Soft error protection for unhardened processors

What is claimed is: 1 . A method for soft error protection of an unhardened processor, comprising: receiving assembly code corresponding to a program; generating a primary thread and a shadow thread, each operating in different address spaces of the unhardened processor; inserting swizzling operations in the shadow thread to maintain canonical pointer values; and inserting a Single Event Upset Protector (SEUP) between the unhardened processor and (a) a data memory and (b) a peripheral bus, the SEUP caching, for both the primary thread and the shadow thread, memory writes to the data memory and I/O writes to the peripheral bus; wherein the SEUP restarts the primary thread and the shadow thread at a previous checkpoint when the thus cached memory writes and the thus cached I/O writes by the primary thread do not match the thus cached memory writes and the thus cached I/O writes by the shadow thread. 2 . The method of claim 1 , further comprising inserting clean instructions into both the primary and shadow threads to flush dirty cache lines to the SEUP prior to a next checkpoint. 3 . The method of claim 2 , wherein the inserting of the clean instructions is optimized by one of (i) inserting the clean instructions after a last store to a cache line, or (ii) batching multiple stores within a same cache line. 4 . The method of claim 1 , wherein the swizzling operations include converting memory addresses in the shadow thread to a shadow thread address range before access and reverting them to a canonical form after the access. 5 . The method of claim 1 , further comprising inserting NOP instructions into the primary thread to compensate for the swizzling operations added to the shadow thread. 6 . The method of claim 1 , further comprising inserting turnout instructions into both the primary thread and the shadow thread to periodically check a checkpoint register of the SEUP for checkpoint requests, wherein the turnout instructions are placed using a static data-flow analysis algorithm that limits a number of cache-line cleans per turnout region to a predefined clean threshold. 7 . The method of claim 6 , wherein a frequency of turnouts is reduced by reserving a register that counts a number of stores since a last turnout, and only performing an uncacheable read from the SEUP when the number of stores indicates the turnout is needed. 8 . The method of claim 1 , wherein the primary thread and the shadow thread are configured to execute in spatially disjoint address spaces to eliminate cache coherence conflicts. 9 . The method of claim 1 , further comprising reserving at least one register of the unhardened processor for storing a SEUP offset and checkpoint signals. 10 . The method of claim 1 , wherein, for the primary thread, the SEUP outputs the cached memory writes to the data memory and outputs the cached I/O writes to the peripheral bus when the thus cached memory writes and the thus cached I/O writes by the primary thread match the thus cached memory writes and the thus cached I/O writes by the shadow thread. 11 . The method of claim 10 , wherein the SEUP maintains temporal order of the cached I/O writes output to the peripheral bus. 12 . A system for protecting an unhardened processor from soft errors, comprising: a Single Event Upset Protector (SEUP) transform tool, implemented as software with machine-readable instructions executable by a processor, for causing the processor to transform a program into a primary thread and a shadow thread that operate in different address spaces and run concurrently on different cores of the unhardened processor; a SEUP positioned between the unhardened processor and (a) a data memory and (b) a peripheral bus, the SEUP having: a control unit; an upstream bus controller for interfacing with the unhardened processor; a downstream bus controller for interfacing with the data memory; and a log for caching memory writes to the data memory for both the primary thread and the shadow thread; and an Overflow/Input/Output (OIO) queue for caching I/O writes to the peripheral bus for both the primary thread and the shadow thread; wherein, at an end of a checkpoint period, the control unit is adapted to trigger a rollback of the unhardened processor when the thus cached memory writes in the log and the thus cached I/O writes in the OIO queue for the primary thread do not match the thus cached memory writes in the log and the thus cached I/O writes in the OIO queue for the shadow thread. 13 . The system of claim 12 , the log comprising a set-associative cache with separate entries for primary thread memory writes, shadow thread memory writes, and matched memory writes, and does not evict dirty entries until verification. 14 . The system of claim 12 , the OIO queue configured to store unmatched memory writes when the log is full or when I/O operations are performed, and to drain matched I/O writes in order after a checkpoint. 15 . The system of claim 12 , the control unit being configured to coordinate checkpoint periods, the rollback, and fault detection based on mismatches, hangs, or architectural exceptions. 16 . The system of claim 15 , the control unit comprising a watchdog timer for triggering the rollback when no activity is detected from the unhardened processor for a predefined watchdog period. 17 . The system of claim 12 , the SEUP being configured to support externally synchronous I/O writes by committing I/O data only after verification at a checkpoint, to support bare-metal deployment, and to interface with the unhardened processor via a memory-mapped interface supporting variable response latencies. 18 . The system of claim 12 , the SEUP being implemented as one of: (a) an external integrated circuit, (b) a radiation-hardened FPGA, or (c) a hardened I/O chiplet integrated with the unhardened processor. 19 . The system of claim 12 , the SEUP adapted to support deterministic execution of redundant threads and to enable rollback by restoring a state of the unhardened processor from a most recently verified checkpoint. 20 . The system of claim 12 , the control unit adapted to (i) reduce the checkpoint period when the thus cached writes in the log and the OIO queue for the primary thread do not match the thus cached writes in the log and the OIO queue for the shadow thread, and (ii) to increase the checkpoint period when the thus cached writes in the log and the OIO queue for the primary thread match the thus cached writes in the log and the OIO queue for the shadow thread.