Re: [RFC][PATCH] UBI: Make MTD_UBI_FASTMAP non-experimental

From: Jesper Nilsson
Date: Tue May 09 2017 - 03:47:07 EST


Hi Richard,

I'm still worried about this failure case, do we really
believe that the flash could fail in such a way that the
fastmap is corrupted in an undetectable way?

If we do detect corruption we should be no worse off
than earlier since we should ignore the fastmap, IIRC.

Could you please elaborate on the problem you were
thinking about?

Right now I'm hesitant to use fastmap in any production code,
even if it works with my current hardware, since there is no
guarantee that the flash chips won't get replaced with a
second source option down the line...

/Jesper


On Mon, Apr 03, 2017 at 01:17:36PM +0200, Jesper Nilsson wrote:
> Hi Richard,
>
> On Thu, Mar 30, 2017 at 11:29:15PM +0200, Richard Weinberger wrote:
> > Jesper,
> >
> > Am 30.03.2017 um 19:39 schrieb Jesper Nilsson:
> > >> So we should document this with a big fat warning and set fastmap to
> > >> default=n ?
> > >
> > > Does this sound reasonable?
> > >
> > > Note that this feature makes UBI less robust, since Fastmap does not scan
> > > the full flash, which might lead to problems on misbehaving NAND chips.
> > > Only enable this if the speedup in attach is really important and
> >
> > I'm not a native English speaker, but shouldn't this be
> > "...if speedup of the attach time is important ..."
> >
> > > you can be sure that the NAND works as expected.
> >
> > Looks fine!
>
> As you saw I resent the patch with this formulation added.
>
> However, after thinking about it (and with input from some coworkers),
> could we pinpoint the failure case a bit more here?
>
> What is the exact problem behaviour on NAND chips that we're
> worried about, and in which case will UBI be less robust if
> we don't scan the full flash?
>
> My first reaction was that this was a natural conclusion,
> but if the NAND flash is failing, we should either be in the
> case that the FASTMAP is corrupted or that the original data
> is corrupted. Both should be found by current implementation.
> Or am I missing additional failure cases here?
>
> I getting a bit worried about using the feature at all,
> even if it seems to work right now...
>
> > Thanks,
> > //richard
>
> /^JN - Jesper Nilsson
> --
> Jesper Nilsson -- jesper.nilsson@xxxxxxxx

/^JN - Jesper Nilsson
--
Jesper Nilsson -- jesper.nilsson@xxxxxxxx