Rust tools for PowerPC 750CL
Go to file
Richard Patel fa42bb6c9a
Merge pull request #42 from encounter/updates
Sync @encounter's improvements
2022-11-15 03:15:35 +01:00
.github/workflows Fix CI 2021-08-17 01:21:08 +02:00
analysis add analysis/cfa.md 2022-04-11 00:07:16 +02:00
disasm Fix clrlslwi decoding 2022-10-16 14:21:50 -04:00
disasm-py isa: fix paired single instruction arguments 2022-05-31 20:24:29 -04:00
dol Support branch prediction bits, more bd mnemonics, more rlwinm mnemonics 2022-10-10 17:53:24 -04:00
flow-graph dol: implement helpers for virtual reads into the dol 2022-06-08 21:33:33 -04:00
fuzz fuzz: add threads flag 2022-04-07 06:11:03 +02:00
genisa Support branch prediction bits, more bd mnemonics, more rlwinm mnemonics 2022-10-10 17:53:24 -04:00
rand bump version to 0.2.0 2022-04-07 05:45:01 +02:00
.gitignore Read from DOL 2021-08-22 04:09:51 +02:00
Cargo.lock fuzz: add threads flag 2022-04-07 06:11:03 +02:00
Cargo.toml disasm-py: temporarily remove field accessors 2022-04-07 05:40:22 +02:00
LICENSE Create LICENSE 2021-08-14 10:18:38 +02:00
README.md update README.md 2022-04-09 17:19:50 +02:00
isa.yaml Fix clrlslwi decoding 2022-10-16 14:21:50 -04:00

README.md

ppc750cl

Rust tools for working with the PowerPC 750CL family of processors.

Rust crates

rustup components add rustfmt
cargo run --package ppc750cl-genisa
cargo build --release

Python module

python -m venv env
source ./env/bin/activate
pip install maturin
maturin build -m ./disasm-py/Cargo.toml

Install module in dev env

maturin develop -m ./disasm-py/Cargo.toml
python
>>> import ppc750cl
>>> ins = ppc750cl.Ins(addr=0x80006969, code=0x10400420)
>>> str(ins)
'ps_merge00 f2, f0, f0'
>>> ins.fields()
[('frD', 2), ('frA', 0), ('frB', 0)]
>>> ins.frD
2

Instruction Set

For those unfamiliar with PowerPC, here are some basics.

  • PowerPC 7xx is a family of RISC CPUs produced from 1997 to 2012.
    • They operate with 32-bit words and every instruction is 32-bits wide.
  • This project focuses (only) on compatibility with the PowerPC 750CL.
    • This chip is famously packaged as codename "Broadway" for the Nintendo Wii.
    • Its predecessor PowerPC 750CXe is used in the Nintendo GameCube.
    • It adds a "paired-singles" SIMD unit and a bunch of other instructions.

isa.yaml

The file isa.yaml contains a full definition of the PowerPC 750CL instruction set.

It powers the disassembler, assembler, and Rust/Python bindings code analysis tools.

Similarly to LLVM TableGen, the program ppc750cl-genisa generates a Rust file implementing an instruction decoder.

Safety & Correctness

  • This project does not use unsafe Rust code outside of testing utils.
  • The disassembler has been fuzzed over all ~4.29 billion possible instructions (via ppc750cl-fuzz).
  • It is safe to run the disassembler over untrusted byte arrays.
  • However no guarantees on correctness are made (yet). Expect bugs.

Performance

  • Performance isn't great but acceptable.
  • Disassembling & printing: 600k insn/s (2.4 MB/s)
  • Disassembling only: 6M insn/s (24 MB/s)