//sql DCHECKs on data corruption |
|||
Issue descriptionChrome's higher-level SQLite API, implemented in //sql, aims to flag bugs early by DCHECKing on SQLite errors that are unlikely to occur during development. The thinking is that some SQLite errors are most likely to come from API misuse, such as bad SQL statements. While reasonable, this approach goes against the principle that DCHECKs should only be used for invariant checking, and should never fail in real-world situations. For example, the same SQLite error code that generally indicates a bad SQL statement might be caused by database corruption. We need to audit //sql and come up with a better error handling strategy. The new strategy should flag development errors as early as possible, subject to the constraint of using our logging APIs as intended.
,
May 3 2018
Issue 766696 has been merged into this issue.
,
May 3 2018
,
May 4 2018
Issue 836332 is related. SQLite caused test flakiness on bots due to I/O errors. That's an interesting case -- I think that the work in this bug (removing the DCHECKs) will make the I/O errors harder to debug, so it'll be a regression for that scenario.
,
May 7 2018
Perhaps an opt-in command line flag to hard crash on suspected IO errors could help while still allowing removal of the bad dcheck pattern? |
|||
►
Sign in to add a comment |
|||
Comment 1 by pwnall@chromium.org
, May 3 2018