sqlcipher/test/shared_err.test

523 lines
15 KiB
Plaintext

# 2005 December 30
#
# The author disclaims copyright to this source code. In place of
# a legal notice, here is a blessing:
#
# May you do good and not evil.
# May you find forgiveness for yourself and forgive others.
# May you share freely, never taking more than you give.
#
#***********************************************************************
#
# The focus of the tests in this file are IO errors that occur in a shared
# cache context. What happens to connection B if one connection A encounters
# an IO-error whilst reading or writing the file-system?
#
# $Id: shared_err.test,v 1.24 2008/10/12 00:27:54 shane Exp $
proc skip {args} {}
set testdir [file dirname $argv0]
source $testdir/tester.tcl
source $testdir/malloc_common.tcl
db close
ifcapable !shared_cache||!subquery {
finish_test
return
}
set ::enable_shared_cache [sqlite3_enable_shared_cache 1]
do_ioerr_test shared_ioerr-1 -tclprep {
sqlite3 db2 test.db
execsql {
PRAGMA read_uncommitted = 1;
CREATE TABLE t1(a,b,c);
BEGIN;
SELECT * FROM sqlite_master;
} db2
} -sqlbody {
SELECT * FROM sqlite_master;
INSERT INTO t1 VALUES(1,2,3);
BEGIN TRANSACTION;
INSERT INTO t1 VALUES(1,2,3);
INSERT INTO t1 VALUES(4,5,6);
ROLLBACK;
SELECT * FROM t1;
BEGIN TRANSACTION;
INSERT INTO t1 VALUES(1,2,3);
INSERT INTO t1 VALUES(4,5,6);
COMMIT;
SELECT * FROM t1;
DELETE FROM t1 WHERE a<100;
} -cleanup {
do_test shared_ioerr-1.$n.cleanup.1 {
set res [catchsql {
SELECT * FROM t1;
} db2]
set possible_results [list \
"1 {disk I/O error}" \
"0 {1 2 3}" \
"0 {1 2 3 1 2 3 4 5 6}" \
"0 {1 2 3 1 2 3 4 5 6 1 2 3 4 5 6}" \
"0 {}" \
"1 {database disk image is malformed}" \
]
set rc [expr [lsearch -exact $possible_results $res] >= 0]
if {$rc != 1} {
puts ""
puts "Result: $res"
}
set rc
} {1}
# The "database disk image is malformed" is a special case that can
# occur if an IO error occurs during a rollback in the {SELECT * FROM t1}
# statement above. This test is to make sure there is no real database
# corruption.
db2 close
do_test shared_ioerr-1.$n.cleanup.2 {
execsql {pragma integrity_check} db
} {ok}
}
do_ioerr_test shared_ioerr-2 -tclprep {
sqlite3 db2 test.db
execsql {
PRAGMA read_uncommitted = 1;
BEGIN;
CREATE TABLE t1(a, b);
INSERT INTO t1(oid) VALUES(NULL);
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
INSERT INTO t1(oid) SELECT NULL FROM t1;
UPDATE t1 set a = oid, b = 'abcdefghijklmnopqrstuvwxyz0123456789';
CREATE INDEX i1 ON t1(a);
COMMIT;
BEGIN;
SELECT * FROM sqlite_master;
} db2
} -tclbody {
set ::residx 0
execsql {DELETE FROM t1 WHERE 0 = (a % 2);}
incr ::residx
# When this transaction begins the table contains 512 entries. The
# two statements together add 512+146 more if it succeeds.
# (1024/7==146)
execsql {BEGIN;}
execsql {INSERT INTO t1 SELECT a+1, b FROM t1;}
execsql {INSERT INTO t1 SELECT 'string' || a, b FROM t1 WHERE 0 = (a%7);}
execsql {COMMIT;}
incr ::residx
} -cleanup {
catchsql ROLLBACK
do_test shared_ioerr-2.$n.cleanup.1 {
set res [catchsql {
SELECT max(a), min(a), count(*) FROM (SELECT a FROM t1 order by a);
} db2]
set possible_results [list \
{0 {1024 1 1024}} \
{0 {1023 1 512}} \
{0 {string994 1 1170}} \
]
set idx [lsearch -exact $possible_results $res]
set success [expr {$idx==$::residx || $res=="1 {disk I/O error}"}]
if {!$success} {
puts ""
puts "Result: \"$res\" ($::residx)"
}
set success
} {1}
db2 close
}
# This test is designed to provoke an IO error when a cursor position is
# "saved" (because another cursor is going to modify the underlying table).
#
do_ioerr_test shared_ioerr-3 -tclprep {
sqlite3 db2 test.db
execsql {
PRAGMA read_uncommitted = 1;
PRAGMA cache_size = 10;
BEGIN;
CREATE TABLE t1(a, b, UNIQUE(a, b));
} db2
for {set i 0} {$i < 200} {incr i} {
set a [string range [string repeat "[format %03d $i]." 5] 0 end-1]
set b [string repeat $i 2000]
execsql {INSERT INTO t1 VALUES($a, $b)} db2
}
execsql {COMMIT} db2
set ::DB2 [sqlite3_connection_pointer db2]
set ::STMT [sqlite3_prepare $::DB2 "SELECT a FROM t1 ORDER BY a" -1 DUMMY]
sqlite3_step $::STMT ;# Cursor points at 000.000.000.000
sqlite3_step $::STMT ;# Cursor points at 001.001.001.001
} -tclbody {
execsql {
BEGIN;
INSERT INTO t1 VALUES('201.201.201.201.201', NULL);
UPDATE t1 SET a = '202.202.202.202.202' WHERE a LIKE '201%';
COMMIT;
}
} -cleanup {
set ::steprc [sqlite3_step $::STMT]
set ::column [sqlite3_column_text $::STMT 0]
set ::finalrc [sqlite3_finalize $::STMT]
# There are three possible outcomes here (assuming persistent IO errors):
#
# 1. If the [sqlite3_step] did not require any IO (required pages in
# the cache), then the next row ("002...") may be retrieved
# successfully.
#
# 2. If the [sqlite3_step] does require IO, then [sqlite3_step] returns
# SQLITE_ERROR and [sqlite3_finalize] returns IOERR.
#
# 3. If, after the initial IO error, SQLite tried to rollback the
# active transaction and a second IO error was encountered, then
# statement $::STMT will have been aborted. This means [sqlite3_stmt]
# returns SQLITE_ABORT, and the statement cursor does not move. i.e.
# [sqlite3_column] still returns the current row ("001...") and
# [sqlite3_finalize] returns SQLITE_OK.
#
do_test shared_ioerr-3.$n.cleanup.1 {
expr {
$::steprc eq "SQLITE_ROW" ||
$::steprc eq "SQLITE_ERROR" ||
$::steprc eq "SQLITE_ABORT"
}
} {1}
do_test shared_ioerr-3.$n.cleanup.2 {
expr {
($::steprc eq "SQLITE_ROW" && $::column eq "002.002.002.002.002") ||
($::steprc eq "SQLITE_ERROR" && $::column eq "") ||
($::steprc eq "SQLITE_ABORT" && $::column eq "001.001.001.001.001")
}
} {1}
do_test shared_ioerr-3.$n.cleanup.3 {
expr {
($::steprc eq "SQLITE_ROW" && $::finalrc eq "SQLITE_OK") ||
($::steprc eq "SQLITE_ERROR" && $::finalrc eq "SQLITE_IOERR") ||
($::steprc eq "SQLITE_ERROR" && $::finalrc eq "SQLITE_ABORT")
}
} {1}
# db2 eval {select * from sqlite_master}
db2 close
}
# This is a repeat of the previous test except that this time we
# are doing a reverse-order scan of the table when the cursor is
# "saved".
#
do_ioerr_test shared_ioerr-3rev -tclprep {
sqlite3 db2 test.db
execsql {
PRAGMA read_uncommitted = 1;
PRAGMA cache_size = 10;
BEGIN;
CREATE TABLE t1(a, b, UNIQUE(a, b));
} db2
for {set i 0} {$i < 200} {incr i} {
set a [string range [string repeat "[format %03d $i]." 5] 0 end-1]
set b [string repeat $i 2000]
execsql {INSERT INTO t1 VALUES($a, $b)} db2
}
execsql {COMMIT} db2
set ::DB2 [sqlite3_connection_pointer db2]
set ::STMT [sqlite3_prepare $::DB2 \
"SELECT a FROM t1 ORDER BY a DESC" -1 DUMMY]
sqlite3_step $::STMT ;# Cursor points at 199.199.199.199.199
sqlite3_step $::STMT ;# Cursor points at 198.198.198.198.198
} -tclbody {
execsql {
BEGIN;
INSERT INTO t1 VALUES('201.201.201.201.201', NULL);
UPDATE t1 SET a = '202.202.202.202.202' WHERE a LIKE '201%';
COMMIT;
}
} -cleanup {
set ::steprc [sqlite3_step $::STMT]
set ::column [sqlite3_column_text $::STMT 0]
set ::finalrc [sqlite3_finalize $::STMT]
# There are three possible outcomes here (assuming persistent IO errors):
#
# 1. If the [sqlite3_step] did not require any IO (required pages in
# the cache), then the next row ("002...") may be retrieved
# successfully.
#
# 2. If the [sqlite3_step] does require IO, then [sqlite3_step] returns
# SQLITE_ERROR and [sqlite3_finalize] returns IOERR.
#
# 3. If, after the initial IO error, SQLite tried to rollback the
# active transaction and a second IO error was encountered, then
# statement $::STMT will have been aborted. This means [sqlite3_stmt]
# returns SQLITE_ABORT, and the statement cursor does not move. i.e.
# [sqlite3_column] still returns the current row ("001...") and
# [sqlite3_finalize] returns SQLITE_OK.
#
do_test shared_ioerr-3rev.$n.cleanup.1 {
expr {
$::steprc eq "SQLITE_ROW" ||
$::steprc eq "SQLITE_ERROR" ||
$::steprc eq "SQLITE_ABORT"
}
} {1}
do_test shared_ioerr-3rev.$n.cleanup.2 {
expr {
($::steprc eq "SQLITE_ROW" && $::column eq "197.197.197.197.197") ||
($::steprc eq "SQLITE_ERROR" && $::column eq "") ||
($::steprc eq "SQLITE_ABORT" && $::column eq "198.198.198.198.198")
}
} {1}
do_test shared_ioerr-3rev.$n.cleanup.3 {
expr {
($::steprc eq "SQLITE_ROW" && $::finalrc eq "SQLITE_OK") ||
($::steprc eq "SQLITE_ERROR" && $::finalrc eq "SQLITE_IOERR") ||
($::steprc eq "SQLITE_ERROR" && $::finalrc eq "SQLITE_ABORT")
}
} {1}
# db2 eval {select * from sqlite_master}
db2 close
}
# Provoke a malloc() failure when a cursor position is being saved. This
# only happens with index cursors (because they malloc() space to save the
# current key value). It does not happen with tables, because an integer
# key does not require a malloc() to store.
#
# The library should return an SQLITE_NOMEM to the caller. The query that
# owns the cursor (the one for which the position is not saved) should
# continue unaffected.
#
do_malloc_test shared_err-4 -tclprep {
sqlite3 db2 test.db
execsql {
PRAGMA read_uncommitted = 1;
BEGIN;
CREATE TABLE t1(a, b, UNIQUE(a, b));
} db2
for {set i 0} {$i < 5} {incr i} {
set a [string repeat $i 10]
set b [string repeat $i 2000]
execsql {INSERT INTO t1 VALUES($a, $b)} db2
}
execsql {COMMIT} db2
set ::DB2 [sqlite3_connection_pointer db2]
set ::STMT [sqlite3_prepare $::DB2 "SELECT a FROM t1 ORDER BY a" -1 DUMMY]
sqlite3_step $::STMT ;# Cursor points at 0000000000
sqlite3_step $::STMT ;# Cursor points at 1111111111
} -tclbody {
execsql {
INSERT INTO t1 VALUES(6, NULL);
}
} -cleanup {
do_test shared_malloc-4.$::n.cleanup.1 {
set ::rc [sqlite3_step $::STMT]
expr {$::rc=="SQLITE_ROW" || $::rc=="SQLITE_ERROR"}
} {1}
if {$::rc=="SQLITE_ROW"} {
do_test shared_malloc-4.$::n.cleanup.2 {
sqlite3_column_text $::STMT 0
} {2222222222}
}
do_test shared_malloc-4.$::n.cleanup.3 {
set rc [sqlite3_finalize $::STMT]
expr {$rc=="SQLITE_OK" || $rc=="SQLITE_ABORT" ||
$rc=="SQLITE_NOMEM" || $rc=="SQLITE_IOERR"}
} {1}
# db2 eval {select * from sqlite_master}
db2 close
}
do_malloc_test shared_err-5 -tclbody {
db close
sqlite3 dbX test.db
sqlite3 dbY test.db
dbX close
dbY close
} -cleanup {
catch {dbX close}
catch {dbY close}
}
do_malloc_test shared_err-6 -tclbody {
catch {db close}
ifcapable deprecated {
sqlite3_thread_cleanup
}
sqlite3_enable_shared_cache 0
} -cleanup {
sqlite3_enable_shared_cache 1
}
# As of 3.5.0, sqlite3_enable_shared_cache can be called at
# any time and from any thread
#do_test shared_err-misuse-7.1 {
# sqlite3 db test.db
# catch {
# sqlite3_enable_shared_cache 0
# } msg
# set msg
#} {library routine called out of sequence}
# Again provoke a malloc() failure when a cursor position is being saved,
# this time during a ROLLBACK operation by some other handle.
#
# The library should return an SQLITE_NOMEM to the caller. The query that
# owns the cursor (the one for which the position is not saved) should
# be aborted.
#
set ::aborted 0
do_malloc_test shared_err-8 -tclprep {
sqlite3 db2 test.db
execsql {
PRAGMA read_uncommitted = 1;
BEGIN;
CREATE TABLE t1(a, b, UNIQUE(a, b));
} db2
for {set i 0} {$i < 2} {incr i} {
set a [string repeat $i 10]
set b [string repeat $i 2000]
execsql {INSERT INTO t1 VALUES($a, $b)} db2
}
execsql {COMMIT} db2
execsql BEGIN
execsql ROLLBACK
set ::DB2 [sqlite3_connection_pointer db2]
set ::STMT [sqlite3_prepare $::DB2 "SELECT a FROM t1 ORDER BY a" -1 DUMMY]
sqlite3_step $::STMT ;# Cursor points at 0000000000
sqlite3_step $::STMT ;# Cursor points at 1111111111
} -tclbody {
execsql {
BEGIN;
INSERT INTO t1 VALUES(6, NULL);
ROLLBACK}
} -cleanup {
# UPDATE: As of [5668], if the rollback fails SQLITE_CORRUPT is returned.
# So these tests have been updated to expect SQLITE_CORRUPT and its
# associated English language error message.
#
do_test shared_malloc-8.$::n.cleanup.1 {
set res [catchsql {SELECT a FROM t1} db2]
set ans [lindex $res 1]
if {[lindex $res 0]} {
set r [expr {
$ans=="disk I/O error" ||
$ans=="out of memory" ||
$ans=="database disk image is malformed"
}]
} else {
set r [expr {[lrange $ans 0 1]=="0000000000 1111111111"}]
}
} {1}
do_test shared_malloc-8.$::n.cleanup.2 {
set rc1 [sqlite3_step $::STMT]
set rc2 [sqlite3_finalize $::STMT]
if {$rc2=="SQLITE_ABORT"} {
incr ::aborted
}
expr {
($rc1=="SQLITE_DONE" && $rc2=="SQLITE_OK") ||
($rc1=="SQLITE_ERROR" && $rc2=="SQLITE_ABORT") ||
($rc1=="SQLITE_ERROR" && $rc2=="SQLITE_NOMEM") ||
($rc1=="SQLITE_ERROR" && $rc2=="SQLITE_IOERR") ||
($rc1=="SQLITE_ERROR" && $rc2=="SQLITE_CORRUPT")
}
} {1}
db2 close
}
do_test shared_malloc-8.X {
# Test that one or more queries were aborted due to the malloc() failure.
expr $::aborted>=1
} {1}
# This test is designed to catch a specific bug that was present during
# development of 3.5.0. If a malloc() failed while setting the page-size,
# a buffer (Pager.pTmpSpace) was being freed. This could cause a seg-fault
# later if another connection tried to use the pager.
#
# This test will crash 3.4.2.
#
do_malloc_test shared_err-9 -tclprep {
sqlite3 db2 test.db
} -sqlbody {
PRAGMA page_size = 4096;
PRAGMA page_size = 1024;
} -cleanup {
db2 eval {
CREATE TABLE abc(a, b, c);
BEGIN;
INSERT INTO abc VALUES(1, 2, 3);
ROLLBACK;
}
db2 close
}
catch {db close}
catch {db2 close}
do_malloc_test shared_err-10 -tclprep {
sqlite3 db test.db
sqlite3 db2 test.db
db eval { SELECT * FROM sqlite_master }
db2 eval {
BEGIN;
CREATE TABLE abc(a, b, c);
}
} -tclbody {
catch {db eval {SELECT * FROM sqlite_master}}
error 1
} -cleanup {
execsql { SELECT * FROM sqlite_master }
}
do_malloc_test shared_err-11 -tclprep {
sqlite3 db test.db
sqlite3 db2 test.db
db eval { SELECT * FROM sqlite_master }
db2 eval {
BEGIN;
CREATE TABLE abc(a, b, c);
}
} -tclbody {
catch {db eval {SELECT * FROM sqlite_master}}
catch {sqlite3_errmsg16 db}
error 1
} -cleanup {
execsql { SELECT * FROM sqlite_master }
}
catch {db close}
catch {db2 close}
do_malloc_test shared_err-12 -sqlbody {
CREATE TABLE abc(a, b, c);
INSERT INTO abc VALUES(1, 2, 3);
}
catch {db close}
catch {db2 close}
sqlite3_enable_shared_cache $::enable_shared_cache
finish_test