Instruction Set Simulator
Overview
 
An instruction set simulator (ISS) is a simulation
Simulation
Simulation is the imitation of some real thing available, state of affairs, or process. The act of simulating something generally entails representing certain key characteristics or behaviours of a selected physical or abstract system....

 model, usually coded in a high-level programming language
High-level programming language
A high-level programming language is a programming language with strong abstraction from the details of the computer. In comparison to low-level programming languages, it may use natural language elements, be easier to use, or be from the specification of the program, making the process of...

, which mimics the behavior of a mainframe or microprocessor
Microprocessor
A microprocessor incorporates the functions of a computer's central processing unit on a single integrated circuit, or at most a few integrated circuits. It is a multipurpose, programmable device that accepts digital data as input, processes it according to instructions stored in its memory, and...

 by "reading" instructions and maintaining internal variables which represent the processor's registers
Processor register
In computer architecture, a processor register is a small amount of storage available as part of a CPU or other digital processor. Such registers are addressed by mechanisms other than main memory and can be accessed more quickly...

.

Instruction simulation is a methodology employed for one of several possible reasons:
  • To simulate the machine code
    Machine code
    Machine code or machine language is a system of impartible instructions executed directly by a computer's central processing unit. Each instruction performs a very specific task, typically either an operation on a unit of data Machine code or machine language is a system of impartible instructions...

     of another hardware device or entire computer for upward compatibility
    Compatibility
    Compatibility may refer to:* Astrological compatibility* Compatibilism – a philosophical position* Compatibility * Compatibility * Compatibility * Electromagnetic compatibility* Interpersonal compatibility-Computing:...

     -- a full system simulator typically includes an instruction set simulator.
For example, the IBM 1401
IBM 1401
The IBM 1401 was a variable wordlength decimal computer that was announced by IBM on October 5, 1959. The first member of the highly successful IBM 1400 series, it was aimed at replacing electromechanical unit record equipment for processing data stored on punched cards...

 was simulated on the later IBM/360 through use of microcode
Microcode
Microcode is a layer of hardware-level instructions and/or data structures involved in the implementation of higher level machine code instructions in many computers and other processors; it resides in special high-speed memory and translates machine instructions into sequences of detailed...

 emulation.
  • To monitor and execute the machine code instructions (but treated as an input stream) on the same hardware for test and debugging purposes, e.g.
Unanswered Questions
Encyclopedia
An instruction set simulator (ISS) is a simulation
Simulation
Simulation is the imitation of some real thing available, state of affairs, or process. The act of simulating something generally entails representing certain key characteristics or behaviours of a selected physical or abstract system....

 model, usually coded in a high-level programming language
High-level programming language
A high-level programming language is a programming language with strong abstraction from the details of the computer. In comparison to low-level programming languages, it may use natural language elements, be easier to use, or be from the specification of the program, making the process of...

, which mimics the behavior of a mainframe or microprocessor
Microprocessor
A microprocessor incorporates the functions of a computer's central processing unit on a single integrated circuit, or at most a few integrated circuits. It is a multipurpose, programmable device that accepts digital data as input, processes it according to instructions stored in its memory, and...

 by "reading" instructions and maintaining internal variables which represent the processor's registers
Processor register
In computer architecture, a processor register is a small amount of storage available as part of a CPU or other digital processor. Such registers are addressed by mechanisms other than main memory and can be accessed more quickly...

.

Instruction simulation is a methodology employed for one of several possible reasons:
  • To simulate the machine code
    Machine code
    Machine code or machine language is a system of impartible instructions executed directly by a computer's central processing unit. Each instruction performs a very specific task, typically either an operation on a unit of data Machine code or machine language is a system of impartible instructions...

     of another hardware device or entire computer for upward compatibility
    Compatibility
    Compatibility may refer to:* Astrological compatibility* Compatibilism – a philosophical position* Compatibility * Compatibility * Compatibility * Electromagnetic compatibility* Interpersonal compatibility-Computing:...

     -- a full system simulator typically includes an instruction set simulator.
For example, the IBM 1401
IBM 1401
The IBM 1401 was a variable wordlength decimal computer that was announced by IBM on October 5, 1959. The first member of the highly successful IBM 1400 series, it was aimed at replacing electromechanical unit record equipment for processing data stored on punched cards...

 was simulated on the later IBM/360 through use of microcode
Microcode
Microcode is a layer of hardware-level instructions and/or data structures involved in the implementation of higher level machine code instructions in many computers and other processors; it resides in special high-speed memory and translates machine instructions into sequences of detailed...

 emulation.
  • To monitor and execute the machine code instructions (but treated as an input stream) on the same hardware for test and debugging purposes, e.g. with memory protection
    Memory protection
    Memory protection is a way to control memory access rights on a computer, and is a part of most modern operating systems. The main purpose of memory protection is to prevent a process from accessing memory that has not been allocated to it. This prevents a bug within a process from affecting...

     (which protects against accidental or deliberate Buffer overflow
    Buffer overflow
    In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety....

    ).
  • To improve the speed performance -- compared to a slower cycle-accurate simulator -- of simulations involving a processor core where the processor itself is not one of the elements being verified; verilog
    Verilog
    In the semiconductor and electronic design industry, Verilog is a hardware description language used to model electronic systems. Verilog HDL, not to be confused with VHDL , is most commonly used in the design, verification, and implementation of digital logic chips at the register-transfer level...

     simulation with ISS by means of "PLI" (not to be confused with PL/1, which is a programming language
    Programming language
    A programming language is an artificial language designed to communicate instructions to a machine, particularly a computer. Programming languages can be used to create programs that control the behavior of a machine and/or to express algorithms precisely....

    ) speeds considerably.

Quotations

In the following section however, the author then proceeds to give examples of how such simulators are useful as trace or monitor routines for debugging purposes.

Implementation

An ISS is often provided with (or is itself) a debugger
Debugger
A debugger or debugging tool is a computer program that is used to test and debug other programs . The code to be examined might alternatively be running on an instruction set simulator , a technique that allows great power in its ability to halt when specific conditions are encountered but which...

 in order for a Software engineer
Software engineering
Software Engineering is the application of a systematic, disciplined, quantifiable approach to the development, operation, and maintenance of software, and the study of these approaches; that is, the application of engineering to software...

/Programmer
Programmer
A programmer, computer programmer or coder is someone who writes computer software. The term computer programmer can refer to a specialist in one area of computer programming or to a generalist who writes code for many kinds of software. One who practices or professes a formal approach to...

 to debug the program prior to obtaining target hardware. GDB is one debugger which have compiled-in ISS. It is sometimes integrated with simulated peripheral circuits such as timer
Timer
A timer is a specialized type of clock. A timer can be used to control the sequence of an event or process. Whereas a stopwatch counts upwards from zero for measuring elapsed time, a timer counts down from a specified time interval, like an hourglass.Timers can be mechanical, electromechanical,...

s, interrupt
Interrupt
In computing, an interrupt is an asynchronous signal indicating the need for attention or a synchronous event in software indicating the need for a change in execution....

s, serial port, general I/O port, etc. to mimic the behavior of microcontroller
Microcontroller
A microcontroller is a small computer on a single integrated circuit containing a processor core, memory, and programmable input/output peripherals. Program memory in the form of NOR flash or OTP ROM is also often included on chip, as well as a typically small amount of RAM...

.

The basic instruction simulation technique is the same regardless of purpose - first execute the monitoring program passing the name of the target program as an additional input parameter.

The target program is then loaded into memory, but control is never passed to the code. Instead, the entry point within the loaded program is calculated and a pseudo program status word
Program status word
The Program status word is an IBM System/360 architecture and successors control register which performs the function of a Status register in other architectures, and more....

 (PSW) is set to this location. A set of pseudo registers are set to what they would have contained if the program had been given control directly.

It may be necessary to amend some of these to point to other pseudo "control blocks" depending on the hardware and operating system. It may also be necessary to reset the original parameter list to 'strip out' the previously added program name parameter.

Thereafter, execution proceeds as follows:
  1. Determine length of instruction at pseudo PSW location (initially the first instruction in the target program). If this instruction offset within program matches a set of previously given "pause" points, set "Pause" reason, go to 7.
  2. "Fetch" the instruction from its original location (if necessary) into the monitor's memory. If "trace" is available and "on", store program name, instruction offset and any other values.
  3. Depending upon instruction type, perform pre-execution checks and execute. If the instruction cannot proceed for any reason (invalid instruction, incorrect mode etc.) go to 7. If the instruction is about to alter memory, check memory destination exists (for this thread
    Thread (computer science)
    In computer science, a thread of execution is the smallest unit of processing that can be scheduled by an operating system. The implementation of threads and processes differs from one operating system to another, but in most cases, a thread is contained inside a process...

    ) and is sufficiently large. If OK, load appropriate pseudo registers into temporary real registers, perform equivalent move with the real registers, save address and length of altered storage if trace is "on" and go to 4. If the instruction is a "register-to-register" operation, load pseudo registers into monitors real registers, perform operation, store back to respective pseudo registers, go to 4. If the instruction is a conditional branch, determine if the condition is satisfied: if not go to 4, if condition IS satisfied, calculate branch to address, determine if valid (if not, set error = "Wild branch
    Wild branch
    In computer programming, a wild branch is a description of a GOTO instruction where the target address is indeterminate, random or otherwise unintended. It is usually the result of a software bug causing the accidental corruption of a pointer, index or array subscript. It is "wild" in the sense...

    ") and go to 7. If OK, go to 5. If instruction is an operating system call, do real call from monitorng program by "faking" addresses to return control to monitor program and then reset pseudo registers to reflect call; go to 4.
  4. Add instruction length to current Pseudo PSW value.
  5. Store next address in Pseudo PSW.
  6. Go to 1.
  7. Halt execution.


For test and debugging purposes, the monitoring program can provide facilities to view and alter registers, memory, and re-start location or obtain a mini core dump
Core dump
In computing, a core dump consists of the recorded state of the working memory of a computer program at a specific time, generally when the program has terminated abnormally...

 or print symbolic program names with current data values. It could permit new conditional "pause" locations, remove unwanted pauses and suchlike.

Instruction simulation provides the opportunity to detect errors BEFORE execution which means that the conditions are still exactly as they were and not destroyed by the error. A very good example from the IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...

 S/360 world is the following instruction sequence that can cause difficulties debugging without an instruction simulation monitor.

LM R14,R12,12(R13) where r13 incorrectly points to string of X"00"s
BR R14 causes PSW to contain X"0000002" with program check "Operation Exception"
* all registers on error contain nulls.

Overhead

The number of instructions to perform the above basic "loop" (Fetch/Execute/calculate new address) depends on hardware but it could be accomplished on IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...

 S/360/370/390/ES9000 range of machines in around 12 or 13 instructions for many instruction types. Checking for valid memory locations or for conditional "pause"s add considerably to the overhead but optimization techniques can reduce this to acceptable levels. For testing purposes this is normally quite acceptable as powerful debugging capabilities are provided including instruction step
Instruction step
An instruction step is a method of executing a computer program one step at a time to determine how it is functioning. This might be to determine if the correct program flow is being followed in the program during the execution or to see if variables are set to their correct values after a single...

, trace and deliberate jump to test error routine (when no actual error). In addition, a full instruction trace can be used to test actual (executed) code coverage
Code coverage
Code coverage is a measure used in software testing. It describes the degree to which the source code of a program has been tested. It is a form of testing that inspects the code directly and is therefore a form of white box testing....

.

Added benefits

Occasionally, monitoring the execution of a target program can help to highlight random errors that appear (or sometimes disappear) while monitoring but not in real execution. This can happen when the target program is loaded at a different location than normal because of the physical presence of the monitoring program in the same address space.

If the target program picks up the value from a "random" location in memory (one it doesn't 'own' usually), it may for example be nulls (X"00") in almost every normal situation and the program works OK. If the monitoring program shifts the load point, it may pick up say X"FF" and the logic would cause different results during a comparison operation. Alternatively, if the monitoring program is now occupying the space where the value is being "picked up" from, similar results might occur.

Re-entrancy bugs: accidental use of static variables instead of "dynamic" thread memory can cause re-entrancy problems in many situations. Use of a monitoring program can detect these even without a storage protect key.

Illegal operations: some operating systems (or hardware) require the application program to be in the correct "mode" for certain calls to the Operating system. Instruction simulation can detect these conditions before execution.

Hot spot analysis & instruction usage by counting the instructions executed during simulation (which will match the number executed on the actual processor or unmonitored execution), the simulator can provide both a measure of relative performance between different versions of algorithm and also be used to detect "hot spots" where optimization
Optimization (computer science)
In computer science, program optimization or software optimization is the process of modifying a software system to make some aspect of it work more efficiently or use fewer resources...

 can then be targeted by the programmer. In this role it can be considered a form of Performance analysis
Performance analysis
In software engineering, profiling is a form of dynamic program analysis that measures, for example, the usage of memory, the usage of particular instructions, or frequency and duration of function calls...

 as it is not easy to obtain these statistics under normal execution and this is especially true for high level language programs which effectively 'disguise' the extent of machine code instructions by their nature.

Example

Typical trace output from simulation by monitoring program used for test & debugging:

Program offset instruction Dis-assembled register/ storage (after execution)
TEST001 000000 X'05C0' BALR R12,0 R12=002CE00A
000002 X'47F0C00E' BC 15,X'00C'(R12)
00000E X'98ECD00C' STM R14,R12,X'00C'(R13) X'002E0008'

> X'00004CE,002CE008,..etc....'
000012 X'45E0C122' BAL R14,X'122'(R12) R14=002C0016
SUB1 000124 X'50E0C28A' ST R14,X'28A'(R12) X'002CE294'

> X'002C0016'
etc...

See also

  • Cycle Accurate Simulator
    Cycle Accurate Simulator
    A Cycle Accurate Simulator is a computer program that simulates a microarchitecture cycle-accurate. In contrast an instruction set simulator simulates an Instruction Set Architecture usually faster but not cycle-accurate to a specific implementation of this architecture. They are often used when...

  • Computer architecture simulator
    Computer architecture simulator
    In computer science, a computer architecture simulator, or an architectural simulator, is a piece of software to model computer devices to predict outputs and performance metrics on a given input...

  • Instrumentation (computer programming)
    Instrumentation (computer programming)
    In context of computer programming, instrumentation refers to an ability to monitor or measure the level of a product's performance, to diagnose errors and to write trace information. Programmers implement instrumentation in the form of code instructions that monitor specific components in a system...

  • Little man computer
    Little man computer
    The Little Man Computer is an instructional model of a computer, created by Dr. Stuart Madnick in 1965. The LMC is generally used to teach students, because it models a simple von Neumann architecture computer - which has all of the basic features of a modern computer...

     for a simple, Java applet-based example of an instruction set simulator
  • MikroSim
    MikroSim
    The program MikroSim is an educational software for hardware-non-specific explanation of the general functioning and behaviour of a virtual processor, running on the operating system Microsoft Windows...

    : CPU simulator, allowing instruction set definition on microcode level for educational use
  • CPU Sim
    CPU Sim
    CPU Sim is a software development environment for the simulation of simple computers. It was developed by Dale Skrien to help students understand computer architectures. With this application the user is able to simulate new or existing simple CPUs. Users can create new virtual CPUs with custom...

    , a Java application that allows the user to design and create an instruction set and then run programs of instructions from the set through simulation
  • Metaprogramming
    Metaprogramming
    Metaprogramming is the writing of computer programs that write or manipulate other programs as their data, or that do part of the work at compile time that would otherwise be done at runtime...


External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK