Re: [PATCH] rxrpc/proc: size address buffers for %pISpc output

Next message: Emil Tsalapatis: "Re: [PATCH bpf v1 2/2] selftests/bpf: Add test for SOCK_OPS_GET_SK with same src/dst register"
Previous message: Dmitry Baryshkov: "Re: [PATCH v2 8/8] arm64: dts: qcom: sm8750: Correct DPU VBIF address space size"
In reply to: Anderson Nascimento: "Re: [PATCH] rxrpc/proc: size address buffers for %pISpc output"
Next in thread: Anderson Nascimento: "Re: [PATCH] rxrpc/proc: size address buffers for %pISpc output"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Pengpeng Hou

Date: Sun Apr 05 2026 - 21:03:29 EST

Hi,

Yes. My original changelog example was too loose, and your quick test is
right for a fully expanded plain IPv6 form such as

[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]:65535

That form is only 47 visible characters, so it fits in the current
char[50] buffers.

The reason I still think the bug is real is the current %pISpc
implementation in lib/vsprintf.c.

For AF_INET6, %pISpc goes through ip6_addr_string_sa(), and the compressed
path uses ip6_compressed_string(). That helper switches to a dotted-quad
tail not only for v4mapped addresses, but also for ISATAP addresses:

useIPv4 = ipv6_addr_v4mapped(&in6) || ipv6_addr_is_isatap(&in6);

So a current-tree case such as

[ffff:ffff:ffff:ffff:0:5efe:255.255.255.255]:65535

is possible. That string is 50 visible characters, i.e. 51 bytes
including the trailing NUL, which does not fit in the existing char[50]
buffers used by the rxrpc procfs helpers.

So I agree the example in my changelog should be corrected, but I do not
think the underlying bug goes away. The claim should be framed around the
ISATAP case rather than the plain IPv6 or mapped-v4 examples I used
originally.

If that makes sense, I can resend with the changelog corrected to cite the
actual maximum case explicitly.

Thanks,
Pengpeng