You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
6 months ago | |
---|---|---|
.github/workflows | 2 years ago | |
analysis | 1 year ago | |
disasm | 6 months ago | |
disasm-py | 1 year ago | |
dol | 8 months ago | |
flow-graph | 12 months ago | |
fuzz | 1 year ago | |
genisa | 8 months ago | |
rand | 1 year ago | |
.gitignore | 2 years ago | |
Cargo.lock | 1 year ago | |
Cargo.toml | 1 year ago | |
LICENSE | 2 years ago | |
README.md | 1 year ago | |
isa.yaml | 6 months ago |
README.md
ppc750cl
Rust tools for working with the PowerPC 750CL family of processors.
Rust crates
rustup components add rustfmt
cargo run --package ppc750cl-genisa
cargo build --release
Python module
python -m venv env
source ./env/bin/activate
pip install maturin
maturin build -m ./disasm-py/Cargo.toml
Install module in dev env
maturin develop -m ./disasm-py/Cargo.toml
python
>>> import ppc750cl
>>> ins = ppc750cl.Ins(addr=0x80006969, code=0x10400420)
>>> str(ins)
'ps_merge00 f2, f0, f0'
>>> ins.fields()
[('frD', 2), ('frA', 0), ('frB', 0)]
>>> ins.frD
2
Instruction Set
For those unfamiliar with PowerPC, here are some basics.
- PowerPC 7xx is a family of RISC CPUs produced from 1997 to 2012.
- They operate with 32-bit words and every instruction is 32-bits wide.
- This project focuses (only) on compatibility with the PowerPC 750CL.
- This chip is famously packaged as codename "Broadway" for the Nintendo Wii.
- Its predecessor PowerPC 750CXe is used in the Nintendo GameCube.
- It adds a "paired-singles" SIMD unit and a bunch of other instructions.
isa.yaml
The file isa.yaml contains a full definition of the PowerPC 750CL instruction set.
It powers the disassembler, assembler, and Rust/Python bindings code analysis tools.
Similarly to LLVM TableGen, the program ppc750cl-genisa
generates a Rust file implementing an instruction decoder.
Safety & Correctness
- This project does not use
unsafe
Rust code outside of testing utils. - The disassembler has been fuzzed over all ~4.29 billion possible instructions (via
ppc750cl-fuzz
). - It is safe to run the disassembler over untrusted byte arrays.
- However no guarantees on correctness are made (yet). Expect bugs.
Performance
- Performance isn't great but acceptable.
- Disassembling & printing: 600k insn/s (2.4 MB/s)
- Disassembling only: 6M insn/s (24 MB/s)