| From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
| From: Darwin Huang <huangdarwin@chromium.org> |
| Date: Wed, 27 Mar 2019 12:10:17 -0700 |
| Subject: [PATCH 11/11] Add dbfuzz2 progress handler patch |
| |
| This backports https://www.sqlite.org/src/info/b99f8512c06b9d47 |
| |
| Bug: 925890 |
| --- |
| third_party/sqlite/patched/test/dbfuzz2.c | 31 +++++++++++++++++++++++ |
| 1 file changed, 31 insertions(+) |
| |
| diff --git a/third_party/sqlite/patched/test/dbfuzz2.c b/third_party/sqlite/patched/test/dbfuzz2.c |
| index dd1ed061717b..6eca1f7f32ae 100644 |
| --- a/third_party/sqlite/patched/test/dbfuzz2.c |
| +++ b/third_party/sqlite/patched/test/dbfuzz2.c |
| @@ -74,6 +74,10 @@ static int bVdbeDebug = 0; |
| /* Maximum size of the in-memory database file */ |
| static sqlite3_int64 szMax = 104857600; |
| |
| +/* Progress handler callback data */ |
| +static int nCb = 0; /* Number of callbacks seen so far */ |
| +static int mxCb = 250000; /* Maximum allowed callbacks */ |
| + |
| /***** Copy/paste from ext/misc/memtrace.c ***************************/ |
| /* The original memory allocation routines */ |
| static sqlite3_mem_methods memtraceBase; |
| @@ -157,6 +161,21 @@ int sqlite3MemTraceDeactivate(void){ |
| } |
| /***** End copy/paste from ext/misc/memtrace.c ***************************/ |
| |
| +/* |
| +** Progress handler callback |
| +** |
| +** Count the number of callbacks and cause an abort once the limit is |
| +** reached. |
| +*/ |
| +static int progress_handler(void *pNotUsed){ |
| + nCb++; |
| + if( nCb<mxCb ) return 0; |
| + if( eVerbosity>=1 ){ |
| + printf("-- Progress limit of %d reached\n", mxCb); |
| + } |
| + return 1; |
| +} |
| + |
| /* libFuzzer invokes this routine with fuzzed database files (in aData). |
| ** This routine run SQLite against the malformed database to see if it |
| ** can provoke a failure or malfunction. |
| @@ -187,12 +206,16 @@ int LLVMFuzzerTestOneInput(const uint8_t *aData, size_t nByte){ |
| if( bVdbeDebug ){ |
| sqlite3_exec(db, "PRAGMA vdbe_debug=ON", 0, 0, 0); |
| } |
| + if( mxCb>0 ){ |
| + sqlite3_progress_handler(db, 10, progress_handler, 0); |
| + } |
| for(i=0; i<sizeof(azSql)/sizeof(azSql[0]); i++){ |
| if( eVerbosity>=1 ){ |
| printf("%s\n", azSql[i]); |
| fflush(stdout); |
| } |
| zErr = 0; |
| + nCb = 0; |
| rc = sqlite3_exec(db, azSql[i], 0, 0, &zErr); |
| if( rc && eVerbosity>=1 ){ |
| printf("-- rc=%d zErr=%s\n", rc, zErr); |
| @@ -247,6 +270,14 @@ int LLVMFuzzerInitialize(int *pArgc, char ***pArgv){ |
| bVdbeDebug = 1; |
| continue; |
| } |
| + if( strcmp(z,"limit")==0 ){ |
| + if( i+1==argc ){ |
| + fprintf(stderr, "missing argument to %s\n", argv[i]); |
| + exit(1); |
| + } |
| + mxCb = strtol(argv[++i], 0, 0); |
| + continue; |
| + } |
| if( strcmp(z,"memtrace")==0 ){ |
| sqlite3MemTraceActivate(stdout); |
| continue; |
| -- |
| 2.20.1 |
| |