Date: Mon, 02 Oct 2023 11:45:41 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 274009] in_pcblookup_hash_locked: invalid local address panic on sendto(2) to ipv4-mapped Message-ID: <bug-274009-7501-u05hAp6ILL@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-274009-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-274009-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274009 --- Comment #9 from Benjamin Jacobs <freebsd@dev.thsi.be> --- (In reply to Mark Johnston from comment #6) Hi, yes it does seem to be that same issue. (In reply to Michael Tuexen from comment #8) My 2 cents: the version flag is indeed tricky because - as noted by Mark in its revision - an AF_INET6 UDP socket can transition back and forth between v4 and v6 (either by using connect() and/or sendto). I'm not sure either that getting rid of it is the right approach because the code ends up having to pass around an extra flag argument all over the place. But there are also some unclear locking rules, as stated in the comment around the in_pcb stuff, which makes the whole concept far from trivial for me to understand :) Nonetheless, I made a patch in a way for me to have something working. But it does seem all very hacky and ugly to carry an argument for "it is actually a v4-mapped" flag to all callers, and callers of callers, of the in_pcb_lport_dest. Also I did not completely understood the implication w.r.t. the handling of wildcard addresses. And possible concurrency issues are likely not addressed. Anyway, that might be of interest to you. Side note: it is trivial to trigger the bug using "sysctl net.inet6.ip6.v6only=3D0; drill @::ffff:8.8.8.8 freebsd.org" --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-274009-7501-u05hAp6ILL>