Skip to content

BXJ and Registers

Jump to bottom
Sono edited this page Jun 4, 2021 · 4 revisions

Register usage in Java mode

In Java mode, almost all registers are remapped to the Jazelle hardware, as seem in the table below:

Register Usage
r0
r1
r2
r3		 Stack cache

Java stack is temporarily stored in this bank
to reduce memory access.
r4 Local variable 0 cache (this reference in some cases)

Check the instruction table to see
which instructions modify this register.
r5 Vector table register

Check the r5 handler table page
to properly setup this register.

  • 0:1 - stacktop register index, works like r6
  • 2:4 - stack element count? never observed more than 4
  • 5:11 - unknown more experimentation required
  • 12:31 - real r5 table address
r6 Stack bottom register

Push: [r5++] = value Pop: value = [--r5]
r7 Locals pointer

Check the instructions table page
to see how to synchronize this with r4
r8 Unused ?
r9
r10
r11 		Not used by the Jazelle hardware, so it's free to use
r12 Mostly unused, but some Java instructions corrupt this

TODO: flag naughty instructions in instruction table if my memory is correct
SP Not used by the Jazelle hardware
LR Java PC when entering or exiting Java state
PC Java PC during Java bytecode execution

Jumping to Java mode

The BXJ instruction is quite confusing, so think of it like this instead:

BXJ LR, r12

Where LR can't be changed, and using any register other than r12 is just wasting registers, as r12 gets corrupted by some Java instructions.

For this reason, the recommended way to emit a BXJ r12 is .word 0xE12FFF2C, as most assemblers don't even support this instruction, and using any register other than r12 is pointless. Other conditionals also work, and you just need to replace the highermost octet (E == AL-ways) to a conditional you want.

With this syntax, it becomes a bit more clear on how to use it:

  • Branch to Java code existing at LR,
  • but if Jazelle has a problem, it branches to r12 instead.

Because the BXJ instruction doesn't return, the easiest way to properly jump to Java without assuming Jazelle state is:

ADD r12, PC, #0
BXJ r12
@ PC only gets here if Jazelle is in invalid state
Clone this wiki locally