ESP32 Forum

Is the (NVS) flash memory on board the ESP32 integrity checked between boot-ups? The structure of entry into the NVS memory for ints, strings and blobs contains a CRC32 checksum over the bytes in the entry (apart from the CRC field itself) according to the espressif documents, but there is no mention of whether the value in NVS is integrity checked when the device boots up or if the NVS value is accessed. Why is this CRC32 checksum in place if it is not being used? Or how is it used if it hasn't been documented.

There is mention of the partition table used to describe partitions in flash, being integrity checked during boot-up with a MD5 checksum. This is exactly the feature that I am looking for, but it seems to be limited to the partition table. If there was an event of the flash being corrupted but the partition table was unaffected, could the ESP32 load up corrupted values from the NVS flash? Is there some sort of error detection on board the ESP32 for flash memory corruption?

I have found the error code which corresponds to an invalid CRC check called: ESP_ERR_INVALID_CRC. I don't see the NVS API returning this as a valid error code in the documentation though, can the nvs_get or the nvs_get_str return this error code in any circumstances?

Thanks a lot for any advice or help on this issue.

Aary

I'm decently sure the CRC is checked on read of a NVS item; if the CRC does not match, the item is not seen as valid and will be skipped. As NVS is effectively a journalling FS, this means it will use an older value if available, or returns the item cannot be found if not.

ESP_Sprite wrote: I'm decently sure the CRC is checked on read of a NVS item; if the CRC does not match, the item is not seen as valid and will be skipped. As NVS is effectively a journalling FS, this means it will use an older value if available, or returns the item cannot be found if not.

Thanks a lot for this reply it is very helpful. It is exactly what I was looking for. Can you point me towards any documentation or files in the esp-idf project that could help me double check that the CRC is checked on reading an NVS item?

That's very interesting about the NVS being an journaling FS. If the NVS cannot return the correct value, what would the return error code be? Would it be ESP_ERR_NVS_INVALID_NAME or ESP_ERR_NVS_REMOVE_FAILED? I am looking through the return codes for the nvs_set_str() function and I am not 100% sure what the error code would be in this instance.

The internals of the NVS subsystem are described in the docs (under the 'internals' header). As I said before, from what I remember corrupted NVS entries simply 'don't exist' according to nvs, so when trying to read one of those, NVS will return either an earlier, uncorrupted value, or ESP_ERR_NVS_NOT_FOUND if no earlier version can be found.

Thanks a lot ESP_Sprite you've been tremendously helpful with this issue.