Bug#1118437: null pointer dereference in interrupt after receiving an ip packet on veth from xsk from user space
- To: Fernando Fernandez Mancera <fmancera@suse.de>
- Cc: mc36 <csmate@nop.hu>, alekcejk@googlemail.com, Jonathan Lemon <jonathan.lemon@gmail.com>, Stanislav Fomichev <sdf@fomichev.me>, Maciej Fijalkowski <maciej.fijalkowski@intel.com>, Magnus Karlsson <magnus.karlsson@intel.com>, Björn Töpel <bjorn@kernel.org>, 1118437@bugs.debian.org, netdev@vger.kernel.org, bpf@vger.kernel.org
- Subject: Bug#1118437: null pointer dereference in interrupt after receiving an ip packet on veth from xsk from user space
- From: Jason Xing <kerneljasonxing@gmail.com>
- Date: Tue, 21 Oct 2025 20:25:09 +0800
- Message-id: <[🔎] CAL+tcoDLr_soUTsZzFE+f-M0R83tvqx7tGjU+a5nBFSdtyP7Lw@mail.gmail.com>
- Reply-to: Jason Xing <kerneljasonxing@gmail.com>, 1118437@bugs.debian.org
- In-reply-to: <[🔎] 7e58078f-8355-4259-b929-c37abbc1f206@suse.de>
- References: <[🔎] 0435b904-f44f-48f8-afb0-68868474bf1c@nop.hu> <[🔎] CAL+tcoA5qDAcnZpmULsnD=X6aVP-ztRxPv5z1OSP-nvtNEk+-w@mail.gmail.com> <[🔎] 643fbe8f-ba76-49b4-9fb7-403535fd5638@nop.hu> <[🔎] CAL+tcoDqgQbs20xV34RFWDoE5YPXS-ne3FBns2n9t4eggx8LAQ@mail.gmail.com> <[🔎] d8808206-0951-4512-91cb-58839ba9b8c4@nop.hu> <[🔎] 7e58078f-8355-4259-b929-c37abbc1f206@suse.de> <[🔎] 176091056328.779313.4901801207060344593.reportbug@noti>
On Tue, Oct 21, 2025 at 6:52 PM Fernando Fernandez Mancera
<fmancera@suse.de> wrote:
>
>
>
> On 10/20/25 11:31 PM, mc36 wrote:
> > hi,
> >
> > On 10/20/25 11:04, Jason Xing wrote:
> >>
> >> I followed your steps you attached in your code:
> >> ////// gcc xskInt.c -lxdp
> >> ////// sudo ip link add veth1 type veth
> >> ////// sudo ip link set veth0 up
> >> ////// sudo ip link set veth1 up
> >
> > ip link set dev veth1 address 3a:10:5c:53:b3:5c
> >
> >> ////// sudo ./a.out
> >>
> > that will do the trick on a recent kerlek....
> >
> > its the destination mac in the c code....
> >
> > ps: chaining in the original reporter from the fedora land.....
> >
> >
> > have a nice day,
> >
> > cs
> >
> >
>
> hi, FWIW I have reproduced this and I bisected it, issue was introduced
> at 30f241fcf52aaaef7ac16e66530faa11be78a865 - working on a patch.
Exactly. I simply reverted it and its dependencies and didn't see any
crash then. It was newly introduced, hopefully it will not bring much
trouble. As I replied before, I will take a look tomorrow morning.
Thanks,
Jason
Reply to: