The demand for precise information on DRAM microarchitectures and error characteristics has surged, driven by the need to explore processing in memory, enhance reliability, and mitigate security vulnerability. Nonetheless, DRAM manufacturers have disclosed only a limited amount of information, making it difficult to find specific information on their DRAM microarchitectures. This paper addresses this gap by presenting more rigorous findings on the microarchitectures of commodity DRAM chips and their impacts on the characteristics of activate-induced bitflips (AIBs), such as RowHammer and RowPress. The previous studies have also attempted to understand the DRAM microarchitectures and associated behaviors, but we have found some of their results to be misled by inaccurate address mapping and internal data swizzling, or lack of a deeper understanding of the modern DRAM cell structure. For accurate and efficient reverse-engineering, we use three tools: AIBs, retention time test, and RowCopy, which can be cross-validated. With these three tools, we first take a macroscopic view of modern DRAM chips to uncover the size, structure, and operation of their subarrays, memory array tiles (MATs), and rows. Then, we analyze AIB characteristics based on the microscopic view of the DRAM microarchitecture, such as 6F^2 cell layout, through which we rectify misunderstandings regarding AIBs and discover a new data pattern that accelerates AIBs. Lastly, based on our findings at both macroscopic and microscopic levels, we identify previously unknown AIB vulnerabilities and propose a simple yet effective protection solution.

翻译：对DRAM微架构及错误特性精确信息的需求日益增长，这源于处理中内存探索、可靠性增强及安全漏洞缓解等应用需求。然而，DRAM制造商仅披露有限信息，使得获取其DRAM微架构的具体细节变得困难。本文通过呈现关于商用DRAM芯片微架构及其对激活诱导比特翻转（AIB，如RowHammer与RowPress）特性影响的更严谨研究成果，弥补了这一空白。先前研究虽尝试理解DRAM微架构及其相关行为，但我们发现部分结果因地址映射不准确、内部数据混排或对现代DRAM单元结构缺乏深入理解而产生误导。为实现精准高效逆向工程，我们采用三种可交叉验证的工具：AIB、保留时间测试与RowCopy。借助这三种工具，我们首先从宏观视角审视现代DRAM芯片，揭示其子阵列、内存阵列块（MAT）及行的尺寸、结构与操作方式；继而基于DRAM微架构的微观视角（如6F²单元布局）分析AIB特性，纠正关于AIB的误解并发现加速AIB的新型数据模式。最后，基于宏观与微观层面的发现，我们识别出先前未知的AIB漏洞，并提出一种简单有效的防护方案。