Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-6799

Crash in field_conv, memcpy_field_possible

Details

    • 10.0.21

    Description

      Crash with the following stack trace happened at a customer:

      > mysqld.exe!Field_string::type() Line 2239 + 0x15 bytes	C++
      		 
      mysqld.exe!memcpy_field_possible(Field * to, Field * from) Line 840 + 0x10 bytes	C++
      		 
      mysqld.exe!field_conv(Field * to, Field * from) Line 865 + 0x5 bytes	C++
      		 
      mysqld.exe!save_field_in_field(Field * from, bool * null_value, Field * to, bool no_conversions) Line 5978	C++
      		 
      mysqld.exe!sp_eval_expr(THD * thd, Field * result_field, Item * * expr_item_ptr) Line 434	C++
      		 
      mysqld.exe!sp_rcontext::set_variable(THD * thd, Field * field, Item * * value) Line 377 + 0xe bytes	C++
      		 
      mysqld.exe!sp_cursor::Select_fetch_into_spvars::send_data(List<Item> & items) Line 553 + 0x25 bytes	C++
      		 
      mysqld.exe!Materialized_cursor::fetch(unsigned long num_rows) Line 339 + 0x10 bytes	C++
      		 
      mysqld.exe!sp_cursor::fetch(THD * thd, List<sp_variable> * vars) Line 510	C++
      		 
      mysqld.exe!sp_instr_cfetch::execute(THD * thd, unsigned int * nextp) Line 3864 + 0xe bytes	C++
      		 
      mysqld.exe!sp_head::execute(THD * thd, bool merge_da_on_success) Line 1366 + 0x11 bytes	C++
      		 
      mysqld.exe!sp_head::execute_procedure(THD * thd, List<Item> * args) Line 2152 + 0xe bytes	C++
      		 
      mysqld.exe!mysql_execute_command(THD * thd) Line 4688 + 0x13 bytes	C++
      		 
      mysqld.exe!mysql_parse(THD * thd, char * rawbuf, unsigned int length, Parser_state * parser_state) Line 6416	C++
      		 
      mysqld.exe!dispatch_command(enum_server_command command, THD * thd, char * packet, unsigned int packet_length) Line 1310	C++
      		 
      mysqld.exe!do_command(THD * thd) Line 1011	C++
      		 
      mysqld.exe!threadpool_process_request(THD * thd) Line 233 + 0x8 bytes	C++
      		 
      mysqld.exe!io_completion_callback(_TP_CALLBACK_INSTANCE * instance, void * context, void * overlapped, unsigned long io_result, unsigned __int64 nbytes, _TP_IO * io) Line 568 + 0x17 bytes	C++
      		 
      kernel32.dll!BasepTpIoCallback() + 0x52 bytes
      		 
      ntdll.dll!TppIopExecuteCallback() + 0x1ba bytes
      		 
      ntdll.dll!TppWorkerThread() + 0x33f bytes
      		 
      kernel32.dll!BaseThreadInitThunk() + 0xd bytes
      		 
      ntdll.dll!RtlUserThreadStart() + 0x21 bytes

      We were unable to get a small repeatable testcase, but under customer' load the crash is reproducible.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-7040 Crash in field_conv, memcpy_field_possible, part#2

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            View 4 older comments
            Lawrin Lawrin Novitsky added a comment -

            Hi,
            I've seen identical crash call stack that people has got win 10.0.20

            mysqld.exe!Field_string::type() Line 2279 + 0x15 bytes C++
            > mysqld.exe!memcpy_field_possible(Field * to, Field * from) Line 865 + 0xe9 bytes C++
            mysqld.exe!field_conv(Field * to, Field * from) Line 873 + 0x5 bytes C++
            mysqld.exe!save_field_in_field(Field * from, bool * null_value, Field * to, bool no_conversions) Line 5919 C++
            mysqld.exe!sp_eval_expr(THD * thd, Field * result_field, Item * * expr_item_ptr) Line 434 C++
            mysqld.exe!sp_rcontext::set_variable(THD * thd, Field * field, Item * * value) Line 378 + 0xe bytes C++
            mysqld.exe!sp_cursor::Select_fetch_into_spvars::send_data(List<Item> & items) Line 554 + 0x25 bytes C++
            mysqld.exe!Materialized_cursor::fetch(unsigned long num_rows) Line 344 + 0x10 bytes C++
            mysqld.exe!sp_cursor::fetch(THD * thd, List<sp_variable> * vars) Line 511 C++
            mysqld.exe!sp_instr_cfetch::execute(THD * thd, unsigned int * nextp) Line 3874 + 0xe bytes C++
            mysqld.exe!sp_head::execute(THD * thd, bool merge_da_on_success) Line 1371 + 0x11 bytes C++
            mysqld.exe!sp_head::execute_procedure(THD * thd, List<Item> * args) Line 2159 + 0xe bytes C++
            mysqld.exe!mysql_execute_command(THD * thd) Line 4701 + 0x13 bytes C++
            mysqld.exe!mysql_parse(THD * thd, char * rawbuf, unsigned int length, Parser_state * parser_state) Line 6534 C++
            mysqld.exe!dispatch_command(enum_server_command command, THD * thd, char * packet, unsigned int packet_length) Line 1311 C++
            mysqld.exe!do_command(THD * thd) Line 1007 C++
            mysqld.exe!threadpool_process_request(THD * thd) Line 233 + 0x8 bytes C++
            mysqld.exe!io_completion_callback(_TP_CALLBACK_INSTANCE * instance, void * context, void * overlapped, unsigned long io_result, unsigned __int64 nbytes, _TP_IO * io) Line 568 + 0x17 bytes C++
            kernel32.dll!00000000773b32e2()
            [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]
            00000007f9a3fa80()
            0000000806034c30()
            ntdll.dll!00000000774afbf0()
            00000007768b8c80()

            Might be that bug needs to be re-open

            Lawrin Lawrin Novitsky added a comment - Hi, I've seen identical crash call stack that people has got win 10.0.20 mysqld.exe!Field_string::type() Line 2279 + 0x15 bytes C++ > mysqld.exe!memcpy_field_possible(Field * to, Field * from) Line 865 + 0xe9 bytes C++ mysqld.exe!field_conv(Field * to, Field * from) Line 873 + 0x5 bytes C++ mysqld.exe!save_field_in_field(Field * from, bool * null_value, Field * to, bool no_conversions) Line 5919 C++ mysqld.exe!sp_eval_expr(THD * thd, Field * result_field, Item * * expr_item_ptr) Line 434 C++ mysqld.exe!sp_rcontext::set_variable(THD * thd, Field * field, Item * * value) Line 378 + 0xe bytes C++ mysqld.exe!sp_cursor::Select_fetch_into_spvars::send_data(List<Item> & items) Line 554 + 0x25 bytes C++ mysqld.exe!Materialized_cursor::fetch(unsigned long num_rows) Line 344 + 0x10 bytes C++ mysqld.exe!sp_cursor::fetch(THD * thd, List<sp_variable> * vars) Line 511 C++ mysqld.exe!sp_instr_cfetch::execute(THD * thd, unsigned int * nextp) Line 3874 + 0xe bytes C++ mysqld.exe!sp_head::execute(THD * thd, bool merge_da_on_success) Line 1371 + 0x11 bytes C++ mysqld.exe!sp_head::execute_procedure(THD * thd, List<Item> * args) Line 2159 + 0xe bytes C++ mysqld.exe!mysql_execute_command(THD * thd) Line 4701 + 0x13 bytes C++ mysqld.exe!mysql_parse(THD * thd, char * rawbuf, unsigned int length, Parser_state * parser_state) Line 6534 C++ mysqld.exe!dispatch_command(enum_server_command command, THD * thd, char * packet, unsigned int packet_length) Line 1311 C++ mysqld.exe!do_command(THD * thd) Line 1007 C++ mysqld.exe!threadpool_process_request(THD * thd) Line 233 + 0x8 bytes C++ mysqld.exe!io_completion_callback(_TP_CALLBACK_INSTANCE * instance, void * context, void * overlapped, unsigned long io_result, unsigned __int64 nbytes, _TP_IO * io) Line 568 + 0x17 bytes C++ kernel32.dll!00000000773b32e2() [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll] 00000007f9a3fa80() 0000000806034c30() ntdll.dll!00000000774afbf0() 00000007768b8c80() Might be that bug needs to be re-open
            psergei Sergei Petrunia added a comment -

            Reopening due to reports that the crash is still observable.

            psergei Sergei Petrunia added a comment - Reopening due to reports that the crash is still observable.
            psergei Sergei Petrunia added a comment -

            Lawrin Lawrin , can you post the stack trace here? I have succeded in loading the minidump into WinDbg but couldn't get any further..

            The reason for asking is that I've now got a patch for MDEV-7040.

            psergei Sergei Petrunia added a comment - Lawrin Lawrin , can you post the stack trace here? I have succeded in loading the minidump into WinDbg but couldn't get any further.. The reason for asking is that I've now got a patch for MDEV-7040 .
            psergei Sergei Petrunia added a comment -

            Ok it was a misunderstanding, the stack trace is as posted above in the comment dated 2015-07-06 17:23. This is supposed to be fixed by MDEV-7040.

            psergei Sergei Petrunia added a comment - Ok it was a misunderstanding, the stack trace is as posted above in the comment dated 2015-07-06 17:23. This is supposed to be fixed by MDEV-7040 .
            psergei Sergei Petrunia added a comment -

            Closing this as a proper fix for this problem was done as a part of MDEV-7040.

            psergei Sergei Petrunia added a comment - Closing this as a proper fix for this problem was done as a part of MDEV-7040 .

            People

              psergei Sergei Petrunia
              psergei Sergei Petrunia
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.