Rust tools for PowerPC 750CL
Go to file
Luke Street f6e15052b1 Various bitmask and modifier fixes 2024-03-08 22:50:42 -07:00
.github/workflows Always build CI on push 2023-01-14 13:27:34 -05:00
analysis add analysis/cfa.md 2022-04-11 00:07:16 +02:00
disasm Various bitmask and modifier fixes 2024-03-08 22:50:42 -07:00
disasm-py Various bitmask and modifier fixes 2024-03-08 22:50:42 -07:00
dol cargo fmt 2023-01-14 13:30:08 -05:00
flow-graph dol: implement helpers for virtual reads into the dol 2022-06-08 21:33:33 -04:00
fuzz fuzz: add threads flag 2022-04-07 06:11:03 +02:00
genisa cargo fmt 2023-01-14 13:30:08 -05:00
rand bump version to 0.2.0 2022-04-07 05:45:01 +02:00
.gitignore Read from DOL 2021-08-22 04:09:51 +02:00
Cargo.lock fuzz: add threads flag 2022-04-07 06:11:03 +02:00
Cargo.toml Add subi mnemonics & use capstone-style CR bits 2023-10-06 01:06:50 -04:00
LICENSE Create LICENSE 2021-08-14 10:18:38 +02:00
README.md update README.md 2022-04-09 17:19:50 +02:00
isa.yaml Various bitmask and modifier fixes 2024-03-08 22:50:42 -07:00

README.md

ppc750cl

Rust tools for working with the PowerPC 750CL family of processors.

Rust crates

rustup components add rustfmt
cargo run --package ppc750cl-genisa
cargo build --release

Python module

python -m venv env
source ./env/bin/activate
pip install maturin
maturin build -m ./disasm-py/Cargo.toml

Install module in dev env

maturin develop -m ./disasm-py/Cargo.toml
python
>>> import ppc750cl
>>> ins = ppc750cl.Ins(addr=0x80006969, code=0x10400420)
>>> str(ins)
'ps_merge00 f2, f0, f0'
>>> ins.fields()
[('frD', 2), ('frA', 0), ('frB', 0)]
>>> ins.frD
2

Instruction Set

For those unfamiliar with PowerPC, here are some basics.

  • PowerPC 7xx is a family of RISC CPUs produced from 1997 to 2012.
    • They operate with 32-bit words and every instruction is 32-bits wide.
  • This project focuses (only) on compatibility with the PowerPC 750CL.
    • This chip is famously packaged as codename "Broadway" for the Nintendo Wii.
    • Its predecessor PowerPC 750CXe is used in the Nintendo GameCube.
    • It adds a "paired-singles" SIMD unit and a bunch of other instructions.

isa.yaml

The file isa.yaml contains a full definition of the PowerPC 750CL instruction set.

It powers the disassembler, assembler, and Rust/Python bindings code analysis tools.

Similarly to LLVM TableGen, the program ppc750cl-genisa generates a Rust file implementing an instruction decoder.

Safety & Correctness

  • This project does not use unsafe Rust code outside of testing utils.
  • The disassembler has been fuzzed over all ~4.29 billion possible instructions (via ppc750cl-fuzz).
  • It is safe to run the disassembler over untrusted byte arrays.
  • However no guarantees on correctness are made (yet). Expect bugs.

Performance

  • Performance isn't great but acceptable.
  • Disassembling & printing: 600k insn/s (2.4 MB/s)
  • Disassembling only: 6M insn/s (24 MB/s)