite3GlobalConfig.pInitMutex ){
         rc = SQLITE_NOMEM;
       }

diff --git a/src/malloc.c b/src/malloc.c
index be9093de5e5bbb8a73ac7d5262efd58db188b4d7..7afe528d76cb7b940562983da34a6acee282e0a1 100644 (file)
--- a/src/malloc.c
+++ b/src/malloc.c
@@ -43,7 +43,9 @@ void sqlite3_soft_heap_limit(int n){
   }else{
     iLimit = n;
   }
+#ifndef SQLITE_OMIT_AUTOINIT
   sqlite3_initialize();
+#endif
   if( iLimit>0 ){
     sqlite3MemoryAlarm(softHeapLimitEnforcer, 0, iLimit);
   }else{

diff --git a/src/mutex_w32.c b/src/mutex_w32.c
index 402c80c61f352f14bbceb76a2b1be1ed5e81b771..0bf29a3544c2c15aa288f969178127f27810daee 100644 (file)
--- a/src/mutex_w32.c
+++ b/src/mutex_w32.c
@@ -95,7 +95,7 @@ static int winMutexInit(void){
   /* The first to increment to 1 does actual initialization */
   if( InterlockedCompareExchange(&winMutex_lock, 1, 0)==0 ){
     int i;
-    for(i=0; i<sizeof(winMutex_staticMutexes)/sizeof(winMutex_staticMutexes[0]); i++){
+    for(i=0; i<ArraySize(winMutex_staticMutexes); i++){
       InitializeCriticalSection(&winMutex_staticMutexes[i].mutex);
     }
     winMutex_isInit = 1;
@@ -114,7 +114,7 @@ static int winMutexEnd(void){
   if( InterlockedCompareExchange(&winMutex_lock, 0, 1)==1 ){
     if( winMutex_isInit==1 ){
       int i;
-      for(i=0; i<sizeof(winMutex_staticMutexes)/sizeof(winMutex_staticMutexes[0]); i++){
+      for(i=0; i<ArraySize(winMutex_staticMutexes); i++){
         DeleteCriticalSection(&winMutex_staticMutexes[i].mutex);
       }
       winMutex_isInit = 0;
@@ -178,7 +178,7 @@ static sqlite3_mutex *winMutexAlloc(int iType){
     default: {
       assert( winMutex_isInit==1 );
       assert( iType-2 >= 0 );
-      assert( iType-2 < sizeof(winMutex_staticMutexes)/sizeof(winMutex_staticMutexes[0]) );
+      assert( iType-2 < ArraySize(winMutex_staticMutexes) );
       p = &winMutex_staticMutexes[iType-2];
       p->id = iType;
       break;

diff --git a/src/sqlite.h.in b/src/sqlite.h.in
index 24c8d884e1ce6fd699f8df3f26bfac58245a4e23..4b1ad23a6e0a60de8c41b9d339dda3ee7b41f927 100644 (file)
--- a/src/sqlite.h.in
+++ b/src/sqlite.h.in
@@ -973,6 +973,15 @@ SQLITE_EXPERIMENTAL int sqlite3_db_config(sqlite3*, int op, ...);
 ** [sqlite3_shutdown()] and should deallocate any resources acquired
 ** by xInit.  The pAppData pointer is used as the only parameter to
 ** xInit and xShutdown.
+**
+** SQLite holds the [SQLITE_MUTEX_STATIC_MASTER] mutex when it invokes
+** the xInit method, so the xInit method need not be threadsafe.  The
+** xShutdown method is only called from [sqlite3_shutdown()] so it does
+** not need to be threadsafe either.  All other methods must be threadsafe
+** in multithreaded applications.
+**
+** SQLite will never invoke xInit() more than once without an intervening
+** call to xShutdown().
 */
 typedef struct sqlite3_mem_methods sqlite3_mem_methods;
 struct sqlite3_mem_methods {
@@ -4813,6 +4822,21 @@ void sqlite3_mutex_leave(sqlite3_mutex*);
 ** of passing a NULL pointer instead of a valid mutex handle are undefined
 ** (i.e. it is acceptable to provide an implementation that segfaults if
 ** it is passed a NULL pointer).
+**
+** The xMutexInit() method must be threadsafe.  It must be harmless to
+** invoke xMutexInit() mutiple times within the same process and without
+** intervening calls to xMutexEnd().  Second and subsequent calls to
+** xMutexInit() must be no-ops.
+**
+** xMutexInit() must not use SQLite memory allocation ([sqlite3_malloc()]
+** and its associates).  Similarly, xMutexAlloc() must not use SQLite memory
+** allocation for a static mutex.  However xMutexAlloc() may use SQLite
+** memory allocation for a fast or recursive mutex.
+**
+** SQLite will invoke the xMutexEnd() method when [sqlite3_shutdown()] is
+** called, but only if the prior call to xMutexInit returned SQLITE_OK.
+** If xMutexInit fails in any way, it is expected to clean up after itself
+** prior to returning.
 */
 typedef struct sqlite3_mutex_methods sqlite3_mutex_methods;
 struct sqlite3_mutex_methods {