x/net/route: ParseRIB still panics on macOS

[bradfitz]

go version go1.23.5 darwin/arm64

The #70528 fun continues... we now see panics in x/net/route ParseRIB even at v0.34.0:

2025-02-03T08:09:41Z	panic: runtime error: slice bounds out of range [8:2]
2025-02-03T08:09:41Z	
2025-02-03T08:09:41Z	goroutine 93 [running]:
2025-02-03T08:09:41Z	golang.org/x/net/route.parseInetAddr(0x14000428dc8?, {0x140002e3290, 0x14000d0e700?, 0x788})
2025-02-03T08:09:41Z	golang.org/x/net@v0.34.0/route/address.go:203 +0x290
2025-02-03T08:09:41Z	golang.org/x/net/route.parseAddrs(0x15, 0x103810768, {0x140002e3274, 0x34, 0x7a4})
2025-02-03T08:09:41Z	golang.org/x/net@v0.34.0/route/address.go:411 +0xfc
2025-02-03T08:09:41Z	golang.org/x/net/route.(*wireFormat).parseRouteMessage(0x1400000e030, 0x14000100008?, {0x140002e3218, 0x90, 0x800})
2025-02-03T08:09:41Z	golang.org/x/net@v0.34.0/route/route_classic.go:70 +0x2b8
2025-02-03T08:09:41Z	golang.org/x/net/route.ParseRIB(0x1, {0x140002e3218?, 0x14000d0e600?, 0x800?})
2025-02-03T08:09:41Z	golang.org/x/net@v0.34.0/route/message.go:55 +0x194
2025-02-03T08:09:41Z	tailscale.com/net/netmon.(*darwinRouteMon).Receive(0x140002e3208)
2025-02-03T08:09:41Z	tailscale.com@v1.80.0/net/netmon/netmon_darwin.go:59 +0x60
2025-02-03T08:09:41Z	tailscale.com/net/netmon.(*Monitor).pump(0x140002c2000)
2025-02-03T08:09:41Z	tailscale.com@v1.80.0/net/netmon/netmon.go:346 +0x78
2025-02-03T08:09:41Z	created by tailscale.com/net/netmon.(*Monitor).Start in goroutine 17
2025-02-03T08:09:41Z	tailscale.com@v1.80.0/net/netmon/netmon.go:265 +0x1b8

/cc @raggi @hurricanehrndz

[hurricanehrndz]

I was in the process of fixing other issues in the pkg with address parsing, can you please do a recover and produce byte array so I can add it to the tests cases, otherwise I will submit a fix this morning.

[hurricanehrndz]

Also length of 2 seems odd, since the only address that should have variable lengths are netmasks and IPv4 address typically are valid if the have a length of one of the following 0, 5, 6, 7, 8

Unix Networking Programming Volume 1

. The sa_family
member is undefined, but the mask socket address structures do contain an sa_len
of 0, 5, 6, 7, or 8

Which obviously means there is at least 2 bugs in the package right now.

[hurricanehrndz]

Obviously this is an ipv6 address we are working with.

[hurricanehrndz]

I believe I was able to replicate the issue

In the image above 02 1e 00 00 should be parsed as ::

[hurricanehrndz]

With golang/net#231

[gopherbot]

Change https://go.dev/cl/646556 mentions this issue: route: treat short sockaddr lengths as unspecified

[bradfitz]

can you please do a recover and produce byte array so I can add it to the tests cases

I can't reproduce at will on my machine. This is from crash telemetry from our users. We'd need to release a new version of our code with more recording to get the byte arrays.

[hurricanehrndz]

can you please do a recover and produce byte array so I can add it to the tests cases

I can't reproduce at will on my machine. This is from crash telemetry from our users. We'd need to release a new version of our code with more recording to get the byte arrays.

Yeah no worries I was able to reproduce it and there is a PR to fix it