

















#### Address Translation Hardware Support Intel x86

- Intel x86 provides two levels of address translation
  - Segmentation (mandatory, since 8086)
  - Paging (optional, since 80386)
- Segmentation: first level of address translation
  - Intel: logical address (selector:offset) to linear address (32 bits)
  - NT virtual address is Intel linear address (32 bits)
- Paging: second level of address translation
  - Intel: linear address (32 bits) to physical address
  - NT: virtual address (32 bits) to physical address
  - Physical address: 32 bits (4 GB) all NT versions, 36 bits (64 GB) PAE
  - Page size:
    - 4 kb since 80386 (all NT versions)
    - 4 MB since Pentium Pro (supported in NT 4, Windows 2000)

10







### Windows Virtual Memory Use Performance Counters

| Performance Counter               | System Variable                               | Description                                                                                    |
|-----------------------------------|-----------------------------------------------|------------------------------------------------------------------------------------------------|
| Memory: Committed<br>Bytes        | MmTotalCommitedPages                          | Amount of committed private<br>address space that has a backing<br>store                       |
| Memory: Commit<br>Limit           | MmTotalCommit-Limit                           | Amount of memory (in bytes) that<br>can be committed without<br>increasing size of paging file |
| Memory: %Commited<br>Bytes in Use | MmTotalCommittedPages<br>/ MmTotalCommitLimit | Ratio of committed bytes to commit limit                                                       |

























# PTE Status and Protection Bits (Intel x86 only)

| Name of Bit    | Meaning on x86                                                                                                                 |  |
|----------------|--------------------------------------------------------------------------------------------------------------------------------|--|
| Accessed       | Page has been read                                                                                                             |  |
| Cache disabled | Disables caching for that page                                                                                                 |  |
| Dirty          | Page has been written to                                                                                                       |  |
| Global         | Translation applies to all processes<br>(a translation buffer flush won't affect this PTE)                                     |  |
| Large page     | Indicates that PDE maps a 4MB page (used to map kernel)                                                                        |  |
| Owner          | Indicates whether user-mode code can access the page of whether the page is limited to kernel mode access                      |  |
| Valid          | Indicates whether translation maps to page in phys. Mem.                                                                       |  |
| Write through  | Disables caching of writes; immediate flush to disk                                                                            |  |
| Write          | Uniproc: Indicates whether page is read/write or read-only;<br>Multiproc: ind. whether page is writeable/write bit in res. bit |  |
| Windows Oper   | ating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze                                        |  |

# Translation Look-Aside Buffer (TLB)

- Address translation requires two lookups:
  - Find right table in page directory
  - Find right entry in page table
- Most CPU cache address translations
  - Array of associative memory: translation look-aside buffer (TLB)
  - TLB: virtual-to-physical page mappings of most recently used pages

























## Page Frame Database – states of pages in physical memory

| Status               | Description                                                                                                                  |
|----------------------|------------------------------------------------------------------------------------------------------------------------------|
| Active/valid         | Page is part of working set (sys/proc), valid PTE points to it                                                               |
| Transition           | Page not owned by a working set, not on any paging list                                                                      |
| Standby              | Page belonged to a working set but was removed; not modified                                                                 |
| Modified             | Removed from working set, modified, not yet written to disk                                                                  |
| Modified<br>no write | Modified page, will not be touched by modified page write, used by NTFS for pages containing log entries (explicit flushing) |
| Free                 | Page is free but has dirty data in it – cannot be given to user process – C2 security requirement                            |
| Zeroed               | Page is free and has been initialized by zero page thread                                                                    |
| Bad                  | Page has generated parity or other hardware errors                                                                           |



### **MM: Process Support**

- MmCreateProcessAddressSpace 3 pages
  - The page directory
    - Points to itself
    - Map the page table of the hyperspace
    - Map system paged and nonpaged areas
    - Map system cache page table pages
  - The page table page for working set
  - The page for the working set list
- MmInitializeProcessAddressSpace
  - Initialize PFN for PD and hyperspace PDEs
  - MilnitializeWorkingSetList
  - Optional: MmMapViewOfSection for image file
- MmCleanProcessAddressSpace,
- MmDeleteProcess AddressSpace



#### **MM: Working Sets**

Working Set:

- The set of pages in memory at any time for a given process, or
- All the pages the process can reference without incurring a page fault
- Per process, private address space
- WS limit: maximum amount of pages a process can own
- Implemented as array of working set list entries (WSLE)
- Soft vs. Hard Page Faults:
  - Soft page faults resolved from memory (standby/modified page lists)
  - Hard page faults require disk access
- Working Set Dynamics:
  - Page replacement when WS limit is reached
  - NT 4.0: page replacement based on modified FIFO
  - Windows 2000: Least Recently Used algorithm (uniproc.)









