tdbc::mysql: View Ticket

Ticket Hash:	430e4ff9df6e5077cc54876c33d3a2a35520021a
Title:	Segmentation fault if field name is NULL (mariadb C client 3.2.7)
Status:	Closed	Type:	Incident
Severity:	Critical	Priority:	Immediate
Subsystem:	not_specified	Resolution:	Fixed
Last Modified:	2022-09-17 19:05:42
Version Found In:	tdbcmysql1.1.4

User Comments:

petasis added on 2022-07-08 10:59:06:

Fedora 35 has updated the mariadb-connector-c package from 3.1.13-2 to 3.2.7-1. Under 3.2.7-1, tdbc::mysql core dumps:

Program received signal SIGSEGV, Segmentation fault. HashStringKey (tablePtr=0x7fffffffd2c0, keyPtr=0x0) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclHash.c:934 934 if ((result = UCHAR(*string)) != 0) { (gdb) where

#0 HashStringKey (tablePtr=0x7fffffffd2c0, keyPtr=0x0) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclHash.c:934

#1 0x00007ffff7eb16cd in CreateHashEntry (tablePtr=0x7fffffffd2c0, key=0x0, newPtr=0x7fffffffd2bc) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclHash.c:304

#2 0x00007fffea225832 in ResultDescToTcl (result=0x555555bfed30, dummy2335=0) at ./generic/tdbcmysql.c:2359

#3 0x00007fffea225eed in StatementConstructor (dummy2407=0x0, interp=0x5555555669c0, context=0x555555574ee0, objc=5, objv=0x555555574e90) at ./generic/tdbcmysql.c:2519

#4 0x00007ffff7f28775 in TclOO_Class_Create (clientData=, interp=0x5555555669c0, context=0x555555574ec0, objc=5, objv=0x555555574e90) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclOOBasic.c:198

#5 0x00007ffff7f29c0d in TclOOObjectCmdCore (oPtr=, interp=0x5555555669c0, objc=5, objv=0x555555574e90, flags=, startCls=) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclOO.c:2644

#6 0x00007ffff7e26b52 in TclNRRunCallbacks (interp=interp@entry=0x5555555669c0, result=0, rootPtr=0x0) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclBasic.c:4492

#7 0x00007ffff7e26bd5 in Tcl_EvalObjv (interp=interp@entry=0x5555555669c0, objc=objc@entry=1, objv=objv@entry=0x5555555742c0, flags=flags@entry=2097168) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclBasic.c:4215

#8 0x00007ffff7e2c0ea in TclEvalEx (interp=, script=0x5555555d7ea0 "#!/bin/bashn# The next line is executed by /bin/sh, but not tcl \nexport ScriptsDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"n# The next line is executed by /bin/sh, but not tcl \ncd $Script"..., numBytes=, flags=, line=70, clNextOuter=, outerScript=0x5555555d7ea0 "#!/bin/bashn# The next line is executed by /bin/sh, but not tcl \nexport ScriptsDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"n# The next line is executed by /bin/sh, but not tcl \ncd $Script"...) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclBasic.c:5361

#9 0x00007ffff7ed4419 in Tcl_FSEvalFileEx (encodingName=, pathPtr=0x5555555b3bc0, interp=0x5555555669c0) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclIOUtil.c:1824

#10 Tcl_FSEvalFileEx (interp=0x5555555669c0, pathPtr=0x5555555b3bc0, encodingName=) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclIOUtil.c:1724

#11 0x00007ffff7edeb44 in Tcl_MainEx (argc=, argc@entry=2, argv=0x7fffffffda28, argv@entry=0x7fffffffda18, appInitProc=appInitProc@entry=0x555555555220 , interp=0x5555555669c0) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/generic/tclMain.c:403

#12 0x0000555555555119 in main (argc=2, argv=0x7fffffffda18) at /usr/src/debug/tcl-8.6.10-6.fc35.x86_64/unix/tclAppInit.c:84

(gdb)

The statement executed was:

SQL: "SELECT quote,category FROM annotations ORDER BY quote ASC"

Adding this code in ResultDescToTcl():

for (i = 0; i < fieldCount; ++i) { MYSQL_FIELD* field = MysqlFieldIndex(fields, i); printf("i:%d, name:"%s", len:%dn", i, field->name, field->name_length); }

Prints:

i:0, name:"quote", len:5 i:1, name:"(null)", len:0

I do not yet know the reason mysql_stmt_result_metadata() returns NULL as the second field name, but a check that field->name is not NULL should be added.

petasis added on 2022-07-09 08:28:25:

I think that the problem is the following:

In mysql.h that comes with the new client, the st_mysql_field struct has the void *extension; member at the end.

However, the mariadb client reports version 30207. Which is lower than 50100, used in the tdbc::mysql code to switch to st_mysql_bind_51.

As a result, MysqlFieldIndex() does not advance the pointer correctly, and that is why the second field has NULL as name.

petasis added on 2022-07-19 11:04:58:

According to the info here:

https://bugzilla.redhat.com/show_bug.cgi?id=2102071

There was a change in the CONC/C 3.2.0:

https://jira.mariadb.org/browse/CONC-509

https://github.com/mariadb-corporation/mariadb-connector-c/commit/a37b7c3965706f9a062baaba0c494dd6efb2c306

https://mariadb.com/kb/en/mariadb-connector-c-320-release-notes/

It was actually a fix of a long term wrong behaviour, where the connector reported version of the server, instead of itself. So this is something the upstream of tbdc::mysql has to adopt.

oehhar added on 2022-08-18 16:38:58:

Please look to ticket [151518a1f8] . Might this solve your issue ?

petasis added on 2022-08-18 18:16:32:

Dear Harald,

Yes, the issues are related, this solution will (temporarily) fix it. It is similar to the hotfix I have given to my system also.

But this will actually invalidate the check. A (perhaps more complete) solution is to perform two checks, based on whether the loaded client is a mysql or a mariadb one...

I would extend MysqlInitStubs() to accept an additional argument, which will place the pointer to the mysqlStubLibNames[j] used for loading the library.

Then it is easy to check if this starts with "mariadb" and make the appropriate decision. For example,

if (mysqlClientVersion >= 50100 || (mysqlClientVersion >= 30207 && strncmp("mariadb", mysqlStubLibNames[j], strlen(7)) )) {
  mysqlClientVersion = 50100
}

Regards,

George

oehhar added on 2022-08-18 19:29:19:

Thanks, George.

Could you check commit [d5b25cf1d5] ?

It compiles for me, but is untested.

I have no mysql or mariadb or whatever, sorry.

Thank you and take care, Harald

petasis added on 2022-08-19 09:02:58:

Dear Harald,

I am not sure how to test. I do not know how to get the latest sources.

I have done:

fossil clone https://core.tcl-lang.org/tdbcmysql/     tdbcmysql.fossil
fossil pull  https://core.tcl-lang.org/tdbcmysql/     -R tdbcmysql.fossil
mkdir tdbcmysql
cd tdbcmysql
fossil open ../tdbcmysql.fossil

But I am getting the old version, not your changes I see if I click "Files" on this page.

What I am doing wrong?

oehhar added on 2022-08-19 09:10:25:

Yes, it is in a branch.

fossil open ../tdbcmysql.fossil ticket-151518a1f8-mariadb-version

Or: - login - Go here: https://core.tcl-lang.org/tdbcmysql/info/d5b25cf1d5674a15 - press blue text in the Downloads line (2nd from Top): ZIP Archive

It would be great, if all you power users would have a fossil commit right and could just modify in a branch or wherever...

Thanks and take care, Harald

petasis added on 2022-08-19 10:04:23:

Dear Harald,

It works in my system. Regarding the repository, I think I have access, but I am not feeling confident in using fossil. (Thus, I do not want to even try anything...)

Regards,

George

oehhar added on 2022-08-19 10:09:13:

Γεώργιος,

thank you for looking into this.

On the strategic side, I am not so happy with it.

We change a version number when there is MariaDB to a similar MySQL version number. There are dcisions made later on, on this vesion number.

I would prefer:

To dave the MariaDB flag together with the version number, and let the version number untouched
Or to not store the version number at all and directly store a flag, say "featureABCActivated" to switch, later on, on the flag.

I am sorry, I don't use this at all. I only tried to help a user and saw the undone work. Now I am unfortunately in...

Thank you and take care, Harald

petasis added on 2022-08-19 10:26:01:

Dear Harald,

I would also support the idea of replacing the version number with a flag. Like "useExtendedMysqlStruct"...

You don't use databases in general, or you do not use mysql in particular?

Regards,

George

oehhar added on 2022-08-19 10:27:43:

Great, that it works for you !

What do you think about the "beauty" effect mentioned in my previous post?

Should I just don't care and merge it and wait, until the next problem arises, or do you see a better solution?

Thank you, Harald

oehhar added on 2022-08-22 06:59:13:

George,

could you check commit [80aeb55ab2]:

The zip link is:

https://core.tcl-lang.org/tdbcmysql/zip/80aeb55ab2/tdbc__mysql-80aeb55ab2.zip

There, your proposal should be implemented.

Thanks, Harald

oehhar added on 2022-08-23 08:29:56:

Here is a copy of a message in ticket [78b1ea5622]:

Thanks for the message by private E-Mail, that [d5b25cf1d5] solves your isse and runs with libmariadb.dll (3.1.17, 3.27 and 3.3.1) on 32 bit Windows tcl.

I asked you via private E-Mail to also test [80aeb55ab2]. If this test is successful, I will merge the branch.

Harald

oehhar added on 2022-08-25 08:40:05:

The test by [[email protected]] on checkin [80aeb55ab2] branch [ticket-151518a1f8-mariadb-version] was not successful and ended in an access violation.

May George or Stuart find out, why this is not working ?

Sorry, Harald

anonymous added on 2022-08-29 17:41:23:

My test with 8.6.xx fails, however this seems caused by new features in 8.7.
I can't confirm it because all Win32 binary distributions are 8.6.xx

Alejandro

kbk added on 2022-09-17 19:05:42:

I revised the loading of MySQL/MariaDB libraries to check correctly which version of the bind structure is in use, and adjusted the path to search for MariaDB clients first.

I'd never seen this bug on my own test machine because I have both clients installed. The MySQL client (libmysqlclient.so.21) works fine with the MariaDB server, and was loaded because it was first on the path.

Feel free to reopen this ticket - and please email me! - if there's anything further that needs to be done. It works for me, with either libmysqlclient.sp or libmariadbclient.so.

Also, MySQL 5.0 was end-of-life about ten years ago. Ought we just to remove these gymnastics from the code pase altogether?