Print instruction summary

2026-01-18 19:23:56 +00:00 · 2025-08-18 19:00:31 +02:00
parent 5a3d05c64c
commit c71c204583
5 changed files with 81 additions and 3 deletions
--- a/page/src/components/settings-menu.tsx
+++ b/page/src/components/settings-menu.tsx
@@ -172,6 +172,21 @@ export class SettingsMenu extends React.Component<SettingsMenuProps, Settings> {
          />
        </div>

+        <div className="flex gap-6">
+          <Checkbox
+            id="settings-summary"
+            checked={this.state.instructionSummary}
+            onCheckedChange={(checked: boolean) => {
+              this.setState({ instructionSummary: checked });
+            }}
+          />
+          <SettingsLabel
+            htmlFor="settings-summary"
+            text={"Print Instruction Summary"}
+            tooltip={"Print summary of executed instructions"}
+          />
+        </div>
+
        <div className="flex gap-6">
          <Checkbox
            id="settings-persist"
--- a/page/src/settings.ts
+++ b/page/src/settings.ts
@@ -9,6 +9,7 @@ export interface Settings {
  execAccess: boolean;
  foreignAccess: boolean;
  wasm64: boolean;
+  instructionSummary: boolean;
  ignoredFunctions: string[];
  interestingModules: string[];
  commandLine: string;
@@ -24,6 +25,7 @@ export function createDefaultSettings(): Settings {
    execAccess: true,
    foreignAccess: false,
    wasm64: false,
+    instructionSummary: false,
    ignoredFunctions: [],
    interestingModules: [],
    commandLine: "",
@@ -83,6 +85,10 @@ export function translateSettings(settings: Settings): string[] {
    switches.push("-f");
  }

+  if (settings.instructionSummary) {
+    switches.push("-is");
+  }
+
  settings.ignoredFunctions.forEach((f) => {
    switches.push("-i");
    switches.push(f);
--- a/src/analyzer/analysis.cpp
+++ b/src/analyzer/analysis.cpp
@@ -277,6 +277,25 @@ namespace
        return cs_insn_group(disasm.get_handle(), instructions.data(), CS_GRP_RET);
    }

+    void record_instruction(analysis_context& c, const uint64_t address)
+    {
+        std::array<uint8_t, MAX_INSTRUCTION_BYTES> instruction_bytes{};
+        const auto result = c.win_emu->emu().try_read_memory(address, instruction_bytes.data(), instruction_bytes.size());
+        if (!result)
+        {
+            return;
+        }
+
+        disassembler disasm{};
+        const auto instructions = disasm.disassemble(instruction_bytes, 1);
+        if (instructions.empty())
+        {
+            return;
+        }
+
+        ++c.instructions[instructions[0].mnemonic];
+    }
+
    void handle_instruction(analysis_context& c, const uint64_t address)
    {
        auto& win_emu = *c.win_emu;
@@ -312,18 +331,25 @@ namespace
            return win_emu.mod_manager.find_by_address(previous_ip); //
        });

+        const auto is_current_binary_interesting = utils::make_lazy([&] {
+            return is_main_exe || (binary && c.settings->modules.contains(binary->name)); //
+        });
+
        const auto is_in_interesting_module = [&] {
            if (c.settings->modules.empty())
            {
                return false;
            }

-            return (binary && c.settings->modules.contains(binary->name)) ||
-                   (previous_binary && c.settings->modules.contains(previous_binary->name));
+            return is_current_binary_interesting || (previous_binary && c.settings->modules.contains(previous_binary->name));
        };

+        if (c.settings->instruction_summary && (is_current_binary_interesting || !binary))
+        {
+            record_instruction(c, address);
+        }
+
        const auto is_interesting_call = is_previous_main_exe //
-                                         || is_main_exe       //
                                         || !previous_binary  //
                                         || is_in_interesting_module();

--- a/src/analyzer/analysis.hpp
+++ b/src/analyzer/analysis.hpp
@@ -15,6 +15,7 @@ struct analysis_settings
    bool verbose_logging{false};
    bool silent{false};
    bool buffer_stdout{false};
+    bool instruction_summary{false};

    string_set modules{};
    string_set ignored_functions{};
@@ -39,6 +40,7 @@ struct analysis_context
    std::string output{};
    bool has_reached_main{false};

+    std::map<std::string, uint64_t> instructions{};
    std::vector<accessed_import> accessed_imports{};
 };

--- a/src/analyzer/main.cpp
+++ b/src/analyzer/main.cpp
@@ -221,8 +221,33 @@ namespace
        }
    }

+    void print_instruction_summary(const analysis_context& c)
+    {
+        std::map<uint64_t, std::vector<std::string>> instruction_counts{};
+
+        for (const auto& [mnemonic, count] : c.instructions)
+        {
+            instruction_counts[count].push_back(mnemonic);
+        }
+
+        c.win_emu->log.print(color::white, "Instruction summary:\n");
+
+        for (const auto& [count, mnemonics] : instruction_counts)
+        {
+            for (const auto& mnemonic : mnemonics)
+            {
+                c.win_emu->log.print(color::white, "%s: %" PRIx64 "\n", mnemonic.c_str(), count);
+            }
+        }
+    }
+
    void do_post_emulation_work(const analysis_context& c)
    {
+        if (c.settings->instruction_summary)
+        {
+            print_instruction_summary(c);
+        }
+
        if (c.settings->buffer_stdout)
        {
            c.win_emu->log.info("%.*s%s", static_cast<int>(c.output.size()), c.output.data(), c.output.ends_with("\n") ? "" : "\n");
@@ -647,6 +672,10 @@ namespace
            {
                options.tenet_trace = true;
            }
+            else if (arg == "-is" || arg == "--instruction-summary")
+            {
+                options.instruction_summary = true;
+            }
            else if (arg == "-m" || arg == "--module")
            {
                if (args.size() < 2)