Created attachment 154861 [details] Panic message captured over serial console This bug is being encountered on a machine with 6 ixgbe interfaces configured as 3 bonded pairs. Currently using netperf for testing UDP throughput from ~136 client machines connected via 1G interfaces. This is the command being run on the clients: netperf -H XX.XX.XX.XX -t OMNI -l 60 -- -d send -T UDP -O throughput,direction -m 16384 This is the command being run on the server: netserver -4
(In reply to Patrick McLean from comment #0) > Created attachment 154861 [details] > Panic message captured over serial console Thanks for reporting. It looks like there was a warning prior to crash: CPU: 7 PID: 257 Comm: kworker/7:1 Tainted: G W 3.18.0-rc1-base-7+ #2 Could you check if there is such warning before the log lines? Maybe it would provide additional hint.
Created attachment 155531 [details] full kernel log from affected machine with suggested patch from mailing list Here is the full (sanitized) kernel log from the affected machine, with this patch (from the mailing list applied). > diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c > index 9eb89f3f0ee4..894ec30c5896 100644 > --- a/net/ipv4/inet_fragment.c > +++ b/net/ipv4/inet_fragment.c > @@ -285,7 +285,8 @@ static inline void fq_unlink(struct inet_frag_queue *fq, > struct inet_frags *f) > struct inet_frag_bucket *hb; > > hb = get_frag_bucket_locked(fq, f); > - hlist_del(&fq->list); > + if (!(fq->flags & INET_FRAG_EVICTED)) > + hlist_del(&fq->list); > spin_unlock(&hb->chain_lock); > } Kernel version is 3.18-rc2