Bug 63527 - Crash During LVM Snapshot
Crash During LVM Snapshot
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
7.3
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Stephen Tweedie
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-04-15 12:59 EDT by Thornton Prime
Modified: 2007-04-18 12:42 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-04-16 12:24:50 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Thornton Prime 2002-04-15 12:59:26 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-31 i686; Nav)

Description of problem:
Crash when attempting LVM snapshot using IBM ServeRAID with ips driver.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Boot.
2. Create LV and filesystem.
3. Write data.
4. Try to take snapshot (lvcreate -s)
	

Actual Results:  invalid operand: 0000
Unable to handle kernel paging request at virtual address 37aedeee
printing eip:
c0131036
*pde = 00000000

Expected Results:  Not crash.

Additional info:

IBM x350 with 4 Xeon 700MHz, 512M RAM.
LVM is on a ServeRAID volume, which consists of a single 18G drive (no actual
RAID running).
Comment 1 Stephen Tweedie 2002-04-15 13:13:32 EDT
What kernel version?  And could you please provide the full kernel oops trace?
Comment 2 Stephen Tweedie 2002-04-15 13:43:34 EDT
Update from original sender:

From: Thornton Prime <thornton@yoyoweb.com>
Subject: Re: [Bug 63527] Changed - Crash During LVM Snapshot

> Kernel was 2.4.18-0.13 SMP/i686.
> 
> Unfortunately, that was as much of a trace as I could get off the screen 
> (it always seems to stop the output right there).

kernel 2.4.18-0.22 debug/i386 gave me a good trace:

 kernel BUG at vmalloc.c:246!
 invalid operand: 0000
 eepro100 loop usb-ohci usbcore ext3 jbd lvm-mod ips sd_mod scsi_mod
 CPU:    0
 EIP:    0010:[__vmalloc+54/496]    Not tainted
 EIP:    0010:[<c0130886>]    Not tainted
 EFLAGS: 00010282

 EIP is at __vmalloc [kernel] 0x36 (2.4.18-0.22debug)
 eax: 0000001d   ebx: 00000000   ecx: 00000001   edx: 000022c1
 esi: 00000000   edi: f6a0f200   ebp: fffffff4   esp: f69d5cd0
 ds: 0018   es: 0018   ss: 0018
 Process lvcreate (pid: 760, stackpage=f69d5000)
 Stack: c0238edc 000000f6 c02dd07c c02dd07c c02dd238 00000000 00000500 c0135665
        c01516f1 00000001 00000000 00000000 f6a0f200 fffffff4 f88426a5 00000000
        000001f2 00000163 00000000 f6a0f200 f6a0f36c f6a0f200 f884275c f6a0f200
 Call Trace: [__alloc_pages+117/768] __alloc_pages [kernel] 0x75
 Call Trace: [<c0135665>] __alloc_pages [kernel] 0x75
 [alloc_kiobuf_bhs+33/128] alloc_kiobuf_bhs [kernel] 0x21
 [<c01516f1>] alloc_kiobuf_bhs [kernel] 0x21
 
[eepro100:__insmod_eepro100_O/lib/modules/2.4.18-0.22debug/kernel/dri+-1575259/96] 
lvm_snapshot_alloc_hash_table [lvm-mod] 0x45
 [<f88426a5>] lvm_snapshot_alloc_hash_table [lvm-mod] 0x45
 
[eepro100:__insmod_eepro100_O/lib/modules/2.4.18-0.22debug/kernel/dri+-1575076/96] 
lvm_snapshot_alloc [lvm-mod] 0x6c
 [<f884275c>] lvm_snapshot_alloc [lvm-mod] 0x6c
 
[eepro100:__insmod_eepro100_O/lib/modules/2.4.18-0.22debug/kernel/dri+-1584425/96] 
lvm_do_lv_create [lvm-mod] 0x517
 [<f88402d7>] lvm_do_lv_create [lvm-mod] 0x517
 
[eepro100:__insmod_eepro100_O/lib/modules/2.4.18-0.22debug/kernel/dri+-1594763/96] 
lvm_chr_ioctl [lvm-mod] 0x715
 [<f883da75>] lvm_chr_ioctl [lvm-mod] 0x715
 
[eepro100:__insmod_eepro100_O/lib/modules/2.4.18-0.22debug/kernel/dri+-1555168/96] 
lv_req [lvm-mod] 0x0
 [<f8847520>] lv_req [lvm-mod] 0x0
 [locate_hd_struct+39/112] locate_hd_struct [kernel] 0x27
 [<c018ba97>] locate_hd_struct [kernel] 0x27
 [req_new_io+53/96] req_new_io [kernel] 0x35
 [<c018bbe5>] req_new_io [kernel] 0x35
 [kmem_cache_free+536/688] kmem_cache_free [kernel] 0x218
 [<c0131fe8>] kmem_cache_free [kernel] 0x218
 [sys_ioctl+535/560] sys_ioctl [kernel] 0x217
 [<c014a3e7>] sys_ioctl [kernel] 0x217
 [system_call+51/56] system_call [kernel] 0x33
 [<c0108923>] system_call [kernel] 0x33


 Code: 0f 0b 5d 58 31 c0 e9 a3 01 00 00 6a 02 53 e8 57 fe ff ff 5e

Comment 3 Stephen Tweedie 2002-04-16 11:21:03 EDT
Ugh, there's clearly an overflow possibility there.  We've checked in a fix for
the most obvious problem causing the oops.  What size of snapshot were you
trying to create?
Comment 4 Stephen Tweedie 2002-04-16 12:24:45 EDT
On Tue, Apr 16, 2002 at 08:56:33AM -0700, Thornton Prime wrote:

> 100M on a 18G volume (with 3G free), I believe. I actually tried a few
> different sizes in the same range and all oopsed.
Comment 5 Stephen Tweedie 2002-04-16 13:33:18 EDT
We've got a fix for the oops in our current tree.  I can reproduce the problem
with old kernels, and the current kernel seems to work OK.
Comment 6 Thornton Prime 2002-04-17 13:27:19 EDT
I'm not sure id 2.4.18-0.26smp is supposed to have the fix, but I got another
oops with the latest rawhide trying a 'lvcreate -s -n snap -L 100M /dev/vg01/lvol1'.



pr 16 10:19:36 abe kernel: kernel BUG at vmalloc.c:246!
Apr 16 10:19:36 abe kernel: invalid operand: 0000
Apr 16 10:19:36 abe kernel: sg e100 loop usb-ohci usbcore ext3 jbd lvm-mod ips
sd_mod scsi_mod  
Apr 16 10:19:36 abe kernel: CPU:    0
Apr 16 10:19:36 abe kernel: EIP:    0010:[__vmalloc+54/528]    Not tainted
Apr 16 10:19:36 abe kernel: EIP:    0010:[<c0136626>]    Not tainted
Apr 16 10:19:36 abe kernel: EFLAGS: 00010282
Apr 16 10:19:36 abe kernel: 
Apr 16 10:19:36 abe kernel: EIP is at __vmalloc [kernel] 0x36 (2.4.18-0.26smp)
Apr 16 10:19:36 abe kernel: eax: 0000001d   ebx: 00000000   ecx: c02fde80   edx:
00003ca4
Apr 16 10:19:36 abe kernel: esi: 00000000   edi: f6a99e00   ebp: fffffff4   esp:
f6a5fcd0
Apr 16 10:19:36 abe kernel: ds: 0018   es: 0018   ss: 0018
Apr 16 10:19:36 abe kernel: Process lvcreate (pid: 805, stackpage=f6a5f000)
Apr 16 10:19:36 abe kernel: Stack: c025399c 000000f6 00000000 c02ff37c c02ff37c
c02ff538 00000000 00000500 
Apr 16 10:19:36 abe kernel:        c013b702 00000001 00000000 00000000 f6a99e00
fffffff4 f8843735 00000000 
Apr 16 10:19:36 abe kernel:        000001f2 00000163 00000000 f6a99e00 f6a99f6c
f6a99e00 f88437ec f6a99e00 
Apr 16 10:19:36 abe kernel: Call Trace: [__alloc_pages+114/736] __alloc_pages
[kernel] 0x72 
Apr 16 10:19:36 abe kernel: Call Trace: [<c013b702>] __alloc_pages [kernel] 0x72 
Apr 16 10:19:36 abe kernel:
[e100:__insmod_e100_O/lib/modules/2.4.18-0.26smp/kernel/drivers/a+-1591499/96]
lvm_snapshot_alloc_hash_table [lvm-mod] 0x45 
Apr 16 10:19:36 abe kernel: [<f8843735>] lvm_snapshot_alloc_hash_table [lvm-mod]
0x45 
Apr 16 10:19:36 abe kernel:
[e100:__insmod_e100_O/lib/modules/2.4.18-0.26smp/kernel/drivers/a+-1591316/96]
lvm_snapshot_alloc [lvm-mod] 0x6c 
Apr 16 10:19:36 abe kernel: [<f88437ec>] lvm_snapshot_alloc [lvm-mod] 0x6c 
Apr 16 10:19:36 abe kernel:
[e100:__insmod_e100_O/lib/modules/2.4.18-0.26smp/kernel/drivers/a+-1600713/96]
lvm_do_lv_create [lvm-mod] 0x527 
Apr 16 10:19:36 abe kernel: [<f8841337>] lvm_do_lv_create [lvm-mod] 0x527 
Apr 16 10:19:36 abe kernel:
[e100:__insmod_e100_O/lib/modules/2.4.18-0.26smp/kernel/drivers/a+-1611115/96]
lvm_chr_ioctl [lvm-mod] 0x715 
Apr 16 10:19:36 abe kernel: [<f883ea95>] lvm_chr_ioctl [lvm-mod] 0x715 
Apr 16 10:19:36 abe kernel:
[e100:__insmod_e100_O/lib/modules/2.4.18-0.26smp/kernel/drivers/a+-1571008/96]
lv_req [lvm-mod] 0x0 
Apr 16 10:19:36 abe kernel: [<f8848740>] lv_req [lvm-mod] 0x0 
Apr 16 10:19:37 abe kernel:
[e100:__insmod_e100_O/lib/modules/2.4.18-0.26smp/kernel/drivers/a+-1660385/96]
ips_next [ips] 0x6ef 
Apr 16 10:19:37 abe kernel: [<f8832a1f>] ips_next [ips] 0x6ef 
Apr 16 10:19:37 abe kernel: [account_io_start+68/80] account_io_start [kernel] 0x44 
Apr 16 10:19:37 abe kernel: [<c0199b24>] account_io_start [kernel] 0x44 
Apr 16 10:19:37 abe kernel: [locate_hd_struct+39/112] locate_hd_struct [kernel]
0x27 
Apr 16 10:19:37 abe kernel: [<c0199a67>] locate_hd_struct [kernel] 0x27 
Apr 16 10:19:37 abe kernel: [sys_ioctl+599/670] sys_ioctl [kernel] 0x257 
Apr 16 10:19:37 abe kernel: [<c0153be7>] sys_ioctl [kernel] 0x257 
Apr 16 10:19:37 abe kernel: [system_call+51/56] system_call [kernel] 0x33 
Apr 16 10:19:37 abe kernel: [<c0108c6b>] system_call [kernel] 0x33 
Apr 16 10:19:37 abe kernel: 
Apr 16 10:19:37 abe kernel: 
Apr 16 10:19:37 abe kernel: Code: 0f 0b 5f 5d 31 c0 e9 c7 01 00 00 6a 02 53 e8
e7 fd ff ff 59 

Comment 7 Stephen Tweedie 2002-04-17 13:33:32 EDT
No, it was fixed after that build.

Note You need to log in before you can comment on or make changes to this bug.