Repro
- Have any other process bind IPv6
[::1]:5173 (common: a stray vite dev from another project).
- Launch the Tauri shell —
ht-llama-webui binds IPv4 127.0.0.1:5173.
- webkit2gtk's
localhost resolution prefers IPv6, so the webview loads the squatter's bundle instead of ht-llama's.
- UI hangs on splash forever (squatter's app has no /index.html under our routes).
Hit on 2026-05-16 by Markus when a vite dev server from ~/marksverdhei/alacritty/demo was running. Diagnosed jointly with the inventory-dev agent (same regex / port collision applied there too).
Root cause
tools/ui/ui.cpp (or wherever the Tauri shell spawns the embedded http server) binds 127.0.0.1 only. Webkit2gtk resolves localhost → ::1 first and tries IPv6 before IPv4, so any IPv6 squatter on 5173 wins the race.
Fix options
- Bind dual-stack:
[::]:5173 accepting both IPv4 and IPv6 — webkit2gtk hits us on IPv6 first, no squatter possible because we own the socket.
- Pick a private port: something like 47783 — drops the collision surface dramatically. Downside: port conflicts with anything random.
- Bind
[::1]:5173 explicitly: force IPv6, matching what webview expects. IPv4 callers from the same host stop working though.
Recommended: option 1. Webkit can talk to us via ::1, curl/external test scripts keep working via 127.0.0.1.
Acceptance
- Running
vite dev (or any other IPv6 listener) on port 5173 in another shell does not steal the ht-llama-webui webview's bundle.
curl http://[::1]:5173/index.html returns the ht-llama bundle.curl http://127.0.0.1:5173/index.html continues to return the ht-llama bundle (unchanged from today).
Refs
- Diagnostic transcript: inventory-dev <-> ht-llama agent exchange, 2026-05-16.
- Adjacent fix in the cloud repo: snoop-kube's
ba325a3 (unified-llm Dockerfile) — separate symptom, same Markus-on-2026-05-16 incident chain.
Repro
[::1]:5173(common: a strayvite devfrom another project).ht-llama-webuibinds IPv4127.0.0.1:5173.localhostresolution prefers IPv6, so the webview loads the squatter's bundle instead of ht-llama's.Hit on 2026-05-16 by Markus when a vite dev server from
~/marksverdhei/alacritty/demowas running. Diagnosed jointly with the inventory-dev agent (same regex / port collision applied there too).Root cause
tools/ui/ui.cpp(or wherever the Tauri shell spawns the embedded http server) binds127.0.0.1only. Webkit2gtk resolveslocalhost→::1first and tries IPv6 before IPv4, so any IPv6 squatter on 5173 wins the race.Fix options
[::]:5173accepting both IPv4 and IPv6 — webkit2gtk hits us on IPv6 first, no squatter possible because we own the socket.[::1]:5173explicitly: force IPv6, matching what webview expects. IPv4 callers from the same host stop working though.Recommended: option 1. Webkit can talk to us via
::1, curl/external test scripts keep working via127.0.0.1.Acceptance
vite dev(or any other IPv6 listener) on port 5173 in another shell does not steal the ht-llama-webui webview's bundle.curl http://[::1]:5173/index.htmlreturns the ht-llama bundle.curl http://127.0.0.1:5173/index.htmlcontinues to return the ht-llama bundle (unchanged from today).Refs
ba325a3(unified-llm Dockerfile) — separate symptom, same Markus-on-2026-05-16 incident chain.