Memory Management Unit Research Articles

Dynamic binary translation specialized for embedded systems

This paper describes the design and implementation of a novel dynamic binary translation technique specialized for embedded systems. Virtual platforms have been widely used to develop embedded software and dynamic binary translation is essential to boost their speed in simulations. However, unlike application simulation, the code generated for systems simulation is still slow because the simulator must replicate all of the functions of the target hardware. Embedded systems, which focus on providing one or a few functions, utilize only a small portion of the processor's features most of the time. For example, they may use a Memory Management Unit (MMU) in a processor to map physical memory to effective addresses, but they may not need paged memory support as in an OS. We can exploit this to specialize the dynamically translated code for more performance. We built a specialization framework on top of a functional simulator with a dynamic binary translator. Using the framework, we implemented three specializers for an MMU, bi-endianness, and register banks. Experiments with the EEMBC1.1 benchmark showed that the speed of the specialized code was up to 39% faster than the unspecialized code.

Page Protection in Multithreaded Systems

With reference to a classical address translation scheme supporting the notion of a paged virtual address space, and a program execution environment in which programs are allowed to have multiple concurrent threads of execution, we present a low-cost addition to the usual hardware inside the memory management unit aimed at supporting page protection at the thread level. The resulting protection system makes it possible to define several distinct protection domains within the boundaries of the same virtual space. Different threads of the same process can have different domains, and the access rights of a given thread can change dynamically as a consequence of actions of amplification and reduction of access privileges, so that at any given time the running thread is given the smallest set of access rights that is necessary for that thread at that time to carry out its job. Rather than protecting applications from software attacks of malicious code, our protection environment is aimed at limiting the consequences of programming errors, for instance, when an otherwise secure program is extended by the addition of unverified foreign code, e.g. a plugin that is prone to corrupt and even crash the main process, or a device driver executed in the same virtual space as the operating system kernel. We do not force the user to adhere to a specific protection model. Instead, our protection system features a set of hardware/software mechanisms that makes it possible to implement different protection paradigms at little effort.

MEMMU

Random access memory (RAM) is tightly constrained in the least expensive, lowest-power embedded systems such as sensor network nodes and portable consumer electronics. The most widely used sensor network nodes have only 4 to 10KB of RAM and do not contain memory management units (MMUs). It is difficult to implement complex applications under such tight memory constraints. Nonetheless, price and power-consumption constraints make it unlikely that increases in RAM in these systems will keep pace with the increasing memory requirements of applications. We propose the use of automated compile-time and runtime techniques to increase the amount of usable memory in MMU-less embedded systems. The proposed techniques do not increase hardware cost, and require few or no changes to existing applications. We have developed runtime library routines and compiler transformations to control and optimize the automatic migration of application data between compressed and uncompressed memory regions, as well as a fast compression algorithm well suited to this application. These techniques were experimentally evaluated on Crossbow TelosB sensor network nodes running a number of data-collection and signal-processing applications. Our results indicate that available memory can be increased by up to 50% with less than 10% performance degradation for most benchmarks.

Polymorphism and page tables

With features that include lightweight syntax, expressive type systems, and deep semantic foundations, functional languages are now being used to develop an increasingly broad range of complex, real-world applications. In the area of systems software, however, where performance and interaction with low-level aspects of hardware are central concerns, many practitioners still eschew the advantages of higher-level languages for the potentially unsafe but predictable behavior of traditional imperative languages like C. It is ironic that critical applications such as operating systems kernels, device drivers, and VMMs - where a single bug could compromise the reliability or security of a whole system - are among the least likely to benefit from the abstractions and safety guarantees of modern language designs. Over the last few years, our group has been investigating the potential for using Haskell to develop realistic operating systems that can boot and run on bare metal. The House system, developed primarily by Thomas Hallgren and Andrew Tolmach, demonstrates that it is indeed possible to construct systems software in a functional language. But House still relies on a layer of runtime support primitives - some written using unsafe Haskell primitives and others written in C - to provide services ranging from garbage collection to control of the page table structures used by the hardware memory management unit. We would like to replace as much of this layer as possible with code written in a functional language without compromising on type or memory safety. Our experiences with House have led us to believe that a new functional language is required to reflect the needs of the systems domain more directly. Interestingly, however, we have concluded that this does not require fundamental new language design. In this invited talk, I will give an update on the current status of our project and I will describe how we are leveraging familiar components of the Haskell type system - including polymorphism, kinds, qualified types and improvement - to capture more precise details of effect usage, data representation, and termination. I will also discuss the challenges of writing and compiling performance-sensitive code written in a functional style. It was once considered radical to use C in place of assembly language to construct systems software. Is it possible that functional languages might one day become as commonplace in this application domain as C is today?

Dynamic scratchpad memory management for code in portable systems with an MMU

In this work, we present a dynamic memory allocation technique for a novel, horizontally partitioned memory subsystem targeting contemporary embedded processors with a memory management unit (MMU). We propose to replace the on-chip instruction cache with a scratchpad memory (SPM) and a small minicache. Serializing the address translation with the actual memory access enables the memory system to access either only the SPM or the minicache. Independent of the SPM size and based solely on profiling information, a postpass optimizer classifies the code of an application binary into a pageable and a cacheable code region. The latter is placed at a fixed location in the external memory and cached by the minicache. The former, the pageable code region, is copied on demand to the SPM before execution. Both the pageable code region and the SPM are logically divided into pages the size of an MMU memory page. Using the MMU's pagefault exception mechanism, a runtime scratchpad memory manager (SPMM) tracks page accesses and copies frequently executed code pages to the SPM before they get executed. In order to minimize the number of page transfers from the external memory to the SPM, good code placement techniques become more important with increasing sizes of the MMU pages. We discuss code-grouping techniques and provide an analysis of the effect of the MMU's page size on execution time, energy consumption, and external memory accesses. We show that by using the data cache as a victim buffer for the SPM, significant energy savings are possible. We evaluate our SPM allocation strategy with fifteen applications, including H.264, MP3, MPEG-4, and PGP. The proposed memory system requires 8% less die are compared to a fully-cached configuration. On average, we achieve a 31% improvement in runtime performance and a 35% reduction in energy consumption with an MMU page size of 256 bytes.

Exploration of distributed shared memory architectures for NoC-based multiprocessors

Multiprocessor system-on-chip (MP-SoC) platforms represent an emerging trend for embedded multimedia applications. To enable MP-SoC platforms, scalable communication-centric interconnect fabrics, such as networks-on-chip (NoCs), have been recently proposed. The shared memory represents one of the key elements in designing MP-SoCs to provide data exchange and synchronization support. This paper focuses on the energy/delay exploration of a distributed shared memory architecture, suitable for low-power on-chip multiprocessors based on NoC. A mechanism is proposed for the data allocation on the distributed shared memory space, dynamically managed by an on-chip hardware memory management unit (HwMMU). Moreover, the exploitation of the HwMMU primitives for the migration, replication, and compaction of shared data is discussed. Experimental results show the impact of different distributed shared memory configurations for a selected set of parallel benchmark applications from the power/-performance perspective. Furthermore, a case study for a graph exploration algorithm is discussed, accounting for the effects of the core mapping and the network topology on energy and performance at the system level.

The Perm architecture approach: Supporting embedded system development

Abstract Despite of innovations in computer science software technology as high level languages, object-oriented programming, memory management units and operating systems with some security functions, software is still afflicted with the fault of a certain unreliability. Coarse-grained segment or page protection mechanism in hardware works with fix-sized memory blocks. A sufficient technique for a fine-grained protection mechanism down to a byte size resolution is still missing. This work has led to the new PERM (Protection Enhanced RISC Machine) processor architecture introducing a new approach to this problem. The load-store architecture of a RISC machine leads to a consistent realization of an enhanced address pointer procedure. This is combined with the ability to use much more information about the data objects and implements an effective data protection of all data in the processor's address range. This paper shows the effectiveness of the processor enhancement and gives some hints for its use inside embedded system development.

EVector: An Efficient Vector Implementation – Using Virtual Memory for Improving Memory

Every modern operating system provides some form of virtual memory to its applications. Usually, a hardware memory management unit (MMU) exists to efficiently support this. Although most operating systems allow user programs to indirectly control the MMU, few programs or programming languages actually make use of this facility. This article explores how the MMU can be used to enhance memory handling for resizable arrays. A reference implementation in C++ demonstrates its usability and superiority compared to the standard C++ vector class, and how to combine the scheme with an object‐oriented environment. A number of other improvements, based on newly emerged insights in C++ are also presented.

A low-power 2.5-GHz 90-nm level 1 cache and memory management unit

The design of a 90-nm virtually addressed cache subsystem with separate 32-kB instruction and data caches is described. The circuits and microarchitecture are illustrated, including architecture level trace data validating low-power features and provisions to support snooping while maintaining the latency and power of virtual addressing. Low-power memory management unit design including a translation lookaside buffer with process identifier mapping is also described. Level 1 caches with support for high bandwidth, single cycle 256 bit fill and evict, as well as features for low power are also described. The design approaches are validated through both simulation and experimental results.

Enhanced Symbolic Simulation for Functional Verification of Embedded Array Systems

Symbolic simulation is an effective approach for verifying individual array blocks. This paper presents two methods to enhance the capacity of symbolic simulation for handling large and complex embedded array systems. The first method combines an ATPG decision procedure with symbolic simulation. By developing a scheme that enables the ATPG to work effectively with a symbolic simulator, the run-time OBDD sizes can be limited. In the second method, we propose a "dual-rail" symbolic simulator where a given design is partitioned implicitly into control and datapath domains. Symbolic simulation is carried out simultaneously on both domains. We demonstrate and compare the effectiveness of both methods based on verification of the Memory Management Unit (MMU) in Motorola high-performance microprocessors.

An embedded 32-b microprocessor core for low-power and high-performance applications

An embedded RISC microprocessor core fabricated in a six-layer metal 0.18-/spl mu/m CMOS process implementing the ARM/sup TM/ V.5TE instruction set is described. The core described is the first implementation of the Intel XScale Microarchitecture/sup TM/. The microprocessor core, which includes caches, memory management units, and a bus controller, comprises a hard-embedded block 16.77 mm/sup 2/ in size. The implementation is primarily custom logic in a variety of circuit styles. The processor dissipates 450 mW at 1.3 V, 600 MHz, and scales between 55 mW at 0.7 V, 200 MHz, and 900 mW at 1.65 V 800 MHz. Architectural performance is 1000 MIPS at 800 MHz with efficiency ranging from over 850 MIPS/W at 1.65 V to over 4500 MIPS/W at 0.75 V. Architectural and circuit design approaches for low power and high performance are described and measured results from the initial implementation are shown. The first implementation VLSI chip has a 3.3-V pin interface and supports a 0.75-1.65-V core voltage range.

A look at several memory management units, TLB-refill mechanisms, and page table organizations

Virtual memory is a staple in modem systems, though there is little agreement on how its functionality is to be implemented on either the hardware or software side of the interface. The myriad of design choices and incompatible hardware mechanisms suggests potential performance problems, especially since increasing numbers of systems (even embedded systems) are using memory management. A comparative study of the implementation choices in virtual memory should therefore aid system-level designers.This paper compares several virtual memory designs, including combinations of hierarchical and inverted page tables on hardware-managed and software-managed translation lookaside buffers (TLBs). The simulations show that systems are fairly sensitive to TLB size; that interrupts already account for a large portion of memory-management overhead and can become a significant factor as processors execute more concurrent instructions; and that if one includes the cache misses inflicted on applications by the VM system, the total VM overhead is roughly twice what was thought (10--20% rather than 5--10%).

A look at several memory management units, TLB-refill mechanisms, and page table organizations

Virtual memory is a staple in modem systems, though there is little agreement on how its functionality is to be implemented on either the hardware or software side of the interface. The myriad of design choices and incompatible hardware mechanisms suggests potential performance problems, especially since increasing numbers of systems (even embedded systems) are using memory management. A comparative study of the implementation choices in virtual memory should therefore aid system-level designers.This paper compares several virtual memory designs, including combinations of hierarchical and inverted page tables on hardware-managed and software-managed translation lookaside buffers (TLBs). The simulations show that systems are fairly sensitive to TLB size; that interrupts already account for a large portion of memory-management overhead and can become a significant factor as processors execute more concurrent instructions; and that if one includes the cache misses inflicted on applications by the VM system, the total VM overhead is roughly twice what was thought (10--20% rather than 5--10%).

Multi-View Memory Support to Operating Systems in Locking for Transaction and Database Systems

Database (DB) and transaction processing systems utilize their own locking of data items instead of using locking services provided by operating systems (OSs). There are two major reasons for this, one deals with the size of lockable items while the other one with efficiency: (i) OSs provide efficient locking of pages by utilizing the Memory Management Unit. The problem is that the system page size is much too large for locking in transaction or DB systems. (ii) Invocation of OS locking services by applications results in context switching, and in many systems in heavy weight context switching, thus greatly reducing efficiency. The focus of this paper is to investigate the use of the Multi-View Memory (MVM) model and its supporting architecture in providing efficient locking services for transaction processing or DB systems. The model provides for enforcement of access-control protocols through finite-state machine (FSM) specification on units of data that can vary in size from one region of memory to another. The locking protocol is specified by an FSM definition and thus facilitates locking of variable-sized data items by threads executing transactions. Threads executing transactions do not explicitly request locks on data items—they simply access the data items while locking is performed automatically and in many instances without software intervention. This is facilitated by hardware assistance in that the FSM definitions and lock unit state information are stored in caches. Only when a thread is suspended are the state changes communicated to the software lock manager. Delays for lock acquisitions through the MVM model architecture are determined and compared with delays due to lock acquisition by a conventional lock manager.

The microprocessor today

Outlines technology and business issues in today's microprocessor industry. From their humble beginnings 25 years ago, microprocessors have proliferated into an astounding range of chips, powering devices ranging from telephones to supercomputers. Today, microprocessors for personal computers get widespread attention-and have enabled Intel to become the world's largest semiconductor maker. In addition, embedded microprocessors are at the heart of a diverse range of devices that have become staples of consumers worldwide. Microprocessors have become specialized in many ways. Those for desktop computers fall into classes based on their instruction set architectures: either x86, the primary surviving complex instruction set computing (CISC) architecture, or one of the five major reduced instruction set computing (RISC) architectures-PA-RISC, Mips, Spare, Alpha, and PowerPC. Such chips typically integrate few functions other than cache memory and bus interfaces with the processor but usually include a floating-point unit and memory management unit. Embedded microprocessors, on the other hand, typically do not have floating-point or memory management units but often integrate various peripheral functions with the processor to reduce system cost.

Embra

This paper describes Embra, a simulator for the processors, caches, and memory systems of uniprocessors and cache-coherent multiprocessors. When running as part of the SimOS simulation environment, Embra models the processors of a MIPS R3000/R4000 machine faithfully enough to run a commercial operating system and arbitrary user applications. To achieve high simulation speed, Embra uses dynamic binary translation to generate code sequences which simulate the workload. It is the first machine simulator to use this technique. Embra can simulate real workloads such as multiprocess compiles and the SPEC92 benchmarks running on Silicon Graphic's IRIX 5.3 at speeds only 3 to 9 times slower than native execution of the workload, making Embra the fastest reported complete machine simulator. Dynamic binary translation also gives Embra the flexibility to dynamically control both the simulation statistics reported and the simulation model accuracy with low performance overheads. For example, Embra can customize its generated code to include a processor cache model which allows it to compute the cache misses and memory stall time of a workload. Customized code generation allows Embra to simulate a machine with caches at slowdowns of only a factor of 7 to 20. Most of the statistics generated at this speed match those produced by a slower reference simulator to within 1%. This paper describes the techniques used by Embra to achieve high performance, focusing on the requirements unique to machine simulation, including modeling the processor, memory management unit, and caches. In order to study Embra's memory system performance we use the SimOS simulation system to examine Embra itself. We present a detailed breakdown of Embra's memory system performance for two cache hierarchies to understand Embra's current performance and to show that Embra's implementation techniques benefit significantly from the larger cache hierarchies that are becoming available. Embra has been used for operating system development and testing as well as for studies of computer architecture. In this capacity it has simulated large, commercial workloads including IRIX running a relational database system and a CAD system for billions of simulated machine cycles.

Fault-tolerant features in the HaL memory management unit

This paper describes fault-tolerant and error detection features in HaL's memory management unit (MMU). The proposed fault-tolerant features allow recovery from transient errors in the MMU. It is shown that these features were natural choices considering the architectural and implementation constraints in the MMU's design environment. Three concurrent error detection and correction methods employed in address translation and coherence tables in the MMU are described. Virtually-indexed and virtually-tagged cache architecture is exploited to provide an almost fault-secure hardware coherence mechanism in the MMU, with very small performance overhead (less than 0.01% in the instruction throughput). Low overhead linear polynomial codes have been chosen in these designs to minimize both the hardware and software instrumentation impact. >

SPARC64: a 64-b 64-active-instruction out-of-order-execution MCM processor

We report the first implementation of the new SPARC V9 64-b instruction set architecture. The HaL processor called SPARC64 is a ceramic Multi-Chip Module (MCM) that contains one CPU chip, one Memory Management Unit (MMU) chip, and four 64 KB Cache chips. Together, they implement a unique three-level address translation scheme that efficiently supports using virtual addresses spread anywhere in the full 64-b address range. The processor assigns a serial number to each issued instruction to track up to 64 in-progress instructions and can speculatively issue through up to 16 branches. It issues up to 4 instructions per cycle and utilizes superscalar instruction issue, register renaming, and dataflow (potentially out-of-order) execution to fully exploit instruction-level parallelism. The processor maintains a precise-state execution model, and commits in-order, up to 9 instructions in a cycle. In a HaL R1 system, a production SPARC64 running at 143 MHz has a performance of 230 SPECint92 and 300 SPECfp92 and dissipates 50 W from a 3.3 V supply.

Organization of a real‐time operating system “A‐RMS”

AbstractAs technologies in the process control and the equipment control fields become more and more advanced, there are increasing needs for a real time operating system which provides the interactive processing function in addition to the conventional control function.In the past, as a means to cope with these needs, technologies such as the virtual machine system of the emulation system were proposed. However, these systems presented difficulties in handling because each environment in these conventional systems uses its own operating system interface.This paper describes “A‐RMS,” a newly developed real‐time operating system which incorporates an interactive processing function as native on top of a real‐time operating system providing a control function. The control function and the interactive processing function are realized with unified concept and specification in A‐RMS. Adverse effects on the control function which might be induced by the incorporated interactive processing function are prevented by introducing a concept of environment to separate the interactive processing function from the control function.The new operating system is implemented on the M68010. This paper also mentions the effect of incorporation of the interactive processing function on A‐RMS performance. To secure response, A‐RMS employs only the real memory. The memory management unit (MMU) is used exclusively for memory protection.

A 6-ns cycle 256-kb cache memory and memory management unit

A cache and memory management unit (CAMMU) which accesses the various units in parallel and pipelines the results for 6-ns throughput with minimum latency is described. To fit two 5-ns 128-kb memories with 256 outputs each in a foundry ASIC (application-specific integrated circuit) process and still have area for the control logic and smaller memories, a four-transistor pseudo-static memory cell is used. Time-sharing data input circuits and sense amplifiers between the two cache memories further reduce area, and post-charge logic for word-line access and sensing gives 5-ns access time. This CAMMU uses postcharge logic in coordinated access of TLB, TAG, and cache. >