Files

MechaCat02 e6d43a23ac chore: add migration/ bundle for cross-machine setup

Bundles state that lives OUTSIDE the xenia-rs repo so a fresh clone on
another machine can be brought up to identical configuration via
migration/setup.sh:

  - claude-memory/             ~/.claude/projects/-home-fabi-RE-Project-Sylpheed/memory/
                               (103 files, 1.1 MB - MEMORY.md + every
                                project_xenia_rs_*.md from audits
                                addis_signext through audit-058)
  - project-root/dot-claude/   <project-root>/.claude/settings.json
                               (Stop hook + permissions)
  - project-root/ppc-manual/   <project-root>/ppc-manual/
                               (PowerPC reference docs, 397 files, 3.7 MB)
  - project-root/run-canary.sh <project-root>/run-canary.sh
  - README.md                  Human-readable setup checklist
  - setup.sh                   Idempotent installer (also reclones
                               xenia-canary at pinned HEAD 6de80dffe)
  - MANIFEST.md                Per-file mapping + per-file-not-bundled
                               restoration recipe

Excluded from bundle (not shippable via git):
  - Sylpheed ISO (7.8 GB; copyright; manual copy required)
  - sylpheed.db (395 MB; regenerable from XEX via analysis tooling)
  - target/ build artifacts (rebuild on target)
  - audit-runs probe firehoses (.log/.stdout/.stderr ~11 GB; rerun if needed)
  - audit-runs memory dumps (.bin ~4.5 GB; rerun audit-026/027/029 if needed)
  - xenia-canary checkout (setup.sh reclones from
    git.mc02.dev/fabi/Xenia-Canary.git at HEAD 6de80dffe)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-10 21:38:38 +02:00

5.6 KiB

Raw Blame History

`bx` — Branch

Category: Branch & System · Form: I · Opcode: 0x48000000 · sync

Assembler Mnemonics

Mnemonic	XML entry	Flags	Description
`b`	`bx`	—	Branch
`bl`	`bx`	LK=1	Branch

Syntax

b[LK][AA] [ADDR]

Encoding

`bx` — form `I`

Opcode word: 0x48000000
Primary opcode (bits 0–5): 18
Extended opcode: —
Synchronising: yes

Bits	Field	Meaning
0–5	`OPCD`	primary opcode
6–29	`LI`	signed 24-bit word-offset target
30	`AA`	absolute-address flag
31	`LK`	link flag (bl/ba/bla)

Operands

Field	Role	Description
`LK`	bx: read	Link bit. When 1, LR ← address-of-next-instruction before the branch is taken.
`AA`	bx: read	Absolute-address bit. When 1, the branch target is the sign-extended displacement itself; when 0, it is added to the current instruction address.
`ADDR`	bx: read	Encoded branch target displacement (24-bit for I-form, 14-bit for B-form, word-shifted).
`LR`	bx: write (conditional)	Link register. Written by `bl`/`bla`/`bcl`/`bclrl`/`bcctrl`; read by `bclr`/`bclrl`.

Register Effects

`bx`

Reads (always): LK, AA, ADDR
Reads (conditional): none
Writes (always): none
Writes (conditional): LR

Status-Register Effects

No condition-register or status-register effects.

Operation (pseudocode)

NIA <- (CIA + EXTS(LI || 0b00))                   if AA=0
       <-          EXTS(LI || 0b00)                   if AA=1
if LK then LR <- CIA + 4

C Translation Example

/* b / bl / ba / bla — unconditional branch (I-form, primary 18)   */
int32_t  li     = (int32_t)(insn.LI << 2);  /* sign-extended word-offset */
uint32_t target = insn.AA ? (uint32_t)li : (uint32_t)(pc + li);
uint32_t next   = pc + 4;
if (insn.LK) lr = next;                  /* bl / bla save return addr */
pc = target;

Implementation References

bx

xenia-canary XML: tools/ppc-instructions.xml — search for mnem="bx"
xenia-canary emit: src/xenia/cpu/ppc/ppc_emit_control.cc:154
xenia-rs opcode: crates/xenia-cpu/src/opcode.rs:11
xenia-rs decoder: crates/xenia-cpu/src/decoder.rs:342
xenia-rs interpreter: crates/xenia-cpu/src/interpreter.rs:897-907

xenia-rs interpreter body (frozen snapshot)

        PpcOpcode::bx => {
            let target = if instr.aa() {
                instr.li() as u32
            } else {
                ctx.pc.wrapping_add(instr.li() as u32)
            };
            if instr.lk() {
                ctx.lr = (ctx.pc + 4) as u64;
            }
            ctx.pc = target;
        }

Special Cases & Edge Conditions

24-bit word-aligned target. LI is a 24-bit signed word-count. Hardware concatenates LI || 0b00 (adds the implicit two low zero bits) and sign-extends to 64 bits before using it as an address. The displacement range is therefore ±32 MiB in bytes (−2^25 … +2^25 − 4).
Four mnemonics, one opcode. The four runtime variants selected by AA and LK:
- b — AA = 0, LK = 0 — PC-relative, no link.
- bl — AA = 0, LK = 1 — PC-relative, LR = CIA + 4 (the ubiquitous function-call primitive).
- ba — AA = 1, LK = 0 — absolute, no link.
- bla — AA = 1, LK = 1 — absolute, link. Xbox 360 code almost exclusively uses b and bl; ba / bla appear only in kernel / firmware stubs.
Target alignment. LI is scaled by 4, so all targets are 4-byte aligned by construction. There is no low-bit encoding of ARM-style Thumb — PPC has one instruction width.
LR write is before the branch. In bl, LR receives CIA + 4 (the address of the instruction after the branch) before execution transfers to the target. Nested calls naturally overwrite LR; callees must spill it (mflr + std) before making their own bl.
Indirect tail calls. A tail call to an indirect target is encoded as mtctr + bctr (see bcctrx), not bx — bx has no register-based form.
No condition test. Use bcx for conditional displacement branches or bclrx / bcctrx for conditional LR/CTR jumps.
Speculative execution. The Xenon fetches past bx; translators that mask control flow must treat the target as a single-destination control transfer.

bcx — conditional displacement branch (B-form, ±32 KiB range).
bclrx, bcctrx — branch to LR / CTR, conditional and unconditional.
mtlr, mflr — LR save/restore for nested bl calls.
sc — system call; an alternative control-flow exit to the kernel.

Simplified Mnemonics

Assemblers emit b, bl, ba, bla for the four runtime combinations. There is no further simplification.

5.6 KiB Raw Blame History Unescape Escape

bx — Branch