fabi/xenia-rs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ad45873a1b640964228917126780a532d07378f3
xenia-rs/docs/functions/sub_824F8398.md
MechaCat02 ad45873a1b ITERATE-2.V: scheduler priority aging closes 18-day AUDIT-049 wedge 
Priority aging in xenia-cpu/scheduler.rs:pick_runnable
(effective_priority = base + age_bonus(now_round - last_run_round),
capped at +31, AGING_ROUNDS_PER_BONUS=1). Strict-priority was parking
priority=0 threads behind CPU-bound priority=15 audio mixer
(sub_824D1328 guest spinwait at PC=0x824d1404 on CPU5). Aging
eventually picks the starved thread, breaking the producer-consumer
cycle that caused 5-tid wedge at PC=0x824ac578 since AUDIT-049 (10 May).

Cascade observed: tid=13 clean exit; events 121K -> 13M (107x); last
host_ns 767ms -> 51,011ms (66x); 8 new threads spawn; VdSwap 1 -> 2.

Complete two-day iterate sequence (2026-05-27 -> 2026-05-28):
- 2.F: VdSwap drain timeout 900ms -> 1ms (xenia-gpu/handle.rs); 876x
       perf win on VdSwap kernel callback
- 2.H: vA0000000 physical heap bucket added (state.rs, exports.rs);
       ctx_ptrs now in 0xA0000000-0xBFFFFFFF range matching canary
- 2.L: Phase-A diff harness categorized [return_value mismatch],
       [status mismatch], [args_resolved.path mismatch] tags
       (tools/diff-events/diff_events.py); closes reading-error #41
       (silent test-harness state leak invalidating trace diffs)
- 2.M: always-on exit-thread-state.json sibling to Phase-A JSONL
       (event_log.rs + xenia-app/main.rs); closes reading-error #42
       (Phase-A blind to blocked-forever waits)
- 2.Q: signal.match kernel instrumentation in NtSetEvent /
       NtReleaseSemaphore / KeSetEvent / KeReleaseSemaphore
       (exports.rs); emits target_handle + waiter_count + waiter_tids
- 2.T: wake.requested kernel instrumentation in wake_eligible_waiters
       (exports.rs); emits target_tid + transition + new_state
- 2.V: scheduler priority aging (xenia-cpu/scheduler.rs) [keystone]

Plus accumulated WIP from earlier May (contention_manifest,
phase_b_snapshot, xam/xaudio enhancements, analysis db, xex loader,
xenia-app main loop, etc.). Audit-runs/ artifacts remain untracked
per project convention.

Tests: 300 xenia-cpu / 227 xenia-kernel / 5 xenia-app / 19 xenia-path
/ 30+ smaller suites -- all PASS, 0 regressions. Determinism preserved
(2x cold runs bit-identical at 13,003,881 events post-2.V).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-29 07:27:26 +02:00

2.2 KiB
Raw Blame History

address, classification, confidence, last_audit, aliases
address classification confidence last_audit aliases
0x824F8398 normal_callee high 064
AUDIT-058 caller-ladder fn #4 (tiny adapter, 20 insns)

sub_824F8398 — 20-insn adapter to sub_824F7CD0

Synopsis

Tiny 20-insn normal-callee adapter. Zeros a stack buffer (std r9, 0(r11) × 10 unrolled via bdnz), sets [r1+80]=1 and [r1+112]=r8 (its r4 argument), then calls sub_824F7CD0 with r3 passed through and r4=&stack_buf+80. Essentially a 2-arg→1-arg adapter that constructs a 36-byte stack-record before dispatching. AUDIT-064 verified canary fires 1× at ~60s wallclock; ours fires 0×.

Evidence

  • Disasm: mflr r12; stw r12, -8(r1); stwu r1, -160(r1); mr r8, r4; addi r11, r1, 80; li r9, 0; li r10, 9; mtctr r10; std r9, 0(r11); addi r11, r11, 8; bdnz 0x824F83B8; li r11, 1; stw r8, 112(r1); addi r4, r1, 80; stw r11, 80(r1); bl 0x824F7CD0; addi r1, r1, 160; lwz r12, -8(r1); mtlr r12; blr — clear normal-callee, no EH.
  • Function size: 80 bytes / 20 insns. has_eh=False.
  • Static caller xref: 1 — bl from PC 0x821B5B5C inside sub_821B55D8.
  • Stack buffer at [r1+80]..[r1+112] is 36 bytes (9 × 8-byte zero + first u32=1 + last u32=r8).
  • AUDIT-064 canary 60s probe: fires 1× with lr=0x821B5B60 r3=BE568F00 r4=BC369380 r5=701CF658 r6=03A72328 on tid=6. Reproduced bit-identical at 120s and 180s.
  • AUDIT-064 ours --ctor-probe=0x824F8398 -n 500M: 0 fires.

Activation

Direct bl from sub_821B55D8+0x584 (PC 0x821B5B5C).

Static graph

  • Static callers: PC 0x821B5B5C inside sub_821B55D8.
  • Callees: sub_824F7CD0 (PC 0x824F83D4).

Audit log

  • AUDIT-064 (2026-05-12) — disasm confirms tiny adapter (20 insns). Canary fires 1× / ours 0×. The size is small enough to inline; possibly an MSVC compiler artifact. [confirmed]
  • AUDIT-058 (2026-05-10) — flagged as part of the ladder. [confirmed]

Open questions

  • What does the constructed stack-record ([1, 0, 0, 0, 0, 0, 0, 0, 0, r8]) represent semantically? Likely a state-machine init record passed by reference to sub_824F7CD0's 4-way switch.

Cross-references

  • Callees: sub_824F7CD0.
  • Callers: sub_821B55D8+0x584.
  • Audits: 058, 064.
  • Artifacts: audit-runs/audit-064-activation-ladder/canary-{60,120,180}s.log.
Reference in New Issue View Git Blame Copy Permalink