Page 1 of 1

esptool protocol - Command 0x07 MEM_END question

Posted: Sat Mar 24, 2018 7:35 pm
by kolban
I am studying the esptool protocol. I am working with the excellent document found here:

https://github.com/espressif/esptool/wi ... l-Protocol

I am comparing the theory (as written up in the doc) against what is written to the console with esptool --trace enabled and also by using a logic analyzer to examine the actual UART data written.

During initial communication with the ESP32, I see the following sequence of commands:
  • 0x08 - SYNC
  • 0x0A - READ_REG
  • 0x05 - MEM_BEGIN
  • 0x07 - MEM_END
However, I am finding myself confused. Examining the MEM_BEGIN, I am seeing its parameters as:
  • Total size - 3104 bytes
  • Number of packets - 1
  • Data size in one packet - 6144 bytes
  • Memory address 0x4009 0000
The way I am interpreting this is that we are about to perform some RAM writing to memory location 0x4009 0000 for 3104 bytes.

The next command I see is MEM_END. The header seems to shows that the MEM_END command will be approx 3120 bytes (including headers). What is giving me pause here is that by reading the Github document, MEM_END feels like it should just be a marker with a flag indicating whether or not we should execute code and the entry point. This would be a payload of 8 bytes. In the MEM_END column of the document, the parameter is described as "Two 32-bit words: execute flag, entry point address". The actual observed data is (as noted) some 3120 bytes. I would have anticipated that the command following MEM_BEGIN would have been 0x08 - MEM_DATA with the actual data payload and not an over-sized MEM_END as I seem to be seeing.

Re: esptool protocol - Command 0x07 MEM_END question

Posted: Sun Mar 25, 2018 10:10 pm
by ESP_Angus
Hi Kolban,

Sorry about that, the opcodes for MEM_DATA & MEM_END had been accidentally swapped on the wiki page (they're in a non-intuitive order compared to the other BEGIN/DATA/END sequences.)

I've fixed the wiki page.

If you find yourself stuck on this kind of thing in the future, it can be worth dipping into the esptool.py source even if you're not a Python guru. ie if you search for MEM_DATA, you'll find the following two bits of code:
https://github.com/espressif/esptool/bl ... ol.py#L128
https://github.com/espressif/esptool/bl ... ol.py#L438

and then if you search for mem_block (the function which sends MEM_DATA commands, you'll find this:
https://github.com/espressif/esptool/bl ... ol.py#L507

... which gives you the exact sequence of steps being followed to upload the stub code loader (which is what you're digging into right now.)

Re: esptool protocol - Command 0x07 MEM_END question

Posted: Sat Mar 31, 2018 3:30 pm
by kolban
Thank you sir. I continue my study on this area. I have a new question that also relates to the MEM_END command. When we look in the Wiki docs, we find that the MEM_END command has two 32bit words supplies as parameters. The first word is called "execute flag" and the second word is called "entry point". For entry point, that makes sense. When the load of RAM has finished, this is the address to which the ESP32 CPU will branch. However the first word (execute_flag) is a mystery to me. By examining the code and the UART trace, I seem to see that the value 0x0000 0000 means execute. Are there other flags that may be of interest/use? Can we augment the Wiki protocol spec with information on the meaning of the different flags?