usage of the standby immediate command in the ATA driver

[John-Mark Gurney]

Jay Elliott wrote this message on Tue, Nov 19, 2013 at 19:20 +0000:
> Hi freebsd-drivers,
> 
> I'm looking into some issues regarding filesystem corruption with my employer's FreeBSD6-based kernel.  We've consulted with the vendor that supplies our SSDs, and they've told us to make sure that our ATA driver is sending the ATA_STANDBY_IMMEDIATE command to the drive during shutdown after sending the ATA_FLUSHCACHE command.  I've looked into the FreeBSD9.2-version of the ata driver to see if this behavior has been changed, but as far as I can tell it also does not send the ATA_STANDBY_IMMEDATE command from ad_shutdown.

It shouldn't be necessary...  The FLUSHCACHE command is documented as
(from T13/1532D Volume 1 Revision 4 Page 111, section 6.13.8):
This command is used by the host to request the device to flush the write cache. If there is data in the write cache, that data shall be written to the media. The BSY bit shall remain set to one until all data has been successfully written or an error occurs.

If your SSD isn't writing out all the data upon completion of the
_FLUSHCACHE command, you will also run into issues w/ file system
corruption if/when your server looses power at the wrong moment...
this would be especially bad for ZFS...

An issue w/ issuing the STANDBY IMMEDIATE command is that not all drives
support it, so we'd have to add the code to detect if a drive supports
it before it's use...  Also, it's only description in the specification
is:
This command causes the device to immediately enter the Standby mode.

STANDBY IMMEDIATE says nothing about making sure data is on stable
storage or anything...

I'd recommend you tell your SSD vendor to fix their firmware or switch
to a different vendor...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."