mtdblock caching and syncing
Josh Boyer
jwboyer at gmail.com
Thu Apr 9 13:16:46 EDT 2009
On Thu, Apr 09, 2009 at 12:02:47PM -0400, Doug Graham wrote:
>On Thu, Apr 09, 2009 at 10:51:00AM -0400, Josh Boyer wrote:
>> On Thu, Apr 09, 2009 at 10:15:56AM -0400, Doug Graham wrote:
>> >
>> >The problem is that a sync() or fsync() on an mtdblock device does not
>> >actually get the data all the way to the flash device. The mtdblock
>> >layer maintains its own cache of a single erase-unit (256KB in my case).
>> >If I open /dev/mtdblock0 for writing, write some stuff to it, then call
>> >fsync() but do not close the device, up to one erase-unit's worth of
>> >data may still be buffered in memory. This data is only flushed when
>> >the device is actually closed (by mtdblock_release). I think that
>> >this violates the intended semantics of sync and fsync. I shouldn't be
>> >required to do a close() to force the data to the device.
>>
>> The device in question isn't the flash. It's the mtdblock device. So
>> fsync semantics are preserved. This is the same as writing to a file
>> on a hard drive, calling fsync, and having it sit in the hard drive's
>> cache.
>
>That's a good point, and one I've wondered about before. I don't know
>much about how hard drives manage their cache, but I would assume that
>they don't leave dirty data in their cache for an unbounded period
>of time. I'd guess that data is written to the actual disk within a
>few 10s of milliseconds after being sent to the device.
Right.
>In the case of mtdblock, dirty data can stay in the cache forever.
True. And I agree that is entirely sub-optimal.
>> >I think this is fairly serious bug in a flash-based system, where there
>> >are frequently times that you want to make sure that data has actually
>> >made it all the way to the device. I think that a sync() or fsync()
>> >really ought to somehow propagate all the way down to the mtdblock layer
>> >so that mtdblock can flush its buffer.
>>
>> Why are you using mtdblock in a serious flash-based system? The fact
>> that it buffers an entire eraseblock means you risk huge data loss in
>> the event of an unclean shutdown anyway (power loss). No amount of
>> sync or fsync will fix that.
>
>We don't use mtdblock during normal operations; we use squashfs and jffs2
>(maybe ubifs sometime soon). But one job that we do use mtdblock for is
>burning loads. We could, and perhaps should, be using the char device
>instead to burn loads, except that those require specialized tools to do
>erases before writes. To avoid the need for such specialized tools, we
>just use the equivalent of dd on the mtdblock device followed by a sync.
>But that doesn't work given the behaviour I'm complaining about.
>
>It's actually a little more complicated that that. We have a system
>comprised of multiple cards. When upgrading the system from the master
>card, we're using NBD to upgrade (some) loads on remote cards. The NBD
>server running on the remote cards never closes the mtdblock device that
>it is managing, so the mtdblock_release() method never gets called.
>The NDB server cannot using the MTD character device because it knows
>nothing about the characteristics of flash, including the need to erase
>before writing. Even if it did know about erasing, we'd want it to do
>exactly the same kind of caching the mtdblock already does, so mtdblock
>does seem like a good match in this case. We can certainly modify the
>NBD server to close and reopen the device when it needs to be sure that
>data has actually been written to flash, but that seems a bit on the
>kludgy side, and doesn't help any other applications using mtdblock
>(like the dd scheme I mention above).
>
>> >Thoughts? Suggestions? Patches?
>>
>> Word-weasling aside, if you have patches that fix the behavior you don't
>> like, they would certainly be looked at. Setting pdflush to 5 seconds
>> instead of 30 would help a bit, or using the ioctl on the mtdblock device
>> that already exists to flush would help too. However you might want to
>> really look at a system design that relies on mtdblock for data integrity.
>
>What's the point of mtdblock then? All systems care about data integrity
>to some degree (some more than others, obviously), so if mtdblock makes
>no effort to preserve that integrity, where do you see it ever being
>used legitimately?
For cramfs, which is read-only. Or in cases sort of like what you describe,
where the conditions of writes are tightly controlled and failure does not
produce a bricked device that a customer is going to be grumpy about.
josh
More information about the linux-mtd
mailing list