Halomods Community Portal: Some PPC Questions.... - Halomods Community Portal

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

3rd Gen
Some PPC Questions....

#1 User is offline   Prey 

  • Member
  • PipPip
  • Group: Members
  • Joined: 05-May 11
  • LocationUK

Posted 26 December 2011 - 07:20 AM

Hello I have a few questions about powerpc assembly code, and I know there is a couple of people on here with obscene skills in this department :)

1. I see a lot of 'mr %r13, %r13' - what is the point in moving a register to itself? I thought it might be to pad out the cpu cycles but isn't 'nop' used for that?

2. In IDA I see a lot of unreferenced code, or a 'loc_234342323:' that is referenced by other subroutines, but IDA hasn't included it in a subroutine. How come?

3. All library subroutines are made up of only two 'li' instructions, is this because at runtime it is known that it is a lib. function and so uses those immediate values to find the actual subroutine in the lib?

That's it, for now...

#2 User is offline   kornman00 

  • SourceGuy 2.0
  • Group: Administrators
  • Joined: 15-November 01


Users Awards

Posted 26 December 2011 - 08:50 AM

PPC doesn't have a 'nop' opcode like Intel does. There are ways to simulate it of course, but IDK if the code you're looking at is doing such. Typically, I've seen r13 be used for TLS support.

IDA can't identify all function starts without any help, especially if the program has a shit load of vtables. This isn't specific to PPC, but just a matter of fact in disassembling.

I think it has to do with how the kernel performs the fix-up operations upon load (they're ordinals, and that code should later get fixed up to function addresses in the kernel IIRC).

#3 User is offline   Prey 

  • Member
  • PipPip
  • Group: Members
  • Joined: 05-May 11
  • LocationUK

Posted 26 December 2011 - 03:38 PM

Oh I thought there was a 'nop' opcode as I have come across one. I did some reading though and it seems that the standard alternative is to use 'ori 0,0,0'. I used xorloser's IDA stuff for the decompilation so maybe he put something in there to convert such instructions to 'nop'? If that's possible. Also r13 was just a random register I chose for the example, by TLS do you mean thread-local storage?

Thanks for everything else.

edit: Ah just read that 'nop' is an extended opcode for 'ori r0,r0,0' in PPC.

This post has been edited by Prey: 26 December 2011 - 03:55 PM


Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic