Automatic Generation of Efficient Dynamic Binary Translators Fr ed - - PowerPoint PPT Presentation

automatic generation of efficient dynamic binary
SMART_READER_LITE
LIVE PREVIEW

Automatic Generation of Efficient Dynamic Binary Translators Fr ed - - PowerPoint PPT Presentation

Apr 02, 2023 426 likes •689 views

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion Automatic Generation of Efficient Dynamic Binary Translators Fr ed eric P etrot, Luc Michel and Nicolas Fournel Tima Laboratory , Grenoble,

slide-1
SLIDE 1

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Automatic Generation of Efficient Dynamic Binary Translators

Fr´ ed´ eric P´ etrot, Luc Michel and Nicolas Fournel

Tima Laboratory, Grenoble, France

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 1 / 15

slide-2
SLIDE 2

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Simulation Context

Motivations

◮ Design space exploration and Early Software Development ◮ Goal: (co-)optimize chips and applications for performances

Difficulties

◮ Higher number of processor reduces simulation performances ◮ Sequential simulation speed is still a great concern

Current state of the art solution

Dynamic Binary Translation based ISS.

◮ Pros: fast and relatively

precise

◮ Cons: complex

development

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 2 / 15

slide-3
SLIDE 3

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Solutions for fast development of simulators

Automatic generation, a need

◮ To avoid complex development, ◮ To allow quick availability of simulation platforms.

Automatic fast simulators generation

◮ Solutions has been proposed before[UC00, CVE00, NBS+02], ◮ Proprietary, not available, no details, no ”

full software execution”support, . . .

Our goal

◮ Automate the production of dynamic binary translators ◮ Benefit from automation to produce faster simulators

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 3 / 15

slide-4
SLIDE 4

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Agenda

Principle of Dynamic Binary Translation Design flow Intermediate Representation Generation Conclusion

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 4 / 15

slide-5
SLIDE 5

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

DBT Principle

Process

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 5 / 15

slide-6
SLIDE 6

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

DBT Principle

Process Code generation example

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 5 / 15

slide-7
SLIDE 7

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

DBT Principle

Process Code generation example

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 5 / 15

slide-8
SLIDE 8

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

DBT Principle

Process Code generation example

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 5 / 15

slide-9
SLIDE 9

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Automatic simulator generation

The generator

◮ Takes a description of the target (simulated) architecture,

and a description of the host (machine simulation is run on) architecture,

◮ Generated ISS relies on Dynamic Binary Translation approach, ◮ DBT process uses an intermediate representation.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 6 / 15

slide-10
SLIDE 10

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

General design flow

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 7 / 15

slide-11
SLIDE 11

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

General design flow

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 7 / 15

slide-12
SLIDE 12

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

General design flow

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 7 / 15

slide-13
SLIDE 13

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

General design flow

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 7 / 15

slide-14
SLIDE 14

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Why keep an IR at runtime?

Direct target to host translation possible

◮ But previous works shown interests in having one [UC00, CVE00, Bel05],

Allows for runtime optimizations, Easier debugging.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 8 / 15

slide-15
SLIDE 15

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Intermediate Representation Generation

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 9 / 15

slide-16
SLIDE 16

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Why generating the IR?

Generating an IR specialized to the target/host pair

◮ Previous works show dramatic performance gains ◮ Speeding-up SIMD instructions dynamic binary translation[MFP11] ◮ Better SIMD translation, adapted IR (ARM Neon → x86 MMX/SSE) in QEMU.

Direct mapping case

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 10 / 15

slide-17
SLIDE 17

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Why generating the IR?

Generating an IR specialized to the target/host pair

◮ Previous works show dramatic performance gains ◮ Speeding-up SIMD instructions dynamic binary translation[MFP11] ◮ Better SIMD translation, adapted IR (ARM Neon → x86 MMX/SSE) in QEMU.

Multiple micro-operations

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 10 / 15

slide-18
SLIDE 18

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Why generating the IR?

Generating an IR specialized to the target/host pair

◮ Previous works show dramatic performance gains ◮ Speeding-up SIMD instructions dynamic binary translation[MFP11] ◮ Better SIMD translation, adapted IR (ARM Neon → x86 MMX/SSE) in QEMU.

Multiple host instructions

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 10 / 15

slide-19
SLIDE 19

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

How to auto-generate a specialized IR?

Start from a canonical IR

◮ Used to describe the instructions in the target and host description, ◮ Each (part of) target instruction is matched against host instruction.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 11 / 15

slide-20
SLIDE 20

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

How to auto-generate a specialized IR?

Start from a canonical IR

◮ Used to describe the instructions in the target and host description, ◮ Each (part of) target instruction is matched against host instruction.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 11 / 15

slide-21
SLIDE 21

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

How to auto-generate a specialized IR?

Start from a canonical IR

◮ Used to describe the instructions in the target and host description, ◮ Each (part of) target instruction is matched against host instruction.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 11 / 15

slide-22
SLIDE 22

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Matching constraints

Operations

◮ Host implements the canonical IR atoms

Back-end simple and efficient Not an issue since IR automatically generated for (target, host) couple

Operands

◮ Operand size, type and location induce loose matching ◮ Specific code generation to handle conversions

Control

◮ Flags, ... ◮ Related to run-time on BB boundaries

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 12 / 15

slide-23
SLIDE 23

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Still at an early stage!

First working prototype

◮ MIPS to simple virtual machine ◮ Translator generation fitting into QEMU

Many open questions, among which

◮ Is this more efficient than using a fixed IR? ◮ Will the generated IR runtime allow optimization? ◮ How to Efficient handle non-functional properties?

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 13 / 15

slide-24
SLIDE 24

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Conclusion

Convenient design flow for DBT based simulator generation

◮ Fast development, ◮ DBT based, ◮ Specialized intermediate representation. ◮ Some parts have been addressed by previous works, ◮ but still a work in progress.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 14 / 15

slide-25
SLIDE 25

Introduction DBT principle Design flow Intermediate Representation Generation Conclusion

Thank you!

  • F. Bellard, QEMU, a fast and portable dynamic translator, the USENIX

Annual Technical Conference, 2005, pp. 41–46.

  • C. Cifuentes and M. Van Emmerik, UQBT: Adaptable Binary Translation at

Low Cost, Computer 33 (2000), no. 3, 60–66.

  • L. Michel, N. Fournel, and F. P´

etrot, Speeding-up SIMD instructions dynamic binary translation in embedded processor simulation, Proceedings of the Design, Automation & Test in Europe Conference, IEEE, 2011, pp. 277–280.

  • A. Nohl, G. Braun, O. Schliebusch, R. Leupers, H. Meyr, and A. Hoffmann,

A universal technique for fast and flexible instruction-set architecture simulation, 39th Design Automation Conference, 2002, pp. 22–27.

  • D. Ung and C. Cifuentes, Machine-adaptable dynamic binary translation,

DYNAMO ’00, 2000, pp. 41–51.

  • F. P´

etrot et al. - Automatic Generation of Efficient Dynamic Binary Translators MPSoC’14, Margaux, France 15 / 15