Optimizing Memory Emulation in Full System Emulators

Memory emulation remains to be one of the most exercised
components in full system emulators. Memory
emulation is consisted of 2 major components, 1. Translation
- the emulator translates the guest virtual/physical
address to host virtual address using the emulated TLB
for every emulated guest memory instruction. 2. Refill -
the emulator walks the page table of the running guest
applications in case of a miss in the emulated TLB.
Traditionally implemented in hardware or highly optimized
software code, TLB translation and refill are
emulated in software and thus results in a significant
amount of time spent in them. This work quantitatively
measures where time is spent in, QEMU, an industrial
strength full system emulator and identifies memory
emulation as one of the most heavily exercised components
in the emulator. Additionally, this work explores
the design space of software emulated TLB and proposes
a series of optimizations to reduce memory emulation
overhead. The proposed optimizations are targeted
at optimizing TLB translation as well as refills,
reducing instruction cache misses, code cache flushes,
page table walks, time taken for TLB flushes and resulting
in an average performance improvement of 22.6%
over the baseline on a wide range of benchmarks.