MFS FAT implementation and number of FAT supported?

JerryFan · ‎04-10-2013

I would like to continue this discussion about the FAT corruption.

In the MQX4.0. I found that when being mounted, the MFS did not care about the second FAT even #define MFSCFG_NUM_OF_FATS 2

Please see the code in Mfs_fat.c line 207-211

for ( i=0;i<(drive_ptr->FAT_CACHE_SIZE) && (error_code==MFS_NO_ERROR);i++ )

{

error_code = MFS_Read_device_sector (drive_ptr, drive_ptr->FAT_START_SECTOR + needed_sector + i,

(pointer) &drive_ptr->FAT_CACHE_PTR[drive_ptr->BPB.SECTOR_SIZE*i]);

}

ie. if the first FAT corrupted, it will not be recovered.

Did I miss something?

DavidS · ‎04-11-2013

Hi Chongbin,

Starting a new thread on this topic. We try to limit the questions to the original topic/subject.

The mfs_cnfg.h has define for MFSCFG_NUM_OF_FATS set to 1 by default. The note says only 1 or 2 should be used.

With respect to the MFS read of FAT, MQX only reads the first FAT.

On MSF writes it will write to all FATs.

The explanation I have heard is that in an embedded system we want to keep the RAM useage down and FAT can consume much space so we limit it.

Obviously you have access to all the code and can taylor it how you want.

I will pass this feedback to the MQXdevelopers so that they may reconsider the current implementation.

Regards,

David

JerryFan · ‎04-11-2013

Thanks a lot, David. Some customer may need the MFS can handle the power lost issue, at least, the FAT should meet the power safe requirement. So if 2 FAT used, it is reasonable to recover the first from second if the first one corrupted by power loss. This is a very common feature of FAT　FS.

pavel_chromy · ‎06-27-2013

Dear Chongbin,

the real problem is that if the two copies of FAT differ it cannot be easily justified which one is the correct one. This can only be ensured by checking FAT table consistency. If both FAT tables are consistent but still different, it is necessary to match chains in FAT tables to directory records.

In other words, complex check of consistency of all filesystem structures would be required. This is a time consuming or memory hungry task (high speed/memory tradeoff ratio) which can hardly be accomplished in an embedded system (remember checkdisk, disk doctor or similar third party tools). A side note is that there still would not be 100% recovery guarantee.

Please note that FAT filesystem was never designed with power failure safety on mind (this is not about MFS but rather a property of the FAT filesystem as such). The second FAT copy is there to provide a backup or "hint" for an offline (unmounted) filesystem recovery tool, not as a run-time recovery mechanism. So it is common that FAT filesystem implementations even on "big machines" read only the first FAT and write to both.

If real power failure safety is required then some kind of journaling filesystem has to be used instead.

FAT filesystem does not feature a journal - that is why FAT filesystem can never meet power failure safety requirements - this is a fact and MFS cannot do much about this.

Best regards, Pavel