Re: [zfs-discuss] crash during snapshot operations

eric kustarz Fri, 23 Mar 2007 07:51:12 -0800


On Mar 23, 2007, at 6:13 AM, Łukasz wrote:

When I'm trying to do in kernel in zfs ioctl:
 1. snapshot destroy PREVIOS
 2. snapshot rename LATEST->PREVIOUS
 3. snapshot create LATEST

code is:
                /* delete previous snapshot */
                zfs_unmount_snap(snap_previous, NULL);
                dmu_objset_destroy(snap_previous);
                
                /* rename snapshot */
                zfs_unmount_snap(snap_latest, NULL);
                dmu_objset_rename(snap_latest, snap_previous);
                
                /* create snapshot */
                dmu_objset_snapshot(zc->zc_name,
                                                REPLICATE_SNAPSHOT_LATEST, 0);

I get kernel panic.

MDB

::status

debugging crash dump vmcore.3 (32-bit) from zfs.dev
operating system: 5.11 snv_56 (i86pc)

panic message: BAD TRAP: type=8 (#df Double fault) rp=fec244f8addr=d5904ffc

dump content: kernel pages only


This is most likely due to stack overflow.

You're stack is 0xd421cfac - 0xd421b04c = 0t8032 bytes.

The PAGESIZE on x86/x64 machines is 4k and the DEFAULTSTKSZ for 32bitis 8k (2 * PAGESIZE) and 20k (5 * PAGESIZE) for amd64. So you''veblown your stack of 8k. This is mostly due to:

6354519 stack overflow in zfs due to zio pipeline

Running on a 64bit machine would also help.

eric

This happens only when the ZFS filesystem is loaded with I/Ooperations.

( I copy studio11 folder on this filesystem. )

MDB ::stack show nothing, but walking threads I found:

stack pointer for thread d8ff9e00: d421b028

d421b04c zio_pop_transform+0x45(d9aba380, d421b090, d421b070,d421b078)

  d421b094 zio_clear_transform_stack+0x23(d9aba380)
  d421b200 zio_done+0x12b(d9aba380)
  d421b21c zio_next_stage+0x66(d9aba380)
  d421b230 zio_checksum_verify+0x17(d9aba380)
  d421b24c zio_next_stage+0x66(d9aba380)
  d421b26c zio_wait_for_children+0x46(d9aba380, 11, d9aba570)
  d421b280 zio_wait_children_done+0x18(d9aba380)
  d421b298 zio_next_stage+0x66(d9aba380)
  d421b2d0 zio_vdev_io_assess+0x11a(d9aba380)
  d421b2e8 zio_next_stage+0x66(d9aba380)
  d421b368 vdev_cache_read+0x157(d9aba380)
  d421b394 vdev_disk_io_start+0x35(d9aba380)
  d421b3a4 vdev_io_start+0x18(d9aba380)
  d421b3d0 zio_vdev_io_start+0x142(d9aba380)
  d421b3e4 zio_next_stage_async+0xac(d9aba380)
  d421b3f4 zio_nowait+0xe(d9aba380)
  d421b424 vdev_mirror_io_start+0x151(deab5cc0)
  d421b450 zio_vdev_io_start+0x14f(deab5cc0)
  d421b460 zio_next_stage+0x66(deab5cc0)
  d421b470 zio_ready+0x124(deab5cc0)
  d421b48c zio_next_stage+0x66(deab5cc0)
  d421b4ac zio_wait_for_children+0x46(deab5cc0, 1, deab5ea8)
  d421b4c0 zio_wait_children_ready+0x18(deab5cc0)
  d421b4d4 zio_next_stage_async+0xac(deab5cc0)
  d421b4e4 zio_nowait+0xe(deab5cc0)

d421b520 arc_read+0x3cc(d8a2cd00, da9f6ac0, d418e840, f9e55e5c,f9e249b0, d515c010)

  d421b590 dbuf_read_impl+0x11b(d515c010, d8a2cd00, d421b5cc)
  d421b5bc dbuf_read+0xa5(d515c010, d8a2cd00, 2)
  d421b5fc dmu_buf_hold+0x7c(d47cb854, 4, 0, 0, 0, 0)
  d421b654 zap_lockdir+0x38(d47cb854, 4, 0, 0, 1, 1)
  d421b690 zap_lookup+0x23(d47cb854, 4, 0, d421b6e0, 8, 0)

d421b804 dsl_dir_open_spa+0x10a(da9f6ac0, d8fde000, f9e7378f,d421b85c, d421b860)d421b864 dsl_dataset_open_spa+0x2c(0, d8fde000, 1, debe83c0,d421b938)

  d421b88c dsl_dataset_open+0x19(d8fde000, 1, debe83c0, d421b938)
  d421b940 dmu_objset_open+0x2e(d8fde000, 5, 1, d421b970)
  d421b974 dmu_objset_snapshot_one+0x2c(d8fde000, d421b998)
  d421bdb0 dmu_objset_snapshot+0xaf(d8fde000, d4c6a3e8, 0)
  d421c9e8 zfs_ioc_replicate_send+0x1ab(d8fde000)
  d421ce18 zfs_ioc_sendbackup+0x126()

d421ce40 zfsdev_ioctl+0x100(2d80000, 5a1e, 8046cac, 100003,d5938650, d421cf78)d421ce6c cdev_ioctl+0x2e(2d80000, 5a1e, 8046cac, 100003,d5938650, d421cf78)d421ce94 spec_ioctl+0x65(d6591780, 5a1e, 8046cac, 100003,d5938650, d421cf78)d421ced4 fop_ioctl+0x27(d6591780, 5a1e, 8046cac, 100003,d5938650, d421cf78)

  d421cf84 ioctl+0x151()
  d421cfac sys_sysenter+0x101()

$r

%cs = 0x0158            %eax = 0x00000000
%ds = 0x0160            %ebx = 0xe58abac0
%ss = 0x0160            %ecx = 0x00000000
%es = 0x0160            %edx = 0x00000018
%fs = 0x0000            %esi = 0x00000000
%gs = 0x01b0            %edi = 0x00000000

%eip = 0xfe8ebd71 kmem_free+0x111
%ebp = 0x00000000
%esp = 0xfec24530

%eflags = 0x00010246
  id=0 vip=0 vif=0 ac=0 vm=0 rf=1 nt=0 iopl=0x0
  status=<of,df,IF,tf,sf,ZF,af,PF,cf>

  %uesp = 0xd5905000
%trapno = 0x8
   %err = 0x0

I was trying to cause error from command line:

[EMAIL PROTECTED] ~]# zfs destroy solaris/[EMAIL PROTECTED] ; zfs renamesolaris/[EMAIL PROTECTED] solaris/[EMAIL PROTECTED]; zfs snapshot solaris/[EMAIL PROTECTED]


but without success.
Any idea ?


This message posted from opensolaris.org
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss


_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss

Re: [zfs-discuss] crash during snapshot operations

Reply via email to