FEXCore: Support x64 -> arm64ec calls

The frontend will provide the return logic via ExitFunctionEC, which
will be jumped to whenever there is an indirect branch/return to an addr
such that RtlIsEcCode(addr) returns true.

FEXCore/Source/Interface/Core/Dispatcher/Dispatcher.cpp

@@ -61,6 +61,9 @@ void Dispatcher::EmitDispatcher() {
 
   ARMEmitter::ForwardLabel l_CTX;
   ARMEmitter::SingleUseForwardLabel l_Sleep;
+#ifdef _M_ARM_64EC
+  ARMEmitter::SingleUseForwardLabel ExitEC;
+#endif
   ARMEmitter::SingleUseForwardLabel l_CompileBlock;
 
   // Push all the register we need to save
@@ -134,6 +137,10 @@ void Dispatcher::EmitDispatcher() {
 
     // If page pointer is zero then we have no block
     cbz(ARMEmitter::Size::i64Bit, TMP1, &NoBlock);
+#ifdef _M_ARM_64EC
+    // The LSB of an L2 page entry indicates if this page contains EC code
+    tbnz(TMP1, 0, &ExitEC);
+#endif
 
     // Steal the page offset
     and_(ARMEmitter::Size::i64Bit, TMP2, TMP4, 0x0FFF);
@@ -167,6 +174,14 @@ void Dispatcher::EmitDispatcher() {
     }
   }
 
+#ifdef _M_ARM_64EC
+  {
+    Bind(&ExitEC);
+    ldr(TMP2, STATE_PTR(CpuStateFrame, Pointers.Common.ExitFunctionEC));
+    br(TMP2);
+  }
+#endif
+
   {
     ThreadStopHandlerAddressSpillSRA = GetCursorAddress<uint64_t>();
     SpillStaticRegs(TMP1);

FEXCore/Source/Interface/Core/JIT/Arm64/BranchOps.cpp

@@ -53,14 +53,23 @@ DEF_OP(ExitFunction) {
   uint64_t NewRIP;
 
   if (IsInlineConstant(Op->NewRIP, &NewRIP) || IsInlineEntrypointOffset(Op->NewRIP, &NewRIP)) {
-    ARMEmitter::SingleUseForwardLabel l_BranchHost;
-
-    ldr(TMP1, &l_BranchHost);
-    blr(TMP1);
-
-    Bind(&l_BranchHost);
-    dc64(ThreadState->CurrentFrame->Pointers.Common.ExitFunctionLinker);
-    dc64(NewRIP);
+#ifdef _M_ARM_64EC
+    if (RtlIsEcCode(NewRIP)) {
+      LoadConstant(ARMEmitter::Size::i64Bit, TMP3, NewRIP);
+      ldr(TMP2, STATE_PTR(CpuStateFrame, Pointers.Common.ExitFunctionEC));
+      br(TMP2);
+    } else {
+#endif
+      ARMEmitter::SingleUseForwardLabel l_BranchHost;
+      ldr(TMP1, &l_BranchHost);
+      blr(TMP1);
+
+      Bind(&l_BranchHost);
+      dc64(ThreadState->CurrentFrame->Pointers.Common.ExitFunctionLinker);
+      dc64(NewRIP);
+#ifdef _M_ARM_64EC
+    }
+#endif
   } else {
 
     ARMEmitter::SingleUseForwardLabel FullLookup;

FEXCore/include/FEXCore/Core/CoreState.h

@@ -242,6 +242,7 @@ namespace FEXCore::Core {
       uint64_t SyscallHandlerObj{};
       uint64_t SyscallHandlerFunc{};
       uint64_t ExitFunctionLink{};
+      uint64_t ExitFunctionEC{};
 
       uint64_t FallbackHandlerPointers[FallbackHandlerIndex::OPINDEX_MAX];
       uint64_t NamedVectorConstantPointers[FEXCore::IR::NamedVectorConstant::NAMED_VECTOR_CONST_POOL_MAX];