Bug #102891 MySQL driver crashed several times a day
Submitted: 10 Mar 2021 2:50 Modified: 16 Jul 2021 9:28
Reporter: Yang Oracle Email Updates:
Status: Closed Impact on me:
None 
Category:Connector / ODBC Severity:S2 (Serious)
Version: OS:Windows
Assigned to: CPU Architecture:Any

[10 Mar 2021 2:50] Yang Oracle 
Description:
MySQL driver crashed several times a day

The driver crash caused our child process crashed. The crash in fact happen inside MySQL driver. Could you please help to take a look at the crash with high priority

Threads:
	thread-0 tid=7660 
	[0] C:\Windows\System32\ntdll.dll!ZwWaitForSingleObject + 0x14
	[1] C:\Windows\System32\KERNELBASE.dll!WaitForSingleObjectEx + 0x93
	[2] C:\Windows\System32\ntdll.dll!RtlpAllocateHeapInternal + 0x907
	[3] C:\Program Files (x86)\Common Files\MicroStrategy\M8DatTy4_64.dll!operator new(unsigned __int64) [d:\A01\_work\6\s\src\vctools\crt\vcstartup\src\heap\new_scalar.cpp : 35 + 0x8]
		sp=0x3b3e4ff5a0 bp=0x20befa8fda8 
	[4] C:\Windows\System32\KERNELBASE.dll!WriteFile + 0x7a
	[5] C:\Program Files (x86)\Common Files\MicroStrategy\MJPrcCo2_64.dll!MMultiProcess::ProcessCommunicator::WriteToPipe(void const *,__int64,MSynch::Event *) [Z:\Server\Common\MultiProcess\ProcessCommunicator\PrivateSource\ProcessCommunicator.cpp : 235 + 0x10]
	thread-1 tid=7800 
	[0] C:\Windows\System32\ntdll.dll!NtWaitForWorkViaWorkerFactory + 0x14
	[1] C:\Windows\System32\ntdll.dll!TppWorkerThread + 0x274
	[2] C:\Windows\System32\kernel32.dll!BaseThreadInitThunk + 0x14
	[3] C:\Windows\System32\ntdll.dll!RtlUserThreadStart + 0x21
	thread-2 tid=7816 
	[0] C:\Windows\System32\ntdll.dll!NtWaitForWorkViaWorkerFactory + 0x14
	[1] C:\Windows\System32\ntdll.dll!TppWorkerThread + 0x274
	[2] C:\Windows\System32\kernel32.dll!BaseThreadInitThunk + 0x14
	[3] C:\Windows\System32\ntdll.dll!RtlUserThreadStart + 0x21
	thread-3 tid=3312 
	[0] C:\Windows\System32\ntdll.dll!NtGetContextThread + 0x14
		
	[1] C:\Windows\System32\KERNELBASE.dll!GetThreadContext + 0xb
	[2] C:\Windows\System32\dbgcore.dll + 0x8bf9
	[3] C:\Windows\System32\ntdll.dll!RtlpAllocateHeapInternal + 0x907
	thread-4 tid=2024 faulted
	[0] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x31c98
	[1] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x8a7e
	[2] C:\Windows\System32\ntdll.dll!RtlSetLastWin32Error + 0x40
	[3] 0x204d4f5246202a20
	[4] C:\Windows\System32\ucrtbase.dll!private: __crt_stdio_input::input_processor<char,class __crt_stdio_input::string_input_adapter<char> >::process_integer_specifier(unsigned int,bool) + 0x6f
	[5] C:\Windows\System32\ucrtbase.dll!__crt_stdio_input::input_processor<char,__crt_stdio_input::string_input_adapter<char> >::process_conversion_specifier + 0x3e
		sp=0x3b3e9fed80 bp=0x20bee08e150 
	[6] C:\Windows\System32\ucrtbase.dll!__crt_stdio_input::input_processor<char,__crt_stdio_input::string_input_adapter<char> >::process + 0x38
	[7] C:\Windows\System32\ucrtbase.dll!common_vsscanf<char> + 0xf8
	[8] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x2da17
		
	[9] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x1145f0
	[10] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x10dad4
	[11] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x2bba6
	[12] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x1145f0
	[13] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x882e
	[14] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x100016
	[15] C:\Windows\System32\ucrtbase.dll!__crt_stdio_input::to_integer_length + 0x35
	[16] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x114501
	[17] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x908e
	[18] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x41601
	[19] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x10da01
	[20] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x10da01
	[21] C:\Windows\System32\ucrtbase.dll!_malloc_base + 0x36
	[22] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x1145f8
	[23] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x10dad4
	[24] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x2da17
	[25] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x1145f0
	[26] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x10dad4
	[27] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x2bba6
	[28] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x1145f0
	[29] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x65b1
	[30] C:\Windows\System32\odbc32.dll!QueueOption + 0xb7
	[31] C:\Program Files\MySQL\Connector ODBC 8.0\myodbc8w.dll + 0x2f0d6
	[32] C:\Windows\System32\odbc32.dll!bStmtSequenceError + 0x36
	[33] C:\Windows\System32\odbc32.dll!SQLColumnsCover + 0x2e1
	[34] C:\Windows\System32\odbc32.dll!StmtAsyncNotificationProlog + 0x156
	[35] C:\Windows\System32\odbc32.dll!SQLColumnsW + 0x18e
	[36] C:\Windows\System32\ucrtbase.dll!_malloc_base + 0x36
	[37] 0xffffffffffffffff
	[38] C:\Program Files (x86)\Common Files\MicroStrategy\MJDbOd35_64.dll!MDb::Odbc35::Odbc::SQLColumnsW(MDb::Error &,MDb::DATABASE_TYPE,MDb::ODBCDriverVendor,void *,void *,void *,unsigned short const *,short,unsigned short const *,short,unsigned short const *,short,unsigned short const *,short,unsigned short const *,unsigned short const *,unsigned short const *) [Z:\Server\Common\Database\Odbc35\PrivateSource\Odbc.cpp : 292 + 0x58]
	[39] C:\Program Files (x86)\Common Files\MicroStrategy\MJDbOd35_64.dll!MDb::Odbc35::OdbcCatalog::Execute(MDb::Error &) [Z:\Server\Common\Database\Odbc35\PrivateSource\OdbcCatalog.cpp : 657 + 0xb9]
	[40] C:\Program Files (x86)\Common Files\MicroStrategy\MJDbOd35_64.dll!MDb::Odbc35::OdbcCatalog::ExecColumns(MDb::DatabaseString const &,MDb::DatabaseString const &,MDb::DatabaseString const &,MDb::DatabaseString const &) [Z:\Server\Common\Database\Odbc35\PrivateSource\OdbcCatalog.cpp : 340 + 0x16]
	[41] C:\Program Files (x86)\Common Files\MicroStrategy\MJDbCm3_64.dll!void MMultiProcess::Execute4ParametersCommandImpl<MDb::CatalogInternal,void (__cdecl MDb::CatalogInternal::*)(MDb::DatabaseString const &,MDb::DatabaseString const &,MDb::DatabaseString const &,MDb::DatabaseString const &),MDb::DatabaseString,MDb::DatabaseString,MDb::DatabaseString,MDb::DatabaseString,1,0>::Run() [Z:\Server\Common\MultiProcess\Defines\Execute4ParametersCommandImpl.h : 89 + 0x22]
	[42] C:\Program Files (x86)\Common Files\MicroStrategy\MJPrcCo2_64.dll!MMultiProcess::MultithreadedExecutor::Run() [Z:\Server\Common\MultiProcess\ProcessCommunicator\PrivateSource\MultithreadedExecutor.cpp : 323 + 0xd]
	[43] C:\Program Files (x86)\Common Files\MicroStrategy\M8Synch4_64.dll!MSynch::ThreadImpl::ThreadFunction(void *) [Z:\Server\Common\Synch\Synch\PrivateSource\ThreadImpl.cpp : 185 + 0x9]
	[44] C:\Windows\System32\kernel32.dll!BaseThreadInitThunk + 0x14
	[45] C:\Windows\System32\ntdll.dll!RtlUserThreadStart + 0x21

How to repeat:
The crash is reported by our customer. So not sure how to repeat it. But we can offer the mini dump file so you guys can debug further.
[10 Mar 2021 6:24] MySQL Verification Team 
Hello Yang,

Thank you for the bug report.
Could you please let us know the version of ODBC driver? Thanks.

Regards,
Ashwini Patil
[10 Mar 2021 6:55] Bogdan Degtyariov 
Can you please confirm the version of MySQL ODBC Driver is 8.0.18 64-bit?
Thanks.
[10 Mar 2021 11:32] Bogdan Degtyariov 
The crash happens because of the buffer overrun inside table_status_i_s() function when calling SQLColumns(). This can be seen in the minidump.

Even though the problem looks serious it is not S1 because a workaround exists for it (changing to S2):

The crash can be avoided by using NO_I_S=1 connection option either by adding it to the connection string or by ticking a box inside ODBC Data Source Administrator - > MySQL Connector ODBC Data Source Configuration dialog: 
  Details >> Metadata >> [x] Don't use INFORMATION_SCHEMA for metadata

Handling of catalog functions such as SQLColumns() was improved since the version 8.0.18, so you can also try MySQL ODBC Driver version 8.0.23.

Nevertheless, table_status_i_s() has to be re-implemented to be sure that the issue with buffer overrun does not happen again.
[16 Mar 2021 6:16] Bogdan Degtyariov 
Posted by developer:
 
The buffer overrun inside SQLColumns() has been fixed by optimizing the memory management and using std classes instead of static allocation.
[16 Mar 2021 8:03] Yang Oracle 
New mini dump

Attachment: DE198016.dmp (application/octet-stream, text), 67.97 KiB.
[16 Mar 2021 8:06] Yang Oracle 
Hi, 

Our customer send us a new crash dump. Could you please help us double check whether it is the same crash as previous one? Cuz the crash comes from the same customer. 

Regards,
[23 Apr 2021 10:31] Yang Oracle 
HI Mysql Team,

Could you please help to confirm whether the newly uploaded crash dump Attachment: DE198016.dmp is duplicate to the previous one?

Thanks a lot.
[23 Apr 2021 10:31] Yang Oracle 
HI Mysql Team,

Could you please help to confirm whether the newly uploaded crash dump Attachment: DE198016.dmp is duplicate to the previous one?

Thanks a lot.
[11 May 2021 7:01] Yang Oracle 
HI Mysql Team,

Could you please help to confirm whether the newly uploaded crash dump Attachment: DE198016.dmp is duplicate to the previous one?

Thanks a lot.
[9 Jun 2021 5:25] Philip Olson 
Posted by developer:
 
Fixed as of the upcoming MySQL Connector/ODBC 8.0.26 release, and here's the proposed changelog entry from the documentation team:

A buffer overrun inside SQLColumns() caused Connector/ODBC to
unexpectedly halt; memory management was optimized to prevent this
problem. 

 A workaround was to either use the NO_I_S=1
connection option or enable "Don't use INFORMATION_SCHEMA for metadata"
from the ODBC Data Source Administrator.

Thank you for the bug report.
[16 Jul 2021 9:28] Yang Oracle 
Could I say the newly upload core dump shares the same root cause of the first one? WE need your confirmation on this. 

Thanks a lot.
[16 Jul 2021 9:28] Yang Oracle 
Could I say the newly upload core dump shares the same root cause of the first one? WE need your confirmation on this. 

Thanks a lot.