I have never heard of a flash memory chip (or processor with internal flash) that has sufficient energy storage internally to complete a write (or erase) cycle if external power should be removed. In other words, if you don't have control over when your system powers down, you always need to create a protocol that can detect and deal with any individual flash update operation that might have been interrupted.
One way around this is to provide the necessary energy storage (e.g., an electrolytic capacitor) on your board, such that you can detect an external power failure, yet still complete any write/erase operation that may have already started.
EDIT: Your write buffer concept could be used with the external flash, but it needs to be modified to take into account the larger erase granularity. According to the datasheet, the minimum erase size is one "sector" (4K bytes).
You'll need to reserve three sectors for your write buffer. One of these will hold your READY flag (call this the WB_R wector). The second will hold the sector address of the sector being updated (call this the WB_A sector). The third will hold the updated data for that sector (call this the WB_D sector).
To update any particular byte (or a group of bytes in a single sector), follow the following steps. We assume that WB_R is already erased.
- Erase WB_A.
- Locate the flash sector that contains the byte you want to change (call this the DEST sector).
- Write the sector address of DEST to WB_A.
- Erase WB_D.
- Copy the contents of DEST to WB_D, but when you get to the byte(s) that you're changing, write the new value(s) to WB_D instead of the old value(s).
- Set the READY flag in WB_R. Note that this means you change it to its non-erased state. Since the erased state is 0xFF, this means that you write 0x00.
- Erase DEST (getting the sector address from WB_A).
- Copy the contents of WB_D to DEST.
- Erase WB_R.
On power up, check the READY flag, and if it's set (anything other than 0xFF — it may have been only partially written or partially erased), jump directly to step 7.
Note that with this algorithm, each of the write buffer sectors gets written and erased at least once for each write operation you do. This could become a problem if you do a lot (more than 100,000) of writes over the lifetime of the product. If that's the case, you'll need a more sophisticated wear-leveling algorithm.
FATFS is a bad choice to use directly on a flash chip without any intermediate translation layer, as writing the FAT will overwrite the same sector again and again, causing these cells to wear out quickly.
You cannot reliably determine whether a certain block has been erased. If it reads back as only ones, the chance is fairly high that this is an empty, usable block, but it could also be a block that was in the process of being erased when the power went out, so some of the bits might be unstable. A flash file system should be aware of this, and explicitly mark blocks it has successfully erased with a specific marker.
The only way to be sure is to either perform an erase immediately before, or to have a note somewhere that a certain block has been erased.
You will erase the entire block, which contains 8 sectors. If any of these sectors already contains data, it will be erased as well, which you want to avoid.
As said, FAT is not suitable for use in this way.
Best Answer
I presume your test unit uses a different physical chip. There is a huge variability of erase times possible from chip-to-chip and with supply voltage, and different ways of writing/erasing. I also presume you're not writing a file system, because that has a different set of challenges.
But the simplest thing.. are you checking the busy flag before reading the sentinel location? If the chip is in the middle of a page erase it could go off the radar for many (like 35) milliseconds.