Review Request 128893: Fix sorted insert (aka flat_map like insert).

Christoph Cullmann cullmann at kde.org
Sun Sep 11 20:27:35 UTC 2016 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/128893/
-----------------------------------------------------------

(Updated Sept. 11, 2016, 8:27 p.m.)


Review request for KDE Frameworks and Boudhayan Gupta.


Repository: baloo


Description (updated)
-------

Old code was plain wrong:

-        auto it = std::upper_bound(subDocs.begin(), subDocs.end(), id);
-
-        // Merge the id if it does not
-        auto prev = it - 1;
-        if (*prev != id) {
-            subDocs.insert(it, id);
-        }


=> you deref begin()-1 in my test case

=> BAM ;)

valgrind backtrace for old code (moved it to template method)

0
PASS   : DocumentUrlDBTest::testGetId()
it == begin 1
==22283== Invalid read of size 8
==22283==    at 0x406F20: void Baloo::sortedIdInsert<std::vector<unsigned long long, std::allocator<unsigned long long> >, unsigned long long>(std::vector<unsigned long long, std::allocator<unsigned long long> >&, unsigned long long const&) (idutils.h:101)
==22283==    by 0x406965: DocumentUrlDBTest::testSortedIdInsert() (documenturldbtest.cpp:158)
==22283==    by 0x404DD9: DocumentUrlDBTest::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (documenturldbtest.moc:99)
==22283==    by 0x57F90BD: QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (in /usr/lib/libQt5Core.so.5.7.0)
==22283==    by 0x4E489D6: ??? (in /usr/lib/libQt5Test.so.5.7.0)
==22283==    by 0x4E49405: ??? (in /usr/lib/libQt5Test.so.5.7.0)
==22283==    by 0x4E49A51: ??? (in /usr/lib/libQt5Test.so.5.7.0)
==22283==    by 0x4E49F60: QTest::qExec(QObject*, int, char**) (in /usr/lib/libQt5Test.so.5.7.0)
==22283==    by 0x404CF1: main (documenturldbtest.cpp:167)
==22283==  Address 0xbf25418 is 8 bytes before a block of size 8 alloc'd
==22283==    at 0x4C2A0FC: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==22283==    by 0x40AF63: __gnu_cxx::new_allocator<unsigned long long>::allocate(unsigned long, void const*) (new_allocator.h:104)
==22283==    by 0x40AD46: std::allocator_traits<std::allocator<unsigned long long> >::allocate(std::allocator<unsigned long long>&, unsigned long) (alloc_traits.h:416)
==22283==    by 0x40A171: std::_Vector_base<unsigned long long, std::allocator<unsigned long long> >::_M_allocate(unsigned long) (stl_vector.h:170)
==22283==    by 0x409151: void std::vector<unsigned long long, std::allocator<unsigned long long> >::_M_emplace_back_aux<unsigned long long>(unsigned long long&&) (vector.tcc:412)
==22283==    by 0x40886C: void std::vector<unsigned long long, std::allocator<unsigned long long> >::emplace_back<unsigned long long>(unsigned long long&&) (vector.tcc:101)
==22283==    by 0x406E55: std::vector<unsigned long long, std::allocator<unsigned long long> >::push_back(unsigned long long&&) (stl_vector.h:933)
==22283==    by 0x40694A: DocumentUrlDBTest::testSortedIdInsert() (documenturldbtest.cpp:155)
==22283==    by 0x404DD9: DocumentUrlDBTest::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (documenturldbtest.moc:99)
==22283==    by 0x57F90BD: QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (in /usr/lib/libQt5Core.so.5.7.0)
==22283==    by 0x4E489D6: ??? (in /usr/lib/libQt5Test.so.5.7.0)
==22283==    by 0x4E49405: ??? (in /usr/lib/libQt5Test.so.5.7.0)
==22283==


Bug report:

https://bugs.kde.org/show_bug.cgi?id=367991


Diffs
-----

  autotests/unit/engine/documenturldbtest.cpp 448821b 
  src/engine/documenturldb.cpp 5083e7a 
  src/engine/idutils.h cc7da9c 
  src/engine/writetransaction.cpp 3808970 

Diff: https://git.reviewboard.kde.org/r/128893/diff/


Testing
-------

Wrote test, valgrind shows error (or you get segfault, depending on luck) with old code, new one works.


Thanks,

Christoph Cullmann

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160911/65fc3171/attachment-0001.html>

More information about the Kde-frameworks-devel mailing list