Improvements to the dbfuzz2.c test module.

FossilOrigin-Name: d60eff493b875366981c5a25000bb65cde9f6e628192914910790acc562c17b9

Makefile.in

@@ -675,7 +675,7 @@ DBFUZZ2_OPTS = \
   -DSQLITE_EANBLE_FTS5
 
 dbfuzz2:	$(TOP)/test/dbfuzz2.c sqlite3.c sqlite3.h
-	clang-6.0 -I. -g -Os -fsanitize=fuzzer,undefined -o dbfuzz2 \
+	clang-6.0 -I. -g -O0 -fsanitize=fuzzer,undefined -o dbfuzz2 \
 		$(DBFUZZ2_OPTS) $(TOP)/test/dbfuzz2.c sqlite3.c
 	mkdir -p dbfuzz2-dir
 	cp $(TOP)/test/dbfuzz2-seed* dbfuzz2-dir

manifest

@@ -1,8 +1,8 @@
-C Add\san\sentry\sin\sMakefile.in\sto\sbuild\sdbfuzz2\susing\sclang-6.0\swith\n-fsanitize=fuzzer,undefined.
-D 2018-10-27T16:02:16.717
+C Improvements\sto\sthe\sdbfuzz2.c\stest\smodule.
+D 2018-10-27T21:06:44.652
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
-F Makefile.in dfd61c71a68d90ad1d0db96e94999610c44ddad6b131f8032bcac6cb9e0a45a7
+F Makefile.in 15344f4e44dfd9ffb04e9867bdd352a8a5a86211b8919a6ca724e7063694320b
 F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434
 F Makefile.msc b946f8806a5d401a299453f61de80dfd1a9df14fa4902b299e6465e3c3134872
 F README.md 377233394b905d3b2e2b33741289e093bc93f2e7adbe00923b2c5958c9a9edee
@@ -771,7 +771,7 @@ F test/date.test 9b73bbeb1b82d9c1f44dec5cf563bf7da58d2373
 F test/date2.test 74c234bece1b016e94dd4ef9c8cc7a199a8806c0e2291cab7ba64bace6350b10
 F test/dbfuzz.c 73047c920d6210e5912c87cdffd9a1c281d4252e
 F test/dbfuzz2-seed1.db e6225c6f3d7b63f9c5b6867146a5f329d997ab105bee64644dc2b3a2f2aebaee
-F test/dbfuzz2.c 726596ade432252e5a71d63ac1d14ebe499187091f3f32ad6302f7f1283229ff
+F test/dbfuzz2.c fae8599108dbf6460f8862677a22ee517c9030cdd931df0ed3c66c09ab14e46a
 F test/dbpage.test dbf50a4d361f9e45a979432c727506065113124478a7d2db12074fa655e65d6c
 F test/dbstatus.test cd83aa623b8aab477269bc94cf8aa90c1e195a144561dd04a1620770aaa8524e
 F test/dbstatus2.test f5fe0afed3fa45e57cfa70d1147606c20d2ba23feac78e9a172f2fe8ab5b78ef
@@ -1774,7 +1774,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 90d12094d36957fbded71545add8a5dc206798fdacc17d4d161d715569a7f991
-R 6ad21b1e34719504a3a3472b9a8be5cf
+P a4a083ed8cdb106af661d2ee0203e21c576f5c2304419ce603826e4f2851c2e0
+R e5a9cd9771ffc88fd093fdbd062e0c2a
 U drh
-Z 0cf82952939867f49c62e617cf35a655
+Z 7b11fae1033935d453c9b6c66817005d

manifest.uuid

@@ -1 +1 @@
-a4a083ed8cdb106af661d2ee0203e21c576f5c2304419ce603826e4f2851c2e0
+d60eff493b875366981c5a25000bb65cde9f6e628192914910790acc562c17b9

test/dbfuzz2.c

@@ -53,20 +53,31 @@ static const char *azSql[] = {
   "SELECT * FROM sqlite_master;",
   "SELECT sum(length(name)) FROM dbstat;",
   "UPDATE t1 SET b=a, a=b WHERE a<b;",
-  "ALTER TABLE t1 RENAME TO alkjalkjdfiiiwuer987lkjwer82mx97sf98788s9789s;"
+  "ALTER TABLE t1 RENAME TO alkjalkjdfiiiwuer987lkjwer82mx97sf98788s9789s;",
   "INSERT INTO t3 SELECT * FROM t2;",
   "DELETE FROM t3 WHERE x IN (SELECT x FROM t4);",
-  "REINDEX;"
+  "REINDEX;",
   "DROP TABLE t3;",
   "VACUUM;",
 };
 
+/* Output verbosity level.  0 means complete silence */
+int eVerbosity = 0;
+
+/* libFuzzer invokes this routine with fuzzed database files (in aData).
+** This routine run SQLite against the malformed database to see if it
+** can provoke a failure or malfunction.
+*/
 int LLVMFuzzerTestOneInput(const uint8_t *aData, size_t nByte){
   unsigned char *a;
   sqlite3 *db;
   int rc;
   int i;
 
+  if( eVerbosity>=1 ){
+    printf("************** nByte=%d ***************\n", (int)nByte);
+    fflush(stdout);
+  }
   rc = sqlite3_open(":memory:", &db);
   if( rc ) return 1;
   a = sqlite3_malloc64(nByte);
@@ -76,8 +87,45 @@ int LLVMFuzzerTestOneInput(const uint8_t *aData, size_t nByte){
         SQLITE_DESERIALIZE_RESIZEABLE |
         SQLITE_DESERIALIZE_FREEONCLOSE);
   for(i=0; i<sizeof(azSql)/sizeof(azSql[0]); i++){
+    if( eVerbosity>=1 ){
+      printf("%s\n", azSql[i]);
+      fflush(stdout);
+    }
     sqlite3_exec(db, azSql[i], 0, 0, 0);
   }
   sqlite3_close(db);
+  if( sqlite3_memory_used()!=0 ){
+    fprintf(stderr,"Memory leak: %lld bytes\n", sqlite3_memory_used());
+    exit(1);
+  }
+  return 0;
+}
+
+/* libFuzzer invokes this routine once when the executable starts, to
+** process the command-line arguments.
+*/
+int LLVMFuzzerInitialize(int *pArgc, char ***pArgv){
+  int i, j;
+  int argc = *pArgc;
+  char **newArgv;
+  char **argv = *pArgv;
+  newArgv = malloc( sizeof(char*)*(argc+1) );
+  if( newArgv==0 ) return 0;
+  newArgv[0] = argv[0];
+  for(i=j=1; i<argc; i++){
+    char *z = argv[i];
+    if( z[0]=='-' ){
+      z++;
+      if( z[0]=='-' ) z++;
+      if( strcmp(z,"v")==0 ){
+        eVerbosity++;
+        continue;
+      }
+    }
+    newArgv[j++] = argv[i];
+  }
+  newArgv[j] = 0;
+  *pArgv = newArgv;
+  *pArgc = j;
   return 0;
 }