LLVA: A Low-level Virtual Instruction Set Architecture
Vikram Adve Chris Lattner Michael Brukman Anand Shukla Brian Gaeke
Computer Science Department
University of Illinois at Urbana-Champaign
{vadve,lattner,brukman,ashukla,gaeke}@cs.uiuc.edu
Abstract
A virtual instruction set architecture (V-ISA) imple-
mented via a processor-specific software translation
layer can provide great flexibility to processor design-
ers. Recent examples such as Crusoe and DAISY, how-
ever, have used existing hardware instruction sets as
virtual ISAs, which complicates translation and optimiza-
tion. In fact, there has been little research on specific de-
signs for a virtual ISA for processors. This paper proposes a
novel virtual ISA (LLVA) and a translation strategy for im-
plementing it on arbitrary hardware. The instruction set
is typed, uses an infinite virtual register set in Static Sin-
gle Assignment form, and provides explicit control-flow
and dataflow information, and yet uses low-level opera-
tions closely matched to traditional hardware. It includes
novel mechanisms to allow more flexible optimization of na-
tive code, including a flexible exception model and minor
constraints on self-modifying code. We propose a trans-
lation strategy that enables offline translation and trans-
parent offline caching of native code and profile infor-
mation, while remaining completely OS-independent. It
also supports optimizations directly on the representa-
tion at install-time, runtime, and offline between exe-
cutions. We show experimentally that the virtual ISA is
compact, it is closely matched to ordinary hardware in-
struction sets, and permits very fast code generation, yet
has enough high-level information to permit sophisti-
cated program analyses and optimizations.
1. Introduction
In recent years, traditional superscalar processors and
compilers have had to resort to increasingly complex de-
signs for small improvements in performance. This has
spurred a wide range of research efforts exploring novel
microarchitecture and system design strategies in search of
cost-effective long-term solutions [5, 21, 29, 31, 33]. While
the outcome is far from clear, what seems clear is that an ex-
tensive rethinking of processor design has begun.
Along with design alternatives for the microarchitecture
and system architecture, we believe it is also important to
rethink the instruction set architecture — software’s sole
interface to the processor. Traditional processor instruction
sets are a strait-jacket for both hardware and software. They
provide little useful information about program behavior
to the execution engine of a processor, they make it diffi-
cult for hardware designers to develop innovative software-
controlled mechanisms or modify instruction sets, and they
greatly constrain compiler optimizations to those that can
be expressed by an instruction set that must also serve as
an external program representation. The fundamental prob-
lem is that the same instruction set (the hardware ISA) is
used for two very different purposes: as the persistent rep-
resentation of software, and as the interface by which prim-
itive hardware operations are specified and sequenced.
1.1. Virtual Instruction Set Computers
As a step towards loosening these restrictions, several
research and commercial groups have advocated a class
of architectures we term Virtual Instruction Set Comput-
ers (VISC) [9, 14, 23, 32]. Such an architecture defines a
virtual instruction set (called the V-ISA in Smith et al.’s ter-
minology [32]) that is used by all user and operating sys-
tem software, as illustrated in Fig. 1. An implementation
of the architecture includes both (a) a hardware processor
with its own instruction set (the implementation ISA or I-
ISA), and (b) an implementation-specific software transla-
tion layer that translates virtual object code to the I-ISA.
Because the translation layer and the hardware processor
are designed together, Smith et al. refer to this implemen-
tation strategy as a codesigned virtual machine [32]. Fisher
has described a closely related vision for building families
of processors customized for specific application areas that
maintain compatibility and performance via software trans-
lation [15].
At the most basic level, a VISC architecture decouples
the program representation (V-ISA) from the actual hard-
ware interface (I-ISA), allowing the former to focus on cap-
turing program behavior while the latter focuses on soft-
ware control of hardware mechanisms. This brings two fun-

Application Software
Operating System
Kernel Virtual
ISA (V−ISA)
Processor−specific
translator
Implementation
Hardware Processor ISA (I−ISA)
Figure 1. System organization for a virtual ar-
chitecture. This is similar to Fig. 1(c) in [32]
and Fig. 5 in [24].
damental benefits to the hardware processor design and its
software translation layer:
1. The virtual instruction set can include rich pro-
gram information not suitable for a direct hard-
ware implementation, and can be independent of most
implementation-specific design choices.
2. The I-ISA and its translator provide a truly co-
operative hardware/software design: the transla-
tor can provide information to hardware through
implementation-specific mechanisms and instruc-
tion encodings, while the hardware can expose novel
microarchitectural mechanisms to allow coopera-
tive hardware/software control and also to assist the
translator.
These two fundamental benefits could be exploited in po-
tentially unlimited ways by processor designers. Prior
work [14, 32, 11] has discussed many potential hardware
design options enabled by this approach, which are im-
practical with conventional architectures. Furthermore,
I-ISA instruction encodings and software-controlled mech-
anisms can both be changed relatively easily with each pro-
cessor design, something that is quite difficult to do for
current processors. Finally, external compilers can fo-
cus on machine-independent optimizations while the
translator serves as a common back-end compiler cus-
tomized for the processor implementation.
The cost of this increased flexibility is the possible over-
head of software translation (if it must be done “online”).
Nevertheless, recent advances in dynamic compilation, pro-
gram optimization, and hardware speed can mitigate the
performance penalty, and could make this idea more vi-
able today than it has been in the past. Furthermore, hard-
ware mechanisms can be used to assist these tasks in many
ways [14, 11, 19, 35, 27, 30].
1.2. Our Contribution: Design for A Virtual In-
struction Set
Although virtual architectures have been discussed for a
long time and real implementations exist (viz., IBM S/38
and AS/400, DAISY, and Transmeta’s Crusoe), there has
been little research exploring design options for the V-ISA.
Both DAISY and Crusoe used traditional hardware ISAs as
their V-ISA. The IBM machines do use a specially devel-
oped V-ISA, but, as we explain in Section 6, it is also ex-
tremely complex, OS-dependent, requires complex OS ser-
vices for translation, and is designed more for a particular
application domain than for general-purpose software.
We believe a careful design for the V-ISA driven by the
needs of compiler technology, yet “universal” enough to
support arbitrary user and OS software, is crucial to achieve
the full benefits of the virtual architecture strategy. A com-
mon question is whether Java bytecode (as suggested by
Smith et al. [32]) or Microsoft’s Common Language In-
frastructure (CLI) could be used as a V-ISA for processors.
Since a processor V-ISA must support all external user soft-
ware and arbitrary operating systems, we believe the an-
swer is “no”. These representations are designed for a cer-
tain class of languages, and are not sufficiently language-
independent for a processor interface. They include com-
plex runtime software requirements, e.g., garbage collec-
tion and extensive runtime libraries, which are difficult to
implement without operating system support. Finally, they
are generally not well-suited for low-level code such as op-
erating system trap handlers, debuggers, and performance
monitoring tools.
This paper proposes a design for a Virtual Instruction Set
Architecture, and an accompanying compilation strategy for
arbitrary hardware. More specifically, this work makes three
contributions:
• It proposes a V-ISA design that is rich enough to sup-
port sophisticated compiler analyses and transforma-
tions, yet low-level enough to be closely matched to
native hardware instruction sets and to support all ex-
ternal code, including OS and kernel code.
• It carefully defines the behavior of exceptions and self-
modifying code to minimize the difficulties faced by
previous translators for DAISY [14] and Crusoe [11].
• It describes a translation strategy that allows offline
translation and offline caching of native code and pro-
file information, using an OS-independent interface to
access external system resources. The translation strat-
egy also leverages aggressive optimization at install-
time, runtime, and offline (“idle-time”), tailored to the
particular hardware and to profiling information from
actual users (these capabilities follow directly from the
V-ISA [26]).
 The virtual instruction set we propose uses simple RISC-
like operations, but is fully typed using a simple language-
independent type system, and includes explicit control flow
and dataflow information in the form of a Static Single As-
signment (SSA) representation. Equally important is what
the V-ISA does not include: a fixed register set, stack frame
layout, low-level addressing modes, limits on immediate
constants, delay slots, speculation, predication, or explicit
interlocks. All of these are better suited to the I-ISA than the
V-ISA. Nevertheless, the V-ISA is low-level enough to per-
mit extensive machine-independent optimization in source-
level and link-time compilers (unlike Java bytecode, for ex-
ample), reducing the amount of optimization required dur-
ing translation from V-ISA to I-ISA.
The benefits of a V-ISA design can only be determined
after developing new processor design options and the soft-
ware/hardware that exploit its potential. Instead, our goal in
this work is to evaluate the design in terms of its suitabil-
ity as a V-ISA. We have implemented the key components
of the compilation strategy for SPARC V9 and Intel IA-32
hardware processors, including an aggressive link-time in-
terprocedural optimization framework (which operates on
the V-ISA directly), native code generators that can be run
in either offline or JIT mode, and a software trace cache to
support trace-based runtime optimizations for the SPARC
V9. With these components, we address two questions:
• Qualitatively, is the instruction set rich enough to en-
able both machine-independent and dependent opti-
mizations during code generation?
• Experimentally, is the instruction set low-level enough
to map closely to a native hardware instruction set, and
to enable fast translation to native code?
2. Design Goals for A Virtual ISA
Figure 1 shows an overview of a system based on a
VISC processor. A VISC architecture defines an external
instruction set (V-ISA) and a binary interface specification
(V-ABI). An implementation of the architecture includes a
hardware processor plus a translator, collectively referred
to as the “processor.” We use “external software” to mean
all software except the translator. The translator is essen-
tially a compiler which translates “virtual object code” in
the V-ISA to native object code in the I-ISA.
In our proposed system architecture, all external soft-
ware may only use the V-ISA. This rigid constraint on ex-
ternal software is important for two reasons:
1. To ensure that the hardware processor can evolve (i.e.,
both the I-ISA and its implementation details visible to
the translator can be changed), without requiring any
external software to be recompiled.
2. To ensure that arbitrary operating systems that con-
form to the V-ABI can run on the processor.
Supporting arbitrary operating systems and system designs
raises significant potential challenges for supporting offline
translation and caching, as described in Section 4.1.
Because the primary consumer of a V-ISA is the software
translation layer, the design of a V-ISA must be driven by
an understanding of compiler technology. Most non-trivial
optimization and code generation tasks rely on information
about global control-flow, dataflow, and data dependence
properties of a program. Such properties can be extremely
difficult to extract from native machine code.
The challenge is to design a V-ISA that provides such
high-level information about program behavior, yet is ap-
propriate as an architecture interface for all external soft-
ware, including applications, libraries, and operating sys-
tems. We propose a set of design goals for such a V-ISA:
1. Simple, low-level operations that can be implemented
without a runtime system: To serve as a processor-
level instruction set for arbitrary software and enable
implementation without operating system support, the
V-ISA must use simple, low-level operations that can
each be mapped directly to a small number of hard-
ware operations.
2. No execution-oriented features that obscure program
behavior: The V-ISA should exclude ISA features that
make program analysis difficult and which can instead
be managed by the translator, such as limited num-
bers and types of registers, a specific stack frame lay-
out, low-level calling conventions, limited immediate
fields, or low-level addressing modes.
3. Portability across some family of processor designs:
It is impractical to design a “universal” V-ISA for
all conceivable hardware processor designs. Instead,
a good V-ISA design must enable some broad class
of processor implementations and maintain compati-
bility at the level of virtual object code for all proces-
sors in that class (key challenges include endianness
and pointer size).
4. High-level information to support sophisticated pro-
gram analysis and transformations: Such high-level
information is important not only for optimizations
but also for good machine code generation, e.g., effec-
tive instruction scheduling and register allocation. Fur-
thermore, improved program analysis can enable more
powerful cooperative software/hardware mechanisms
as described above.
5. Language independence: Despite including high-level
information (especially type information), it is essen-
tial that the V-ISA should be completely language-
independent, i.e., the types should be low-level and
general enough to implement high-level language op-
erations correctly and reasonably naturally.
 6. Operating system support: The V-ISA must fully sup-
port arbitrary operating systems that implement the
virtual Application Binary Interface (V-ABI) associ-
ated with the V-ISA (discussed in Section 3.1). There-
fore, it must provide all the necessary low-level mech-
anisms such as traps, memory management, and low-
level device I/O.
Note that high-level virtual machines such as JVM and
CLI fail to meet goals #1 (they use complex, high-level op-
erations with large runtime libraries), #5 (e.g., JVM and CLI
are tailored for object-oriented languages with a particular
inheritence model), and #6 (their complex runtime systems
require significant OS support in practice). In contrast, tra-
ditional machine ISAs fail to meet goals #2 and #4, and sat-
isfy #3 only to a limited extent (e.g., existing programs can-
not exploit new hardware instructions or larger architected
register files).
3. LLVA: A V-ISA for high performance
3.1. Components of the V-ISA
The LLVA Virtual Instruction Set is a source-language-
neutral, low-level, orthogonal, three-address instruction set.
Figure 2 shows an example C function and the correspond-
ing LLVA code. The basic components of the instruction set
are as follows.
Register Set and Memory Model LLVA uses an infinite,
typed, register file where all registers are in Static Single
Assignment (SSA) form [10] (described below). Registers
can only hold scalar values, viz., boolean, integer, float-
ing point, and pointer. This type information and the SSA
representation together provide the information needed for
simple or aggressive register allocation algorithms. To sup-
port an infinite register set, we use a self-extending instruc-
tion encoding, but define a fixed-size 32-bit format to hold
small instructions for compactness and translator efficiency.
Memory is partitioned into stack, heap, and global memory,
and all memory is explicitly allocated. LLVA is a load/s-
tore architecture: only load and store instructions ac-
cess data values in memory.
LLVA Instructions LLVA has a small, orthogonal instruc-
tion set consisting of only the 28 instructions listed in Ta-
ble 1. The orthogonality makes optimal pattern-matching
instruction selectors easier to use. Because almost all in-
structions are simple, three-address instructions with regis-
ter operands (add, mul, seteq, etc), the translation pro-
cess is primarily concerned with combining multiple LLVA
instructions into more complex I-ISA instructions wherever
possible. Furthermore, the simple low-level operations al-
low arbitrary machine-independent optimizations to be per-
formed ahead of time by static compilers when generating
LLVAcode (unlike JVM bytecode, where operations like ar-
ray bounds checks, virtual function call resolution, and in-
lining are difficult to eliminate statically).
LLVA provides low-level operations that can be used to
implement high-level language features, but in a machine-
independent manner. For example, array and structure in-
dexing operations are lowered to typed pointer arithmetic
with the getelementptr instruction (explained below).
Source-level array bounds checks are turned into explicit
comparisons. Virtual function dispatch in C++ becomes a
pair of loads to retrieve the function pointer followed by
a call (optimizations can eliminate some of these in the
static compiler, translator, or both) [26].
Type Name
arithmetic add, sub, mul, div, rem
bitwise and, or, xor, shl, shr
comparison seteq, setne, setlt, setgt, setle, setge
control-flow ret, br, mbr, invoke, unwind
memory load, store, getelementptr, alloca
other cast, call, phi
Table 1. Entire LLVA Instruction Set
Global Data-flow (SSA) & Control Flow Information A
key feature of LLVA that enables efficient dynamic transla-
tion is the use of SSA form as the primary representation
for scalar register values. SSA form is widely used for com-
piler optimizations because it allows for efficient “sparse”
algorithms for global dataflow problems and provides ex-
plicit def-use chains.
To represent SSA information directly in the code, LLVA
uses an explicit phi instruction to merge values at control-
flow join points. (for example, the %Ret.1 value in Fig-
ure 2(b)). The translator elimiantes the φ-nodes by introduc-
ing copy operations into predecessor basic blocks. These
copies are usually eliminated during register allocation.
Exposing an explicit Control flow Graph (CFG) is an-
other crucial feature of LLVA1 . Each function in LLVA is a
list of basic blocks, and each basic block is a list of instruc-
tions ending in a single control flow instruction that explic-
itly specifies its successor basic blocks. A control flow in-
struction can be a branch, multi-way branch, function re-
turn, invoke or unwind. invoke and unwind are used
to implement source-language exceptions via stack unwind-
ing, in a manner that is explicit, portable, and can be trans-
lated into efficient native code [26].
LLVA Type System The LLVA instruction set is fully-
typed, using a low-level, source-language-independent type
1 In contrast, extracting a Control Flow Graph from normal machine
code can be quite difficult in practice, due to indirect branches.

t y p e d e f s t r u c t QuadTree {
double Data ;
s t r u c t QuadTree ∗ C h i l d r e n [ 4 ] ;
} QT ;
v o i d S u m 3 r d C h i l d r e n (QT ∗ T ,
double ∗ R e s u l t ) {
double Ret ;
i f ( T = = 0 ) { Ret = 0 ;
} else {
QT ∗ C h i l d 3 =
T [ 0 ] . Children [ 3 ] ;
d o u b l e V;
S u m 3 r d C h i l d r e n ( C h i l d 3 , &V ) ;
Ret = V + T [ 0 ] . Data ;
}
∗ R e s u l t = Ret ;
} s t o r e double % Ret . 1 , double∗ % R e s u l t
(a) Example function
Figure 2. C and LLVA code for a function
system. The type system is very simple, consisting of prim-
itive types with predefined sizes (ubyte, uint, float, dou-
ble, etc...) and 4 derived types (pointer, array, structure, and
function). We chose this small set of derived types for two
reasons. First, we believe that most high-level language data
types are eventually represented using some combination of
these low-level types, e.g., a C++ class with base classes and
virtual functions is usually represented as a nested structure
type with data fields and a pointer to an constant array of
function pointers. Second, standard language-independent
optimizations use only some subset of these types (if any),
including optimizations that require array dependence anal-
ysis, pointer analysis (even field-sensitive algorithms [16]),
and call graph construction.
All instructions in the V-ISA have strict type rules, and
most are overloaded by type (e.g. ‘add int %X, %Y’
vs. ‘add float %A, %B’). There are no mixed-type op-
erations and hence, no implicit type coercion. An explicit
cast instruction is the sole mechanism to convert a regis-
ter value from one type to another (e.g. integer to floating
point or integer to pointer).
The most important purpose of the type system, however,
is to enable typed memory access. LLVA achieves this via
type-safe pointer arithmetic using the getelementptr
instruction. This enables pointer arithmetic to be expressed
directly in LLVA without exposing implementation details,
such as pointer size or endianness. To do this, offsets are
specified in terms of abstract type properties (field number
for a structure and element index for an array).
In the example, the %tmp.1 getelementptr instruc-
tion calculates the address of T[0].Children[3], by
using the symbolic indexes 0, 1, and 3. The “1” index is
a result of numbering the fields in the structure. On sys-
tems with 32-bit and 64-bit pointers, the offset from the %T
%s t r u c t . QuadTree = t y p e { double , [ 4 x %QT∗ ] }
%QT = t y p e % s t r u c t . QuadTree
v o i d % S u m 3 r d C h i l d r e n (%QT∗ %T , d o u b l e ∗ %Result ) {
e n t r y : %V = a l l o c a d o u b l e ; ; %V i s t y p e ’ d o u b l e ∗ ’
%tmp . 0 = s e t e q %QT∗ %T , n u l l ; ; t y p e ’ bool ’
br b o o l %tmp . 0 , l a b e l % e n d i f , label % else
else : ; ; tmp . 1 = & T [ 0 ] . C h i l d r e n [ 3 ] ’ C h i l d r e n ’ = Field #1
%tmp . 1 = g e t e l e m e n t p t r %QT∗ %T , l o n g 0 , ubyte 1 , long 3
%C h i l d 3 = l o a d %QT∗∗ %tmp . 1
c a l l v o i d % S u m 3 r d C h i l d r e n (%QT∗ % C h i l d 3 , d o u b l e ∗ %V)
%tmp . 2 = l o a d d o u b l e ∗ %V
%tmp . 3 = g e t e l e m e n t p t r %QT∗ %T , l o n g 0 , ubyte 0
%tmp . 4 = l o a d d o u b l e ∗ %tmp . 3
%R e t . 0 = add d o u b l e %tmp . 2 , % tmp . 4
br l a b e l % e n d i f
endif : %R e t . 1 = p h i d o u b l e [ % R e t . 0 , % e l s e ] , [ 0 . 0 , % e n t r y ]
r e t v o i d ; ; R e t u r n w i t h no v a l u e
}
(b) Corresponding LLVA code
pointer would be 20 bytes and 32 bytes respectively.
3.2. Representation Portability
As noted in Section 2, a key design goal for a V-ISA is
to maintain object code portability across a family of pro-
cessor implementations. LLVA is broadly aimed to support
general-purpose uniprocessors (Section 3.6 discusses some
possible extensions). Therefore, it is designed to abstract
away implementation details in such processors, including
the number and types of registers, pointer size, endianness,
stack frame layout, and machine-level calling conventions.
The stack frame layout is abstracted by using an explicit
alloca instruction to allocate stack space and return a
(typed) pointer to it, making all stack operations explicit.
As an example, the V variable in Figure 2(a) is allocated
on the stack (instead of in a virtual register) because its ad-
dress is taken for passing to Sum3rdChildren. In prac-
tice, the translator preallocates all fixed-size alloca objects
in the function’s stack frame at compile time.
The call instruction provides a simple abstract calling
convention, through the use of virtual register or constant
operands. The actual parameter passing and stack adjust-
ment operations are hidden by this abstract, but low-level,
instruction.
Pointer size and endianness of a hardware imple-
mentation are difficult to completely to abstract away.
Type-safe programs can be compiled to LLVA ob-
ject code will be automatically portable, without expos-
ing such I-ISA details. Non-type-safe code, however, (e.g.,
machine-dependent code in C that is conditionally com-
piled for different platforms) requires exposing such details
of the actual I-ISA configuration. For this reason, LLVA in-
cludes flags for properties that the source-language com-
piler can expose to the source program (currently, these are
pointer size and endianness). This information is also en-
coded in the object file so that, using this information, the
translator for a different hardware I-ISA can correctly exe-
cute the object code (although this emulation would incur
a substantial performance penalty on I-ISAs without hard-
ware support).
3.3. Exception Semantics
Previous experience with virtual processor architectures,
particularly DAISY and Transmeta, show that there are
three especially difficult features to emulate in traditional
hardware interfaces: load/store dependences, precise excep-
tions, and self-modifying code. The LLVA V-ISA already
simplifies detecting load/store dependences in one key way:
the type, control-flow, and SSA information enable sophisti-
cated alias analysis algorithms in the translator, as discussed
in 5.1. For the other two issues also, we have the opportu-
nity to minimize their impact through good V-ISA design.
Precise exceptions are important for implementing many
programming languages correctly (without overly complex
or inefficient code), but maintaining precise exceptions
greatly restricts the ability of compiler optimizations to re-
order code. Static compilers often have knowledge about
operations that cannot cause exceptions (e.g., a load of a
valid global in C), or operations whose exceptions can be
ignored for a particular language (e.g., integer overflow in
many languages).
We use two simple V-ISA rules to retain precise excep-
tions but expose non-excepting operations to the translator:
• Each LLVA instruction defines a set of possible excep-
tions that can be caused by executing that instruction.
Any exception delivered to the program is precise, in
terms of the visible state of an LLVA program.
• Each LLVA instruction has a boolean attribute named
ExceptionsEnabled. Exceptions generated by an
instruction are ignored if ExceptionsEnabled is
false for that instruction; otherwise all exception con-
ditions are delivered to the program. Exceptions-
Enabled is true by default for load, store and
div instructions. It is false by default for all other op-
erations, notably all arithmetic operations.
Note also that the ExceptionsEnabledattribute is a
static attribute and is provided in addition to other mecha-
nisms provided by the V-ABI to disable exceptions dynam-
ically at runtime (e.g. for use in trap handlers).
A second attribute for instructions we are considering
would allow exceptions caused by the instruction to be
delivered without being precise. Static compilers for lan-
guages like C and C++ could flag many untrapped exception
conditions (e.g., memory faults) in this manner, allowing
the translator to reorder such operations more freely (even
if the hardware only supported precise exceptions).
3.4. Self-modifying and Self-extending Code
We use the term Self-Modifying Code (SMC) for a
program that explicitly modifies its own pre-existing in-
structions. We use the term Self-Extending Code (SEC)
to refer to programs in which new code is added at run-
time, but that do not modify any pre-existing code. SEC
encompasses several behaviors such as class loading in
Java [17], function synthesis in higher-order languages,
and program-controlled dynamic code generation. SEC is
generally much less problematic for virtual architectures
than SMC. Furthermore, most commonly cited examples of
“self-modifying code” (e.g., dynamic code generation for
very high performance kernels or dynamic code loading in
operating systems and virtual machines) are really exam-
ples of SEC rather than SMC. Nevertheless, SMC can be
useful for implementing runtime code modifications in cer-
tain kinds of tools such as runtime instrumentation tools or
dynamic optimization systems.
LLVA allows arbitrary SEC, and allows a constrained
form of SMC that exploits the execution model for the
V-ISA. In particular, a program may modify its own (vir-
tual) instructions via a set of intrinsic functions, but such a
change only affects future invocations of that function, not
any currently active invocations. This ensures that SMC can
be implemented efficiently and easily by the translator, sim-
ply by marking the function’s generated code invalid, forc-
ing it to be regenerated the next time the function is invoked.
3.5. Support for Operating Systems
LLVA uses two key mechanisms to support operating
systems and user-space applications: intrinsic functions and
a privileged bit. LLVA uses a small set of intrinsic functions
to support operations like manipulating page tables and
other kernel operations. These intrinsics are implemented
by the translator for a particular target. Intrinsics can be de-
fined to be valid only if the privileged bit is set to true, oth-
erwise causing a kernel trap. A trap handler is an ordinary
LLVA function with two arguments: the trap number and a
pointer of type void* to pass in additional information to
the handler. Trap handlers can refer to the register state of
an LLVM program using a standard, program-independent
register numbering scheme for virtual registers. Other in-
trinsic functions can be used to traverse the program stack
and scan stack frames in an I-ISA-independent manner, and
to register the entry points for trap handlers.
3.6. Possible Extensions to the V-ISA
Thre are two important kinds of functionality that could
be added to the V-ISA. First, the architecture certainly re-
quires definition of synchronization operations and a mem-
ory model to support parallel programs (these primitives are
difficult to make universal, and thus may have to be de-
fined with a family of implementations in mind). Second,

Application Operating System
Software
Kernel Storage
V−ISA
I−ISA code
Profile info
Execution Manager
Optional
translator
components
Code
Profiling
Static/Dynamic
Generation Optimization
I−ISA
Hardware Processor
Figure 3. The LLVA execution manager and
interface to offline storage.
packed operations (also referred to as subword parallelism)
are valuable to media and signal-processing codes. These
operations must be encoded in the V-ISA because it is diffi-
cult for the translator to automatically synthesize them from
ordinary sequential code. Finally, we are developing V-
ISA extensions that provide machine-independent abstrac-
tions for chip parallelism. These extensions could be valu-
able as explicit on-chip parallelism becomes more prevalent
(e.g., [33, 21, 31]), raising potentially serious challenges for
preserving portability while achieving the highest possible
performance across different generations of processors.
4. Translation Strategy
The goals of our translation strategy are to (a) minimize
the need for online translation, and (b) to exploit the novel
optimization capabilities enabled by a rich, persistent code
representation. This paper does not aim to develop new opti-
mization techniques. We are developing such techniques in
ongoing research, as part of a complete framework for life-
long code optimization on ordinary processors [26]. Here,
we focus on the VISC translation strategy and on the impli-
cations of the optimization capabilities for VISC designs.
We begin by describing the “on-chip” runtime execution
engine (LLEE) that manages the translation process. We fo-
cus in particular on strategies by which it interacts with the
surrounding software system to get access to offline stor-
age and enable offline translation. We then describe how
the translation strategy exploits the optimization capabili-
ties enabled by a rich persistent code representation.
4.1. LLEE: OS-Independent Translation System
We distinguish two scenarios with different primary con-
straints on the translation system. The first is when a pro-
cessor is designed or optimized for a particular OS (e.g.,
PowerPCs customized for AS/400 systems running IBM’s
OS/400 [9]). For a VISC processor in such a scenario, the
translator can live in offline storage as part of the OS, it can
be invoked to perform offline translation, and it can use OS-
specific interfaces directly to read and write translations and
profile information to offline storage. It can exploit all the
optimization mechanisms enabled by the V-ISA, described
below. Such a processor should obtain all the benefits of a
VISC design without any need for online translation.
More commonly, however, a processor is designed with
no assumptions about the OS or available storage. The
lack of such knowledge places constraints on the transla-
tor, as can be seen in DAISY’s and Crusoe’s translation
schemes [11, 14]. Not only is the entire translator program
located in ROM, but the translated code and any associ-
ated profile information live only in memory and are never
cached in persistent storage between executions of a pro-
gram. Consequently, programs are always translated online
after being launched, if the translation does not exist in an
in-memory cache.
We propose a translation strategy for such a situation that
can enable offline translation and caching, if an OS ported
to LLVA chooses to exploit it. We have developed a transpar-
ent execution environment called LLEE that embodies this
strategy, though it is currently implemented at user-level on
a standard POSIX system, as described below. It is depicted
in Figure 3.
The LLEE translation strategy can be summarized as
“offline translation when possible, online translation when-
ever necessary.” A subset (perhaps all) of the translator suf-
ficient for translation and some set of optimizations would
live in ROM or flash memory on the processor chip. It is in-
voked only by LLEE. The V-ABI defines a standard, OS-
independent interface with a set of routines that enables
LLEE to read, write, and validate data in offline storage.
This interface is the sole “gateway” that LLEE could use
to call into the OS. An OS ported to LLVA can choose to
implement these routines for higher performance, but they
are strictly optional and the system will operate correctly in
their absence.
Briefly, the basic gateway includes routines to create,
delete, and query the size of an offline cache, read or write
a vector of N bytes tagged by a unique string name from/to
a cache, and check a timestamp on an LLVA program or on
a cached vector. Because these routines are implemented by
the OS, and so cannot be linked into the translator, we also
define one special LLVA intrinsic routine (recall that an in-
trinsic is a function implemented by the translator) that the
OS can use at startup to register the address of the gateway
routine with the translator. This gateway routine can then
be called directly by the translator to query the addresses of
other gateway routines, also at startup. This provides a sim-
ple but indefinitely extensible linkage mechanism between
translator and OS.
LLEE orchestrates the translation process as follows.
When the OS loads and transfers control to an LLVA exe-
cutable in memory, LLEE is invoked by the processor hard-
ware. If the OS gateway has been implemented, LLEE uses
it to look for a cached translation of the code, checks its
timestamp if it exists, and reads it into memory if the trans-
lation is not out of date. If successful, LLEE performs re-
location as necessary on the native code and then transfers
control to it directly. If any condition fails, LLEE invokes
the JIT compiler on the entry function. Any new translated
code generated by the JIT compiler can be written back to
the offline cache if the gateway is available. During idle
times, the OS can notify LLEE to perform offline transla-
tion of an LLVA program by initiating “execution” as above,
but flagging it for translation and not actual execution.
Our implementation of LLEE is faithful to this descrip-
tion except: (a) LLEE is a user-level shared library that is
loaded when starting a shell. This library overrides ex-
ecve() with a new version that recognizes LLVA exe-
cutables and either invokes the JIT on them or executes the
cached native translations from the disk, using a user-level
version of our gateway. (b) Both the JIT and offline compil-
ers are ordinary programs running on Solaris and Linux, and
the offline compiler reads and writes disk files directly. (c)
LLVA executables can invoke native libraries not yet com-
piled to LLVA, e.g., the X11 library.
4.2. Optimization Strategy
The techniques above make it possible to perform offline
translation for LLVA executables, even with a completely
OS-independent processor design. There are also important
new optimization opportunities created by the rich V-ISA
code representation, that a VISC architecture can exploit,
but most of which are difficult to for programs compiled di-
rectly to native code. These include:
1. Compile-time and link-time machine-independent op-
timization (outside the translator).
2. Install-time, I-ISA-specific optimization (before trans-
lation).
3. Runtime, trace-driven machine-specific optimization.
4. “Idle-time” (between executions) profile-guided,
machine-specific optimization using profile informa-
tion reflecting actual end-user behavior.
As noted earlier, the LLVA representation allow substan-
tial optimization to be performed before translation, mini-
mizing optimization that must be performed online. Of this,
optimization at link-time is particularly important because
it is the first time that most or all modules of an application
are simultaneously available, without requiring changes to
application Makefiles and without sacrificing the key bene-
fits of separate compilation. In fact, many commercial com-
pilers today perform interprocedural optimization at link-
time, by exporting their proprietary compiler internal repre-
sentation during static compilation [3, 20]. Such compiler-
specific solutions are unnecessary with LLVA because it
retains rich enough information to support extensive opti-
mizations, as demonstrated in 5.1.
Install-time optimization is just an application of the
translator’s optimization and code generation capabilities to
generate carefully tuned code for a particular system con-
figuration. This is a direct benefit of retaining a rich code
representation until software is installed, while still retain-
ing the ability to do offline code generation.
Unlike other trace-driven runtime optimizers for native
binary code, such as Dynamo [4], we have both the rich
V-ISA and a cooperating code generator. Our V-ISA pro-
vides us with ability to perform static instrumentation to
assist runtime path profiling, and to use the CFG at run-
time to perform path profiling within frequently executed
loop regions while avoiding interpretation. It also lets us de-
velop an aggressive optimization strategy that operates on
traces of LLVA code corresponding to the hot traces of na-
tive code. We have implemented the tracing strategy and
software trace cache, including the ability to gather cross-
procedure traces, [26], and we are now developing runtime
optimizations that exploit these traces.
The rich information in LLVA also enables “idle-time”
profile-guided optimization (PGO) using the translator’s op-
timization and code generation capabilities. The important
advantage is that this step can use profile information gath-
ered from executions on an end-user’s system. This has
three distinct advantages over static PGO: (a) the profile in-
formation is more likely to reflect end-user behavior than
hypothetical profile information generated by developers
using predicted input sets; (b) developers often do not use
profile-guided optimization or do so only in limited ways,
whereas “idle-time” optimization can be completely trans-
parent to users, if combined with low-overhead profiling
techniques; and (c) idle-time optimization can combine pro-
file information with detailed information about the user’s
specific system configuration.
5. Initial Evaluation
We believe the performance implications of a Virtual
ISA design cannot be evaluated meaningfully without (at
least) a processor design with hardware mechanisms that
support translation and optimization [11]), and (preferably)
basic cooperative hardware/software mechanisms that ex-
ploit the design. Since the key contribution of this paper is
the design of LLVA, we focus on evaluating the features
of this design. In particular, we consider the 2 questions
listed in the Introduction: does the representation enable
high-level analysis and optimizations, and is the represen-
tation low-level enough to closely match with hardware and
to be translated efficiently?
5.1. Supporting High Level Optimizations
The LLVA code representation presented in this paper is
also used as the internal representation of a sophisticated
compiler framework we call Low Level Virtual Machine
(LLVM) [26]. LLVM includes front-ends for C and C++
based on GCC, code generators for both Intel IA-32 and
SPARC V9 (each can be run either offline or as a JIT com-
piling functions on demand), a sophisticated link-time op-
timization system, and a software trace cache. Compared
with the instruction set in Section 3, the differences in the
compiler IR are: (a) the compiler extracts type information
for memory allocation operations and converts them into
typed malloc and free instructions (the back-ends trans-
late these back into the library calls), and (b) the Excep-
tionEnabled bit is hardcoded based on instruction op-
code. The compiler system uses equivalent internal and ex-
ternal representations, avoiding the need for complex trans-
lations at each stage of the compilation process.
The compiler uses the virtual instruction set for a va-
riety of analyses and optimizations including many classi-
cal dataflow and control-flow optimizations, as well as more
aggressive link-time interprocedural analyses and transfor-
mations. The classical optimizations directly exploit the
control-flow graph, SSA representation, and several choices
of pointer analysis. They are usually performed on a per
module-basis, before linking the different LLVA object code
modules, but can be performed at any stage of a program’s
lifetime where LLVA code is available.
We also perform several novel interprocedural tech-
niques using the LLVA representation, all of which operate
at link-time. Data Structure Analysis is an efficient, context-
sensitive pointer analysis, which computes both an accu-
rate call graph and points-to information. Most importantly,
it is able to identify information about logical data struc-
tures (e.g., an entire list, hashtable, or graph), including
disjoint instances of such structures, their lifetimes, their
internal static structure, and external references to them.
Automatic Pool Allocation is a powerful interprocedural
transformation that uses Data Structure Analysis to parti-
tion the heap into separate pools for each data structure in-
stance [25]. Finally, we have shown that the LLVA repre-
sentation is rich enough to perform complete, static analy-
sis of memory safety for a large class of type-safe C pro-
grams [24, 13]. This work uses both the techniques above,
plus an interprocedural array bounds check removal algo-
rithm [24] and some custom interprocedural dataflow and
control flow analyses [13].
The interprocedural techniques listed above are tradi-
tionally considered very difficult even on source-level im-
perative languages, and are impractical for machine code. In
fact, all of these techniques fundamentally require type in-
formation for pointers, arrays, structures and functions in
LLVA plus the Control Flow Graph. The SSA represen-
tation significantly improves both the precision and speed
of the analyses and transformations. Overall, these exam-
ples amply demonstrate that the virtual ISA is rich enough
to support powerful (language-independent) compiler tasks
traditionally performed only in source-level compilers.
5.2. Low-level Nature of the Instruction Set
Table 2 presents metrics to evaluate the low-level nature
of the LLVA V-ISA. The benchmarks we use include the
PtrDist benchmarks [2] and the SPEC CINT2000 bench-
marks (we omit three SPEC codes because their LLVAob-
ject code versions fail to link currently). The first two
columns in the table list the benchmark names and the num-
ber of lines of C source code for each.
Columns 3 and 4 in the table show the fully linked code
sizes for a statically compiled native executable and for the
LLVA object program. The native code is generated from
the LLVA object program using our static back end for
SPARC V9. These numbers are comparable because they
reflect the same LLVA optimizations were applied in both
cases. The numbers show that the virtual object code is sig-
nificantly smaller than the native code, roughly 1.3x to 2x
for the larger programs in the table (the smaller programs
have even larger ratios)2 . Overall, despite containing ex-
tra type and control flow information and using SSA form,
the virtual code is still quite compact for two reasons. First,
most instructions usually fit in a single 32-bit word. Second,
the virtual code does not include verbose machine-specific
code for argument passing, register saves and restores, load-
ing large immediate constants, etc.
The next five columns show the number of LLVA instruc-
tions, the total number of machine instructions generated by
the X86 back-end, and the ratio of the latter to the former
(also for Sparc). This back-end performs virtually no op-
timization and very simple register allocation resulting in
significant spill code. Nevertheless, each LLVA instruction
translates into very few I-ISA instructions on average; about
2-3 for X86 and 3-4 for SPARC V9. Furthermore, all LLVA
instructions are translated directly to native machine code
– no emulation routines are used at all. These results indi-
cate that the LLVA instruction set uses low-level operations
that match closely with native hardware instructions.
Finally, the last three columns in the table show the to-
tal code generation time taken by the X86 JIT compiler to
compile the entire program (regardless of which functions
are actually executed), the total running time of each pro-
gram when compiled natively for X86 using gcc -O3, and
the ratio of the two. As the table shows, the JIT compila-
tion times are negligible, except for large codes with short
running time. Furthermore, this behavior should extend to
much larger programs as well because the JIT translates
functions on demand, so that unused code is not translated
(we show the compilation time for the entire program, since
that makes the data easier to understand). Overall, this data
2 The GCC compiler generates more compact SPARC V8 code, which
is roughly equal in size to the bytecode [26].
 Program #LOC Native LLVM code #LLVM #X86 Ratio #SPARC Ratio Translate Run Ratio
size (KB) size (KB) Inst. Inst. Inst. Time (s) time (s)
ptrdist-anagram 647 21.7 10.7 776 1817 2.34 2550 3.29 0.0078 1.317 0.006
ptrdist-ks 782 24.9 12.1 1059 2732 2.58 4446 4.20 0.0039 1.694 0.002
ptrdist-ft 1803 20.9 10.1 799 1990 2.49 2818 3.53 0.0117 2.797 0.004
ptrdist-yacr2 3982 58.3 36.5 4279 10881 2.54 12252 2.86 0.0429 2.686 0.016
ptrdist-bc 7297 112.0 74.4 7276 19286 2.65 25697 3.53 0.1308 1.307 0.100
179.art 1283 37.8 17.9 2027 5385 2.66 7031 3.47 0.0253 114.723 0.000
183.equake 1513 44.4 23.9 2863 6409 3.14 8275 2.89 0.0273 18.005 0.002
181.mcf 2412 32.0 17.3 2039 4707 2.31 4601 2.26 0.0175 24.516 0.001
256.bzip2 4647 73.5 55.7 5103 11984 2.35 14157 2.77 0.0371 20.896 0.002
164.gzip 8616 94.0 68.6 7594 17500 2.30 20880 2.75 0.0527 19.332 0.003
197.parser 11391 223.0 175.3 17138 41671 2.43 57274 3.34 0.1601 4.718 0.034
188.ammp 13483 265.1 163.2 21961 53529 2.44 67679 3.08 0.1074 58.758 0.002
175.vpr 17729 331.0 184.4 18041 58982 3.27 74696 4.14 0.1425 7.924 0.018
300.twolf 20459 487.7 330.0 45017 104613 2.32 119691 2.66 0.0156 9.680 0.002
186.crafty 20650 555.5 336.4 34080 104093 3.05 110630 3.25 0.4531 15.408 0.029
255.vortex 67223 976.3 719.3 72039 195648 2.72 224488 3.12 0.7773 6.753 0.115
254.gap 71363 1088.1 854.4 111482 246102 2.21 272483 2.44 0.4824 3.729 0.129

Table 2. Metrics demonstrating code size and low-level nature of the V-ISA

shows that it is possible to do a very fast, non-optimizing
translation of LLVA code to machine code at very low cost.
Any support to translate code offline and/or to cache trans-
lated code offline should further reduce the impact of this
translation cost.
Overall, both the instruction count ratio and the JIT com-
pilation times show that the LLVA V-ISA is very closely
matched to hardware instruction sets in terms of the com-
plexity of the operations, while the previous subsection
showed that it includes enough high-level information for
sophisticated compiler optimizations. This combination of
high-level information with low-level operations is the cru-
cial feature that (we believe) makes the LLVA instruction
set a good design for a Virtual Instruction Set Architecture.
6. Related Work
Virtual machines of different kinds have been widely
used in many software systems, including operating sys-
tems (OS), language implementations, and OS and hard-
ware emulators. These uses do not define a Virtual ISA
at the hardware level, and therefore do not directly benefit
processor design (though they may influence it). The chal-
lenges of using two important examples – Java Virtual Ma-
chine and Microsoft CLI – as a processor-level virtual ISA
were discussed in the Introduction.
We know of four previous examples of VISC archi-
tectures, as defined in Section 1: the IBM System/38
and AS/400 family [9], the DAISY project at IBM Re-
search [14], Smith et al.’s proposal for Codesigned Virtual
Machines in the Strata project [32], and Transmeta’s Cru-
soe family of processors [23, 11]. All of these distinguish
the virtual and physical ISAs as a fundamental proces-
sor design technique. To our knowledge, however, none
except the IBM S/38 and AS/400 have designed a virtual in-
struction set for use in such architectures.
The IBM AS/400, building on early ideas in the S/38, de-
fined a Machine Interface (MI) that was very high-level, ab-
stract and hardware-independent (e.g., it had no registers or
storage locations). It was the sole interface for all applica-
tion software and for much of OS/400. Their design, how-
ever, differed from ours in fundamental ways, and hence
does not meet the goals we laid out in Section 2. Their MI
was targeted at a particular operating system (the OS/400),
it was designed to be implemented using complex operating
system and database services and not just a translator, and
was designed to best support a particular workload class,
viz., commercial database-driven workloads. It also had a
far more complex instruction set than ours (or any CISC
processors), including string manipulation operations, and
“object” manipulation operations for 15 classes of objects
(e.g., programs and files). In contrast, our V-ISA is philo-
sophically closer to modern processor instruction sets in be-
ing a minimal, orthogonal, load/store architecture; it is OS-
independent and requires no software other than a transla-
tor; and it is designed to support modern static and dynamic
optimization techniques for general-purpose software.
DAISY [14] developed a dynamic translation scheme for
emulating multiple existing hardware instruction sets (Pow-
erPC, Intel IA-32, and S/390) on a VLIW processor. They
developed a novel translation scheme with global VLIW
scheduling fast enough for online use, and hardware exten-
sions to assist the translation. Their translator operated on
a page granularity. Both the DAISY and Transmeta transla-
tors are stored entirely in ROM on-chip. Because they fo-
cus on existing V-ISAs with existing OS/hardware interface
specifications, they cannot assume any OS support and thus
cannot cache any translated code or profile information in
off-processor storage, or perform any offline translation.
Transmeta’s Crusoe uses a dynamic translation scheme
to emulate Intel IA-32 instructions on a VLIW hardware
processor [23]. The hardware includes important support-
ing mechanisms such as shadowed registers and a gated
store buffer for speculation and rollback recovery on ex-
ceptions, and alias detection hardware in the load/store
pipeline. Their translator, called Code Morphing Software
(CMS), exploits these hardware mechanisms to reorder in-
structions aggressively in the presence of the challenging
features identified in Section 3.3, namely, precise excep-
tions, memory dependences, and self-modifying code (as
well as memory-mapped I/O) [11]. They use a trace-driven
reoptimization scheme to optimize frequently executed dy-
namic sequences of code. Crusoe does do not perform any
offline translation or offline caching, as noted above.
Smith et al. in the Strata project have recently but
perhaps most clearly articulated the potential benefits of
VISC processor designs, particularly the benefits of co-
designing the translator and a hardware processor with an
implementation-dependent ISA [32]. They describe a num-
ber of examples illustrating the flexibility hardware design-
ers could derive from this strategy. They have also devel-
oped several hardware mechanisms that could be valuable
for implementing such architectures, including relational
profiling [19], a microarchitecture with a hierarchical reg-
ister file for instruction-level distributed processing [22],
and hardware support for working set analysis [12]. They
do not propose a specific choice of V-ISA, but suggest that
one choice would be to use Java VM as the V-ISA (an op-
tion we discussed in the Introduction).
Previous authors have developed Typed Assembly Lan-
guages [28, 7] with goals that generally differ significantly
from ours. Their goals are to enable compilation from
strongly typed high-level languages to typed assembly lan-
guage, enabling sound (type preserving) program transfor-
mations, and to support program safety checking. Their type
systems are higher-level than ours, because they attempt
to propagate significant type information from source pro-
grams. In comparison, our V-ISA uses a much simpler, low-
level type system aimed at capturing the common low-level
representations and operations used to implement compu-
tations from high-level languages. It is also designed to to
support arbitrary non-type-safe code efficiently, including
operating system and kernel code.
Binary translation has been widely used to provide bi-
nary compatibility for legacy code. For example, the FX!32
tool uses a combination of online interpretation and offline
profile-guided translation to execute Intel IA-32 code on Al-
pha processors [8]. Unlike such systems, a VISC architec-
ture makes binary translation an essential part of the design
strategy, using it for all codes, not just legacy codes.
There is a wide range of work on software and hard-
ware techniques for transparent dynamic optimization of
programs. Transmeta’s CMS [11] and Dynamo [4] iden-
tify and optimize hot traces at runtime, similar to our re-
optimization strategy but without the benefits of a rich V-
ISA. Many JIT compilers for Java, Self, and other languages
combine fast initial compilation with adaptive reoptimiza-
tion of “hot” methods (e.g., see [1, 6, 18, 34]). Finally,
many hardware techniques have been proposed for improv-
ing the effectiveness of dynamic optimization [27, 30, 35].
When combined with a rich V-ISA that supports more ef-
fective program analyses and transformations, these soft-
ware and hardware techniques can further enhance the ben-
efits of VISC architectures.
7. Conclusions and Future Work
Trends in modern processors indicate that CPU cycles
and raw transistors are becoming increasingly cheap, while
control complexity, wire delays, power, reliability, and test-
ing cost are becoming increasingly difficult to manage. Both
trends favor virtual processor architectures: the extra CPU
cycles can be spent on software translation, the extra tran-
sistors can be spent on mechanisms to assist that translation,
and a cooperative hardware/software design supported by a
rich virtual program representation could be used in numer-
ous ways to reduce hardware complexity and potentially in-
crease overall performance.
This paper presented LLVA, a design for a language-
independent, target-independent virtual ISA. The instruc-
tion set is low-level enough to map directly and closely to
hardware operations but includes high-level type, control-
flow and dataflow information needed to support sophis-
ticated analysis and optimization. It includes novel mech-
anisms to overcome the difficulties faced by previous vir-
tual architectures such as DAISY and Transmeta’s Crusoe,
including a flexible exception model, minor constraints on
self-modifying code to dovetail with the compilation strat-
egy, and an OS-independent interface to access offline stor-
age and enable offline translation.
Evaluating the benefits of LLVA requires a long-term
research program. We have three main goals in the near
future: (a) Develop and evaluate cooperative (i.e., code-
signed) software/hardware design choices that reduce hard-
ware complexity and assist the translator to achieve high
overall performance. (b) Extend the V-ISA with machine-
independent abstractions of fine- and medium-grain paral-
lelism, suitable for mapping to explicitly parallel processor
designs, as mentioned in Section 3.6. (c) Port an existing
operating system (in incremental steps) to work on top of
the LLVA architecture, and explore the OS design implica-
tions of such an implementation.
Acknowledgements
We thank Jim Smith, Sarita Adve, John Criswell and
the anonymous referees for their detailed feedback on this
paper. This work has been supported by an NSF CA-
REER award, EIA-0093426, the NSF Operating Systems
and Compilers program under grant number CCR-9988482,
and the SIA’s MARCO Focus Center program.
References
[1] A.-R. Adl-Tabatabai, et al. Fast and effective code genera-
tion in a just-in-time Java compiler. In PLDI, May 1998.
[2] T. Austin, et al. The pointer-intensive benchmark
suite. Available at www.cs.wisc.edu/˜austin/ptr-
dist.html, Sept 1995.
[3] A. Ayers, S. de Jong, J. Peyton, and R. Schooler. Scal-
able cross-module optimization. ACM SIGPLAN Notices,
33(5):301–312, 1998.
[4] V. Bala, E. Duesterwald, and S. Banerjia. Dynamo: A trans-
parent dynamic optimization system. In PLDI, pages 1–12,
June 2000.
[5] D. Burger and J. R. Goodman. Billion-transistor architec-
tures. Computer, 30(9):46–49, Sept 1997.
[6] M. G. Burke, J.-D. Choi, S. Fink, D. Grove, M. Hind,
V. Sarkar, M. J. Serrano, V. C. Sreedhar, H. Srinivasan, and
J. Whaley. The Jalapeño Dynamic Optimizing Compiler for
Java. In Java Grande, pages 129–141, 1999.
[7] J. Chen, D. Wu, A. W. Appel, and H. Fang. A provably sound
TAL for back-end optimization. In PLDI, San Diego, CA,
Jun 2003.
[8] A. Chernoff, et al. FX!32: A profile-directed binary transla-
tor. IEEE Micro, 18(2):56–64, 1998.
[9] B. E. Clark and M. J. Corrigan. Application system/400 per-
formance characteristics. IBM Systems Journal, 28(3):407–
423, 1989.
[10] R. Cytron, J. Ferrante, B. K. Rosen, M. N. Wegman, and
F. K. Zadeck. Efficiently computing static single assignment
form and the control dependence graph. TOPLAS, pages
13(4):451–490, October 1991.
[11] J. C. Dehnert, et al. The Transmeta Code Morphing Soft-
ware: Using speculation, recovery and adaptive retransla-
tion to address real-life challenges. In Proc. 1st IEEE/ACM
Symp. Code Generation and Optimization, San Francisco,
CA, Mar 2003.
[12] A. S. Dhodapkar and J. E. Smith. Managing multi-
configuration hardware via dynamic working set analysis. In
ISCA, Alaska, May 2002.
[13] D. Dhurjati, S. Kowshik, V. Adve, and C. Lattner. Mem-
ory safety without runtime checks or garbage collection. In
LCTES, San Diego, CA, Jun 2003.
[14] K. Ebcioglu and E. R. Altman. DAISY: Dynamic compi-
lation for 100% architectural compatibility. In ISCA, pages
26–37, 1997.
[15] J. Fisher. Walk-time techniques: Catalyst for architectural
change. Computer, 30(9):46–42, Sept 1997.
[16] R. Ghiya, D. Lavery, and D. Sehr. On the importance of
points-to analysis and other memory disambiguation meth-
ods for C programs. In PLDI. ACM Press, 2001.
[17] J. Gosling, B. Joy, G. Steele, and G. Bracha. The Java
Language Specification, 2nd Ed. Addison-Wesley, Reading,
MA, 2000.
[18] D. Griswold. The Java HotSpot Virtual Machine Architec-
ture, 1998.
[19] T. H. Heil and J. E. Smith. Relational profiling: enabling
thread-level parallelism in virtual machines. In MICRO,
pages 281–290, Monterey, CA, Dec 2000.
[20] IBM Corp. XL FORTRAN: Eight Ways to Boost Perfor-
mance. White Paper, 2000.
[21] Intel Corp. Special Issue on Intel HyperThreading Technol-
ogy in Pentium 4 Processors. Intel Technology Journal, Q1,
2002.
[22] H.-S. Kim and J. E. Smith. An instruction set and microar-
chitecture for instruction level distributed processing. In
ISCA, Alaska, May 2002.
[23] A. Klaiber. The Technology Behind Crusoe Processors,
2000.
[24] S. Kowshik, D. Dhurjati, and V. Adve. Ensuring code safety
without runtime checks for real-time control systems. In
CASES, Grenoble, France, Oct 2002.
[25] C. Lattner and V. Adve. Automatic Pool Allocation for Dis-
joint Data Structures. In Proc. ACM SIGPLAN Workshop on
Memory System Performance, Berlin, Germany, Jun 2002.
[26] C. Lattner and V. Adve. LLVM: A Compilation Framework
for Lifelong Program Analysis and Transformation. Tech.
Report UIUCDCS-R-2003-2380, Computer Science Dept.,
Univ. of Illinois at Urbana-Champaign, Sept 2003.
[27] M. C. Merten, A. R. Trick, E. M. Nystrom, R. D. Barnes,
and W. m. W. Hwu. A hardware mechanism for dynamic ex-
traction and relayout of program hot spots. In ISCA, pages
59–70, Jun 2000.
[28] G. Morrisett, D. Walker, K. Crary, and N. Glew. From Sys-
tem F to typed assembly language. TOPLAS, 21(3):528–569,
May 1999.
[29] P. Oberoi and G. S. Sohi. Parallelism in the front-end. In
ISCA, June 2003.
[30] S. J. Patel and S. S. Lumetta. rePLay: A Hardware Frame-
work for Dynamic Optimization. IEEE Transactions on
Computers, Jun 2001.
[31] K. Sankaralingam, R. Nagarajan, H. Liu, C. Kim, , and
J. Huh. Exploiting ILP, TLP, and DLP with the Polymor-
phous TRIPS Architecture. In ISCA, June 2003.
[32] J. E. Smith, T. Heil, S. Sastry, and T. Bezenek. Achieving
high performance via co-designed virtual machines. In Inter-
national Workshop on Innovative Architecture (IWIA), 1999.
[33] J. M. Tendler, J. S. Dodson, J. S. Fields, Jr., H. Le, and B. Sin-
haroy. The POWER4 system microarchitecture. IBM Jour-
nal of Research and Development, 46(1):5–26, 2002.
[34] D. Ungar and R. B. Smith. Self: The power of simplicity. In
OOPSLA, 1987.
[35] C. Zilles and G. Sohi. A programmable coprocessor for pro-
filing. In HPCA, Jan 2001.