drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 1 | /* |
| 2 | ** 2015-05-25 |
| 3 | ** |
| 4 | ** The author disclaims copyright to this source code. In place of |
| 5 | ** a legal notice, here is a blessing: |
| 6 | ** |
| 7 | ** May you do good and not evil. |
| 8 | ** May you find forgiveness for yourself and forgive others. |
| 9 | ** May you share freely, never taking more than you give. |
| 10 | ** |
| 11 | ************************************************************************* |
| 12 | ** |
| 13 | ** This is a utility program designed to aid running regressions tests |
| 14 | ** on SQLite library using data from an external fuzzer, such as American |
| 15 | ** Fuzzy Lop (AFL) (http://lcamtuf.coredump.cx/afl/). |
| 16 | ** |
| 17 | ** This program reads content from an SQLite database file with the following |
| 18 | ** schema: |
| 19 | ** |
| 20 | ** CREATE TABLE db( |
| 21 | ** dbid INTEGER PRIMARY KEY, -- database id |
| 22 | ** dbcontent BLOB -- database disk file image |
| 23 | ** ); |
| 24 | ** CREATE TABLE xsql( |
| 25 | ** sqlid INTEGER PRIMARY KEY, -- SQL script id |
| 26 | ** sqltext TEXT -- Text of SQL statements to run |
| 27 | ** ); |
| 28 | ** |
| 29 | ** For each database file in the DB table, the SQL text in the XSQL table |
| 30 | ** is run against that database. This program is looking for crashes, |
| 31 | ** assertion faults, and/or memory leaks. No attempt is made to verify |
| 32 | ** the output. The assumption is that either all of the database files |
| 33 | ** or all of the SQL statements are malformed inputs, generated by a fuzzer, |
| 34 | ** that need to be checked to make sure they do not present a security risk. |
| 35 | ** |
| 36 | ** This program also includes some command-line options to help with |
| 37 | ** creation and maintenance of the source content database. |
| 38 | */ |
| 39 | #include <stdio.h> |
| 40 | #include <stdlib.h> |
| 41 | #include <string.h> |
| 42 | #include <stdarg.h> |
| 43 | #include <ctype.h> |
| 44 | #include "sqlite3.h" |
| 45 | |
| 46 | /* |
| 47 | ** Files in the virtual file system. |
| 48 | */ |
| 49 | typedef struct VFile VFile; |
| 50 | struct VFile { |
| 51 | char *zFilename; /* Filename. NULL for delete-on-close. From malloc() */ |
| 52 | int sz; /* Size of the file in bytes */ |
| 53 | int nRef; /* Number of references to this file */ |
| 54 | unsigned char *a; /* Content of the file. From malloc() */ |
| 55 | }; |
| 56 | typedef struct VHandle VHandle; |
| 57 | struct VHandle { |
| 58 | sqlite3_file base; /* Base class. Must be first */ |
| 59 | VFile *pVFile; /* The underlying file */ |
| 60 | }; |
| 61 | |
| 62 | /* |
| 63 | ** The value of a database file template, or of an SQL script |
| 64 | */ |
| 65 | typedef struct Blob Blob; |
| 66 | struct Blob { |
| 67 | Blob *pNext; /* Next in a list */ |
| 68 | int id; /* Id of this Blob */ |
| 69 | int sz; /* Size of this Blob in bytes */ |
| 70 | unsigned char a[1]; /* Blob content. Extra space allocated as needed. */ |
| 71 | }; |
| 72 | |
| 73 | /* |
| 74 | ** Maximum number of files in the in-memory virtual filesystem. |
| 75 | */ |
| 76 | #define MX_FILE 10 |
| 77 | |
| 78 | /* |
| 79 | ** Maximum allowed file size |
| 80 | */ |
| 81 | #define MX_FILE_SZ 10000000 |
| 82 | |
| 83 | /* |
| 84 | ** All global variables are gathered into the "g" singleton. |
| 85 | */ |
| 86 | static struct GlobalVars { |
| 87 | const char *zArgv0; /* Name of program */ |
| 88 | VFile aFile[MX_FILE]; /* The virtual filesystem */ |
| 89 | int nDb; /* Number of template databases */ |
| 90 | Blob *pFirstDb; /* Content of first template database */ |
| 91 | int nSql; /* Number of SQL scripts */ |
| 92 | Blob *pFirstSql; /* First SQL script */ |
| 93 | char zTestName[100]; /* Name of current test */ |
| 94 | } g; |
| 95 | |
| 96 | /* |
| 97 | ** Print an error message and quit. |
| 98 | */ |
| 99 | static void fatalError(const char *zFormat, ...){ |
| 100 | va_list ap; |
| 101 | if( g.zTestName[0] ){ |
| 102 | fprintf(stderr, "%s (%s): ", g.zArgv0, g.zTestName); |
| 103 | }else{ |
| 104 | fprintf(stderr, "%s: ", g.zArgv0); |
| 105 | } |
| 106 | va_start(ap, zFormat); |
| 107 | vfprintf(stderr, zFormat, ap); |
| 108 | va_end(ap); |
| 109 | fprintf(stderr, "\n"); |
| 110 | exit(1); |
| 111 | } |
| 112 | |
| 113 | /* |
| 114 | ** Reallocate memory. Show and error and quit if unable. |
| 115 | */ |
| 116 | static void *safe_realloc(void *pOld, int szNew){ |
| 117 | void *pNew = realloc(pOld, szNew); |
| 118 | if( pNew==0 ) fatalError("unable to realloc for %d bytes", szNew); |
| 119 | return pNew; |
| 120 | } |
| 121 | |
| 122 | /* |
| 123 | ** Initialize the virtual file system. |
| 124 | */ |
| 125 | static void formatVfs(void){ |
| 126 | int i; |
| 127 | for(i=0; i<MX_FILE; i++){ |
| 128 | g.aFile[i].sz = -1; |
| 129 | g.aFile[i].zFilename = 0; |
| 130 | g.aFile[i].a = 0; |
| 131 | g.aFile[i].nRef = 0; |
| 132 | } |
| 133 | } |
| 134 | |
| 135 | |
| 136 | /* |
| 137 | ** Erase all information in the virtual file system. |
| 138 | */ |
| 139 | static void reformatVfs(void){ |
| 140 | int i; |
| 141 | for(i=0; i<MX_FILE; i++){ |
| 142 | if( g.aFile[i].sz<0 ) continue; |
| 143 | if( g.aFile[i].zFilename ){ |
| 144 | free(g.aFile[i].zFilename); |
| 145 | g.aFile[i].zFilename = 0; |
| 146 | } |
| 147 | if( g.aFile[i].nRef>0 ){ |
| 148 | fatalError("file %d still open. nRef=%d", i, g.aFile[i].nRef); |
| 149 | } |
| 150 | g.aFile[i].sz = -1; |
| 151 | free(g.aFile[i].a); |
| 152 | g.aFile[i].a = 0; |
| 153 | g.aFile[i].nRef = 0; |
| 154 | } |
| 155 | } |
| 156 | |
| 157 | /* |
| 158 | ** Find a VFile by name |
| 159 | */ |
| 160 | static VFile *findVFile(const char *zName){ |
| 161 | int i; |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 162 | if( zName==0 ) return 0; |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 163 | for(i=0; i<MX_FILE; i++){ |
| 164 | if( g.aFile[i].zFilename==0 ) continue; |
| 165 | if( strcmp(g.aFile[i].zFilename, zName)==0 ) return &g.aFile[i]; |
| 166 | } |
| 167 | return 0; |
| 168 | } |
| 169 | |
| 170 | /* |
| 171 | ** Find a VFile by name. Create it if it does not already exist and |
| 172 | ** initialize it to the size and content given. |
| 173 | ** |
| 174 | ** Return NULL only if the filesystem is full. |
| 175 | */ |
| 176 | static VFile *createVFile(const char *zName, int sz, unsigned char *pData){ |
| 177 | VFile *pNew = findVFile(zName); |
| 178 | int i; |
| 179 | if( pNew ) return pNew; |
| 180 | for(i=0; i<MX_FILE && g.aFile[i].sz>=0; i++){} |
| 181 | if( i>=MX_FILE ) return 0; |
| 182 | pNew = &g.aFile[i]; |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 183 | if( zName ){ |
| 184 | pNew->zFilename = safe_realloc(0, strlen(zName)+1); |
| 185 | memcpy(pNew->zFilename, zName, strlen(zName)+1); |
| 186 | }else{ |
| 187 | pNew->zFilename = 0; |
| 188 | } |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 189 | pNew->nRef = 0; |
| 190 | pNew->sz = sz; |
| 191 | pNew->a = safe_realloc(0, sz); |
| 192 | if( sz>0 ) memcpy(pNew->a, pData, sz); |
| 193 | return pNew; |
| 194 | } |
| 195 | |
| 196 | |
| 197 | /* |
| 198 | ** Implementation of the "readfile(X)" SQL function. The entire content |
| 199 | ** of the file named X is read and returned as a BLOB. NULL is returned |
| 200 | ** if the file does not exist or is unreadable. |
| 201 | */ |
| 202 | static void readfileFunc( |
| 203 | sqlite3_context *context, |
| 204 | int argc, |
| 205 | sqlite3_value **argv |
| 206 | ){ |
| 207 | const char *zName; |
| 208 | FILE *in; |
| 209 | long nIn; |
| 210 | void *pBuf; |
| 211 | |
| 212 | zName = (const char*)sqlite3_value_text(argv[0]); |
| 213 | if( zName==0 ) return; |
| 214 | in = fopen(zName, "rb"); |
| 215 | if( in==0 ) return; |
| 216 | fseek(in, 0, SEEK_END); |
| 217 | nIn = ftell(in); |
| 218 | rewind(in); |
| 219 | pBuf = sqlite3_malloc64( nIn ); |
| 220 | if( pBuf && 1==fread(pBuf, nIn, 1, in) ){ |
| 221 | sqlite3_result_blob(context, pBuf, nIn, sqlite3_free); |
| 222 | }else{ |
| 223 | sqlite3_free(pBuf); |
| 224 | } |
| 225 | fclose(in); |
| 226 | } |
| 227 | |
| 228 | /* |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 229 | ** Load a list of Blob objects from the database |
| 230 | */ |
| 231 | static void blobListLoadFromDb( |
| 232 | sqlite3 *db, /* Read from this database */ |
| 233 | const char *zSql, /* Query used to extract the blobs */ |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 234 | int onlyId, /* Only load where id is this value */ |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 235 | int *pN, /* OUT: Write number of blobs loaded here */ |
| 236 | Blob **ppList /* OUT: Write the head of the blob list here */ |
| 237 | ){ |
| 238 | Blob head; |
| 239 | Blob *p; |
| 240 | sqlite3_stmt *pStmt; |
| 241 | int n = 0; |
| 242 | int rc; |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 243 | char *z2; |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 244 | |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 245 | if( onlyId>0 ){ |
| 246 | z2 = sqlite3_mprintf("%s WHERE rowid=%d", zSql, onlyId); |
| 247 | }else{ |
| 248 | z2 = sqlite3_mprintf("%s", zSql); |
| 249 | } |
| 250 | rc = sqlite3_prepare_v2(db, z2, -1, &pStmt, 0); |
| 251 | sqlite3_free(z2); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 252 | if( rc ) fatalError("%s", sqlite3_errmsg(db)); |
| 253 | head.pNext = 0; |
| 254 | p = &head; |
| 255 | while( SQLITE_ROW==sqlite3_step(pStmt) ){ |
| 256 | int sz = sqlite3_column_bytes(pStmt, 1); |
| 257 | Blob *pNew = safe_realloc(0, sizeof(*pNew)+sz ); |
| 258 | pNew->id = sqlite3_column_int(pStmt, 0); |
| 259 | pNew->sz = sz; |
| 260 | pNew->pNext = 0; |
| 261 | memcpy(pNew->a, sqlite3_column_blob(pStmt,1), sz); |
| 262 | pNew->a[sz] = 0; |
| 263 | p->pNext = pNew; |
| 264 | p = pNew; |
| 265 | n++; |
| 266 | } |
| 267 | sqlite3_finalize(pStmt); |
| 268 | *pN = n; |
| 269 | *ppList = head.pNext; |
| 270 | } |
| 271 | |
| 272 | /* |
| 273 | ** Free a list of Blob objects |
| 274 | */ |
| 275 | static void blobListFree(Blob *p){ |
| 276 | Blob *pNext; |
| 277 | while( p ){ |
| 278 | pNext = p->pNext; |
| 279 | free(p); |
| 280 | p = pNext; |
| 281 | } |
| 282 | } |
| 283 | |
| 284 | |
| 285 | /* Return the current wall-clock time */ |
| 286 | static sqlite3_int64 timeOfDay(void){ |
| 287 | static sqlite3_vfs *clockVfs = 0; |
| 288 | sqlite3_int64 t; |
| 289 | if( clockVfs==0 ) clockVfs = sqlite3_vfs_find(0); |
| 290 | if( clockVfs->iVersion>=1 && clockVfs->xCurrentTimeInt64!=0 ){ |
| 291 | clockVfs->xCurrentTimeInt64(clockVfs, &t); |
| 292 | }else{ |
| 293 | double r; |
| 294 | clockVfs->xCurrentTime(clockVfs, &r); |
| 295 | t = (sqlite3_int64)(r*86400000.0); |
| 296 | } |
| 297 | return t; |
| 298 | } |
| 299 | |
| 300 | /* Methods for the VHandle object |
| 301 | */ |
| 302 | static int inmemClose(sqlite3_file *pFile){ |
| 303 | VHandle *p = (VHandle*)pFile; |
| 304 | VFile *pVFile = p->pVFile; |
| 305 | pVFile->nRef--; |
| 306 | if( pVFile->nRef==0 && pVFile->zFilename==0 ){ |
| 307 | pVFile->sz = -1; |
| 308 | free(pVFile->a); |
| 309 | pVFile->a = 0; |
| 310 | } |
| 311 | return SQLITE_OK; |
| 312 | } |
| 313 | static int inmemRead( |
| 314 | sqlite3_file *pFile, /* Read from this open file */ |
| 315 | void *pData, /* Store content in this buffer */ |
| 316 | int iAmt, /* Bytes of content */ |
| 317 | sqlite3_int64 iOfst /* Start reading here */ |
| 318 | ){ |
| 319 | VHandle *pHandle = (VHandle*)pFile; |
| 320 | VFile *pVFile = pHandle->pVFile; |
| 321 | if( iOfst<0 || iOfst>=pVFile->sz ){ |
| 322 | memset(pData, 0, iAmt); |
| 323 | return SQLITE_IOERR_SHORT_READ; |
| 324 | } |
| 325 | if( iOfst+iAmt>pVFile->sz ){ |
| 326 | memset(pData, 0, iAmt); |
drh | 1573dc3 | 2015-05-25 22:29:26 +0000 | [diff] [blame] | 327 | iAmt = (int)(pVFile->sz - iOfst); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 328 | memcpy(pData, pVFile->a, iAmt); |
| 329 | return SQLITE_IOERR_SHORT_READ; |
| 330 | } |
| 331 | memcpy(pData, pVFile->a, iAmt); |
| 332 | return SQLITE_OK; |
| 333 | } |
| 334 | static int inmemWrite( |
| 335 | sqlite3_file *pFile, /* Write to this file */ |
| 336 | const void *pData, /* Content to write */ |
| 337 | int iAmt, /* bytes to write */ |
| 338 | sqlite3_int64 iOfst /* Start writing here */ |
| 339 | ){ |
| 340 | VHandle *pHandle = (VHandle*)pFile; |
| 341 | VFile *pVFile = pHandle->pVFile; |
| 342 | if( iOfst+iAmt > pVFile->sz ){ |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 343 | if( iOfst+iAmt >= MX_FILE_SZ ){ |
| 344 | return SQLITE_FULL; |
| 345 | } |
drh | 1573dc3 | 2015-05-25 22:29:26 +0000 | [diff] [blame] | 346 | pVFile->a = safe_realloc(pVFile->a, (int)(iOfst+iAmt)); |
| 347 | memset(pVFile->a + pVFile->sz, 0, (int)(iOfst - pVFile->sz)); |
| 348 | pVFile->sz = (int)(iOfst + iAmt); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 349 | } |
| 350 | memcpy(pVFile->a + iOfst, pData, iAmt); |
| 351 | return SQLITE_OK; |
| 352 | } |
| 353 | static int inmemTruncate(sqlite3_file *pFile, sqlite3_int64 iSize){ |
| 354 | VHandle *pHandle = (VHandle*)pFile; |
| 355 | VFile *pVFile = pHandle->pVFile; |
drh | 1573dc3 | 2015-05-25 22:29:26 +0000 | [diff] [blame] | 356 | if( pVFile->sz>iSize && iSize>=0 ) pVFile->sz = (int)iSize; |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 357 | return SQLITE_OK; |
| 358 | } |
| 359 | static int inmemSync(sqlite3_file *pFile, int flags){ |
| 360 | return SQLITE_OK; |
| 361 | } |
| 362 | static int inmemFileSize(sqlite3_file *pFile, sqlite3_int64 *pSize){ |
| 363 | *pSize = ((VHandle*)pFile)->pVFile->sz; |
| 364 | return SQLITE_OK; |
| 365 | } |
| 366 | static int inmemLock(sqlite3_file *pFile, int type){ |
| 367 | return SQLITE_OK; |
| 368 | } |
| 369 | static int inmemUnlock(sqlite3_file *pFile, int type){ |
| 370 | return SQLITE_OK; |
| 371 | } |
| 372 | static int inmemCheckReservedLock(sqlite3_file *pFile, int *pOut){ |
| 373 | *pOut = 0; |
| 374 | return SQLITE_OK; |
| 375 | } |
| 376 | static int inmemFileControl(sqlite3_file *pFile, int op, void *pArg){ |
| 377 | return SQLITE_NOTFOUND; |
| 378 | } |
| 379 | static int inmemSectorSize(sqlite3_file *pFile){ |
| 380 | return 512; |
| 381 | } |
| 382 | static int inmemDeviceCharacteristics(sqlite3_file *pFile){ |
| 383 | return |
| 384 | SQLITE_IOCAP_SAFE_APPEND | |
| 385 | SQLITE_IOCAP_UNDELETABLE_WHEN_OPEN | |
| 386 | SQLITE_IOCAP_POWERSAFE_OVERWRITE; |
| 387 | } |
| 388 | |
| 389 | |
| 390 | /* Method table for VHandle |
| 391 | */ |
| 392 | static sqlite3_io_methods VHandleMethods = { |
| 393 | /* iVersion */ 1, |
| 394 | /* xClose */ inmemClose, |
| 395 | /* xRead */ inmemRead, |
| 396 | /* xWrite */ inmemWrite, |
| 397 | /* xTruncate */ inmemTruncate, |
| 398 | /* xSync */ inmemSync, |
| 399 | /* xFileSize */ inmemFileSize, |
| 400 | /* xLock */ inmemLock, |
| 401 | /* xUnlock */ inmemUnlock, |
| 402 | /* xCheck... */ inmemCheckReservedLock, |
| 403 | /* xFileCtrl */ inmemFileControl, |
| 404 | /* xSectorSz */ inmemSectorSize, |
| 405 | /* xDevchar */ inmemDeviceCharacteristics, |
| 406 | /* xShmMap */ 0, |
| 407 | /* xShmLock */ 0, |
| 408 | /* xShmBarrier */ 0, |
| 409 | /* xShmUnmap */ 0, |
| 410 | /* xFetch */ 0, |
| 411 | /* xUnfetch */ 0 |
| 412 | }; |
| 413 | |
| 414 | /* |
| 415 | ** Open a new file in the inmem VFS. All files are anonymous and are |
| 416 | ** delete-on-close. |
| 417 | */ |
| 418 | static int inmemOpen( |
| 419 | sqlite3_vfs *pVfs, |
| 420 | const char *zFilename, |
| 421 | sqlite3_file *pFile, |
| 422 | int openFlags, |
| 423 | int *pOutFlags |
| 424 | ){ |
| 425 | VFile *pVFile = createVFile(zFilename, 0, (unsigned char*)""); |
| 426 | VHandle *pHandle = (VHandle*)pFile; |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 427 | if( pVFile==0 ){ |
| 428 | return SQLITE_FULL; |
| 429 | } |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 430 | pHandle->pVFile = pVFile; |
| 431 | pVFile->nRef++; |
| 432 | pFile->pMethods = &VHandleMethods; |
| 433 | if( pOutFlags ) *pOutFlags = openFlags; |
| 434 | return SQLITE_OK; |
| 435 | } |
| 436 | |
| 437 | /* |
| 438 | ** Delete a file by name |
| 439 | */ |
| 440 | static int inmemDelete( |
| 441 | sqlite3_vfs *pVfs, |
| 442 | const char *zFilename, |
| 443 | int syncdir |
| 444 | ){ |
| 445 | VFile *pVFile = findVFile(zFilename); |
| 446 | if( pVFile==0 ) return SQLITE_OK; |
| 447 | if( pVFile->nRef==0 ){ |
| 448 | free(pVFile->zFilename); |
| 449 | pVFile->zFilename = 0; |
| 450 | pVFile->sz = -1; |
| 451 | free(pVFile->a); |
| 452 | pVFile->a = 0; |
| 453 | return SQLITE_OK; |
| 454 | } |
| 455 | return SQLITE_IOERR_DELETE; |
| 456 | } |
| 457 | |
| 458 | /* Check for the existance of a file |
| 459 | */ |
| 460 | static int inmemAccess( |
| 461 | sqlite3_vfs *pVfs, |
| 462 | const char *zFilename, |
| 463 | int flags, |
| 464 | int *pResOut |
| 465 | ){ |
| 466 | VFile *pVFile = findVFile(zFilename); |
| 467 | *pResOut = pVFile!=0; |
| 468 | return SQLITE_OK; |
| 469 | } |
| 470 | |
| 471 | /* Get the canonical pathname for a file |
| 472 | */ |
| 473 | static int inmemFullPathname( |
| 474 | sqlite3_vfs *pVfs, |
| 475 | const char *zFilename, |
| 476 | int nOut, |
| 477 | char *zOut |
| 478 | ){ |
| 479 | sqlite3_snprintf(nOut, zOut, "%s", zFilename); |
| 480 | return SQLITE_OK; |
| 481 | } |
| 482 | |
| 483 | /* GetLastError() is never used */ |
| 484 | static int inmemGetLastError(sqlite3_vfs *pVfs, int n, char *z){ |
| 485 | return SQLITE_OK; |
| 486 | } |
| 487 | |
| 488 | /* |
| 489 | ** Register the VFS that reads from the g.aFile[] set of files. |
| 490 | */ |
| 491 | static void inmemVfsRegister(void){ |
| 492 | static sqlite3_vfs inmemVfs; |
| 493 | sqlite3_vfs *pDefault = sqlite3_vfs_find(0); |
| 494 | inmemVfs.iVersion = 1; |
| 495 | inmemVfs.szOsFile = sizeof(VHandle); |
| 496 | inmemVfs.mxPathname = 200; |
| 497 | inmemVfs.zName = "inmem"; |
| 498 | inmemVfs.xOpen = inmemOpen; |
| 499 | inmemVfs.xDelete = inmemDelete; |
| 500 | inmemVfs.xAccess = inmemAccess; |
| 501 | inmemVfs.xFullPathname = inmemFullPathname; |
| 502 | inmemVfs.xRandomness = pDefault->xRandomness; |
| 503 | inmemVfs.xSleep = pDefault->xSleep; |
| 504 | inmemVfs.xCurrentTime = pDefault->xCurrentTime; |
| 505 | inmemVfs.xGetLastError = inmemGetLastError; |
| 506 | sqlite3_vfs_register(&inmemVfs, 0); |
| 507 | }; |
| 508 | |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 509 | /* |
| 510 | ** Run multiple commands of SQL. Similar to sqlite3_exec(), but does not |
| 511 | ** stop if an error is encountered. |
| 512 | */ |
drh | 4ab3147 | 2015-05-25 22:17:06 +0000 | [diff] [blame] | 513 | static void runSql(sqlite3 *db, const char *zSql, int traceFlag){ |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 514 | const char *zMore; |
| 515 | sqlite3_stmt *pStmt; |
| 516 | |
| 517 | while( zSql && zSql[0] ){ |
| 518 | zMore = 0; |
| 519 | pStmt = 0; |
| 520 | sqlite3_prepare_v2(db, zSql, -1, &pStmt, &zMore); |
drh | 4ab3147 | 2015-05-25 22:17:06 +0000 | [diff] [blame] | 521 | if( zMore==zSql ) break; |
| 522 | if( traceFlag ){ |
| 523 | const char *z = zSql; |
| 524 | int n; |
| 525 | while( z<zMore && isspace(z[0]) ) z++; |
| 526 | n = (int)(zMore - z); |
| 527 | while( n>0 && isspace(z[n-1]) ) n--; |
| 528 | if( n==0 ) break; |
| 529 | if( pStmt==0 ){ |
| 530 | printf("TRACE: %.*s (error: %s)\n", n, z, sqlite3_errmsg(db)); |
| 531 | }else{ |
| 532 | printf("TRACE: %.*s\n", n, z); |
| 533 | } |
| 534 | } |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 535 | zSql = zMore; |
| 536 | if( pStmt ){ |
drh | 4ab3147 | 2015-05-25 22:17:06 +0000 | [diff] [blame] | 537 | while( SQLITE_ROW==sqlite3_step(pStmt) ){} |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 538 | sqlite3_finalize(pStmt); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 539 | } |
| 540 | } |
| 541 | } |
| 542 | |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 543 | /* |
| 544 | ** Print sketchy documentation for this utility program |
| 545 | */ |
| 546 | static void showHelp(void){ |
| 547 | printf("Usage: %s [options] SOURCE-DB ?ARGS...?\n", g.zArgv0); |
| 548 | printf( |
| 549 | "Read databases and SQL scripts from SOURCE-DB and execute each script against\n" |
| 550 | "each database, checking for crashes and memory leaks.\n" |
| 551 | "Options:\n" |
| 552 | " --dbid N Use only the database where dbid=N\n" |
| 553 | " --help Show this help text\n" |
| 554 | " -q Reduced output\n" |
| 555 | " --quiet Reduced output\n" |
| 556 | " --load-sql ARGS... Load SQL scripts fro files into SOURCE-DB\n" |
| 557 | " --load-db ARGS... Load template databases from files into SOURCE_DB\n" |
drh | 15b3128 | 2015-05-25 21:59:05 +0000 | [diff] [blame] | 558 | " --native-vfs Use the native VFS for initially empty database files\n" |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 559 | " --sqlid N Use only SQL where sqlid=N\n" |
| 560 | " -v Increased output\n" |
| 561 | " --verbose Increased output\n" |
| 562 | ); |
| 563 | } |
| 564 | |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 565 | int main(int argc, char **argv){ |
| 566 | sqlite3_int64 iBegin; /* Start time of this program */ |
| 567 | const char *zSourceDb = 0; /* Source database filename */ |
| 568 | int quietFlag = 0; /* True if --quiet or -q */ |
| 569 | int verboseFlag = 0; /* True if --verbose or -v */ |
| 570 | char *zInsSql = 0; /* SQL statement for --load-db or --load-sql */ |
| 571 | int iFirstInsArg = 0; /* First argv[] to use for --load-db or --load-sql */ |
| 572 | sqlite3 *db = 0; /* The open database connection */ |
| 573 | int rc; /* Result code from SQLite interface calls */ |
| 574 | Blob *pSql; /* For looping over SQL scripts */ |
| 575 | Blob *pDb; /* For looping over template databases */ |
| 576 | int i; /* Loop index for the argv[] loop */ |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 577 | int onlySqlid = -1; /* --sqlid */ |
| 578 | int onlyDbid = -1; /* --dbid */ |
drh | 15b3128 | 2015-05-25 21:59:05 +0000 | [diff] [blame] | 579 | int nativeFlag = 0; /* --native-vfs */ |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 580 | |
| 581 | iBegin = timeOfDay(); |
| 582 | g.zArgv0 = argv[0]; |
| 583 | for(i=1; i<argc; i++){ |
| 584 | const char *z = argv[i]; |
| 585 | if( z[0]=='-' ){ |
| 586 | z++; |
| 587 | if( z[0]=='-' ) z++; |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 588 | if( strcmp(z,"dbid")==0 ){ |
| 589 | if( i>=argc-1 ) fatalError("missing arguments on %s", argv[i]); |
| 590 | onlyDbid = atoi(argv[++i]); |
| 591 | }else |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 592 | if( strcmp(z,"help")==0 ){ |
| 593 | showHelp(); |
| 594 | return 0; |
| 595 | }else |
| 596 | if( strcmp(z,"load-sql")==0 ){ |
| 597 | zInsSql = "INSERT INTO xsql(sqltext) VALUES(readfile(?1))"; |
| 598 | iFirstInsArg = i+1; |
| 599 | break; |
| 600 | }else |
| 601 | if( strcmp(z,"load-db")==0 ){ |
| 602 | zInsSql = "INSERT INTO db(dbcontent) VALUES(readfile(?1))"; |
| 603 | iFirstInsArg = i+1; |
| 604 | break; |
| 605 | }else |
drh | 15b3128 | 2015-05-25 21:59:05 +0000 | [diff] [blame] | 606 | if( strcmp(z,"native-vfs")==0 ){ |
| 607 | nativeFlag = 1; |
| 608 | }else |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 609 | if( strcmp(z,"quiet")==0 || strcmp(z,"q")==0 ){ |
| 610 | quietFlag = 1; |
| 611 | verboseFlag = 0; |
| 612 | }else |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 613 | if( strcmp(z,"sqlid")==0 ){ |
| 614 | if( i>=argc-1 ) fatalError("missing arguments on %s", argv[i]); |
| 615 | onlySqlid = atoi(argv[++i]); |
| 616 | }else |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 617 | if( strcmp(z,"verbose")==0 || strcmp(z,"v")==0 ){ |
| 618 | quietFlag = 0; |
| 619 | verboseFlag = 1; |
| 620 | }else |
| 621 | { |
| 622 | fatalError("unknown option: %s", argv[i]); |
| 623 | } |
| 624 | }else{ |
| 625 | if( zSourceDb ) fatalError("extra argument: %s", argv[i]); |
| 626 | zSourceDb = argv[i]; |
| 627 | } |
| 628 | } |
| 629 | if( zSourceDb==0 ) fatalError("no source database specified"); |
| 630 | rc = sqlite3_open(zSourceDb, &db); |
| 631 | if( rc ){ |
| 632 | fatalError("cannot open source database %s - %s", |
| 633 | zSourceDb, sqlite3_errmsg(db)); |
| 634 | } |
| 635 | rc = sqlite3_exec(db, |
| 636 | "CREATE TABLE IF NOT EXISTS db(\n" |
| 637 | " dbid INTEGER PRIMARY KEY, -- database id\n" |
| 638 | " dbcontent BLOB -- database disk file image\n" |
| 639 | ");\n" |
| 640 | "CREATE TABLE IF NOT EXISTS xsql(\n" |
| 641 | " sqlid INTEGER PRIMARY KEY, -- SQL script id\n" |
| 642 | " sqltext TEXT -- Text of SQL statements to run\n" |
| 643 | ");", 0, 0, 0); |
| 644 | if( rc ) fatalError("cannot create schema: %s", sqlite3_errmsg(db)); |
| 645 | if( zInsSql ){ |
| 646 | sqlite3_stmt *pStmt; |
| 647 | sqlite3_create_function(db, "readfile", 1, SQLITE_UTF8, 0, |
| 648 | readfileFunc, 0, 0); |
| 649 | rc = sqlite3_prepare_v2(db, zInsSql, -1, &pStmt, 0); |
| 650 | if( rc ) fatalError("cannot prepare statement [%s]: %s", |
| 651 | zInsSql, sqlite3_errmsg(db)); |
| 652 | rc = sqlite3_exec(db, "BEGIN", 0, 0, 0); |
| 653 | if( rc ) fatalError("cannot start a transaction"); |
| 654 | for(i=iFirstInsArg; i<argc; i++){ |
| 655 | sqlite3_bind_text(pStmt, 1, argv[i], -1, SQLITE_STATIC); |
| 656 | sqlite3_step(pStmt); |
| 657 | rc = sqlite3_reset(pStmt); |
| 658 | if( rc ) fatalError("insert failed for %s", argv[i]); |
| 659 | } |
| 660 | sqlite3_finalize(pStmt); |
| 661 | rc = sqlite3_exec(db, "COMMIT", 0, 0, 0); |
| 662 | if( rc ) fatalError("cannot commit the transaction: %s", sqlite3_errmsg(db)); |
| 663 | sqlite3_close(db); |
| 664 | return 0; |
| 665 | } |
| 666 | |
| 667 | /* Load all SQL script content and all initial database images from the |
| 668 | ** source db |
| 669 | */ |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 670 | blobListLoadFromDb(db, "SELECT sqlid, sqltext FROM xsql", onlySqlid, |
| 671 | &g.nSql, &g.pFirstSql); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 672 | if( g.nSql==0 ) fatalError("need at least one SQL script"); |
drh | a9542b1 | 2015-05-25 19:35:42 +0000 | [diff] [blame] | 673 | blobListLoadFromDb(db, "SELECT dbid, dbcontent FROM db", onlyDbid, |
| 674 | &g.nDb, &g.pFirstDb); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 675 | if( g.nDb==0 ){ |
| 676 | g.pFirstDb = safe_realloc(0, sizeof(Blob)); |
| 677 | memset(g.pFirstDb, 0, sizeof(Blob)); |
| 678 | g.pFirstDb->id = 1; |
| 679 | g.nDb = 1; |
| 680 | } |
| 681 | |
| 682 | |
| 683 | /* Close the source database. Verify that no SQLite memory allocations are |
| 684 | ** outstanding. |
| 685 | */ |
| 686 | sqlite3_close(db); |
| 687 | if( sqlite3_memory_used()>0 ){ |
| 688 | fatalError("SQLite has memory in use before the start of testing"); |
| 689 | } |
| 690 | |
| 691 | /* Register the in-memory virtual filesystem |
| 692 | */ |
| 693 | formatVfs(); |
| 694 | inmemVfsRegister(); |
| 695 | |
| 696 | /* Run a test using each SQL script against each database. |
| 697 | */ |
| 698 | if( !verboseFlag && !quietFlag ){ |
| 699 | int i; |
| 700 | i = strlen(zSourceDb) - 1; |
| 701 | while( i>0 && zSourceDb[i-1]!='/' && zSourceDb[i-1]!='\\' ){ i--; } |
| 702 | printf("%s:", &zSourceDb[i]); |
| 703 | } |
| 704 | for(pSql=g.pFirstSql; pSql; pSql=pSql->pNext){ |
| 705 | for(pDb=g.pFirstDb; pDb; pDb=pDb->pNext){ |
drh | 15b3128 | 2015-05-25 21:59:05 +0000 | [diff] [blame] | 706 | int openFlags; |
| 707 | const char *zVfs = "inmem"; |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 708 | sqlite3_snprintf(sizeof(g.zTestName), g.zTestName, "sqlid=%d,dbid=%d", |
| 709 | pSql->id, pDb->id); |
| 710 | if( verboseFlag ){ |
| 711 | printf("%s\n", g.zTestName); |
| 712 | fflush(stdout); |
| 713 | }else if( !quietFlag ){ |
| 714 | static int prevAmt = -1; |
| 715 | int idx = (pSql->id-1)*g.nDb + pDb->id - 1; |
| 716 | int amt = idx*10/(g.nDb*g.nSql); |
| 717 | if( amt!=prevAmt ){ |
| 718 | printf(" %d%%", amt*10); |
drh | 15b3128 | 2015-05-25 21:59:05 +0000 | [diff] [blame] | 719 | fflush(stdout); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 720 | prevAmt = amt; |
| 721 | } |
| 722 | } |
| 723 | createVFile("main.db", pDb->sz, pDb->a); |
drh | 15b3128 | 2015-05-25 21:59:05 +0000 | [diff] [blame] | 724 | openFlags = SQLITE_OPEN_CREATE | SQLITE_OPEN_READWRITE; |
| 725 | if( nativeFlag && pDb->sz==0 ){ |
| 726 | openFlags |= SQLITE_OPEN_MEMORY; |
| 727 | zVfs = 0; |
| 728 | } |
| 729 | rc = sqlite3_open_v2("main.db", &db, openFlags, zVfs); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 730 | if( rc ) fatalError("cannot open inmem database"); |
drh | 4ab3147 | 2015-05-25 22:17:06 +0000 | [diff] [blame] | 731 | runSql(db, (char*)pSql->a, verboseFlag); |
drh | 3b74d03 | 2015-05-25 18:48:19 +0000 | [diff] [blame] | 732 | sqlite3_close(db); |
| 733 | if( sqlite3_memory_used()>0 ) fatalError("memory leak"); |
| 734 | reformatVfs(); |
| 735 | g.zTestName[0] = 0; |
| 736 | } |
| 737 | } |
| 738 | |
| 739 | if( !quietFlag ){ |
| 740 | sqlite3_int64 iElapse = timeOfDay() - iBegin; |
| 741 | if( !verboseFlag ) printf("\n"); |
| 742 | printf("fuzzcheck: 0 errors out of %d tests in %d.%03d seconds\nSQLite %s %s\n", |
| 743 | g.nDb*g.nSql, (int)(iElapse/1000), (int)(iElapse%1000), |
| 744 | sqlite3_libversion(), sqlite3_sourceid()); |
| 745 | } |
| 746 | |
| 747 | /* Clean up and exit. |
| 748 | */ |
| 749 | blobListFree(g.pFirstSql); |
| 750 | blobListFree(g.pFirstDb); |
| 751 | reformatVfs(); |
| 752 | return 0; |
| 753 | } |