Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rewriting binary logs because your database broke

Chris Sinjakli
June 18, 2020
Programming
0
43

Rewriting binary logs because your database broke

Chris Sinjakli

June 18, 2020
Tweet

More Decks by Chris Sinjakli

See All by Chris Sinjakli
Deconstructing an Abstraction to Reconstruct an Outage
sinjo
0
37
Making the Impossible Impossible: Improving Reliability by Preventing Classes of Problems
sinjo
0
51
The ups and downs of building a payments API
sinjo
1
96
Doing things the hard way
sinjo
1
120
Hiring SREs may be literally impossible
sinjo
1
85
Zero-downtime Postgres upgrades (PGDay UK edition)
sinjo
0
120
Lessons Learned the Hard Way: Postgres in Production at GoCardless (PGConf US Edition)
sinjo
2
250
A million containers isn't cool
sinjo
0
67
Zero-downtime Postgres upgrades (DoxLon Edition)
sinjo
1
180

Other Decks in Programming

See All in Programming
PHP8によるデザインパターン入門 / Introduction to Design Patterns with PHP8
fendo181
1
740
6年以上メンテされていない!? クレカ読み取りライブラリの廃止とDataScannerViewControllerを使ってクレカ読み取りを実装しよう!
terukinakano
0
120
名付けできない画面を作ってはならない - 名前を付けるとは何か
chatii
0
620
Honoの3+1のルーターとそこにつながるPRがプロジェクトにもたらしたもの
usualoma
1
950
Change Data Streaming Patterns With Debezium & Apache Flink
gunnarmorling
2
120
PsySHを使った効率的なデバッグ方法について / How debug efficiently using PsySH
fendo181
0
450
SQLite en production ? Et si vous réévaluiez vos options ?
guikingone
1
280
特徴、魅力を知って、各PHPフレームワークを使いこなそう! / PHPerkaigi 2023
hitoshi_a0
0
260
パフォーマンスを改善せよ!大規模システム改修の仕事の進め方 / Improve performance with Big project for PHPerKaigi 2023
taclose
0
700
CSC308 Lecture 26
javiergs
PRO
0
120
時間を気にせず普通にカンニングもしつつ ISUCON12 本選問題を PHP でやってみる
sji
0
1.2k
社内のメンバーに「関数型プログラミングの学習・教育」についていろいろ聞いてみた
j5ik2o
1
480

Featured

See All Featured
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
214
12k
Typedesign – Prime Four
hannesfritz
34
1.6k
Web Components: a chance to create the future
zenorocha
304
41k
The World Runs on Bad Software
bkeepers
PRO
59
5.8k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
32
9k
For a Future-Friendly Web
brad_frost
166
7.9k
Rails Girls Zürich Keynote
gr2m
87
12k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
176
9.2k
Happy Clients
brianwarren
90
5.9k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
9
5k
Atom: Resistance is Futile
akmur
256
24k

Transcript

  1. Hi

    View Slide

  2. @ChrisSinjo

    View Slide

  3. @ChrisSinjo

    View Slide

  4. @ChrisSinjo

    View Slide

  5. Rewriting binary logs
    because your
    database
    broke
    @ChrisSinjo

    View Slide

  6. Site Reliability
    Engineer

    View Slide

  7. Site Reliability
    Engineer
    (a Software Engineer who cares more about
    systems…ish)

    View Slide

  8. View Slide

  9. POST /cash/monies HTTP/1.1
    { amount: 100 }

    View Slide

  10. High per-request

    View Slide

  11. Uptime is

    View Slide

  12. One part of a
    production incident

    View Slide

  13. View Slide

  14. https://gocardless.com/blog/incident-review-api-and-dashboard-outage-on-10th-
    october/

    View Slide

  15. Postgres
    Postgres
    Replication
    Application

    View Slide

  16. Postgres
    Postgres
    Replication
    Application

    View Slide

  17. Postgres
    Postgres
    Application

    View Slide

  18. Postgres
    Postgres
    Application

    View Slide

  19. Many parts to that
    investigation

    View Slide

  20. Too many for one
    talk

    View Slide

  21. Focus:
    Debugging parts of the system
    you don’t normally touch

    View Slide

  22. Focus:
    Reproduce what happened
    with Postgres’ binary logs
    during that incident

    View Slide

  23. What is a
    binary log?

    View Slide

  24. [2020-06-14 23:02:37Z] GET /
    [2020-06-14 23:02:49Z] GET /favicon.ico
    [2020-06-14 23:03:53Z] GET /posts/binary-logs—talk
    What we normally mean by logs

    View Slide

  25. Databases have
    a different kind
    of log

    View Slide

  26. INSERT INTO talks VALUES ('binary-logs');
    INSERT INTO talks VALUES ('niche-git-features');
    INSERT INTO talks VALUES ('fp-karaoke');
    Some extremely boring SQL

    View Slide

  27. View Slide

  28. View Slide

  29. Warning:
    simplifying lie ahead

    View Slide

  30. INSERT INTO talks VALUES ('binary-logs');
    INSERT INTO talks VALUES ('niche-git-features');
    INSERT INTO talks VALUES ('fp-karaoke');

    Wrote 'binary-logs' into table 'talks'
    Wrote 'niche-git-features' into table 'talks'
    Wrote 'fp-karaoke' into table 'talks'
    A different kind of logs
    (if they were textual)

    View Slide

  31. But why bother
    doing that?

    View Slide

  32. Crash safety

    View Slide

  33. Index Table
    id talk_name
    1 binary-logs
    2 niche-git-features
    id
    1
    2

    View Slide

  34. Index Table
    id talk_name
    1 binary-logs
    2 niche-git-features
    3 fp-karaoke
    id
    1
    2

    View Slide

  35. Index Table
    id talk_name
    1 binary-logs
    2 niche-git-features
    3 fp-karaoke
    id
    1
    2
    .

    View Slide

  36. Index Table
    id talk_name
    1 binary-logs
    2 niche-git-features
    3 fp-karaoke
    id
    1
    2
    ???

    View Slide

  37. INSERT INTO talks VALUES ('binary-logs');
    INSERT INTO talks VALUES ('niche-git-features');
    INSERT INTO talks VALUES ('fp-karaoke');

    Wrote 'binary-logs' into table 'talks'
    Wrote 'niche-git-features' into table 'talks'
    Wrote 'fp-karaoke' into table 'talks'
    We can replay this operation

    View Slide

  38. Index Table
    id talk_name
    1 binary-logs
    2 niche-git-features
    3 fp-karaoke
    id
    1
    2
    ???

    View Slide

  39. Index Table
    id talk_name
    1 binary-logs
    2 niche-git-features
    3 fp-karaoke
    id
    1
    2
    3

    View Slide

  40. Also:
    replication

    View Slide

  41. Postgres
    Postgres
    Replication
    Application

    View Slide

  42. Postgres
    Postgres
    Replication
    Application
    (binary logs)

    View Slide

  43. So why the interest
    in rewriting the
    binary logs?

    View Slide

  44. 2020-06-14 17:23:01 GMT LOG: restored log file
    "000000020000000000000003" from archive
    2020-06-14 17:23:02 GMT LOG: invalid record length
    at 0/3000180
    A suspicious error message

    View Slide

  45. Issue restoring binary log

    Cause of failure to
    promote replica?

    View Slide

  46. Goal: do this
    repeatably in a non-
    production cluster

    View Slide

  47. 2020-06-14 17:23:01 GMT LOG: restored log file
    "000000020000000000000003" from archive
    2020-06-14 17:23:02 GMT LOG: invalid record length
    at 0/3000180
    Goal: produce this error message

    View Slide

  48. We can cheat:
    Postgres is
    open source

    View Slide

  49. But!

    View Slide

  50. These techniques
    also work on closed
    source software

    View Slide

  51. We just call that
    reverse engineering

    View Slide

  52. $ git checkout REL9_4_26 # we were running 9.4
    $ git grep -n "invalid record length"
    src/backend/access/transam/xlogreader.c:295: [...]
    src/backend/access/transam/xlogreader.c:604: [...]
    src/backend/access/transam/xlogreader.c:678: [...]
    Let's find the error

    View Slide

  53. src/backend/access/transam/xlogreader.c:291-300:
    {
    /* XXX: more validation should be done here */
    if (total_len < SizeOfXLogRecord)
    {
    report_invalid_record(state, "invalid record length at %X/%X",
    (uint32) (RecPtr >> 32), (uint32) RecPtr);
    goto err;
    }
    gotheader = false;
    }
    Let's find the error

    View Slide

  54. src/backend/access/transam/xlogreader.c:291-300:
    {
    /* XXX: more validation should be done here */
    if (total_len < SizeOfXLogRecord)
    {
    report_invalid_record(state, "invalid record length at %X/%X",
    (uint32) (RecPtr >> 32), (uint32) RecPtr);
    goto err;
    }
    gotheader = false;
    }
    Let's find the error

    View Slide

  55. src/include/access/xlog.h:58:
    #define SizeOfXLogRecord MAXALIGN(sizeof(XLogRecord))
    Let's find the error

    View Slide

  56. Wouldn't it be convenient
    if we could make
    total_len == 0?

    View Slide

  57. src/backend/access/transam/xlogreader.c:272-273:
    record = (XLogRecord *) (state->readBuf + RecPtr % XLOG_BLCKSZ);
    total_len = record->xl_tot_len;
    Let's find the error

    View Slide

  58. src/include/access/xlog.h:41:
    typedef struct XLogRecord
    {
    uint32 xl_tot_len; /* total len of entire record */
    TransactionId xl_xid; /* xact id */
    uint32 xl_len; /* total len of rmgr data */
    uint8 xl_info; /* flag bits, see below */
    RmgrId xl_rmid; /* resource manager for this record */
    /* 2 bytes of padding here, initialize to zero */
    XLogRecPtr xl_prev; /* ptr to previous record in log */
    pg_crc32 xl_crc; /* CRC for this record */
    /* If MAXALIGN==8, there are 4 wasted bytes here */
    /* ACTUAL LOG DATA FOLLOWS AT END OF STRUCT */
    } XLogRecord;
    Let's find the error

    View Slide

  59. src/include/access/xlog.h:41-56:
    typedef struct XLogRecord
    {
    uint32 xl_tot_len; /* total len of entire record */
    TransactionId xl_xid; /* xact id */
    uint32 xl_len; /* total len of rmgr data */
    uint8 xl_info; /* flag bits, see below */
    RmgrId xl_rmid; /* resource manager for this record */
    /* 2 bytes of padding here, initialize to zero */
    XLogRecPtr xl_prev; /* ptr to previous record in log */
    pg_crc32 xl_crc; /* CRC for this record */
    /* If MAXALIGN==8, there are 4 wasted bytes here */
    /* ACTUAL LOG DATA FOLLOWS AT END OF STRUCT */
    } XLogRecord;
    Let's find the error

    View Slide

  60. View Slide

  61. src/backend/access/transam/xlogreader.c:291-300:
    {
    /* XXX: more validation should be done here */
    if (total_len < SizeOfXLogRecord)
    {
    report_invalid_record(state, "invalid record length at %X/%X",
    (uint32) (RecPtr >> 32), (uint32) RecPtr);
    goto err;
    }
    gotheader = false;
    }
    What was that check doing?

    View Slide

  62. src/backend/access/transam/xlogreader.c:291-300:
    {
    /* XXX: more validation should be done here */
    if (total_len < SizeOfXLogRecord)
    {
    report_invalid_record(state, "invalid record length at %X/%X",
    (uint32) (RecPtr >> 32), (uint32) RecPtr);
    goto err;
    }
    gotheader = false;
    }
    What was that check doing?
    Size the record says it is
    Smallest possible size it can be

    View Slide

  63. INSERT INTO talks VALUES ('binary-logs');
    INSERT INTO talks VALUES ('niche-git-features');
    INSERT INTO talks VALUES ('fp-karaoke');

    Wrote 'binary-logs' into table 'talks'
    Wrote 'niche-git-features' into table 'talks'
    Wrote 'fp-karaoke' into table 'talks'
    A different kind of logs
    (if they were textual)

    View Slide

  64. Let's see what they
    look like in
    practice

    View Slide

  65. INSERT INTO talks VALUES ('binary-logs');
    INSERT INTO talks VALUES ('niche-git-features');
    INSERT INTO talks VALUES ('fp-karaoke');
    Some extremely boring SQL

    View Slide

  66. Grab the binary
    log file, and...

    View Slide

  67. A barely comprehensible
    wall of data

    View Slide

  68. A barely comprehensible
    wall of data
    Hex ASCII

    View Slide

  69. A little help: ASCII codes
    Decimal Hexadecimal Character
    62 3E >
    63 3F ?
    64 40 @
    65 41 A
    66 42 B

    View Slide

  70. A little help: ASCII codes
    Decimal Hexadecimal Character
    62 3E >
    63 3F ?
    64 40 @
    65 41 A
    66 42 B

    View Slide

  71. A barely comprehensible
    wall of data
    Hex ASCII

    View Slide

  72. A barely comprehensible
    wall of data
    We can see our talks!!

    View Slide

  73. How can we find
    xl_tot_len?

    View Slide

  74. INSERT INTO repro VALUES ('A');
    INSERT INTO repro VALUES ('AB');
    INSERT INTO repro VALUES ('ABC');
    INSERT INTO repro VALUES ('ABCD');
    INSERT INTO repro VALUES ('ABCDE');
    ...
    Some even more boring SQL

    View Slide

  75. Look for a field
    increasing
    by 1

    View Slide

  76. Guesswork incoming!

    View Slide

  77. Guesswork incoming!
    The data we inserted

    View Slide

  78. A little help: ASCII codes
    Decimal Hexadecimal Character
    62 3E >
    63 3F ?
    64 40 @
    65 41 A
    66 42 B

    View Slide

  79. Notice anything?
    The data we inserted

    View Slide

  80. Notice anything?
    The data we inserted
    Familiar characters

    View Slide

  81. Notice anything?
    Decimal Hexadecimal Character
    63 3F ?
    64 40 @
    65 41 A
    The data we inserted
    Familiar characters

    View Slide

  82. Notice anything?
    The data we inserted
    Familiar characters

    View Slide

  83. Notice anything?
    The data we inserted
    Familiar characters

    View Slide

  84. Notice anything?
    The data we inserted
    Familiar characters
    Familiar characters (hex)
    The data we inserted (hex)

    View Slide

  85. Wouldn't it be convenient
    if we could make
    total_len == 0?

    View Slide

  86. We could import the
    Postgres structs and do
    this properly...

    View Slide

  87. ...or we could write a
    regex

    View Slide

  88. Let's write a regex

    View Slide

  89. View Slide

  90. Let's break this one

    View Slide

  91. binlog_file_name = ARGV[0]
    puts binlog_file_name
    binlog_contents = IO.read(binlog_file_name, encoding: "BINARY")
    hex = binlog_contents.unpack("H*").first
    replaced = hex.gsub(/3f(000000.+41424300)/, "00\\1")
    bindata = [replaced].pack("H*")
    File.write(binlog_file_name + ".broken", bindata)
    break_binlog.rb

    View Slide

  92. binlog_file_name = ARGV[0]
    puts binlog_file_name
    binlog_contents = IO.read(binlog_file_name, encoding: "BINARY")
    hex = binlog_contents.unpack("H*").first
    replaced = hex.gsub(/3f(000000.+41424300)/, "00\\1") # Replaces 'ABC' size
    bindata = [replaced].pack("H*")
    File.write(binlog_file_name + ".broken", bindata)
    break_binlog.rb

    View Slide

  93. Let's break this one

    View Slide

  94. Broken!!

    View Slide

  95. And if we give it to
    a Postgres
    replica?

    View Slide

  96. 2020-06-17 19:24:11 GMT LOG: restored log file
    "000000020000000000000003" from archive
    2020-06-17 19:24:11 GMT LOG: invalid record length
    at 0/3000148
    We reproduced the error!

    View Slide

  97. Success

    View Slide

  98. Success, with a
    caveat...

    View Slide

  99. Postgres
    Postgres
    Application

    View Slide

  100. https://gocardless.com/blog/incident-review-api-and-dashboard-outage-on-10th-
    october/

    View Slide

  101. Lessons

    View Slide

  102. Hopefully you
    learned some cool
    stuff about databases

    View Slide

  103. Debugging
    unfamiliar layers
    of a system

    View Slide

  104. No part
    of software
    is magic

    View Slide

  105. Thank you
    ✌❤
    @ChrisSinjo
    @GoCardlessEng

    View Slide

  106. Image credits
    • Hard Disk Guts - CC-BY - https://www.flickr.com/photos/mattandkim/97533589/
    • Corsair ForceGT 180GB - CC-BY - https://www.flickr.com/photos/ruocaled/8173124575/
    • Rope - CC-BY - https://www.flickr.com/photos/[email protected]/6798304070/

    View Slide

  107. Questions?
    ✌❤
    @ChrisSinjo
    @GoCardlessEng

    View Slide