From: unordained <uno...@cs...> - 2013-07-23 20:27:17
|
I've got dump files available; if someone in particular would like them, I'll zip and provide a download URL, privately. WI-V2.5.2.26540 Firebird 2.5 (win32 Firebird, on x64 Windows 7 host) The error seems to be triggered by the CTE-insert-from-select below, although it currently only happens on my machine (very repeatedly, and only since upgrading from 2.1.5 to 2.5.2), not on my co-developer's (also upgraded). So far, it also seems to happen when executed via Tomcat + Jaybird 2.1.6, not when I try to reproduce the issue in Flamerobin, but that could be my fault for not replaying the scenario just right. The particular values I happened to be searching for didn't seem to matter; any search that should return results, would crash firebird. If I search for something with no matches, I get no crash. Other types of searches, using essentially the same CTE statement, such as by phone#, do not crash (so far). searches of the bt_entity_names table directly, or by replaying the whole CTE, do not crash (so far, in flamerobin). gfix found no corruption. /* -- relevant tables CREATE GLOBAL TEMPORARY TABLE QR_TEMP_TABLE ( Q_ID INTEGER, ID INTEGER, DATABLOCK VARCHAR(32000) ); CREATE INDEX QR_IX_TEMP_TABLE_Q_ID_ID ON QR_TEMP_TABLE (Q_ID, ID); CREATE TABLE BT_ENTITY_NAMES ( ID INTEGER NOT NULL, ENTITY_ID INTEGER NOT NULL, TYPE_ID INTEGER, NAME_DISPLAY VARCHAR(400) NOT NULL, NAME_UPPER VARCHAR(400), NAME_SOUNDEX VARCHAR(400), INIT_DATE DATE, FINI_DATE DATE, COMMENTS VARCHAR(1000), CONSTRAINT BT_PK_ENTNAMES PRIMARY KEY (ID) ); ALTER TABLE BT_ENTITY_NAMES ADD CONSTRAINT BT_FK_ENTNAMES_ENT FOREIGN KEY (ENTITY_ID) REFERENCES BT_ENTITIES (ID) ON UPDATE CASCADE ON DELETE CASCADE; ALTER TABLE BT_ENTITY_NAMES ADD CONSTRAINT BT_FK_ENTNAMES_ENTNAME_TYPE FOREIGN KEY (TYPE_ID) REFERENCES BT_ENTITY_NAME_TYPES (ID) ON UPDATE CASCADE; */ insert into qr_temp_table (q_id, id, datablock) with qr_0 as (select bt_entity_names.entity_id id, cast(list(distinct name_upper || ' matched ' || '%' || strreplace(upper(rtrim(?)), ' ', '% ') || '%') as varchar(32000)) as datablock from bt_entity_names where name_upper like '%' || strreplace(upper(rtrim(?)), ' ', '% ') || '%' group by entity_id), qr as (select first ? qr_0.id id, 'few(' || coalesce(datablock, '') || ')' as datablock from qr_0) select ?, id, datablock from qr; example parameters: billy, billy, 500, 1 generated plan: PLAN (QR QR_0 QR_0_0 BT_ENTITY_NAMES ORDER BT_FK_ENTNAMES_ENT) /* this query was auto-generated by a sort of query-builder I constructed; the statements can get far nastier when AND/ORs are used. no need to debate the craziness, I know how it looks, and it's on purpose. as it runs, it (a) finds matches and (b) tries to remember why it found a given match. */ I've crashed it a few times, and the call-stack below is consistent across them. Client-side, it happens after the statement has been prepared, parameters set, and I'm calling int PrepareStatement.executeUpdate(). Dump Summary ------------ Dump File: fbserver.exe.13208.dmp : C:\eddy\dumps\fbserver.exe.13208.dmp Last Write Time: 7/23/2013 2:08:55 PM Process Name: fbserver.exe : C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe Process Architecture: x86 Exception Code: 0xC0000005 Exception Information: The thread tried to read from or write to a virtual address for which it does not have the appropriate access. Heap Information: Present System Information ------------------ OS Version: 6.1.7601 CLR Version(s): > msvcr80.dll!74ef7378() [Frames below may be incorrect and/or missing, no symbols loaded for msvcr80.dll] fbserver.exe!CVT_move_common(const dsc * from, dsc * to, Firebird::Callbacks * cb) Line 1397 + 0xd bytes C++ fbserver.exe!EVL_group(Jrd::thread_db * tdbb, Jrd::RecordSource * rsb, Jrd::jrd_nod * const node, unsigned short state) Line 1762 + 0x10 bytes C++ fbserver.exe!get_record(Jrd::thread_db * tdbb, Jrd::RecordSource * rsb, Jrd::RecordSource * parent_rsb, Jrd::rse_get_mode mode) Line 2376 + 0x17 bytes C++ fbserver.exe!get_record(Jrd::thread_db * tdbb, Jrd::RecordSource * rsb, Jrd::RecordSource * parent_rsb, Jrd::rse_get_mode mode) Line 2177 + 0x14 bytes C++ fbserver.exe!RSE_get_record(Jrd::thread_db * tdbb, Jrd::RecordSource * rsb, Jrd::rse_get_mode mode) Line 312 + 0x29 bytes C++ fbserver.exe!EXE_looper(Jrd::thread_db * tdbb, Jrd::jrd_req * request, Jrd::jrd_nod * in_node) Line 2027 + 0xf bytes C++ fbserver.exe!execute_looper(Jrd::thread_db * tdbb, Jrd::jrd_req * request, Jrd::jrd_tra * transaction, Jrd::jrd_req::req_s next_state) Line 1410 + 0x1f bytes C++ fbserver.exe!EXE_send(Jrd::thread_db * tdbb, Jrd::jrd_req * request, unsigned short msg, unsigned short length, const unsigned char * buffer) Line 973 + 0x13 bytes C++ fbserver.exe!JRD_start_and_send(Jrd::thread_db * tdbb, Jrd::jrd_req * request, Jrd::jrd_tra * transaction, unsigned short msg_type, unsigned short msg_length, unsigned char * msg, short level) Line 6850 + 0x16 bytes C++ fbserver.exe!execute_request(Jrd::thread_db * tdbb, Jrd::dsql_req * request, Jrd::jrd_tra * * tra_handle, unsigned short in_blr_length, const unsigned char * in_blr, unsigned short in_msg_length, const unsigned char * in_msg, unsigned short out_blr_length, unsigned char * out_blr, unsigned short out_msg_length, unsigned char * out_msg, bool singleton) Line 1275 + 0x1e bytes C++ fbserver.exe!DSQL_execute(Jrd::thread_db * tdbb, Jrd::jrd_tra * * tra_handle, Jrd::dsql_req * request, unsigned short in_blr_length, const unsigned char * in_blr, unsigned short in_msg_type, unsigned short in_msg_length, const unsigned char * in_msg, unsigned short out_blr_length, unsigned char * out_blr, unsigned short out_msg_length, unsigned char * out_msg) Line 271 + 0x37 bytes C++ fbserver.exe!jrd8_execute(int * user_status, Jrd::jrd_tra * * tra_handle, Jrd::dsql_req * * stmt_handle, unsigned short in_blr_length, const char * in_blr, unsigned short in_msg_type, unsigned short in_msg_length, const char * in_msg, unsigned short out_blr_length, char * out_blr, unsigned short __formal, unsigned short out_msg_length, char * out_msg) Line 4001 + 0x32 bytes C++ fbserver.exe!isc_dsql_execute2_m(int * user_status, void * * tra_handle, void * * stmt_handle, unsigned short in_blr_length, const char * in_blr, unsigned short in_msg_type, unsigned short in_msg_length, char * in_msg, unsigned short out_blr_length, char * out_blr, unsigned short out_msg_type, unsigned short out_msg_length, char * out_msg) Line 2726 C++ fbserver.exe!rem_port::execute_statement(P_OP op, p_sqldata * sqldata, packet * sendL) Line 2295 C++ fbserver.exe!process_packet(rem_port * port, packet * sendL, packet * receive, rem_port * * result) Line 3496 C++ fbserver.exe!loopThread(void * __formal) Line 5212 + 0x22 bytes C++ fbserver.exe!ThreadPriorityScheduler::run() Line 169 + 0x8 bytes C++ fbserver.exe!`anonymous namespace'::threadStart(void * arg) Line 99 C++ msvcr80.dll!74ee29bb() msvcr80.dll!74ee2a47() kernel32.dll!75b833aa() ntdll.dll!77c39ef2() ntdll.dll!77c39ec5() |