search

edgelesssys / edgelessdb

EdgelessDB is a MySQL-compatible database for confidential computing. It runs entirely inside a secure enclave and comes with advanced features for collaboration, recovery, and access control.
https://edgeless.systems/products/edgelessdb
GNU General Public License v2.0
170 stars 17 forks source link

2022/05/25 09:23:10 http: panic serving 192.168.112.3:51396: cannot read MariaDB's error log: open /tmp/edb/mariadb-error.log: no such file or directory #100

Closed aep closed 2 years ago

aep commented 2 years ago 

umami-db-1     | [EDB] 2022/05/25 09:23:09 initializing ...
umami-db-1     | 2022-05-25  9:23:09 0 [Note] edb (mysqld 10.5.11-MariaDB) starting as process 32 ...
umami-db-1     | 2022/05/25 09:23:10 http: panic serving 192.168.112.3:51396: cannot read MariaDB's error log: open /tmp/edb/mariadb-error.log: no such file or directory
umami-db-1     | goroutine 9 [running]:
umami-db-1     | net/http.(*conn).serve.func1(0x7f0ca81eb9a0)
umami-db-1     |    /opt/edgelessrt/go/src/net/http/server.go:1804 +0x153
umami-db-1     | panic(0x7f0c922beb40, 0x7f0ca812a1f0)
umami-db-1     |    /opt/edgelessrt/go/src/runtime/panic.go:971 +0x499
umami-db-1     | github.com/edgelesssys/edgelessdb/edb/db.(*Mariadb).printErrorLog(0x7f0ca80e6180, 0x7f0ca8116c01, 0xf, 0x0)
umami-db-1     |    /edgelessdb/edb/db/mariadb.go:409 +0x36f
umami-db-1     | github.com/edgelesssys/edgelessdb/edb/db.(*Mariadb).Initialize(0x7f0ca80e6180, 0x7f0ca8280000, 0xba2, 0xc00, 0x0, 0x0)
umami-db-1     |    /edgelessdb/edb/db/mariadb.go:162 +0x30d
umami-db-1     | github.com/edgelesssys/edgelessdb/edb/core.(*Core).Initialize(0x7f0ca81fa1c0, 0x7f0ca8280000, 0xba2, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0)
umami-db-1     |    /edgelessdb/edb/core/core.go:153 +0x1e4
umami-db-1     | github.com/edgelesssys/edgelessdb/edb/server.CreateServeMux.func1(0x7f0c9241e8f8, 0x7f0ca81520e0, 0x7f0ca812e200)
umami-db-1     |    /edgelessdb/edb/server/server.go:57 +0x126
umami-db-1     | net/http.HandlerFunc.ServeHTTP(0x7f0ca81f0d70, 0x7f0c9241e8f8, 0x7f0ca81520e0, 0x7f0ca812e200)
umami-db-1     |    /opt/edgelessrt/go/src/net/http/server.go:2049 +0x46
umami-db-1     | net/http.(*ServeMux).ServeHTTP(0x7f0ca806f400, 0x7f0c9241e8f8, 0x7f0ca81520e0, 0x7f0ca812e200)
umami-db-1     |    /opt/edgelessrt/go/src/net/http/server.go:2428 +0x1ad
umami-db-1     | net/http.serverHandler.ServeHTTP(0x7f0ca81fa2a0, 0x7f0c9241e8f8, 0x7f0ca81520e0, 0x7f0ca812e200)
umami-db-1     |    /opt/edgelessrt/go/src/net/http/server.go:2867 +0xa5
umami-db-1     | net/http.(*conn).serve(0x7f0ca81eb9a0, 0x7f0c9241fe20, 0x7f0ca814e080)
umami-db-1     |    /opt/edgelessrt/go/src/net/http/server.go:1932 +0x8cd
umami-db-1     | created by net/http.(*Server).Serve
umami-db-1     |    /opt/edgelessrt/go/src/net/http/server.go:2993 +0x3ad
100  2978    0     0  100  2978      0   1877  0:00:01  0:00:01 --:--:--  1876
umami-umami-1  | curl: (52) Empty reply from server
aep commented 2 years ago

this is the manifest that reproduces the issue with docker image ghcr.io/edgelesssys/edgelessdb-sgx-1gb:latest

cat - > manifest.json <<EOF
{
    "sql": [
        "CREATE USER root@localhost IDENTIFIED BY 'root'",
        "CREATE USER root@'%' IDENTIFIED BY 'root'",
        "GRANT ALL ON *.* TO root WITH GRANT OPTION",
        "CREATE DATABASE umami",
        "USE umami",
        "drop table if exists event",
        "drop table if exists pageview",
        "drop table if exists session",
        "drop table if exists website",
        "drop table if exists account",
        "create table account ( user_id int unsigned not null auto_increment primary key, username varchar(255) unique not null, password varchar(60) not null, is_admin bool not null default false, created_at timestamp default current_timestamp, updated_at timestamp default current_timestamp)",
        "create table website ( website_id int unsigned not null auto_increment primary key, website_uuid varchar(36) unique not null, user_id int unsigned not null, name varchar(100) not null, domain varchar(500), share_id varchar(64) unique, created_at timestamp default current_timestamp)",
        "create table session ( session_id int unsigned not null auto_increment primary key, session_uuid varchar(36) unique not null, website_id int unsigned not null references website(website_id) on delete cascade, created_at timestamp default current_timestamp, hostname varchar(100), browser varchar(20), os varchar(20), device varchar(20), screen varchar(11), language varchar(35), country char(2))",
        "create table pageview ( view_id int unsigned not null auto_increment primary key, website_id int unsigned not null, session_id int unsigned not null, created_at timestamp default current_timestamp, url varchar(500) not null, referrer varchar(500))",
        "create table event ( event_id int unsigned not null auto_increment primary key, website_id int unsigned not null, session_id int unsigned not null, created_at timestamp default current_timestamp, url varchar(500) not null, event_type varchar(50) not null, event_value varchar(50) not null)",
        "create index website_user_id_idx on website(user_id)",
        "create index session_created_at_idx on session(created_at)",
        "create index session_website_id_idx on session(website_id)",
        "create index pageview_created_at_idx on pageview(created_at)",
        "create index pageview_website_id_idx on pageview(website_id)",
        "create index pageview_session_id_idx on pageview(session_id)",
        "create index pageview_website_id_created_at_idx on pageview(website_id, created_at)",
        "create index pageview_website_id_session_id_created_at_idx on pageview(website_id, session_id, created_at)",
        "create index event_created_at_idx on event(created_at)",
        "create index event_website_id_idx on event(website_id)",
        "create index event_session_id_idx on event(session_id)",
        "insert into account (username, password, is_admin) values ('admin', '\$2b\$10\$BUli0c.muyCW1ErNJc3jL.vFRFtFJWrT8/GcR4A.sUdCznaXiqFXa', true)"
    ]
}
EOF
curl --cacert edb.pem --data-binary @manifest.json https://db:8080/manifest
Nirusu commented 2 years ago

I am not really sure what the exact reason for this panic is, but it seems that the combination of using the most recent commits of both EdgelessDB and Edgeless RT does not have this issue anymore. Seems like it was fixed somewhere in between since the last official release.

In general this file can only really be missing if there is something wrong with the underlying enclave in-memory filesystem, or if MariaDB's file redirection (-> error_log) fails. This can happen if something goes wrong in Edgeless RT, or if MariaDB crashes early in the code before the file redirection is set up.

In any case, if you use either ghcr.io/edgelesssys/edgelessdb-debug-1gb:nightly or ghcr.io/edgelesssys/edgelessdb-debug-4gb:nightly for the moment until we release a new version of EdgelessDB (which should happen soon), this issue should not occur anymore.

But I can already tell you that the manifest is still not going to work, since RocksDB, the underlying storage engine we use for MariaDB, does not support generated columns:

ERROR: 1910  ROCKSDB storage engine does not support generated columns

This is unrelated to EdgelessDB specifically, though.

aep commented 2 years ago

confirming nightly from today does not crash.

not sure which of those are generated (not familiar with mysql). going to try removing them one by one.

aep commented 2 years ago

found it. it's "unique".

closing this issue because the bug appears to be fixed in nightly, thanks!