Segmentation fault in unfixAddr while accept on AF_INET->AF_VSOCK socket

[Bert-Proesmans]

Immich server segfaults when accepting incoming connection on AF_VSOCK socket (translated from AF_INET).
The socket IO is driven by libuv. Using the environment variables to "lie to accept" takes effect but do not prevent the crash.

At this point I have no more details. I'm creating this issue for posterity, (at least for) the short term I'll be working around this issue and will not dig deeper.

Reproduction steps;

0. Configure a virtual machine, or enable VSOCK loopback driver module
1. Configure immich to listen on UNSOCK address:port combo
2. Start immich
3. Connect to VSOCK address:port
4. Observe crash SIGSEGV in unfixAddr (UNSOCK library)

# NOTE; The returned address is something IP-like because of UNSOCK_ACCEPT_CONVERT_VSOCK=1
# Without that flag the output would be "http://:undefined"
3-test server[675]: [Nest] 675  - 09/29/2024, 8:27:36 PM     LOG [Api:Bootstrap] Immich Server is listening on http://127.175.0.0:0 [v1.115.0] [PRODUCTION] 
3-test systemd-coredump[728]: Process 675 (immich-api) of user 999 terminated abnormally with signal 11/SEGV, processing...
3-test systemd[1]: Created slice Slice /system/systemd-coredump.
3-test systemd[1]: Started Process Core Dump (PID 728/UID 0).
3-test systemd-coredump[729]: [🡕] Process 675 (immich-api) of user 999 dumped core.

Full dump trace

Process 675 (immich-api) of user 999 dumped core.
                                              
Module libplds4.so without build-id.
Module libnssutil3.so without build-id.
Module libnspr4.so without build-id.
Module libplc4.so without build-id.
Module libnss3.so without build-id.
Module libsmime3.so without build-id.
Module libpoppler.so.134 without build-id.
Module libpoppler-glib.so.8 without build-id.
Module vips-poppler.so without build-id.
Module vips-heif.so without build-id.
Module libatomic.so.1 without build-id.
Module libvmaf.so.3 without build-id.
Module libnuma.so.1 without build-id.
Module libaom.so.3 without build-id.
Module libde265.so without build-id.
Module libx265.so.209 without build-id.
Module libgomp.so.1 without build-id.
Module libraw_r.so.23 without build-id.
Module libICE.so.6 without build-id.
Module libSM.so.6 without build-id.
Module libXt.so.6 without build-id.
Module libheif.so.1 without build-id.
Module libdjvulibre.so.21 without build-id.
Module liblqr-1.so.0 without build-id.
Module libMagickCore-7.Q16HDRI.so.10 without build-id.
Module vips-magick.so without build-id.
Module libdeflate.so.0 without build-id.
Module libLerc.so.4 without build-id.
Module libtiff.so.6 without build-id.
Module libopenslide.so.0 without build-id.
Module vips-openslide.so without build-id.
Module libbrotlienc.so.1 without build-id.
Module libjxl_cms.so.0.10 without build-id.
Module libjxl_threads.so.0.10 without build-id.
Module libjxl.so.0.10 without build-id.
Module vips-jxl.so without build-id.
Module libkeyutils.so.1 without build-id.
Module libkrb5support.so.0 without build-id.
Module libcom_err.so.3 without build-id.
Module libk5crypto.so.3 without build-id.
Module libkrb5.so.3 without build-id.
Module libunistring.so.5 without build-id.
Module libbrotlicommon.so.1 without build-id.
Module libXdmcp.so.6 without build-id.
Module libXau.so.6 without build-id.
Module libdatrie.so.1 without build-id.
Module libgraphite2.so.3 without build-id.
Module libgssapi_krb5.so.2 without build-id.
Module libpsl.so.5 without build-id.
Module libssh2.so.1 without build-id.
Module libidn2.so.0 without build-id.
Module libnghttp2.so.14 without build-id.
Module libattr.so.1 without build-id.
Module libIex-2_5.so.25 without build-id.
Module libIexMath-2_5.so.25 without build-id.
Module libHalf-2_5.so.25 without build-id.
Module libIlmThread-2_5.so.25 without build-id.
Module libImath-2_5.so.25 without build-id.
Module libbrotlidec.so.1 without build-id.
Module libxcb-shm.so.0 without build-id.
Module libxcb-render.so.0 without build-id.
Module libxcb.so.1 without build-id.
Module libXrender.so.1 without build-id.
Module libXext.so.6 without build-id.
Module libX11.so.6 without build-id.
Module libfreetype.so.6 without build-id.
Module libpng16.so.16 without build-id.
Module libthai.so.0 without build-id.
Module libfribidi.so.0 without build-id.
Module libharfbuzz.so.0 without build-id.
Module libsharpyuv.so.0 without build-id.
Module libxml2.so.2 without build-id.
Module libbz2.so.1 without build-id.
Module libzstd.so.1 without build-id.
Module liblzma.so.5 without build-id.
Module libacl.so.1 without build-id.
Module libpcre2-8.so.0 without build-id.
Module libffi.so.8 without build-id.
Module libselinux.so.1 without build-id.
Module libopenjp2.so.7 without build-id.
Module libIlmImf-2_5.so.26 without build-id.
Module liblcms2.so.2 without build-id.
Module libmatio.so.13 without build-id.
Module librsvg-2.so.2 without build-id.
Module libfontconfig.so.1 without build-id.
Module libpangoft2-1.0.so.0 without build-id.
Module libpango-1.0.so.0 without build-id.
Module libpangocairo-1.0.so.0 without build-id.
Module libwebpdemux.so.2 without build-id.
Module libwebpmux.so.3 without build-id.
Module libwebp.so.7 without build-id.
Module libspng.so.0 without build-id.
Module libjpeg.so.62 without build-id.
Module libexif.so.12 without build-id.
Module libcgif.so.0 without build-id.
Module libimagequant.so.0.4 without build-id.
Module libcfitsio.so.10 without build-id.
Module libfftw3.so.3 without build-id.
Module libarchive.so.13 without build-id.
Module libexpat.so.1 without build-id.
Module libvips.so.42 without build-id.
Module libvips-cpp.so.42 without build-id.
Module sharp-linux-x64.node without build-id.
Module bcrypt_lib.node without build-id.
Module extract.node without build-id.
Module libgcc_s.so.1 without build-id.
Module libstdc++.so.6 without build-id.
Module libicudata.so.74 without build-id.
Module libicuuc.so.74 without build-id.
Module libicui18n.so.74 without build-id.
Module libz.so.1 without build-id.
Module libunsock.so without build-id.
Module node without build-id.
Stack trace of thread 675:
#0  0x00007fd32e91d8f9 unfixAddr (libunsock.so + 0x28f9)
#1  0x00007fd32e8da21c uv__accept (libuv.so.1 + 0x1221c)
#2  0x00007fd32e8e6693 uv__server_io (libuv.so.1 + 0x1e693)
#3  0x00007fd32e8ed892 uv__io_poll (libuv.so.1 + 0x25892)
#4  0x00007fd32e8d9eb0 uv_run (libuv.so.1 + 0x11eb0)
#5  0x0000000000b216d3 _ZN4node21SpinEventLoopInternalEPNS_11EnvironmentE (node + 0x7216d3)
#6  0x0000000000c787c3 _ZN4node16NodeMainInstance3RunEPNS_8ExitCodeEPNS_11EnvironmentE (node + 0x8787c3)
#7  0x0000000000c78bae _ZN4node16NodeMainInstance3RunEv (node + 0x878bae)
#8  0x0000000000bd53f2 _ZN4node5StartEiPPc (node + 0x7d53f2)
#9  0x00007fd32b63314e __libc_start_call_main (libc.so.6 + 0x2a14e)
#10 0x00007fd32b633209 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x2a209)
#11 0x0000000000af1845 _start (node + 0x6f1845)

Stack trace of thread 714:
#0  0x00007fd32b6960ce __futex_abstimed_wait_common (libc.so.6 + 0x8d0ce)
#1  0x00007fd32b698c20 pthread_cond_wait@@GLIBC_2.3.2 (libc.so.6 + 0x8fc20)
#2  0x00007fd32e8e8749 uv_cond_wait (libuv.so.1 + 0x20749)
#3  0x00007fd32e8d485e worker (libuv.so.1 + 0xc85e)
#4  0x00007fd32b699a42 start_thread (libc.so.6 + 0x90a42)
#5  0x00007fd32b718e44 __clone (libc.so.6 + 0x10fe44)

Stack trace of thread 686:
#0  0x00007fd32b6960ce __futex_abstimed_wait_common (libc.so.6 + 0x8d0ce)
#1  0x00007fd32b6a1be8 __new_sem_wait_slow64.constprop.0 (libc.so.6 + 0x98be8)
#2  0x00007fd32e8e87d2 uv_sem_wait (libuv.so.1 + 0x207d2)
#3  0x0000000000d79761 _ZN4node9inspector12_GLOBAL__N_117StartIoThreadMainEPv (node + 0x979761)
#4  0x00007fd32b699a42 start_thread (libc.so.6 + 0x90a42)
#5  0x00007fd32b718e44 __clone (libc.so.6 + 0x10fe44)

Stack trace of thread 710:
#0  0x0000000000000000 n/a (n/a + 0x0)
ELF object binary architecture: AMD x86-64