Problem-Finding
When the X1 Master system is powered off, the SSD is actually abnormally powered off, which causes some thinking.
➡️Reflection
Before powering off the Master system, the Master system updates and saves the file system information to the MRAM according to the pre-shutdown command sent by the upper computer. Then, the Master system is powered off.
However, in this case, SSD is equivalent to a SPOR (system power down suddenly), so whether the SSD cache user data is not saved in time or the mapping table fails to flush into the flash memory.
How to perform an SSD normal power failure
The first thing that comes to mind is that there must be a flush instruction that tells SSDs to save all cache drops and map updates.
After checking the ATA protocol, it was found that Idle Immediately, before the power failure, the host notified THE SSD through the command. After receiving the command, the SSD would mainly do the following:
(1) Flush the user data cached in the buffer into flash memory.
(2) Swipe the mapping table into flash memory.
(3) write the block information of the flash memory into the flash memory (such as which flash memory block is currently written, which position of the flash memory block, which flashes memory block has been written, which flash memory block is invalid, etc.).
(4) Write other SSD information into flash memory.
The host stops powering on the SSD only after the SSD processes the preceding tasks. A normal power failure does not cause data loss. After the SSD is powered on again, it only needs to load the relevant information (such as mapping data and flash block information) saved before the power failure continues working.
What if there is an abnormal power failure?
▶ Impact of SSD abnormal power failure
The so-called abnormal power failure refers to the SSD being powered off without receiving a power-off notification from the host. Or you get a power-off notification from your mainframe, but the power goes out before you can do anything about it. An abnormal power failure may cause data loss. For example, data cached on SSDs cannot be written to the flash memory. In addition, according to the characteristics of flash memory, if the power failure occurs on the Upper page of the MLC, the corresponding Lower page data will be damaged, which means that the data written to the flash memory may also be lost due to an abnormal power failure.
▶ Why does the measured abnormal power failure have no effect
In fact, in our project, every system power down was an abnormal power failure for SSDs, but the test results showed that data read from the disk was never lost.
After checking the data, it was found that a simple design to prevent data loss caused by an abnormal power failure is to put a capacitor on the SSD. Once the SSD detects a power failure, the capacitor starts discharging and then flushes the RAM data onto the flash memory to avoid data loss. Enterprise-class SSDs typically have capacitors. For SSDs with capacitors, you still need to design an abnormal power failure handling module, because capacitors cannot ensure that all the SSD information will be flushed into the flash memory before power failure.
We confirmed with the customer that the SSD we are currently using has capacitor power failure protection. After an abnormal power failure, the SSD controller can still work for about 20ms, which is enough to save the Mapping table, so there has been no data damage in the test.
Other methods to prevent abnormal power failure
A more progressive idea was to replace RAM as Volatile with non-volatile, but with something that was NonVolatile in performance close to RAM. Thus, the entire SSD is non-volatile. One option is 3D XPoint, developed by Intel and Micron. 3D XPoint features flash power loss protection and fast memory access.
END.
