Software emulation systems use a combination of instruction interpretation and instruction translation to run a program originally written for an old machine architecture on a new architecture. This technology can also be used to emulate a program for one architecture on the same architecture for the purposes of profiling that program, or on one architecture for emulating another implementation of that architecture, e.g. a different micro-architecture.
An instruction emulator maintains an emulated state that models the state of the legacy architecture. During emulation, the emulator modifies the emulated machine state in the same way that the machine state would have been modified had the program executed on the legacy architecture.
"Instruction interpretation" examines the effects of each instruction in the legacy program--one instruction at a time--and reproduces that instruction's affects on the emulated state stored on the new platform. "Instruction translation" refers to a more sophisticated process in which multiple instructions, i.e. blocks of code, are translated into a functionally equivalent new block of code executable on the new platform. The new block of code executes more efficiently than would result from simple instruction interpretation. The main benefit is removing the software fetch/decode logic involved with software interpretation. This process of translation may include optimizations that re-order the instructions in the translated code. However, this reordering must not change the behavior of the emulated program. Frequently a combination of both instruction interpretation and instruction translation is employed to emulate a given user application successfully.
In addition to emulating the semantics of the old instruction set, the emulator must deliver exceptions to the emulated process in a manner consistent with the old system. "Exceptions" can be briefly defined as unexpected or unusual conditions that arise during execution. An exception generally arises in the hardware and is communicated to the operating system ("OS"). The OS in some cases "delivers" the exception to the user application. Exceptions can be classified as either synchronous or asynchronous. Synchronous exceptions arise as a direct result of executing an instruction. Examples are arithmetic conditions like overflow or divide by 0, privilege or "permission" faults, etc. In general, the instruction has done something or attempts to do something illegal or exceeding available resources. Asynchronous exceptions are those caused by something external to the program. Examples are timer interrupts, communications with other programs (messages), etc. These can arise at any time and thus are "asynchronous" to the executing program. Since this invention deals with the recovery from synchronous exceptions, any further reference to an exception will mean a synchronous exception.
Typically, when an operating system ("OS") generates an exception notice to an application, the OS places a "context structure" on the application's stack. The context structure contains a snapshot of the machine state, plus information about interrupted system calls, if any. The machine state is restored according to the context structure when the exception handler returns. The exception handler may also modify the machine state contained in the context structure, and any such modifications are propagated to the real machine state by the OS.
One challenge involved in emulation of code designed for one architecture (the legacy platform) on the machine of a different architecture (the target platform) occurs in systems that support the handling of synchronous exceptions. When the conditions that would cause a synchronous exception in the original code occur, the translation system must ensure that the modeled state (the target machine state) is consistent with the "legacy machine state". For the purposes of this application, we define the "legacy machine state" as the machine state that would exist at the relevant time on the legacy platform had the original code executed on the legacy platform. This consistency is difficult to maintain in an aggressively optimizing translator. Optimization can re-arrange the order of execution of code and when an exception occurs, the target machine state does not match the legacy machine state, the state expected by the old program.
Traditional translators deal with this problem in one of three ways. One method is to ignore the problem and simply disallow examination of local variables in exception handlers. A second method is to use barrier logic to prevent optimization at synchronous exception points. This method severely restricts the ability to optimize a translation because it limits the ability to re-order the sequence of instructions.
A third known method allows for limited reordering in optimization by using a scheme of renaming registers. This method allows for reordering of instructions to "assign early", that is, optimizing by using a register to store a value that was to be assigned to a memory location later. The state of the machine can be restored if an exception occurs in a load instruction by filling in the proper memory locations using the values temporarily stored in the renamed registers. Since any load instruction may potentially cause an exception, however, this method does not allow for re-orderings that "assign late". Assignment instructions can not be moved after a load instruction if the proper legacy machine state is to be preserved. This limitation does not allow for full and aggressive optimization in a software translation.
Therefore, there is a need for a system and method to translate existing software to a new architecture that fully preserves the synchronous exception state while still allowing for full and aggressive optimization in the translation.