Bug#1118437: null pointer dereference in interrupt after receiving an ip packet on veth from xsk from user space
- To: Fernando Fernandez Mancera <fmancera@suse.de>
- Cc: mc36 <csmate@nop.hu>, Jason Xing <kerneljasonxing@gmail.com>, alekcejk@googlemail.com, Jonathan Lemon <jonathan.lemon@gmail.com>, Stanislav Fomichev <sdf@fomichev.me>, Maciej Fijalkowski <maciej.fijalkowski@intel.com>, Magnus Karlsson <magnus.karlsson@intel.com>, Björn Töpel <bjorn@kernel.org>, 1118437@bugs.debian.org, netdev@vger.kernel.org, bpf@vger.kernel.org
- Subject: Bug#1118437: null pointer dereference in interrupt after receiving an ip packet on veth from xsk from user space
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Sat, 8 Nov 2025 15:49:40 +0100
- Message-id: <[🔎] aQ9YhCAdu7QNyYxu@eldamar.lan>
- Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1118437@bugs.debian.org
- In-reply-to: <7e58078f-8355-4259-b929-c37abbc1f206@suse.de>
- References: <0435b904-f44f-48f8-afb0-68868474bf1c@nop.hu> <CAL+tcoA5qDAcnZpmULsnD=X6aVP-ztRxPv5z1OSP-nvtNEk+-w@mail.gmail.com> <643fbe8f-ba76-49b4-9fb7-403535fd5638@nop.hu> <CAL+tcoDqgQbs20xV34RFWDoE5YPXS-ne3FBns2n9t4eggx8LAQ@mail.gmail.com> <d8808206-0951-4512-91cb-58839ba9b8c4@nop.hu> <7e58078f-8355-4259-b929-c37abbc1f206@suse.de> <176091056328.779313.4901801207060344593.reportbug@noti>
Hi,
On Tue, Oct 21, 2025 at 12:51:32PM +0200, Fernando Fernandez Mancera wrote:
>
>
> On 10/20/25 11:31 PM, mc36 wrote:
> > hi,
> >
> > On 10/20/25 11:04, Jason Xing wrote:
> > >
> > > I followed your steps you attached in your code:
> > > ////// gcc xskInt.c -lxdp
> > > ////// sudo ip link add veth1 type veth
> > > ////// sudo ip link set veth0 up
> > > ////// sudo ip link set veth1 up
> >
> > ip link set dev veth1 address 3a:10:5c:53:b3:5c
> >
> > > ////// sudo ./a.out
> > >
> > that will do the trick on a recent kerlek....
> >
> > its the destination mac in the c code....
> >
> > ps: chaining in the original reporter from the fedora land.....
> >
> >
> > have a nice day,
> >
> > cs
> >
> >
>
> hi, FWIW I have reproduced this and I bisected it, issue was introduced at
> 30f241fcf52aaaef7ac16e66530faa11be78a865 - working on a patch.
Just a qustion in particular for the stable series shipping the commit
(now only 6.17.y relevant at this point since 6.16.y is EOL): Give the
proper fix will take a bit more time to develop, would it make sense
to at least revert the offending commit in the stable series as the
issue is, unless I missunderstood the report, remotely(?) triggerable
denial of service?
Or do I miss something here?
Regards,
Salvatore
Reply to: