The host is using the ath9k driver. eth0+wlan0 are bridged. Shortly after I start using the wireless network with my macbook, the bug triggers. No idea if it's wireless related, because there's also a rtl8169_rx_interrupt entry in the stacktrace.
This is a transcript, since I don't (have/know of) any way to get the backtrace out of a crashed box.
lots of br_flood_deliver
lots of br_*_finish
one ? rtl8169_interrupt
one ? ath9k_ioread32
Can you take a digital photograph of the screen and attach that to the report?
I provoked the panic twice, so there are two photos. Each time the panic happened, I saw two stack traces fly by. My screen isn't tall enough to capture both, but at the very top of the second photo you see the last couple lines of the first stack trace.
ip_fragment+0x52 is line 160 of include/net/dst.h
Created attachment 55502 [details]
Photo of the stacktrace (1)
Created attachment 55512 [details]
Photo of the stacktrace (2)
There's no mention of the kernel version in this report?
(switched to email. Please respond via emailed reply-to-all, not via the
bugzilla web interface).
On Sat, 23 Apr 2011 07:51:56 GMT firstname.lastname@example.org wrote:
> Summary: NULL pointer dereference in ip_fragment
oops in ip_defragment(). Kernel is 2.6.39-rc4. There are some
screenshots attached to the report.
> Product: Networking
> Version: 2.5
> Platform: All
> OS/Version: Linux
> Tree: Mainline
> Status: NEW
> Severity: normal
> Priority: P1
> Component: Other
> AssignedTo: email@example.com
> ReportedBy: firstname.lastname@example.org
> Regression: No
> The host is using the ath9k driver. eth0+wlan0 are bridged. Shortly after I
> start using the wireless network with my macbook, the bug triggers. No idea
> it's wireless related, because there's also a rtl8169_rx_interrupt entry in
> This is a transcript, since I don't (have/know of) any way to get the
> out of a crashed box.
> IP: ip_fragment+0x52/0x840
> Call Trace:
> then also:
> lots of br_flood_deliver
> lots of br_*_finish
> one ? rtl8169_interrupt
> one ? ath9k_ioread32
On Sunday, June 12, 2011, Eric Dumazet wrote:
> Le dimanche 12 juin 2011 à 23:12 +0200, Rafael J. Wysocki a écrit :
> > This message has been generated automatically as a part of a report
> > of regressions introduced between 2.6.38 and 2.6.39.
> > The following bug entry is on the current list of known regressions
> > introduced between 2.6.38 and 2.6.39. Please verify if it still should
> > be listed and let the tracking team know (either way).
> > Bug-Entry : http://bugzilla.kernel.org/show_bug.cgi?id=33842
> > Subject : NULL pointer dereference in ip_fragment
> > Submitter : Tomas Carnecky <email@example.com>
> > Date : 2011-04-23 07:51 (51 days old)
> This is probably fixed in current linux-2.6 tree, and 126.96.36.199 as well
> If not, maybe commit 64f3b9e203b (ip_expire() must revalidate route)
> needs to be included in 2.6.39.X
> (I believe Greg took it for 2.6.38, but cant find it in 2.6.39 ?)