[Bug] Regression v1.10.0 tap device unreliable and unresponsive

[louwers]

Describe the bug

A recent Firecracker version seems to have introduced a regression.

The connection via tap device becomes quickly unreliable and unresponsive after boot (however, it works fine for a short time). I am just following the getting started guide, nothing fancy. I am on ARM64.

To Reproduce

[Author TODO: Steps to reproduce the behaviour:]

1. Start Firecracker via sudo ./firecracker-v1.11.0-aarch64 --config-file firecracker.conf --api-sock ./firecracker.socket
2. Configure Firecracker via

{
  "boot-source": {
    "kernel_image_path": "vmlinux-6.1.128",
    "boot_args": "keep_bootcon console=ttyS0 reboot=k panic=1 pci=off"
  },
  "drives": [
    {
      "drive_id": "rootfs",
      "is_root_device": true,
      "is_read_only": false,
      "path_on_host": "ubuntu-24.04.ext4"
    }
  ],
  "machine-config": null,
  "cpu-config": null,
  "balloon": null,
  "network-interfaces": [
    {
      "iface_id": "net1",
      "guest_mac": "06:00:AC:10:00:02",
      "host_dev_name": "tap0"
    }
  ],
  "vsock": null,
  "logger": {
    "log_path": "./firecracker.log",
    "level": "Debug",
    "show_level": true,
    "show_log_origin": true
  },
  "metrics": null,
  "mmds-config": null,
  "entropy": null
}

3. Connect via SSH, it will fail after a few attempts

For some reason this config does not parse with v1.10.0. However I am pretty sure this version introduced the bug since it mentions changes with virtio-net.

The bug is not reproducible with v1.9.1

sudo ./firecracker-v1.9.1-aarch64 --config-file firecracker.conf --api-sock ./firecracker.socket

Expected behaviour

It remains possible to ssh into the device.

ping 172.16.0.2

should keep pinging, instead packets get delayed, dropped, etc.

Environment

[Author TODO: Please supply the following information):]

• Firecracker version: v1.10.0
• Host and guest kernel versions: host: 6.14.6-400.asahi.fc41.aarch64+16k, guest: 6.1.128
• Rootfs used: the one from the getting started guide
• Architecture: arm64
• Any other relevant software versions: N/A

Additional context

[Author TODO: How has this bug affected you?]
Not much just trying out Firecracker

[Author TODO: What are you trying to achieve?]
Just run the thing

[Author TODO: Do you have any idea of what the solution might be?]
Probably the virtio changes are related

Note that Ashai Linux uses 16K pages, which may have something to do with it

Checks

• Have you searched the Firecracker Issues database for similar problems?
• Have you read the existing relevant Firecracker documentation?
• Are you certain the bug being reported is a Firecracker issue?

According to @Manciukic this has not been reported yet.

[ShadowCurse]

Hi @louwers, thank you for the bug report.
I could reproduce the behaviour you described and it is the page size that causes the issue. Created a quick fix in #5222. Would appreciate if you can test if it fixes problem on your setup as well.
Unfortunately we don't test Firecracker on non 4K hosts in our CI, so things like this go unnoticed for a while.

[louwers]

Yes seems to fix the problem!