[Pkg-rust-maintainers] Bug#1036076: rust-mysqlclient-sys appears to be unsound when used with mariadb.

[Peter Green]

Package: rust-mysqlclient-sys
Severity: serious

I was looking at why rust-diesel was not migrating to testing
(other than the freeze obviously) and noticed that rust-mysqlclient-sys
was not built on 32-bit architectures. As with a bunch of other
packages I correctly suspected this was mostly a case of unportable
bindgen-generated tests and started preparing fixes for them.

However while doing so, I rapidly came to the conclusion that something
else was wrong. Specifically I noticed significant discrepancies
between the "mysql" (actually mariadb) C headers on my system and the
rust bindings in rust-mysqlclient-sys.

The tests in the crate only test that the size/alignment of the
structures defined in the crate are consistent with what they were
when the bindings were generated. They do not check in any way that
they are consistent with the structures defined by the C headers on
the user's system. There are no functional tests either.

My conclusion is that attempting to use this crate with mariadb
is highly unsound, though I don't know enough about how the mysql
client library is used to determine in what way exactly it will break
and whether the breakage is likely to be immediately apparent or more
subtle.