CS444 hw4 Paging, 10 points Due Tues., Nov. 28, in class, on paper, or by midnight in your cs444/hw4/hw4soln.txt No programming so no late days! Experimenting with the x86 MMU There is one page table (KPT0 for kernel PT#0) for this 4M system, itself mapped into the address space starting at 0x52000 (in the Tutor area.) Make a script to show your work, as follows (you can edit out extraneous stuff after the fact if it gets too messy): List the script and mark it up with your analyses, or edit in comments if you prefer. 1. With a fresh system (reboot to make sure), dump the first 4 PTEs and analyze them (status bits, what VA->PA translation they do). 2. Find and dump the first 4 PTEs for Tutor, which starts at VA 50000 and analyze them. Find some PTEs for pages that have never been touched since system reset, above VA 50000, i.e, after Tutor. We can play with pages 0-20 or so without much worry about necessitating a reset, because these are left over from being bootstrap scratch memory. All the sensitive data is above 0x50000, including the interrupt vector table. 3. Set page 3 as valid but not yet ref'd. Then do a read on it, ck the PTE, then a write, ck the PTE and interpret your findings. 4. Now set page 3 as invalid (not present) and try reads and writes. You see that nothing special has happened. That's because the PTE in the TLB is still showing the page as present, and the MMU checks the TLB before looking at memory PTs. 5. Writing a value in the CR3 registers flushes the TLB, i.e., makes it drop all its cache entries. This can be done using the Tutor register-set command. Use the same old CR3 value, of course, or expect to reboot, for example: "Tutor> rs cr3 51000". Do this and retry 4. You should see a page fault, exception 14. Use "rd all" to see CR2, the "linear address" of the address causing the page fault. Note on linear addresses (LAs): We have avoided talking about x86 segmentation, and we don't want to start now. So just be aware that VA's are actually mapped to LAs by segmentation, and LAs to PAs by paging. Thus "the memory address" involved in a page fault is an LA. On the SAPC, the rule is VA = LA - 0xc0000000 = PA for all addresses. For example, VA 12345 is LA 0xc00012345 and PA 12345. So if address 12345 causes a page fault, CR2 will contain 0xc0012345. 6. Write the appropriate PTEs to make both VA 3000 and VA 5000 refer to PA 5000. Show that it is working by writing once and reading twice. 7. As a final suicidal action, wipe out the PDE (page dir entry) governing the PT we're using. This PDE is accessible at VA 51c00. Is the PDE cached? [VA 51c00--why this address? Note that the whole SAPC memory is located in 0xc0000000-0xc3ffffff in linear address space, and 0xc0000000 is 3/4 of the way through the 32-bit LA space. The page directory starts at 51000, and each of its PDEs (1K in number) rules 4M of LA space. The PDE for this region is 3/4 of the way down the PD, at 0x51000 + 3/4*4*1K = 0x51c00.] Be nice and ~r at the end of your session! ----------------End of experimental problems.----------------------- End of hw4 for most people More problems, if you want more practice on memory management. You should try the last problem if you're planning to take the Grad. Record Exam in CS. 8. Suppose PT #0 for a process on an x86 system with trivial segments, so that VA=LA, looks like this: vpn pte 0: 00134025 1: 00899025 2: 00932025 3: 00203027 4: 00ab0067 5: 11203000 Interpret the PTEs and say which pages are code pages and which are data pages. Note that bit 1, the U/S bit, is 1 for user, 0 for kernel (recently corrected in class notes.) 9. For the PT of 8., determine the VA->PA mappings for "movl %eax, 0x3456", where the instruction is located at address 0x123. Include the instruction fetch. 10. Suppose a UNIX process is running on an x86 system with trivial user segments so that VA=LA. It has 6M of code and data starting from VA 0, a 1M stack growing down from VA 7fffffff, and a DLL mapped in at the very top of user space (which is all but the last 0x100M of the 32-bit VA space, let's say, even bigger than Linux's 3G user space). The kernel lies in the top 0x100M of VA space. Draw a diagram of this process's page directory, PTs, and pointers off to individual pages. Does the kernel have entries here too? If so, where? 11. Tanenbaum, problem 29, page 266. You can skip (a) if you want.