Zorba

memory corruption in Item::swap() method.

Bug #1102997 reported by Markos Zaharioudakis
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Zorba
Fix Committed
High
Ghislain Fourny

Bug Description

In Item::swap() method, the following lines are *very* wrong:

    *theUnion.treeRCPtr += theRefCount;
    *theUnion.treeRCPtr -= anotherItem->theRefCount;
    *anotherItem->theUnion.treeRCPtr -= theRefCount;
    *anotherItem->theUnion.treeRCPtr += anotherItem->theRefCount;

This and/or potentially other bugs with the swap() method cause the test collections/edit/edit_collection_005.xq to fail in at least a couple of my development branches (e.g., lp:~/zorba/repo/union-sequence-types), although very surprisingly, it seems to be passing the RQ!!!.

Related branches

lp:~zorba-coders/zorba/bug-1111487
Markos Zaharioudakis: Approve
Dennis Knochenwefel: Approve
Till Westmann: Approve
Diff: 105 lines (+46/-18)
3 files modified
ChangeLog (+2/-0)
src/store/naive/node_items.cpp (+27/-18)
test/rbkt/Queries/zorba/collections/edit/edit_collection_005.xq (+17/-0)
Revision history for this message
Markos Zaharioudakis (markos-za) wrote :

I am going to removed the failing test because it prevents me from committing to the trunk. I copy the query text here:

import module namespace ddl = "http://www.zorba-xquery.com/modules/store/static/collections/ddl";
import module namespace dml = "http://www.zorba-xquery.com/modules/store/static/collections/dml";
import module namespace ref = "http://www.zorba-xquery.com/modules/node-reference";

import module namespace ns = "http://www.example.com/example" at "../collection_001.xqdata";

ddl:create(xs:QName("ns:collection"));

dml:insert(xs:QName("ns:collection"), (<a/>, <b/>, <c/>));

variable $old := ref:node-reference(dml:collection(xs:QName("ns:collection"))[2]);

dml:edit(dml:collection(xs:QName("ns:collection"))[2], <d/>);

variable $new := ref:node-reference(dml:collection(xs:QName("ns:collection"))[2]);

$old eq $new

Dana Florescu (dflorescu)
tags: added: memory-problems
Revision history for this message
Ghislain Fourny (gislenius) wrote :

There is a known bug here as well as a fix:

https://bugs.launchpad.net/zorba/+bug/1111487

The proposed fix might solve this bug as well. If so, the query above could then serve as a test.

Revision history for this message
Ghislain Fourny (gislenius) wrote :

I could reproduce the error. It was not because of the above quoted code (which looks correct to me), but because the flags indicating whether there is a reference to the nodes were not set correctly. It should be fixed in branch lp:~zorba-coders/zorba/bug-1111487. I am adding you as a reviewer. Can you confirm?

Changed in zorba:
status: New → In Progress
Ghislain Fourny (gislenius)
Changed in zorba:
assignee: Ghislain Fourny (gislenius) → Markos Zaharioudakis (markos-za)
Revision history for this message
Markos Zaharioudakis (markos-za) wrote :

Ghislain, this has been fixed, no? If so, why don't you close it?

Changed in zorba:
assignee: Markos Zaharioudakis (markos-za) → Ghislain Fourny (gislenius)
Revision history for this message
Ghislain Fourny (gislenius) wrote :

I was waiting for a confirmation that this worked on your machine too, before closing.

From your last message I assume such is the case and am herewith closing this bug.

Changed in zorba:
status: In Progress → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.