As well-known in the art, emulation is an essential technology that applies to all areas of system virtualization for existing operating systems.
Such emulation provides virtualization of graphical devices in a narrow sense and of an instruction set architecture (ISA) in a broad sense, and emulation is defined as the process of implementing the interface and functionality of a guest system on a host system having a different interface and functionality. The guest system denotes a target system to be virtualized and transplanted, and the host system denotes a physical system in which a virtualized guest actually operates.
In particular, interpretation, binary translation and the like are used for virtualization through ISA emulation. The interpretation involves fetching an instruction, analyzing the fetched instruction, and repeatedly executing an operation required as a result of the analysis. Such interpretation has the advantage of showing a low memory requirement, fast start rate, and high transplantability in performing emulation, but has the problem of very low performance in a steady state.
Moreover, although the performance is improving to indirect threaded interpretation or direct threaded interpretation based on basic interpretation, there are still problems concerning an increase in the amount of memory required and a reduction of transplantability under the circumstance that it is difficult to improve performance.
To solve these problems, a binary translation scheme was disclosed to improve performance regardless of transplantability, in which blocks of source instructions are translated to target instructions and the target instruction blocks are repeatedly executed. Such a binary translation scheme may be divided into a static binary translation scheme and a dynamic binary translation scheme.
Among them, the static binary translation scheme is not performed at runtime, and thus, there is no over-head caused by binary translation but there are a code discovery problem, a code location problem and the like. The code discovery problem means that there might exist no always-valid code following a jump instruction and data or a pad for alignment might exist between binary codes. The code location problem means that a program counter (PC) or an instruction pointer (IP) is changed by binary duplication accompanied by binary translation, and thus a PC-relative calculation part for a source binary needs to be changed to an entry point for a target binary during execution of an instruction, such as a register offset branch. This problem is basically caused by the binary translation scheme of duplicating the target binary from the source binary.
The dynamic binary translation technique is typically used for emulation to solve the code discovery problem and the code location problem. This technique is based on the principle that one dynamic basic block is translated for a single translation at an execution time.
FIG. 1 is a schematic view showing dynamic binary translation mechanism used for virtualization in the prior art. An emulation manager uses a source program counter (SPC)-target program counter (TPC) mapping table to check whether a mapping table corresponding to the SPC of the current binary exists in the SPC-TPC mapping table. If there exists no mapping table corresponding to the SPC in the SPC-TPC mapping table, a basic block is searched for in the source binary by an analyzer, and the searched basic block is converted into a target basic block by a converter. At this point, the last location of the basic block is corrected to pass its execution to the emulation manager by using the starting address of the next basic block as an argument.
Thereafter, when the converter passes the execution of the basic block to the emulation manager, the emulation manager confirms the existence of the target basic block by using the SPC-TPC mapping table for the same SPC, and branches its execution to the target basic block and repeatedly executes the basic block.
FIG. 2 is a flowchart showing a dynamic binary translation process used for virtualization in the prior art. The emulation manager searches the SPC-TPC mapping table for a mapping table corresponding to the SPC of the current binary in step 202.
Then, the emulation manager checks whether the mapping table corresponding to the SPC of the current binary exists in the SPC-TPC table based on the result of search in step 204.
As a result of check in step 204, if there exists no mapping table corresponding to the SPC in the SPC-TPC mapping table, a basic block is searched for in the source binary by the analyzer in step 206.
Next, the searched basic block is converted into a target basic block by the converter in step 208. At this point, the last location of the basic block is corrected to pass its execution to the emulation manager by using the starting address of the next basic block as an argument.
Thereafter, the emulation manager executes the corresponding target basic block translated by a translator in step 210.
Meanwhile, as a result of check in step 204, if there exists a mapping table corresponding to the SPC in the SPC-TPC mapping table, a branch is made to the searched target basic block in step 212, and the emulation manager executes the corresponding target basic block translated by the translator in step 214.
Next, the emulation manager invokes an SPC for the next block in step 216, and repeatedly performs steps 202 to 214 in step 218.
Accordingly, during the course of repeated execution, the emulation manager is able to confirm the existence of the target basic block using the SPC-TPC mapping table for the same SPC and to branch its execution to the target basic block and execute the basic block.
FIG. 3 illustrates a view for explaining a virtualization operation using a dynamic binary translation apparatus in the prior art. An emulation manager 302 searches an SPC-TPC mapping table 304 for 0, which is the PC of a source (i.e., SPC).
If SPC:0 exists in the SPC-TPC mapping table 304, the emulation manager 302 fetches the address of a target basic block 306, and executes the target basic block 306.
However, if there exists no SPC:0 in the SPC-TPC mapping table 304, source basic blocks starting from 0 of a source binary 310 are searched for by sequential analysis by an analyzer 308. The analyzer 308 which have searched for source basic blocks 0-10 transfers them to a translator 312. The translator 312 translates the source basic blocks into target basic blocks, write them in a basic block cache 306, and write a tuple consisting of an SPC of 0 and a TPC as the starting addresses of the target basic blocks in the SPC-TPC mapping table 304. At this time, the last location of a translated source basic block may be replaced by not a branch to the next basic block but a branch to the emulation manager 302 by using the starting address 12 of the next basic block as an argument.
Thereafter, the translator 312 passes the execution of the basic block to the emulation manager 302, and the emulation manager 302 fetches the starting address of the translated basic block whose SPC is 0 from the SPC-TPC mapping table 304 and executes the corresponding basic block.
As described above, the virtualization using binary translation of the prior art has many advantages because its processing speed is high compared to interpretation, but has a limitation when applied to a system with limited memory resources. This is because the amount of memory resources required increases since the duplicate of an operating code is created and the code is modified/operated based on the duplicate.
In addition, management using locality may be applied to reduce the amount of memory resources required. However, this inevitably causes performance degradation. Hence, it is necessary to develop a binary translation technology which makes users free from memory restrictions and minimizes performance degradation.