1 /*
2 * Copyright (c) 1997, 2026, Oracle and/or its affiliates. All rights reserved.
3 * Copyright (c) 2014, 2020, Red Hat Inc. All rights reserved.
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5 *
6 * This code is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 only, as
8 * published by the Free Software Foundation.
9 *
10 * This code is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
23 *
24 */
25
26 #include "asm/macroAssembler.hpp"
27 #include "code/codeCache.hpp"
28 #include "code/compiledIC.hpp"
29 #include "gc/shared/collectedHeap.hpp"
30 #include "nativeInst_aarch64.hpp"
31 #include "oops/oop.inline.hpp"
32 #include "runtime/handles.hpp"
33 #include "runtime/orderAccess.hpp"
34 #include "runtime/sharedRuntime.hpp"
35 #include "runtime/stubRoutines.hpp"
36 #include "utilities/ostream.hpp"
37 #ifdef COMPILER1
38 #include "c1/c1_Runtime1.hpp"
39 #endif
40 #if INCLUDE_JVMCI
41 #include "jvmci/jvmciEnv.hpp"
42 #endif
43
44 void NativeCall::verify() {
45 assert(NativeCall::is_call_at((address)this), "unexpected code at call site");
46 }
47
48 void NativeInstruction::wrote(int offset) {
49 ICache::invalidate_word(addr_at(offset));
50 }
51
52 address NativeCall::destination() const {
53 address addr = instruction_address();
54 address destination = addr + displacement();
55
56 // Performance optimization: no need to call find_blob() if it is a self-call
57 if (destination == addr) {
58 return destination;
59 }
60
61 // Do we use a trampoline stub for this call?
62 CodeBlob* cb = CodeCache::find_blob(addr);
63 assert(cb != nullptr && cb->is_nmethod(), "nmethod expected");
64 nmethod *nm = cb->as_nmethod();
65 if (nm->stub_contains(destination) && is_NativeCallTrampolineStub_at(destination)) {
66 // Yes we do, so get the destination from the trampoline stub.
67 const address trampoline_stub_addr = destination;
68 destination = nativeCallTrampolineStub_at(trampoline_stub_addr)->destination();
69 }
70
71 return destination;
72 }
73
74 // Similar to replace_mt_safe, but just changes the destination. The
75 // important thing is that free-running threads are able to execute this
76 // call instruction at all times.
77 //
78 // Used in the runtime linkage of calls; see class CompiledIC.
79 void NativeCall::set_destination_mt_safe(address dest) {
80 assert((CodeCache_lock->is_locked() || SafepointSynchronize::is_at_safepoint()) ||
81 CompiledICLocker::is_safe(addr_at(0)),
82 "concurrent code patching");
83
84 address addr_call = addr_at(0);
85 bool reachable = Assembler::reachable_from_branch_at(addr_call, dest);
86 assert(NativeCall::is_call_at(addr_call), "unexpected code at call site");
87
88 // Patch the constant in the call's trampoline stub.
89 address trampoline_stub_addr = get_trampoline();
90 if (trampoline_stub_addr != nullptr) {
91 assert (! is_NativeCallTrampolineStub_at(dest), "chained trampolines");
92 nativeCallTrampolineStub_at(trampoline_stub_addr)->set_destination(dest);
93 }
94
95 // Patch the call.
96 if (reachable) {
97 set_destination(dest);
98 } else {
99 assert (trampoline_stub_addr != nullptr, "we need a trampoline");
100 set_destination(trampoline_stub_addr);
101 }
102
103 ICache::invalidate_range(addr_call, instruction_size);
104 }
105
106 address NativeCall::get_trampoline() {
107 address call_addr = instruction_address();
108
109 CodeBlob *code = CodeCache::find_blob(call_addr);
110 assert(code != nullptr && code->is_nmethod(), "nmethod expected");
111 nmethod* nm = code->as_nmethod();
112
113 address bl_destination = call_addr + displacement();
114 if (nm->stub_contains(bl_destination) &&
115 is_NativeCallTrampolineStub_at(bl_destination))
116 return bl_destination;
117
118 return trampoline_stub_Relocation::get_trampoline_for(call_addr, nm);
119 }
120
121 // Inserts a native call instruction at a given pc
122 void NativeCall::insert(address code_pos, address entry) { Unimplemented(); }
123
124 //-------------------------------------------------------------------
125
126 void NativeMovConstReg::verify() {
127 if (! (nativeInstruction_at(instruction_address())->is_movz() ||
128 is_adrp_at(instruction_address()) ||
129 is_ldr_literal_at(instruction_address())) ) {
130 fatal("should be MOVZ or ADRP or LDR (literal)");
131 }
132 }
133
134
135 intptr_t NativeMovConstReg::data() const {
136 address addr = MacroAssembler::target_addr_for_insn(instruction_address());
137 if (maybe_cpool_ref(instruction_address())) {
138 return *(intptr_t*)addr;
139 } else {
140 return (intptr_t)addr;
141 }
142 }
143
144 void NativeMovConstReg::set_data(intptr_t x) {
145 if (maybe_cpool_ref(instruction_address())) {
146 MACOS_AARCH64_ONLY(os::thread_wx_enable_write());
147 address addr = MacroAssembler::target_addr_for_insn(instruction_address());
148 *(intptr_t*)addr = x;
149 } else {
150 // Store x into the instruction stream.
151 MacroAssembler::pd_patch_instruction(instruction_address(), (address)x);
152 ICache::invalidate_range(instruction_address(), instruction_size);
153 }
154
155 // Find and replace the oop/metadata corresponding to this
156 // instruction in oops section.
157 CodeBlob* cb = CodeCache::find_blob(instruction_address());
158 nmethod* nm = cb->as_nmethod_or_null();
159 if (nm != nullptr) {
160 RelocIterator iter(nm, instruction_address(), next_instruction_address());
161 while (iter.next()) {
162 if (iter.type() == relocInfo::oop_type) {
163 oop* oop_addr = iter.oop_reloc()->oop_addr();
164 *oop_addr = cast_to_oop(x);
165 break;
166 } else if (iter.type() == relocInfo::metadata_type) {
167 Metadata** metadata_addr = iter.metadata_reloc()->metadata_addr();
168 *metadata_addr = (Metadata*)x;
169 break;
170 }
171 }
172 }
173 }
174
175 void NativeMovConstReg::print() {
176 tty->print_cr(PTR_FORMAT ": mov reg, " INTPTR_FORMAT,
177 p2i(instruction_address()), data());
178 }
179
180 //-------------------------------------------------------------------
181
182 int NativeMovRegMem::offset() const {
183 address pc = instruction_address();
184 unsigned insn = *(unsigned*)pc;
185 if (Instruction_aarch64::extract(insn, 28, 24) == 0b10000) {
186 address addr = MacroAssembler::target_addr_for_insn(pc);
187 return *addr;
188 } else {
189 return (int)(intptr_t)MacroAssembler::target_addr_for_insn(instruction_address());
190 }
191 }
192
193 void NativeMovRegMem::set_offset(int x) {
194 address pc = instruction_address();
195 if (maybe_cpool_ref(pc)) {
196 address addr = MacroAssembler::target_addr_for_insn(pc);
197 *(int64_t*)addr = x;
198 } else {
199 MacroAssembler::pd_patch_instruction(pc, (address)intptr_t(x));
200 ICache::invalidate_range(instruction_address(), instruction_size);
201 }
202 }
203
204 void NativeMovRegMem::verify() {
205 #ifdef ASSERT
206 MacroAssembler::target_addr_for_insn(instruction_address());
207 #endif
208 }
209
210 //--------------------------------------------------------------------------------
211
212 void NativeJump::verify() { ; }
213
214
215 void NativeJump::insert(address code_pos, address entry) {
216 // Dispacement is relative to the jump instruction PC
217 intptr_t disp = (intptr_t)entry - ((intptr_t)code_pos);
218
219 // The jump immediate is 26 bits and it will at execution time be scaled by 4
220 int64_t imm26 = disp >> 2;
221
222 // The farthest that we can jump is +/- 128MiB
223 guarantee(Assembler::is_simm(imm26, 26), "maximum offset is 128MiB, you asking for %ld", imm26);
224
225 // Patch with opcode | offset
226 *((int32_t*)code_pos) = 0x14000000 | imm26;
227
228 // Tell hardware to invalidate icache line containing code_pos
229 ICache::invalidate_range(code_pos, instruction_size);
230 }
231
232 address NativeJump::jump_destination() const {
233 address dest = MacroAssembler::target_addr_for_insn(instruction_address());
234
235 // We use jump to self as the unresolved address which the inline
236 // cache code (and relocs) know about
237 // As a special case we also use sequence movptr(r,0); br(r);
238 // i.e. jump to 0 when we need leave space for a wide immediate
239 // load
240
241 // return -1 if jump to self or to 0
242 if ((dest == (address)this) || dest == nullptr) {
243 dest = (address) -1;
244 }
245 return dest;
246 }
247
248 void NativeJump::set_jump_destination(address dest) {
249 // We use jump to self as the unresolved address which the inline
250 // cache code (and relocs) know about
251 if (dest == (address) -1)
252 dest = instruction_address();
253
254 MacroAssembler::pd_patch_instruction(instruction_address(), dest);
255 ICache::invalidate_range(instruction_address(), instruction_size);
256 };
257
258 //-------------------------------------------------------------------
259
260 address NativeGeneralJump::jump_destination() const {
261 NativeMovConstReg* move = nativeMovConstReg_at(instruction_address());
262 address dest = (address) move->data();
263
264 // We use jump to self as the unresolved address which the inline
265 // cache code (and relocs) know about
266 // As a special case we also use jump to 0 when first generating
267 // a general jump
268
269 // return -1 if jump to self or to 0
270 if ((dest == (address)this) || dest == nullptr) {
271 dest = (address) -1;
272 }
273 return dest;
274 }
275
276 void NativeGeneralJump::set_jump_destination(address dest) {
277 NativeMovConstReg* move = nativeMovConstReg_at(instruction_address());
278
279 // We use jump to self as the unresolved address which the inline
280 // cache code (and relocs) know about
281 if (dest == (address) -1) {
282 dest = instruction_address();
283 }
284
285 move->set_data((uintptr_t) dest);
286 };
287
288 //-------------------------------------------------------------------
289
290 bool NativeInstruction::is_safepoint_poll() {
291 // a safepoint_poll is implemented in two steps as either
292 //
293 // adrp(reg, polling_page);
294 // ldr(zr, [reg, #offset]);
295 //
296 // or
297 //
298 // mov(reg, polling_page);
299 // ldr(zr, [reg, #offset]);
300 //
301 // or
302 //
303 // ldr(reg, [rthread, #offset]);
304 // ldr(zr, [reg, #offset]);
305 //
306 // however, we cannot rely on the polling page address load always
307 // directly preceding the read from the page. C1 does that but C2
308 // has to do the load and read as two independent instruction
309 // generation steps. that's because with a single macro sequence the
310 // generic C2 code can only add the oop map before the mov/adrp and
311 // the trap handler expects an oop map to be associated with the
312 // load. with the load scheuled as a prior step the oop map goes
313 // where it is needed.
314 //
315 // so all we can do here is check that marked instruction is a load
316 // word to zr
317 return is_ldrw_to_zr(address(this));
318 }
319
320 bool NativeInstruction::is_adrp_at(address instr) {
321 unsigned insn = *(unsigned*)instr;
322 return (Instruction_aarch64::extract(insn, 31, 24) & 0b10011111) == 0b10010000;
323 }
324
325 bool NativeInstruction::is_ldr_literal_at(address instr) {
326 unsigned insn = *(unsigned*)instr;
327 return (Instruction_aarch64::extract(insn, 29, 24) & 0b011011) == 0b00011000;
328 }
329
330 bool NativeInstruction::is_ldrw_to_zr(address instr) {
331 unsigned insn = *(unsigned*)instr;
332 return (Instruction_aarch64::extract(insn, 31, 22) == 0b1011100101 &&
333 Instruction_aarch64::extract(insn, 4, 0) == 0b11111);
334 }
335
336 bool NativeInstruction::is_general_jump() {
337 if (is_movz()) {
338 NativeInstruction* inst1 = nativeInstruction_at(addr_at(instruction_size * 1));
339 if (inst1->is_movk()) {
340 NativeInstruction* inst2 = nativeInstruction_at(addr_at(instruction_size * 2));
341 if (inst2->is_movk()) {
342 NativeInstruction* inst3 = nativeInstruction_at(addr_at(instruction_size * 3));
343 if (inst3->is_blr()) {
344 return true;
345 }
346 }
347 }
348 }
349 return false;
350 }
351
352 bool NativeInstruction::is_movz() {
353 return Instruction_aarch64::extract(int_at(0), 30, 23) == 0b10100101;
354 }
355
356 bool NativeInstruction::is_movk() {
357 return Instruction_aarch64::extract(int_at(0), 30, 23) == 0b11100101;
358 }
359
360 void NativeIllegalInstruction::insert(address code_pos) {
361 *(juint*)code_pos = 0xd4bbd5a1; // dcps1 #0xdead
362 }
363
364 bool NativeInstruction::is_stop() {
365 return uint_at(0) == 0xd4bbd5c1; // dcps1 #0xdeae
366 }
367
368 //-------------------------------------------------------------------
369
370 // MT-safe patching of a long jump instruction.
371 void NativeGeneralJump::replace_mt_safe(address instr_addr, address code_buffer) {
372 ShouldNotCallThis();
373 }
374
375 address NativeCallTrampolineStub::destination(nmethod *nm) const {
376 return ptr_at(data_offset);
377 }
378
379 void NativeCallTrampolineStub::set_destination(address new_destination) {
380 set_ptr_at(data_offset, new_destination);
381 OrderAccess::release();
382 }
383
384 #if INCLUDE_JVMCI
385 // Generate a trampoline for a branch to dest. If there's no need for a
386 // trampoline, simply patch the call directly to dest.
387 void NativeCall::trampoline_jump(CodeBuffer &cbuf, address dest, JVMCI_TRAPS) {
388 MacroAssembler a(&cbuf);
389
390 if (!a.far_branches()) {
391 // If not using far branches, patch this call directly to dest.
392 set_destination(dest);
393 } else if (!is_NativeCallTrampolineStub_at(instruction_address() + displacement())) {
394 // If we want far branches and there isn't a trampoline stub, emit one.
395 address stub = a.emit_trampoline_stub(instruction_address() - cbuf.insts()->start(), dest);
396 if (stub == nullptr) {
397 JVMCI_ERROR("could not emit trampoline stub - code cache is full");
398 }
399 // The relocation created while emitting the stub will ensure this
400 // call instruction is subsequently patched to call the stub.
401 } else {
402 // Not sure how this can be happen but be defensive
403 JVMCI_ERROR("single-use stub should not exist");
404 }
405 }
406 #endif
407
408 void NativePostCallNop::make_deopt() {
409 NativeDeoptInstruction::insert(addr_at(0));
410 }
411
412 bool NativePostCallNop::patch(int32_t oopmap_slot, int32_t cb_offset) {
413 if (((oopmap_slot & 0xff) != oopmap_slot) || ((cb_offset & 0xffffff) != cb_offset)) {
414 return false; // cannot encode
415 }
416 uint32_t data = ((uint32_t)oopmap_slot << 24) | cb_offset;
417 #ifdef ASSERT
418 assert(data != 0, "must be");
419 uint32_t insn1 = uint_at(4);
420 uint32_t insn2 = uint_at(8);
421 assert (is_movk_to_zr(insn1) && is_movk_to_zr(insn2), "must be");
422 #endif
423
424 uint32_t lo = data & 0xffff;
425 uint32_t hi = data >> 16;
426 Instruction_aarch64::patch(addr_at(4), 20, 5, lo);
427 Instruction_aarch64::patch(addr_at(8), 20, 5, hi);
428 return true; // successfully encoded
429 }
430
431 void NativeDeoptInstruction::verify() {
432 }
433
434 // Inserts an undefined instruction at a given pc
435 void NativeDeoptInstruction::insert(address code_pos) {
436 // 1 1 0 1 | 0 1 0 0 | 1 0 1 imm16 0 0 0 0 1
437 // d | 4 | a | de | 0 | 0 |
438 // 0xd4, 0x20, 0x00, 0x00
439 uint32_t insn = 0xd4ade001;
440 uint32_t *pos = (uint32_t *) code_pos;
441 *pos = insn;
442 /**code_pos = 0xd4;
443 *(code_pos+1) = 0x60;
444 *(code_pos+2) = 0x00;
445 *(code_pos+3) = 0x00;*/
446 ICache::invalidate_range(code_pos, 4);
447 }