# intermittent kernel panic with wireguard-go



## GraemeA (Dec 22, 2018)

I have had 2 kernel panics at shutdown, both related to trying to delete a network interface created by wireguard-go:


```
Wed Dec 19 15:09:27 GMT 2018

FreeBSD zeeko 12.0-RELEASE FreeBSD 12.0-RELEASE r341666 GENERIC  amd64

panic: page fault

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:
<118>.
<118>Terminated
<118>Dec 19 15:08:17 zeeko syslogd: exiting on signal 15
<6>in_scrubprefix: err=65, prefix delete failed
<6><wireguard interface name>: deletion failed: 3


Fatal trap 12: page fault while in kernel mode
cpuid = 3; apic id = 06
fault virtual address   = 0x28
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff80de0ec3
stack pointer           = 0x28:0xfffffe00a6e0e380
frame pointer           = 0x28:0xfffffe00a6e0e3e0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 1101 (wireguard-go)
trap number             = 12
panic: page fault
cpuid = 3
time = 1545232097
KDB: stack backtrace:
#0 0xffffffff80be7977 at kdb_backtrace+0x67
#1 0xffffffff80b9b563 at vpanic+0x1a3
#2 0xffffffff80b9b3b3 at panic+0x43
#3 0xffffffff8107496f at trap_fatal+0x35f
#4 0xffffffff810749c9 at trap_pfault+0x49
#5 0xffffffff81073fee at trap+0x29e
#6 0xffffffff8104f1d5 at calltrap+0x8
#7 0xffffffff80de0e3e at in6_purgeaddr+0x46e
#8 0xffffffff80c9662f at if_purgeaddrs+0x21f
#9 0xffffffff80c97116 at if_detach_internal+0x916
#10 0xffffffff80c967ee at if_detach+0x2e
#11 0xffffffff80ca761f at tun_destroy+0xbf
#12 0xffffffff80c9f1e2 at if_clone_destroyif+0x1d2
#13 0xffffffff80c9efaa at if_clone_destroy+0x1ba
#14 0xffffffff80c9c002 at ifioctl+0x432
#15 0xffffffff80c04f3d at kern_ioctl+0x26d
#16 0xffffffff80c04c5e at sys_ioctl+0x15e
#17 0xffffffff81075449 at amd64_syscall+0x369
Uptime: 1h11m8s
```

Normal procedure is (1) boot machine to console and login as user (2) xinit (3) open xterm window and:

```
sudo wg-quick up ~/wireguard_config/wg_interface1.conf
```

(4) do work (5) close everything (6) shutdown xserver (7) issue shutdown command from console. This is when the kernel panic happens - if it panics at all.

It is very rare for me to explicitly close the wireguard interface. 

This has only happened since switching to 12.0 and only happens occasionally.


----------



## GraemeA (Dec 24, 2018)

Well, two more kernel panics today when manually bringing down the wireguard interface (wg-quick down <etc>).

```
kgdb) list *0xffffffff80de0ec3
0xffffffff80de0ec3 is in in6_unlink_ifa (/usr/src/sys/netinet6/in6.c:1326).
1321    {
1322            char ip6buf[INET6_ADDRSTRLEN];
1323            int remove_lle;
1324
1325            IF_ADDR_WLOCK(ifp);
1326            CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
1327            IF_ADDR_WUNLOCK(ifp);
1328            ifa_free(&ia->ia_ifa);                  /* if_addrhead */
1329
1330            /*
(kgdb) backtrace
#0  __curthread () at ./machine/pcpu.h:230
#1  doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:366
#2  0xffffffff80b9b14b in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:446
#3  0xffffffff80b9b5c3 in vpanic (fmt=<optimized out>, ap=0xfffffe008c5ef140) at /usr/src/sys/kern/kern_shutdown.c:872
#4  0xffffffff80b9b3b3 in panic (fmt=<unavailable>) at /usr/src/sys/kern/kern_shutdown.c:799
#5  0xffffffff8107496f in trap_fatal (frame=0xfffffe008c5ef330, eva=40) at /usr/src/sys/amd64/amd64/trap.c:929
#6  0xffffffff810749c9 in trap_pfault (frame=0xfffffe008c5ef330, usermode=0) at /usr/src/sys/amd64/amd64/trap.c:765
#7  0xffffffff81073fee in trap (frame=0xfffffe008c5ef330) at /usr/src/sys/amd64/amd64/trap.c:441
#8  <signal handler called>
#9  0xffffffff80de0ec3 in in6_unlink_ifa (ia=0xfffff802bd25c400, ifp=0xfffff801c44ef800) at /usr/src/sys/netinet6/in6.c:1326
#10 0xffffffff80de0e3e in in6_purgeaddr (ifa=0xfffff802bd25c400) at /usr/src/sys/netinet6/in6.c:1316
#11 0xffffffff80c9662f in if_purgeaddrs (ifp=0xfffff801c44ef800) at /usr/src/sys/net/if.c:995
#12 0xffffffff80ca79c1 in tunclose (dev=<optimized out>, foo=<optimized out>, bar=<optimized out>, td=<optimized out>) at /usr/src/sys/net/if_tun.c:478
#13 0xffffffff80a518ca in devfs_close (ap=<optimized out>) at /usr/src/sys/fs/devfs/devfs_vnops.c:650
#14 0xffffffff811f89b8 in VOP_CLOSE_APV (vop=<optimized out>, a=0xfffffe008c5ef788) at vnode_if.c:534
#15 0xffffffff80c7b6bf in VOP_CLOSE (vp=<optimized out>, fflag=<optimized out>, cred=<optimized out>, td=<optimized out>) at ./vnode_if.h:225
#16 vn_close1 (vp=0xfffff8021fe231e0, flags=7, file_cred=0xfffff801ba17fa00, td=0xfffff8021381e580, keep_ref=false) at /usr/src/sys/kern/vfs_vnops.c:454
#17 0xffffffff80c7a3c0 in vn_closefile (fp=0xfffff8000af35780, td=0x0) at /usr/src/sys/kern/vfs_vnops.c:1563
#18 0xffffffff80a5224c in devfs_close_f (fp=0xfffff8000af35780, td=0xfffff801c44ef800) at /usr/src/sys/fs/devfs/devfs_vnops.c:669
#19 0xffffffff80b4363a in fo_close (fp=0xfffff8000af35780, td=0xfffff801c44ef800) at /usr/src/sys/sys/file.h:353
#20 _fdrop (fp=0xfffff8000af35780, td=0xfffff801c44ef800) at /usr/src/sys/kern/kern_descrip.c:2950
#21 0xffffffff80b466e4 in closef (fp=0xfffff8000af35780, td=0xfffff8021381e580) at /usr/src/sys/kern/kern_descrip.c:2528
#22 0xffffffff80b43b69 in closefp (fdp=0xfffff8000e8be000, fd=<optimized out>, fp=0xfffff8000af35780, td=0xfffff8021381e580, holdleaders=0) at /usr/src/sys/kern/kern_descrip.c:1199
#23 0xffffffff81075449 in syscallenter (td=<optimized out>) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135
#24 amd64_syscall (td=0xfffff8021381e580, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1076
#25 <signal handler called>
#26 0x000000000048b9e0 in ?? ()
Backtrace stopped: Cannot access memory at address 0xc00003bcc8

{/CODE]
```


----------

