[MDL-70480] get_user_submission susceptible to race condition resulting in invalid DB state - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.11.9, 4.0.2, 4.0.3
Fix Version/s: 3.11.10, 4.0.4
Component/s: Assignment
Labels:
- CatalystIT
- ci
- partner
- patch
- release_notes

Affected Branches:
MOODLE_311_STABLE, MOODLE_400_STABLE
Fixed Branches:
MOODLE_311_STABLE, MOODLE_400_STABLE
Pull from Repository:
https://github.com/chanqihui/moodle.git
Pull 3.11 Branch:
~~MDL-70480~~-311
Pull 3.11 Diff URL:
https://github.com/moodle/moodle/compare/MOODLE_311_STABLE...chanqihui:moodle:MDL-70480-311
Pull 4.0 Branch:
~~MDL-70480~~-400
Pull 4.0 Diff URL:
https://github.com/moodle/moodle/compare/MOODLE_400_STABLE...chanqihui:moodle:MDL-70480-400
Pull Master Branch:
~~MDL-70480~~-master
Pull Master Diff URL:
https://github.com/moodle/moodle/compare/master...chanqihui:moodle:MDL-70480-master

Testing Instructions:

Hide

Test that the database cannot get in an invalid state

Individual submissions

Create a course with an assignment (default settings are fine) and a user
As the user, in two separate sessions (use a regular browser session and an incognito session) browse to the course but do not click the assignment

Hack get_user_submission modifying the if ($create) block to look like the following:


if ($create) {
    sleep(30);
    $submission = new stdClass();
    $submission->assignment   = $this->get_instance()->id;
    $submission->userid       = $userid;
    $submission->timecreated = time();
    $submission->timemodified = $submission->timecreated;

Click the assignment in the normal browser session
While it is sleeping, click the assignment in the incognito window
Wait for both to finish:
- The first one will finish without error
- The second one will finish and display an error about a unique constraint violation (this is expected)
Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1

Group submissions

Create a course with a user and a group (ensure the user is in the group)
Create an assignment with group submissions enabled:
1. Add the assignment activity
2. Under "Group submission settings" set "Students submit in groups" to "Yes"
As the user, in two separate sessions (use a regular browser session and an incognito session) browse to the course but do not click the assignment

Hack get_group_submission modifying the if ($create) block to look like the following:


if ($create) {
    sleep(30);
    $submission = new stdClass();
    $submission->assignment   = $this->get_instance()->id;
    $submission->userid       = $userid;
    $submission->timecreated = time();
    $submission->timemodified = $submission->timecreated;

Click the assignment in the normal browser session
While it is sleeping, click the assignment in the incognito window
Wait for both to finish:
- The first one will finish without error
- The second one will finish and display an error about a unique constraint violation (this is expected)
Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1 (double check that the group ID is non-zero to be sure you are looking at the correct record)

Regression testing

Invidual submissions

Create a course with an assignment (default settings are fine) and a user
As the user, browse to the assignment
Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1

Group submissions

Create a course with a user and a group (ensure the user is in the group)
Create an assignment with group submissions enabled:
1. Add the assignment activity
Under "Group submission settings" set "Students submit in groups" to "Yes"
As the user, browse to the assignment
Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1 (double check that the group ID is non-zero to be sure you are looking at the correct record)

Show

Test that the database cannot get in an invalid state Individual submissions Create a course with an assignment (default settings are fine) and a user As the user, in two separate sessions (use a regular browser session and an incognito session) browse to the course but do not click the assignment Hack get_user_submission modifying the if ($create) block to look like the following: mod/assign/locallib.php 3924 if ( $create ) { 3925 sleep(30); 3926 $submission = new stdClass(); 3927 $submission ->assignment = $this ->get_instance()->id; 3928 $submission ->userid = $userid ; 3929 $submission ->timecreated = time(); 3930 $submission ->timemodified = $submission ->timecreated; Click the assignment in the normal browser session While it is sleeping, click the assignment in the incognito window Wait for both to finish: The first one will finish without error The second one will finish and display an error about a unique constraint violation (this is expected) Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1 Group submissions Create a course with a user and a group (ensure the user is in the group) Create an assignment with group submissions enabled: Add the assignment activity Under "Group submission settings" set "Students submit in groups" to "Yes" As the user, in two separate sessions (use a regular browser session and an incognito session) browse to the course but do not click the assignment Hack get_group_submission modifying the if ($create) block to look like the following: mod/assign/locallib.php 3927 if ( $create ) { 3928 sleep(30); 3929 $submission = new stdClass(); 3930 $submission ->assignment = $this ->get_instance()->id; 3931 $submission ->userid = $userid ; 3932 $submission ->timecreated = time(); 3933 $submission ->timemodified = $submission ->timecreated; Click the assignment in the normal browser session While it is sleeping, click the assignment in the incognito window Wait for both to finish: The first one will finish without error The second one will finish and display an error about a unique constraint violation (this is expected) Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1 (double check that the group ID is non-zero to be sure you are looking at the correct record) Regression testing Invidual submissions Create a course with an assignment (default settings are fine) and a user As the user, browse to the assignment Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1 Group submissions Create a course with a user and a group (ensure the user is in the group) Create an assignment with group submissions enabled: Add the assignment activity Under "Group submission settings" set "Students submit in groups" to "Yes" As the user, browse to the assignment Verify that there is a record in the mdl_assign_submission table corresponding to the user's ID and that the latest column is set to 1 (double check that the group ID is non-zero to be sure you are looking at the correct record)

Description

Probable root cause

After investigating the get_user_submission function, it appears it is susceptible to a race condition that leaves the submission table in an invalid state (i.e., every record for a specific student's assignment will have the latest flag set to 0). To reproduce:

Create a course with an assignment and a user
As the user, in two separate sessions (use a regular browser session and an incognito session) browse to the course but do not click the assignment

Hack get_user_submission modifying the if ($create) block to look like the following:


if ($create) {
    sleep(30);
    $submission = new stdClass();
    $submission->assignment   = $this->get_instance()->id;
    $submission->userid       = $userid;
    $submission->timecreated = time();
    $submission->timemodified = $submission->timecreated;

Click the assignment in the normal browser session
While it is sleeping, click the assignment in the incognito window
Wait for both to finish

The first one will complete; at this point a valid record is in the DB. But when the second one finishes sleeping and gets to this block:


if ($submission->latest) {
    // This is the case when we need to set latest to 0 for all the other attempts.
    $DB->set_field('assign_submission', 'latest', 0, $params);
}
$sid = $DB->insert_record('assign_submission', $submission);
return $DB->get_record('assign_submission', array('id' => $sid));

The query to set everything to zero (i.e., $DB->set_field('assign_submission', 'latest', 0, $params); but the query to add a new (valid) submission fails (i.e., $sid = $DB->insert_record('assign_submission', $submission);) due to a unique constraint.

Now the DB has one record with latest set to 0 and we observe that the view in the assignment table does not match the grader (which could be a bug in its own right).

Original description

When the number of users started rising sharply, we implemented a master/slave MariaDB 10.3.17 configuration for our Moodle 3.9.2 installation to alleviate some of the stress on the database, as we have also started receiving DDOS attacks.
Some of our users have started to notice some assignment submissions missing from the grading form in the assignment module. The form lists the users entry as not submitted, but the "Edit submission" or "Grade" option shows all the submitted files correctly.
After some database querying, we have found that the column "latest" in the table "mdl_assign_submission" is set to 0 on the users only submission entry for that assignment (status="submitted"), which was the reason for it not showing up on the grading forum.

As we have also had some problems with assignment notification mails for some users - the column "mailed" in the table "mdl_assign_user_flags" could not be set to 1 during the cron task, possibly due to the database sync time, which resulted in some users getting the same notification on every time the cron task ran.
We have since rolled back to a single database setup. We manually set the "mailed" flag to 1 for the users, affected by that previous problem, to stop receiving spam every minute.

We found all of the missing assignment submissions with the sql query:

SELECT s.id,s.assignment,s.userid,s.status,s.latest FROM mdl_assign_submission AS s

  JOIN mdl_course_modules AS m ON s.assignment=m.instance

  WHERE s.status="submitted"

  AND s.latest=0

  AND (SELECT count(*) FROM mdl_assign_submission WHERE assignment = s.assignment AND userid = s.userid ) = 1

  AND m.module=1;

and fixed them manually by running

UPDATE mdl_assign_submission AS s

  SET s.latest=1

  WHERE s.status="submitted"

  AND s.latest=0

  AND (SELECT count(*) FROM mdl_assign_submission WHERE assignment = s.assignment AND userid = s.userid ) = 1;

We have confirmed that the problems started when we switched to master/slave DB configuration and that no newly created submissions after the rollback to single database instance have experienced the same problem, so it would make sense to blame the database replica synchronization time interval. The problem does, however, persist on submissions that have been created during that time period and have since been updated.

Unfortunately, we have not been able to reproduce the problem, only its symptoms (setting the column "latest" to 0).

Any ideas as to what may have happened? Any help would be greatly appreciated.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

MDL-70480.png
28 kB
01/Sep/22 5:59 PM

Issue Links

has a non-specific relationship to

MDL-58697 Inconsistent view for assignment switched from group submission to non-group submission

Closed

MDL-62902 Ensure assignment submission is marked as latest

Closed

has been marked as being related by

MDL-70227 latest flag not correctly set for group submissions

Open

Activity

People

Assignee:: Qihui Chan

Reporter:: Timotej Jazbec

Peer reviewer:: cameron1729

Integrator:: Victor Déniz Falcón

Tester:: Mihail Geshoski

Participants:: Andrew Lyons, Brendan Heywood, cameron1729, CiBoT, Damien MASCRÉ, Dmitrii Metelkin, Eloy Lafuente (stronk7), Jun Pataleta, Mihail Geshoski, Qihui Chan, Simey Lameze, Timotej Jazbec, Victor Déniz Falcón

Component watchers:: Adrian Greeve, Ilya Tregubov, Kevin Percy, Mathew May, Mihail Geshoski, Shamim Rezaie

Votes:: 4 Vote for this issue

Watchers:: 17 Start watching this issue

Dates

Created:: 16/Dec/20 6:20 PM

Updated:: 05/Sep/22 1:36 PM

Resolved:: 02/Sep/22 1:33 PM

Fix Release Date:: 12/Sep/22

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

5h 47m

mod/assign/locallib.php
3924	if ($create) {
3925	sleep(30);
3926	$submission = new stdClass();
3927	$submission->assignment = $this->get_instance()->id;
3928	$submission->userid = $userid;
3929	$submission->timecreated = time();
3930	$submission->timemodified = $submission->timecreated;

mod/assign/locallib.php
3953	if ($submission->latest) {
3954	// This is the case when we need to set latest to 0 for all the other attempts.
3955	$DB->set_field('assign_submission', 'latest', 0, $params);
3956	}
3957	$sid = $DB->insert_record('assign_submission', $submission);
3958	return $DB->get_record('assign_submission', array('id' => $sid));