【详述】有一个统一的服务处理转发对starrocks的数据查询。安全人员对该服务进行sql注入。注入之后,拼接了sql如下:
SELECT COUNT(1) FROM ( SELECT contract_no , tenant_id from ads_xqy_saas_contract_data where (tenant_id = ‘8cc248f78d2c40aca7ec859a387423cd’ or (array_length(array_intersect(scn_tenant_id_array_filter,[‘8cc248f78d2c40aca7ec859a387423cd’]))>0 and contract_status >= 0)) and create_time >= ‘2021-10-01 00:00:00’ and create_time <= ‘2024-01-10’;SELECT BENCHMARK(5000000,MD5(0x566f6741))or ’ 23:59:59’ and (array_length(array_intersect(all_tenant_user_array_filter,[‘8cc248f78d2c40aca7ec859a387423cd:00ptbnd1818180851169154836719016’]))>0) order by time_sorter desc,contract_no desc ) TOTAL;
sql直接在mysql终端执行报错语法错误。但是经过服务的查询starrocks集群。在查询多次之后,整个集群出现查询超时错误,终端执行sql也会卡住。
【背景】进行sql注入。
【业务影响】
【是否存算分离】
【StarRocks版本】2.5.13
【集群规模】例如:3fe+3be
【机器信息】CPU虚拟核/内存/网卡,例如:48C/64G/万兆
【联系方式】为了在解决问题过程中能及时联系到您获取一些日志信息,请补充下您的联系方式,例如:社区群4-小李或者邮箱,谢谢
【附件】
集群为不活跃集群,当时fe/be的cpu、内存均无上涨,qps在4以下,且在卡住之后,qps直接降低为0,无任何sql可以正常执行。
fe异常日志:
2024-01-10 10:08:07,173 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.checkTimeout():653] kill query timeout, remote: 10.9.67.90:51536, query timeout: 300
2024-01-10 10:08:07,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.kill():598] kill query, 10.9.67.90:51536, kill connection: false
2024-01-10 10:08:07,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.checkTimeout():653] kill query timeout, remote: 10.9.67.90:51538, query timeout: 300
2024-01-10 10:08:07,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.kill():598] kill query, 10.9.67.90:51538, kill connection: false
2024-01-10 10:08:08,132 WARN (Repository|64) [MetricsConfig.loadFirst():136] Cannot locate configuration: tried hadoop-metrics2-s3a-file-system.properties,hadoop-metrics2.properties
2024-01-10 10:08:08,173 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.checkTimeout():653] kill query timeout, remote: 10.9.67.90:51536, query timeout: 300
2024-01-10 10:08:08,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.kill():598] kill query, 10.9.67.90:51536, kill connection: false
2024-01-10 10:08:08,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.checkTimeout():653] kill query timeout, remote: 10.9.67.90:51538, query timeout: 300
2024-01-10 10:08:08,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.kill():598] kill query, 10.9.67.90:51538, kill connection: false
2024-01-10 10:08:09,173 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.checkTimeout():653] kill query timeout, remote: 10.9.67.90:51536, query timeout: 300
2024-01-10 10:08:09,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.kill():598] kill query, 10.9.67.90:51536, kill connection: false
2024-01-10 10:08:09,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.checkTimeout():653] kill query timeout, remote: 10.9.67.90:51538, query timeout: 300
2024-01-10 10:08:09,174 WARN (Connect-Scheduler-Check-Timer-0|13) [ConnectContext.kill():598] kill query, 10.9.67.90:51538, kill connection: false
2024-01-10 10:08:09,784 WARN (starrocks-mysql-nio-pool-432|85405) [ResultReceiver.getNext():126] fetch result execution exception, finstId=6491742a-af5c-11ee-98d6-0242c9279f3b
java.util.concurrent.ExecutionException: Ocurrs time out with specfied time 299972 MILLISECONDS
at com.baidu.jprotobuf.pbrpc.client.ProtobufRpcProxy$2.get(ProtobufRpcProxy.java:578) ~[jprotobuf-rpc-core-4.2.1.jar:?]
at com.starrocks.qe.ResultReceiver.getNext(ResultReceiver.java:84) ~[starrocks-fe.jar:?]
at com.starrocks.qe.Coordinator.getNext(Coordinator.java:1553) ~[starrocks-fe.jar:?]
at com.starrocks.qe.StmtExecutor.handleQueryStmt(StmtExecutor.java:785) ~[starrocks-fe.jar:?]
at com.starrocks.qe.StmtExecutor.execute(StmtExecutor.java:465) ~[starrocks-fe.jar:?]
at com.starrocks.qe.ConnectProcessor.handleQuery(ConnectProcessor.java:327) ~[starrocks-fe.jar:?]
at com.starrocks.qe.ConnectProcessor.dispatch(ConnectProcessor.java:444) ~[starrocks-fe.jar:?]
at com.starrocks.qe.ConnectProcessor.processOnce(ConnectProcessor.java:711) ~[starrocks-fe.jar:?]
at com.starrocks.mysql.nio.ReadListener.lambda$handleEvent$0(ReadListener.java:55) ~[starrocks-fe.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?]
at java.lang.Thread.run(Thread.java:829) ~[?:?]
Caused by: java.util.concurrent.TimeoutException: Ocurrs time out with specfied time 299972 MILLISECONDS
at com.baidu.jprotobuf.pbrpc.client.ProtobufRpcProxy.doWaitCallback(ProtobufRpcProxy.java:625) ~[jprotobuf-rpc-core-4.2.1.jar:?]
at com.baidu.jprotobuf.pbrpc.client.ProtobufRpcProxy.access$0(ProtobufRpcProxy.java:611) ~[jprotobuf-rpc-core-4.2.1.jar:?]
at com.baidu.jprotobuf.pbrpc.client.ProtobufRpcProxy$2.get(ProtobufRpcProxy.java:576) ~[jprotobuf-rpc-core-4.2.1.jar:?]
… 11 more
2024-01-10 10:08:09,785 WARN (starrocks-mysql-nio-pool-432|85405) [Coordinator.getNext():1556] get next fail, need cancel. status errorCode CANCELLED Cancelled, query id: 6491742a-af5c-11ee
-98d6-0242c9279f2f
be在超时的那一段时间,一直打印:
W0110 10:08:30.351840 1042 pipeline_driver_poller.cpp:70] [Driver] Timeout, query_id=2536be93-ee36-4c4e-82e4-6bae7768552f, instance_id=2536be93-ee36-4c4e-82e4-6bae77685537
类似的错误。