The TRM for the Cortex-A53 has a section on direct access to various internal memories, including the L1 I-cache and D-caches. I'm successfully able to dump both tag and data for the I-cache and D-cache, but I'm having trouble making sense of the I-cache data encoding. The TRM specifies that bits [19:0] from Data Register 0 and 1 combine, in A32 or A64 state, to form a 40-bit "single pre-decoded instruction". I've successfully polluted the I-cache with long runs of NOPs and other instructions, but I've been unable to properly identify the instruction data read back from the I-cache. I can tell that the same instruction has been cached to nearly every cacheline, but I don't understand the encoding and how to convert those instructions back to the original encoding. Does anyone know of further documentation on this encoding/format? I've run multiple variations of logical (register) operators and I can tell that different nibbles correspond to things such as registers, immediates, and flags, but this is tedious.
Also, if you've read this far, why is that the L1 caches have direct access, but the L2 cache (which is optional) has no such mechanism. I assume that there is a good architectural reason, but I would expect direct access to the L2 before the L1.
Thanks!
Thanks for the replies, mwsealey and Peter!
I would be curious too, with those questions in my post history. I'm part of a research group at our university focused on SEU sensitivity testing on embedded systems. I'm always looking for new ways to gather diagnostics during our tests, hence the fun questions. I would ask you all for hints on more ways to gather data, but I assume the TRM and programming guides are about all the public documentation I can get.
Thanks for comment on the L2 caches. I've been wondering about that for a while now. I would love to deepen my architectural knowledge someday on all of this.
Best,
Alex
Dear Alex W,
It's a really long time ago when you guys discussed this interesting topic! :)
May I know more detail about the debug method you used? UART or JTAG? Especially the part of dumping L1 cache!
Also, Do you now get some ideas about gathering data in the L2 cache?
Wish you the best fortune and success!
Zilly