I am implementing an emulated EEPROM in flash memory on a STM32 microprocessor, mostly based on the Application Note by ST (AN2594 – EEPROM emulation in STM32F10x microcontrollers).
The basics outline there and in the respective Datasheet and Programming manual (PM0075) are quite clear. However, I am unsure regarding the implications of power-out/system reset on flash programming and page erasure operations. The AppNote considers this case, too but does not clarify what exactly happens when a programming (write) operations is interrupted:
- Does the address have a arbitrary (random) value? OR
- Are only part of the bits written? OR
- Does it have the default erase value 0xFF?
Thanks for hints or pointers to the relevant documentation.
Best Answer
The short answer is that hardware is inherently unreliable. Something can always in theory go wrong that interrupts the write process or causes the wrong bit to be written.
The long answer is that Flash circuits are usually designed for maximum reliability. A sudden power loss on write will probably not cause corruption because the driver circuit may have enough capacitance or the capability to operate under a low-voltage condition long enough to finish draining the charge as necessary. A power loss on erasure might be trickier, because the high-voltage charge pump needs to complete its job. You really need to consult the manufacturer. The solution is probably just a sufficiently large power supply capacitor.
For a "soft" system reset with no power interruption, it would be pretty surprising if the hardware didn't always completely erase whatever bytes it was immediately working on. Usually the bytes are erased in a predefined order, so you can use the first or last ones to indicate whether a page is full or empty.
Are you trying to maintain integrity of the data with some external entity (for example, if the widget is active then its data is written), or just self-consistency of the data itself? In the latter, more reasonable case, you should focus on marking the successful completion of each write and erase operation within the Flash data stream, so incomplete operations get retried/ignored on reboot no matter the cause of failure.