Page MenuHomePhabricator
Create Task
Maniphest T144235

SpecialWhatLinksHere::showIndirectLinks is broken
Closed, ResolvedPublic
Actions

Description

Setting as NDA only because while it is active, it could be used for DOS.

Unauthenticated users can ask for 1-hour long queries, efectively denying the service of a database server by just hitting fast enough.

Hits 	Tmax 	Tavg 	Tsum 	Hosts 	Users 	Schemas 
18	1,945	1,332	23,984	db1083	wikiuser	enwiki
SELECT /* SpecialWhatLinksHere::showIndirectLinks <ip> */ page_id, page_namespace, page_title, rd_from, page_is_redirect FROM (SELECT /*! STRAIGHT_JOIN */ pl_from, rd_from FROM `pagelinks` LEFT JOIN `redirect` ON ((rd_from = pl_from) AND rd_title = 'Contents' AND (rd_interwiki = '' OR rd_interwiki IS NULL) AND rd_namespace = '12') INNER JOIN `page` ON ((pl_from = page_id)) WHERE pl_namespace = '12' AND pl_title = 'Contents' AND (rd_from is NOT NULL) ORDER BY pl_from LIMIT 102 ) `temp_backlink_range` INNER JOIN `page` ON ((pl_from = page_id)) ORDER BY page_id LIMIT 51 /* c6af36508337896c95736155b3658e6c db1083 enwiki 1945s */
6	53	15	91	db1083	wikiuser	enwiki
SELECT /* SpecialWhatLinksHere::showIndirectLinks <ip> */ page_id, page_namespace, page_title, rd_from, page_is_redirect FROM (SELECT /*! STRAIGHT_JOIN */ pl_from, rd_from FROM `pagelinks` LEFT JOIN `redirect` ON ((rd_from = pl_from) AND rd_title = 'Contents' AND (rd_interwiki = '' OR rd_interwiki IS NULL) AND rd_namespace = '12') INNER JOIN `page` ON ((pl_from = page_id)) WHERE pl_namespace = '12' AND pl_title = 'Contents' ORDER BY pl_from LIMIT 102 ) `temp_backlink_range` INNER JOIN `page` ON ((pl_from = page_id)) ORDER BY page_id LIMIT 51 /* 413819f8da117fd955cc1a72fece6ccf db1083 enwiki 4s */

Those queries look terrible, BTW.

Details

ProjectBranchLines +/-Subject
mediawiki/coremaster+39 -13SpecialWhatLinksHere: Fix queries (2020 edition)
Customize query in gerrit

Related Objects

Event Timeline

jcrespo created this task.Aug 29 2016, 8:41 PM
jcrespo created this object with visibility "WMF-NDA (Project)".
jcrespo created this object with edit policy "WMF-NDA (Project)".
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 29 2016, 8:41 PM
greg added a subscriber: greg.Aug 29 2016, 8:46 PM
Platonides added a subscriber: Platonides.Aug 29 2016, 8:48 PM
bd808 added a subscriber: bd808.Aug 29 2016, 8:52 PM

See T106682: SpecialWhatLinksHere::showIndirectLinks - Lost connection to MySQL server during query (10.64.16.28) for the last time this special page was causing issues.

jcrespo added a comment.Aug 29 2016, 8:53 PM

More than possibly related: T106682

I've setup a watchdog on db1083 to kill long running queries, but this should be fixed on code.

Krinkle moved this task from Untriaged to Usage problem on the Wikimedia-Rdbms board.May 8 2017, 1:27 AM
Krinkle edited projects, added MediaWiki-Special-pages, Wikimedia-database-error; removed MediaWiki-General, Wikimedia-Rdbms.Jul 18 2019, 7:44 PM
Krinkle moved this task from To triage to Special:WhatLinksHere on the MediaWiki-Special-pages board.
Marostegui added a project: Platform Engineering.Feb 12 2020, 1:14 PM
Marostegui added subscribers: Anomie, Marostegui.

We should definitely try to fix these queries - is this something Platform Engineering can help with or should we tag some other team(s)?

root@db1081.eqiad.wmnet[commonswiki]> explain SELECT /* SpecialWhatLinksHere::showIndirectLinks */ page_id, page_namespace, page_title, rd_from, page_is_redirect FROM (SELECT /*! STRAIGHT_JOIN */ pl_from, rd_from FROM `pagelinks` LEFT JOIN `redirect` ON ((rd_from = pl_from) AND rd_title = 'Community_portal' AND (rd_interwiki = '' OR rd_interwiki IS NULL) AND rd_namespace = 4) JOIN `page` ON ((pl_from = page_id)) WHERE pl_namespace = 4 AND pl_title = 'Community_portal' AND (rd_from is NOT NULL) ORDER BY pl_from LIMIT 102 ) `temp_backlink_range` JOIN `page` ON ((pl_from = page_id)) ORDER BY page_id LIMIT 51;
+------+-------------+------------+--------+----------------------+--------------+---------+-------------------------------+----------+---------------------------------+
| id   | select_type | table      | type   | possible_keys        | key          | key_len | ref                           | rows     | Extra                           |
+------+-------------+------------+--------+----------------------+--------------+---------+-------------------------------+----------+---------------------------------+
|    1 | PRIMARY     | <derived2> | ALL    | NULL                 | NULL         | NULL    | NULL                          |      102 | Using temporary; Using filesort |
|    1 | PRIMARY     | page       | eq_ref | PRIMARY              | PRIMARY      | 4       | temp_backlink_range.pl_from   |        1 |                                 |
|    2 | DERIVED     | pagelinks  | ref    | PRIMARY,pl_namespace | pl_namespace | 261     | const,const                   | 16852036 | Using where; Using index        |
|    2 | DERIVED     | redirect   | eq_ref | PRIMARY,rd_ns_title  | PRIMARY      | 4       | commonswiki.pagelinks.pl_from |        1 | Using where                     |
|    2 | DERIVED     | page       | eq_ref | PRIMARY              | PRIMARY      | 4       | commonswiki.pagelinks.pl_from |        1 | Using index                     |
+------+-------------+------------+--------+----------------------+--------------+---------+-------------------------------+----------+---------------------------------+
5 rows in set (0.00 sec)
Anomie added a comment.Feb 12 2020, 2:54 PM
In T144235#5876530, @Marostegui wrote:

We should definitely try to fix these queries - is this something Platform Engineering can help with or should we tag some other team(s)?

We're good as a starting point.

This specific query looks like it's running into the over-filtering problem: it's trying to select the tiny subset of links to a heavily-linked page that are redirects. Removing the STRAIGHT_JOIN would allow it to use a much better plan, but we'll need to avoid recreating T106682.

I'll poke at this for a bit longer and see what I can come up with.

Anomie claimed this task.Feb 12 2020, 2:54 PM
Anomie edited projects, added Platform Team Workboards (Clinic Duty Team); removed Platform Engineering.
Anomie moved this task from Inbox to Doing on the Platform Team Workboards (Clinic Duty Team) board.
Anomie moved this task from Doing to Waiting for Review on the Platform Team Workboards (Clinic Duty Team) board.Feb 12 2020, 3:45 PM
Jdforrester-WMF added a project: MW-1.35-notes (1.35.0-wmf.22; 2020-03-03).Feb 26 2020, 4:45 PM
Anomie moved this task from Waiting for Review to Done on the Platform Team Workboards (Clinic Duty Team) board.Feb 27 2020, 2:22 PM

Oops, this was private (but not security). The patch was https://gerrit.wikimedia.org/r/c/mediawiki/core/+/571739

This seems done now except for possible backporting.

jcrespo added a comment.EditedFeb 27 2020, 3:09 PM

We can open it now and resolve it, is there any private data left on the ticket (I will check now too)?

Not that I can see, ip were redacted and the query doesn't have anything private, correct me if wrong. If agree, you can resolve it too.

jcrespo added a comment.Feb 27 2020, 3:12 PM

Ups, I missed:

except for possible backporting

So everything applies, except I would wait until things are fully on production.

CCicalese_WMF closed this task as Resolved.Apr 28 2020, 8:48 PM
CCicalese_WMF added a subscriber: CCicalese_WMF.

Marking as Resolved as it is in the Done column. Feel free to reopen if there is remaining work.

jcrespo added a comment.Apr 29 2020, 6:48 AM

@CCicalese_WMF normally the NDA (security) tickets are open up (made public) upon resolution, unless there is any kind of private information that would prevent that.

CCicalese_WMF changed the visibility from "WMF-NDA (Project)" to "Public (No Login Required)".Apr 29 2020, 1:50 PM
CCicalese_WMF changed the edit policy from "WMF-NDA (Project)" to "All Users".

Thank you, @jcrespo. Making public per T144235#6092134.

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:39 PM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL