/ Check-in [6f2d43ec]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix the ossfuzz.c test module so that it does not segfault after a "PRAGMA empty_result_callbacks=1;". Add the ossshell.c program for simple command-line testing of ossfuzz.c.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 6f2d43eca68175ed28abae3afa792095af906af2
User & Date: drh 2016-11-14 17:25:57
Context
2016-11-14
18:27
Enhance fuzzcheck.c to accept database-specific configuration parameters in the option CONFIG table. Add the fuzzdata5.db fuzz database containing test cases from OSS-FUZZ. check-in: a71fad45 user: drh tags: trunk
17:25
Fix the ossfuzz.c test module so that it does not segfault after a "PRAGMA empty_result_callbacks=1;". Add the ossshell.c program for simple command-line testing of ossfuzz.c. check-in: 6f2d43ec user: drh tags: trunk
15:28
Avoid unnecessary calls to sqlite3ExprCacheAffinityChange() when generating OP_MakeRecord opcodes that do not change any register affinities. check-in: e211c579 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Show Whitespace Changes Patch

Changes to main.mk.

   511    511   	  $(FUZZERSHELL_OPT) $(TOP)/tool/fuzzershell.c sqlite3.c \
   512    512   	  $(TLIBS) $(THREADLIB)
   513    513   
   514    514   fuzzcheck$(EXE):	$(TOP)/test/fuzzcheck.c sqlite3.c sqlite3.h $(TOP)/test/ossfuzz.c
   515    515   	$(TCCX) -o fuzzcheck$(EXE) -DSQLITE_THREADSAFE=0 -DSQLITE_OMIT_LOAD_EXTENSION \
   516    516   		-DSQLITE_ENABLE_MEMSYS5 $(FUZZCHECK_OPT) -DSQLITE_OSS_FUZZ \
   517    517   		$(TOP)/test/fuzzcheck.c $(TOP)/test/ossfuzz.c sqlite3.c $(TLIBS) $(THREADLIB)
          518  +
          519  +ossshell$(EXE):	$(TOP)/test/ossfuzz.c $(TOP)/test/ossshell.c sqlite3.c sqlite3.h
          520  +	$(TCCX) -o ossshell$(EXE) -DSQLITE_THREADSAFE=0 -DSQLITE_OMIT_LOAD_EXTENSION \
          521  +		-DSQLITE_ENABLE_MEMSYS5 $(FUZZCHECK_OPT) \
          522  +		$(TOP)/test/ossfuzz.c $(TOP)/test/ossshell.c sqlite3.c $(TLIBS) $(THREADLIB)
   518    523   
   519    524   mptester$(EXE):	sqlite3.c $(TOP)/mptest/mptest.c
   520    525   	$(TCCX) -o $@ -I. $(TOP)/mptest/mptest.c sqlite3.c \
   521    526   		$(TLIBS) $(THREADLIB)
   522    527   
   523    528   MPTEST1=./mptester$(EXE) mptest1.db $(TOP)/mptest/crash01.test --repeat 20
   524    529   MPTEST2=./mptester$(EXE) mptest2.db $(TOP)/mptest/multiwrite01.test --repeat 20

Changes to test/ossfuzz.c.

    14     14   }
    15     15   
    16     16   /*
    17     17   ** Callback for sqlite3_exec().
    18     18   */
    19     19   static int exec_handler(void *pCnt, int argc, char **argv, char **namev){
    20     20     int i;
           21  +  if( argv ){
    21     22     for(i=0; i<argc; i++) sqlite3_free(sqlite3_mprintf("%s", argv[i]));
           23  +  }
    22     24     return ((*(int*)pCnt)--)<=0;
    23     25   }
    24     26   
    25     27   /*
    26     28   ** Main entry point.  The fuzzer invokes this function with each
    27     29   ** fuzzed input.
    28     30   */

Added test/ossshell.c.

            1  +/*
            2  +** This is a test interface for the ossfuzz.c module.  The ossfuzz.c module
            3  +** is an adaptor for OSS-FUZZ.  (https://github.com/google/oss-fuzz)
            4  +**
            5  +** This program links against ossfuzz.c.  It reads files named on the
            6  +** command line and passes them one by one into ossfuzz.c.
            7  +*/
            8  +#include <stddef.h>
            9  +#include <stdint.h>
           10  +#include <stdio.h>
           11  +#include <stdlib.h>
           12  +#include "sqlite3.h"
           13  +
           14  +/*
           15  +** The entry point in ossfuzz.c that this routine will be calling
           16  +*/
           17  +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size);
           18  +
           19  +
           20  +/*
           21  +** Read files named on the command-line and invoke the fuzzer for
           22  +** each one.
           23  +*/
           24  +int main(int argc, char **argv){
           25  +  FILE *in;
           26  +  int i;
           27  +  int nErr = 0;
           28  +  uint8_t *zBuf = 0;
           29  +  size_t sz;
           30  +
           31  +  for(i=1; i<argc; i++){
           32  +    const char *zFilename = argv[i];
           33  +    in = fopen(zFilename, "rb");
           34  +    if( in==0 ){
           35  +      fprintf(stderr, "cannot open \"%s\"\n", zFilename);
           36  +      nErr++;
           37  +      continue;
           38  +    }
           39  +    fseek(in, 0, SEEK_END);
           40  +    sz = ftell(in);
           41  +    rewind(in);
           42  +    zBuf = realloc(zBuf, sz);
           43  +    if( zBuf==0 ){
           44  +      fprintf(stderr, "cannot malloc() for %d bytes\n", (int)sz);
           45  +      exit(1);
           46  +    }
           47  +    if( fread(zBuf, sz, 1, in)!=1 ){
           48  +      fprintf(stderr, "cannot read %d bytes from \"%s\"\n",
           49  +                       (int)sz, zFilename);
           50  +      nErr++;
           51  +    }else{
           52  +      printf("%s... ", zFilename);
           53  +      fflush(stdout);
           54  +      (void)LLVMFuzzerTestOneInput(zBuf, sz);
           55  +      printf("ok\n");
           56  +    }
           57  +    fclose(in);
           58  +  }
           59  +  free(zBuf);
           60  +  return nErr;
           61  +}

Changes to tool/fuzzershell.c.

   191    191   /*
   192    192   ** This callback is invoked by sqlite3_exec() to return query results.
   193    193   */
   194    194   static int execCallback(void *NotUsed, int argc, char **argv, char **colv){
   195    195     int i;
   196    196     static unsigned cnt = 0;
   197    197     printf("ROW #%u:\n", ++cnt);
          198  +  if( argv ){
   198    199     for(i=0; i<argc; i++){
   199    200       printf(" %s=", colv[i]);
   200    201       if( argv[i] ){
   201    202         printf("[%s]\n", argv[i]);
   202    203       }else{
   203    204         printf("NULL\n");
   204    205       }
   205    206     }
          207  +  }
   206    208     fflush(stdout);
   207    209     return 0;
   208    210   }
   209    211   static int execNoop(void *NotUsed, int argc, char **argv, char **colv){
   210    212     return 0;
   211    213   }
   212    214