Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fixes for failures in fuzz_malloc.test. (CVS 4334) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
d3e502263808c1fe0487fda02f16adcb |
| User & Date: | danielk1977 2007-08-30 11:48:32 |
Context
|
2007-08-30
| ||
| 14:10 | Bug fixes in the mutex header file. Tickets #2599 and #2600. (CVS 4335) check-in: 4bdfe141 user: drh tags: trunk | |
| 11:48 | Fixes for failures in fuzz_malloc.test. (CVS 4334) check-in: d3e50226 user: danielk1977 tags: trunk | |
| 10:49 | Fix some problems in async2.test. No code changes. (CVS 4333) check-in: d80d87c2 user: danielk1977 tags: trunk | |
Changes
Changes to src/printf.c.
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
...
777
778
779
780
781
782
783
784
785
786
787
788
789
790
|
struct sgMprintf {
char *zBase; /* A base allocation */
char *zText; /* The string collected so far */
int nChar; /* Length of the string so far */
int nTotal; /* Output size if unconstrained */
int nAlloc; /* Amount of space allocated in zText */
void *(*xRealloc)(void*,int); /* Function used to realloc memory */
};
/*
** This function implements the callback from vxprintf.
**
** This routine add nNewChar characters of text in zNewText to
** the sgMprintf structure pointed to by "arg".
*/
static void mout(void *arg, const char *zNewText, int nNewChar){
struct sgMprintf *pM = (struct sgMprintf*)arg;
pM->nTotal += nNewChar;
if( pM->zText ){
if( pM->nChar + nNewChar + 1 > pM->nAlloc ){
if( pM->xRealloc==0 ){
nNewChar = pM->nAlloc - pM->nChar - 1;
}else{
int nAlloc = pM->nChar + nNewChar*2 + 1;
if( pM->zText==pM->zBase ){
pM->zText = pM->xRealloc(0, nAlloc);
if( pM->zText==0 ){
return;
}else if( pM->nChar ){
memcpy(pM->zText, pM->zBase, pM->nChar);
}
}else{
char *zNew;
zNew = pM->xRealloc(pM->zText, nAlloc);
if( zNew ){
pM->zText = zNew;
}else{
pM->xRealloc(pM->zText, 0);
pM->zText = 0;
return;
}
}
pM->nAlloc = nAlloc;
}
}
if( nNewChar>0 ){
................................................................................
va_list ap /* arguments */
){
struct sgMprintf sM;
sM.zBase = sM.zText = zInitBuf;
sM.nChar = sM.nTotal = 0;
sM.nAlloc = nInitBuf;
sM.xRealloc = xRealloc;
vxprintf(mout, &sM, useInternal, zFormat, ap);
if( xRealloc ){
if( sM.zText==sM.zBase ){
sM.zText = xRealloc(0, sM.nChar+1);
if( sM.zText ){
memcpy(sM.zText, sM.zBase, sM.nChar+1);
}
|
>
>
>
>
>
>
>
|
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
...
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
|
struct sgMprintf {
char *zBase; /* A base allocation */
char *zText; /* The string collected so far */
int nChar; /* Length of the string so far */
int nTotal; /* Output size if unconstrained */
int nAlloc; /* Amount of space allocated in zText */
void *(*xRealloc)(void*,int); /* Function used to realloc memory */
int iMallocFailed; /* True if xRealloc() has failed */
};
/*
** This function implements the callback from vxprintf.
**
** This routine add nNewChar characters of text in zNewText to
** the sgMprintf structure pointed to by "arg".
*/
static void mout(void *arg, const char *zNewText, int nNewChar){
struct sgMprintf *pM = (struct sgMprintf*)arg;
if( pM->iMallocFailed ) return;
pM->nTotal += nNewChar;
if( pM->zText ){
if( pM->nChar + nNewChar + 1 > pM->nAlloc ){
if( pM->xRealloc==0 ){
nNewChar = pM->nAlloc - pM->nChar - 1;
}else{
int nAlloc = pM->nChar + nNewChar*2 + 1;
if( pM->zText==pM->zBase ){
pM->zText = pM->xRealloc(0, nAlloc);
if( pM->zText==0 ){
pM->nAlloc = 0;
pM->iMallocFailed = 0;
return;
}else if( pM->nChar ){
memcpy(pM->zText, pM->zBase, pM->nChar);
}
}else{
char *zNew;
zNew = pM->xRealloc(pM->zText, nAlloc);
if( zNew ){
pM->zText = zNew;
}else{
pM->iMallocFailed = 0;
pM->xRealloc(pM->zText, 0);
pM->zText = 0;
pM->nAlloc = 0;
return;
}
}
pM->nAlloc = nAlloc;
}
}
if( nNewChar>0 ){
................................................................................
va_list ap /* arguments */
){
struct sgMprintf sM;
sM.zBase = sM.zText = zInitBuf;
sM.nChar = sM.nTotal = 0;
sM.nAlloc = nInitBuf;
sM.xRealloc = xRealloc;
sM.iMallocFailed = 0;
vxprintf(mout, &sM, useInternal, zFormat, ap);
if( xRealloc ){
if( sM.zText==sM.zBase ){
sM.zText = xRealloc(0, sM.nChar+1);
if( sM.zText ){
memcpy(sM.zText, sM.zBase, sM.nChar+1);
}
|
Changes to src/select.c.
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
....
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.357 2007/08/29 12:31:27 danielk1977 Exp $ */ #include "sqliteInt.h" /* ** Delete all the content of a Select structure but do not deallocate ** the select structure itself. ................................................................................ }else if( p->span.z && p->span.z[0] ){ /* Use the original text of the column expression as its name */ zName = sqlite3MPrintf(db, "%T", &p->span); }else{ /* If all else fails, make up a name */ zName = sqlite3MPrintf(db, "column%d", i+1); } sqlite3Dequote(zName); if( db->mallocFailed ){ sqlite3_free(zName); sqlite3DeleteTable(pTab); return 0; } /* Make sure the column name is unique. If the name is not unique, ** append a integer to the name so that it becomes unique. */ nName = strlen(zName); for(j=cnt=0; j<i; j++){ if( sqlite3StrICmp(aCol[j].zName, zName)==0 ){ |
|
|
|
>
|
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
....
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.358 2007/08/30 11:48:32 danielk1977 Exp $ */ #include "sqliteInt.h" /* ** Delete all the content of a Select structure but do not deallocate ** the select structure itself. ................................................................................ }else if( p->span.z && p->span.z[0] ){ /* Use the original text of the column expression as its name */ zName = sqlite3MPrintf(db, "%T", &p->span); }else{ /* If all else fails, make up a name */ zName = sqlite3MPrintf(db, "column%d", i+1); } if( !zName || db->mallocFailed ){ db->mallocFailed = 1; sqlite3_free(zName); sqlite3DeleteTable(pTab); return 0; } sqlite3Dequote(zName); /* Make sure the column name is unique. If the name is not unique, ** append a integer to the name so that it becomes unique. */ nName = strlen(zName); for(j=cnt=0; j<i; j++){ if( sqlite3StrICmp(aCol[j].zName, zName)==0 ){ |
Changes to src/vdbe.c.
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
....
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
|
** ** Various scripts scan this source file in order to generate HTML ** documentation, headers files, or other derived files. The formatting ** of the code in this file is, therefore, important. See other comments ** in this file for details. If in doubt, do not deviate from existing ** commenting and indentation practices when changing or adding code. ** ** $Id: vdbe.c,v 1.648 2007/08/30 01:19:59 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> #include <math.h> #include "vdbeInt.h" /* ................................................................................ int i = pOp->p1; int alreadyExists = 0; Cursor *pC; assert( pTos>=p->aStack ); assert( i>=0 && i<p->nCursor ); assert( p->apCsr[i]!=0 ); if( (pC = p->apCsr[i])->pCursor!=0 ){ int res, rx; assert( pC->isTable==0 ); assert( pTos->flags & MEM_Blob ); Stringify(pTos, encoding); rx = sqlite3BtreeMoveto(pC->pCursor, pTos->z, pTos->n, 0, &res); alreadyExists = rx==SQLITE_OK && res==0; pC->deferredMoveto = 0; pC->cacheStatus = CACHE_STALE; } if( pOp->opcode==OP_Found ){ if( alreadyExists ) pc = pOp->p2 - 1; }else{ if( !alreadyExists ) pc = pOp->p2 - 1; |
|
|
|
>
>
>
|
|
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
....
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
|
** ** Various scripts scan this source file in order to generate HTML ** documentation, headers files, or other derived files. The formatting ** of the code in this file is, therefore, important. See other comments ** in this file for details. If in doubt, do not deviate from existing ** commenting and indentation practices when changing or adding code. ** ** $Id: vdbe.c,v 1.649 2007/08/30 11:48:32 danielk1977 Exp $ */ #include "sqliteInt.h" #include <ctype.h> #include <math.h> #include "vdbeInt.h" /* ................................................................................ int i = pOp->p1; int alreadyExists = 0; Cursor *pC; assert( pTos>=p->aStack ); assert( i>=0 && i<p->nCursor ); assert( p->apCsr[i]!=0 ); if( (pC = p->apCsr[i])->pCursor!=0 ){ int res; assert( pC->isTable==0 ); assert( pTos->flags & MEM_Blob ); Stringify(pTos, encoding); rc = sqlite3BtreeMoveto(pC->pCursor, pTos->z, pTos->n, 0, &res); if( rc!=SQLITE_OK ){ break; } alreadyExists = (res==0); pC->deferredMoveto = 0; pC->cacheStatus = CACHE_STALE; } if( pOp->opcode==OP_Found ){ if( alreadyExists ) pc = pOp->p2 - 1; }else{ if( !alreadyExists ) pc = pOp->p2 - 1; |
Changes to test/fuzz_malloc.test.
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .. 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 .. 81 82 83 84 85 86 87 88 89 |
# May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # # This file tests malloc failures in concert with fuzzy SQL generation. # # $Id: fuzz_malloc.test,v 1.7 2007/08/29 19:15:09 drh Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl source $testdir/malloc_common.tcl source $testdir/fuzz_common.tcl ................................................................................ # -repeats # proc do_fuzzy_malloc_test {testname args} { set ::fuzzyopts(-repeats) $::REPEATS set ::fuzzyopts(-sqlprep) {} array set ::fuzzyopts $args sqlite3_memdebug_fail -1 -repeat 0 db close file delete test.db test.db-journal sqlite3 db test.db set ::prep $::fuzzyopts(-sqlprep) execsql $::prep set jj 0 for {set ii 0} {$ii < $::fuzzyopts(-repeats)} {incr ii} { ................................................................................ set ::TableList [list abc def ghi] set ::ColumnList [list a b c] do_fuzzy_malloc_test fuzzy_malloc-3 \ -template {[Select]} \ -sqlprep $::SQLPREP sqlite3_memdebug_fail -1 finish_test |
| | < |
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .. 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 .. 81 82 83 84 85 86 87 88 |
# May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # # This file tests malloc failures in concert with fuzzy SQL generation. # # $Id: fuzz_malloc.test,v 1.8 2007/08/30 11:48:32 danielk1977 Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl source $testdir/malloc_common.tcl source $testdir/fuzz_common.tcl ................................................................................ # -repeats # proc do_fuzzy_malloc_test {testname args} { set ::fuzzyopts(-repeats) $::REPEATS set ::fuzzyopts(-sqlprep) {} array set ::fuzzyopts $args sqlite3_memdebug_fail -1 db close file delete test.db test.db-journal sqlite3 db test.db set ::prep $::fuzzyopts(-sqlprep) execsql $::prep set jj 0 for {set ii 0} {$ii < $::fuzzyopts(-repeats)} {incr ii} { ................................................................................ set ::TableList [list abc def ghi] set ::ColumnList [list a b c] do_fuzzy_malloc_test fuzzy_malloc-3 \ -template {[Select]} \ -sqlprep $::SQLPREP finish_test |
Changes to test/incrblob_err.test.
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
..
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
# # May you do good and not evil. # May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # # $Id: incrblob_err.test,v 1.6 2007/08/29 12:31:29 danielk1977 Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl ifcapable {!incrblob || !memdebug} { finish_test return } # Only run these tests if memory debugging is turned on. # if {[info command sqlite3_memdebug_fail]==""} { puts "Skipping incrblob_err tests: not compiled with -DSQLITE_MEMDEBUG..." finish_test return } source $testdir/malloc_common.tcl set ::fd [open [info script]] set ::data [read $::fd] close $::fd do_malloc_test 1 -tclprep { ................................................................................ error "Bad data read..." } set rc [catch {close $::blob}] if {$rc} { error "out of memory" } } sqlite3_memdebug_fail -1 do_ioerr_test incrblob_err-4 -cksum 1 -sqlprep { CREATE TABLE blobs(k, v BLOB); INSERT INTO blobs VALUES(1, $::data); } -tclbody { set ::blob [db incrblob blobs v 1] read $::blob |
|
<
<
<
<
<
<
<
<
<
|
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
..
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
# # May you do good and not evil. # May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # # $Id: incrblob_err.test,v 1.7 2007/08/30 11:48:32 danielk1977 Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl ifcapable {!incrblob || !memdebug} { finish_test return } source $testdir/malloc_common.tcl set ::fd [open [info script]] set ::data [read $::fd] close $::fd do_malloc_test 1 -tclprep { ................................................................................ error "Bad data read..." } set rc [catch {close $::blob}] if {$rc} { error "out of memory" } } do_ioerr_test incrblob_err-4 -cksum 1 -sqlprep { CREATE TABLE blobs(k, v BLOB); INSERT INTO blobs VALUES(1, $::data); } -tclbody { set ::blob [db incrblob blobs v 1] read $::blob |
Changes to test/malloc4.test.
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
..
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
# May you share freely, never taking more than you give. # #*********************************************************************** # # This file contains tests to ensure that the library handles malloc() failures # correctly. The emphasis in this file is on sqlite3_column_XXX() APIs. # # $Id: malloc4.test,v 1.6 2007/08/29 12:31:29 danielk1977 Exp $ #--------------------------------------------------------------------------- # NOTES ON EXPECTED BEHAVIOUR # # [193] When a memory allocation failure occurs during sqlite3_column_name(), # sqlite3_column_name16(), sqlite3_column_decltype(), or # sqlite3_column_decltype16() the function shall return NULL. ................................................................................ set mf1 [expr [sqlite3_memdebug_pending] < 0] set ::name8 [sqlite3_column_name $::STMT 0] set mf2 [expr [sqlite3_memdebug_pending] < 0] expr {$mf1 == $mf2 || $::name8 == ""} } {1} do_test ${testid}.2.2 { set mf1 [expr [sqlite3_memdebug_pending] < 0] btree_breakpoint set ::name16 [sqlite3_column_name16 $::STMT 0] set ::name16 [encoding convertfrom unicode $::name16] set ::name16 [string range $::name16 0 end-1] set mf2 [expr [sqlite3_memdebug_pending] < 0] puts [list $mf1 $mf2 $::name16] expr {$mf1 == $mf2 || $::name16 == ""} } {1} do_test ${testid}.2.3 { set mf1 [expr [sqlite3_memdebug_pending] < 0] set ::name8_2 [sqlite3_column_name $::STMT 0] set mf2 [expr [sqlite3_memdebug_pending] < 0] expr {$mf1 == $mf2 || $::name8_2 == ""} |
|
<
<
|
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
..
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
# May you share freely, never taking more than you give. # #*********************************************************************** # # This file contains tests to ensure that the library handles malloc() failures # correctly. The emphasis in this file is on sqlite3_column_XXX() APIs. # # $Id: malloc4.test,v 1.7 2007/08/30 11:48:32 danielk1977 Exp $ #--------------------------------------------------------------------------- # NOTES ON EXPECTED BEHAVIOUR # # [193] When a memory allocation failure occurs during sqlite3_column_name(), # sqlite3_column_name16(), sqlite3_column_decltype(), or # sqlite3_column_decltype16() the function shall return NULL. ................................................................................ set mf1 [expr [sqlite3_memdebug_pending] < 0] set ::name8 [sqlite3_column_name $::STMT 0] set mf2 [expr [sqlite3_memdebug_pending] < 0] expr {$mf1 == $mf2 || $::name8 == ""} } {1} do_test ${testid}.2.2 { set mf1 [expr [sqlite3_memdebug_pending] < 0] set ::name16 [sqlite3_column_name16 $::STMT 0] set ::name16 [encoding convertfrom unicode $::name16] set ::name16 [string range $::name16 0 end-1] set mf2 [expr [sqlite3_memdebug_pending] < 0] expr {$mf1 == $mf2 || $::name16 == ""} } {1} do_test ${testid}.2.3 { set mf1 [expr [sqlite3_memdebug_pending] < 0] set ::name8_2 [sqlite3_column_name $::STMT 0] set mf2 [expr [sqlite3_memdebug_pending] < 0] expr {$mf1 == $mf2 || $::name8_2 == ""} |
Changes to test/malloc_common.tcl.
125 126 127 128 129 130 131 132 |
if {[info exists ::mallocopts(-cleanup)]} {
catch [list uplevel #0 $::mallocopts(-cleanup)] msg
}
}
}
unset ::mallocopts
}
|
> |
125 126 127 128 129 130 131 132 133 |
if {[info exists ::mallocopts(-cleanup)]} {
catch [list uplevel #0 $::mallocopts(-cleanup)] msg
}
}
}
unset ::mallocopts
sqlite3_memdebug_fail -1
}
|