Emulator: Difference between revisions

This article is about emulation in computer science. See E-mu Emulator for a line of digital musical instruments, Emulation (disambiguation) for other meanings.

File:KEGAFUSIONTITLE.PNG

An emulator reproducing a console game's playable atmosphere on a Windows computer.

A software emulator allows computer programs to run on a platform (computer architecture and/or operating system) other than the one for which they were originally written. Unlike a simulation, which only attempts to reproduce a program's behavior, an emulation generally attempts to model to various degrees the state of the device being emulated.

A hardware emulator is a hardware that can run programs for the original hardware without any modification or a hardware that have exactly the same function as the original hardware. Example: Printer Emulator (inside the ROM of the printer), FPGA based emulator.

A popular use of emulators is to mimic the experience of running arcade games or console games on Linux, Mac OS X, and Microsoft Windows. Emulating these on modern desktop computers is usually less cumbersome than relying on the original machines. However, software licensing issues may require emulator authors to write original software that duplicates the functionality of the original computer's bootstrap ROM and BIOS, often through high-level emulation.

In a theoretical sense, the Church-Turing thesis implies that any operating environment can be emulated within any other. In practice, it can be quite difficult, particularly when the exact behavior of the system to be emulated is not documented and has to be deduced through reverse engineering. It also says nothing about timing constraints; if the emulator does not perform as quickly as the original hardware, the emulated software may run much more slowly than it would have on the original hardware.

Structure

Most emulators just emulate a hardware architecture — if a specific operating system is required for the desired software, it must be provided as well (and may itself be emulated). Both the OS and the software will then be interpreted by the emulator, rather than being run by native hardware. Apart from this interpreter for the emulated machine's language, some other hardware (such as input or output devices) must be provided in virtual form as well: if writing to a specific memory location should influence the screen, for example, this will have to be emulated as well.

Instead of full emulation of the hardware, a compatibility layer may suffice. This translates system calls for the emulated system into system calls for the host system.

Developers of software for embedded systems or video game consoles often design their software on especially accurate emulator called a simulator before trying it on the real hardware. This is so that software can be produced and tested before the final hardware exists in large quantities, so that it can be tested without taking the time to copy the program to the hardware, or so that it can be debugged at a low level without introducing the side effects of a debugger.

Typically, an emulator is divided into modules that correspond roughly to the emulated computer's subsystems. Most often, an emulator will be composed of the following modules:

• a CPU emulator or CPU simulator (the two terms are mostly interchangeable)
• a memory subsystem module
• various I/O devices emulators

Buses are often not emulated, either for reasons of performance or simplicity, and virtual peripherals communicate directly with the CPU or the memory subsystem.

A detailed description of the internals of a specific emulator can be found in the ElectrEm article.

Memory subsystem

It is possible for the memory subsystem emulation to be reduced to simply an array of elements each sized like an emulated word; however, this model falls very quickly as soon as any location in the computer's logical memory does not match physical memory.

This clearly is the case whenever the emulated hardware allows for advanced memory management (in which case, the MMU logic can be embedded in the memory emulator, made a module of its own, or sometimes integrated into the CPU simulator).

Even if the emulated computer does not feature an MMU, though, there are usually other factors that break the equivalence between logical and physical memory: many (if not most) architecture offer memory-mapped I/O; even those that do not almost invariably have a block of logical memory mapped to ROM, which means that the memory-array module must be discarded if the read-onlyness of ROM is to be emulated.

As a result, most emulators implement at least two procedures for writing to and reading from logical memory, and it is these procedures' duty to map every access to the correct location of the correct object.

On a base-limit addressing system where memory from address 0 to address ROMSIZE is read-only memory, while the rest is RAM, something along the line of the following procedures would be typical:

void WriteMemory(word Address, word Value) {
    word RealAddress;
    RealAddress=Address+BaseRegister;
    if(RealAddress<LimitRegister) {
        if(RealAddress>ROMSIZE) Memory[RealAddress]=Value;
    } else {
        RaiseInterrupt(INT_SEGFAULT);
    }
}

word ReadMemory(word Address) {
    word RealAddress;
    RealAddress=Address+BaseRegister;
    if(RealAddress<LimitRegister) {
        return Memory[RealAddress];
    } else {
        RaiseInterrupt(INT_SEGFAULT);
        return NULL;
    }
}

CPU simulator

The CPU simulator is often the most complicated part of an emulator. Many emulators are written using "pre-packaged" CPU simulators, in order to concentrate on good and efficient emulation of a specific machine.

The simplest form of a CPU simulator is an interpreter, which follows the execution flow of the emulated program code and, for every machine code instruction encountered, executes operations on the host processor that are semantically equivalent to the original instructions.

This is made possible by assigning a variable to each register and flag of the simulated CPU. The logic of the simulated CPU can then more or less be directly translated into software algorithms, creating a software re-implementation that basically mirrors the original hardware implementation.

The following example illustrates how CPU simulation is accomplished by an interpreter. In this case, interrupts are checked-for before every instruction executed, though this behavior is rare in real emulators for performance reasons.

void Execute(void) {
    if(Interrupt!=INT_NONE) {
        SuperUser=TRUE;
        WriteMemory(++StackPointer, ProgramCounter);
        ProgramCounter=InterruptPointer;
    }
    switch(ReadMemory(ProgramCounter++)) {
        // Handling of every valid instruction
        default:
        Interrupt=INT_ILLEGAL;
    }
}

Interpreters are very popular as CPU simulators, as they are much simpler to implement than more performant alternative solutions, and their speed is more than adequate for emulating computers of more than roughly a decade ago on modern machines.

However, the speed penalty inherent in interpretation can be a problem when emulating computers whose processor speed is on the same order of magnitude as the host machine. Until not many years ago, emulation in such situations was considered completely impractical by many.

What allowed breaking through this restriction were the advances in dynamic recompilation techniques. Simple a priori translation of emulated program code into code runnable on the host architecture is usually impossible because of several reasons:

• code may be self-modifying
• there may not be a way to reliably distinguish data segments (which must not be translated) from text segments (code segments)
• there may not be a way to communicate with the emulated operating system in order for the emulator to be aware of newly loaded (for example from disk) code

Various forms of dynamic recompilation, including the popular Just In Time compiler (JIT) technique, try to circumvent these problems by waiting until the processor control flow jumps into a location containing untranslated code, and only then ("just in time") translates a block of the code into host code that can be executed. The translated code is kept in a code cache, and the original code is not lost or affected; this way, even data segments can be (meaninglessly) translated by the recompiler, resulting in no more than a waste of translation time.

I/O

Most emulators do not, as mentioned earlier, emulate the main system bus; each I/O device is thus often treated as a special case, and no consistent interface for virtual peripherals is provided.

This can result in a performance advantage, since each I/O module can be tailored to the characteristics of the emulated device; designs based on a standard, unified I/O API can however rival such simpler models, if well thought-out, and they have the additional advantage of "automatically" providing a plug-in service through which third-party virtual devices can be used within the emulator.

A unified I/O API may not necessarily mirror the structure of the real hardware bus: bus design is limited by several electric constraints and a need for hardware concurrency management that can mostly be ignored in a software implementation.

Even emulators that treat each device as a special case, there is usually a common basic infrastructure for

• managing interrupts, by means of a procedure that sets flags readable by the CPU simulator whenever an interrupt is raised, allowing the virtual CPU to "poll for (virtual) interrupts"
• writing to and reading from physical memory, by means of two procedures similar to the ones dealing with logical memory (although, contrary to the latter, the former can often be left out, and direct references to the memory array be employed instead)

See also

• List of emulators - Software emulators:
  • Arcade emulator
  • Console emulator
• Hardware emulators:
  • Field Programmable Gate Array (FPGA) Arcade hardware emulators.
  • Field Programmable Gate Array (FPGA) CPU hardware emulators.
• Translation:
  • Application Programming Interface (API) translation
  • Binary translation
  • Fan translation
• Game Engine Recreations
• In-circuit emulator (ICE)
• Virtual machine

External links

• HowTo: Writing a Computer Emulator
• FPGA arcade - arcade hardware emulators.
• emulinks.de - Emulation web directory
• The Rom Jar - One of the better Emulation websites currently on the internet.
• WABI - Application Programming Interface (API) Translator from Sun Microsystem
• WINE - Microsoft Windows Application Programming Interface (API) translation for Linux.
• The History of Emulation - 1800 to 1999: Part 1, Part 2, Part 3, Part 4