This is xnu-11215.1.10. See this file in: xnu-8792.81.2 (MacOS 18, Darwin 22) xnu-8019 (MacOS 17.0, Darwin 21) xnu-6153.11.26 (MacOS 15.0, Darwin 19) xnu-4903.221.2 (MacOS 14.0, Darwin 18) xnu-4570.41.2 (MacOS 13.3, Darwin 17) xnu-3789.70.16 (MacOS 12.6, Darwin 16) xnu-3248.20.55 (MacOS 11.2, Darwin 15) xnu-2782.40.9 (MacOS 10.10.5, Darwin 14) xnu-2422.115.4 (MacOS 10.9.5, Darwin 13) xnu-2050.24.15 (MacOS 10.8.4, Darwin 12) xnu-1699.32.7 (MacOS 10.7.5, Darwin 11) xnu-1504.15.3 (MacOS 10.6.8, Darwin 10) xnu-1228.15.4 (MacOS 10.5.8, Darwin 9)

#include <stdlib.h>

#include <pthread.h>
#include <sys/kern_control.h>
#include <sys/socket.h>
#include <sys/sys_domain.h>
#include <unistd.h>

#include <darwintest.h>

/* we should win the race in this window: */
#define NTRIES 200000

static void *
connect_race(void *data)
{
	int *ps = data;
	struct sockaddr_ctl sc = {
		.sc_id = 1 /* com.apple.flow-divert */
	};
	int n;

	for (n = 0; n < NTRIES; ++n) {
		connect(*ps, (const struct sockaddr *)&sc, sizeof(sc));
	}

	return NULL;
}

T_DECL(flow_div_doubleconnect_55917185, "Bad error path in double-connect for flow_divert_kctl_connect", T_META_TAG_VM_PREFERRED)
{
	int s = -1;
	int tmp_s;
	struct sockaddr_ctl sc = {
		.sc_id = 1 /* com.apple.flow-divert */
	};
	pthread_t t;
	int n;

	T_SETUPBEGIN;
	T_ASSERT_POSIX_ZERO(pthread_create(&t, NULL, connect_race, &s), NULL);
	T_SETUPEND;

	for (n = 0; n < NTRIES; ++n) {
		T_ASSERT_POSIX_SUCCESS(tmp_s = socket(AF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL), NULL);

		/*
		 * this bind will fail, but that's ok because it initialises
		 * kctl:
		 */
		bind(tmp_s, (const struct sockaddr *)&sc, sizeof(sc));

		/* this is what we're racing the other thread for: */
		s = tmp_s;
		connect(s, (const struct sockaddr *)&sc, sizeof(sc));

		T_ASSERT_POSIX_SUCCESS(close(s), NULL);
		s = -1;
	}

	T_ASSERT_POSIX_ZERO(pthread_join(t, NULL), NULL);
	T_PASS("flow_divert_kctl_connect race didn't trigger panic");
}