search

FirebirdSQL / firebird

Firebird server, client and tools
https://www.firebirdsql.org/
1.24k stars 212 forks source link

Firebird 4.0.3 is constantly crashing with the same symptoms (fbclient.dll) (incl. DMP File Analysis) #7779

Closed gitnol closed 11 months ago

gitnol commented 1 year ago

Hi Everyone,

first i want to say sorry for my english. i am not a native speaker and not a (hardcore) developer at all. I hope you have more knowledge and can help.

The error is an INVALID_POINTER_READ exception that indicates a memory access at an invalid address. The exception occurs in the memcpy function in VCRUNTIME140.dll.

But on every crash, there are the same informations in the DMP Files which i analyzed via Windbg.

It seems, that everytime a thread_start occurs and shortly after from the fbclient.dll the functions isc_attach_database, isc_version and isc_wait_for_event are being calles. After that, the memcpy i called and the firebird process crashes.

a excerpt, full analysis below.: ---snip--- VCRUNTIME140!memcpy+0x5e7 [D:\a_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm @ 721] fbclient!isc_wait_for_event+0x12e10 fbclient!isc_wait_for_event+0x122ec fbclient!isc_wait_for_event+0x120de fbclient!isc_version+0x14033 fbclient!isc_version+0x13eee fbclient!isc_attach_database+0x301 ---snap---

I think i can not answer deep questions, but i hope that there is a easy answer like: "oh i see... there is a memcpy function call in isc_wait_for_event and i can fix this"... but right now... i am a litte bit frustrated and need urgend help or advice.

Details

` Loading Dump File [D:\AVERP_DUMPS\firebird.exe_231004_132445.dmp] User Mini Dump File with Full Memory: Only application data is available Comment: ' *** c:\install\SysinternalsSuite\procdump64.exe -e -ma -w firebird.exe *** Unhandled exception: C0000005.ACCESS_VIOLATION' ************* Path validation summary ************** Response Time (ms) Location Deferred srv*D:\AVERP_DUMPS\Firebird-4.0.3.2975-0-x64-pdb*D:\AVERP_DUMPS\Firebird-3.0.10.33601-0_x64_pdb*http://msdl.microsoft.com/download/symbols Symbol search path is: srv*D:\AVERP_DUMPS\Firebird-4.0.3.2975-0-x64-pdb*D:\AVERP_DUMPS\Firebird-3.0.10.33601-0_x64_pdb*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 10 Version 20348 MP (16 procs) Free x64 Product: Server, suite: TerminalServer DataCenter SingleUserTS Edition build lab: 20348.1.amd64fre.fe_release.210507-1500 Debug session time: Wed Oct 4 13:24:46.000 2023 (UTC + 2:00) System Uptime: 16 days 23:56:45.899 Process Uptime: 0 days 0:07:57.000 ............................................................ This dump file has an exception of interest stored in it. The stored exception information can be accessed via .ecxr. (cf0.1f90): Access violation - code c0000005 (first/second chance not available) For analysis of this file, run !analyze -v *** WARNING: Unable to verify checksum for fbclient.dll VCRUNTIME140!memcpy+0x5e7: 00007ff9`70cd18f7 0f104411f0 movups xmm0,xmmword ptr [rcx+rdx-10h] ds:00000006`14bffff0=???????????????????????????????? 0:022> !analyze -v ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* KEY_VALUES_STRING: 1 Key : AV.Fault Value: Read Key : Analysis.CPU.mSec Value: 1124 Key : Analysis.Elapsed.mSec Value: 1238 Key : Analysis.IO.Other.Mb Value: 0 Key : Analysis.IO.Read.Mb Value: 36 Key : Analysis.IO.Write.Mb Value: 36 Key : Analysis.Init.CPU.mSec Value: 718 Key : Analysis.Init.Elapsed.mSec Value: 5913 Key : Analysis.Memory.CommitPeak.Mb Value: 101 Key : Failure.Bucket Value: INVALID_POINTER_READ_c0000005_VCRUNTIME140.dll!memcpy Key : Failure.Hash Value: {6cc7063a-c9e9-809b-b45d-40b8348a9d9b} Key : Timeline.OS.Boot.DeltaSec Value: 1468605 Key : Timeline.Process.Start.DeltaSec Value: 477 Key : WER.OS.Branch Value: fe_release Key : WER.OS.Version Value: 10.0.20348.1 Key : WER.Process.Version Value: 4.0.3.2975 FILE_IN_CAB: firebird.exe_231004_132445.dmp COMMENT: *** c:\install\SysinternalsSuite\procdump64.exe -e -ma -w firebird.exe *** Unhandled exception: C0000005.ACCESS_VIOLATION NTGLOBALFLAG: 0 APPLICATION_VERIFIER_FLAGS: 0 CONTEXT: (.ecxr) rax=0000000714c0ab01 rbx=000000060736dac0 rcx=000000061aa30000 rdx=fffffffffa1d0000 rsi=0000000614c10030 rdi=00000000ffffaae1 rip=00007ff970cd18f7 rsp=000000060736d668 rbp=00000000ffffaae1 r8=00000000ffffaad0 r9=00000000000bc3ff r10=000000060ede0030 r11=0000000614c10030 r12=000000060736dd90 r13=000000060ede0030 r14=000000060ede0030 r15=000000060ede0030 iopl=0 nv up ei pl nz ac po nc cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010214 VCRUNTIME140!memcpy+0x5e7: 00007ff9`70cd18f7 0f104411f0 movups xmm0,xmmword ptr [rcx+rdx-10h] ds:00000006`14bffff0=???????????????????????????????? Resetting default scope EXCEPTION_RECORD: (.exr -1) ExceptionAddress: 00007ff970cd18f7 (VCRUNTIME140!memcpy+0x00000000000005e7) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000614bffff0 Attempt to read from address 0000000614bffff0 PROCESS_NAME: firebird.exe READ_ADDRESS: 0000000614bffff0 ERROR_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung in 0x%p verwies auf Arbeitsspeicher bei 0x%p. Der Vorgang %s konnte im Arbeitsspeicher nicht durchgef hrt werden. EXCEPTION_CODE_STR: c0000005 EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: 0000000614bffff0 STACK_TEXT: 00000006`0736d668 00007ff9`71a975c0 : 00007ff9`71b72e60 00000000`ffffaaf0 00000006`0736d65c 00000020`00000007 : VCRUNTIME140!memcpy+0x5e7 00000006`0736d670 00007ff9`71a96a9c : 00000006`0736da80 00000006`0ede0030 00007ff9`71b72e58 00000000`00000000 : fbclient!isc_wait_for_event+0x12e10 00000006`0736d6a0 00007ff9`71a9688e : 00000000`00100000 00007ff9`71b72e58 00000000`00000000 00000006`0736d758 : fbclient!isc_wait_for_event+0x122ec 00000006`0736d6d0 00007ff9`71a63a23 : 00000006`0736da80 00000006`0b4b7b20 00000006`0736e560 00000006`0736df3c : fbclient!isc_wait_for_event+0x120de 00000006`0736d720 00007ff9`71a638de : 00000006`0736f700 00007ff9`71a76de9 00000000`00000030 00007ff9`71be11a0 : fbclient!isc_version+0x14033 00000006`0736dd10 00007ff9`71a7b331 : 00000006`0b4b7b20 00000006`0736e560 00000006`08d1d1fc 00000006`0ebf93f0 : fbclient!isc_version+0x13eee 00000006`0736dd50 00007ff9`548356e9 : 00000006`0736f700 00007ff9`548374e7 00000000`00000000 00000000`00000000 : fbclient!isc_attach_database+0x301 00000006`0736dfc0 00007ff9`54837bc8 : 00000004`069d93c0 00000003`a86987f8 00000003`a8698838 00000004`069d93c0 : engine13+0x1e56e9 00000006`0736e0d0 00007ff9`5482a317 : 00000006`0736e530 00000006`0736e560 00000006`0736e530 00000006`08d1d1b0 : engine13+0x1e7bc8 00000006`0736e410 00007ff9`5482c0f5 : 00000006`08d1d1b0 00000006`0736f700 00000000`00000000 00000000`eb695639 : engine13+0x1da317 00000006`0736e460 00007ff9`547b7cf9 : 00000000`00000000 00000000`00000000 00000000`00000000 00007ff9`00000000 : engine13+0x1dc0f5 00000006`0736e670 00007ff9`54822b6f : 00000004`13462480 00000002`4efd45b0 00000006`0ad3c440 00000004`13462810 : engine13+0x167cf9 00000006`0736e850 00007ff9`54824484 : 00000006`0736f700 00000006`0ad3c440 00000004`13462810 00000000`799f3970 : engine13+0x1d2b6f 00000006`0736e930 00007ff9`548241bb : 00000000`00000040 00000004`099454c0 00000000`000004a8 00007ff9`549bcaf9 : engine13+0x1d4484 00000006`0736e990 00007ff9`54822e6b : 00000006`0736f700 00000000`00000000 00000004`0998f940 00007ff9`5495de4c : engine13+0x1d41bb 00000006`0736e9f0 00007ff9`548e67de : 00000006`0736f700 00000006`0ad3c440 00000002`55ccd730 00000000`000004b0 : engine13+0x1d2e6b 00000006`0736eaa0 00007ff9`548e5b41 : 00007ff9`5481c690 00000002`55ccd730 00000006`0736f700 00000006`0884315c : engine13!firebird_plugin+0x57ebe 00000006`0736ebb0 00007ff9`548df639 : 00000006`0736f700 00000006`0736f700 00000006`0ad3a4c0 00000000`799f3970 : engine13!firebird_plugin+0x57221 00000006`0736ebf0 00007ff9`548df704 : 00000000`00000000 00002875`68478317 00000006`0736f700 00000000`00000000 : engine13!firebird_plugin+0x50d19 00000006`0736ec40 00007ff9`548e97f8 : 00000006`0736f700 00000002`4efdfa70 00000006`0ad3a4c0 00007ff9`548dfc19 : engine13!firebird_plugin+0x50de4 00000006`0736ec70 00007ff9`548de86d : 00000006`08843180 00007ff9`548deba1 ffffffff`fffffffe 00007ff9`547227c6 : engine13!firebird_plugin+0x5aed8 00000006`0736eca0 00007ff9`547b7fe2 : 00000006`08843198 00000006`08843198 00000004`0998f940 00000002`55ccd930 : engine13!firebird_plugin+0x4ff4d 00000006`0736ece0 00007ff9`54822b6f : 00000002`55ccd930 00000006`0ec22a48 00000006`0ad3a4c0 00000000`799f3970 : engine13+0x167fe2 00000006`0736ed20 00007ff9`54824484 : 00000006`0736f700 00000006`0ad3a4c0 00000002`55ccd930 00000006`0a7c6190 : engine13+0x1d2b6f 00000006`0736ee00 00007ff9`548241bb : 00000000`00000040 00000004`099454c0 00000000`0000000a 00007ff9`549bcaf9 : engine13+0x1d4484 00000006`0736ee60 00007ff9`54822e6b : 00000006`0736f700 00000000`00000000 00000004`0998f940 00007ff9`5495de4c : engine13+0x1d41bb 00000006`0736eec0 00007ff9`548e67de : 00000006`0736f700 00000006`0ad3a4c0 00000000`00000000 00000006`0000000a : engine13+0x1d2e6b 00000006`0736ef70 00007ff9`548e97f8 : 00000006`0ed7b3e8 00000006`0ed7b408 00000006`0736f700 00000006`0736f700 : engine13!firebird_plugin+0x57ebe 00000006`0736f080 00007ff9`5475188a : 00000006`0ed0c1c0 00000000`00000000 00000006`0ed0c1c0 00000006`0736f700 : engine13!firebird_plugin+0x5aed8 00000006`0736f0b0 00007ff9`54718d56 : 00000006`0ec43c50 00000006`0736f700 00000006`0ed0c1c0 00000004`00000008 : engine13+0x10188a 00000006`0736f150 00007ff9`54820f8c : 00000006`0ed0c1c0 00000006`0ec057a0 00000006`0ec055f0 00000006`0736f700 : engine13+0xc8d56 00000006`0736f180 00007ff9`547b7476 : 00000006`0ec21e68 00000006`0eb65f90 00000006`0ed0c1c0 00000006`0736f700 : engine13+0x1d0f8c 00000006`0736f1c0 00007ff9`54822b6f : 00000006`0eb65f90 00000006`0736f529 00000006`0ed0c1c0 00000006`0a7c6190 : engine13+0x167476 00000006`0736f1f0 00007ff9`54824484 : 00000006`0736f700 00000006`0ed0c1c0 00000006`0eb65f90 00000004`8acafa90 : engine13+0x1d2b6f 00000006`0736f2d0 00007ff9`548241bb : 00000190`00000190 00000004`6397f240 ffffffff`fffffffe 00007ff9`54ae7b68 : engine13+0x1d4484 00000006`0736f330 00007ff9`54822e6b : 00000006`0736f700 00000000`0000c0a1 00000004`0998f940 00000000`0120e160 : engine13+0x1d41bb 00000006`0736f390 00007ff9`5486d444 : 00000006`0736f700 00000006`0ed0c1c0 ffffffff`fffffffe 00000000`00007c1c : engine13+0x1d2e6b 00000006`0736f440 00007ff9`5472d701 : 00000000`00000000 00000004`8acafa90 00007ff9`54af1280 00000004`8acafa90 : engine13+0x21d444 00000006`0736f480 00007ff9`5473e6f8 : 00000002`e51ca680 00000006`0736f898 00000002`ed6b0040 00000006`0eb63df0 : engine13+0xdd701 00000006`0736f590 00007ff9`54879305 : 00000006`0736f610 00000005`8f371140 00000006`0736f828 00000006`0736fa90 : engine13+0xee6f8 00000006`0736f5c0 00007ff9`5487213f : 00000005`8f371148 00000006`0736fa90 00000002`ed6b0040 00007ff9`71a063eb : engine13+0x229305 00000006`0736f870 00007ff9`71a6ded2 : 00000006`0736f958 00000000`60f1b718 00000006`0736f958 00000006`0736f958 : engine13+0x22213f 00000006`0736f8d0 00007ff9`71a669ff : 00000005`49bc0e98 00000006`0736f958 00000002`ed6b0040 00000001`40049edc : fbclient!isc_version+0x1e4e2 00000006`0736f930 00000001`4001ccc6 : 00000001`3bc212a0 00000006`0736fa90 00000001`af4547d8 00000000`6ab66940 : fbclient!isc_version+0x1700f 00000006`0736f990 00000001`4002116e : 00000006`0b4b7b20 00000000`6ab66940 00000001`3cb2d7c0 00000000`6ab66940 : firebird+0x1ccc6 00000006`0736fb30 00000001`4001f80b : 00000000`01630440 00000001`af4547c0 00000001`af4547c0 00000000`016304c0 : firebird+0x2116e 00000006`0736fdd0 00000001`4003ed25 : 00000000`0000003a 00000000`00000000 00000000`016304c0 00000000`00000000 : firebird+0x1f80b 00000006`0736fec0 00007ff9`78a36b4c : 00000003`16e7da40 00000000`0018b080 00000000`00000000 00000000`00000000 : firebird+0x3ed25 00000006`0736ff00 00007ff9`79bc4de0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ucrtbase!thread_start+0x4c 00000006`0736ff30 00007ff9`7b2fec0b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x10 00000006`0736ff60 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2b FAULTING_SOURCE_LINE: D:\a\_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm FAULTING_SOURCE_FILE: D:\a\_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm FAULTING_SOURCE_LINE_NUMBER: 721 FAULTING_SOURCE_CODE: No source found for 'D:\a\_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm' SYMBOL_NAME: VCRUNTIME140!memcpy+5e7 MODULE_NAME: VCRUNTIME140 IMAGE_NAME: VCRUNTIME140.dll STACK_COMMAND: ~22s; .ecxr ; kb FAILURE_BUCKET_ID: INVALID_POINTER_READ_c0000005_VCRUNTIME140.dll!memcpy OS_VERSION: 10.0.20348.1 BUILDLAB_STR: fe_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 IMAGE_VERSION: 14.36.32532.0 FAILURE_ID_HASH: {6cc7063a-c9e9-809b-b45d-40b8348a9d9b} Followup: MachineOwner --------- 0:022> kb # RetAddr : Args to Child : Call Site 00 00007ff9`71a975c0 : 00007ff9`71b72e60 00000000`ffffaaf0 00000006`0736d65c 00000020`00000007 : VCRUNTIME140!memcpy+0x5e7 [D:\a\_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm @ 721] 01 00007ff9`71a96a9c : 00000006`0736da80 00000006`0ede0030 00007ff9`71b72e58 00000000`00000000 : fbclient!isc_wait_for_event+0x12e10 02 00007ff9`71a9688e : 00000000`00100000 00007ff9`71b72e58 00000000`00000000 00000006`0736d758 : fbclient!isc_wait_for_event+0x122ec 03 00007ff9`71a63a23 : 00000006`0736da80 00000006`0b4b7b20 00000006`0736e560 00000006`0736df3c : fbclient!isc_wait_for_event+0x120de 04 00007ff9`71a638de : 00000006`0736f700 00007ff9`71a76de9 00000000`00000030 00007ff9`71be11a0 : fbclient!isc_version+0x14033 05 00007ff9`71a7b331 : 00000006`0b4b7b20 00000006`0736e560 00000006`08d1d1fc 00000006`0ebf93f0 : fbclient!isc_version+0x13eee 06 00007ff9`548356e9 : 00000006`0736f700 00007ff9`548374e7 00000000`00000000 00000000`00000000 : fbclient!isc_attach_database+0x301 07 00007ff9`54837bc8 : 00000004`069d93c0 00000003`a86987f8 00000003`a8698838 00000004`069d93c0 : engine13+0x1e56e9 08 00007ff9`5482a317 : 00000006`0736e530 00000006`0736e560 00000006`0736e530 00000006`08d1d1b0 : engine13+0x1e7bc8 09 00007ff9`5482c0f5 : 00000006`08d1d1b0 00000006`0736f700 00000000`00000000 00000000`eb695639 : engine13+0x1da317 0a 00007ff9`547b7cf9 : 00000000`00000000 00000000`00000000 00000000`00000000 00007ff9`00000000 : engine13+0x1dc0f5 0b 00007ff9`54822b6f : 00000004`13462480 00000002`4efd45b0 00000006`0ad3c440 00000004`13462810 : engine13+0x167cf9 0c 00007ff9`54824484 : 00000006`0736f700 00000006`0ad3c440 00000004`13462810 00000000`799f3970 : engine13+0x1d2b6f 0d 00007ff9`548241bb : 00000000`00000040 00000004`099454c0 00000000`000004a8 00007ff9`549bcaf9 : engine13+0x1d4484 0e 00007ff9`54822e6b : 00000006`0736f700 00000000`00000000 00000004`0998f940 00007ff9`5495de4c : engine13+0x1d41bb 0f 00007ff9`548e67de : 00000006`0736f700 00000006`0ad3c440 00000002`55ccd730 00000000`000004b0 : engine13+0x1d2e6b 10 00007ff9`548e5b41 : 00007ff9`5481c690 00000002`55ccd730 00000006`0736f700 00000006`0884315c : engine13!firebird_plugin+0x57ebe 11 00007ff9`548df639 : 00000006`0736f700 00000006`0736f700 00000006`0ad3a4c0 00000000`799f3970 : engine13!firebird_plugin+0x57221 12 00007ff9`548df704 : 00000000`00000000 00002875`68478317 00000006`0736f700 00000000`00000000 : engine13!firebird_plugin+0x50d19 13 00007ff9`548e97f8 : 00000006`0736f700 00000002`4efdfa70 00000006`0ad3a4c0 00007ff9`548dfc19 : engine13!firebird_plugin+0x50de4 14 00007ff9`548de86d : 00000006`08843180 00007ff9`548deba1 ffffffff`fffffffe 00007ff9`547227c6 : engine13!firebird_plugin+0x5aed8 15 00007ff9`547b7fe2 : 00000006`08843198 00000006`08843198 00000004`0998f940 00000002`55ccd930 : engine13!firebird_plugin+0x4ff4d 16 00007ff9`54822b6f : 00000002`55ccd930 00000006`0ec22a48 00000006`0ad3a4c0 00000000`799f3970 : engine13+0x167fe2 17 00007ff9`54824484 : 00000006`0736f700 00000006`0ad3a4c0 00000002`55ccd930 00000006`0a7c6190 : engine13+0x1d2b6f 18 00007ff9`548241bb : 00000000`00000040 00000004`099454c0 00000000`0000000a 00007ff9`549bcaf9 : engine13+0x1d4484 19 00007ff9`54822e6b : 00000006`0736f700 00000000`00000000 00000004`0998f940 00007ff9`5495de4c : engine13+0x1d41bb 1a 00007ff9`548e67de : 00000006`0736f700 00000006`0ad3a4c0 00000000`00000000 00000006`0000000a : engine13+0x1d2e6b 1b 00007ff9`548e97f8 : 00000006`0ed7b3e8 00000006`0ed7b408 00000006`0736f700 00000006`0736f700 : engine13!firebird_plugin+0x57ebe 1c 00007ff9`5475188a : 00000006`0ed0c1c0 00000000`00000000 00000006`0ed0c1c0 00000006`0736f700 : engine13!firebird_plugin+0x5aed8 1d 00007ff9`54718d56 : 00000006`0ec43c50 00000006`0736f700 00000006`0ed0c1c0 00000004`00000008 : engine13+0x10188a 1e 00007ff9`54820f8c : 00000006`0ed0c1c0 00000006`0ec057a0 00000006`0ec055f0 00000006`0736f700 : engine13+0xc8d56 1f 00007ff9`547b7476 : 00000006`0ec21e68 00000006`0eb65f90 00000006`0ed0c1c0 00000006`0736f700 : engine13+0x1d0f8c 20 00007ff9`54822b6f : 00000006`0eb65f90 00000006`0736f529 00000006`0ed0c1c0 00000006`0a7c6190 : engine13+0x167476 21 00007ff9`54824484 : 00000006`0736f700 00000006`0ed0c1c0 00000006`0eb65f90 00000004`8acafa90 : engine13+0x1d2b6f 22 00007ff9`548241bb : 00000190`00000190 00000004`6397f240 ffffffff`fffffffe 00007ff9`54ae7b68 : engine13+0x1d4484 23 00007ff9`54822e6b : 00000006`0736f700 00000000`0000c0a1 00000004`0998f940 00000000`0120e160 : engine13+0x1d41bb 24 00007ff9`5486d444 : 00000006`0736f700 00000006`0ed0c1c0 ffffffff`fffffffe 00000000`00007c1c : engine13+0x1d2e6b 25 00007ff9`5472d701 : 00000000`00000000 00000004`8acafa90 00007ff9`54af1280 00000004`8acafa90 : engine13+0x21d444 26 00007ff9`5473e6f8 : 00000002`e51ca680 00000006`0736f898 00000002`ed6b0040 00000006`0eb63df0 : engine13+0xdd701 27 00007ff9`54879305 : 00000006`0736f610 00000005`8f371140 00000006`0736f828 00000006`0736fa90 : engine13+0xee6f8 28 00007ff9`5487213f : 00000005`8f371148 00000006`0736fa90 00000002`ed6b0040 00007ff9`71a063eb : engine13+0x229305 29 00007ff9`71a6ded2 : 00000006`0736f958 00000000`60f1b718 00000006`0736f958 00000006`0736f958 : engine13+0x22213f 2a 00007ff9`71a669ff : 00000005`49bc0e98 00000006`0736f958 00000002`ed6b0040 00000001`40049edc : fbclient!isc_version+0x1e4e2 2b 00000001`4001ccc6 : 00000001`3bc212a0 00000006`0736fa90 00000001`af4547d8 00000000`6ab66940 : fbclient!isc_version+0x1700f 2c 00000001`4002116e : 00000006`0b4b7b20 00000000`6ab66940 00000001`3cb2d7c0 00000000`6ab66940 : firebird+0x1ccc6 2d 00000001`4001f80b : 00000000`01630440 00000001`af4547c0 00000001`af4547c0 00000000`016304c0 : firebird+0x2116e 2e 00000001`4003ed25 : 00000000`0000003a 00000000`00000000 00000000`016304c0 00000000`00000000 : firebird+0x1f80b 2f 00007ff9`78a36b4c : 00000003`16e7da40 00000000`0018b080 00000000`00000000 00000000`00000000 : firebird+0x3ed25 30 00007ff9`79bc4de0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ucrtbase!thread_start+0x4c 31 00007ff9`7b2fec0b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x10 32 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2b 0:022> lmvm VCRUNTIME140 Browse full module list start end module name 00007ff9`70cd0000 00007ff9`70ceb000 VCRUNTIME140 (private pdb symbols) d:\averp_dumps\firebird-4.0.3.2975-0-x64-pdb\vcruntime140.amd64.pdb\38DD49151CC8F884F457AEB14C69A0F01\vcruntime140.amd64.pdb Loaded symbol image file: VCRUNTIME140.dll Image path: C:\Windows\System32\VCRUNTIME140.dll Image name: VCRUNTIME140.dll Browse all global symbols functions data Image was built with /Brepro flag. Timestamp: C94BF788 (This is a reproducible build file hash, not a timestamp) CheckSum: 0001BF13 ImageSize: 0001B000 File version: 14.36.32532.0 Product version: 14.36.32532.0 File flags: 0 (Mask 3F) File OS: 4 Unknown Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 Information from resource tables: CompanyName: Microsoft Corporation ProductName: Microsoft® Visual Studio® InternalName: vcruntime140.dll OriginalFilename: vcruntime140.dll ProductVersion: 14.36.32532.0 FileVersion: 14.36.32532.0 FileDescription: Microsoft® C Runtime Library LegalCopyright: © Microsoft Corporation. All rights reserved. `

hvlad commented 1 year ago

I moved most details under the spoiler. Without debug information (.pdb) files it is useless, sorry.

Could you provide me with crash dump file ?

gitnol commented 1 year ago

thanks for moving the details, hvlad! :)

The crash dump file is 30 GB in size. I will provide it. I need some time for compressing and uploading.

Firebird 4.0.3 pdb files are from here: https://github.com/FirebirdSQL/firebird/releases/download/v4.0.3/Firebird-4.0.3.2975-0-x64-pdb.zip

gitnol commented 1 year ago

I have concerns because the Firebird process may contain sensitive information. So I would like to send you the link to the dump personally. Is that okay for you? i would use hvlad@user.sourceforge.net for this.

hvlad commented 1 year ago

Sure, it is OK

hvlad commented 1 year ago
Important part of stack trace

00 VCRUNTIME140!memcpy(void)+0x5e7 [D:\a\_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm @ 721] 01 fbclient!Firebird::Array >::push(unsigned char * items = 0x00000006`0ede0030 "???", unsigned int itemsSize = 0xffffaae1)+0xb0 [z:\fb40\v4.0.3\firebird\src\common\classes\array.h @ 384] 02 fbclient!Firebird::ClumpletWriter::create(unsigned char * buffer = , unsigned int buffLen = , unsigned char tag = )+0x1c [z:\fb40\v4.0.3\firebird\src\common\classes\clumpletwriter.cpp @ 171] 03 fbclient!Firebird::ClumpletWriter::ClumpletWriter(struct Firebird::ClumpletReader::KindList * kl = 0x00007ff9`71b72e58, unsigned int limit = 0x100000, unsigned char * buffer = 0x00000006`0ede0030 "???", unsigned int buffLen = 0xffffaae1)+0x9e [z:\fb40\v4.0.3\firebird\src\common\classes\clumpletwriter.cpp @ 120] 04 fbclient!Why::Dispatcher::attachOrCreateDatabase(class Firebird::CheckStatusWrapper * status = 0x00000006`0736dd90, bool createFlag = false, char * filename = 0x00000006`0736df3c, unsigned int dpbLength = 0xffffaae1, unsigned char * dpb = 0x00000006`0ede0030 "???")+0x133 [z:\fb40\v4.0.3\firebird\src\yvalve\why.cpp @ 6300] 05 fbclient!Why::Dispatcher::attachDatabase(class Firebird::CheckStatusWrapper * status = , char * filename = , unsigned int dpbLength = , unsigned char * dpb = 0x00000006`0ede0030 "???")+0x1e [z:\fb40\v4.0.3\firebird\src\yvalve\why.cpp @ 6278] 06 fbclient!isc_attach_database(int64 * userStatus = 0x00000006`0736f700, short fileLength = 0n16, char * filename = 0x00000000`00000000 "", unsigned int * publicHandle = 0x00000006`08d1d360, short dpbLength = 0n-21791, char * dpb = 0x00000006`0ede0030 "???")+0x301 [z:\fb40\v4.0.3\firebird\src\yvalve\why.cpp @ 1595] 07 engine13!EDS::IscProvider::isc_attach_database(class Firebird::CheckStatusWrapper * user_status = , short file_length = , char * file_name = 0x00000006`08d1d1fc, unsigned int * public_handle = 0x00000006`08d1d360, short dpb_length = 0n-21791, char * dpb = 0x00000006`0ede0030 "???")+0x89 [z:\fb40\v4.0.3\firebird\src\jrd\extds\iscds.cpp @ 876] 08 engine13!EDS::IscConnection::attach(class Jrd::thread_db * tdbb = 0x00000006`0736f700)+0x1e8 [z:\fb40\v4.0.3\firebird\src\jrd\extds\iscds.cpp @ 131] 09 engine13!EDS::Provider::createConnection(class Jrd::thread_db * tdbb = 0x00000006`0736f700, class Firebird::StringBase * dbName = 0x00000006`0736e4b0, class Firebird::ClumpletReader * dpb = 0x00000006`0736e530, EDS::TraScope tra_scope = traCommon (0n2))+0x57 [z:\fb40\v4.0.3\firebird\src\jrd\extds\extds.cpp @ 349] 0a engine13!EDS::Manager::getConnection(class Jrd::thread_db * tdbb = 0x00000006`0736f700, class Firebird::StringBase * dataSource = , class Firebird::StringBase * user = , class Firebird::StringBase * pwd = 0x00000000`00000010, class Firebird::StringBase * role = 0x00000006`0736e700, EDS::TraScope tra_scope = traCommon (0n2))+0x315 [z:\fb40\v4.0.3\firebird\src\jrd\extds\extds.cpp @ 242] 0b engine13!Jrd::ExecStatementNode::execute(class Jrd::thread_db * tdbb = 0x00000006`0736f700, class Jrd::jrd_req * request = 0x00000006`0ad3c440, struct Jrd::StmtNode::ExeState * __formal = 0x00000004`13462810)+0x1f9 [z:\fb40\v4.0.3\firebird\src\dsql\stmtnodes.cpp @ 3780] 0c engine13!EXE_looper(class Jrd::thread_db * tdbb = 0x00000006`0736f700, class Jrd::jrd_req * request = 0x00000006`0ad3c440, class Jrd::StmtNode * node = 0x00000004`13462810)+0x19f [z:\fb40\v4.0.3\firebird\src\jrd\exe.cpp @ 1382]

Note dpb_length values in frames 7 and up. Looking for correct solution.

What is Firebird version of remote server ?

gitnol commented 1 year ago

The Server Version is Firebird 4.0.3

hvlad commented 1 year ago

The fix is committed, try next snapshot build, please.

gitnol commented 1 year ago

Hey Vlad,

Ok i will try it tomorrow and will answer afterwards in the thread. Beside that: Thanks Vlad for your patience and Support and engagement!

Have a nice Day. Markus

gitnol commented 1 year ago

Hi Vlad, I have deployed the new fbclient.dll. It seems to fix the issue. Thank you very much. Please contact me personally.

I have created additional pcap files with wireshark with disabled wirecrypt on a testserver, if you are interested in a deeper analysis (before and after replaced fbclient.dll)

Best regards Markus

gitnol commented 11 months ago

Firebird Server seems to be stable now. I close the issue. Again, Vlad, Thank you very much.

hvlad commented 11 months ago

Reopened until porting into all affected branches

hvlad commented 11 months ago

The bug reason is few factors happens at the same time:

pavel-zotov commented 8 months ago

@@@ QA issue @@@

Need suggestion how to make auth block more than 32KB ("large size of auth block (more than 32KB), sooner of all due to big number of Windows groups granted to the user's Windows account")

AlexPeshkoff commented 8 months ago

On 1/14/24 17:37, Pavel Zotov wrote:

due to big number of Windows groups granted to the user's Windows account

due to big number of Windows groups granted to the user's Windows account - is it reply to your question?

pavel-zotov commented 8 months ago

If this: "lot of Windows groups" is the only way to reproduce crash than i see no ability to implement such test. But Vlad noted: sooner of all - so maybe there is another way ?