1 /*
2 * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #include "precompiled.hpp"
26 #include "classfile/classFileStream.hpp"
27 #include "classfile/classLoader.hpp"
28 #include "classfile/classLoadInfo.hpp"
29 #include "classfile/javaClasses.inline.hpp"
30 #include "classfile/systemDictionary.hpp"
31 #include "classfile/vmSymbols.hpp"
32 #include "jfr/jfrEvents.hpp"
33 #include "jni.h"
34 #include "jvm.h"
35 #include "memory/allocation.inline.hpp"
36 #include "memory/resourceArea.hpp"
37 #include "oops/access.inline.hpp"
38 #include "oops/fieldStreams.inline.hpp"
39 #include "oops/instanceKlass.inline.hpp"
40 #include "oops/klass.inline.hpp"
41 #include "oops/objArrayOop.inline.hpp"
42 #include "oops/oop.inline.hpp"
43 #include "oops/typeArrayOop.inline.hpp"
44 #include "prims/jvmtiExport.hpp"
45 #include "prims/unsafe.hpp"
46 #include "runtime/globals.hpp"
47 #include "runtime/handles.inline.hpp"
48 #include "runtime/interfaceSupport.inline.hpp"
49 #include "runtime/javaThread.inline.hpp"
50 #include "runtime/jniHandles.inline.hpp"
51 #include "runtime/orderAccess.hpp"
52 #include "runtime/reflection.hpp"
53 #include "runtime/sharedRuntime.hpp"
54 #include "runtime/stubRoutines.hpp"
55 #include "runtime/threadSMR.hpp"
56 #include "runtime/vmOperations.hpp"
57 #include "runtime/vm_version.hpp"
58 #include "sanitizers/ub.hpp"
59 #include "services/threadService.hpp"
60 #include "utilities/align.hpp"
61 #include "utilities/copy.hpp"
62 #include "utilities/dtrace.hpp"
63 #include "utilities/macros.hpp"
64
65 /**
66 * Implementation of the jdk.internal.misc.Unsafe class
67 */
68
69
70 #define MAX_OBJECT_SIZE \
71 ( arrayOopDesc::base_offset_in_bytes(T_DOUBLE) \
72 + ((julong)max_jint * sizeof(double)) )
73
74 #define UNSAFE_ENTRY(result_type, header) \
75 JVM_ENTRY(static result_type, header)
76
77 #define UNSAFE_LEAF(result_type, header) \
78 JVM_LEAF(static result_type, header)
79
80 // All memory access methods (e.g. getInt, copyMemory) must use this macro.
81 // We call these methods "scoped" methods, as access to these methods is
82 // typically governed by a "scope" (a MemorySessionImpl object), and no
83 // access is allowed when the scope is no longer alive.
84 //
85 // Closing a scope object (cf. scopedMemoryAccess.cpp) can install
86 // an async exception during a safepoint. When that happens,
87 // scoped methods are not allowed to touch the underlying memory (as that
88 // memory might have been released). Therefore, when entering a scoped method
89 // we check if an async exception has been installed, and return immediately
90 // if that is the case.
91 //
92 // As a rule, we disallow safepoints in the middle of a scoped method.
93 // If an async exception handshake were installed in such a safepoint,
94 // memory access might still occur before the handshake is honored by
95 // the accessing thread.
96 //
97 // Corollary: as threads in native state are considered to be at a safepoint,
98 // scoped methods must NOT be executed while in the native thread state.
99 // Because of this, there can be no UNSAFE_LEAF_SCOPED.
100 #define UNSAFE_ENTRY_SCOPED(result_type, header) \
101 JVM_ENTRY(static result_type, header) \
102 if (thread->has_async_exception_condition()) {return (result_type)0;}
103
104 #define UNSAFE_END JVM_END
105
106
107 static inline void* addr_from_java(jlong addr) {
108 // This assert fails in a variety of ways on 32-bit systems.
109 // It is impossible to predict whether native code that converts
110 // pointers to longs will sign-extend or zero-extend the addresses.
111 //assert(addr == (uintptr_t)addr, "must not be odd high bits");
112 return (void*)(uintptr_t)addr;
113 }
114
115 static inline jlong addr_to_java(void* p) {
116 assert(p == (void*)(uintptr_t)p, "must not be odd high bits");
117 return (uintptr_t)p;
118 }
119
120
121 // Note: The VM's obj_field and related accessors use byte-scaled
122 // ("unscaled") offsets, just as the unsafe methods do.
123
124 // However, the method Unsafe.fieldOffset explicitly declines to
125 // guarantee this. The field offset values manipulated by the Java user
126 // through the Unsafe API are opaque cookies that just happen to be byte
127 // offsets. We represent this state of affairs by passing the cookies
128 // through conversion functions when going between the VM and the Unsafe API.
129 // The conversion functions just happen to be no-ops at present.
130
131 static inline jlong field_offset_to_byte_offset(jlong field_offset) {
132 return field_offset;
133 }
134
135 static inline int field_offset_from_byte_offset(int byte_offset) {
136 return byte_offset;
137 }
138
139 static inline void assert_field_offset_sane(oop p, jlong field_offset) {
140 #ifdef ASSERT
141 jlong byte_offset = field_offset_to_byte_offset(field_offset);
142
143 if (p != nullptr) {
144 assert(byte_offset >= 0 && byte_offset <= (jlong)MAX_OBJECT_SIZE, "sane offset");
145 if (byte_offset == (jint)byte_offset) {
146 void* ptr_plus_disp = cast_from_oop<address>(p) + byte_offset;
147 assert(p->field_addr<void>((jint)byte_offset) == ptr_plus_disp,
148 "raw [ptr+disp] must be consistent with oop::field_addr");
149 }
150 jlong p_size = HeapWordSize * (jlong)(p->size());
151 assert(byte_offset < p_size, "Unsafe access: offset " INT64_FORMAT " > object's size " INT64_FORMAT, (int64_t)byte_offset, (int64_t)p_size);
152 }
153 #endif
154 }
155
156 static inline void* index_oop_from_field_offset_long(oop p, jlong field_offset) {
157 assert_field_offset_sane(p, field_offset);
158 uintptr_t base_address = cast_from_oop<uintptr_t>(p);
159 uintptr_t byte_offset = (uintptr_t)field_offset_to_byte_offset(field_offset);
160 return (void*)(base_address + byte_offset);
161 }
162
163 // Externally callable versions:
164 // (Use these in compiler intrinsics which emulate unsafe primitives.)
165 jlong Unsafe_field_offset_to_byte_offset(jlong field_offset) {
166 return field_offset;
167 }
168 jlong Unsafe_field_offset_from_byte_offset(jlong byte_offset) {
169 return byte_offset;
170 }
171
172
173 ///// Data read/writes on the Java heap and in native (off-heap) memory
174
175 /**
176 * Helper class to wrap memory accesses in JavaThread::doing_unsafe_access()
177 */
178 class GuardUnsafeAccess {
179 JavaThread* _thread;
180
181 public:
182 GuardUnsafeAccess(JavaThread* thread) : _thread(thread) {
183 // native/off-heap access which may raise SIGBUS if accessing
184 // memory mapped file data in a region of the file which has
185 // been truncated and is now invalid.
186 _thread->set_doing_unsafe_access(true);
187 }
188
189 ~GuardUnsafeAccess() {
190 _thread->set_doing_unsafe_access(false);
191 }
192 };
193
194 /**
195 * Helper class for accessing memory.
196 *
197 * Normalizes values and wraps accesses in
198 * JavaThread::doing_unsafe_access() if needed.
199 */
200 template <typename T>
201 class MemoryAccess : StackObj {
202 JavaThread* _thread;
203 oop _obj;
204 ptrdiff_t _offset;
205
206 // Resolves and returns the address of the memory access.
207 // This raw memory access may fault, so we make sure it happens within the
208 // guarded scope by making the access volatile at least. Since the store
209 // of Thread::set_doing_unsafe_access() is also volatile, these accesses
210 // can not be reordered by the compiler. Therefore, if the access triggers
211 // a fault, we will know that Thread::doing_unsafe_access() returns true.
212 volatile T* addr() {
213 void* addr = index_oop_from_field_offset_long(_obj, _offset);
214 return static_cast<volatile T*>(addr);
215 }
216
217 template <typename U>
218 U normalize_for_write(U x) {
219 return x;
220 }
221
222 jboolean normalize_for_write(jboolean x) {
223 return x & 1;
224 }
225
226 template <typename U>
227 U normalize_for_read(U x) {
228 return x;
229 }
230
231 jboolean normalize_for_read(jboolean x) {
232 return x != 0;
233 }
234
235 public:
236 MemoryAccess(JavaThread* thread, jobject obj, jlong offset)
237 : _thread(thread), _obj(JNIHandles::resolve(obj)), _offset((ptrdiff_t)offset) {
238 assert_field_offset_sane(_obj, offset);
239 }
240
241 T get() {
242 GuardUnsafeAccess guard(_thread);
243 return normalize_for_read(*addr());
244 }
245
246 // we use this method at some places for writing to 0 e.g. to cause a crash;
247 // ubsan does not know that this is the desired behavior
248 ATTRIBUTE_NO_UBSAN
249 void put(T x) {
250 GuardUnsafeAccess guard(_thread);
251 *addr() = normalize_for_write(x);
252 }
253
254
255 T get_volatile() {
256 GuardUnsafeAccess guard(_thread);
257 volatile T ret = RawAccess<MO_SEQ_CST>::load(addr());
258 return normalize_for_read(ret);
259 }
260
261 void put_volatile(T x) {
262 GuardUnsafeAccess guard(_thread);
263 RawAccess<MO_SEQ_CST>::store(addr(), normalize_for_write(x));
264 }
265 };
266
267 // These functions allow a null base pointer with an arbitrary address.
268 // But if the base pointer is non-null, the offset should make some sense.
269 // That is, it should be in the range [0, MAX_OBJECT_SIZE].
270 UNSAFE_ENTRY(jobject, Unsafe_GetReference(JNIEnv *env, jobject unsafe, jobject obj, jlong offset)) {
271 oop p = JNIHandles::resolve(obj);
272 assert_field_offset_sane(p, offset);
273 oop v = HeapAccess<ON_UNKNOWN_OOP_REF>::oop_load_at(p, offset);
274 return JNIHandles::make_local(THREAD, v);
275 } UNSAFE_END
276
277 UNSAFE_ENTRY(void, Unsafe_PutReference(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jobject x_h)) {
278 oop x = JNIHandles::resolve(x_h);
279 oop p = JNIHandles::resolve(obj);
280 assert_field_offset_sane(p, offset);
281 HeapAccess<ON_UNKNOWN_OOP_REF>::oop_store_at(p, offset, x);
282 } UNSAFE_END
283
284 UNSAFE_ENTRY(jobject, Unsafe_GetReferenceVolatile(JNIEnv *env, jobject unsafe, jobject obj, jlong offset)) {
285 oop p = JNIHandles::resolve(obj);
286 assert_field_offset_sane(p, offset);
287 oop v = HeapAccess<MO_SEQ_CST | ON_UNKNOWN_OOP_REF>::oop_load_at(p, offset);
288 return JNIHandles::make_local(THREAD, v);
289 } UNSAFE_END
290
291 UNSAFE_ENTRY(void, Unsafe_PutReferenceVolatile(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jobject x_h)) {
292 oop x = JNIHandles::resolve(x_h);
293 oop p = JNIHandles::resolve(obj);
294 assert_field_offset_sane(p, offset);
295 HeapAccess<MO_SEQ_CST | ON_UNKNOWN_OOP_REF>::oop_store_at(p, offset, x);
296 } UNSAFE_END
297
298 UNSAFE_ENTRY(jobject, Unsafe_GetUncompressedObject(JNIEnv *env, jobject unsafe, jlong addr)) {
299 oop v = *(oop*) (address) addr;
300 return JNIHandles::make_local(THREAD, v);
301 } UNSAFE_END
302
303 #define DEFINE_GETSETOOP(java_type, Type) \
304 \
305 UNSAFE_ENTRY_SCOPED(java_type, Unsafe_Get##Type(JNIEnv *env, jobject unsafe, jobject obj, jlong offset)) { \
306 return MemoryAccess<java_type>(thread, obj, offset).get(); \
307 } UNSAFE_END \
308 \
309 UNSAFE_ENTRY_SCOPED(void, Unsafe_Put##Type(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, java_type x)) { \
310 MemoryAccess<java_type>(thread, obj, offset).put(x); \
311 } UNSAFE_END \
312 \
313 // END DEFINE_GETSETOOP.
314
315 DEFINE_GETSETOOP(jboolean, Boolean)
316 DEFINE_GETSETOOP(jbyte, Byte)
317 DEFINE_GETSETOOP(jshort, Short);
318 DEFINE_GETSETOOP(jchar, Char);
319 DEFINE_GETSETOOP(jint, Int);
320 DEFINE_GETSETOOP(jlong, Long);
321 DEFINE_GETSETOOP(jfloat, Float);
322 DEFINE_GETSETOOP(jdouble, Double);
323
324 #undef DEFINE_GETSETOOP
325
326 #define DEFINE_GETSETOOP_VOLATILE(java_type, Type) \
327 \
328 UNSAFE_ENTRY_SCOPED(java_type, Unsafe_Get##Type##Volatile(JNIEnv *env, jobject unsafe, jobject obj, jlong offset)) { \
329 return MemoryAccess<java_type>(thread, obj, offset).get_volatile(); \
330 } UNSAFE_END \
331 \
332 UNSAFE_ENTRY_SCOPED(void, Unsafe_Put##Type##Volatile(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, java_type x)) { \
333 MemoryAccess<java_type>(thread, obj, offset).put_volatile(x); \
334 } UNSAFE_END \
335 \
336 // END DEFINE_GETSETOOP_VOLATILE.
337
338 DEFINE_GETSETOOP_VOLATILE(jboolean, Boolean)
339 DEFINE_GETSETOOP_VOLATILE(jbyte, Byte)
340 DEFINE_GETSETOOP_VOLATILE(jshort, Short);
341 DEFINE_GETSETOOP_VOLATILE(jchar, Char);
342 DEFINE_GETSETOOP_VOLATILE(jint, Int);
343 DEFINE_GETSETOOP_VOLATILE(jlong, Long);
344 DEFINE_GETSETOOP_VOLATILE(jfloat, Float);
345 DEFINE_GETSETOOP_VOLATILE(jdouble, Double);
346
347 #undef DEFINE_GETSETOOP_VOLATILE
348
349 UNSAFE_LEAF(void, Unsafe_FullFence(JNIEnv *env, jobject unsafe)) {
350 OrderAccess::fence();
351 } UNSAFE_END
352
353 ////// Allocation requests
354
355 UNSAFE_ENTRY(jobject, Unsafe_AllocateInstance(JNIEnv *env, jobject unsafe, jclass cls)) {
356 JvmtiVMObjectAllocEventCollector oam;
357 instanceOop i = InstanceKlass::allocate_instance(JNIHandles::resolve_non_null(cls), CHECK_NULL);
358 return JNIHandles::make_local(THREAD, i);
359 } UNSAFE_END
360
361 UNSAFE_LEAF(jlong, Unsafe_AllocateMemory0(JNIEnv *env, jobject unsafe, jlong size)) {
362 size_t sz = (size_t)size;
363
364 assert(is_aligned(sz, HeapWordSize), "sz not aligned");
365
366 void* x = os::malloc(sz, mtOther);
367
368 return addr_to_java(x);
369 } UNSAFE_END
370
371 UNSAFE_LEAF(jlong, Unsafe_ReallocateMemory0(JNIEnv *env, jobject unsafe, jlong addr, jlong size)) {
372 void* p = addr_from_java(addr);
373 size_t sz = (size_t)size;
374
375 assert(is_aligned(sz, HeapWordSize), "sz not aligned");
376
377 void* x = os::realloc(p, sz, mtOther);
378
379 return addr_to_java(x);
380 } UNSAFE_END
381
382 UNSAFE_LEAF(void, Unsafe_FreeMemory0(JNIEnv *env, jobject unsafe, jlong addr)) {
383 void* p = addr_from_java(addr);
384
385 os::free(p);
386 } UNSAFE_END
387
388 UNSAFE_ENTRY_SCOPED(void, Unsafe_SetMemory0(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jlong size, jbyte value)) {
389 size_t sz = (size_t)size;
390
391 oop base = JNIHandles::resolve(obj);
392 void* p = index_oop_from_field_offset_long(base, offset);
393
394 {
395 GuardUnsafeAccess guard(thread);
396 if (StubRoutines::unsafe_setmemory() != nullptr) {
397 MACOS_AARCH64_ONLY(ThreadWXEnable wx(WXExec, thread));
398 StubRoutines::UnsafeSetMemory_stub()(p, sz, value);
399 } else {
400 Copy::fill_to_memory_atomic(p, sz, value);
401 }
402 }
403 } UNSAFE_END
404
405 UNSAFE_ENTRY_SCOPED(void, Unsafe_CopyMemory0(JNIEnv *env, jobject unsafe, jobject srcObj, jlong srcOffset, jobject dstObj, jlong dstOffset, jlong size)) {
406 size_t sz = (size_t)size;
407
408 oop srcp = JNIHandles::resolve(srcObj);
409 oop dstp = JNIHandles::resolve(dstObj);
410
411 void* src = index_oop_from_field_offset_long(srcp, srcOffset);
412 void* dst = index_oop_from_field_offset_long(dstp, dstOffset);
413 {
414 GuardUnsafeAccess guard(thread);
415 if (StubRoutines::unsafe_arraycopy() != nullptr) {
416 MACOS_AARCH64_ONLY(ThreadWXEnable wx(WXExec, thread));
417 StubRoutines::UnsafeArrayCopy_stub()(src, dst, sz);
418 } else {
419 Copy::conjoint_memory_atomic(src, dst, sz);
420 }
421 }
422 } UNSAFE_END
423
424 UNSAFE_ENTRY_SCOPED(void, Unsafe_CopySwapMemory0(JNIEnv *env, jobject unsafe, jobject srcObj, jlong srcOffset, jobject dstObj, jlong dstOffset, jlong size, jlong elemSize)) {
425 size_t sz = (size_t)size;
426 size_t esz = (size_t)elemSize;
427
428 oop srcp = JNIHandles::resolve(srcObj);
429 oop dstp = JNIHandles::resolve(dstObj);
430
431 address src = (address)index_oop_from_field_offset_long(srcp, srcOffset);
432 address dst = (address)index_oop_from_field_offset_long(dstp, dstOffset);
433
434 {
435 GuardUnsafeAccess guard(thread);
436 Copy::conjoint_swap(src, dst, sz, esz);
437 }
438 } UNSAFE_END
439
440 UNSAFE_LEAF (void, Unsafe_WriteBack0(JNIEnv *env, jobject unsafe, jlong line)) {
441 assert(VM_Version::supports_data_cache_line_flush(), "should not get here");
442 #ifdef ASSERT
443 if (TraceMemoryWriteback) {
444 tty->print_cr("Unsafe: writeback 0x%p", addr_from_java(line));
445 }
446 #endif
447
448 MACOS_AARCH64_ONLY(ThreadWXEnable wx(WXExec, Thread::current()));
449 assert(StubRoutines::data_cache_writeback() != nullptr, "sanity");
450 (StubRoutines::DataCacheWriteback_stub())(addr_from_java(line));
451 } UNSAFE_END
452
453 static void doWriteBackSync0(bool is_pre)
454 {
455 MACOS_AARCH64_ONLY(ThreadWXEnable wx(WXExec, Thread::current()));
456 assert(StubRoutines::data_cache_writeback_sync() != nullptr, "sanity");
457 (StubRoutines::DataCacheWritebackSync_stub())(is_pre);
458 }
459
460 UNSAFE_LEAF (void, Unsafe_WriteBackPreSync0(JNIEnv *env, jobject unsafe)) {
461 assert(VM_Version::supports_data_cache_line_flush(), "should not get here");
462 #ifdef ASSERT
463 if (TraceMemoryWriteback) {
464 tty->print_cr("Unsafe: writeback pre-sync");
465 }
466 #endif
467
468 doWriteBackSync0(true);
469 } UNSAFE_END
470
471 UNSAFE_LEAF (void, Unsafe_WriteBackPostSync0(JNIEnv *env, jobject unsafe)) {
472 assert(VM_Version::supports_data_cache_line_flush(), "should not get here");
473 #ifdef ASSERT
474 if (TraceMemoryWriteback) {
475 tty->print_cr("Unsafe: writeback pre-sync");
476 }
477 #endif
478
479 doWriteBackSync0(false);
480 } UNSAFE_END
481
482 ////// Random queries
483
484 static jlong find_field_offset(jclass clazz, jstring name, TRAPS) {
485 assert(clazz != nullptr, "clazz must not be null");
486 assert(name != nullptr, "name must not be null");
487
488 ResourceMark rm(THREAD);
489 char *utf_name = java_lang_String::as_utf8_string(JNIHandles::resolve_non_null(name));
490
491 InstanceKlass* k = InstanceKlass::cast(java_lang_Class::as_Klass(JNIHandles::resolve_non_null(clazz)));
492
493 jint offset = -1;
494 for (JavaFieldStream fs(k); !fs.done(); fs.next()) {
495 Symbol *name = fs.name();
496 if (name->equals(utf_name)) {
497 offset = fs.offset();
498 break;
499 }
500 }
501 if (offset < 0) {
502 THROW_0(vmSymbols::java_lang_InternalError());
503 }
504 return field_offset_from_byte_offset(offset);
505 }
506
507 static jlong find_field_offset(jobject field, int must_be_static, TRAPS) {
508 assert(field != nullptr, "field must not be null");
509
510 oop reflected = JNIHandles::resolve_non_null(field);
511 oop mirror = java_lang_reflect_Field::clazz(reflected);
512 Klass* k = java_lang_Class::as_Klass(mirror);
513 int slot = java_lang_reflect_Field::slot(reflected);
514 int modifiers = java_lang_reflect_Field::modifiers(reflected);
515
516 if (must_be_static >= 0) {
517 int really_is_static = ((modifiers & JVM_ACC_STATIC) != 0);
518 if (must_be_static != really_is_static) {
519 THROW_0(vmSymbols::java_lang_IllegalArgumentException());
520 }
521 }
522
523 int offset = InstanceKlass::cast(k)->field_offset(slot);
524 return field_offset_from_byte_offset(offset);
525 }
526
527 UNSAFE_ENTRY(jlong, Unsafe_ObjectFieldOffset0(JNIEnv *env, jobject unsafe, jobject field)) {
528 return find_field_offset(field, 0, THREAD);
529 } UNSAFE_END
530
531 UNSAFE_ENTRY(jlong, Unsafe_ObjectFieldOffset1(JNIEnv *env, jobject unsafe, jclass c, jstring name)) {
532 return find_field_offset(c, name, THREAD);
533 } UNSAFE_END
534
535 UNSAFE_ENTRY(jlong, Unsafe_StaticFieldOffset0(JNIEnv *env, jobject unsafe, jobject field)) {
536 return find_field_offset(field, 1, THREAD);
537 } UNSAFE_END
538
539 UNSAFE_ENTRY(jobject, Unsafe_StaticFieldBase0(JNIEnv *env, jobject unsafe, jobject field)) {
540 assert(field != nullptr, "field must not be null");
541
542 // Note: In this VM implementation, a field address is always a short
543 // offset from the base of a klass metaobject. Thus, the full dynamic
544 // range of the return type is never used. However, some implementations
545 // might put the static field inside an array shared by many classes,
546 // or even at a fixed address, in which case the address could be quite
547 // large. In that last case, this function would return null, since
548 // the address would operate alone, without any base pointer.
549
550 oop reflected = JNIHandles::resolve_non_null(field);
551 oop mirror = java_lang_reflect_Field::clazz(reflected);
552 int modifiers = java_lang_reflect_Field::modifiers(reflected);
553
554 if ((modifiers & JVM_ACC_STATIC) == 0) {
555 THROW_0(vmSymbols::java_lang_IllegalArgumentException());
556 }
557
558 return JNIHandles::make_local(THREAD, mirror);
559 } UNSAFE_END
560
561 UNSAFE_ENTRY(void, Unsafe_EnsureClassInitialized0(JNIEnv *env, jobject unsafe, jobject clazz)) {
562 assert(clazz != nullptr, "clazz must not be null");
563
564 oop mirror = JNIHandles::resolve_non_null(clazz);
565
566 Klass* klass = java_lang_Class::as_Klass(mirror);
567 if (klass != nullptr && klass->should_be_initialized()) {
568 InstanceKlass* k = InstanceKlass::cast(klass);
569 k->initialize(CHECK);
570 }
571 }
572 UNSAFE_END
573
574 UNSAFE_ENTRY(jboolean, Unsafe_ShouldBeInitialized0(JNIEnv *env, jobject unsafe, jobject clazz)) {
575 assert(clazz != nullptr, "clazz must not be null");
576
577 oop mirror = JNIHandles::resolve_non_null(clazz);
578 Klass* klass = java_lang_Class::as_Klass(mirror);
579
580 if (klass != nullptr && klass->should_be_initialized()) {
581 return true;
582 }
583
584 return false;
585 }
586 UNSAFE_END
587
588 static void getBaseAndScale(int& base, int& scale, jclass clazz, TRAPS) {
589 assert(clazz != nullptr, "clazz must not be null");
590
591 oop mirror = JNIHandles::resolve_non_null(clazz);
592 Klass* k = java_lang_Class::as_Klass(mirror);
593
594 if (k == nullptr || !k->is_array_klass()) {
595 THROW(vmSymbols::java_lang_InvalidClassException());
596 } else if (k->is_objArray_klass()) {
597 base = arrayOopDesc::base_offset_in_bytes(T_OBJECT);
598 scale = heapOopSize;
599 } else if (k->is_typeArray_klass()) {
600 TypeArrayKlass* tak = TypeArrayKlass::cast(k);
601 base = tak->array_header_in_bytes();
602 assert(base == arrayOopDesc::base_offset_in_bytes(tak->element_type()), "array_header_size semantics ok");
603 scale = (1 << tak->log2_element_size());
604 } else {
605 ShouldNotReachHere();
606 }
607 }
608
609 UNSAFE_ENTRY(jint, Unsafe_ArrayBaseOffset0(JNIEnv *env, jobject unsafe, jclass clazz)) {
610 int base = 0, scale = 0;
611 getBaseAndScale(base, scale, clazz, CHECK_0);
612
613 return field_offset_from_byte_offset(base);
614 } UNSAFE_END
615
616
617 UNSAFE_ENTRY(jint, Unsafe_ArrayIndexScale0(JNIEnv *env, jobject unsafe, jclass clazz)) {
618 int base = 0, scale = 0;
619 getBaseAndScale(base, scale, clazz, CHECK_0);
620
621 // This VM packs both fields and array elements down to the byte.
622 // But watch out: If this changes, so that array references for
623 // a given primitive type (say, T_BOOLEAN) use different memory units
624 // than fields, this method MUST return zero for such arrays.
625 // For example, the VM used to store sub-word sized fields in full
626 // words in the object layout, so that accessors like getByte(Object,int)
627 // did not really do what one might expect for arrays. Therefore,
628 // this function used to report a zero scale factor, so that the user
629 // would know not to attempt to access sub-word array elements.
630 // // Code for unpacked fields:
631 // if (scale < wordSize) return 0;
632
633 // The following allows for a pretty general fieldOffset cookie scheme,
634 // but requires it to be linear in byte offset.
635 return field_offset_from_byte_offset(scale) - field_offset_from_byte_offset(0);
636 } UNSAFE_END
637
638
639 static inline void throw_new(JNIEnv *env, const char *ename) {
640 jclass cls = env->FindClass(ename);
641 if (env->ExceptionCheck()) {
642 env->ExceptionClear();
643 tty->print_cr("Unsafe: cannot throw %s because FindClass has failed", ename);
644 return;
645 }
646
647 env->ThrowNew(cls, nullptr);
648 }
649
650 static jclass Unsafe_DefineClass_impl(JNIEnv *env, jstring name, jbyteArray data, int offset, int length, jobject loader, jobject pd) {
651 // Code lifted from JDK 1.3 ClassLoader.c
652
653 jbyte *body;
654 char *utfName = nullptr;
655 jclass result = 0;
656 char buf[128];
657
658 assert(data != nullptr, "Class bytes must not be null");
659 assert(length >= 0, "length must not be negative: %d", length);
660
661 if (UsePerfData) {
662 ClassLoader::unsafe_defineClassCallCounter()->inc();
663 }
664
665 body = NEW_C_HEAP_ARRAY_RETURN_NULL(jbyte, length, mtInternal);
666 if (body == nullptr) {
667 throw_new(env, "java/lang/OutOfMemoryError");
668 return 0;
669 }
670
671 env->GetByteArrayRegion(data, offset, length, body);
672 if (env->ExceptionOccurred()) {
673 goto free_body;
674 }
675
676 if (name != nullptr) {
677 uint len = env->GetStringUTFLength(name);
678 int unicode_len = env->GetStringLength(name);
679
680 if (len >= sizeof(buf)) {
681 utfName = NEW_C_HEAP_ARRAY_RETURN_NULL(char, len + 1, mtInternal);
682 if (utfName == nullptr) {
683 throw_new(env, "java/lang/OutOfMemoryError");
684 goto free_body;
685 }
686 } else {
687 utfName = buf;
688 }
689
690 env->GetStringUTFRegion(name, 0, unicode_len, utfName);
691
692 for (uint i = 0; i < len; i++) {
693 if (utfName[i] == '.') utfName[i] = '/';
694 }
695 }
696
697 result = JVM_DefineClass(env, utfName, loader, body, length, pd);
698
699 if (utfName && utfName != buf) {
700 FREE_C_HEAP_ARRAY(char, utfName);
701 }
702
703 free_body:
704 FREE_C_HEAP_ARRAY(jbyte, body);
705 return result;
706 }
707
708
709 UNSAFE_ENTRY(jclass, Unsafe_DefineClass0(JNIEnv *env, jobject unsafe, jstring name, jbyteArray data, int offset, int length, jobject loader, jobject pd)) {
710 ThreadToNativeFromVM ttnfv(thread);
711
712 return Unsafe_DefineClass_impl(env, name, data, offset, length, loader, pd);
713 } UNSAFE_END
714
715
716 UNSAFE_ENTRY(void, Unsafe_ThrowException(JNIEnv *env, jobject unsafe, jthrowable thr)) {
717 ThreadToNativeFromVM ttnfv(thread);
718 env->Throw(thr);
719 } UNSAFE_END
720
721 // JSR166 ------------------------------------------------------------------
722
723 UNSAFE_ENTRY(jobject, Unsafe_CompareAndExchangeReference(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jobject e_h, jobject x_h)) {
724 oop x = JNIHandles::resolve(x_h);
725 oop e = JNIHandles::resolve(e_h);
726 oop p = JNIHandles::resolve(obj);
727 assert_field_offset_sane(p, offset);
728 oop res = HeapAccess<ON_UNKNOWN_OOP_REF>::oop_atomic_cmpxchg_at(p, (ptrdiff_t)offset, e, x);
729 return JNIHandles::make_local(THREAD, res);
730 } UNSAFE_END
731
732 UNSAFE_ENTRY_SCOPED(jint, Unsafe_CompareAndExchangeInt(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jint e, jint x)) {
733 oop p = JNIHandles::resolve(obj);
734 volatile jint* addr = (volatile jint*)index_oop_from_field_offset_long(p, offset);
735 return Atomic::cmpxchg(addr, e, x);
736 } UNSAFE_END
737
738 UNSAFE_ENTRY_SCOPED(jlong, Unsafe_CompareAndExchangeLong(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jlong e, jlong x)) {
739 oop p = JNIHandles::resolve(obj);
740 volatile jlong* addr = (volatile jlong*)index_oop_from_field_offset_long(p, offset);
741 return Atomic::cmpxchg(addr, e, x);
742 } UNSAFE_END
743
744 UNSAFE_ENTRY(jboolean, Unsafe_CompareAndSetReference(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jobject e_h, jobject x_h)) {
745 oop x = JNIHandles::resolve(x_h);
746 oop e = JNIHandles::resolve(e_h);
747 oop p = JNIHandles::resolve(obj);
748 assert_field_offset_sane(p, offset);
749 oop ret = HeapAccess<ON_UNKNOWN_OOP_REF>::oop_atomic_cmpxchg_at(p, (ptrdiff_t)offset, e, x);
750 return ret == e;
751 } UNSAFE_END
752
753 UNSAFE_ENTRY_SCOPED(jboolean, Unsafe_CompareAndSetInt(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jint e, jint x)) {
754 oop p = JNIHandles::resolve(obj);
755 volatile jint* addr = (volatile jint*)index_oop_from_field_offset_long(p, offset);
756 return Atomic::cmpxchg(addr, e, x) == e;
757 } UNSAFE_END
758
759 UNSAFE_ENTRY_SCOPED(jboolean, Unsafe_CompareAndSetLong(JNIEnv *env, jobject unsafe, jobject obj, jlong offset, jlong e, jlong x)) {
760 oop p = JNIHandles::resolve(obj);
761 volatile jlong* addr = (volatile jlong*)index_oop_from_field_offset_long(p, offset);
762 return Atomic::cmpxchg(addr, e, x) == e;
763 } UNSAFE_END
764
765 static void post_thread_park_event(EventThreadPark* event, const oop obj, jlong timeout_nanos, jlong until_epoch_millis) {
766 assert(event != nullptr, "invariant");
767 event->set_parkedClass((obj != nullptr) ? obj->klass() : nullptr);
768 event->set_timeout(timeout_nanos);
769 event->set_until(until_epoch_millis);
770 event->set_address((obj != nullptr) ? (u8)cast_from_oop<uintptr_t>(obj) : 0);
771 event->commit();
772 }
773
774 UNSAFE_ENTRY(void, Unsafe_Park(JNIEnv *env, jobject unsafe, jboolean isAbsolute, jlong time)) {
775 HOTSPOT_THREAD_PARK_BEGIN((uintptr_t) thread->parker(), (int) isAbsolute, time);
776 EventThreadPark event;
777
778 JavaThreadParkedState jtps(thread, time != 0);
779 thread->parker()->park(isAbsolute != 0, time);
780 if (event.should_commit()) {
781 const oop obj = thread->current_park_blocker();
782 if (time == 0) {
783 post_thread_park_event(&event, obj, min_jlong, min_jlong);
784 } else {
785 if (isAbsolute != 0) {
786 post_thread_park_event(&event, obj, min_jlong, time);
787 } else {
788 post_thread_park_event(&event, obj, time, min_jlong);
789 }
790 }
791 }
792 HOTSPOT_THREAD_PARK_END((uintptr_t) thread->parker());
793 } UNSAFE_END
794
795 UNSAFE_ENTRY(void, Unsafe_Unpark(JNIEnv *env, jobject unsafe, jobject jthread)) {
796 if (jthread != nullptr) {
797 oop thread_oop = JNIHandles::resolve_non_null(jthread);
798 // Get the JavaThread* stored in the java.lang.Thread object _before_
799 // the embedded ThreadsListHandle is constructed so we know if the
800 // early life stage of the JavaThread* is protected. We use acquire
801 // here to ensure that if we see a non-nullptr value, then we also
802 // see the main ThreadsList updates from the JavaThread* being added.
803 FastThreadsListHandle ftlh(thread_oop, java_lang_Thread::thread_acquire(thread_oop));
804 JavaThread* thr = ftlh.protected_java_thread();
805 if (thr != nullptr) {
806 // The still live JavaThread* is protected by the FastThreadsListHandle
807 // so it is safe to access.
808 Parker* p = thr->parker();
809 HOTSPOT_THREAD_UNPARK((uintptr_t) p);
810 p->unpark();
811 }
812 } // FastThreadsListHandle is destroyed here.
813 } UNSAFE_END
814
815 UNSAFE_ENTRY(jint, Unsafe_GetLoadAverage0(JNIEnv *env, jobject unsafe, jdoubleArray loadavg, jint nelem)) {
816 const int max_nelem = 3;
817 double la[max_nelem];
818 jint ret;
819
820 typeArrayOop a = typeArrayOop(JNIHandles::resolve_non_null(loadavg));
821 assert(a->is_typeArray(), "must be type array");
822
823 ret = os::loadavg(la, nelem);
824 if (ret == -1) {
825 return -1;
826 }
827
828 // if successful, ret is the number of samples actually retrieved.
829 assert(ret >= 0 && ret <= max_nelem, "Unexpected loadavg return value");
830 switch(ret) {
831 case 3: a->double_at_put(2, (jdouble)la[2]); // fall through
832 case 2: a->double_at_put(1, (jdouble)la[1]); // fall through
833 case 1: a->double_at_put(0, (jdouble)la[0]); break;
834 }
835
836 return ret;
837 } UNSAFE_END
838
839
840 /// JVM_RegisterUnsafeMethods
841
842 #define ADR "J"
843
844 #define LANG "Ljava/lang/"
845
846 #define OBJ LANG "Object;"
847 #define CLS LANG "Class;"
848 #define FLD LANG "reflect/Field;"
849 #define THR LANG "Throwable;"
850
851 #define DC_Args LANG "String;[BII" LANG "ClassLoader;" "Ljava/security/ProtectionDomain;"
852 #define DAC_Args CLS "[B[" OBJ
853
854 #define CC (char*) /*cast a literal from (const char*)*/
855 #define FN_PTR(f) CAST_FROM_FN_PTR(void*, &f)
856
857 #define DECLARE_GETPUTOOP(Type, Desc) \
858 {CC "get" #Type, CC "(" OBJ "J)" #Desc, FN_PTR(Unsafe_Get##Type)}, \
859 {CC "put" #Type, CC "(" OBJ "J" #Desc ")V", FN_PTR(Unsafe_Put##Type)}, \
860 {CC "get" #Type "Volatile", CC "(" OBJ "J)" #Desc, FN_PTR(Unsafe_Get##Type##Volatile)}, \
861 {CC "put" #Type "Volatile", CC "(" OBJ "J" #Desc ")V", FN_PTR(Unsafe_Put##Type##Volatile)}
862
863
864 static JNINativeMethod jdk_internal_misc_Unsafe_methods[] = {
865 {CC "getReference", CC "(" OBJ "J)" OBJ "", FN_PTR(Unsafe_GetReference)},
866 {CC "putReference", CC "(" OBJ "J" OBJ ")V", FN_PTR(Unsafe_PutReference)},
867 {CC "getReferenceVolatile", CC "(" OBJ "J)" OBJ, FN_PTR(Unsafe_GetReferenceVolatile)},
868 {CC "putReferenceVolatile", CC "(" OBJ "J" OBJ ")V", FN_PTR(Unsafe_PutReferenceVolatile)},
869
870 {CC "getUncompressedObject", CC "(" ADR ")" OBJ, FN_PTR(Unsafe_GetUncompressedObject)},
871
872 DECLARE_GETPUTOOP(Boolean, Z),
873 DECLARE_GETPUTOOP(Byte, B),
874 DECLARE_GETPUTOOP(Short, S),
875 DECLARE_GETPUTOOP(Char, C),
876 DECLARE_GETPUTOOP(Int, I),
877 DECLARE_GETPUTOOP(Long, J),
878 DECLARE_GETPUTOOP(Float, F),
879 DECLARE_GETPUTOOP(Double, D),
880
881 {CC "allocateMemory0", CC "(J)" ADR, FN_PTR(Unsafe_AllocateMemory0)},
882 {CC "reallocateMemory0", CC "(" ADR "J)" ADR, FN_PTR(Unsafe_ReallocateMemory0)},
883 {CC "freeMemory0", CC "(" ADR ")V", FN_PTR(Unsafe_FreeMemory0)},
884
885 {CC "objectFieldOffset0", CC "(" FLD ")J", FN_PTR(Unsafe_ObjectFieldOffset0)},
886 {CC "objectFieldOffset1", CC "(" CLS LANG "String;)J", FN_PTR(Unsafe_ObjectFieldOffset1)},
887 {CC "staticFieldOffset0", CC "(" FLD ")J", FN_PTR(Unsafe_StaticFieldOffset0)},
888 {CC "staticFieldBase0", CC "(" FLD ")" OBJ, FN_PTR(Unsafe_StaticFieldBase0)},
889 {CC "ensureClassInitialized0", CC "(" CLS ")V", FN_PTR(Unsafe_EnsureClassInitialized0)},
890 {CC "arrayBaseOffset0", CC "(" CLS ")I", FN_PTR(Unsafe_ArrayBaseOffset0)},
891 {CC "arrayIndexScale0", CC "(" CLS ")I", FN_PTR(Unsafe_ArrayIndexScale0)},
892
893 {CC "defineClass0", CC "(" DC_Args ")" CLS, FN_PTR(Unsafe_DefineClass0)},
894 {CC "allocateInstance", CC "(" CLS ")" OBJ, FN_PTR(Unsafe_AllocateInstance)},
895 {CC "throwException", CC "(" THR ")V", FN_PTR(Unsafe_ThrowException)},
896 {CC "compareAndSetReference",CC "(" OBJ "J" OBJ "" OBJ ")Z", FN_PTR(Unsafe_CompareAndSetReference)},
897 {CC "compareAndSetInt", CC "(" OBJ "J""I""I"")Z", FN_PTR(Unsafe_CompareAndSetInt)},
898 {CC "compareAndSetLong", CC "(" OBJ "J""J""J"")Z", FN_PTR(Unsafe_CompareAndSetLong)},
899 {CC "compareAndExchangeReference", CC "(" OBJ "J" OBJ "" OBJ ")" OBJ, FN_PTR(Unsafe_CompareAndExchangeReference)},
900 {CC "compareAndExchangeInt", CC "(" OBJ "J""I""I"")I", FN_PTR(Unsafe_CompareAndExchangeInt)},
901 {CC "compareAndExchangeLong", CC "(" OBJ "J""J""J"")J", FN_PTR(Unsafe_CompareAndExchangeLong)},
902
903 {CC "park", CC "(ZJ)V", FN_PTR(Unsafe_Park)},
904 {CC "unpark", CC "(" OBJ ")V", FN_PTR(Unsafe_Unpark)},
905
906 {CC "getLoadAverage0", CC "([DI)I", FN_PTR(Unsafe_GetLoadAverage0)},
907
908 {CC "copyMemory0", CC "(" OBJ "J" OBJ "JJ)V", FN_PTR(Unsafe_CopyMemory0)},
909 {CC "copySwapMemory0", CC "(" OBJ "J" OBJ "JJJ)V", FN_PTR(Unsafe_CopySwapMemory0)},
910 {CC "writeback0", CC "(" "J" ")V", FN_PTR(Unsafe_WriteBack0)},
911 {CC "writebackPreSync0", CC "()V", FN_PTR(Unsafe_WriteBackPreSync0)},
912 {CC "writebackPostSync0", CC "()V", FN_PTR(Unsafe_WriteBackPostSync0)},
913 {CC "setMemory0", CC "(" OBJ "JJB)V", FN_PTR(Unsafe_SetMemory0)},
914
915 {CC "shouldBeInitialized0", CC "(" CLS ")Z", FN_PTR(Unsafe_ShouldBeInitialized0)},
916
917 {CC "fullFence", CC "()V", FN_PTR(Unsafe_FullFence)},
918 };
919
920 #undef CC
921 #undef FN_PTR
922
923 #undef ADR
924 #undef LANG
925 #undef OBJ
926 #undef CLS
927 #undef FLD
928 #undef THR
929 #undef DC_Args
930 #undef DAC_Args
931
932 #undef DECLARE_GETPUTOOP
933
934
935 // This function is exported, used by NativeLookup.
936 // The Unsafe_xxx functions above are called only from the interpreter.
937 // The optimizer looks at names and signatures to recognize
938 // individual functions.
939
940 JVM_ENTRY(void, JVM_RegisterJDKInternalMiscUnsafeMethods(JNIEnv *env, jclass unsafeclass)) {
941 ThreadToNativeFromVM ttnfv(thread);
942
943 int ok = env->RegisterNatives(unsafeclass, jdk_internal_misc_Unsafe_methods, sizeof(jdk_internal_misc_Unsafe_methods)/sizeof(JNINativeMethod));
944 guarantee(ok == 0, "register jdk.internal.misc.Unsafe natives");
945 } JVM_END