我正在使用mysqlclient从一台服务器连接到另一台服务器,运行MariaDB 10.0.27。
不使用TLS的连接没有任何问题。大多数使用TLS的连接都没有任何问题。但是,有时Python脚本会崩溃,例如:
*** Error in `python': double free or corruption (fasttop):
0x0000000000eccea0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x71ff5)[0x7f23b22f7ff5]
/lib/x86_64-linux-gnu/libc.so.6(+0x77946)[0x7f23b22fd946]
/lib/x86_64-linux-gnu/libc.so.6(+0x7812e)[0x7f23b22fe12e]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2(CRYPTO_free+0x1d)[0x7f23b057fddd]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2(OBJ_NAME_add+0x91)[0x7f23b0582951]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2(EVP_add_cipher+0x25)[0x7f23b0641a65]
/usr/lib/x86_64-linux-gnu/libssl.so.1.0.2(SSL_library_init+0x11)[0x7f23b09b86b1]
/usr/lib/libmysqlclient.so.18(+0x58fe4)[0x7f23ad81cfe4]
/usr/lib/libmysqlclient.so.18(+0x591a4)[0x7f23ad81d1a4]
/usr/lib/libmysqlclient.so.18(+0x2ab9b)[0x7f23ad7eeb9b]
/usr/lib/libmysqlclient.so.18(+0x2afed)[0x7f23ad7eefed]
/usr/lib/libmysqlclient.so.18(+0x28066)[0x7f23ad7ec066]
/usr/lib/libmysqlclient.so.18(+0x2b2e3)[0x7f23ad7ef2e3]
/usr/lib/libmysqlclient.so.18(mysql_real_connect+0xba2)[0x7f23ad7f1542]
/usr/local/lib/python2.7/site-packages/_mysql.so(+0x5c82)[0x7f23add39c82]
/usr/local/lib/libpython2.7.so.1.1(+0xb8e2c)[0x7f23b3004e2c]
/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x375e)[0x7f23b305309e]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalCodeEx+0x81c)[0x7f23b30592cc]
/usr/local/lib/libpython2.7.so.1.1(+0x855ed)[0x7f23b2fd15ed]
/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]
/usr/local/lib/libpython2.7.so.1.1(+0x6588c)[0x7f23b2fb188c]
/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]
/usr/local/lib/libpython2.7.so.1.1(+0xbff2d)[0x7f23b300bf2d]
/usr/local/lib/libpython2.7.so.1.1(+0xbe92f)[0x7f23b300a92f]
/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x375e)[0x7f23b305309e]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalCodeEx+0x81c)[0x7f23b30592cc]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x5cf0)[0x7f23b3055630]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalCodeEx+0x81c)[0x7f23b30592cc]
/usr/local/lib/libpython2.7.so.1.1(+0x855ed)[0x7f23b2fd15ed]
/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x375e)[0x7f23b305309e]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalCodeEx+0x81c)[0x7f23b30592cc]
/usr/local/lib/libpython2.7.so.1.1(+0x855ed)[0x7f23b2fd15ed]
/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]
/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x375e)[0x7f23b305309e]/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x5e01)[0x7f23b3055741]/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalFrameEx+0x5e01)[0x7f23b3055741]/usr/local/lib/libpython2.7.so.1.1(PyEval_EvalCodeEx+0x81c)[0x7f23b30592cc]/usr/local/lib/libpython2.7.so.1.1(+0x8551c)[0x7f23b2fd151c]/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]/usr/local/lib/libpython2.7.so.1.1(+0x6588c)[0x7f23b2fb188c]/usr/local/lib/libpython2.7.so.1.1(PyObject_Call+0x43)[0x7f23b2fa05c3]/usr/local/lib/libpython2.7.so.1.1(PyEval_CallObjectWithKeywords+0x47)[0x7f23b304f347]/usr/local/lib/libpython2.7.so.1.1(+0x14aa22)[0x7f23b3096a22]/lib/x86_64-linux-gnu/libpthread.so.0(+0x7454)[0x7f23b2d36454]/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f23b236eecd]
(然后是一张记忆地图和“中止”一词)。
我无法找到任何方法可靠地重现这一点,并且无法识别在问题发生时可能解释原始服务器或MariaDB服务器上发生的任何事情。
服务器的TLS设置为:
MariaDB [(none)]> show variables like "%ssl%";
+---------------+-------------------------------------------------------+
| Variable_name | Value |
+---------------+-------------------------------------------------------+
| have_openssl | YES |
| have_ssl | YES |
| ssl_ca | /etc/ssl/private/ca-cert.pem |
| ssl_capath | |
| ssl_cert | /etc/ssl/private/client-cert.pem |
| ssl_cipher | CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA |
| ssl_crl | |
| ssl_crlpath | |
| ssl_key | /etc/ssl/private/client-key.pem |
+---------------+-------------------------------------------------------+
Python代码使用ssl={"key": "/etc/ssl/private/client-key.pem", "cert": "/etc/ssl/private/client-cert.pem"}传递SSL变量。这些问题似乎不太可能,因为大多数连接都能正常工作。 MariaDB用户设置了REQUIRE SSL,因此所有连接都需要使用TLS。
这里出了什么问题?或者,如果无法确定,我该如何进一步调查?
答案 0 :(得分:1)
这似乎是libmysqlclient(或libssl)的上游问题。在具有SSL连接的线程程序中使用mysqlclient时,似乎会出现此问题。即使连接已本地化为特定线程,也会发生这种情况。
我不能100%确定哪个版本受到影响,但我可以确认这些版本的问题:
ii libssl1.0.2:amd64 1.0.2i-1 amd64
ii libc6:amd64 2.22-6 amd64
ii libmysqlclient18 10.0.27+maria-1~sid amd64
并在以下版本中修复:
ii libssl1.0.2:amd64 1.0.2j-1 amd64
ii libc6:amd64 2.24-5 amd64
ii libmariadbclient18:amd64 10.0.28-1 amd64
另请参阅相关的github issue