Re: Comments for reverse idea


Wannabee asked:

Is it possible to create a x86 CPU emulator, that "records" an app?

Yes, but see ..

I mean, the cpu reverses any app each time it run right?

?? the CPU just executes binary coded instructions in memory.
The OS loads, relocates, links, runtime compiles, and hide ...

So, could you not run an app in such an emulator, that simply
recorded everything while executing it so that it could from
theese recording analyzes, just print everything that has executed?
Including data etc. ?

'Everything' will be a problem, because this would mean to also
emulate the OS, IRQs, BIOS and not at least 'the User',
ie: one may hit invalid keys, while the other wont.
Rod already answered this in more detail.

If you just want to have a 'list of real used' data references and
all 'called' API and DLL including passed parameters, this sounds
reasonable and doable as well.
But then you can also use OllyDebug :)

Think to take a large app that you need for just a few small
things. Like loading a document, and print it.
You start it, and then you perform just the things you need,
and you close it. Then you print everything thats has happen to a new
exe, that may just contain a smaller piece of the whole app?

This function-extractor would be a good tool,
but would need a decent smart code-analyser.

Is this an insane idea? Or could it be doable to some degree?

Not at all. Yes, doable to a certain (perhaps limited) degree.

OTOH CPUs are featured with Performance Monitors which can be used
together with MSRs and PCI-bridge-internals to detect only one time
used cache lines, but this all are totally HW-specific, so of rare use.

I still work on my static code analyser which will create a flow-chart
containing also indeterminable dependencies.
Finally it shall be able to show code trace differences for manually
entered decisions. A huge job ahead, beside the daily work ...

__
wolfgang



.

Relevant Pages

  • Re: performance Winxp vs Linux
    ... Re: 'low' CPU consumption ... A benchmark app we use executes in a given time on a new Win2K box. ... Long story short - Under XP, drivers from the motherboard driver CD had ...
    (comp.lang.tcl)
  • Re: GetCurrentProcessorNumber() for XP?
    ... building a one->one mapping of APIC ID to CPU number; ... instruction executes, ... executing the appropriate cpuid instruction, ...
    (microsoft.public.win32.programmer.kernel)
  • Re: Can Someone Change My Mind About .NET?
    ... run-time that actually executes your implementation. ... cpu code, and that explains why the .NET program starts up slower, but if ... executable in the future since the Windows core is beeing replaced by pure ... to go for future operating systems and programming languages. ...
    (microsoft.public.dotnet.general)
  • Re: Uses for memory barriers
    ... ordering consistent with all the serieses of values. ... then they will see the stores in the same order. ... specifying an order for events that take place on more than one CPU, ... A similar example would show that any stores CPU 2 executes ...
    (Linux-Kernel)