shines. Intel has, unsurprisingly, focused on making this compiler gen-
erate highly optimized IA-32 code that takes the specifics of the Intel
NetBurst architecture (and other Intel architectures) into account. The
Intel compiler also supports the advanced SSE, SSE2, and SSE3 exten-
sions offered in modern IA-32 processors.Execution Environments
An execution environment is the component that actually runs programs. This
can be a CPU or a software environment such as a virtual machine. Execution
environments are especially important to reversers because their architectures
often affect how the program is generated and compiled, which directly affects
the readability of the code and hence the reversing process.
The following sections describe the two basic types of execution environ-
ments, which are virtual machines and microprocessors, and describe how a
program’s execution environment affects the reversing process.Software Execution Environments (Virtual Machines)
Some software development platforms don’t produce executable machine
code that directly runs on a processor. Instead, they generate some kind of
intermediate representation of the program, or bytecode. This bytecode is then
read by a special program on the user’s machine, which executes the program
on the local processor. This program is called a virtual machine. Virtual
machines are always processor-specific, meaning that a specific virtual
machine only runs on a specific platform. However, many bytecode formats
have multiple virtual machines that allow running the same bytecode pro-
gram on different platforms.
Two common virtual machine architectures are the Java Virtual Machine
(JVM) that runs Java programs, and the Common Language Runtime (CLR)
that runs Microsoft .NET applications.
Programs that run on virtual machines have several significant benefits
compared to native programs executed directly on the underlying hardware:
■■ Platform isolation: Because the program reaches the end user in a
generic representation that is not machine-specific, it can theoretically
be executed on any computer platform for which a compatible execu-
tion environment exists. The software vendor doesn’t have to worry
about platform compatibility issues (at least theoretically)—the execu-
tion environment stands between the program and the system and
encapsulates any platform-specific aspects.60 Chapter 2