Bug #25203 Mysql crashes when mysql_kill() is executed in a connection using SSL
Submitted: 20 Dec 2006 8:43 Modified: 15 Feb 2007 4:30
Reporter: Bikas Suman Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:5.14, 5.0. OS:Microsoft Windows (Windows Xp/Linux)
Assigned to: Magnus Blåudd CPU Architecture:Any
Tags: crash, mysql_kill(), SSL

[20 Dec 2006 8:43] Bikas Suman
Description:
I was devloping the software where i was suppose to implement the stop query execution in a SSL connection mode.

For this i decided to make use of mysql_kill(), and it was working fine in normal connection , where i use to kill the thread associated with that query.

While implementing the same using a SSL connection i found that everytime the program executed the mysql_kill() , the server crashes .....

I think u should definately look into this.

How to repeat:
Start a mysql server ( I tested on 5.0.24a-community-nt-log, 5.1.14-beta-community ) with 
" mysqld --ssl-ca=cacert.pem --ssl-cert=server-cert.pem --ssl-key=server-key.pem "
as the starting command.

Then use any program to call mysql_kill(),

Windows Xp returns a crash report with the "send or don't send" options and the mysqld crashes.
[20 Dec 2006 22:48] Miguel Solorzano
Thank you for the bug report. Could you please provide the C code client
test case. Thanks in advance.
[21 Dec 2006 5:39] Bikas Suman
I have added the file in zip mode to /pub/mysql/upload.
If u cannot find it plz tell me , i am new to it and not sure if i have done it correctly,

The source is a simple c++ code written on .net platform,
I think it will clear my point.

If u need more info . please feel free to ask
I would be happy to contibute in ur proj.

Thx you
bikas,
[21 Dec 2006 10:53] Miguel Solorzano
Thank you for the feedback. Which is the zip filename? and it is small
you can attach it here using the files tab and private if you want.
Thanks in advance.
[21 Dec 2006 12:23] Bikas Suman
Sorry about that , its named  "SSl Sample.zip" in the "upload" folder.
It is a .net project so its kind of big. and the comment on the web site said if it is more then 200 kb , upload it in "upload" folder 

I have also attached only the code part here , u can have a look at that.
hope this time i am doing everything right :-)

thx,
bikas
[21 Dec 2006 12:24] Bikas Suman
mysql_kill() crash in ssl connection

Attachment: ssl.cpp (text/plain), 1.18 KiB.

[21 Dec 2006 14:47] Miguel Solorzano
Call stack for Windows and Linux

Attachment: backtrace-25203.txt (text/plain), 4.72 KiB.

[21 Dec 2006 14:54] Miguel Solorzano
Thank you for the bug report. I was able to crash the Windows and Linux
servers with your application (call stack attached for both). However
you need to use the multi-threaded client approach for that kind of
application, anyway the server should not crash disregarding the client
application.
[22 Dec 2006 4:01] Bikas Suman
Thx for ur quick response , 

Obviously we are using multi threaded approach for our application 

The prog that i send you is just for demo for the crash and was happy that you could find the crash easily. 

hoping for quick fix ,

bye
Bikas ,
[15 Jan 2007 10:07] Magnus Blåudd
Can reproduce
[26 Jan 2007 7:58] Magnus Blåudd
Related to bug#19209
[26 Jan 2007 10:30] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/18837

ChangeSet@1.2392, 2007-01-26 11:30:54+01:00, msvensson@shellback.(none) +3 -0
  Bug#25203 Mysql crashes when mysql_kill() is executed in a connection using SSL
   - It's too early to free the SSL object in 'vio_ssl_close'. There
     might still be a thread using or reading from it on platforms
     where we need to close the active connection/socket in order
     to break the read.  
   - Add new function 'vio_ssl_delete' and install it as the viodelete
     function for SSL connections.
[14 Feb 2007 15:09] Chad MILLER
Available in 5.0.36 and 5.1.16-beta.
[15 Feb 2007 4:30] Paul Dubois
Noted in 5.0.36, 5.1.16 changelogs.

mysql_kill() caused a server crash when used on an SSL connection.