On Mar 23, 2007, at 6:13 AM, ?ukasz wrote:
> When I''m trying to do in kernel in zfs ioctl:
> 1. snapshot destroy PREVIOS
> 2. snapshot rename LATEST->PREVIOUS
> 3. snapshot create LATEST
>
> code is:
> /* delete previous snapshot */
> zfs_unmount_snap(snap_previous, NULL);
> dmu_objset_destroy(snap_previous);
>
> /* rename snapshot */
> zfs_unmount_snap(snap_latest, NULL);
> dmu_objset_rename(snap_latest, snap_previous);
>
> /* create snapshot */
> dmu_objset_snapshot(zc->zc_name,
> REPLICATE_SNAPSHOT_LATEST, 0);
>
> I get kernel panic.
>
> MDB
>> ::status
> debugging crash dump vmcore.3 (32-bit) from zfs.dev
> operating system: 5.11 snv_56 (i86pc)
> panic message: BAD TRAP: type=8 (#df Double fault) rp=fec244f8
> addr=d5904ffc
> dump content: kernel pages only
This is most likely due to stack overflow.
You''re stack is 0xd421cfac - 0xd421b04c = 0t8032 bytes.
The PAGESIZE on x86/x64 machines is 4k and the DEFAULTSTKSZ for 32bit
is 8k (2 * PAGESIZE) and 20k (5 * PAGESIZE) for amd64. So
you''''ve
blown your stack of 8k. This is mostly due to:
6354519 stack overflow in zfs due to zio pipeline
Running on a 64bit machine would also help.
eric
>
> This happens only when the ZFS filesystem is loaded with I/O
> operations.
> ( I copy studio11 folder on this filesystem. )
>
> MDB ::stack show nothing, but walking threads I found:
>
> stack pointer for thread d8ff9e00: d421b028
> d421b04c zio_pop_transform+0x45(d9aba380, d421b090, d421b070,
> d421b078)
> d421b094 zio_clear_transform_stack+0x23(d9aba380)
> d421b200 zio_done+0x12b(d9aba380)
> d421b21c zio_next_stage+0x66(d9aba380)
> d421b230 zio_checksum_verify+0x17(d9aba380)
> d421b24c zio_next_stage+0x66(d9aba380)
> d421b26c zio_wait_for_children+0x46(d9aba380, 11, d9aba570)
> d421b280 zio_wait_children_done+0x18(d9aba380)
> d421b298 zio_next_stage+0x66(d9aba380)
> d421b2d0 zio_vdev_io_assess+0x11a(d9aba380)
> d421b2e8 zio_next_stage+0x66(d9aba380)
> d421b368 vdev_cache_read+0x157(d9aba380)
> d421b394 vdev_disk_io_start+0x35(d9aba380)
> d421b3a4 vdev_io_start+0x18(d9aba380)
> d421b3d0 zio_vdev_io_start+0x142(d9aba380)
> d421b3e4 zio_next_stage_async+0xac(d9aba380)
> d421b3f4 zio_nowait+0xe(d9aba380)
> d421b424 vdev_mirror_io_start+0x151(deab5cc0)
> d421b450 zio_vdev_io_start+0x14f(deab5cc0)
> d421b460 zio_next_stage+0x66(deab5cc0)
> d421b470 zio_ready+0x124(deab5cc0)
> d421b48c zio_next_stage+0x66(deab5cc0)
> d421b4ac zio_wait_for_children+0x46(deab5cc0, 1, deab5ea8)
> d421b4c0 zio_wait_children_ready+0x18(deab5cc0)
> d421b4d4 zio_next_stage_async+0xac(deab5cc0)
> d421b4e4 zio_nowait+0xe(deab5cc0)
> d421b520 arc_read+0x3cc(d8a2cd00, da9f6ac0, d418e840, f9e55e5c,
> f9e249b0, d515c010)
> d421b590 dbuf_read_impl+0x11b(d515c010, d8a2cd00, d421b5cc)
> d421b5bc dbuf_read+0xa5(d515c010, d8a2cd00, 2)
> d421b5fc dmu_buf_hold+0x7c(d47cb854, 4, 0, 0, 0, 0)
> d421b654 zap_lockdir+0x38(d47cb854, 4, 0, 0, 1, 1)
> d421b690 zap_lookup+0x23(d47cb854, 4, 0, d421b6e0, 8, 0)
> d421b804 dsl_dir_open_spa+0x10a(da9f6ac0, d8fde000, f9e7378f,
> d421b85c, d421b860)
> d421b864 dsl_dataset_open_spa+0x2c(0, d8fde000, 1, debe83c0,
> d421b938)
> d421b88c dsl_dataset_open+0x19(d8fde000, 1, debe83c0, d421b938)
> d421b940 dmu_objset_open+0x2e(d8fde000, 5, 1, d421b970)
> d421b974 dmu_objset_snapshot_one+0x2c(d8fde000, d421b998)
> d421bdb0 dmu_objset_snapshot+0xaf(d8fde000, d4c6a3e8, 0)
> d421c9e8 zfs_ioc_replicate_send+0x1ab(d8fde000)
> d421ce18 zfs_ioc_sendbackup+0x126()
> d421ce40 zfsdev_ioctl+0x100(2d80000, 5a1e, 8046cac, 100003,
> d5938650, d421cf78)
> d421ce6c cdev_ioctl+0x2e(2d80000, 5a1e, 8046cac, 100003,
> d5938650, d421cf78)
> d421ce94 spec_ioctl+0x65(d6591780, 5a1e, 8046cac, 100003,
> d5938650, d421cf78)
> d421ced4 fop_ioctl+0x27(d6591780, 5a1e, 8046cac, 100003,
> d5938650, d421cf78)
> d421cf84 ioctl+0x151()
> d421cfac sys_sysenter+0x101()
>
>> $r
> %cs = 0x0158 %eax = 0x00000000
> %ds = 0x0160 %ebx = 0xe58abac0
> %ss = 0x0160 %ecx = 0x00000000
> %es = 0x0160 %edx = 0x00000018
> %fs = 0x0000 %esi = 0x00000000
> %gs = 0x01b0 %edi = 0x00000000
>
> %eip = 0xfe8ebd71 kmem_free+0x111
> %ebp = 0x00000000
> %esp = 0xfec24530
>
> %eflags = 0x00010246
> id=0 vip=0 vif=0 ac=0 vm=0 rf=1 nt=0 iopl=0x0
> status=<of,df,IF,tf,sf,ZF,af,PF,cf>
>
> %uesp = 0xd5905000
> %trapno = 0x8
> %err = 0x0
>
> I was trying to cause error from command line:
> [root at zfs ~]# zfs destroy solaris/test at previous ; zfs rename
> solaris/test at latest solaris/test at previous; zfs snapshot solaris/
> test at latest
>
> but without success.
> Any idea ?
>
>
> This message posted from opensolaris.org
> _______________________________________________
> zfs-discuss mailing list
> zfs-discuss at opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/zfs-discuss