From: Samuel Holland <samuel@sholland.org>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Instability during large transfers
Date: Wed, 1 Mar 2017 16:44:59 -0600 [thread overview]
Message-ID: <ce815e61-51e4-48e4-d5ca-e73df208061b@sholland.org> (raw)
In-Reply-To: <CAHmME9qUBMh7DWwWboABv=oLXyfAq9-HWF93s4siPRfgzZpbBw@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1811 bytes --]
On 02/17/17 07:36, Jason A. Donenfeld wrote:
> Thanks very much for the excellent debugging output. I'll try to
> reproduce this as well on my systems.
I assume you have not been able to reproduce this issue.
> The stack trace does indicate that the OOPS is happening in padata,
> not in wireguard, so I wonder if this is some bug caused either by
> grsecurity or by something else that was then fixed, but since your
> kernel is a bit old (4.7.10) maybe the fix didn't make it. In either
> case, I'll try to reproduce on that kernel and on newer kernels and
> will get back to you.
>
> I presume you have most PaX options turned on?
Since this is on 4.7.10 (that is pre-4.9), this is not related to the
other bug recently reported.
I have disabled all grsecurity/PaX options in my kernel config
(attached) and was able to trigger the bug again. This is with WireGuard
commit f97b7e34bda436ac4572697a8770837eec7470b6 and debugging enabled.
Again attached is the dmesg.
I used the same SSH cat /dev/zero | dd of=/dev/null as before. This time
I got "192656101376 bytes (193 GB, 179 GiB) copied, 41643 s, 4.6 MB/s"
before the connection was broken.
Interestingly, when the firewall came back up, I again had the issue
where devices were continuing to handshake, but no data went through
(and I could confirm this with the wireguard debug output in dmesg).
I was unable to reproduce this issue with a spare laptop (ThinkPad
X220), even after leaving it running for about three days. Since the
router has a rather weak Atom CPU (http://ark.intel.com/products/78866),
I suspect maybe a race condition due to the high load might be involved?
Is there anything else I can do to debug this? Enable some kernel
debugging option? Try a vanilla kernel? Try a newer kernel?
> Thanks, Jason
Thanks,
Samuel Holland
[-- Attachment #2: panic_grsec_disabled.config.gz --]
[-- Type: application/gzip, Size: 25965 bytes --]
[-- Attachment #3: panic_grsec_disabled.dmesg.gz --]
[-- Type: application/gzip, Size: 46450 bytes --]
next prev parent reply other threads:[~2017-03-01 22:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-16 18:38 Samuel Holland
2017-02-17 4:48 ` Samuel Holland
2017-02-17 13:36 ` Jason A. Donenfeld
2017-02-17 17:37 ` Samuel Holland
2017-03-01 22:44 ` Samuel Holland [this message]
2017-03-21 15:06 ` Samuel Holland
2017-03-21 17:33 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ce815e61-51e4-48e4-d5ca-e73df208061b@sholland.org \
--to=samuel@sholland.org \
--cc=Jason@zx2c4.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).