diff --git a/CMakeLists.txt b/CMakeLists.txt
index 89a68ef..f2bc39e 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,9 +1,9 @@
 cmake_minimum_required(VERSION 3.15.2)
 project(BookStore)
+set(CMAKE_CXX_FLAGS "-g -fsanitize=address")
 file(GLOB_RECURSE main_src backend/src/*.cpp)
 include_directories(${PROJECT_SOURCE_DIR}/backend/include)
 include_directories(${PROJECT_SOURCE_DIR}/external)
 add_executable(code ${main_src})
-target_compile_options(code PRIVATE -Ofast)
 add_subdirectory(maintenance/test)
 include(maintenance/test/ctest_config)
\ No newline at end of file
diff --git a/backend/include/key2index.hpp b/backend/include/key2index.hpp
index b284bf5..48cbd73 100644
--- a/backend/include/key2index.hpp
+++ b/backend/include/key2index.hpp
@@ -22,7 +22,7 @@ class String2Index {
     /* Reference: http://xorshift.di.unimi.it/splitmix64.c */
     str = salt1 + str + salt2;
     hash_t ret = 0;
-    int i;
+    int i = 0;
     for (; i + 8 <= str.length(); i += 8) {
       ret ^= *reinterpret_cast<const hash_t *>(str.c_str() + i);
       ret ^= *reinterpret_cast<const hash_t *>(inner_salt + (i & 15));
@@ -46,10 +46,11 @@ class String2Index {
     hash_t main_hash, sub_hash;
     int val, nxt_idx = 0;
     Node() = default;
-    Node(std::string str, int _val)
-        : main_hash(Hash(str)),
-          sub_hash(Hash(sub_salt1 + str + sub_salt2)),
-          val(_val) {}
+    Node(std::string str, int _val) {
+      main_hash = Hash(str);
+      sub_hash = Hash(sub_salt1 + str + sub_salt2);
+      val = _val;
+    }
   };
 
   DriveArray<Node, kBucketSize, 100> mem;
diff --git a/backend/src/database.cpp b/backend/src/database.cpp
index 231ad27..313a9f7 100644
--- a/backend/src/database.cpp
+++ b/backend/src/database.cpp
@@ -1,5 +1,6 @@
 #include "database.h"
 
+#include "bs-utility.h"
 void UserDataBase::Open(std::string file_name) {
   full_user_data.OpenFile(file_name + ".full");
   user_name2index.OpenFile(file_name + ".n2i");
@@ -17,15 +18,18 @@ void LogDataBase::Open(std::string file_name) {
 
 bool UserDataBase::PAM(const std::string &user_id,
                        const std::string &password) {
+  // debugPrint("PAM ", user_id, " ", password);
   auto ret = user_name2index.Find(user_id);
   if (ret.size() != 1) return false;
   UserItemClass tmp;
   full_user_data.read(tmp, ret[0]);
+  // debugPrint("Correct password: ", tmp.password, " Input password: ", password);
   return tmp.password == password;
 }
 
 int UserDataBase::GetPrevilege(const std::string &user_id) {
   auto ret = user_name2index.Find(user_id);
+  // debugPrint("size=", ret.size());
   if (ret.size() != 1) return -1;
   UserItemClass tmp;
   full_user_data.read(tmp, ret[0]);
@@ -42,6 +46,9 @@ void UserDataBase::AddUser(const std::string &user_id,
   tmp.privilege = privilege;
   int idx = full_user_data.write(tmp);
   user_name2index.Insert(user_id, idx);
+  // debugPrint("Add user: ", user_id, " ", password, " ", user_name, " ",
+  //            privilege);
+  // debugPrint("idx: ", idx);
 }
 
 void UserDataBase::DeleteUser(const std::string &user_id) {
diff --git a/backend/src/engine.cpp b/backend/src/engine.cpp
index b66dfd4..70d86c9 100644
--- a/backend/src/engine.cpp
+++ b/backend/src/engine.cpp
@@ -15,7 +15,9 @@ BookStoreEngineClass::BookStoreEngineClass(std::string __config_dir,
   log_data_base.Open(config_dir + "log");
   is_server = __is_server;
   if (user_data_base.GetPrevilege("root") == -1) {
+    // debugPrint("Creating root user");
     user_data_base.AddUser("root", "sjtu", "root", 7);
+    // debugPrint("Now root's previlege is", user_data_base.GetPrevilege("root"));
   }
 }
 std::vector<std::string> BookStoreEngineClass::Execute(
@@ -114,6 +116,7 @@ std::vector<std::string> BookStoreEngineClass::ExecuteSu(
     login_stack.push(std::make_pair(user_id, ""));
     return std::vector<std::string>();
   }
+  // debugPrint("Examining", user_id, password);
   if (user_data_base.PAM(user_id, password)) {
     login_stack.push(std::make_pair(user_id, ""));
     return std::vector<std::string>();
@@ -163,13 +166,16 @@ std::vector<std::string> BookStoreEngineClass::ExecutePasswd(
 std::vector<std::string> BookStoreEngineClass::ExecuteUserAdd(
     const std::string &cmd,
     std::stack<std::pair<std::string, std::string>> &login_stack) {
-  if (login_stack.empty() ||
-      user_data_base.GetPrevilege(login_stack.top().first) < 3)
+  int own_previlege = 0;
+  if (login_stack.size() > 0)
+    own_previlege = user_data_base.GetPrevilege(login_stack.top().first);
+  if (login_stack.empty() || own_previlege < 3)
     return std::vector<std::string>({"Invalid"});
   std::string user_id, password, user_name;
   int privilege;
   if (!CommandUseraddLexer(cmd, user_id, password, privilege, user_name))
     return std::vector<std::string>({"Invalid"});
+  if (privilege > own_previlege) return std::vector<std::string>({"Invalid"});
   if (user_data_base.GetPrevilege(user_id) != -1)
     return std::vector<std::string>({"Invalid"});
   user_data_base.AddUser(user_id, password, user_name, privilege);
diff --git a/backend/src/main.cpp b/backend/src/main.cpp
index d8648bb..fcc9336 100644
--- a/backend/src/main.cpp
+++ b/backend/src/main.cpp
@@ -4,7 +4,17 @@
 #include "bs-utility.h"
 #include "builtin-cli.h"
 #include "clipp/clipp.h"
+// #include "key2index.hpp"
+// void test() {
+//   String2Index user_name2index;
+//   user_name2index.OpenFile("test.n2i");
+//   user_name2index.Insert("root", 1);
+//   auto vec=user_name2index.Find("root");
+//   std::cout<<vec.size()<<std::endl;
+// }
 int main(int argc, char **argv) {
+  // test();
+  // return 0;
   bool is_server = false;
   std::string config_dir = "";
   bool custom_config_dir = false;