Ubuntu
linux package

  1. Bug #1847478
  2. Comment #2

Comment 2 for bug 1847478

Revision history for this message
Jason A. Donenfeld (zx2c4) wrote : Re: wireguard crashes system shortly after wg-quick down wg0

Yep, confirmed that Eoan is broken. Here's reproduction steps:

root@scw-competent-dirac:~# uname -a
Linux scw-competent-dirac 5.3.0-13-generic #14-Ubuntu SMP Tue Sep 24 02:46:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
root@scw-competent-dirac:~# ip netns add crash
root@scw-competent-dirac:~# ip -n crash link add dummy1 type dummy
root@scw-competent-dirac:~# ip -n crash link set dummy1 up
root@scw-competent-dirac:~# ip -n crash -6 route add default dev dummy1
root@scw-competent-dirac:~# ip -n crash -6 rule add table main suppress_prefixlength 0
root@scw-competent-dirac:~# ip netns exec crash ping -f -c 1000 -W 1 1234::1 || true
PING 1234::1(1234::1) 56 data bytes
..Segmentation fault
root@scw-competent-dirac:~# ip -n crash -6 rule del table main suppress_prefixlength 0
root@scw-competent-dirac:~# ip -n crash link del dummy1

[ 100.388052] general protection fault: 0000 [#1] SMP NOPTI
[ 100.396544] CPU: 1 PID: 1680 Comm: ping Tainted: G W 5.3.0-13-generic #14-Ubuntu
[ 100.398869] Hardware name: Scaleway Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
[ 100.401359] RIP: 0010:ip6_dst_hoplimit+0x1b/0x50
[ 100.402157] Code: 85 c9 44 8b 45 d0 74 9b eb 82 0f 1f 44 00 00 0f 1f 44 00 00 48 8b 47 10 55 48 83 e0 fc 8b 40 24 48 89 e5 85 c0 75 15 48 8b 07 <48> 8b 90 10 03 00 00 48 85 d2 74 08 8b 82 1c 01 00 00 5d c3 48 8b
[ 100.405133] RSP: 0018:ffffb7dcc04e3c20 EFLAGS: 00010246
[ 100.405940] RAX: 3b3856482af84913 RBX: ffffa01db31d3cf0 RCX: 0000000000000000
[ 100.407045] RDX: 00000000ffffffff RSI: ffffa01dada4e300 RDI: ffffa01dada4e300
[ 100.408261] RBP: ffffb7dcc04e3c20 R08: 0000000000000006 R09: 0000000000000000
[ 100.409433] R10: ffffb7dcc04e3d00 R11: 0000000000000039 R12: ffffb7dcc04e3e10
[ 100.410611] R13: ffffb7dcc04e3d00 R14: ffffa01db31d3900 R15: 0000000000000000
[ 100.411889] FS: 00007f6c12b8e040(0000) GS:ffffa01dbf700000(0000) knlGS:0000000000000000
[ 100.413180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 100.414126] CR2: 00007f5c067453e0 CR3: 0000000031900000 CR4: 00000000003406e0
[ 100.415335] Call Trace:
[ 100.415746] rawv6_sendmsg+0x81c/0xad0
[ 100.416474] ? sock_common_recvmsg+0x49/0x70
[ 100.417131] inet_sendmsg+0x6c/0x70
[ 100.417730] ? security_socket_sendmsg+0x3f/0x60
[ 100.418468] ? inet_sendmsg+0x6c/0x70
[ 100.419109] sock_sendmsg+0x5e/0x70
[ 100.419775] __sys_sendto+0x113/0x190
[ 100.420517] ? __sys_recvmsg+0x59/0xa0
[ 100.421307] __x64_sys_sendto+0x29/0x30
[ 100.422036] do_syscall_64+0x5a/0x130
[ 100.422692] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 100.423479] RIP: 0033:0x7f6c12cd58aa
[ 100.424123] Code: 48 c7 c0 ff ff ff ff eb bc 0f 1f 80 00 00 00 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 76 c3 0f 1f 44 00 00 55 48 83 ec 30 44 89 4c
[ 100.426939] RSP: 002b:00007ffe8eed1d28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 100.428248] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00007f6c12cd58aa
[ 100.429498] RDX: 0000000000000040 RSI: 0000560c046766c0 RDI: 0000000000000004
[ 100.430647] RBP: 0000560c046766c0 R08: 0000560c04674640 R09: 000000000000001c
[ 100.431843] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8eed3028
[ 100.433031] R13: 0000560c046766c0 R14: 0000001d00000001 R15: 0000560c046723a0
[ 100.434158] Modules linked in: dummy nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua kvm_amd ccp kvm irqbypass joydev input_leds serio_raw mac_hid qemu_fw_cfg sch_fq_codel ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 crypto_simd cryptd glue_helper psmouse virtio_blk virtio_net net_failover virtio_scsi failover pata_acpi i2c_piix4 floppy
[ 100.442203] ---[ end trace 2009978ed4c4e669 ]---
[ 100.443005] RIP: 0010:ip6_dst_hoplimit+0x1b/0x50
[ 100.443802] Code: 85 c9 44 8b 45 d0 74 9b eb 82 0f 1f 44 00 00 0f 1f 44 00 00 48 8b 47 10 55 48 83 e0 fc 8b 40 24 48 89 e5 85 c0 75 15 48 8b 07 <48> 8b 90 10 03 00 00 48 85 d2 74 08 8b 82 1c 01 00 00 5d c3 48 8b
[ 100.446933] RSP: 0018:ffffb7dcc04e3c20 EFLAGS: 00010246
[ 100.447801] RAX: 3b3856482af84913 RBX: ffffa01db31d3cf0 RCX: 0000000000000000
[ 100.449171] RDX: 00000000ffffffff RSI: ffffa01dada4e300 RDI: ffffa01dada4e300
[ 100.450486] RBP: ffffb7dcc04e3c20 R08: 0000000000000006 R09: 0000000000000000
[ 100.451647] R10: ffffb7dcc04e3d00 R11: 0000000000000039 R12: ffffb7dcc04e3e10
[ 100.452695] R13: ffffb7dcc04e3d00 R14: ffffa01db31d3900 R15: 0000000000000000
[ 100.453774] FS: 00007f6c12b8e040(0000) GS:ffffa01dbf700000(0000) knlGS:0000000000000000
[ 100.455125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 100.456141] CR2: 00007f5c067453e0 CR3: 0000000031900000 CR4: 00000000003406e0
[ 100.484084] general protection fault: 0000 [#2] SMP NOPTI
[ 100.485628] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G D W 5.3.0-13-generic #14-Ubuntu
[ 100.489198] Hardware name: Scaleway Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
[ 100.491782] RIP: 0010:dst_dev_put+0x59/0x70
[ 100.492788] Code: e6 e8 6b 27 4f 00 48 8b 05 24 0d 44 01 48 c7 43 28 40 e5 50 97 48 c7 43 30 20 e5 50 97 48 89 03 48 8b 80 a8 04 00 00 65 ff 00 <49> 8b 84 24 a8 04 00 00 65 ff 08 5b 41 5c 5d c3 0f 1f 80 00 00 00
[ 100.495445] RSP: 0018:ffffb7dcc0003e68 EFLAGS: 00010202
[ 100.496141] RAX: 000037bf00601980 RBX: ffffa01dada4e300 RCX: 0000000000000001
[ 100.497218] RDX: 0000000000000001 RSI: 3b3856482af84913 RDI: ffffa01dada4e300
[ 100.498506] RBP: ffffb7dcc0003e78 R08: 0000000000000000 R09: ffffffff9761d700
[ 100.499764] R10: ffffa01dbac44500 R11: 0000000000000001 R12: 3b3856482af84913
[ 100.501512] R13: ffffa01dbac440a0 R14: ffffa01dada4e300 R15: 000000000000000a
[ 100.502487] FS: 0000000000000000(0000) GS:ffffa01dbf600000(0000) knlGS:0000000000000000
[ 100.503574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 100.504475] CR2: 000056436b9586b0 CR3: 0000000031900000 CR4: 00000000003406f0
[ 100.505505] Call Trace:
[ 100.505932] <IRQ>
[ 100.506265] fib6_nh_release+0x7f/0xb0
[ 100.506858] fib6_info_destroy_rcu+0x89/0x90
[ 100.507540] rcu_core+0x2fb/0x450
[ 100.508145] rcu_core_si+0xe/0x10
[ 100.508647] __do_softirq+0xe1/0x2d6
[ 100.509145] ? hrtimer_interrupt+0x13b/0x220
[ 100.509731] irq_exit+0xae/0xb0
[ 100.510320] smp_apic_timer_interrupt+0x7b/0x140
[ 100.511303] apic_timer_interrupt+0xf/0x20
[ 100.511957] </IRQ>
[ 100.512270] RIP: 0010:native_safe_halt+0xe/0x10
[ 100.512850] Code: 7b ff ff ff eb bd 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d b6 d7 56 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d a6 d7 56 00 fb f4 <c3> 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 e8 0d 02 68 ff 65
[ 100.515453] RSP: 0018:ffffffff98203e18 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 100.516549] RAX: ffffffff9769c880 RBX: 0000000000000000 RCX: 0000000000000001
[ 100.517635] RDX: 000000000000a716 RSI: ffffffff98203dd8 RDI: 000000175cf64452
[ 100.518775] RBP: ffffffff98203e38 R08: 00000017651416a6 R09: 0000000000000000
[ 100.519940] R10: ffffa01dbf6173c8 R11: 0000000000000000 R12: 0000000000000000
[ 100.520980] R13: ffffffff98213780 R14: 0000000000000000 R15: 0000000000000000
[ 100.521970] ? __cpuidle_text_start+0x8/0x8
[ 100.522723] ? tick_nohz_idle_stop_tick+0x164/0x290
[ 100.523558] ? default_idle+0x20/0x140
[ 100.524236] arch_cpu_idle+0x15/0x20
[ 100.524874] default_idle_call+0x23/0x30
[ 100.525628] do_idle+0x209/0x280
[ 100.526451] cpu_startup_entry+0x20/0x30
[ 100.527326] rest_init+0xae/0xb0
[ 100.527888] arch_call_rest_init+0xe/0x1b
[ 100.528579] start_kernel+0x569/0x587
[ 100.529137] x86_64_start_reservations+0x24/0x26
[ 100.529866] x86_64_start_kernel+0x75/0x79
[ 100.530493] secondary_startup_64+0xa4/0xb0
[ 100.531134] Modules linked in: dummy nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua kvm_amd ccp kvm irqbypass joydev input_leds serio_raw mac_hid qemu_fw_cfg sch_fq_codel ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 crypto_simd cryptd glue_helper psmouse virtio_blk virtio_net net_failover virtio_scsi failover pata_acpi i2c_piix4 floppy
[ 100.538877] ---[ end trace 2009978ed4c4e66a ]---
[ 100.539780] RIP: 0010:ip6_dst_hoplimit+0x1b/0x50
[ 100.541007] Code: 85 c9 44 8b 45 d0 74 9b eb 82 0f 1f 44 00 00 0f 1f 44 00 00 48 8b 47 10 55 48 83 e0 fc 8b 40 24 48 89 e5 85 c0 75 15 48 8b 07 <48> 8b 90 10 03 00 00 48 85 d2 74 08 8b 82 1c 01 00 00 5d c3 48 8b
[ 100.546337] RSP: 0018:ffffb7dcc04e3c20 EFLAGS: 00010246
[ 100.547980] RAX: 3b3856482af84913 RBX: ffffa01db31d3cf0 RCX: 0000000000000000
[ 100.550056] RDX: 00000000ffffffff RSI: ffffa01dada4e300 RDI: ffffa01dada4e300
[ 100.552014] RBP: ffffb7dcc04e3c20 R08: 0000000000000006 R09: 0000000000000000
[ 100.553783] R10: ffffb7dcc04e3d00 R11: 0000000000000039 R12: ffffb7dcc04e3e10
[ 100.555558] R13: ffffb7dcc04e3d00 R14: ffffa01db31d3900 R15: 0000000000000000
[ 100.557444] FS: 0000000000000000(0000) GS:ffffa01dbf600000(0000) knlGS:0000000000000000
[ 100.558555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 100.559401] CR2: 000056436b9586b0 CR3: 0000000031900000 CR4: 00000000003406f0
[ 100.560477] Kernel panic - not syncing: Fatal exception in interrupt
[ 100.562775] Kernel Offset: 0x15c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 100.564648] ---[ end Kernel panic