/ Check-in [fbf9c432]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:In the fuzzcheck test program, use the progress handler to limit the number of VDBE cycles to avoid getting stuck if the SQL under test contains an infinite CTE loop. Add the --limit-vdbe command-line option.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: fbf9c4325e98120914bb03bdf351b57643f7a8c8
User & Date: drh 2015-06-24 14:45:44
Context
2015-06-24
18:22
Add "ON CONFLICT" handling to the spellfix module. check-in: 07937a81 user: drh tags: trunk
17:21
Add "ON CONFLICT" handling to the spellfix module. Closed-Leaf check-in: 1d04def7 user: dan tags: spellfix-constraints
14:45
In the fuzzcheck test program, use the progress handler to limit the number of VDBE cycles to avoid getting stuck if the SQL under test contains an infinite CTE loop. Add the --limit-vdbe command-line option. check-in: fbf9c432 user: drh tags: trunk
14:36
Fix the progress handler so that it does not fire too soon during an sqlite3_step() call other than the first. check-in: b41ef5d6 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to test/fuzzcheck.c.

   161    161   static void setAlarm(int N){
   162    162   #ifdef __unix__
   163    163     alarm(N);
   164    164   #else
   165    165     (void)N;
   166    166   #endif
   167    167   }
          168  +
          169  +/*
          170  +** This an SQL progress handler.  After an SQL statement has run for
          171  +** many steps, we want to interrupt it.  This guards against infinite
          172  +** loops from recursive common table expressions.
          173  +**
          174  +** *pVdbeLimitFlag is true if the --limit-vdbe command-line option is used.
          175  +** In that case, hitting the progress handler is a fatal error.
          176  +*/
          177  +static int progressHandler(void *pVdbeLimitFlag){
          178  +  if( *(int*)pVdbeLimitFlag ) fatalError("too many VDBE cycles");
          179  +  return 1;
          180  +}
   168    181   
   169    182   /*
   170    183   ** Reallocate memory.  Show and error and quit if unable.
   171    184   */
   172    185   static void *safe_realloc(void *pOld, int szNew){
   173    186     void *pNew = realloc(pOld, szNew);
   174    187     if( pNew==0 ) fatalError("unable to realloc for %d bytes", szNew);
................................................................................
   674    687     printf("Usage: %s [options] SOURCE-DB ?ARGS...?\n", g.zArgv0);
   675    688     printf(
   676    689   "Read databases and SQL scripts from SOURCE-DB and execute each script against\n"
   677    690   "each database, checking for crashes and memory leaks.\n"
   678    691   "Options:\n"
   679    692   "  --cell-size-check     Set the PRAGMA cell_size_check=ON\n"
   680    693   "  --dbid N              Use only the database where dbid=N\n"
   681         -"  --help                Show this help text\n"    
          694  +"  --help                Show this help text\n"
   682    695   "  -q                    Reduced output\n"
   683    696   "  --quiet               Reduced output\n"
          697  +"  --limit-vdbe          Panic if an sync SQL runs for more than 100,000 cycles\n"
   684    698   "  --load-sql ARGS...    Load SQL scripts fro files into SOURCE-DB\n"
   685    699   "  --load-db ARGS...     Load template databases from files into SOURCE_DB\n"
   686    700   "  -m TEXT               Add a description to the database\n"
   687    701   "  --native-vfs          Use the native VFS for initially empty database files\n"
   688    702   "  --rebuild             Rebuild and vacuum the database file\n"
   689    703   "  --result-trace        Show the results of each SQL command\n"
   690    704   "  --sqlid N             Use only SQL where sqlid=N\n"
................................................................................
   705    719     Blob *pSql;                  /* For looping over SQL scripts */
   706    720     Blob *pDb;                   /* For looping over template databases */
   707    721     int i;                       /* Loop index for the argv[] loop */
   708    722     int onlySqlid = -1;          /* --sqlid */
   709    723     int onlyDbid = -1;           /* --dbid */
   710    724     int nativeFlag = 0;          /* --native-vfs */
   711    725     int rebuildFlag = 0;         /* --rebuild */
          726  +  int vdbeLimitFlag = 0;       /* --limit-vdbe */
   712    727     int timeoutTest = 0;         /* undocumented --timeout-test flag */
   713    728     int runFlags = 0;            /* Flags sent to runSql() */
   714    729     char *zMsg = 0;              /* Add this message */
   715    730     int nSrcDb = 0;              /* Number of source databases */
   716    731     char **azSrcDb = 0;          /* Array of source database names */
   717    732     int iSrcDb;                  /* Loop over all source databases */
   718    733     int nTest = 0;               /* Total number of tests performed */
   719    734     char *zDbName = "";          /* Appreviated name of a source database */
   720    735     const char *zFailCode = 0;   /* Value of the TEST_FAILURE environment variable */
   721    736     int cellSzCkFlag = 0;        /* --cell-size-check */
          737  +  int sqlFuzz = 0;             /* True for SQL fuzz testing. False for DB fuzz */
   722    738   
   723    739     iBegin = timeOfDay();
   724    740   #ifdef __unix__
   725    741     signal(SIGALRM, timeoutHandler);
   726    742   #endif
   727    743     g.zArgv0 = argv[0];
   728    744     zFailCode = getenv("TEST_FAILURE");
................................................................................
   737    753         if( strcmp(z,"dbid")==0 ){
   738    754           if( i>=argc-1 ) fatalError("missing arguments on %s", argv[i]);
   739    755           onlyDbid = atoi(argv[++i]);
   740    756         }else
   741    757         if( strcmp(z,"help")==0 ){
   742    758           showHelp();
   743    759           return 0;
          760  +      }else
          761  +      if( strcmp(z,"limit-vdbe")==0 ){
          762  +        vdbeLimitFlag = 1;
   744    763         }else
   745    764         if( strcmp(z,"load-sql")==0 ){
   746    765           zInsSql = "INSERT INTO xsql(sqltext) VALUES(CAST(readfile(?1) AS text))";
   747    766           iFirstInsArg = i+1;
   748    767           break;
   749    768         }else
   750    769         if( strcmp(z,"load-db")==0 ){
................................................................................
   863    882                          &g.nDb, &g.pFirstDb);
   864    883       if( g.nDb==0 ){
   865    884         g.pFirstDb = safe_realloc(0, sizeof(Blob));
   866    885         memset(g.pFirstDb, 0, sizeof(Blob));
   867    886         g.pFirstDb->id = 1;
   868    887         g.pFirstDb->seq = 0;
   869    888         g.nDb = 1;
          889  +      sqlFuzz = 1;
   870    890       }
   871    891     
   872    892       /* Print the description, if there is one */
   873    893       if( !quietFlag ){
   874    894         int i;
   875    895         zDbName = azSrcDb[iSrcDb];
   876    896         i = strlen(zDbName) - 1;
................................................................................
   934    954             openFlags |= SQLITE_OPEN_MEMORY;
   935    955             zVfs = 0;
   936    956           }
   937    957           rc = sqlite3_open_v2("main.db", &db, openFlags, zVfs);
   938    958           if( rc ) fatalError("cannot open inmem database");
   939    959           if( cellSzCkFlag ) runSql(db, "PRAGMA cell_size_check=ON", runFlags);
   940    960           setAlarm(10);
          961  +        if( sqlFuzz || vdbeLimitFlag ){
          962  +          sqlite3_progress_handler(db, 100000, progressHandler, &vdbeLimitFlag);
          963  +        }
   941    964           do{
   942    965             runSql(db, (char*)pSql->a, runFlags);
   943    966           }while( timeoutTest );
   944    967           setAlarm(0);
   945    968           sqlite3_close(db);
   946    969           if( sqlite3_memory_used()>0 ) fatalError("memory leak");
   947    970           reformatVfs();