Page MenuHomeMiraheze
Create Task
Maniphest T7532

GlobalNewFiles disabled as caused too many connections to db11 (CVE-2021-32722)
Closed, ResolvedPublic
Actions

Description

@Reception123: Load is way too high. This looks like a DOS. Can you check mysql logs etc to see what was happening around when it started?

Might be worth restarting mysql to kill connections and see if it resumes.

Related Objects
Search...

Event Timeline

RhinosF1 created this task.Jun 26 2021, 11:50
Herald added a subscriber: Universal_Omega. · View Herald TranscriptJun 26 2021, 11:50
Reception123 added a comment.Jun 26 2021, 11:53

@RhinosF1 I checked cp* and it didn't seem like there were too many queries (other than Cyberpower's bot). Regarding MySQL I'm not sure how safe restarting is and I'd rather not risk it without someone who knows more than me around.

Reception123 added a comment.Jun 26 2021, 11:54

MySQL error is

2021-06-26 11:53:53 0 [Warning] Aborted connection 0 to db: 'unconnected' user: 'unauthenticated' host: 'connecting host' (Too many connections)

which I also saw on Icinga

Reception123 added a comment.Jun 26 2021, 11:54

and also

2021-06-26 11:51:56 1127084718 [Warning] Aborted connection 1127084718 to db: 'commonswiki' user: 'mediawiki' host: '2001:41d0:800:1bbd::8' (Got an error reading communication packets)
RhinosF1 added a comment.Jun 26 2021, 11:58

That's weird. What's that ip resolve too

Reception123 added a comment.EditedJun 26 2021, 12:01

It's mw10. Though that's just an example of an error, I'm sure there's other errors with other mw*s

RhinosF1 added a comment.Jun 26 2021, 12:08

Connections shouldn't be that high. Can you see what queries are being executed via bin logs?

Reception123 added a comment.Jun 26 2021, 12:39

GlobalNewFiles was causing a large amount of processes on db11. Disabled for the time being and connections have gone down so I hope things should stay calm.

RhinosF1 added a comment.Jun 26 2021, 12:54

Suggestion from Martin Urbanec is to move it to a job rather than on load assuming it is actually caused by people moving files too quick. He's sent a PR to include METHOD so it's easier to debug

Reception123 renamed this task from 26 June Incident to GlobalNewFiles caused too many connections to db11.Jun 26 2021, 13:13
Reception123 changed the visibility from "Custom Policy" to "Public (No Login Required)".
Reception123 changed the edit policy from "Custom Policy" to "All Users".
Reception123 edited projects, added Database, MediaWiki (SRE); removed Site Reliability Engineering.
Reception123 mentioned this in T7531: 503 Backend fetch failed errors lasting a few minutes.Jun 26 2021, 13:15
Reception123 lowered the priority of this task from High to Normal.Jun 26 2021, 13:56

Moving down to normal as the incident is now over and what is left to do is to modify GlobalNewFiles in a way that will avoid someone moving a lot of files from doing this to the database.

PiscesKazeMGR added a subscriber: PiscesKazeMGR.Jun 26 2021, 14:29
RhinosF1 renamed this task from GlobalNewFiles caused too many connections to db11 to GlobalNewFiles disabled as caused too many connections to db11.Jun 26 2021, 14:41
RhinosF1 added a project: GlobalNewFiles.
Herald added a project: Universal Omega. · View Herald TranscriptJun 26 2021, 14:42
Redmin added a subscriber: Redmin.Jun 26 2021, 15:51
Universal_Omega moved this task from Backlog to Bugs on the GlobalNewFiles board.Jun 27 2021, 06:27
Universal_Omega moved this task from Backlog to Short Term on the MediaWiki (SRE) board.
Universal_Omega moved this task from Unsorted to Short Term on the Universal Omega board.
RhinosF1 renamed this task from GlobalNewFiles disabled as caused too many connections to db11 to GlobalNewFiles disabled as caused too many connections to db11 (CVE-2021-32722).Jun 28 2021, 20:19
Universal_Omega closed subtask T7545: Ensure data from deleted wikis is purged from global tables as Invalid.Jun 29 2021, 23:56
Universal_Omega closed subtask T7542: Create & run a script to recover missing global files data as Declined.Jul 4 2021, 16:41
Universal_Omega claimed this task.EditedJul 15 2021, 17:53

I will re-enable the extension once my patches are tested and merged. (And it is deemed safe again)

Universal_Omega closed subtask T7533: Consider index on gnf_files tables as Resolved.Jul 19 2021, 20:11
Universal_Omega closed subtask T7534: Move global new files updates to background as Resolved.Jul 19 2021, 22:25
Universal_Omega closed this task as Resolved.Jul 19 2021, 22:37

Fixes deployed; re-enabled.

Universal_Omega closed subtask T7535: Consider use of MediaWiki PoolCounter as Declined.Jan 3 2022, 06:54
Universal_Omega closed subtask T7544: Monitor performance of DB Queries as Declined.Jan 27 2022, 16:20
Universal_Omega closed subtask T7543: Monitor size of database tables as Declined.