While investigating about the error handling capabilities of the FFS wear level layer in MQX 18.104.22.168 I stumble about an issue.
The theoretical case is as follows:
If the FFS wants to erase a block it will turn to the BSP NFC driver implementation in mqx/io/nandflash/nfc/nfc.c : nfc_erase_block() function. In case the NAND chip failed to execute successfully the Erase Block command, this function returns NANDFLASHERR_ERASE_FAILED.
I noticed that the FFS is transforming NANDFLASHERR_* codes to its own error codes in ffs/source/wearleveling/rtos/mqx/errcode.cpp : os_err_code_to_wl().
For NANDFLASHERR_ERASE_FAILED the conversion is done to ERROR_DDI_NAND_ERASE_FAILED.
I wonder why can't find any usage of this particular error code - using grep on FFS sources.
Even not on place where I would expected it!
E.g. in Mapper::getBlock() (file: ffs/source/wearleveling/ddi/mapper/mapper.cpp) :
/* As well as setting the bit, erase physical block. */
** If the erase fails, then loop again and try again with another block. We have
** already marked the bad block as used in the phy map, so we just need to mark the
** block itself as bad.
rtCode = block.erase();
if (rtCode == ERROR_DDI_NAND_HAL_WRITE_FAILED)
/* This will mark the block used in the phymap again, but not a big deal. */
} /* Endif */
} /* Endif */
In the above snippet at line 10 the result of the block erase command is returned and instead of checking against ERROR_DDI_NAND_ERASE_FAILED, the check is made with ERROR_DDI_NAND_HAL_WRITE_FAILED and will result in marking the block as bad.
I failed to find any path of execution that block.erase() returns ERROR_DDI_NAND_HAL_WRITE_FAILED.
So, I'm fearing about a block gets never marked as bad block by FFS.