Enable query invariant checking in fuzzcheck by default. There is no way

to turn it off. Update the invariant checking logic to be consistant with dbsqlfuzz. FossilOrigin-Name: 66ca729bbbf37cb7ff8eb12f51429e0c0833bd5d3f0ef20a1eaeeb10820713c2
2025-12-24 14:17:58 +03:00 · 2022-06-18 20:20:30 +00:00
parent d0d21f5565
commit 13736999d9
4 changed files with 51 additions and 25 deletions
--- a/14
+++ b/14
@@ -1,5 +1,5 @@
-C Abandon\sa\squery-invariant\scheck\sin\sfuzzcheck\sif\sthe\scall\sto\nsqlite3_bind_value()\sreturns\sanything\sother\sthan\sSQLITE_OK\sor\sSQLITE_RANGE.
-D 2022-06-18T14:50:43.710
+C Enable\squery\sinvariant\schecking\sin\sfuzzcheck\sby\sdefault.\s\sThere\sis\sno\sway\nto\sturn\sit\soff.\s\sUpdate\sthe\sinvariant\schecking\slogic\sto\sbe\sconsistant\swith\ndbsqlfuzz.
+D 2022-06-18T20:20:30.693
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -1085,7 +1085,7 @@ F test/fuzz3.test 9c813e6613b837cb7a277b0383cd66bfa07042b4cf0317157c35852f30043c
 F test/fuzz4.test c229bcdb45518a89e1d208a21343e061503460ac69fae1539320a89f572eb634
 F test/fuzz_common.tcl b7197de6ed1ee8250a4f82d67876f4561b42ee8cbbfc6160dcb66331bad3f830
 F test/fuzz_malloc.test f348276e732e814802e39f042b1f6da6362a610af73a528d8f76898fde6b22f2
-F test/fuzzcheck.c 618511e19af06d8d7200a84fc5075837b3d46b000ce1f332f0639c7079761bf8
+F test/fuzzcheck.c 7b501d55631c2d759e0bed02ed329904a35690fc6563d7b6cc69b7788a024f26
 F test/fuzzdata1.db 3e86d9cf5aea68ddb8e27c02d7dfdaa226347426c7eb814918e4d95475bf8517
 F test/fuzzdata2.db 128b3feeb78918d075c9b14b48610145a0dd4c8d6f1ca7c2870c7e425f5bf31f
 F test/fuzzdata3.db c6586d3e3cef0fbc18108f9bb649aa77bfc38aba
@@ -1097,7 +1097,7 @@ F test/fuzzdata8.db ca9a97f401b06b0d5376139ec7e1f9e773e13345a9a2d9ccc0032cdbfede
 F test/fuzzer1.test 3d4c4b7e547aba5e5511a2991e3e3d07166cfbb8
 F test/fuzzer2.test a85ef814ce071293bce1ad8dffa217cbbaad4c14
 F test/fuzzerfault.test f64c4aef4c9e9edf1d6dc0d3f1e65dcc81e67c996403c88d14f09b74807a42bc
-F test/fuzzinvariants.c d02dbf42821ffee6edf0b202e015ae6c25442cb23a58dbf8abb5db227008b934
+F test/fuzzinvariants.c 2b939b78736f2cb340f43e7d2ecbdff48de56bfb2ba7fe0b7e28f5c03ee62daf
 F test/gcfault.test dd28c228a38976d6336a3fc42d7e5f1ad060cb8c
 F test/gencol1.test cc0dbb0ee116e5602e18ea7d47f2a0f76b26e09a823b7c36ef254370c2b0f3c1
 F test/genesis.tcl 1e2e2e8e5cc4058549a154ff1892fe5c9de19f98
@@ -1978,8 +1978,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P eabbee4a51bc1a865bddee890004ff3a1c9cc6b797b21f73e908642e154cef50
-R a250da4d7eb0fc648ee3fc57e9bf8333
+P d31e1cd2ab44c7cce20b8990dff17719c286dd2fb46ba6d4f581a9553cf31891
+R 5b4a10214807c18490f78f54aeff8595
 U drh
-Z c0f3947dc13c9e02ac56849fd48ded9e
+Z d6244a9a07066e08a48f8f82e9118858
 # Remove this line to create a well-formed Fossil manifest.
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-d31e1cd2ab44c7cce20b8990dff17719c286dd2fb46ba6d4f581a9553cf31891
+66ca729bbbf37cb7ff8eb12f51429e0c0833bd5d3f0ef20a1eaeeb10820713c2
--- a/test/fuzzcheck.c
+++ b/test/fuzzcheck.c
@@ -153,7 +153,6 @@ static struct GlobalVars {
  int nSql;                        /* Number of SQL scripts */
  Blob *pFirstSql;                 /* First SQL script */
  unsigned int uRandom;            /* Seed for the SQLite PRNG */
-  unsigned char doInvariantChecks; /* True to run query invariant checks */
  unsigned int nInvariant;         /* Number of invariant checks run */
  char zTestName[100];             /* Name of current test */
 } g;
@@ -838,6 +837,7 @@ static int progress_handler(void *pClientData) {
 #define BTS_SELECT      0x000001
 #define BTS_NONSELECT   0x000002
 #define BTS_BADFUNC     0x000004
+#define BTS_BADPRAGMA   0x000008  /* Sticky for rest of the script */

 /*
 ** Disallow debugging pragmas such as "PRAGMA vdbe_debug" and
@@ -854,7 +854,8 @@ static int block_troublesome_sql(
  const char *zArg3,
  const char *zArg4
 ){
-  unsigned int *pFlags = (unsigned int*)pClientData;
+  unsigned int *pBtsFlags = (unsigned int*)pClientData;
+
  (void)zArg3;
  (void)zArg4;
  switch( eCode ){
@@ -863,24 +864,31 @@ static int block_troublesome_sql(
       && (zArg2==0 || strtoll(zArg2,0,0)>100 || strtoll(zArg2,0,10)>100)
      ){
        return SQLITE_DENY;
+      }else if( sqlite3_stricmp("hard_heap_limit", zArg1)==0
+              || sqlite3_stricmp("reverse_unordered_selects", zArg1)==0
+      ){
+        /* BTS_BADPRAGMA is sticky.  A hard_heap_limit or
+        ** revert_unordered_selects should inhibit all future attempts
+        ** at verifying query invariants */
+        *pBtsFlags |= BTS_BADPRAGMA;
      }else if( eVerbosity==0 ){
        if( sqlite3_strnicmp("vdbe_", zArg1, 5)==0
         || sqlite3_stricmp("parser_trace", zArg1)==0
         || sqlite3_stricmp("temp_store_directory", zArg1)==0
        ){
         return SQLITE_DENY;
-       }
+        }
      }else if( sqlite3_stricmp("oom",zArg1)==0
              && zArg2!=0 && zArg2[0]!=0 ){
        oomCounter = atoi(zArg2);
      }
-      *pFlags |= BTS_NONSELECT;
+      *pBtsFlags |= BTS_NONSELECT;
      break;
    }
    case SQLITE_ATTACH: {
      /* Deny the ATTACH if it is attaching anything other than an in-memory
      ** database. */
-      *pFlags |= BTS_NONSELECT;
+      *pBtsFlags |= BTS_NONSELECT;
      if( zArg1==0 ) return SQLITE_DENY;
      if( strcmp(zArg1,":memory:")==0 ) return SQLITE_OK;
      if( sqlite3_strglob("file:*[?]vfs=memdb", zArg1)==0
@@ -891,23 +899,45 @@ static int block_troublesome_sql(
      return SQLITE_DENY;
    }
    case SQLITE_SELECT: {
-      *pFlags |= BTS_SELECT;
+      *pBtsFlags |= BTS_SELECT;
      break;
    }
    case SQLITE_FUNCTION: {
      static const char *azBadFuncs[] = {
+        "avg",
+        "count",
+        "cume_dist",
        "current_date",
        "current_time",
        "current_timestamp",
        "date",
        "datetime",
+        "decimal_sum",
+        "dense_rank",
+        "first_value",
+        "geopoly_group_bbox",
+        "group_concat",
        "implies_nonnull_row",
+        "json_group_array",
+        "json_group_object",
        "julianday",
+        "lag",
+        "last_value",
+        "lead",
+        "max",
+        "min",
+        "nth_value",
+        "ntile",
+        "percent_rank",
        "random",
        "randomblob",
+        "rank",
+        "row_number",
        "sqlite_offset",
        "strftime",
+        "sum",
        "time",
+        "total",
        "unixepoch",
      };
      int first, last;
@@ -921,7 +951,7 @@ static int block_troublesome_sql(
        }else if( c>0 ){
          last = mid-1;
        }else{
-          *pFlags |= BTS_BADFUNC;
+          *pBtsFlags |= BTS_BADFUNC;
          break;
        }
      }while( first<=last );
@@ -932,7 +962,7 @@ static int block_troublesome_sql(
      break;
    }
    default: {
-      *pFlags |= BTS_NONSELECT;
+      *pBtsFlags |= BTS_NONSELECT;
    }
  }
  return SQLITE_OK;
@@ -962,7 +992,7 @@ static int runDbSql(sqlite3 *db, const char *zSql, unsigned int *pBtsFlags){
    printf("RUNNING-SQL: [%s]\n", zSql);
    fflush(stdout);
  }
-  (*pBtsFlags) = 0;
+  (*pBtsFlags) &= ~BTS_BADPRAGMA;
  rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, 0);
  if( rc==SQLITE_OK ){
    int nRow = 0;
@@ -1018,7 +1048,6 @@ static int runDbSql(sqlite3 *db, const char *zSql, unsigned int *pBtsFlags){
    } /* End while( SQLITE_ROW */
    if( rc==SQLITE_DONE ){
      if( (*pBtsFlags)==BTS_SELECT
-       && g.doInvariantChecks
       && !sqlite3_stmt_isexplain(pStmt)
       && nRow>0
      ){
@@ -1674,7 +1703,6 @@ static void showHelp(void){
 "  --oss-fuzz           Enable OSS-FUZZ testing\n"
 "  --prng-seed N        Seed value for the PRGN inside of SQLite\n"
 "  -q|--quiet           Reduced output\n"
-"  --query-invariants   Run query invariant checks\n"
 "  --rebuild            Rebuild and vacuum the database file\n"
 "  --result-trace       Show the results of each SQL command\n"
 "  --script             Output CLI script instead of running tests\n"
@@ -1835,9 +1863,6 @@ int main(int argc, char **argv){
        verboseFlag = 0;
        eVerbosity = 0;
      }else
-      if( strcmp(z,"query-invariants")==0 ){
-        g.doInvariantChecks = 1;
-      }else
      if( strcmp(z,"rebuild")==0 ){
        rebuildFlag = 1;
        openFlags4Data = SQLITE_OPEN_READWRITE;
--- a/test/fuzzinvariants.c
+++ b/test/fuzzinvariants.c
@@ -109,7 +109,7 @@ int fuzz_invariant(
    }
    if( i>=nCol ) break;
  }
-  if( rc!=SQLITE_ROW && rc!=SQLITE_NOMEM ){
+  if( rc==SQLITE_DONE ){
    /* No matching output row found */
    sqlite3_stmt *pCk = 0;
    rc = sqlite3_prepare_v2(db, "PRAGMA integrity_check", -1, &pCk, 0);
@@ -183,8 +183,9 @@ static char *fuzz_invariant_sql(sqlite3_stmt *pStmt, int iCnt){
  while( nIn>0 && (isspace(zIn[nIn-1]) || zIn[nIn-1]==';') ) nIn--;
  if( strchr(zIn, '?') ) return 0;
  pTest = sqlite3_str_new(0);
-  sqlite3_str_appendf(pTest, "SELECT %s* FROM (%.*s)",
-                      bDistinct ? "DISTINCT " : "", (int)nIn, zIn);
+  sqlite3_str_appendf(pTest, "SELECT %s* FROM (%s",
+                      bDistinct ? "DISTINCT " : "", zIn);
+  sqlite3_str_appendf(pTest, ")");
  rc = sqlite3_prepare_v2(db, sqlite3_str_value(pTest), -1, &pBase, 0);
  if( rc ){
    sqlite3_finalize(pBase);