[Bug 233955] [panic] Page fault in in6_purgeaddr (triggered by net/wireguard)

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat Apr 20 14:09:56 UTC 2019 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233955

--- Comment #16 from genneko217 at gmail.com ---
(In reply to Jason A. Donenfeld from comment #15)
As I've been recently playing with WireGuard on FreeBSD again,
I quickly tested the patch on a 4-core FreeBSD 12.0p3 VM and found
it almost worked around the kernel issue.

With the patched wireguard-go, only 2 out of 25000+ "service wireguard
restart" caused kernel panic, while panic occured every 5 to 50 restarts
without the patch.

As a side note, I also noticed in my recent testing

- No kernel panic on single-core FreeBSD 12.0p3 / 13-CURRENT VMs
  with the unpatched wireguard-go-0.0.20181222 / 20190409
  and 10000+ restarts.

- No kernel panic on a 4-core FreeBSD 13-CURRENT r346132 VM with
  the unpatched wireguard-go-0.0.20190409 and 40000+ restarts.

A stacktrace of the panic with the patch is as follows.
(Panics without the patch are the same as the one mentioned in
 comment #4 and #11.)

Hope this helps.


 dumped core - see /var/crash/vmcore.2

Sat Apr 20 12:07:44 UTC 2019

FreeBSD  12.0-RELEASE-p3 FreeBSD 12.0-RELEASE-p3 GENERIC  amd64

panic: page fault

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:
panic: page fault
cpuid = 1
time = 1555762025
KDB: stack backtrace:
#0 0xffffffff80be7977 at kdb_backtrace+0x67
#1 0xffffffff80b9b563 at vpanic+0x1a3
#2 0xffffffff80b9b3b3 at panic+0x43
#3 0xffffffff8107496f at trap_fatal+0x35f
#4 0xffffffff810749c9 at trap_pfault+0x49
#5 0xffffffff81073fee at trap+0x29e
#6 0xffffffff8104f435 at calltrap+0x8
#7 0xffffffff80ca90d7 at tunifioctl+0x257
#8 0xffffffff80c9a072 at ifhwioctl+0x2f2
#9 0xffffffff80c9c05f at ifioctl+0x45f
#10 0xffffffff80c04f3d at kern_ioctl+0x26d
#11 0xffffffff80c04c5e at sys_ioctl+0x15e
#12 0xffffffff81075449 at amd64_syscall+0x369
#13 0xffffffff8104fd1d at fast_syscall_common+0x101
Uptime: 22m44s
Dumping 171 out of 469 MB:..10%..19%..29%..38%..47%..57%..66%..75%..85%..94%

Reading symbols from /boot/kernel/zfs.ko...Reading symbols from
/usr/lib/debug//boot/kernel/zfs.ko.debug...done.
done.
Loaded symbols for /boot/kernel/zfs.ko
Reading symbols from /boot/kernel/opensolaris.ko...Reading symbols from
/usr/lib/debug//boot/kernel/opensolaris.ko.debug...done.
done.
Loaded symbols for /boot/kernel/opensolaris.ko
Reading symbols from /boot/modules/vboxguest.ko...done.
Loaded symbols for /boot/modules/vboxguest.ko
Reading symbols from /boot/kernel/intpm.ko...Reading symbols from
/usr/lib/debug//boot/kernel/intpm.ko.debug...done.
done.
Loaded symbols for /boot/kernel/intpm.ko
Reading symbols from /boot/kernel/smbus.ko...Reading symbols from
/usr/lib/debug//boot/kernel/smbus.ko.debug...done.
done.
Loaded symbols for /boot/kernel/smbus.ko
#0  doadump (textdump=<value optimized out>) at pcpu.h:230
230     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) #0  doadump (textdump=<value optimized out>) at pcpu.h:230
#1  0xffffffff80b9b14b in kern_reboot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:446
#2  0xffffffff80b9b5c3 in vpanic (fmt=<value optimized out>,
    ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:872
#3  0xffffffff80b9b3b3 in panic (fmt=<value optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:799
#4  0xffffffff8107496f in trap_fatal (frame=0xfffffe000fe94590, eva=1040)
    at /usr/src/sys/amd64/amd64/trap.c:929
#5  0xffffffff810749c9 in trap_pfault (frame=0xfffffe000fe94590, usermode=0)
    at pcpu.h:230
#6  0xffffffff81073fee in trap (frame=0xfffffe000fe94590)
    at /usr/src/sys/amd64/amd64/trap.c:441
#7  0xffffffff8104f435 in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:232
#8  0xffffffff80b7ad4c in __mtx_lock_sleep (c=0xfffff8001045bc98, v=4)
    at /usr/src/sys/kern/kern_mutex.c:577
#9  0xffffffff80ca90d7 in tunifioctl (ifp=<value optimized out>,
    cmd=<value optimized out>, data=0xfffff80002f98c00 "wg0")
    at /usr/src/sys/net/if_tun.c:543
#10 0xffffffff80c9a072 in ifhwioctl (cmd=<value optimized out>,
    ifp=<value optimized out>, data=<value optimized out>,
    td=0xfffff80002f22000) at /usr/src/sys/net/if.c:2881
#11 0xffffffff80c9c05f in ifioctl (so=0xfffff8000969b6d0, cmd=3274795323,
    data=<value optimized out>, td=0xfffff80002f22000)
    at /usr/src/sys/net/if.c:3086
#12 0xffffffff80c04f3d in kern_ioctl (td=0xfffff80002f22000, fd=3,
    com=3274795323, data=<value optimized out>) at file.h:330
#13 0xffffffff80c04c5e in sys_ioctl (td=0xfffff80002f22000,
    uap=0xfffff80002f223c0) at /usr/src/sys/kern/sys_generic.c:712
#14 0xffffffff81075449 in amd64_syscall (td=0xfffff80002f22000, traced=0)
    at subr_syscall.c:135
#15 0xffffffff8104fd1d in fast_syscall_common ()
    at /usr/src/sys/amd64/amd64/exception.S:504
#16 0x000000080046611a in ?? ()
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal
(kgdb)

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-net mailing list