Mercurial Mercurial > oss > MCL > sf > os > persistentdata / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
persistentstorage/sqlite3api/TEST/TclScript/fuzz.test
changeset 0 08ec8eefde2f 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/persistentstorage/sqlite3api/TEST/TclScript/fuzz.test	Fri Jan 22 11:06:30 2010 +0200
@@ -0,0 +1,251 @@
+# 2007 May 10
+#
+# The author disclaims copyright to this source code.  In place of
+# a legal notice, here is a blessing:
+#
+#    May you do good and not evil.
+#    May you find forgiveness for yourself and forgive others.
+#    May you share freely, never taking more than you give.
+#
+#***********************************************************************
+# This file implements regression tests for SQLite library.  The
+# focus of this file is generating semi-random strings of SQL
+# (a.k.a. "fuzz") and sending it into the parser to try to 
+# generate errors.
+#
+# The tests in this file are really about testing fuzzily generated
+# SQL parse-trees. The majority of the fuzzily generated SQL is 
+# valid as far as the parser is concerned. 
+#
+# The most complicated trees are for SELECT statements.
+#
+# $Id: fuzz.test,v 1.14 2007/05/30 10:36:47 danielk1977 Exp $
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+
+set ::REPEATS 5000
+
+# If running quick.test, don't do so many iterations.
+if {[info exists ::ISQUICK]} {
+  if {$::ISQUICK} { set ::REPEATS 20 }
+}
+
+source $testdir/fuzz_common.tcl
+
+#----------------------------------------------------------------
+# These tests caused errors that were first caught by the tests
+# in this file. They are still here.
+do_test fuzz-1.1 {
+  execsql {
+    SELECT 'abc' LIKE X'ABCD';
+  }
+} {0}
+do_test fuzz-1.2 {
+  execsql {
+    SELECT 'abc' LIKE zeroblob(10);
+  }
+} {0}
+do_test fuzz-1.3 {
+  execsql {
+    SELECT zeroblob(10) LIKE 'abc';
+  }
+} {0}
+do_test fuzz-1.4 {
+  execsql {
+    SELECT (- -21) % NOT (456 LIKE zeroblob(10));
+  }
+} {0}
+do_test fuzz-1.5 {
+  execsql {
+    SELECT (SELECT (
+        SELECT (SELECT -2147483648) FROM (SELECT 1) ORDER BY 1
+    ))
+  }
+} {-2147483648}
+do_test fuzz-1.6 {
+  execsql {
+    SELECT 'abc', zeroblob(1) FROM (SELECT 1) ORDER BY 1
+  }
+} [execsql {SELECT 'abc', zeroblob(1)}]
+
+do_test fuzz-1.7 {
+  execsql {
+    SELECT ( SELECT zeroblob(1000) FROM ( 
+      SELECT * FROM (SELECT 'first') ORDER BY NOT 'in') 
+    )
+  }
+} [execsql {SELECT zeroblob(1000)}]
+
+do_test fuzz-1.8 {
+  # Problems with opcode OP_ToText (did not account for MEM_Zero).
+  # Also MemExpandBlob() was marking expanded blobs as nul-terminated.
+  # They are not.
+  execsql {
+    SELECT CAST(zeroblob(1000) AS text);
+  }
+} {{}}
+
+do_test fuzz-1.9 {
+  # This was causing a NULL pointer dereference of Expr.pList.
+  execsql {
+    SELECT 1 FROM (SELECT * FROM sqlite_master WHERE random())
+  }
+} {}
+
+do_test fuzz-1.10 {
+  # Bug in calculation of Parse.ckOffset causing an assert() 
+  # to fail. Probably harmless.
+  execsql {
+    SELECT coalesce(1, substr( 1, 2, length('in' IN (SELECT 1))))
+  }
+} {1}
+
+do_test fuzz-1.11 {
+  # The literals (A, B, C, D) are not important, they are just used
+  # to make the EXPLAIN output easier to read.
+  #
+  # The problem here is that the EXISTS(...) expression leaves an
+  # extra value on the VDBE stack. This is confusing the parent and
+  # leads to an assert() failure when OP_Insert encounters an integer
+  # when it expects a record blob.
+  #
+  # Update: Any query with (LIMIT 0) was leaking stack.
+  #
+  execsql {
+    SELECT 'A' FROM (SELECT 'B') ORDER BY EXISTS (
+      SELECT 'C' FROM (SELECT 'D' LIMIT 0)
+    )
+  }
+} {A}
+
+do_test fuzz-1.12.1 {
+  # Create a table with a single row.
+  execsql {
+    CREATE TABLE abc(b);
+    INSERT INTO abc VALUES('ABCDE');
+  }
+
+  # The following query was crashing. The later subquery (in the FROM)
+  # clause was flattened into the parent, but the code was not repairng
+  # the "b" reference in the other sub-query. When the query was executed,
+  # that "b" refered to a non-existant vdbe table-cursor.
+  #
+  execsql {
+    SELECT 1 IN ( SELECT b UNION SELECT 1 ) FROM (SELECT b FROM abc);
+  }
+} {1}
+do_test fuzz-1.12.2 {
+  # Clean up after the previous query.
+  execsql {
+    DROP TABLE abc;
+  }
+} {}
+
+
+do_test fuzz-1.13 {
+  # The problem here was that when there were more expressions in
+  # the ORDER BY list than the result-set list. The temporary b-tree
+  # used for sorting was being misconfigured in this case.
+  #
+  execsql {
+    SELECT 'abcd' UNION SELECT 'efgh' ORDER BY 1 ASC, 1 ASC;
+  }
+} {abcd efgh}
+
+do_test fuzz-1.14.1 {
+  execsql {
+    CREATE TABLE abc(a, b, c);
+    INSERT INTO abc VALUES(123, 456, 789);
+  }
+ 
+  # The [a] reference in the sub-select was causing a problem. Because
+  # the internal walkSelectExpr() function was not considering compound
+  # SELECT operators.
+  execsql {
+    SELECT 1 FROM abc
+    GROUP BY c HAVING EXISTS (SELECT a UNION SELECT 123);
+  }
+} {1}
+do_test fuzz-1.14.2 {
+  execsql {
+    DROP TABLE abc;
+  }
+} {}
+
+#----------------------------------------------------------------
+# Test some fuzzily generated expressions.
+#
+do_fuzzy_test fuzz-2 -template  { SELECT [Expr] }
+
+do_test fuzz-3.1 {
+  execsql {
+    CREATE TABLE abc(a, b, c);
+    CREATE TABLE def(a, b, c);
+    CREATE TABLE ghi(a, b, c);
+  }
+} {}
+set ::TableList  [list abc def ghi]
+
+#----------------------------------------------------------------
+# Test some fuzzily generated SELECT statements.
+#
+do_fuzzy_test fuzz-3.2 -template  {[Select]}
+
+#----------------------------------------------------------------
+# Insert a small amount of data into the database and then run 
+# some more generated SELECT statements.
+#
+do_test fuzz-4.1 {
+  execsql {
+    INSERT INTO abc VALUES(1, 2, 3);
+    INSERT INTO abc VALUES(4, 5, 6);
+    INSERT INTO abc VALUES(7, 8, 9);
+    INSERT INTO def VALUES(1, 2, 3);
+    INSERT INTO def VALUES(4, 5, 6);
+    INSERT INTO def VALUES(7, 8, 9);
+    INSERT INTO ghi VALUES(1, 2, 3);
+    INSERT INTO ghi VALUES(4, 5, 6);
+    INSERT INTO ghi VALUES(7, 8, 9);
+    CREATE INDEX abc_i ON abc(a, b, c);
+    CREATE INDEX def_i ON def(c, a, b);
+    CREATE INDEX ghi_i ON ghi(b, c, a);
+  }
+} {}
+do_fuzzy_test fuzz-4.2 -template {[Select]}
+
+#----------------------------------------------------------------
+# Test some fuzzy INSERT statements:
+#
+do_test         fuzz-5.1 {execsql BEGIN} {}
+do_fuzzy_test   fuzz-5.2 -template  {[Insert]} -errorlist table
+integrity_check fuzz-5.2.integrity
+do_test         fuzz-5.3 {execsql COMMIT} {}
+integrity_check fuzz-5.4.integrity
+
+#----------------------------------------------------------------
+# Now that there is data in the database, run some more SELECT 
+# statements
+#
+set ::ColumnList [list a b c]
+set E {{no such col} {ambiguous column name}}
+do_fuzzy_test fuzz-6.1 -template {[Select]} -errorlist $E
+
+#----------------------------------------------------------------
+# Run some SELECTs, INSERTs, UPDATEs and DELETEs in a transaction.
+#
+set E {{no such col} {ambiguous column name} {table}}
+do_test         fuzz-7.1 {execsql BEGIN} {}
+do_fuzzy_test   fuzz-7.2 -template {[Statement]} -errorlist $E
+integrity_check fuzz-7.3.integrity
+do_test         fuzz-7.4 {execsql COMMIT} {}
+integrity_check fuzz-7.5.integrity
+
+#----------------------------------------------------------------
+# Many CREATE and DROP TABLE statements:
+#
+set E [list table duplicate {no such col} {ambiguous column name} {use DROP}]
+do_fuzzy_test fuzz-8.1 -template {[CreateOrDropTableOrView]} -errorlist $E
+
+close $::log
+finish_test
MCL/sf/os/persistentdata