[ofa-general] crash in ipoib

Michael S. Tsirkin mst at dev.mellanox.co.il
Thu Jun 14 10:35:23 PDT 2007 

> Quoting Sean Hefty <mshefty at ichips.intel.com>:
> Subject: Re: [ofa-general] crash in ipoib
> 
> Here's the capture from the network console

Aha, cool.

> <5> [...network console startup...]
> <5> Unable to handle kernel NULL pointer dereference at 0000000000000008 
> RIP:
> <5> <4>Warning: kfree_skb on hard IRQ ffffffff802bb055
> <5> Warning: kfree_skb on hard IRQ ffffffff802bb055
> <5> Warning: kfree_skb on hard IRQ ffffffff802bb055
> <5> Warning: kfree_skb on hard IRQ ffffffff802bb055

Weird stuff, it looks like we are freeing an skb with
a destructor. Where does ffffffff802bb055 point to?
Since 2.6.12 we'd get a proper stack dump for this, but
in 2.6.9 need to decode it manually.

> <5> <ffffffffa0146b60>{:ib_ipoib:ipoib_cm_handle_rx_wc+378}
> <5> PML4 dcc2f067 PGD 102087067 PMD 0
> <5> Oops: 0002 [1] SMP
> <5> CPU 1
> <5> Modules linked in: netconsole det(U) nfs lockd nfs_acl autofs4 
> i2c_dev i2c_core sunrpc rdma_ucm(U) ib_vnic(U) ib_sdp(U) rdma_cm(U) 
> iw_cm(U) ib_addr(U) ib_local_sa(U) ib_ipath(U) ipt_REJECT ipt_state 
> ip_conntrack iptable_filter ip_tables dm_mirror dm_mod button battery ac 
> joydev uhci_hcd ehci_hcd hw_random ib_mthca(U) ib_ipoib(U) ib_umad(U) 
> ib_ucm(U) ib_uverbs(U) ib_cm(U) ib_sa(U) ib_mad(U) ib_core(U) md5 ipv6 
> e1000(U) ahci ext3 jbd ata_piix libata sd_mod scsi_mod
> <5> Pid: 1584, comm: ib_cm/1 Tainted: PF     2.6.9-42.ELsmp
> <5> RIP: 0010:[<ffffffffa0146b60>] 
> <ffffffffa0146b60>{:ib_ipoib:ipoib_cm_handle_rx_wc+378}
> <5> RSP: 0018:0000010005d7b940  EFLAGS: 00010046
> <5> RAX: 0000000000000000 RBX: 000001010d3a8e00 RCX: 0000000000000000
> <5> RDX: 000001010d3a8e10 RSI: 00000101191b3990 RDI: 00000101191b3380
> <5> RBP: 000001011302b680 R08: 0000000000000010 R09: 0000010119301e00
> <5> R10: 000000000000001f R11: 00000000000000e4 R12: 0000000000000206
> <5> R13: 00000101191b3380 R14: 00000101191b3000 R15: 0000000000000030
> <5> FS:  0000000000000000(0000) GS:ffffffff804e5100(0000) 
> knlGS:0000000000000000
> <5> CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
> <5> CR2: 0000000000000008 CR3: 0000000005d68000 CR4: 00000000000006e0
> <5> Process ib_cm/1 (pid: 1584, threadinfo 0000010119c14000, task 
> 000001011a9c5030)
> <5> Stack: 0000000000000206 0000000000000030 0000000000000206 
> 0000010110e8fb00
> <5>        00000101191b37b8 0000000000000206 00000000dc62401c 
> 0000000400000206
> <5>        0100000082000001 000000041a9121c0

Where does :ib_ipoib:ipoib_cm_handle_rx_wc+378 point to on your system?



-- 
MST

More information about the general mailing list