xenia-rs/migration/project-root/ppc-manual/control/mtmsr.md

mtmsr — Move to Machine State Register

Category: Control / CR / SPR · Form: X · Opcode: 0x7c000124 · sync

Assembler Mnemonics

Mnemonic	XML entry	Flags	Description
mtmsr	mtmsr	—	Move to Machine State Register

Syntax

mtmsr [RS]

Encoding

mtmsr — form X

• Opcode word: 0x7c000124
• Primary opcode (bits 0–5): 31
• Extended opcode: 146
• Synchronising: yes

Bits	Field	Meaning
0–5	OPCD	primary opcode
6–10	RT/FRT/VRT	destination
11–15	RA/FRA/VRA	source A
16–20	RB/FRB/VRB	source B
21–30	XO	extended opcode (10 bits)
31	Rc	record-form flag

Operands

Field	Role	Description
RS	mtmsr: read	Source GPR (alias for RD in some stores).
MSR	mtmsr: write	Machine State Register.

Register Effects

mtmsr

• Reads (always): RS
• Reads (conditional): none
• Writes (always): MSR
• Writes (conditional): none

Status-Register Effects

No condition-register or status-register effects.

Operation (pseudocode)

; Pseudocode derives directly from the xenia-rs interpreter
; arm (see Implementation References). Operation semantics:
;   - Read source operands from the fields listed under Operands.
;   - Apply the arithmetic / logical / memory action described
;     in the Description field above.
;   - Write results to the destination register(s); update any
;     status bits enumerated under Status-Register Effects.
; Consult the IBM AIX reference link under IBM Reference for
; canonical PPC-style pseudocode where xenia's expression is
; terse.

C Translation Example

/* C translation: the xenia-rs interpreter arm below in           */
/* Implementation References is the authoritative semantic        */
/* snapshot. Translate it line-by-line:                            */
/*   - ctx.gpr[N]  -> r[N]       (or f[]/v[] for FPRs/VRs)        */
/*   - mem.read_u*/write_u* -> mem_read_u*_be / mem_write_u*_be   */
/*   - ctx.update_cr_signed(fld, v) -> update_cr_signed(fld, v)   */
/*   - ctx.xer_ca / xer_ov / xer_so -> xer.CA / xer.OV / xer.SO   */
/* The Register Effects and Status-Register Effects tables above  */
/* enumerate every side effect a faithful translation must emit.  */

Implementation References

mtmsr

• xenia-canary XML: tools/ppc-instructions.xml — search for mnem="mtmsr"
• xenia-canary emit: src/xenia/cpu/ppc/ppc_emit_control.cc:822
• xenia-rs opcode: crates/xenia-cpu/src/opcode.rs:55
• xenia-rs decoder: crates/xenia-cpu/src/decoder.rs:780
• xenia-rs interpreter: crates/xenia-cpu/src/interpreter.rs:1649-1663

xenia-rs interpreter body (frozen snapshot)

        PpcOpcode::mtmsr | PpcOpcode::mtmsrd => {
            // PPCBUG-078: mtmsrd L=1 is a partial-MSR-write — only MSR[EE]
            // (u64 bit 15) and MSR[RI] (u64 bit 0) are modified; all other
            // MSR bits preserved. Used by kernel code to re-enable external
            // interrupts without disturbing the rest of the MSR.
            let l = (instr.raw >> (31 - 15)) & 1;
            let rs = ctx.gpr[instr.rs()];
            if matches!(instr.opcode, PpcOpcode::mtmsrd) && l == 1 {
                let mask: u64 = (1u64 << 15) | 1u64;
                ctx.msr = (ctx.msr & !mask) | (rs & mask);
            } else {
                ctx.msr = rs;
            }
            ctx.pc += 4;
        }

Special Cases & Edge Conditions

• Privileged. mtmsr is supervisor-only on real hardware. Executing it from problem state raises a Privileged Instruction interrupt. Game code never emits it; only the kernel and exception-return paths use it.
• 32-bit form. mtmsr writes the low 32 bits of MSR (legacy PPC32 form). On the Xenon (a PPC64 implementation), use mtmsrd for the full 64-bit MSR. Some Xenon kernel sequences still use mtmsr to leave the high half untouched while flipping low-half flags like EE/PR.
• Synchronisation. Marked sync — mtmsr is execution-synchronising. The Xenon must drain all preceding instructions before the new MSR takes effect, and PowerISA recommends a following isync to guarantee subsequent instructions execute under the new MSR.
• L operand. Modern PowerISA defines an L bit selecting "EE/RI only" (L=1) versus "all" (L=0); xenia-rs ignores L and writes the entire MSR. Real Xbox 360 kernel code uses both L=0 and L=1.
• xenia model. Treats MSR as a flat u64 field. Both mtmsr and mtmsrd execute the same body — ctx.msr = ctx.gpr[rs]. No privilege or atomicity is enforced; no side effects on TLB / interrupt mask / endianness are simulated.
• No CR / XER side effects.
• Caveat for translators. Because the host kernel runs natively in xenia, the guest MSR has no architectural meaning beyond storage. Code that reads it back via mfmsr will see exactly what was last written.

Related Instructions

• mfmsr — read MSR.
• mtmsrd — 64-bit form (writes the entire MSR).
• sc — kernel entry; the kernel handler typically uses mtmsr/rfid to return.
• isync — companion fence after MSR writes.

mtmsr has no simplified mnemonics.

IBM Reference

• AIX 7.3 — mtmsr (Move to Machine State Register)
• PowerISA v2.07B, Book III §4.3.1 — MSR field definitions and L-bit semantics.