.. _mon51-protocol: MON51 protocol ************** This describes parts of the protocol used by MON51, as found by reverse engineering. All numbers are hexadecimal. Handshake ========= When the response differs, restart the handshake. 1. Send ``11`` 2. Receive ``FF`` 3. Send ``11`` 4. Receive ``00`` Commands ======== Commands follow this general structure: * 1 byte: type * data * 1 byte: checksum The checksum is correct if the 8 bit sum of all bytes is ``00``. ``02``: Write memory -------------------- * 1 byte: memory type * 2 bytes: address (high low) * 1 byte: length * data Response: Same as ``0E 00 01`` (?) ``04``: Read memory ------------------- * 1 byte: memory type * 2 bytes: address (high low) * 1 byte: length Memory types ............ ``00`` returns the program counter. Address and length appear to be ignored. ``01`` is the indirect memory. ``02`` is the external memory. ``03`` appears to return all zeroes. ``04`` is the direct memory. (internal, sfr) ``05`` is the code memory. ``06`` is unknown. ``07`` and higher appear to be test/debug sequences from mon51, multiplying a number by 2 each address. ``06``: Unknown --------------- ``03 80 00 00 00`` Response: ``06 00`` ``08``: Get registers --------------------- ``08 00``: Run up to .................... ``01 05 (start addr) 05 (end addr)`` Response: ``06 00`` plus run, recover with resync ``08 01``: Get registers ........................ ``01 00 00 00 00 00 00`` (unknown) Response: ``02`` A B R0-R7 DPTR PC ``C1 00 00 00`` SP? ``00`` ``0C``: Step into ----------------- Response: unknown ``0E``: ? --------- ``0E 00``: Get instruction? ........................... ``01`` Response: ``06 00`` ``0E 02``: ? ............ ``01`` Response: ``06 00`` ``10``: ?? ---------- ``10 01``: set to run? ...................... Response: ``06 00`` ``10 02``: activate/break? .......................... Response: ``06 00`` ``1B``: stop ------------ Handshake required after sending stop Responses ========= ``02``: Data follows -------------------- Only data bytes. Has checksum. ``06``: OK? ----------- Often seen with ``00`` followed by the string ``V3.0`` in ASCII, but it seems to be different after running.