Bug #57681 If run mysqlbackup with --incremental option it segfaults
Submitted: 23 Oct 2010 12:02 Modified: 2 Nov 2010 18:09
Reporter: Sveta Smirnova Email Updates:
Status: Can't repeat Impact on me:
None 
Category:MySQL Enterprise Backup Severity:S3 (Non-critical)
Version:3.5.2 OS:Linux
Assigned to: Ritheesh Vedire CPU Architecture:Any

[23 Oct 2010 12:02] Sveta Smirnova
Description:
If run mysqlbackup with incremental option it segfaults in check_options_order

How to repeat:
$gdb $MYSQLBACKUP
GNU gdb Red Hat Linux (6.5-16.el5rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...Using host libthread_db library "/lib64/libthread_db.so.1".

(gdb) set args --incremental  --user=root  --port=33051  ~/blade12/backup.cnf ./BACKUPDIR
(gdb) run
Starting program: /users/ssmirnova/blade12/src/meb-3.5.next/meb-innobackup-c/mysqlbackup --incremental  --user=root  --port=33051  ~/blade12/backup.cnf ./BACKUPDIR
[Thread debugging using libthread_db enabled]
[New Thread 46912496198576 (LWP 18896)]
mysqlbackup: Starting mysqlbackup with following arguments:
/users/ssmirnova/blade12/src/meb-3.5.next/meb-innobackup-c/mysqlbackup --incremental --user=root --port=33051 /users/ssmirnova/blade12/backup.cnf ./BACKUPDIR  

[New Thread 1084229952 (LWP 18899)]
[Thread 1084229952 (LWP 18899) exited]
mysqlbackup: Unique backup id generated for the current backup operation is 12878351029823490 

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912496198576 (LWP 18896)]
0x0000003429233f3a in ____strtoll_l_internal () from /lib64/libc.so.6
(gdb) bt
#0  0x0000003429233f3a in ____strtoll_l_internal () from /lib64/libc.so.6
#1  0x0000003429231842 in atoi () from /lib64/libc.so.6
#2  0x0000000000443b68 in check_options_order ()
#3  0x0000000000443e09 in main ()
(gdb) q
The program is running.  Exit anyway? (y or n) y
[23 Oct 2010 15:50] Sveta Smirnova
Found the reason: mysqlbackup crashes on Linux, gcc 4.4.2 if option --lsn is not specified. On Mac OSX it exits with correct error message.

Patch which solved problem for me:

$bzr diff
=== modified file 'meb-innobackup-c/src/innobackup.c'
--- meb-innobackup-c/src/innobackup.c   2010-09-19 10:17:50 +0000
+++ meb-innobackup-c/src/innobackup.c   2010-10-23 15:47:38 +0000
@@ -279,7 +279,7 @@
   Though option lsn is an integer, we just make it a string and pass it
   to ibbackup
 */
-static char            *option_lsn=                    NULL;
+static char            *option_lsn=                    "";
 static my_bool          option_only_known_file_types=  FALSE;
 /*
   Though option sleep is an integer, we just make it a string and pass it
[23 Oct 2010 16:02] Sveta Smirnova
As mysqlbackup uses atoi it does not work with LSNs greater than 2029493240. See type of lsn in innobackup_log.h which is unsigned long long
[25 Oct 2010 13:17] Ritheesh Vedire
Though the segfault issue was fixed previously, even though using atoi() appears 
wrong in the first view.
One can also argue that usage of atoi() is appropriate here, as we  are just checking  if the value is less than 0. We are not limiting the value of option_lsn by using atoi(). 
mysqlbackup passes option_lsn as a string to ibbackup. 
Will investigate a little more to see if it is a bug.

For now, I cannot reproduce this  seg fault bug with the latest build.
Sveta, are you using the latest build?
[2 Nov 2010 18:09] Sveta Smirnova
Thank you for the feedback. I can not repeat it with latest sources anymore.
[10 Sep 2011 2:45] James Day
This is fixed in version 3.5.3 and later.