Virtual memory: main memory acting as a cache for disks; disks: also called backing store; Steps in a page fault: steps marked with * are done by hardware; *1. Process executes a memory load or store instruction, or fetches an instruction; *2. The address is first feed to cache or instruction prefetch buffer, if it is there, done; *3. If it is not there, the address is feed to TLB, to try to find a page translation entry for it (note that the address is virtual address); *4. If hit in TLB, check for R/W/E permissions. If approved, take the physical page number, concatenate it with the page offset, and send the address to memory bus; If not approved, page fault! *5. If miss in TLB, MMU tries to find page table entry (topic 1); *6. If page table entry found, the entry is put to TLB --- some entry has to be replaced out of TLB, hardware-decided replacement, random replacement; *7. If MMU can't find page table entry, page fault! When page fault!, kernel gets invoked: 1. what kind of fault is it? R/W/E permission denied: terminate program and generate core-dump file, or send a signal to the program; address not in the ranges of addresses that are allowed to be referenced by the program: terminate program and generate core-dump files; else, a legitimate page fault; 2. for a legitimate page fault, let's say the virtual page that is to be faulted in is U. 2.1 First find a physical page for it (topic 2), say page P; If page P currently holds virtual page V of process Q, is the virtual page V modified since it is put in main memory? if so, write V back to the disk (topic 3); otherwise, do nothing; Change process Q's page table entry for page V (which holds translations V->P) to invalid; * invalidate the corresponding TLB entry if necessary; 2.2 Initialize the content of page P: where is U? U is currently somewhere on disk (topic 4): read U from disk (during this time, the process is blocked, and the CPU scheduler puts some other process to run on CPU); U is nowhere to be found, because the process never accessed U before: set all bytes in P to zero; 3. after P is initialized, change the page table entry for U to be U-->P, and set the entry to be valid & clean; *4. "drop the page table entry to MMU" --- put the page table entry at where the MMU can find it; 5. done with page fault processing. After the interrupt processing, when the process starts to run again: 1. retry the instruction that was not finished due to the page fault; ----------------------------------------------------------------------------- Structure of a page table entry: valid bit, R/W/E permission bits (3 bits), clean/dirty bit, reference bit; the rest: used for physical page number; Structure of a TLB entry: Process ID + virtual page number, and the above page table entry. hardware set dirty bit; ----------------------------------------------------------------------------- Not all architectures are fit for paging. Example: mov (sp)+, 10 or a block transfer instruction with source and destination overlapping each other; ----------------------------------------------------------------------------- Topic 1: how does MMU find a page table entry. Short answer: depends on the page table structure. Example 1: the SPARC architecture, three-level page table. Context number --> context table; Example 2: Inverted page tables. use hash tables to speed look-up.