[Yaffs] Re: power fail testing

[Charles Manning]

On Monday 23 May 2005 09:53, Thomas Gleixner wrote:
> On Sun, 2005-05-22 at 10:14 +1200, Charles Manning wrote:
> > YAFFS currently assumes that a power failure will not destroy a write=
.
> > For the most par that should be an OK assumption since once a flash
> > programming cycle has been set up it should execute in 200uS. THere
> > should be enough residual power in the system to complete that.
>
> Hmm, thats a dangerous assumption. Assume that the WP pin is switched t=
o
> write protect mode by a reset controller which supervises the power
> supply.

Thanx Thomas I had not considered this condition.

The WP directly controls the internal high voltage charge pump that drive=
s=20
the programming. If WP goes low, the hv will droop  and the programming w=
ill=20
not complete reliably.

In most circuits I am familar with, the WP is strapped to Vcc which would=
=20
allow in-progress writes to complete.

>
> You have to handle interrupted writes. There is no guarantee for
> "atomic" programming operations. And all hacks you put into the mtd/nan=
d
> layer or YAFFS will not improve the situation. Keep this stuff as simpl=
e
> as possible and handle the rare case of interrupted page programming in
> the mount stage.

There are really two things that should be done in YAFFS to improve the=20
situation:
1) Currently YAFFS uses chunks that fail ECC. It would probably be better=
 to=20
ignore them (delete them) and consider them to be aborted writes (needs m=
ore=20
thought).
2) If an ECC failure is detected on a block, then the block is retired.=20
Perhaps instead a block should only be retired if a write fails. This wou=
ld=20
be more in tune with Toshiba's recommendations. The argument against this=
 has=20
been that I'd rather retire blocks earlier (ie before they start to go ba=
d),=20
but this should be reviewed in the light of recent evidence.

-- CHarles