Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ubuntu 17.10, or one of the package versions associated with it, breaks Dreamwidth #2248

Open
pauamma opened this issue Dec 18, 2017 · 4 comments

Comments

@pauamma
Copy link
Contributor

commented Dec 18, 2017

See the (long) discussion starting at https://dw-dev.dreamwidth.org/201371.html?thread=1548955#cmt1548955. My analysis of what could be the problem follows in another comment on this bug.

@pauamma

This comment has been minimized.

Copy link
Contributor Author

commented Dec 18, 2017

My analysis is based on https://dw-dev.dreamwidth.org/201371.html?thread=1557659#cmt1557659 and https://dw-dev.dreamwidth.org/201371.html?thread=1557915#cmt1557915, running https://gist.github.com/pauamma/16977a9d0114d1a5e3a6f7417423f22a as bin/upgrading/make_system.pl. For reference, LJ::challenge_check is at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L192, challenge_check_login at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L258, and LJ//challenge_generate at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L289.

  1. octorok's installation doesn't run memcache, see https://dw-dev.dreamwidth.org/201371.html?thread=1551259#cmt1551259.
  2. challenge_check is called twice in the modified make_system.pl, once at lines 66-67 (https://gist.github.com/pauamma/16977a9d0114d1a5e3a6f7417423f22a#file-gistfile1-txt-L66) and once at lines 70-71 (https://gist.github.com/pauamma/16977a9d0114d1a5e3a6f7417423f22a#file-gistfile1-txt-L70) through challenge_check_login at line 277 (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L277).
  3. on the first call, it doesn't run through lines 220-246 (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L220) because of the dont_check_count test (see line 219 of LJ::Auth at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L219 and line 65 of make_system.pl at https://gist.github.com/pauamma/16977a9d0114d1a5e3a6f7417423f22a#file-gistfile1-txt-L65).
  4. on the second call, it does. See line 69 of make_system.pl at https://gist.github.com/pauamma/16977a9d0114d1a5e3a6f7417423f22a#file-gistfile1-txt-L69. (I know the second call happens because $banned is 0 on return from challenge_check_login (see output at https://dw-dev.dreamwidth.org/201371.html?thread=1557915#cmt1557915), which can only happen if line 273 of LJ::Auth at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L273 is executed, as $banned is initialized to 2 in line 68 of make_system.pl at https://gist.github.com/pauamma/16977a9d0114d1a5e3a6f7417423f22a#file-gistfile1-txt-L68.) See also the different results of the first and second calls, which can't be explained otherwise.
  5. so at line 219 of LJ::Auth (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L219) on the second call, $valid is true and $expired is false, otherwise lines 220-246 would be skipped regardless of the setting of $opts->{dont_check_count}. But the output at https://dw-dev.dreamwidth.org/201371.html?thread=1557915#cmt1557915 shows $valid was set to 0 (see lines 249-253 of LJ::Auth at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L249), which can only happen at line 246 (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L246) if $count was 0 at that point.
  6. $count being 0 can happen either as a result of lines 230-240 of LJ::Auth at https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L230, or by not being set at all if those lines are skipped by the test at line 229 (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L229), since it's initialized to 0 at line 203 (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L203).
  7. however, I believe (based on my reading of the code) but could not verify experimentally that lines 230-240 of LJ::Auth (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L230) only set $count to a value > 0, so those lines would have to be skipped due to some error return from the locking at line 228 (https://github.com/dreamwidth/dw-free/blob/develop/cgi-bin/LJ/Auth.pm#L228).

So my tentative conclusion is that something changed with mysql between versions 16.4 and 17.10 of Ubuntu, which broke the lock, and presumably the other dozen or so uses of get_lock I found in the code.

@alierak

This comment has been minimized.

Copy link
Member

commented Dec 18, 2017

This is some nice work! I suspect:

https://dev.mysql.com/doc/refman/5.7/en/miscellaneous-functions.html#function_get-lock

"Before 5.7.5, only a single simultaneous lock can be acquired and GET_LOCK() releases any existing lock.

"In MySQL 5.7.5, GET_LOCK() was reimplemented using the metadata locking (MDL) subsystem and its capabilities were extended. Multiple simultaneous locks can be acquired and GET_LOCK() does not release any existing locks. It is even possible for a given session to acquire multiple locks for the same name. Other sessions cannot acquire a lock with that name until the acquiring session releases all its locks for the name."

@alierak

This comment has been minimized.

Copy link
Member

commented Dec 19, 2017

Hmm, no, probably nothing funny going on with multiple locks. I think it's this:

"MySQL 5.7.5 and later enforces a maximum length on lock names of 64 characters. Previously, no limit was enforced."

A quick test login attempt used a "chal" string 75 characters long.

@zorkian

This comment has been minimized.

Copy link
Member

commented Dec 19, 2017

Wow, super debugging @pauamma and @alierak! That's good to know and we'll have to fix it before one day upgrading to 18.04.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.