I agree that illustration is confusing.
The top half of the page is intended to describe the TLB.
It sounds like you understand TLB stuff pretty well.
The entire bottom half of the page is intended to describe the data cache.
(The label "cache" on the left is intended to apply to the entire bottom half of the page. How could it be redrawn to make it more obvious that it applies not only to the cache metadata valid+tag bits, but also all the data all the way to the right edge of the page?).
It suddenly splits up the physical address and uses it to index the
cache, I guess.
Yes. The bottom half of that page, as you just said, and like most large caches, is a physically-indexed, physically-tagged data cache.
But why is it showing the cache and data separately?
That part of the illustration is unnecessarily confusing.
While in principle each word of memory could have its own valid+tag bits, most data caches share the valid+tag bits for a much larger block of data copied from main memory -- a block called a cache line.
Loading more data than the program specifically asked for in a single instruction is often helpful, because practically all programs have some spatial locality.
The resulting cache entry structure looks something like
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
v tag w w w w w w w w w w w w w w w w
where the 'v' indicates the valid bit, and each 'w' represents a word of data.
Inexplicably, the book's illustration only shows one of the many blocks of data in the cache:
v tag
v tag
v tag
v tag
v tag
v tag w w w w w w w w w w w w w w w w < -- hit on this cache line.
v tag
v tag
and then the book's illustration inexplicably rotates the words in that cache line to show all the words of that one cache line stacked on top of each other.
When the data cache detects a hit --
when the cache tag matches the tag part of the desired address, and the valid bit is set --
then the "block offset" part of the address indicates one particular word of that one particular cache line.
Perhaps the illustrator ran out of room drawing an extremely wide cache line, and arbitrarily decided to rotate that line to make it fit on the page without considering how confusing that would be?
The data cache’s block size is 128 Bytes.
So for any physical byte address, the bottom 7 bits indicate some particular byte within a cache line, and all the upper bits of that address are used to select some particular cache line.
why is the byte offset just left floating?
The byte offset is left floating in this illustration, because the byte offset is not used by the TLB or by the data cache. A typical TLB and the data cache, like the one illustrated, only deal with aligned 32-bit words.
The 2 bits of the address that select one of the 4 bytes within a 32-bit word are handled elsewhere.
Some simple CPUs only have hardware for aligned whole-word access.
(I call them "Neither Endian" in "DAV's Endian FAQ").
Compiler writers for such CPUs must add padding to ensure that every instruction is aligned and every data value is aligned.
(The two-bit byte offset should always be zeros on these machines).
Many CPUs have a LOAD instruction that can load unaligned 32-bit values into a 32-bit register.
Such CPUs have special hardware elsewhere (not part of the cache) that, for each LOAD instruction (sometimes) does 2 reads from the data cache -- the unaligned 32-bit value can overlap 2 different cache lines; either or both read may cause a cache miss.
The 2 bits of the address that select one of the 4 bytes within a (aligned) 32-bit word are used internally by the CPU to select the relevant bytes that the cache returns for those reads and re-assemble those bytes into the (unaligned) 32-bit value that the programmer expects.
Even though such instructions give the correct results no matter how things are aligned or mis-aligned in memory, assembly language programmers and compiler writers and other programmers obsessed with optimization sometimes add padding anyway to get (some) instructions aligned or (some) data aligned or both.
("How and when to align to cache line size?";
"Aligning to cache line and knowing the cache line size";
etc.)
They try to justify this padding by claiming it "optimizes" the program to "run faster".
Recent tests seem to indicate data alignment for speed is a myth.
the relationship between a TLB and cache
Conceptually the only connection between the TLB and a (physically-indexed, physically-tagged) data cache is the bundle of wires carrying the physical-address output of the TLB to the physical-address input of the data cache.
One person can design a data cache for a simple CPU without virtual memory that caches physical addresses.
Another person can design a TLB for a simple CPU that has no data cache (A CPU with a TLB but no data cache was once a common arrangement for mainframe computers).
In principle,
a third person can splice that TLB and that data cache together, wiring the physical-address output of the TLB to the physical-address input of the data cache.
The TLB neither knows nor cares that it is now connected to the data cache rather than the main memory address bus.
The the data cache neither knows nor cares that it is now connected to the TLB rather than directly to the CPU address register(s).
You should notice that the flash is not written, it is erased. An erased flash is full of 0xFF. Your first 256 bytes are totally erased, your third 256-bytes region is partially erased (you only have 0 to 1 bitflips from correct data to corrupted one).
According to the datasheet, this flash is page-erasable (I usually work with erase-blocks bigger than the pages). As seen in page 282, Performing Page Erase by SPM is pretty easy.
You may be interested by section 23.8.1 ( Preventing Flash Corruption
) :
A Flash program corruption can be caused by two situations when the voltage is too low. First, a regular write sequence to the Flash requires a minimum voltage to operate correctly. Secondly, the CPU itself can execute instructions incorrectly, if the supply voltage for executing instructions is too low.
Flash corruption can easily be avoided by following these design recommendations (one is sufficient):
- If there is no need for a Boot Loader update in the system, program the Boot Loader Lock bits to prevent any Boot Loader software updates.
- Keep the AVR RESET active (low) during periods of insufficient power supply voltage.
This can be done by enabling the internal Brown-out Detector (BOD) if the operating volt-age matches the detection level. If not, an external low VCC reset protection circuit can be used. If a reset occurs while a write operation is in progress, the write operation will be completed provided that the power supply voltage is sufficient.
- Keep the AVR core in Power-down sleep mode during periods of low VCC . This will prevent the CPU from attempting to decode and execute instructions, effectively protecting the SPMCSR Register and thus the Flash from unintentional writes.
Best Answer
In general the stack and the heap crash in to each other. At that point it all gets messy.
Depending on the MCU one of several things may (or will) happen.
When 1 happens you start getting strange behaviour - things not doing what they should. When 2 happens all manner of hell breaks loose. If the return address on the stack (if there is one) is corrupted, then where the current call will return to is anyone's guess. At that time basically the MCU will start doing random things. When 3 happens again, who knows quite what would happen. This only happens when you're executing code out of RAM.
In general when the stack gets corrupted it's all over. Just what happens is down to the MCU.
It might be that trying to allocate the memory in the first place fails so the corruption doesn't happen. In this case the MCU might raise an exception. If there is no exception handler installed, then most often the MCU will just halt (an equivalent of
while (1);
. If there is a handler installed, then it might reboot cleanly.If the memory allocation does go ahead, or if it tries, fails, and just continues with no memory allocated, then you're into the realms of "who knows?". The MCU might end up rebooting itself through the right combination of events (interrupts caused that end up resetting the chip, etc), but there's no guarantee of that happening.
What there can usually be a high probability of happening, though, if it's enabled, is the internal watchdog timer (if one exists) timing out and rebooting the chip. When the program goes completely AWOL through this kind of crash the instructions to reset the timer generally won't be run, so it will time out and reset.