From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: Re: [pve-devel] [PATCH pve-network 1/1] fix #5949: avoid dnsmasq segfault when subnet has no gateway
Date: Mon, 1 Dec 2025 10:16:47 +0100 [thread overview]
Message-ID: <8eb64198-9761-4a0a-ab26-06c8d1774681@proxmox.com> (raw)
In-Reply-To: <20251126154928.430607-1-s.hanreich@proxmox.com>
the mentioned fix has been upstreamed:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb601683820723df89858cfa695aa131012f1a63
On 11/26/25 4:48 PM, Stefan Hanreich wrote:
> When trying to start a guest with a network device in a VNet in a
> simple zone that has DHCP enabled - but no gateway configured - a
> SIGSEGV is triggered in dnsmasq. This seems to be an error in the
> dnsmasq dbus handler that tries to allocate a lease, which fails
> because there is no dhcp-range configured, and then leads to a
> segfault.
>
> Avoid the situation completely by always configuring a dhcp-range,
> even if there is no gateway configured. Skip configuring the DHCP
> option that returns the router instead, which is the only place in the
> configure_subnet function that uses the gateway.
>
> Dnsmasq is configured to listen on an interface, so any DHCP messages
> that are received on this interface are dropped, because dnsmasq
> recognizes that there is no IP configured on this interface:
>
> Nov 26 16:35:49 ipam-test dnsmasq-dhcp[140272]: DHCP packet received on vnet1 which has no address
> Nov 26 16:35:57 ipam-test dnsmasq-dhcp[140272]: DHCP packet received on vnet1 which has no address
>
> An initial upstream patch to fix the segfault has been submitted here
> [1].
>
> [1] https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2025q4/018342.html
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
> src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm b/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
> index db22e12..6a1e3b0 100644
> --- a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
> +++ b/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
> @@ -138,9 +138,6 @@ sub add_ip_mapping {
> sub configure_subnet {
> my ($class, $config, $dhcpid, $vnetid, $subnet_config) = @_;
>
> - die "No gateway defined for subnet $subnet_config->{id}"
> - if !$subnet_config->{gateway};
> -
> my $tag = $subnet_config->{id};
>
> my ($zone, $network, $mask) = split(/-/, $tag);
> @@ -155,7 +152,7 @@ sub configure_subnet {
> my $option_string;
> if (ip_is_ipv6($subnet_config->{network})) {
> $option_string = 'option6';
> - } else {
> + } elsif ($subnet_config->{gateway}) {
> $option_string = 'option';
> push @{$config}, "dhcp-option=tag:$tag,$option_string:router,$subnet_config->{gateway}";
> }
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
prev parent reply other threads:[~2025-12-01 9:16 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-26 15:49 Stefan Hanreich
2025-12-01 9:16 ` Stefan Hanreich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8eb64198-9761-4a0a-ab26-06c8d1774681@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox