Research On Dynamic Binary Translation And Optimization Based On QEMU

Binary translation is an important technique to resolve the problem of processor compatibility, code migration and legacy code, and it has been a hot point in modern computer development field. Meanwhile, dynamic binary translation is the mainstream of binary translation as it combines the virtues of interpretive execution and static binary translation. This paper is the continuation of QEMU porting project, which is a sub-topic of National Important Science&Technology Specific Projects of China. In this paper, we mainly study the mechanism of dynamic binary translation in QEMU, attempted to promote its translation performance.The main contributions of this dissertation are:1. We deeply analyzed the realization mechanism and key techniques of QEMU dynamic binary translation, like TCG and basic block chaining. We also analyzed the optimization in QEMU binary translation, in order to dig the opportunities of possible optimization.2. We studied and tested current code cache management policy in QEMU, and the experiment shows that when the size of code cache is under64KB, the simulation performance sharply decreased for over half testcases in Mibench testsuite. According to this case, static division based code cache management is proposed in this paper. The basic point of this optimization is that code cache is divided into two sizeable parts by reading the configuration at startup, and then the generated code is stored to one specific part according to its exection times. The experiment proved that when cache size is under64KB, the optimization scheme can play a very good result to most testcases.3. We found that in current QEMU self-modifying code management policy, when code self-modifying happens, the simulation performance sufferes a severe decline. In order to decrease the impact of self-modifying code, this paper proposed a precise self-modifying code management policy, which is base on backtracking. In our policy, the basic block which has code modified is tracked by backtracking, and then minimum changes will be done to original process. The experiment shows that the proposed policy can decrease the processing overhead of each code modification to1/3in average, when comparing to QEMU’s mechanism.