[bug] fsck refuses to repair damaged UFS using backup superblock
Rick Macklem
rmacklem at uoguelph.ca
Sun Nov 25 15:25:25 UTC 2018
Kirk McKusick wrote:
>> To: soralx at cydem.org
>> Subject: Re: [bug] fsck refuses to repair damaged UFS using backup superblock
>> From: "Julian H. Stacey" <jhs at berklix.com>
>> Organization: http://berklix.eu BSD Unix Linux Consultants, Munich Germany
>> Date: Fri, 23 Nov 2018 02:17:20 +0100
>>
>> Hi soralx at cydem.org,
>> Added cc: <freebsd-fs at freebsd.org> to ensure file system specialists see this.
>>
>> Reference:
>>> From: <soralx at cydem.org>
>>> Date: Tue, 20 Nov 2018 05:30:00 -0800
>>
>> soralx at cydem.org wrote:
>>>
>>> Howdy!
>>>
>>> Since send-pr(1) is now gone, I guess the next option is to send a
>>> message directly to the developers...
>>>
>>> Yesterday, I ran into a bug in fsck_ffs that gave me a little scare.
>>>
>>> Short story: on -CURRENT, fsck refuses to check a FS with a corrupted
>>> superblock, even when an alternate (backup) SB location is given.
>>>
>>> Long story. I've been testing a newly-built system based on an X399
>>> platform with a 2950X CPU and an Optane 905P 480GB U.2 drive. The
>>> system ran a ~2-day old -CURRENT; when compiling newest world and
>>> kernel, I found the machine in a locked-up state. After a hard reset,
>>> boot failed because the root FS became corrupted & was not available:
>>> kernel: Superblock check-hash failed: recorded check-hash XXX != computed >check-hash YYY
>>>
>>> I have not yet figured out why the corruption happened... bad hardware?
>>> bug in the NVMe driver?
>>>
All I did was boot a pre-r339671 kernel that used the file systems and then, bingo...
>>> "OK", I thought, "No worries. We'll just boot using another disk, fsck
>>> the corrupted FS with a backup superblock, and be up in a moment".
>>> The machine was doing nothing but compiling, so no valuable data loss.
>>>
>>> So I did `dumpfs -m /dev/ada0p3` on the spare disk (which was the
>>> source for the new disk image, thus had almost identical partitions
>>> and filesystems) to get the FS details, then did `newfs -N [...]
>>> /dev/ada0p3` to find locations of superblock backups, then finally
>>> ran `fsck_ffs -b 192 /dev/nvd0p3` -- only to get the same "check-
>>> -hash failed" message, plus another strange message: "Can't open
>>> /dev/nvd0p3: [...]". Then fsck quits.
>>> Note that `fsck_ffs -b ...` on a FS with good superblock works OK.
>>>
>>> After fiddling with a debugger for a bit, I commented out the line
>>> "return (0);" in /usr/src/sbin/fsck_ffs/setup.c:136, recompiled fsck,
>>> and the FS was recovered successfully.
>>>
>>> What was actually happening: fsck's setup.c calls ufs_disk_fillout()
>>> from libufs' type.c, which in turn calls sbread() from the same
>>> library, which then calls sbget(disk->d_fd, &fs, -1) [[where '-1'
>>> is hard-coded to indicate the primary superblock]] that then simply
>>> invokes ffs_sbget from ffs kernel driver -- and this returns ENOENT,
>>> which eventually causes fsck to give up before even looking at the
>>> specified backup superblock.
>>>
>>> I don't know what exactly ufs_disk_fillout() does, but fortunately
>>> for me, fsck worked without the "sbread(disk)" part of that function
>>> having much luck on a disk with corrupted superblock. Also, I have a
>>> feeling that calling a kernel's ffs driver function when using fsck
>>> to fix a broken filesystem is not the best thing to do...
>>>
>>> Please CC, as I am not subscribed.
>>>
>>> --
>>> [SorAlx] ridin' VN2000 Classic LT
>>
>> Cheers,
>> Julian
>
>Below is a proposed fix for fsck_ffs to properly handle superblock
>check-hash failures (notably to optionally search for a usable
>alternate superblock). Let me know if you still have a filesystem
>on which you can test it, and if so whether it works correctly.
As above, I think you can reproduce this by running an older kernel that
mounts the file system. I ended up re-installing when I ran into this yesterday
(no biggy, it was just a test machine). It happened after I had been running
a kernel built from stable/12 on the system and then tried to boot it.
(Since the root fs got these errors, I couldn't boot any kernel on the root fs.)
It would be nice if there was a way to override the check and boot the system.
(Is a loader tunable reasonable for this?)
rick
More information about the freebsd-fs
mailing list