I encountered this bug with the new Dapper kernel that was pushed last week. I have also attached the script I created which does the snapshots. ------------[ cut here ]------------ kernel BUG at drivers/md/kcopyd.c:145! invalid operand: 0000 [#1] SMP Modules linked in: ipt_ULOG ip_tables vmxnet vmhgfs dm_snapshot dm_mod lp ipv6 tsdev parport_pc floppy parport i2c_piix4 i2c_core psmouse serio_raw pcnet32 mii pcspkr intel_agp shpchp pci_hotplug agpgart sg evdev reiserfs ide_generic sd_mod mptspi mptscsih mptbase scsi_mod ide_cd cdrom piix generic thermal processor fan capability commoncap vga16fb vgastate fbcon tileblit font bitblit softcursor CPU: 0 EIP: 0060:[pg0+946189859/1069167616] Tainted: P VLI EFLAGS: 00010287 (2.6.15-28-server) EIP is at client_free_pages+0x33/0x40 [dm_mod] eax: 00000100 ebx: df84b900 ecx: c2378ac0 edx: 00000000 esi: f8b38080 edi: 00000000 ebp: 00000000 esp: d9cbfec0 ds: 007b es: 007b ss: 0068 Process lvremove (pid: 3380, threadinfo=d9cbe000 task=f3eb0a90) Stack: f8ab5b3f df84b900 f8ab71ab df84b900 f4840bc0 f8a74a8e df84b900 c2378900 f8b38080 f1076980 f8ab10f7 f8b38080 f1076980 f4012ec0 00000004 d9cbe000 f8ab3619 f1076980 00000000 f8abdbe0 f8a84000 f8ab3ec7 f4012ec0 00000000 Call Trace: [pg0+946187071/1069167616] dm_io_put+0xf/0x30 [dm_mod] [pg0+946192811/1069167616] kcopyd_client_destroy+0x1b/0x32 [dm_mod] [pg0+945920654/1069167616] snapshot_dtr+0x6e/0x80 [dm_snapshot] [pg0+946168055/1069167616] table_destroy+0x47/0xa0 [dm_mod] [pg0+946177561/1069167616] __hash_remove+0x79/0xa0 [dm_mod] [pg0+946179783/1069167616] dev_remove+0x47/0xd0 [dm_mod] [pg0+946185980/1069167616] ctl_ioctl+0x10c/0x160 [dm_mod] [pg0+946179712/1069167616] dev_remove+0x0/0xd0 [dm_mod] [do_ioctl+147/160] do_ioctl+0x93/0xa0 [vfs_ioctl+107/560] vfs_ioctl+0x6b/0x230 [sys_ioctl+136/160] sys_ioctl+0x88/0xa0 [sysenter_past_esp+84/117] sysenter_past_esp+0x54/0x75 Code: 8b 43 10 39 43 14 75 23 8b 43 0c 89 04 24 e8 35 ff ff ff c7 43 0c 00 00 00 00 c7 43 10 00 00 00 00 c7 43 14 00 00 00 00 58 5b c3 <0f> 0b 91 00 e4 74 ab f8 eb d3 8d 76 00 83 ec 18 31 c0 89 44 24 <1>Unable to handle kernel NULL pointer dereference at virtual address 00000010 printing eip: c01527b9 *pde = 00401001 Oops: 0000 [#2] SMP Modules linked in: ipt_ULOG ip_tables vmxnet vmhgfs dm_snapshot dm_mod lp ipv6 tsdev parport_pc floppy parport i2c_piix4 i2c_core psmouse serio_raw pcnet32 mii pcspkr intel_agp shpchp pci_hotplug agpgart sg evdev reiserfs ide_generic sd_mod mptspi mptscsih mptbase scsi_mod ide_cd cdrom piix generic thermal processor fan capability commoncap vga16fb vgastate fbcon tileblit font bitblit softcursor CPU: 0 EIP: 0060:[mempool_alloc+41/256] Tainted: P VLI EFLAGS: 00010206 (2.6.15-28-server) EIP is at mempool_alloc+0x29/0x100 eax: 00000000 ebx: 00000001 ecx: 00000010 edx: 00011200 esi: 00000000 edi: 00011210 ebp: 0000001c esp: c6b7de88 ds: 007b es: 007b ss: 0068 Process kcopyd (pid: 12062, threadinfo=c6b7c000 task=f3dfca90) Stack: 00000000 ee04f460 e6a9e394 00000001 f8ab5c80 f8ab5cb0 00000000 ee2e5620 00000001 e6a9e484 00000001 f8ab67b0 f8ab61d6 00000000 00000010 c200d060 cf977740 00000000 d9cbfd6c c6b7df00 e6a9e484 f8abdd68 00000000 f8ab6370 Call Trace: [pg0+946187392/1069167616] list_get_page+0x0/0x30 [dm_mod] [pg0+946187440/1069167616] list_next_page+0x0/0x20 [dm_mod] [pg0+946190256/1069167616] complete_io+0x0/0xc0 [dm_mod] [pg0+946188758/1069167616] async_io+0x96/0xf0 [dm_mod] [pg0+946189168/1069167616] dm_io_async+0x50/0x60 [dm_mod] [pg0+946190256/1069167616] complete_io+0x0/0xc0 [dm_mod] [pg0+946187392/1069167616] list_get_page+0x0/0x30 [dm_mod] [pg0+946187440/1069167616] list_next_page+0x0/0x20 [dm_mod] [pg0+946190583/1069167616] run_io_job+0x87/0x90 [dm_mod] [pg0+946190256/1069167616] complete_io+0x0/0xc0 [dm_mod] [pg0+946190775/1069167616] process_jobs+0x17/0xe0 [dm_mod] [pg0+946191042/1069167616] do_work+0x42/0x50 [dm_mod] [pg0+946190448/1069167616] run_io_job+0x0/0x90 [dm_mod] [worker_thread+435/624] worker_thread+0x1b3/0x270 [pg0+946190976/1069167616] do_work+0x0/0x50 [dm_mod] [default_wake_function+0/32] default_wake_function+0x0/0x20 [worker_thread+0/624] worker_thread+0x0/0x270 [kthread+200/208] kthread+0xc8/0xd0 [kthread+0/208] kthread+0x0/0xd0 [kernel_thread_helper+5/16] kernel_thread_helper+0x5/0x10 Code: 76 00 83 ec 30 89 7c 24 28 8b 7c 24 38 89 74 24 24 8b 74 24 34 89 6c 24 2c 89 5c 24 20 81 cf 00 12 01 00 89 fa 83 e2 af 8d 6e 1c <8b> 46 10 89 14 24 89 44 24 04 ff 56 14 85 c0 89 c3 74 16 89 d8 ver_linux --------- Linux mamo 2.6.15-28-server #1 SMP Thu Feb 1 16:58:14 UTC 2007 i686 GNU/Linux Gnu C 4.0.3 Gnu make 3.81beta4 binutils 2.16.91 util-linux 2.12r mount 2.12r module-init-tools 3.2.2 e2fsprogs 1.38 jfsutils 1.1.8 reiserfsprogs 3.6.19 reiser4progs 1.0.5 xfsprogs 2.7.7 PPP 2.4.4b1 Linux C Library 2.3.6 Dynamic linker (ldd) 2.3.6 Procps 3.2.6 Net-tools 1.60 Console-tools 0.2.3 Sh-utils 5.93 udev 079 Modules Loaded ipt_ULOG ip_tables vmxnet vmhgfs ipv6 dm_snapshot dm_mod lp tsdev parport_pc parport pcspkr floppy serio_raw pcnet32 mii psmouse i2c_piix4 i2c_core shpchp pci_hotplug intel_agp agpgart sg evdev reiserfs ide_generic sd_mod mptspi mptscsih mptbase scsi_mod ide_cd cdrom piix generic thermal processor fan capability commoncap vga16fb vgastate fbcon tileblit font bitblit softcursor zimbra-snapshot.sh -------------------------- #!/bin/bash # zimbra-snapshot # # Copyright 2007 Kris S. Amundson, OpenSourcery, LLC. # # Released under GPL version 2.0 or above. # http://www.gnu.org/licenses/gpl.txt # # This script: # * Umounts snapshot if mounted # * Removes snapshot if exist # * Stops Zimbra # * Creates new snapshot # * Starts Zimbra # * Mounts snapshot PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin # Volume Group (vg) VG=vg_sda2 # Logical Volume (lv) LV=opt # Snapshot Name SNAP_LV=opt.snap # Snapshot Size SIZE=4G # Mount location MOUNT=/opt.snap # Unmount current snapshot umount $MOUNT # Remove current snapshot lvremove -f /dev/$VG/$SNAP_LV # Shutdown zimbra /etc/init.d/zimbra stop # Sleep sleep 120 # Create snapshot lvcreate --snapshot --size $SIZE --name $SNAP_LV /dev/$VG/$LV # Start zimbra /etc/init.d/zimbra start # Mount snapshot mount /dev/$VG/$SNAP_LV $MOUNT