xref: /titanic_44/usr/src/uts/common/fs/zfs/zio.c (revision 5c066ec28ea93f3a7c93082611a61747f255290a)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <sys/zfs_context.h>
27 #include <sys/fm/fs/zfs.h>
28 #include <sys/spa.h>
29 #include <sys/txg.h>
30 #include <sys/spa_impl.h>
31 #include <sys/vdev_impl.h>
32 #include <sys/zio_impl.h>
33 #include <sys/zio_compress.h>
34 #include <sys/zio_checksum.h>
35 
36 /*
37  * ==========================================================================
38  * I/O priority table
39  * ==========================================================================
40  */
41 uint8_t zio_priority_table[ZIO_PRIORITY_TABLE_SIZE] = {
42 	0,	/* ZIO_PRIORITY_NOW		*/
43 	0,	/* ZIO_PRIORITY_SYNC_READ	*/
44 	0,	/* ZIO_PRIORITY_SYNC_WRITE	*/
45 	6,	/* ZIO_PRIORITY_ASYNC_READ	*/
46 	4,	/* ZIO_PRIORITY_ASYNC_WRITE	*/
47 	4,	/* ZIO_PRIORITY_FREE		*/
48 	0,	/* ZIO_PRIORITY_CACHE_FILL	*/
49 	0,	/* ZIO_PRIORITY_LOG_WRITE	*/
50 	10,	/* ZIO_PRIORITY_RESILVER	*/
51 	20,	/* ZIO_PRIORITY_SCRUB		*/
52 };
53 
54 /*
55  * ==========================================================================
56  * I/O type descriptions
57  * ==========================================================================
58  */
59 char *zio_type_name[ZIO_TYPES] = {
60 	"null", "read", "write", "free", "claim", "ioctl" };
61 
62 #define	SYNC_PASS_DEFERRED_FREE	1	/* defer frees after this pass */
63 #define	SYNC_PASS_DONT_COMPRESS	4	/* don't compress after this pass */
64 #define	SYNC_PASS_REWRITE	1	/* rewrite new bps after this pass */
65 
66 /*
67  * ==========================================================================
68  * I/O kmem caches
69  * ==========================================================================
70  */
71 kmem_cache_t *zio_cache;
72 kmem_cache_t *zio_buf_cache[SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT];
73 kmem_cache_t *zio_data_buf_cache[SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT];
74 
75 #ifdef _KERNEL
76 extern vmem_t *zio_alloc_arena;
77 #endif
78 
79 /*
80  * An allocating zio is one that either currently has the DVA allocate
81  * stage set or will have it later in its lifetime.
82  */
83 #define	IO_IS_ALLOCATING(zio) \
84 	((zio)->io_orig_pipeline & (1U << ZIO_STAGE_DVA_ALLOCATE))
85 
86 void
87 zio_init(void)
88 {
89 	size_t c;
90 	vmem_t *data_alloc_arena = NULL;
91 
92 #ifdef _KERNEL
93 	data_alloc_arena = zio_alloc_arena;
94 #endif
95 	zio_cache = kmem_cache_create("zio_cache", sizeof (zio_t), 0,
96 	    NULL, NULL, NULL, NULL, NULL, 0);
97 
98 	/*
99 	 * For small buffers, we want a cache for each multiple of
100 	 * SPA_MINBLOCKSIZE.  For medium-size buffers, we want a cache
101 	 * for each quarter-power of 2.  For large buffers, we want
102 	 * a cache for each multiple of PAGESIZE.
103 	 */
104 	for (c = 0; c < SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT; c++) {
105 		size_t size = (c + 1) << SPA_MINBLOCKSHIFT;
106 		size_t p2 = size;
107 		size_t align = 0;
108 
109 		while (p2 & (p2 - 1))
110 			p2 &= p2 - 1;
111 
112 		if (size <= 4 * SPA_MINBLOCKSIZE) {
113 			align = SPA_MINBLOCKSIZE;
114 		} else if (P2PHASE(size, PAGESIZE) == 0) {
115 			align = PAGESIZE;
116 		} else if (P2PHASE(size, p2 >> 2) == 0) {
117 			align = p2 >> 2;
118 		}
119 
120 		if (align != 0) {
121 			char name[36];
122 			(void) sprintf(name, "zio_buf_%lu", (ulong_t)size);
123 			zio_buf_cache[c] = kmem_cache_create(name, size,
124 			    align, NULL, NULL, NULL, NULL, NULL, KMC_NODEBUG);
125 
126 			(void) sprintf(name, "zio_data_buf_%lu", (ulong_t)size);
127 			zio_data_buf_cache[c] = kmem_cache_create(name, size,
128 			    align, NULL, NULL, NULL, NULL, data_alloc_arena,
129 			    KMC_NODEBUG);
130 		}
131 	}
132 
133 	while (--c != 0) {
134 		ASSERT(zio_buf_cache[c] != NULL);
135 		if (zio_buf_cache[c - 1] == NULL)
136 			zio_buf_cache[c - 1] = zio_buf_cache[c];
137 
138 		ASSERT(zio_data_buf_cache[c] != NULL);
139 		if (zio_data_buf_cache[c - 1] == NULL)
140 			zio_data_buf_cache[c - 1] = zio_data_buf_cache[c];
141 	}
142 
143 	zio_inject_init();
144 }
145 
146 void
147 zio_fini(void)
148 {
149 	size_t c;
150 	kmem_cache_t *last_cache = NULL;
151 	kmem_cache_t *last_data_cache = NULL;
152 
153 	for (c = 0; c < SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT; c++) {
154 		if (zio_buf_cache[c] != last_cache) {
155 			last_cache = zio_buf_cache[c];
156 			kmem_cache_destroy(zio_buf_cache[c]);
157 		}
158 		zio_buf_cache[c] = NULL;
159 
160 		if (zio_data_buf_cache[c] != last_data_cache) {
161 			last_data_cache = zio_data_buf_cache[c];
162 			kmem_cache_destroy(zio_data_buf_cache[c]);
163 		}
164 		zio_data_buf_cache[c] = NULL;
165 	}
166 
167 	kmem_cache_destroy(zio_cache);
168 
169 	zio_inject_fini();
170 }
171 
172 /*
173  * ==========================================================================
174  * Allocate and free I/O buffers
175  * ==========================================================================
176  */
177 
178 /*
179  * Use zio_buf_alloc to allocate ZFS metadata.  This data will appear in a
180  * crashdump if the kernel panics, so use it judiciously.  Obviously, it's
181  * useful to inspect ZFS metadata, but if possible, we should avoid keeping
182  * excess / transient data in-core during a crashdump.
183  */
184 void *
185 zio_buf_alloc(size_t size)
186 {
187 	size_t c = (size - 1) >> SPA_MINBLOCKSHIFT;
188 
189 	ASSERT(c < SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT);
190 
191 	return (kmem_cache_alloc(zio_buf_cache[c], KM_PUSHPAGE));
192 }
193 
194 /*
195  * Use zio_data_buf_alloc to allocate data.  The data will not appear in a
196  * crashdump if the kernel panics.  This exists so that we will limit the amount
197  * of ZFS data that shows up in a kernel crashdump.  (Thus reducing the amount
198  * of kernel heap dumped to disk when the kernel panics)
199  */
200 void *
201 zio_data_buf_alloc(size_t size)
202 {
203 	size_t c = (size - 1) >> SPA_MINBLOCKSHIFT;
204 
205 	ASSERT(c < SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT);
206 
207 	return (kmem_cache_alloc(zio_data_buf_cache[c], KM_PUSHPAGE));
208 }
209 
210 void
211 zio_buf_free(void *buf, size_t size)
212 {
213 	size_t c = (size - 1) >> SPA_MINBLOCKSHIFT;
214 
215 	ASSERT(c < SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT);
216 
217 	kmem_cache_free(zio_buf_cache[c], buf);
218 }
219 
220 void
221 zio_data_buf_free(void *buf, size_t size)
222 {
223 	size_t c = (size - 1) >> SPA_MINBLOCKSHIFT;
224 
225 	ASSERT(c < SPA_MAXBLOCKSIZE >> SPA_MINBLOCKSHIFT);
226 
227 	kmem_cache_free(zio_data_buf_cache[c], buf);
228 }
229 
230 /*
231  * ==========================================================================
232  * Push and pop I/O transform buffers
233  * ==========================================================================
234  */
235 static void
236 zio_push_transform(zio_t *zio, void *data, uint64_t size, uint64_t bufsize,
237 	zio_transform_func_t *transform)
238 {
239 	zio_transform_t *zt = kmem_alloc(sizeof (zio_transform_t), KM_SLEEP);
240 
241 	zt->zt_orig_data = zio->io_data;
242 	zt->zt_orig_size = zio->io_size;
243 	zt->zt_bufsize = bufsize;
244 	zt->zt_transform = transform;
245 
246 	zt->zt_next = zio->io_transform_stack;
247 	zio->io_transform_stack = zt;
248 
249 	zio->io_data = data;
250 	zio->io_size = size;
251 }
252 
253 static void
254 zio_pop_transforms(zio_t *zio)
255 {
256 	zio_transform_t *zt;
257 
258 	while ((zt = zio->io_transform_stack) != NULL) {
259 		if (zt->zt_transform != NULL)
260 			zt->zt_transform(zio,
261 			    zt->zt_orig_data, zt->zt_orig_size);
262 
263 		zio_buf_free(zio->io_data, zt->zt_bufsize);
264 
265 		zio->io_data = zt->zt_orig_data;
266 		zio->io_size = zt->zt_orig_size;
267 		zio->io_transform_stack = zt->zt_next;
268 
269 		kmem_free(zt, sizeof (zio_transform_t));
270 	}
271 }
272 
273 /*
274  * ==========================================================================
275  * I/O transform callbacks for subblocks and decompression
276  * ==========================================================================
277  */
278 static void
279 zio_subblock(zio_t *zio, void *data, uint64_t size)
280 {
281 	ASSERT(zio->io_size > size);
282 
283 	if (zio->io_type == ZIO_TYPE_READ)
284 		bcopy(zio->io_data, data, size);
285 }
286 
287 static void
288 zio_decompress(zio_t *zio, void *data, uint64_t size)
289 {
290 	if (zio->io_error == 0 &&
291 	    zio_decompress_data(BP_GET_COMPRESS(zio->io_bp),
292 	    zio->io_data, zio->io_size, data, size) != 0)
293 		zio->io_error = EIO;
294 }
295 
296 /*
297  * ==========================================================================
298  * I/O parent/child relationships and pipeline interlocks
299  * ==========================================================================
300  */
301 
302 static void
303 zio_add_child(zio_t *pio, zio_t *zio)
304 {
305 	mutex_enter(&pio->io_lock);
306 	if (zio->io_stage < ZIO_STAGE_READY)
307 		pio->io_children[zio->io_child_type][ZIO_WAIT_READY]++;
308 	if (zio->io_stage < ZIO_STAGE_DONE)
309 		pio->io_children[zio->io_child_type][ZIO_WAIT_DONE]++;
310 	zio->io_sibling_prev = NULL;
311 	zio->io_sibling_next = pio->io_child;
312 	if (pio->io_child != NULL)
313 		pio->io_child->io_sibling_prev = zio;
314 	pio->io_child = zio;
315 	zio->io_parent = pio;
316 	mutex_exit(&pio->io_lock);
317 }
318 
319 static void
320 zio_remove_child(zio_t *pio, zio_t *zio)
321 {
322 	zio_t *next, *prev;
323 
324 	ASSERT(zio->io_parent == pio);
325 
326 	mutex_enter(&pio->io_lock);
327 	next = zio->io_sibling_next;
328 	prev = zio->io_sibling_prev;
329 	if (next != NULL)
330 		next->io_sibling_prev = prev;
331 	if (prev != NULL)
332 		prev->io_sibling_next = next;
333 	if (pio->io_child == zio)
334 		pio->io_child = next;
335 	mutex_exit(&pio->io_lock);
336 }
337 
338 static boolean_t
339 zio_wait_for_children(zio_t *zio, enum zio_child child, enum zio_wait_type wait)
340 {
341 	uint64_t *countp = &zio->io_children[child][wait];
342 	boolean_t waiting = B_FALSE;
343 
344 	mutex_enter(&zio->io_lock);
345 	ASSERT(zio->io_stall == NULL);
346 	if (*countp != 0) {
347 		zio->io_stage--;
348 		zio->io_stall = countp;
349 		waiting = B_TRUE;
350 	}
351 	mutex_exit(&zio->io_lock);
352 
353 	return (waiting);
354 }
355 
356 static void
357 zio_notify_parent(zio_t *pio, zio_t *zio, enum zio_wait_type wait)
358 {
359 	uint64_t *countp = &pio->io_children[zio->io_child_type][wait];
360 	int *errorp = &pio->io_child_error[zio->io_child_type];
361 
362 	mutex_enter(&pio->io_lock);
363 	if (zio->io_error && !(zio->io_flags & ZIO_FLAG_DONT_PROPAGATE))
364 		*errorp = zio_worst_error(*errorp, zio->io_error);
365 	pio->io_reexecute |= zio->io_reexecute;
366 	ASSERT3U(*countp, >, 0);
367 	if (--*countp == 0 && pio->io_stall == countp) {
368 		pio->io_stall = NULL;
369 		mutex_exit(&pio->io_lock);
370 		zio_execute(pio);
371 	} else {
372 		mutex_exit(&pio->io_lock);
373 	}
374 }
375 
376 static void
377 zio_inherit_child_errors(zio_t *zio, enum zio_child c)
378 {
379 	if (zio->io_child_error[c] != 0 && zio->io_error == 0)
380 		zio->io_error = zio->io_child_error[c];
381 }
382 
383 /*
384  * ==========================================================================
385  * Create the various types of I/O (read, write, free, etc)
386  * ==========================================================================
387  */
388 static zio_t *
389 zio_create(zio_t *pio, spa_t *spa, uint64_t txg, blkptr_t *bp,
390     void *data, uint64_t size, zio_done_func_t *done, void *private,
391     zio_type_t type, int priority, int flags, vdev_t *vd, uint64_t offset,
392     const zbookmark_t *zb, uint8_t stage, uint32_t pipeline)
393 {
394 	zio_t *zio;
395 
396 	ASSERT3U(size, <=, SPA_MAXBLOCKSIZE);
397 	ASSERT(P2PHASE(size, SPA_MINBLOCKSIZE) == 0);
398 	ASSERT(P2PHASE(offset, SPA_MINBLOCKSIZE) == 0);
399 
400 	ASSERT(!vd || spa_config_held(spa, SCL_STATE_ALL, RW_READER));
401 	ASSERT(!bp || !(flags & ZIO_FLAG_CONFIG_WRITER));
402 	ASSERT(vd || stage == ZIO_STAGE_OPEN);
403 
404 	zio = kmem_cache_alloc(zio_cache, KM_SLEEP);
405 	bzero(zio, sizeof (zio_t));
406 
407 	mutex_init(&zio->io_lock, NULL, MUTEX_DEFAULT, NULL);
408 	cv_init(&zio->io_cv, NULL, CV_DEFAULT, NULL);
409 
410 	if (vd != NULL)
411 		zio->io_child_type = ZIO_CHILD_VDEV;
412 	else if (flags & ZIO_FLAG_GANG_CHILD)
413 		zio->io_child_type = ZIO_CHILD_GANG;
414 	else
415 		zio->io_child_type = ZIO_CHILD_LOGICAL;
416 
417 	if (bp != NULL) {
418 		zio->io_bp = bp;
419 		zio->io_bp_copy = *bp;
420 		zio->io_bp_orig = *bp;
421 		if (type != ZIO_TYPE_WRITE)
422 			zio->io_bp = &zio->io_bp_copy;	/* so caller can free */
423 		if (zio->io_child_type == ZIO_CHILD_LOGICAL) {
424 			if (BP_IS_GANG(bp))
425 				pipeline |= ZIO_GANG_STAGES;
426 			zio->io_logical = zio;
427 		}
428 	}
429 
430 	zio->io_spa = spa;
431 	zio->io_txg = txg;
432 	zio->io_data = data;
433 	zio->io_size = size;
434 	zio->io_done = done;
435 	zio->io_private = private;
436 	zio->io_type = type;
437 	zio->io_priority = priority;
438 	zio->io_vd = vd;
439 	zio->io_offset = offset;
440 	zio->io_orig_flags = zio->io_flags = flags;
441 	zio->io_orig_stage = zio->io_stage = stage;
442 	zio->io_orig_pipeline = zio->io_pipeline = pipeline;
443 
444 	if (zb != NULL)
445 		zio->io_bookmark = *zb;
446 
447 	if (pio != NULL) {
448 		/*
449 		 * Logical I/Os can have logical, gang, or vdev children.
450 		 * Gang I/Os can have gang or vdev children.
451 		 * Vdev I/Os can only have vdev children.
452 		 * The following ASSERT captures all of these constraints.
453 		 */
454 		ASSERT(zio->io_child_type <= pio->io_child_type);
455 		if (zio->io_logical == NULL)
456 			zio->io_logical = pio->io_logical;
457 		zio_add_child(pio, zio);
458 	}
459 
460 	return (zio);
461 }
462 
463 static void
464 zio_destroy(zio_t *zio)
465 {
466 	spa_t *spa = zio->io_spa;
467 	uint8_t async_root = zio->io_async_root;
468 
469 	mutex_destroy(&zio->io_lock);
470 	cv_destroy(&zio->io_cv);
471 	kmem_cache_free(zio_cache, zio);
472 
473 	if (async_root) {
474 		mutex_enter(&spa->spa_async_root_lock);
475 		if (--spa->spa_async_root_count == 0)
476 			cv_broadcast(&spa->spa_async_root_cv);
477 		mutex_exit(&spa->spa_async_root_lock);
478 	}
479 }
480 
481 zio_t *
482 zio_null(zio_t *pio, spa_t *spa, zio_done_func_t *done, void *private,
483 	int flags)
484 {
485 	zio_t *zio;
486 
487 	zio = zio_create(pio, spa, 0, NULL, NULL, 0, done, private,
488 	    ZIO_TYPE_NULL, ZIO_PRIORITY_NOW, flags, NULL, 0, NULL,
489 	    ZIO_STAGE_OPEN, ZIO_INTERLOCK_PIPELINE);
490 
491 	return (zio);
492 }
493 
494 zio_t *
495 zio_root(spa_t *spa, zio_done_func_t *done, void *private, int flags)
496 {
497 	return (zio_null(NULL, spa, done, private, flags));
498 }
499 
500 zio_t *
501 zio_read(zio_t *pio, spa_t *spa, const blkptr_t *bp,
502     void *data, uint64_t size, zio_done_func_t *done, void *private,
503     int priority, int flags, const zbookmark_t *zb)
504 {
505 	zio_t *zio;
506 
507 	zio = zio_create(pio, spa, bp->blk_birth, (blkptr_t *)bp,
508 	    data, size, done, private,
509 	    ZIO_TYPE_READ, priority, flags, NULL, 0, zb,
510 	    ZIO_STAGE_OPEN, ZIO_READ_PIPELINE);
511 
512 	return (zio);
513 }
514 
515 void
516 zio_skip_write(zio_t *zio)
517 {
518 	ASSERT(zio->io_type == ZIO_TYPE_WRITE);
519 	ASSERT(zio->io_stage == ZIO_STAGE_READY);
520 	ASSERT(!BP_IS_GANG(zio->io_bp));
521 
522 	zio->io_pipeline &= ~ZIO_VDEV_IO_STAGES;
523 }
524 
525 zio_t *
526 zio_write(zio_t *pio, spa_t *spa, uint64_t txg, blkptr_t *bp,
527     void *data, uint64_t size, zio_prop_t *zp,
528     zio_done_func_t *ready, zio_done_func_t *done, void *private,
529     int priority, int flags, const zbookmark_t *zb)
530 {
531 	zio_t *zio;
532 
533 	ASSERT(zp->zp_checksum >= ZIO_CHECKSUM_OFF &&
534 	    zp->zp_checksum < ZIO_CHECKSUM_FUNCTIONS &&
535 	    zp->zp_compress >= ZIO_COMPRESS_OFF &&
536 	    zp->zp_compress < ZIO_COMPRESS_FUNCTIONS &&
537 	    zp->zp_type < DMU_OT_NUMTYPES &&
538 	    zp->zp_level < 32 &&
539 	    zp->zp_ndvas > 0 &&
540 	    zp->zp_ndvas <= spa_max_replication(spa));
541 	ASSERT(ready != NULL);
542 
543 	zio = zio_create(pio, spa, txg, bp, data, size, done, private,
544 	    ZIO_TYPE_WRITE, priority, flags, NULL, 0, zb,
545 	    ZIO_STAGE_OPEN, ZIO_WRITE_PIPELINE);
546 
547 	zio->io_ready = ready;
548 	zio->io_prop = *zp;
549 
550 	return (zio);
551 }
552 
553 zio_t *
554 zio_rewrite(zio_t *pio, spa_t *spa, uint64_t txg, blkptr_t *bp, void *data,
555     uint64_t size, zio_done_func_t *done, void *private, int priority,
556     int flags, zbookmark_t *zb)
557 {
558 	zio_t *zio;
559 
560 	zio = zio_create(pio, spa, txg, bp, data, size, done, private,
561 	    ZIO_TYPE_WRITE, priority, flags, NULL, 0, zb,
562 	    ZIO_STAGE_OPEN, ZIO_REWRITE_PIPELINE);
563 
564 	return (zio);
565 }
566 
567 zio_t *
568 zio_free(zio_t *pio, spa_t *spa, uint64_t txg, blkptr_t *bp,
569     zio_done_func_t *done, void *private, int flags)
570 {
571 	zio_t *zio;
572 
573 	ASSERT(!BP_IS_HOLE(bp));
574 
575 	if (bp->blk_fill == BLK_FILL_ALREADY_FREED)
576 		return (zio_null(pio, spa, NULL, NULL, flags));
577 
578 	if (txg == spa->spa_syncing_txg &&
579 	    spa_sync_pass(spa) > SYNC_PASS_DEFERRED_FREE) {
580 		bplist_enqueue_deferred(&spa->spa_sync_bplist, bp);
581 		return (zio_null(pio, spa, NULL, NULL, flags));
582 	}
583 
584 	zio = zio_create(pio, spa, txg, bp, NULL, BP_GET_PSIZE(bp),
585 	    done, private, ZIO_TYPE_FREE, ZIO_PRIORITY_FREE, flags,
586 	    NULL, 0, NULL, ZIO_STAGE_OPEN, ZIO_FREE_PIPELINE);
587 
588 	return (zio);
589 }
590 
591 zio_t *
592 zio_claim(zio_t *pio, spa_t *spa, uint64_t txg, blkptr_t *bp,
593     zio_done_func_t *done, void *private, int flags)
594 {
595 	zio_t *zio;
596 
597 	/*
598 	 * A claim is an allocation of a specific block.  Claims are needed
599 	 * to support immediate writes in the intent log.  The issue is that
600 	 * immediate writes contain committed data, but in a txg that was
601 	 * *not* committed.  Upon opening the pool after an unclean shutdown,
602 	 * the intent log claims all blocks that contain immediate write data
603 	 * so that the SPA knows they're in use.
604 	 *
605 	 * All claims *must* be resolved in the first txg -- before the SPA
606 	 * starts allocating blocks -- so that nothing is allocated twice.
607 	 */
608 	ASSERT3U(spa->spa_uberblock.ub_rootbp.blk_birth, <, spa_first_txg(spa));
609 	ASSERT3U(spa_first_txg(spa), <=, txg);
610 
611 	zio = zio_create(pio, spa, txg, bp, NULL, BP_GET_PSIZE(bp),
612 	    done, private, ZIO_TYPE_CLAIM, ZIO_PRIORITY_NOW, flags,
613 	    NULL, 0, NULL, ZIO_STAGE_OPEN, ZIO_CLAIM_PIPELINE);
614 
615 	return (zio);
616 }
617 
618 zio_t *
619 zio_ioctl(zio_t *pio, spa_t *spa, vdev_t *vd, int cmd,
620     zio_done_func_t *done, void *private, int priority, int flags)
621 {
622 	zio_t *zio;
623 	int c;
624 
625 	if (vd->vdev_children == 0) {
626 		zio = zio_create(pio, spa, 0, NULL, NULL, 0, done, private,
627 		    ZIO_TYPE_IOCTL, priority, flags, vd, 0, NULL,
628 		    ZIO_STAGE_OPEN, ZIO_IOCTL_PIPELINE);
629 
630 		zio->io_cmd = cmd;
631 	} else {
632 		zio = zio_null(pio, spa, NULL, NULL, flags);
633 
634 		for (c = 0; c < vd->vdev_children; c++)
635 			zio_nowait(zio_ioctl(zio, spa, vd->vdev_child[c], cmd,
636 			    done, private, priority, flags));
637 	}
638 
639 	return (zio);
640 }
641 
642 zio_t *
643 zio_read_phys(zio_t *pio, vdev_t *vd, uint64_t offset, uint64_t size,
644     void *data, int checksum, zio_done_func_t *done, void *private,
645     int priority, int flags, boolean_t labels)
646 {
647 	zio_t *zio;
648 
649 	ASSERT(vd->vdev_children == 0);
650 	ASSERT(!labels || offset + size <= VDEV_LABEL_START_SIZE ||
651 	    offset >= vd->vdev_psize - VDEV_LABEL_END_SIZE);
652 	ASSERT3U(offset + size, <=, vd->vdev_psize);
653 
654 	zio = zio_create(pio, vd->vdev_spa, 0, NULL, data, size, done, private,
655 	    ZIO_TYPE_READ, priority, flags, vd, offset, NULL,
656 	    ZIO_STAGE_OPEN, ZIO_READ_PHYS_PIPELINE);
657 
658 	zio->io_prop.zp_checksum = checksum;
659 
660 	return (zio);
661 }
662 
663 zio_t *
664 zio_write_phys(zio_t *pio, vdev_t *vd, uint64_t offset, uint64_t size,
665     void *data, int checksum, zio_done_func_t *done, void *private,
666     int priority, int flags, boolean_t labels)
667 {
668 	zio_t *zio;
669 
670 	ASSERT(vd->vdev_children == 0);
671 	ASSERT(!labels || offset + size <= VDEV_LABEL_START_SIZE ||
672 	    offset >= vd->vdev_psize - VDEV_LABEL_END_SIZE);
673 	ASSERT3U(offset + size, <=, vd->vdev_psize);
674 
675 	zio = zio_create(pio, vd->vdev_spa, 0, NULL, data, size, done, private,
676 	    ZIO_TYPE_WRITE, priority, flags, vd, offset, NULL,
677 	    ZIO_STAGE_OPEN, ZIO_WRITE_PHYS_PIPELINE);
678 
679 	zio->io_prop.zp_checksum = checksum;
680 
681 	if (zio_checksum_table[checksum].ci_zbt) {
682 		/*
683 		 * zbt checksums are necessarily destructive -- they modify
684 		 * the end of the write buffer to hold the verifier/checksum.
685 		 * Therefore, we must make a local copy in case the data is
686 		 * being written to multiple places in parallel.
687 		 */
688 		void *wbuf = zio_buf_alloc(size);
689 		bcopy(data, wbuf, size);
690 		zio_push_transform(zio, wbuf, size, size, NULL);
691 	}
692 
693 	return (zio);
694 }
695 
696 /*
697  * Create a child I/O to do some work for us.
698  */
699 zio_t *
700 zio_vdev_child_io(zio_t *pio, blkptr_t *bp, vdev_t *vd, uint64_t offset,
701 	void *data, uint64_t size, int type, int priority, int flags,
702 	zio_done_func_t *done, void *private)
703 {
704 	uint32_t pipeline = ZIO_VDEV_CHILD_PIPELINE;
705 	zio_t *zio;
706 
707 	ASSERT(vd->vdev_parent ==
708 	    (pio->io_vd ? pio->io_vd : pio->io_spa->spa_root_vdev));
709 
710 	if (type == ZIO_TYPE_READ && bp != NULL) {
711 		/*
712 		 * If we have the bp, then the child should perform the
713 		 * checksum and the parent need not.  This pushes error
714 		 * detection as close to the leaves as possible and
715 		 * eliminates redundant checksums in the interior nodes.
716 		 */
717 		pipeline |= 1U << ZIO_STAGE_CHECKSUM_VERIFY;
718 		pio->io_pipeline &= ~(1U << ZIO_STAGE_CHECKSUM_VERIFY);
719 	}
720 
721 	if (vd->vdev_children == 0)
722 		offset += VDEV_LABEL_START_SIZE;
723 
724 	zio = zio_create(pio, pio->io_spa, pio->io_txg, bp, data, size,
725 	    done, private, type, priority,
726 	    (pio->io_flags & ZIO_FLAG_VDEV_INHERIT) |
727 	    ZIO_FLAG_CANFAIL | ZIO_FLAG_DONT_PROPAGATE | flags,
728 	    vd, offset, &pio->io_bookmark,
729 	    ZIO_STAGE_VDEV_IO_START - 1, pipeline);
730 
731 	return (zio);
732 }
733 
734 zio_t *
735 zio_vdev_delegated_io(vdev_t *vd, uint64_t offset, void *data, uint64_t size,
736 	int type, int priority, int flags, zio_done_func_t *done, void *private)
737 {
738 	zio_t *zio;
739 
740 	ASSERT(vd->vdev_ops->vdev_op_leaf);
741 
742 	zio = zio_create(NULL, vd->vdev_spa, 0, NULL,
743 	    data, size, done, private, type, priority,
744 	    flags | ZIO_FLAG_CANFAIL | ZIO_FLAG_DONT_RETRY,
745 	    vd, offset, NULL,
746 	    ZIO_STAGE_VDEV_IO_START - 1, ZIO_VDEV_CHILD_PIPELINE);
747 
748 	return (zio);
749 }
750 
751 void
752 zio_flush(zio_t *zio, vdev_t *vd)
753 {
754 	zio_nowait(zio_ioctl(zio, zio->io_spa, vd, DKIOCFLUSHWRITECACHE,
755 	    NULL, NULL, ZIO_PRIORITY_NOW,
756 	    ZIO_FLAG_CANFAIL | ZIO_FLAG_DONT_PROPAGATE | ZIO_FLAG_DONT_RETRY));
757 }
758 
759 /*
760  * ==========================================================================
761  * Prepare to read and write logical blocks
762  * ==========================================================================
763  */
764 
765 static int
766 zio_read_bp_init(zio_t *zio)
767 {
768 	blkptr_t *bp = zio->io_bp;
769 
770 	if (BP_GET_COMPRESS(bp) != ZIO_COMPRESS_OFF &&
771 	    zio->io_logical == zio && !(zio->io_flags & ZIO_FLAG_RAW)) {
772 		uint64_t csize = BP_GET_PSIZE(bp);
773 		void *cbuf = zio_buf_alloc(csize);
774 
775 		zio_push_transform(zio, cbuf, csize, csize, zio_decompress);
776 	}
777 
778 	if (!dmu_ot[BP_GET_TYPE(bp)].ot_metadata && BP_GET_LEVEL(bp) == 0)
779 		zio->io_flags |= ZIO_FLAG_DONT_CACHE;
780 
781 	return (ZIO_PIPELINE_CONTINUE);
782 }
783 
784 static int
785 zio_write_bp_init(zio_t *zio)
786 {
787 	zio_prop_t *zp = &zio->io_prop;
788 	int compress = zp->zp_compress;
789 	blkptr_t *bp = zio->io_bp;
790 	void *cbuf;
791 	uint64_t lsize = zio->io_size;
792 	uint64_t csize = lsize;
793 	uint64_t cbufsize = 0;
794 	int pass = 1;
795 
796 	/*
797 	 * If our children haven't all reached the ready stage,
798 	 * wait for them and then repeat this pipeline stage.
799 	 */
800 	if (zio_wait_for_children(zio, ZIO_CHILD_GANG, ZIO_WAIT_READY) ||
801 	    zio_wait_for_children(zio, ZIO_CHILD_LOGICAL, ZIO_WAIT_READY))
802 		return (ZIO_PIPELINE_STOP);
803 
804 	if (!IO_IS_ALLOCATING(zio))
805 		return (ZIO_PIPELINE_CONTINUE);
806 
807 	ASSERT(compress != ZIO_COMPRESS_INHERIT);
808 
809 	if (bp->blk_birth == zio->io_txg) {
810 		/*
811 		 * We're rewriting an existing block, which means we're
812 		 * working on behalf of spa_sync().  For spa_sync() to
813 		 * converge, it must eventually be the case that we don't
814 		 * have to allocate new blocks.  But compression changes
815 		 * the blocksize, which forces a reallocate, and makes
816 		 * convergence take longer.  Therefore, after the first
817 		 * few passes, stop compressing to ensure convergence.
818 		 */
819 		pass = spa_sync_pass(zio->io_spa);
820 		ASSERT(pass > 1);
821 
822 		if (pass > SYNC_PASS_DONT_COMPRESS)
823 			compress = ZIO_COMPRESS_OFF;
824 
825 		/*
826 		 * Only MOS (objset 0) data should need to be rewritten.
827 		 */
828 		ASSERT(zio->io_logical->io_bookmark.zb_objset == 0);
829 
830 		/* Make sure someone doesn't change their mind on overwrites */
831 		ASSERT(MIN(zp->zp_ndvas + BP_IS_GANG(bp),
832 		    spa_max_replication(zio->io_spa)) == BP_GET_NDVAS(bp));
833 	}
834 
835 	if (compress != ZIO_COMPRESS_OFF) {
836 		if (!zio_compress_data(compress, zio->io_data, zio->io_size,
837 		    &cbuf, &csize, &cbufsize)) {
838 			compress = ZIO_COMPRESS_OFF;
839 		} else if (csize != 0) {
840 			zio_push_transform(zio, cbuf, csize, cbufsize, NULL);
841 		}
842 	}
843 
844 	/*
845 	 * The final pass of spa_sync() must be all rewrites, but the first
846 	 * few passes offer a trade-off: allocating blocks defers convergence,
847 	 * but newly allocated blocks are sequential, so they can be written
848 	 * to disk faster.  Therefore, we allow the first few passes of
849 	 * spa_sync() to allocate new blocks, but force rewrites after that.
850 	 * There should only be a handful of blocks after pass 1 in any case.
851 	 */
852 	if (bp->blk_birth == zio->io_txg && BP_GET_PSIZE(bp) == csize &&
853 	    pass > SYNC_PASS_REWRITE) {
854 		ASSERT(csize != 0);
855 		uint32_t gang_stages = zio->io_pipeline & ZIO_GANG_STAGES;
856 		zio->io_pipeline = ZIO_REWRITE_PIPELINE | gang_stages;
857 		zio->io_flags |= ZIO_FLAG_IO_REWRITE;
858 	} else {
859 		BP_ZERO(bp);
860 		zio->io_pipeline = ZIO_WRITE_PIPELINE;
861 	}
862 
863 	if (csize == 0) {
864 		zio->io_pipeline = ZIO_INTERLOCK_PIPELINE;
865 	} else {
866 		ASSERT(zp->zp_checksum != ZIO_CHECKSUM_GANG_HEADER);
867 		BP_SET_LSIZE(bp, lsize);
868 		BP_SET_PSIZE(bp, csize);
869 		BP_SET_COMPRESS(bp, compress);
870 		BP_SET_CHECKSUM(bp, zp->zp_checksum);
871 		BP_SET_TYPE(bp, zp->zp_type);
872 		BP_SET_LEVEL(bp, zp->zp_level);
873 		BP_SET_BYTEORDER(bp, ZFS_HOST_BYTEORDER);
874 	}
875 
876 	return (ZIO_PIPELINE_CONTINUE);
877 }
878 
879 /*
880  * ==========================================================================
881  * Execute the I/O pipeline
882  * ==========================================================================
883  */
884 
885 static void
886 zio_taskq_dispatch(zio_t *zio, enum zio_taskq_type q)
887 {
888 	zio_type_t t = zio->io_type;
889 
890 	/*
891 	 * If we're a config writer, the normal issue and interrupt threads
892 	 * may all be blocked waiting for the config lock.  In this case,
893 	 * select the otherwise-unused taskq for ZIO_TYPE_NULL.
894 	 */
895 	if (zio->io_flags & ZIO_FLAG_CONFIG_WRITER)
896 		t = ZIO_TYPE_NULL;
897 
898 	/*
899 	 * A similar issue exists for the L2ARC write thread until L2ARC 2.0.
900 	 */
901 	if (t == ZIO_TYPE_WRITE && zio->io_vd && zio->io_vd->vdev_aux)
902 		t = ZIO_TYPE_NULL;
903 
904 	(void) taskq_dispatch(zio->io_spa->spa_zio_taskq[t][q],
905 	    (task_func_t *)zio_execute, zio, TQ_SLEEP);
906 }
907 
908 static boolean_t
909 zio_taskq_member(zio_t *zio, enum zio_taskq_type q)
910 {
911 	kthread_t *executor = zio->io_executor;
912 	spa_t *spa = zio->io_spa;
913 
914 	for (zio_type_t t = 0; t < ZIO_TYPES; t++)
915 		if (taskq_member(spa->spa_zio_taskq[t][q], executor))
916 			return (B_TRUE);
917 
918 	return (B_FALSE);
919 }
920 
921 static int
922 zio_issue_async(zio_t *zio)
923 {
924 	zio_taskq_dispatch(zio, ZIO_TASKQ_ISSUE);
925 
926 	return (ZIO_PIPELINE_STOP);
927 }
928 
929 void
930 zio_interrupt(zio_t *zio)
931 {
932 	zio_taskq_dispatch(zio, ZIO_TASKQ_INTERRUPT);
933 }
934 
935 /*
936  * Execute the I/O pipeline until one of the following occurs:
937  * (1) the I/O completes; (2) the pipeline stalls waiting for
938  * dependent child I/Os; (3) the I/O issues, so we're waiting
939  * for an I/O completion interrupt; (4) the I/O is delegated by
940  * vdev-level caching or aggregation; (5) the I/O is deferred
941  * due to vdev-level queueing; (6) the I/O is handed off to
942  * another thread.  In all cases, the pipeline stops whenever
943  * there's no CPU work; it never burns a thread in cv_wait().
944  *
945  * There's no locking on io_stage because there's no legitimate way
946  * for multiple threads to be attempting to process the same I/O.
947  */
948 static zio_pipe_stage_t *zio_pipeline[ZIO_STAGES];
949 
950 void
951 zio_execute(zio_t *zio)
952 {
953 	zio->io_executor = curthread;
954 
955 	while (zio->io_stage < ZIO_STAGE_DONE) {
956 		uint32_t pipeline = zio->io_pipeline;
957 		zio_stage_t stage = zio->io_stage;
958 		int rv;
959 
960 		ASSERT(!MUTEX_HELD(&zio->io_lock));
961 
962 		while (((1U << ++stage) & pipeline) == 0)
963 			continue;
964 
965 		ASSERT(stage <= ZIO_STAGE_DONE);
966 		ASSERT(zio->io_stall == NULL);
967 
968 		/*
969 		 * If we are in interrupt context and this pipeline stage
970 		 * will grab a config lock that is held across I/O,
971 		 * issue async to avoid deadlock.
972 		 */
973 		if (((1U << stage) & ZIO_CONFIG_LOCK_BLOCKING_STAGES) &&
974 		    zio->io_vd == NULL &&
975 		    zio_taskq_member(zio, ZIO_TASKQ_INTERRUPT)) {
976 			zio_taskq_dispatch(zio, ZIO_TASKQ_ISSUE);
977 			return;
978 		}
979 
980 		zio->io_stage = stage;
981 		rv = zio_pipeline[stage](zio);
982 
983 		if (rv == ZIO_PIPELINE_STOP)
984 			return;
985 
986 		ASSERT(rv == ZIO_PIPELINE_CONTINUE);
987 	}
988 }
989 
990 /*
991  * ==========================================================================
992  * Initiate I/O, either sync or async
993  * ==========================================================================
994  */
995 int
996 zio_wait(zio_t *zio)
997 {
998 	int error;
999 
1000 	ASSERT(zio->io_stage == ZIO_STAGE_OPEN);
1001 	ASSERT(zio->io_executor == NULL);
1002 
1003 	zio->io_waiter = curthread;
1004 
1005 	zio_execute(zio);
1006 
1007 	mutex_enter(&zio->io_lock);
1008 	while (zio->io_executor != NULL)
1009 		cv_wait(&zio->io_cv, &zio->io_lock);
1010 	mutex_exit(&zio->io_lock);
1011 
1012 	error = zio->io_error;
1013 	zio_destroy(zio);
1014 
1015 	return (error);
1016 }
1017 
1018 void
1019 zio_nowait(zio_t *zio)
1020 {
1021 	ASSERT(zio->io_executor == NULL);
1022 
1023 	if (zio->io_parent == NULL && zio->io_child_type == ZIO_CHILD_LOGICAL) {
1024 		/*
1025 		 * This is a logical async I/O with no parent to wait for it.
1026 		 * Attach it to the pool's global async root zio so that
1027 		 * spa_unload() has a way of waiting for async I/O to finish.
1028 		 */
1029 		spa_t *spa = zio->io_spa;
1030 		zio->io_async_root = B_TRUE;
1031 		mutex_enter(&spa->spa_async_root_lock);
1032 		spa->spa_async_root_count++;
1033 		mutex_exit(&spa->spa_async_root_lock);
1034 	}
1035 
1036 	zio_execute(zio);
1037 }
1038 
1039 /*
1040  * ==========================================================================
1041  * Reexecute or suspend/resume failed I/O
1042  * ==========================================================================
1043  */
1044 
1045 static void
1046 zio_reexecute(zio_t *pio)
1047 {
1048 	zio_t *zio, *zio_next;
1049 
1050 	pio->io_flags = pio->io_orig_flags;
1051 	pio->io_stage = pio->io_orig_stage;
1052 	pio->io_pipeline = pio->io_orig_pipeline;
1053 	pio->io_reexecute = 0;
1054 	pio->io_error = 0;
1055 	for (int c = 0; c < ZIO_CHILD_TYPES; c++)
1056 		pio->io_child_error[c] = 0;
1057 
1058 	if (IO_IS_ALLOCATING(pio)) {
1059 		/*
1060 		 * Remember the failed bp so that the io_ready() callback
1061 		 * can update its accounting upon reexecution.  The block
1062 		 * was already freed in zio_done(); we indicate this with
1063 		 * a fill count of -1 so that zio_free() knows to skip it.
1064 		 */
1065 		blkptr_t *bp = pio->io_bp;
1066 		ASSERT(bp->blk_birth == 0 || bp->blk_birth == pio->io_txg);
1067 		bp->blk_fill = BLK_FILL_ALREADY_FREED;
1068 		pio->io_bp_orig = *bp;
1069 		BP_ZERO(bp);
1070 	}
1071 
1072 	/*
1073 	 * As we reexecute pio's children, new children could be created.
1074 	 * New children go to the head of the io_child list, however,
1075 	 * so we will (correctly) not reexecute them.  The key is that
1076 	 * the remainder of the io_child list, from 'zio_next' onward,
1077 	 * cannot be affected by any side effects of reexecuting 'zio'.
1078 	 */
1079 	for (zio = pio->io_child; zio != NULL; zio = zio_next) {
1080 		zio_next = zio->io_sibling_next;
1081 		mutex_enter(&pio->io_lock);
1082 		pio->io_children[zio->io_child_type][ZIO_WAIT_READY]++;
1083 		pio->io_children[zio->io_child_type][ZIO_WAIT_DONE]++;
1084 		mutex_exit(&pio->io_lock);
1085 		zio_reexecute(zio);
1086 	}
1087 
1088 	/*
1089 	 * Now that all children have been reexecuted, execute the parent.
1090 	 */
1091 	zio_execute(pio);
1092 }
1093 
1094 void
1095 zio_suspend(spa_t *spa, zio_t *zio)
1096 {
1097 	if (spa_get_failmode(spa) == ZIO_FAILURE_MODE_PANIC)
1098 		fm_panic("Pool '%s' has encountered an uncorrectable I/O "
1099 		    "failure and the failure mode property for this pool "
1100 		    "is set to panic.", spa_name(spa));
1101 
1102 	zfs_ereport_post(FM_EREPORT_ZFS_IO_FAILURE, spa, NULL, NULL, 0, 0);
1103 
1104 	mutex_enter(&spa->spa_suspend_lock);
1105 
1106 	if (spa->spa_suspend_zio_root == NULL)
1107 		spa->spa_suspend_zio_root = zio_root(spa, NULL, NULL, 0);
1108 
1109 	spa->spa_suspended = B_TRUE;
1110 
1111 	if (zio != NULL) {
1112 		ASSERT(zio != spa->spa_suspend_zio_root);
1113 		ASSERT(zio->io_child_type == ZIO_CHILD_LOGICAL);
1114 		ASSERT(zio->io_parent == NULL);
1115 		ASSERT(zio->io_stage == ZIO_STAGE_DONE);
1116 		zio_add_child(spa->spa_suspend_zio_root, zio);
1117 	}
1118 
1119 	mutex_exit(&spa->spa_suspend_lock);
1120 }
1121 
1122 void
1123 zio_resume(spa_t *spa)
1124 {
1125 	zio_t *pio, *zio;
1126 
1127 	/*
1128 	 * Reexecute all previously suspended i/o.
1129 	 */
1130 	mutex_enter(&spa->spa_suspend_lock);
1131 	spa->spa_suspended = B_FALSE;
1132 	cv_broadcast(&spa->spa_suspend_cv);
1133 	pio = spa->spa_suspend_zio_root;
1134 	spa->spa_suspend_zio_root = NULL;
1135 	mutex_exit(&spa->spa_suspend_lock);
1136 
1137 	if (pio == NULL)
1138 		return;
1139 
1140 	while ((zio = pio->io_child) != NULL) {
1141 		zio_remove_child(pio, zio);
1142 		zio->io_parent = NULL;
1143 		zio_reexecute(zio);
1144 	}
1145 
1146 	ASSERT(pio->io_children[ZIO_CHILD_LOGICAL][ZIO_WAIT_DONE] == 0);
1147 
1148 	(void) zio_wait(pio);
1149 }
1150 
1151 void
1152 zio_resume_wait(spa_t *spa)
1153 {
1154 	mutex_enter(&spa->spa_suspend_lock);
1155 	while (spa_suspended(spa))
1156 		cv_wait(&spa->spa_suspend_cv, &spa->spa_suspend_lock);
1157 	mutex_exit(&spa->spa_suspend_lock);
1158 }
1159 
1160 /*
1161  * ==========================================================================
1162  * Gang blocks.
1163  *
1164  * A gang block is a collection of small blocks that looks to the DMU
1165  * like one large block.  When zio_dva_allocate() cannot find a block
1166  * of the requested size, due to either severe fragmentation or the pool
1167  * being nearly full, it calls zio_write_gang_block() to construct the
1168  * block from smaller fragments.
1169  *
1170  * A gang block consists of a gang header (zio_gbh_phys_t) and up to
1171  * three (SPA_GBH_NBLKPTRS) gang members.  The gang header is just like
1172  * an indirect block: it's an array of block pointers.  It consumes
1173  * only one sector and hence is allocatable regardless of fragmentation.
1174  * The gang header's bps point to its gang members, which hold the data.
1175  *
1176  * Gang blocks are self-checksumming, using the bp's <vdev, offset, txg>
1177  * as the verifier to ensure uniqueness of the SHA256 checksum.
1178  * Critically, the gang block bp's blk_cksum is the checksum of the data,
1179  * not the gang header.  This ensures that data block signatures (needed for
1180  * deduplication) are independent of how the block is physically stored.
1181  *
1182  * Gang blocks can be nested: a gang member may itself be a gang block.
1183  * Thus every gang block is a tree in which root and all interior nodes are
1184  * gang headers, and the leaves are normal blocks that contain user data.
1185  * The root of the gang tree is called the gang leader.
1186  *
1187  * To perform any operation (read, rewrite, free, claim) on a gang block,
1188  * zio_gang_assemble() first assembles the gang tree (minus data leaves)
1189  * in the io_gang_tree field of the original logical i/o by recursively
1190  * reading the gang leader and all gang headers below it.  This yields
1191  * an in-core tree containing the contents of every gang header and the
1192  * bps for every constituent of the gang block.
1193  *
1194  * With the gang tree now assembled, zio_gang_issue() just walks the gang tree
1195  * and invokes a callback on each bp.  To free a gang block, zio_gang_issue()
1196  * calls zio_free_gang() -- a trivial wrapper around zio_free() -- for each bp.
1197  * zio_claim_gang() provides a similarly trivial wrapper for zio_claim().
1198  * zio_read_gang() is a wrapper around zio_read() that omits reading gang
1199  * headers, since we already have those in io_gang_tree.  zio_rewrite_gang()
1200  * performs a zio_rewrite() of the data or, for gang headers, a zio_rewrite()
1201  * of the gang header plus zio_checksum_compute() of the data to update the
1202  * gang header's blk_cksum as described above.
1203  *
1204  * The two-phase assemble/issue model solves the problem of partial failure --
1205  * what if you'd freed part of a gang block but then couldn't read the
1206  * gang header for another part?  Assembling the entire gang tree first
1207  * ensures that all the necessary gang header I/O has succeeded before
1208  * starting the actual work of free, claim, or write.  Once the gang tree
1209  * is assembled, free and claim are in-memory operations that cannot fail.
1210  *
1211  * In the event that a gang write fails, zio_dva_unallocate() walks the
1212  * gang tree to immediately free (i.e. insert back into the space map)
1213  * everything we've allocated.  This ensures that we don't get ENOSPC
1214  * errors during repeated suspend/resume cycles due to a flaky device.
1215  *
1216  * Gang rewrites only happen during sync-to-convergence.  If we can't assemble
1217  * the gang tree, we won't modify the block, so we can safely defer the free
1218  * (knowing that the block is still intact).  If we *can* assemble the gang
1219  * tree, then even if some of the rewrites fail, zio_dva_unallocate() will free
1220  * each constituent bp and we can allocate a new block on the next sync pass.
1221  *
1222  * In all cases, the gang tree allows complete recovery from partial failure.
1223  * ==========================================================================
1224  */
1225 
1226 static zio_t *
1227 zio_read_gang(zio_t *pio, blkptr_t *bp, zio_gang_node_t *gn, void *data)
1228 {
1229 	if (gn != NULL)
1230 		return (pio);
1231 
1232 	return (zio_read(pio, pio->io_spa, bp, data, BP_GET_PSIZE(bp),
1233 	    NULL, NULL, pio->io_priority, ZIO_GANG_CHILD_FLAGS(pio),
1234 	    &pio->io_bookmark));
1235 }
1236 
1237 zio_t *
1238 zio_rewrite_gang(zio_t *pio, blkptr_t *bp, zio_gang_node_t *gn, void *data)
1239 {
1240 	zio_t *zio;
1241 
1242 	if (gn != NULL) {
1243 		zio = zio_rewrite(pio, pio->io_spa, pio->io_txg, bp,
1244 		    gn->gn_gbh, SPA_GANGBLOCKSIZE, NULL, NULL, pio->io_priority,
1245 		    ZIO_GANG_CHILD_FLAGS(pio), &pio->io_bookmark);
1246 		/*
1247 		 * As we rewrite each gang header, the pipeline will compute
1248 		 * a new gang block header checksum for it; but no one will
1249 		 * compute a new data checksum, so we do that here.  The one
1250 		 * exception is the gang leader: the pipeline already computed
1251 		 * its data checksum because that stage precedes gang assembly.
1252 		 * (Presently, nothing actually uses interior data checksums;
1253 		 * this is just good hygiene.)
1254 		 */
1255 		if (gn != pio->io_logical->io_gang_tree) {
1256 			zio_checksum_compute(zio, BP_GET_CHECKSUM(bp),
1257 			    data, BP_GET_PSIZE(bp));
1258 		}
1259 	} else {
1260 		zio = zio_rewrite(pio, pio->io_spa, pio->io_txg, bp,
1261 		    data, BP_GET_PSIZE(bp), NULL, NULL, pio->io_priority,
1262 		    ZIO_GANG_CHILD_FLAGS(pio), &pio->io_bookmark);
1263 	}
1264 
1265 	return (zio);
1266 }
1267 
1268 /* ARGSUSED */
1269 zio_t *
1270 zio_free_gang(zio_t *pio, blkptr_t *bp, zio_gang_node_t *gn, void *data)
1271 {
1272 	return (zio_free(pio, pio->io_spa, pio->io_txg, bp,
1273 	    NULL, NULL, ZIO_GANG_CHILD_FLAGS(pio)));
1274 }
1275 
1276 /* ARGSUSED */
1277 zio_t *
1278 zio_claim_gang(zio_t *pio, blkptr_t *bp, zio_gang_node_t *gn, void *data)
1279 {
1280 	return (zio_claim(pio, pio->io_spa, pio->io_txg, bp,
1281 	    NULL, NULL, ZIO_GANG_CHILD_FLAGS(pio)));
1282 }
1283 
1284 static zio_gang_issue_func_t *zio_gang_issue_func[ZIO_TYPES] = {
1285 	NULL,
1286 	zio_read_gang,
1287 	zio_rewrite_gang,
1288 	zio_free_gang,
1289 	zio_claim_gang,
1290 	NULL
1291 };
1292 
1293 static void zio_gang_tree_assemble_done(zio_t *zio);
1294 
1295 static zio_gang_node_t *
1296 zio_gang_node_alloc(zio_gang_node_t **gnpp)
1297 {
1298 	zio_gang_node_t *gn;
1299 
1300 	ASSERT(*gnpp == NULL);
1301 
1302 	gn = kmem_zalloc(sizeof (*gn), KM_SLEEP);
1303 	gn->gn_gbh = zio_buf_alloc(SPA_GANGBLOCKSIZE);
1304 	*gnpp = gn;
1305 
1306 	return (gn);
1307 }
1308 
1309 static void
1310 zio_gang_node_free(zio_gang_node_t **gnpp)
1311 {
1312 	zio_gang_node_t *gn = *gnpp;
1313 
1314 	for (int g = 0; g < SPA_GBH_NBLKPTRS; g++)
1315 		ASSERT(gn->gn_child[g] == NULL);
1316 
1317 	zio_buf_free(gn->gn_gbh, SPA_GANGBLOCKSIZE);
1318 	kmem_free(gn, sizeof (*gn));
1319 	*gnpp = NULL;
1320 }
1321 
1322 static void
1323 zio_gang_tree_free(zio_gang_node_t **gnpp)
1324 {
1325 	zio_gang_node_t *gn = *gnpp;
1326 
1327 	if (gn == NULL)
1328 		return;
1329 
1330 	for (int g = 0; g < SPA_GBH_NBLKPTRS; g++)
1331 		zio_gang_tree_free(&gn->gn_child[g]);
1332 
1333 	zio_gang_node_free(gnpp);
1334 }
1335 
1336 static void
1337 zio_gang_tree_assemble(zio_t *lio, blkptr_t *bp, zio_gang_node_t **gnpp)
1338 {
1339 	zio_gang_node_t *gn = zio_gang_node_alloc(gnpp);
1340 
1341 	ASSERT(lio->io_logical == lio);
1342 	ASSERT(BP_IS_GANG(bp));
1343 
1344 	zio_nowait(zio_read(lio, lio->io_spa, bp, gn->gn_gbh,
1345 	    SPA_GANGBLOCKSIZE, zio_gang_tree_assemble_done, gn,
1346 	    lio->io_priority, ZIO_GANG_CHILD_FLAGS(lio), &lio->io_bookmark));
1347 }
1348 
1349 static void
1350 zio_gang_tree_assemble_done(zio_t *zio)
1351 {
1352 	zio_t *lio = zio->io_logical;
1353 	zio_gang_node_t *gn = zio->io_private;
1354 	blkptr_t *bp = zio->io_bp;
1355 
1356 	ASSERT(zio->io_parent == lio);
1357 	ASSERT(zio->io_child == NULL);
1358 
1359 	if (zio->io_error)
1360 		return;
1361 
1362 	if (BP_SHOULD_BYTESWAP(bp))
1363 		byteswap_uint64_array(zio->io_data, zio->io_size);
1364 
1365 	ASSERT(zio->io_data == gn->gn_gbh);
1366 	ASSERT(zio->io_size == SPA_GANGBLOCKSIZE);
1367 	ASSERT(gn->gn_gbh->zg_tail.zbt_magic == ZBT_MAGIC);
1368 
1369 	for (int g = 0; g < SPA_GBH_NBLKPTRS; g++) {
1370 		blkptr_t *gbp = &gn->gn_gbh->zg_blkptr[g];
1371 		if (!BP_IS_GANG(gbp))
1372 			continue;
1373 		zio_gang_tree_assemble(lio, gbp, &gn->gn_child[g]);
1374 	}
1375 }
1376 
1377 static void
1378 zio_gang_tree_issue(zio_t *pio, zio_gang_node_t *gn, blkptr_t *bp, void *data)
1379 {
1380 	zio_t *lio = pio->io_logical;
1381 	zio_t *zio;
1382 
1383 	ASSERT(BP_IS_GANG(bp) == !!gn);
1384 	ASSERT(BP_GET_CHECKSUM(bp) == BP_GET_CHECKSUM(lio->io_bp));
1385 	ASSERT(BP_GET_LSIZE(bp) == BP_GET_PSIZE(bp) || gn == lio->io_gang_tree);
1386 
1387 	/*
1388 	 * If you're a gang header, your data is in gn->gn_gbh.
1389 	 * If you're a gang member, your data is in 'data' and gn == NULL.
1390 	 */
1391 	zio = zio_gang_issue_func[lio->io_type](pio, bp, gn, data);
1392 
1393 	if (gn != NULL) {
1394 		ASSERT(gn->gn_gbh->zg_tail.zbt_magic == ZBT_MAGIC);
1395 
1396 		for (int g = 0; g < SPA_GBH_NBLKPTRS; g++) {
1397 			blkptr_t *gbp = &gn->gn_gbh->zg_blkptr[g];
1398 			if (BP_IS_HOLE(gbp))
1399 				continue;
1400 			zio_gang_tree_issue(zio, gn->gn_child[g], gbp, data);
1401 			data = (char *)data + BP_GET_PSIZE(gbp);
1402 		}
1403 	}
1404 
1405 	if (gn == lio->io_gang_tree)
1406 		ASSERT3P((char *)lio->io_data + lio->io_size, ==, data);
1407 
1408 	if (zio != pio)
1409 		zio_nowait(zio);
1410 }
1411 
1412 static int
1413 zio_gang_assemble(zio_t *zio)
1414 {
1415 	blkptr_t *bp = zio->io_bp;
1416 
1417 	ASSERT(BP_IS_GANG(bp) && zio == zio->io_logical);
1418 
1419 	zio_gang_tree_assemble(zio, bp, &zio->io_gang_tree);
1420 
1421 	return (ZIO_PIPELINE_CONTINUE);
1422 }
1423 
1424 static int
1425 zio_gang_issue(zio_t *zio)
1426 {
1427 	zio_t *lio = zio->io_logical;
1428 	blkptr_t *bp = zio->io_bp;
1429 
1430 	if (zio_wait_for_children(zio, ZIO_CHILD_GANG, ZIO_WAIT_DONE))
1431 		return (ZIO_PIPELINE_STOP);
1432 
1433 	ASSERT(BP_IS_GANG(bp) && zio == lio);
1434 
1435 	if (zio->io_child_error[ZIO_CHILD_GANG] == 0)
1436 		zio_gang_tree_issue(lio, lio->io_gang_tree, bp, lio->io_data);
1437 	else
1438 		zio_gang_tree_free(&lio->io_gang_tree);
1439 
1440 	zio->io_pipeline = ZIO_INTERLOCK_PIPELINE;
1441 
1442 	return (ZIO_PIPELINE_CONTINUE);
1443 }
1444 
1445 static void
1446 zio_write_gang_member_ready(zio_t *zio)
1447 {
1448 	zio_t *pio = zio->io_parent;
1449 	zio_t *lio = zio->io_logical;
1450 	dva_t *cdva = zio->io_bp->blk_dva;
1451 	dva_t *pdva = pio->io_bp->blk_dva;
1452 	uint64_t asize;
1453 
1454 	if (BP_IS_HOLE(zio->io_bp))
1455 		return;
1456 
1457 	ASSERT(BP_IS_HOLE(&zio->io_bp_orig));
1458 
1459 	ASSERT(zio->io_child_type == ZIO_CHILD_GANG);
1460 	ASSERT3U(zio->io_prop.zp_ndvas, ==, lio->io_prop.zp_ndvas);
1461 	ASSERT3U(zio->io_prop.zp_ndvas, <=, BP_GET_NDVAS(zio->io_bp));
1462 	ASSERT3U(pio->io_prop.zp_ndvas, <=, BP_GET_NDVAS(pio->io_bp));
1463 	ASSERT3U(BP_GET_NDVAS(zio->io_bp), <=, BP_GET_NDVAS(pio->io_bp));
1464 
1465 	mutex_enter(&pio->io_lock);
1466 	for (int d = 0; d < BP_GET_NDVAS(zio->io_bp); d++) {
1467 		ASSERT(DVA_GET_GANG(&pdva[d]));
1468 		asize = DVA_GET_ASIZE(&pdva[d]);
1469 		asize += DVA_GET_ASIZE(&cdva[d]);
1470 		DVA_SET_ASIZE(&pdva[d], asize);
1471 	}
1472 	mutex_exit(&pio->io_lock);
1473 }
1474 
1475 static int
1476 zio_write_gang_block(zio_t *pio)
1477 {
1478 	spa_t *spa = pio->io_spa;
1479 	blkptr_t *bp = pio->io_bp;
1480 	zio_t *lio = pio->io_logical;
1481 	zio_t *zio;
1482 	zio_gang_node_t *gn, **gnpp;
1483 	zio_gbh_phys_t *gbh;
1484 	uint64_t txg = pio->io_txg;
1485 	uint64_t resid = pio->io_size;
1486 	uint64_t lsize;
1487 	int ndvas = lio->io_prop.zp_ndvas;
1488 	int gbh_ndvas = MIN(ndvas + 1, spa_max_replication(spa));
1489 	zio_prop_t zp;
1490 	int error;
1491 
1492 	error = metaslab_alloc(spa, spa->spa_normal_class, SPA_GANGBLOCKSIZE,
1493 	    bp, gbh_ndvas, txg, pio == lio ? NULL : lio->io_bp,
1494 	    METASLAB_HINTBP_FAVOR | METASLAB_GANG_HEADER);
1495 	if (error) {
1496 		pio->io_error = error;
1497 		return (ZIO_PIPELINE_CONTINUE);
1498 	}
1499 
1500 	if (pio == lio) {
1501 		gnpp = &lio->io_gang_tree;
1502 	} else {
1503 		gnpp = pio->io_private;
1504 		ASSERT(pio->io_ready == zio_write_gang_member_ready);
1505 	}
1506 
1507 	gn = zio_gang_node_alloc(gnpp);
1508 	gbh = gn->gn_gbh;
1509 	bzero(gbh, SPA_GANGBLOCKSIZE);
1510 
1511 	/*
1512 	 * Create the gang header.
1513 	 */
1514 	zio = zio_rewrite(pio, spa, txg, bp, gbh, SPA_GANGBLOCKSIZE, NULL, NULL,
1515 	    pio->io_priority, ZIO_GANG_CHILD_FLAGS(pio), &pio->io_bookmark);
1516 
1517 	/*
1518 	 * Create and nowait the gang children.
1519 	 */
1520 	for (int g = 0; resid != 0; resid -= lsize, g++) {
1521 		lsize = P2ROUNDUP(resid / (SPA_GBH_NBLKPTRS - g),
1522 		    SPA_MINBLOCKSIZE);
1523 		ASSERT(lsize >= SPA_MINBLOCKSIZE && lsize <= resid);
1524 
1525 		zp.zp_checksum = lio->io_prop.zp_checksum;
1526 		zp.zp_compress = ZIO_COMPRESS_OFF;
1527 		zp.zp_type = DMU_OT_NONE;
1528 		zp.zp_level = 0;
1529 		zp.zp_ndvas = lio->io_prop.zp_ndvas;
1530 
1531 		zio_nowait(zio_write(zio, spa, txg, &gbh->zg_blkptr[g],
1532 		    (char *)pio->io_data + (pio->io_size - resid), lsize, &zp,
1533 		    zio_write_gang_member_ready, NULL, &gn->gn_child[g],
1534 		    pio->io_priority, ZIO_GANG_CHILD_FLAGS(pio),
1535 		    &pio->io_bookmark));
1536 	}
1537 
1538 	/*
1539 	 * Set pio's pipeline to just wait for zio to finish.
1540 	 */
1541 	pio->io_pipeline = ZIO_INTERLOCK_PIPELINE;
1542 
1543 	zio_nowait(zio);
1544 
1545 	return (ZIO_PIPELINE_CONTINUE);
1546 }
1547 
1548 /*
1549  * ==========================================================================
1550  * Allocate and free blocks
1551  * ==========================================================================
1552  */
1553 
1554 static int
1555 zio_dva_allocate(zio_t *zio)
1556 {
1557 	spa_t *spa = zio->io_spa;
1558 	metaslab_class_t *mc = spa->spa_normal_class;
1559 	blkptr_t *bp = zio->io_bp;
1560 	int error;
1561 
1562 	ASSERT(BP_IS_HOLE(bp));
1563 	ASSERT3U(BP_GET_NDVAS(bp), ==, 0);
1564 	ASSERT3U(zio->io_prop.zp_ndvas, >, 0);
1565 	ASSERT3U(zio->io_prop.zp_ndvas, <=, spa_max_replication(spa));
1566 	ASSERT3U(zio->io_size, ==, BP_GET_PSIZE(bp));
1567 
1568 	error = metaslab_alloc(spa, mc, zio->io_size, bp,
1569 	    zio->io_prop.zp_ndvas, zio->io_txg, NULL, 0);
1570 
1571 	if (error) {
1572 		if (error == ENOSPC && zio->io_size > SPA_MINBLOCKSIZE)
1573 			return (zio_write_gang_block(zio));
1574 		zio->io_error = error;
1575 	}
1576 
1577 	return (ZIO_PIPELINE_CONTINUE);
1578 }
1579 
1580 static int
1581 zio_dva_free(zio_t *zio)
1582 {
1583 	metaslab_free(zio->io_spa, zio->io_bp, zio->io_txg, B_FALSE);
1584 
1585 	return (ZIO_PIPELINE_CONTINUE);
1586 }
1587 
1588 static int
1589 zio_dva_claim(zio_t *zio)
1590 {
1591 	int error;
1592 
1593 	error = metaslab_claim(zio->io_spa, zio->io_bp, zio->io_txg);
1594 	if (error)
1595 		zio->io_error = error;
1596 
1597 	return (ZIO_PIPELINE_CONTINUE);
1598 }
1599 
1600 /*
1601  * Undo an allocation.  This is used by zio_done() when an I/O fails
1602  * and we want to give back the block we just allocated.
1603  * This handles both normal blocks and gang blocks.
1604  */
1605 static void
1606 zio_dva_unallocate(zio_t *zio, zio_gang_node_t *gn, blkptr_t *bp)
1607 {
1608 	spa_t *spa = zio->io_spa;
1609 	boolean_t now = !(zio->io_flags & ZIO_FLAG_IO_REWRITE);
1610 
1611 	ASSERT(bp->blk_birth == zio->io_txg || BP_IS_HOLE(bp));
1612 
1613 	if (zio->io_bp == bp && !now) {
1614 		/*
1615 		 * This is a rewrite for sync-to-convergence.
1616 		 * We can't do a metaslab_free(NOW) because bp wasn't allocated
1617 		 * during this sync pass, which means that metaslab_sync()
1618 		 * already committed the allocation.
1619 		 */
1620 		ASSERT(DVA_EQUAL(BP_IDENTITY(bp),
1621 		    BP_IDENTITY(&zio->io_bp_orig)));
1622 		ASSERT(spa_sync_pass(spa) > 1);
1623 
1624 		if (BP_IS_GANG(bp) && gn == NULL) {
1625 			/*
1626 			 * This is a gang leader whose gang header(s) we
1627 			 * couldn't read now, so defer the free until later.
1628 			 * The block should still be intact because without
1629 			 * the headers, we'd never even start the rewrite.
1630 			 */
1631 			bplist_enqueue_deferred(&spa->spa_sync_bplist, bp);
1632 			return;
1633 		}
1634 	}
1635 
1636 	if (!BP_IS_HOLE(bp))
1637 		metaslab_free(spa, bp, bp->blk_birth, now);
1638 
1639 	if (gn != NULL) {
1640 		for (int g = 0; g < SPA_GBH_NBLKPTRS; g++) {
1641 			zio_dva_unallocate(zio, gn->gn_child[g],
1642 			    &gn->gn_gbh->zg_blkptr[g]);
1643 		}
1644 	}
1645 }
1646 
1647 /*
1648  * Try to allocate an intent log block.  Return 0 on success, errno on failure.
1649  */
1650 int
1651 zio_alloc_blk(spa_t *spa, uint64_t size, blkptr_t *new_bp, blkptr_t *old_bp,
1652     uint64_t txg)
1653 {
1654 	int error;
1655 
1656 	error = metaslab_alloc(spa, spa->spa_log_class, size,
1657 	    new_bp, 1, txg, old_bp, METASLAB_HINTBP_AVOID);
1658 
1659 	if (error)
1660 		error = metaslab_alloc(spa, spa->spa_normal_class, size,
1661 		    new_bp, 1, txg, old_bp, METASLAB_HINTBP_AVOID);
1662 
1663 	if (error == 0) {
1664 		BP_SET_LSIZE(new_bp, size);
1665 		BP_SET_PSIZE(new_bp, size);
1666 		BP_SET_COMPRESS(new_bp, ZIO_COMPRESS_OFF);
1667 		BP_SET_CHECKSUM(new_bp, ZIO_CHECKSUM_ZILOG);
1668 		BP_SET_TYPE(new_bp, DMU_OT_INTENT_LOG);
1669 		BP_SET_LEVEL(new_bp, 0);
1670 		BP_SET_BYTEORDER(new_bp, ZFS_HOST_BYTEORDER);
1671 	}
1672 
1673 	return (error);
1674 }
1675 
1676 /*
1677  * Free an intent log block.  We know it can't be a gang block, so there's
1678  * nothing to do except metaslab_free() it.
1679  */
1680 void
1681 zio_free_blk(spa_t *spa, blkptr_t *bp, uint64_t txg)
1682 {
1683 	ASSERT(!BP_IS_GANG(bp));
1684 
1685 	metaslab_free(spa, bp, txg, B_FALSE);
1686 }
1687 
1688 /*
1689  * ==========================================================================
1690  * Read and write to physical devices
1691  * ==========================================================================
1692  */
1693 
1694 static void
1695 zio_vdev_io_probe_done(zio_t *zio)
1696 {
1697 	zio_t *dio;
1698 	vdev_t *vd = zio->io_private;
1699 
1700 	mutex_enter(&vd->vdev_probe_lock);
1701 	ASSERT(vd->vdev_probe_zio == zio);
1702 	vd->vdev_probe_zio = NULL;
1703 	mutex_exit(&vd->vdev_probe_lock);
1704 
1705 	while ((dio = zio->io_delegate_list) != NULL) {
1706 		zio->io_delegate_list = dio->io_delegate_next;
1707 		dio->io_delegate_next = NULL;
1708 		if (!vdev_accessible(vd, dio))
1709 			dio->io_error = ENXIO;
1710 		zio_execute(dio);
1711 	}
1712 }
1713 
1714 /*
1715  * Probe the device to determine whether I/O failure is specific to this
1716  * zio (e.g. a bad sector) or affects the entire vdev (e.g. unplugged).
1717  */
1718 static int
1719 zio_vdev_io_probe(zio_t *zio)
1720 {
1721 	vdev_t *vd = zio->io_vd;
1722 	zio_t *pio = NULL;
1723 	boolean_t created_pio = B_FALSE;
1724 
1725 	/*
1726 	 * Don't probe the probe.
1727 	 */
1728 	if (zio->io_flags & ZIO_FLAG_PROBE)
1729 		return (ZIO_PIPELINE_CONTINUE);
1730 
1731 	/*
1732 	 * To prevent 'probe storms' when a device fails, we create
1733 	 * just one probe i/o at a time.  All zios that want to probe
1734 	 * this vdev will join the probe zio's io_delegate_list.
1735 	 */
1736 	mutex_enter(&vd->vdev_probe_lock);
1737 
1738 	if ((pio = vd->vdev_probe_zio) == NULL) {
1739 		vd->vdev_probe_zio = pio = zio_root(zio->io_spa,
1740 		    zio_vdev_io_probe_done, vd, ZIO_FLAG_CANFAIL);
1741 		created_pio = B_TRUE;
1742 		vd->vdev_probe_wanted = B_TRUE;
1743 		spa_async_request(zio->io_spa, SPA_ASYNC_PROBE);
1744 	}
1745 
1746 	zio->io_delegate_next = pio->io_delegate_list;
1747 	pio->io_delegate_list = zio;
1748 
1749 	mutex_exit(&vd->vdev_probe_lock);
1750 
1751 	if (created_pio) {
1752 		zio_nowait(vdev_probe(vd, pio));
1753 		zio_nowait(pio);
1754 	}
1755 
1756 	return (ZIO_PIPELINE_STOP);
1757 }
1758 
1759 static int
1760 zio_vdev_io_start(zio_t *zio)
1761 {
1762 	vdev_t *vd = zio->io_vd;
1763 	uint64_t align;
1764 	spa_t *spa = zio->io_spa;
1765 
1766 	ASSERT(zio->io_error == 0);
1767 	ASSERT(zio->io_child_error[ZIO_CHILD_VDEV] == 0);
1768 
1769 	if (vd == NULL) {
1770 		if (!(zio->io_flags & ZIO_FLAG_CONFIG_WRITER))
1771 			spa_config_enter(spa, SCL_ZIO, zio, RW_READER);
1772 
1773 		/*
1774 		 * The mirror_ops handle multiple DVAs in a single BP.
1775 		 */
1776 		return (vdev_mirror_ops.vdev_op_io_start(zio));
1777 	}
1778 
1779 	align = 1ULL << vd->vdev_top->vdev_ashift;
1780 
1781 	if (P2PHASE(zio->io_size, align) != 0) {
1782 		uint64_t asize = P2ROUNDUP(zio->io_size, align);
1783 		char *abuf = zio_buf_alloc(asize);
1784 		ASSERT(vd == vd->vdev_top);
1785 		if (zio->io_type == ZIO_TYPE_WRITE) {
1786 			bcopy(zio->io_data, abuf, zio->io_size);
1787 			bzero(abuf + zio->io_size, asize - zio->io_size);
1788 		}
1789 		zio_push_transform(zio, abuf, asize, asize, zio_subblock);
1790 	}
1791 
1792 	ASSERT(P2PHASE(zio->io_offset, align) == 0);
1793 	ASSERT(P2PHASE(zio->io_size, align) == 0);
1794 	ASSERT(zio->io_type != ZIO_TYPE_WRITE || spa_writeable(spa));
1795 
1796 	/*
1797 	 * If this is a repair I/O, and there's no self-healing involved --
1798 	 * that is, we're just resilvering what we expect to resilver --
1799 	 * then don't do the I/O unless zio's txg is actually in vd's DTL.
1800 	 * This prevents spurious resilvering with nested replication.
1801 	 * For example, given a mirror of mirrors, (A+B)+(C+D), if only
1802 	 * A is out of date, we'll read from C+D, then use the data to
1803 	 * resilver A+B -- but we don't actually want to resilver B, just A.
1804 	 * The top-level mirror has no way to know this, so instead we just
1805 	 * discard unnecessary repairs as we work our way down the vdev tree.
1806 	 * The same logic applies to any form of nested replication:
1807 	 * ditto + mirror, RAID-Z + replacing, etc.  This covers them all.
1808 	 */
1809 	if ((zio->io_flags & ZIO_FLAG_IO_REPAIR) &&
1810 	    !(zio->io_flags & ZIO_FLAG_SELF_HEAL) &&
1811 	    zio->io_txg != 0 &&	/* not a delegated i/o */
1812 	    !vdev_dtl_contains(vd, DTL_PARTIAL, zio->io_txg, 1)) {
1813 		ASSERT(zio->io_type == ZIO_TYPE_WRITE);
1814 		ASSERT(zio->io_delegate_list == NULL);
1815 		zio_vdev_io_bypass(zio);
1816 		return (ZIO_PIPELINE_CONTINUE);
1817 	}
1818 
1819 	if (vd->vdev_ops->vdev_op_leaf &&
1820 	    (zio->io_type == ZIO_TYPE_READ || zio->io_type == ZIO_TYPE_WRITE)) {
1821 
1822 		if (zio->io_type == ZIO_TYPE_READ && vdev_cache_read(zio) == 0)
1823 			return (ZIO_PIPELINE_STOP);
1824 
1825 		if ((zio = vdev_queue_io(zio)) == NULL)
1826 			return (ZIO_PIPELINE_STOP);
1827 
1828 		if (!vdev_accessible(vd, zio)) {
1829 			zio->io_error = ENXIO;
1830 			zio_interrupt(zio);
1831 			return (ZIO_PIPELINE_STOP);
1832 		}
1833 	}
1834 
1835 	return (vd->vdev_ops->vdev_op_io_start(zio));
1836 }
1837 
1838 static int
1839 zio_vdev_io_done(zio_t *zio)
1840 {
1841 	vdev_t *vd = zio->io_vd;
1842 	vdev_ops_t *ops = vd ? vd->vdev_ops : &vdev_mirror_ops;
1843 	boolean_t unexpected_error = B_FALSE;
1844 
1845 	if (zio_wait_for_children(zio, ZIO_CHILD_VDEV, ZIO_WAIT_DONE))
1846 		return (ZIO_PIPELINE_STOP);
1847 
1848 	ASSERT(zio->io_type == ZIO_TYPE_READ || zio->io_type == ZIO_TYPE_WRITE);
1849 
1850 	if (vd != NULL && vd->vdev_ops->vdev_op_leaf) {
1851 
1852 		vdev_queue_io_done(zio);
1853 
1854 		if (zio->io_type == ZIO_TYPE_WRITE)
1855 			vdev_cache_write(zio);
1856 
1857 		if (zio_injection_enabled && zio->io_error == 0)
1858 			zio->io_error = zio_handle_device_injection(vd, EIO);
1859 
1860 		if (zio_injection_enabled && zio->io_error == 0)
1861 			zio->io_error = zio_handle_label_injection(zio, EIO);
1862 
1863 		if (zio->io_error) {
1864 			if (!vdev_accessible(vd, zio)) {
1865 				zio->io_error = ENXIO;
1866 			} else {
1867 				unexpected_error = B_TRUE;
1868 			}
1869 		}
1870 	}
1871 
1872 	ops->vdev_op_io_done(zio);
1873 
1874 	if (unexpected_error)
1875 		return (zio_vdev_io_probe(zio));
1876 
1877 	return (ZIO_PIPELINE_CONTINUE);
1878 }
1879 
1880 static int
1881 zio_vdev_io_assess(zio_t *zio)
1882 {
1883 	vdev_t *vd = zio->io_vd;
1884 
1885 	if (zio_wait_for_children(zio, ZIO_CHILD_VDEV, ZIO_WAIT_DONE))
1886 		return (ZIO_PIPELINE_STOP);
1887 
1888 	if (vd == NULL && !(zio->io_flags & ZIO_FLAG_CONFIG_WRITER))
1889 		spa_config_exit(zio->io_spa, SCL_ZIO, zio);
1890 
1891 	if (zio->io_vsd != NULL) {
1892 		zio->io_vsd_free(zio);
1893 		zio->io_vsd = NULL;
1894 	}
1895 
1896 	if (zio_injection_enabled && zio->io_error == 0)
1897 		zio->io_error = zio_handle_fault_injection(zio, EIO);
1898 
1899 	/*
1900 	 * If the I/O failed, determine whether we should attempt to retry it.
1901 	 */
1902 	if (zio->io_error && vd == NULL &&
1903 	    !(zio->io_flags & (ZIO_FLAG_DONT_RETRY | ZIO_FLAG_IO_RETRY))) {
1904 		ASSERT(!(zio->io_flags & ZIO_FLAG_DONT_QUEUE));	/* not a leaf */
1905 		ASSERT(!(zio->io_flags & ZIO_FLAG_IO_BYPASS));	/* not a leaf */
1906 		zio->io_error = 0;
1907 		zio->io_flags |= ZIO_FLAG_IO_RETRY |
1908 		    ZIO_FLAG_DONT_CACHE | ZIO_FLAG_DONT_AGGREGATE;
1909 		zio->io_stage = ZIO_STAGE_VDEV_IO_START - 1;
1910 		zio_taskq_dispatch(zio, ZIO_TASKQ_ISSUE);
1911 		return (ZIO_PIPELINE_STOP);
1912 	}
1913 
1914 	/*
1915 	 * If we got an error on a leaf device, convert it to ENXIO
1916 	 * if the device is not accessible at all.
1917 	 */
1918 	if (zio->io_error && vd != NULL && vd->vdev_ops->vdev_op_leaf &&
1919 	    !vdev_accessible(vd, zio))
1920 		zio->io_error = ENXIO;
1921 
1922 	/*
1923 	 * If we can't write to an interior vdev (mirror or RAID-Z),
1924 	 * set vdev_cant_write so that we stop trying to allocate from it.
1925 	 */
1926 	if (zio->io_error == ENXIO && zio->io_type == ZIO_TYPE_WRITE &&
1927 	    vd != NULL && !vd->vdev_ops->vdev_op_leaf)
1928 		vd->vdev_cant_write = B_TRUE;
1929 
1930 	if (zio->io_error)
1931 		zio->io_pipeline = ZIO_INTERLOCK_PIPELINE;
1932 
1933 	return (ZIO_PIPELINE_CONTINUE);
1934 }
1935 
1936 void
1937 zio_vdev_io_reissue(zio_t *zio)
1938 {
1939 	ASSERT(zio->io_stage == ZIO_STAGE_VDEV_IO_START);
1940 	ASSERT(zio->io_error == 0);
1941 
1942 	zio->io_stage--;
1943 }
1944 
1945 void
1946 zio_vdev_io_redone(zio_t *zio)
1947 {
1948 	ASSERT(zio->io_stage == ZIO_STAGE_VDEV_IO_DONE);
1949 
1950 	zio->io_stage--;
1951 }
1952 
1953 void
1954 zio_vdev_io_bypass(zio_t *zio)
1955 {
1956 	ASSERT(zio->io_stage == ZIO_STAGE_VDEV_IO_START);
1957 	ASSERT(zio->io_error == 0);
1958 
1959 	zio->io_flags |= ZIO_FLAG_IO_BYPASS;
1960 	zio->io_stage = ZIO_STAGE_VDEV_IO_ASSESS - 1;
1961 }
1962 
1963 /*
1964  * ==========================================================================
1965  * Generate and verify checksums
1966  * ==========================================================================
1967  */
1968 static int
1969 zio_checksum_generate(zio_t *zio)
1970 {
1971 	blkptr_t *bp = zio->io_bp;
1972 	enum zio_checksum checksum;
1973 
1974 	if (bp == NULL) {
1975 		/*
1976 		 * This is zio_write_phys().
1977 		 * We're either generating a label checksum, or none at all.
1978 		 */
1979 		checksum = zio->io_prop.zp_checksum;
1980 
1981 		if (checksum == ZIO_CHECKSUM_OFF)
1982 			return (ZIO_PIPELINE_CONTINUE);
1983 
1984 		ASSERT(checksum == ZIO_CHECKSUM_LABEL);
1985 	} else {
1986 		if (BP_IS_GANG(bp) && zio->io_child_type == ZIO_CHILD_GANG) {
1987 			ASSERT(!IO_IS_ALLOCATING(zio));
1988 			checksum = ZIO_CHECKSUM_GANG_HEADER;
1989 		} else {
1990 			checksum = BP_GET_CHECKSUM(bp);
1991 		}
1992 	}
1993 
1994 	zio_checksum_compute(zio, checksum, zio->io_data, zio->io_size);
1995 
1996 	return (ZIO_PIPELINE_CONTINUE);
1997 }
1998 
1999 static int
2000 zio_checksum_verify(zio_t *zio)
2001 {
2002 	blkptr_t *bp = zio->io_bp;
2003 	int error;
2004 
2005 	if (bp == NULL) {
2006 		/*
2007 		 * This is zio_read_phys().
2008 		 * We're either verifying a label checksum, or nothing at all.
2009 		 */
2010 		if (zio->io_prop.zp_checksum == ZIO_CHECKSUM_OFF)
2011 			return (ZIO_PIPELINE_CONTINUE);
2012 
2013 		ASSERT(zio->io_prop.zp_checksum == ZIO_CHECKSUM_LABEL);
2014 	}
2015 
2016 	if ((error = zio_checksum_error(zio)) != 0) {
2017 		zio->io_error = error;
2018 		if (!(zio->io_flags & ZIO_FLAG_SPECULATIVE)) {
2019 			zfs_ereport_post(FM_EREPORT_ZFS_CHECKSUM,
2020 			    zio->io_spa, zio->io_vd, zio, 0, 0);
2021 		}
2022 	}
2023 
2024 	return (ZIO_PIPELINE_CONTINUE);
2025 }
2026 
2027 /*
2028  * Called by RAID-Z to ensure we don't compute the checksum twice.
2029  */
2030 void
2031 zio_checksum_verified(zio_t *zio)
2032 {
2033 	zio->io_pipeline &= ~(1U << ZIO_STAGE_CHECKSUM_VERIFY);
2034 }
2035 
2036 /*
2037  * ==========================================================================
2038  * Error rank.  Error are ranked in the order 0, ENXIO, ECKSUM, EIO, other.
2039  * An error of 0 indictes success.  ENXIO indicates whole-device failure,
2040  * which may be transient (e.g. unplugged) or permament.  ECKSUM and EIO
2041  * indicate errors that are specific to one I/O, and most likely permanent.
2042  * Any other error is presumed to be worse because we weren't expecting it.
2043  * ==========================================================================
2044  */
2045 int
2046 zio_worst_error(int e1, int e2)
2047 {
2048 	static int zio_error_rank[] = { 0, ENXIO, ECKSUM, EIO };
2049 	int r1, r2;
2050 
2051 	for (r1 = 0; r1 < sizeof (zio_error_rank) / sizeof (int); r1++)
2052 		if (e1 == zio_error_rank[r1])
2053 			break;
2054 
2055 	for (r2 = 0; r2 < sizeof (zio_error_rank) / sizeof (int); r2++)
2056 		if (e2 == zio_error_rank[r2])
2057 			break;
2058 
2059 	return (r1 > r2 ? e1 : e2);
2060 }
2061 
2062 /*
2063  * ==========================================================================
2064  * I/O completion
2065  * ==========================================================================
2066  */
2067 static int
2068 zio_ready(zio_t *zio)
2069 {
2070 	blkptr_t *bp = zio->io_bp;
2071 	zio_t *pio = zio->io_parent;
2072 
2073 	if (zio->io_ready) {
2074 		if (BP_IS_GANG(bp) &&
2075 		    zio_wait_for_children(zio, ZIO_CHILD_GANG, ZIO_WAIT_READY))
2076 			return (ZIO_PIPELINE_STOP);
2077 
2078 		ASSERT(IO_IS_ALLOCATING(zio));
2079 		ASSERT(bp->blk_birth == zio->io_txg || BP_IS_HOLE(bp));
2080 		ASSERT(zio->io_children[ZIO_CHILD_GANG][ZIO_WAIT_READY] == 0);
2081 
2082 		zio->io_ready(zio);
2083 	}
2084 
2085 	if (bp != NULL && bp != &zio->io_bp_copy)
2086 		zio->io_bp_copy = *bp;
2087 
2088 	if (zio->io_error)
2089 		zio->io_pipeline = ZIO_INTERLOCK_PIPELINE;
2090 
2091 	if (pio != NULL)
2092 		zio_notify_parent(pio, zio, ZIO_WAIT_READY);
2093 
2094 	return (ZIO_PIPELINE_CONTINUE);
2095 }
2096 
2097 static int
2098 zio_done(zio_t *zio)
2099 {
2100 	spa_t *spa = zio->io_spa;
2101 	zio_t *pio = zio->io_parent;
2102 	zio_t *lio = zio->io_logical;
2103 	blkptr_t *bp = zio->io_bp;
2104 	vdev_t *vd = zio->io_vd;
2105 	uint64_t psize = zio->io_size;
2106 
2107 	/*
2108 	 * If our of children haven't all completed,
2109 	 * wait for them and then repeat this pipeline stage.
2110 	 */
2111 	if (zio_wait_for_children(zio, ZIO_CHILD_VDEV, ZIO_WAIT_DONE) ||
2112 	    zio_wait_for_children(zio, ZIO_CHILD_GANG, ZIO_WAIT_DONE) ||
2113 	    zio_wait_for_children(zio, ZIO_CHILD_LOGICAL, ZIO_WAIT_DONE))
2114 		return (ZIO_PIPELINE_STOP);
2115 
2116 	for (int c = 0; c < ZIO_CHILD_TYPES; c++)
2117 		for (int w = 0; w < ZIO_WAIT_TYPES; w++)
2118 			ASSERT(zio->io_children[c][w] == 0);
2119 
2120 	if (bp != NULL) {
2121 		ASSERT(bp->blk_pad[0] == 0);
2122 		ASSERT(bp->blk_pad[1] == 0);
2123 		ASSERT(bp->blk_pad[2] == 0);
2124 		ASSERT(bcmp(bp, &zio->io_bp_copy, sizeof (blkptr_t)) == 0 ||
2125 		    (pio != NULL && bp == pio->io_bp));
2126 		if (zio->io_type == ZIO_TYPE_WRITE && !BP_IS_HOLE(bp) &&
2127 		    !(zio->io_flags & ZIO_FLAG_IO_REPAIR)) {
2128 			ASSERT(!BP_SHOULD_BYTESWAP(bp));
2129 			ASSERT3U(zio->io_prop.zp_ndvas, <=, BP_GET_NDVAS(bp));
2130 			ASSERT(BP_COUNT_GANG(bp) == 0 ||
2131 			    (BP_COUNT_GANG(bp) == BP_GET_NDVAS(bp)));
2132 		}
2133 	}
2134 
2135 	/*
2136 	 * If there were child vdev or gang errors, they apply to us now.
2137 	 */
2138 	zio_inherit_child_errors(zio, ZIO_CHILD_VDEV);
2139 	zio_inherit_child_errors(zio, ZIO_CHILD_GANG);
2140 
2141 	zio_pop_transforms(zio);	/* note: may set zio->io_error */
2142 
2143 	vdev_stat_update(zio, psize);
2144 
2145 	if (zio->io_error) {
2146 		/*
2147 		 * If this I/O is attached to a particular vdev,
2148 		 * generate an error message describing the I/O failure
2149 		 * at the block level.  We ignore these errors if the
2150 		 * device is currently unavailable.
2151 		 */
2152 		if (zio->io_error != ECKSUM && vd != NULL && !vdev_is_dead(vd))
2153 			zfs_ereport_post(FM_EREPORT_ZFS_IO, spa, vd, zio, 0, 0);
2154 
2155 		if ((zio->io_error == EIO ||
2156 		    !(zio->io_flags & ZIO_FLAG_SPECULATIVE)) && zio == lio) {
2157 			/*
2158 			 * For logical I/O requests, tell the SPA to log the
2159 			 * error and generate a logical data ereport.
2160 			 */
2161 			spa_log_error(spa, zio);
2162 			zfs_ereport_post(FM_EREPORT_ZFS_DATA, spa, NULL, zio,
2163 			    0, 0);
2164 		}
2165 	}
2166 
2167 	if (zio->io_error && zio == lio) {
2168 		/*
2169 		 * Determine whether zio should be reexecuted.  This will
2170 		 * propagate all the way to the root via zio_notify_parent().
2171 		 */
2172 		ASSERT(vd == NULL && bp != NULL);
2173 
2174 		if (IO_IS_ALLOCATING(zio))
2175 			if (zio->io_error != ENOSPC)
2176 				zio->io_reexecute |= ZIO_REEXECUTE_NOW;
2177 			else
2178 				zio->io_reexecute |= ZIO_REEXECUTE_SUSPEND;
2179 
2180 		if ((zio->io_type == ZIO_TYPE_READ ||
2181 		    zio->io_type == ZIO_TYPE_FREE) &&
2182 		    zio->io_error == ENXIO &&
2183 		    spa->spa_load_state == SPA_LOAD_NONE &&
2184 		    spa_get_failmode(spa) != ZIO_FAILURE_MODE_CONTINUE)
2185 			zio->io_reexecute |= ZIO_REEXECUTE_SUSPEND;
2186 
2187 		if (!(zio->io_flags & ZIO_FLAG_CANFAIL) && !zio->io_reexecute)
2188 			zio->io_reexecute |= ZIO_REEXECUTE_SUSPEND;
2189 	}
2190 
2191 	/*
2192 	 * If there were logical child errors, they apply to us now.
2193 	 * We defer this until now to avoid conflating logical child
2194 	 * errors with errors that happened to the zio itself when
2195 	 * updating vdev stats and reporting FMA events above.
2196 	 */
2197 	zio_inherit_child_errors(zio, ZIO_CHILD_LOGICAL);
2198 
2199 	if (zio->io_reexecute) {
2200 		/*
2201 		 * This is a logical I/O that wants to reexecute.
2202 		 *
2203 		 * Reexecute is top-down.  When an i/o fails, if it's not
2204 		 * the root, it simply notifies its parent and sticks around.
2205 		 * The parent, seeing that it still has children in zio_done(),
2206 		 * does the same.  This percolates all the way up to the root.
2207 		 * The root i/o will reexecute or suspend the entire tree.
2208 		 *
2209 		 * This approach ensures that zio_reexecute() honors
2210 		 * all the original i/o dependency relationships, e.g.
2211 		 * parents not executing until children are ready.
2212 		 */
2213 		ASSERT(zio->io_child_type == ZIO_CHILD_LOGICAL);
2214 
2215 		if (IO_IS_ALLOCATING(zio))
2216 			zio_dva_unallocate(zio, zio->io_gang_tree, bp);
2217 
2218 		zio_gang_tree_free(&zio->io_gang_tree);
2219 
2220 		if (pio != NULL) {
2221 			/*
2222 			 * We're not a root i/o, so there's nothing to do
2223 			 * but notify our parent.  Don't propagate errors
2224 			 * upward since we haven't permanently failed yet.
2225 			 */
2226 			zio->io_flags |= ZIO_FLAG_DONT_PROPAGATE;
2227 			zio_notify_parent(pio, zio, ZIO_WAIT_DONE);
2228 		} else if (zio->io_reexecute & ZIO_REEXECUTE_SUSPEND) {
2229 			/*
2230 			 * We'd fail again if we reexecuted now, so suspend
2231 			 * until conditions improve (e.g. device comes online).
2232 			 */
2233 			zio_suspend(spa, zio);
2234 		} else {
2235 			/*
2236 			 * Reexecution is potentially a huge amount of work.
2237 			 * Hand it off to the otherwise-unused claim taskq.
2238 			 */
2239 			(void) taskq_dispatch(
2240 			    spa->spa_zio_taskq[ZIO_TYPE_CLAIM][ZIO_TASKQ_ISSUE],
2241 			    (task_func_t *)zio_reexecute, zio, TQ_SLEEP);
2242 		}
2243 		return (ZIO_PIPELINE_STOP);
2244 	}
2245 
2246 	ASSERT(zio->io_child == NULL);
2247 	ASSERT(zio->io_reexecute == 0);
2248 	ASSERT(zio->io_error == 0 || (zio->io_flags & ZIO_FLAG_CANFAIL));
2249 
2250 	if (zio->io_done)
2251 		zio->io_done(zio);
2252 
2253 	zio_gang_tree_free(&zio->io_gang_tree);
2254 
2255 	ASSERT(zio->io_delegate_list == NULL);
2256 	ASSERT(zio->io_delegate_next == NULL);
2257 
2258 	if (pio != NULL) {
2259 		zio_remove_child(pio, zio);
2260 		zio_notify_parent(pio, zio, ZIO_WAIT_DONE);
2261 	}
2262 
2263 	if (zio->io_waiter != NULL) {
2264 		mutex_enter(&zio->io_lock);
2265 		zio->io_executor = NULL;
2266 		cv_broadcast(&zio->io_cv);
2267 		mutex_exit(&zio->io_lock);
2268 	} else {
2269 		zio_destroy(zio);
2270 	}
2271 
2272 	return (ZIO_PIPELINE_STOP);
2273 }
2274 
2275 /*
2276  * ==========================================================================
2277  * I/O pipeline definition
2278  * ==========================================================================
2279  */
2280 static zio_pipe_stage_t *zio_pipeline[ZIO_STAGES] = {
2281 	NULL,
2282 	zio_issue_async,
2283 	zio_read_bp_init,
2284 	zio_write_bp_init,
2285 	zio_checksum_generate,
2286 	zio_gang_assemble,
2287 	zio_gang_issue,
2288 	zio_dva_allocate,
2289 	zio_dva_free,
2290 	zio_dva_claim,
2291 	zio_ready,
2292 	zio_vdev_io_start,
2293 	zio_vdev_io_done,
2294 	zio_vdev_io_assess,
2295 	zio_checksum_verify,
2296 	zio_done
2297 };
2298