From: drh <drh@noemail.net>
Date: Wed, 24 Jun 2015 14:45:44 +0000 (+0000)
Subject: In the fuzzcheck test program, use the progress handler to limit the number
X-Git-Tag: version-3.8.11~132
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d83e2831b73f907fbadbfe1f33895411ab2fe695;p=thirdparty%2Fsqlite.git

In the fuzzcheck test program, use the progress handler to limit the number
of VDBE cycles to avoid getting stuck if the SQL under test contains an
infinite CTE loop.  Add the --limit-vdbe command-line option.

FossilOrigin-Name: fbf9c4325e98120914bb03bdf351b57643f7a8c8
---

diff --git a/manifest b/manifest
index cdb645adbe..ddf5ffe11c 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sthe\sprogress\shandler\sso\sthat\sit\sdoes\snot\sfire\stoo\ssoon\sduring\san\nsqlite3_step()\scall\sother\sthan\sthe\sfirst.
-D 2015-06-24T14:36:27.096
+C In\sthe\sfuzzcheck\stest\sprogram,\suse\sthe\sprogress\shandler\sto\slimit\sthe\snumber\nof\sVDBE\scycles\sto\savoid\sgetting\sstuck\sif\sthe\sSQL\sunder\stest\scontains\san\ninfinite\sCTE\sloop.\s\sAdd\sthe\s--limit-vdbe\scommand-line\soption.
+D 2015-06-24T14:45:44.257
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in 1063c58075b7400d93326b0eb332b48a54f53025
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -657,7 +657,7 @@ F test/fuzz2.test 76dc35b32b6d6f965259508508abce75a6c4d7e1
 F test/fuzz3.test efd384b896c647b61a2c1848ba70d42aad60a7b3
 F test/fuzz_common.tcl a87dfbb88c2a6b08a38e9a070dabd129e617b45b
 F test/fuzz_malloc.test 328f70aaca63adf29b4c6f06505ed0cf57ca7c26
-F test/fuzzcheck.c 4aa40bb9c64d25d0a196241ffe5bd99c8cc7a7fc
+F test/fuzzcheck.c 15f1293200aefcba30ff7720f5e3c28ef459c61c
 F test/fuzzdata1.db 7ee3227bad0e7ccdeb08a9e6822916777073c664
 F test/fuzzdata2.db f03a420d3b822cc82e4f894ca957618fbe9c4973
 F test/fuzzdata3.db b83d0c20ae64113432c03d40c06ba473a4cb696b
@@ -1286,7 +1286,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh 48bd54594752d5be3337f12c72f28d2080cb630b
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 3b6fa95eebfa01703d9ef4f530674d17e965c512
-R 75422d8b90b14dff8d84366180ceffcf
+P b41ef5d6db107cac2b1b46a955e63414434ee976
+R 906785d44a97778169ea8177629aec9d
 U drh
-Z 09df4b10f79c6f8714af963c14357e4d
+Z 5a5062bd8b43ef3a45689ba975547888
diff --git a/manifest.uuid b/manifest.uuid
index c238e9fd58..a33822f17d 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-b41ef5d6db107cac2b1b46a955e63414434ee976
\ No newline at end of file
+fbf9c4325e98120914bb03bdf351b57643f7a8c8
\ No newline at end of file
diff --git a/test/fuzzcheck.c b/test/fuzzcheck.c
index 4c63e4d701..8de5c9991d 100644
--- a/test/fuzzcheck.c
+++ b/test/fuzzcheck.c
@@ -166,6 +166,19 @@ static void setAlarm(int N){
 #endif
 }
 
+/*
+** This an SQL progress handler.  After an SQL statement has run for
+** many steps, we want to interrupt it.  This guards against infinite
+** loops from recursive common table expressions.
+**
+** *pVdbeLimitFlag is true if the --limit-vdbe command-line option is used.
+** In that case, hitting the progress handler is a fatal error.
+*/
+static int progressHandler(void *pVdbeLimitFlag){
+  if( *(int*)pVdbeLimitFlag ) fatalError("too many VDBE cycles");
+  return 1;
+}
+
 /*
 ** Reallocate memory.  Show and error and quit if unable.
 */
@@ -678,9 +691,10 @@ static void showHelp(void){
 "Options:\n"
 "  --cell-size-check     Set the PRAGMA cell_size_check=ON\n"
 "  --dbid N              Use only the database where dbid=N\n"
-"  --help                Show this help text\n"    
+"  --help                Show this help text\n"
 "  -q                    Reduced output\n"
 "  --quiet               Reduced output\n"
+"  --limit-vdbe          Panic if an sync SQL runs for more than 100,000 cycles\n"
 "  --load-sql ARGS...    Load SQL scripts fro files into SOURCE-DB\n"
 "  --load-db ARGS...     Load template databases from files into SOURCE_DB\n"
 "  -m TEXT               Add a description to the database\n"
@@ -709,6 +723,7 @@ int main(int argc, char **argv){
   int onlyDbid = -1;           /* --dbid */
   int nativeFlag = 0;          /* --native-vfs */
   int rebuildFlag = 0;         /* --rebuild */
+  int vdbeLimitFlag = 0;       /* --limit-vdbe */
   int timeoutTest = 0;         /* undocumented --timeout-test flag */
   int runFlags = 0;            /* Flags sent to runSql() */
   char *zMsg = 0;              /* Add this message */
@@ -719,6 +734,7 @@ int main(int argc, char **argv){
   char *zDbName = "";          /* Appreviated name of a source database */
   const char *zFailCode = 0;   /* Value of the TEST_FAILURE environment variable */
   int cellSzCkFlag = 0;        /* --cell-size-check */
+  int sqlFuzz = 0;             /* True for SQL fuzz testing. False for DB fuzz */
 
   iBegin = timeOfDay();
 #ifdef __unix__
@@ -742,6 +758,9 @@ int main(int argc, char **argv){
         showHelp();
         return 0;
       }else
+      if( strcmp(z,"limit-vdbe")==0 ){
+        vdbeLimitFlag = 1;
+      }else
       if( strcmp(z,"load-sql")==0 ){
         zInsSql = "INSERT INTO xsql(sqltext) VALUES(CAST(readfile(?1) AS text))";
         iFirstInsArg = i+1;
@@ -867,6 +886,7 @@ int main(int argc, char **argv){
       g.pFirstDb->id = 1;
       g.pFirstDb->seq = 0;
       g.nDb = 1;
+      sqlFuzz = 1;
     }
   
     /* Print the description, if there is one */
@@ -938,6 +958,9 @@ int main(int argc, char **argv){
         if( rc ) fatalError("cannot open inmem database");
         if( cellSzCkFlag ) runSql(db, "PRAGMA cell_size_check=ON", runFlags);
         setAlarm(10);
+        if( sqlFuzz || vdbeLimitFlag ){
+          sqlite3_progress_handler(db, 100000, progressHandler, &vdbeLimitFlag);
+        }
         do{
           runSql(db, (char*)pSql->a, runFlags);
         }while( timeoutTest );