This is amazing -- seems almost like a better way to play an Xbox 360 game on PC, without an emulator. Could even be what Microsoft wanted, for better retrocompatibility support.
I wonder if it can also be done to other consoles? Let's hope it gives good fruits.
For a lot of consoles, particularly older ones, this tends to yield worse performance than a JIT. Between different memory layouts, weird threaded code, jump tables, (and especially) self modifying code, a JIT can do a much better job building efficient code since it has all of the runtime information.
For newer consoles which more closely resemble PC hardware, things are definitely better; the current generation will basically look like the Starcraft port; an API compatibility layer.
Yeah - as evidenced by the NES story the other day, the elegance of AOT blows up completely as soon as there's any form of self-modifying code or even memory arithmetic tricks or jump tables. It's all possible to work around, but JIT is cleaner and more flexible in the long run.
In other words, you create a JIT to run the executable, building a profile of the execution paths at runtime, and use that profile to guide a static decompilation process. That way it should be easier to identify the sections of self-modifying code, as well as model the behaviour of this code.
The only difficulty I can see is how much time it might take to map out all the code paths, but in principal it's possible, and there may be some efficient approaches for doing so.
