
8. Flash Devices and Flash File System Support
29
TrueFFS can recover from the fault in all cases except when new data is being
written to flash for the first time. In this case, the new data is lost. However, once
data is safely written to flash, it is essentially immune to power failures. All data
already resident in flash is recoverable, and the file and directory structures of the
disk are retained. In fact, the only negative consequence of a power interruption or
fault is the need to restart any incomplete garbage collection operations. The
following sections describe fault occurrence and fault recovery in TrueFFS.
Recovering During a Write Operation
A write or erase operation can fail because of a hardware problem or a power
failure. As mentioned in above, TrueFFS uses an “erase after write” algorithm, in
which the previous data is not erased until after the update operation has
successfully completed. To prevent the possible loss of data, TrueFFS monitors and
verifies the success of each write operation, using a register in which the actual
written data is read back and compared to the user data. Therefore, a data sector
cannot be in a partially written state. If the operation completes, the new sector is
valid; if the update fails, the old data is not lost or in any way corrupted.
TrueFFS verifies each write operation, and automatically attempts a second write
to a different area of flash after any failure. This ensures the integrity of the data by
making failure recovery automatic. This write-error recovery mechanism is
especially valuable as the flash medium approaches its cycling limit (end-of-life).
At that time, flash write/erase failures become more frequent, but the only
user-observed effect is a gradual decline in performance (because of the need for
write retries).
Recovering Mapping Information
TrueFFS stores critical mapping information in flash-resident memory, thus it is
not lost during an interruption such as a power loss or the removal of the flash
medium. TrueFFS does, however, use a RAM-resident mapping table to track the
contents of flash memory. When power is restored or the medium reconnected, the
RAM-resident version of the flash mapping table is reconstructed (or verified)
from flash-resident information.
NOTE: Mapping information can reside anywhere on the medium.However, each
erase unit in flash memory maintains header information at a predictable location.
By carefully cross-checking the header information in each erase unit, TrueFFS is
able to rebuild or verify a RAM copy of the flash mapping table.
Komentáře k této Příručce