• Mike Stanton's avatar
    [turbofan] Masking/poisoning in codegen (optimized code, mips & mips64) · 1177f703
    Mike Stanton authored
    This introduces masking of loads with speculation bit during code generation.
    At the moment, this is done only under the
    --branch-load-poisoning flag, and this CL enlarges the set of supported
    platforms from {x64, arm, arm64} to {x64, arm, arm64, mips, mips64}.
    
    Overview of changes:
    - new register configuration configuration with one register reserved for
      the speculation poison/mask (kSpeculationPoisonRegister).
    - in codegen, we introduce an update to the poison register at the starts
      of all successors of branches (and deopts) that are marked as safety
      branches (deopts).
    - in memory optimizer, we lower all field and element loads to PoisonedLoads.
    - poisoned loads are then masked in codegen with the poison register.
      (In this CL, this last step is left as a TODO. You can run with the flag,
       though mitigations will just not be effective at this time).
      * only integer loads are masked at the moment.
    
    TBR=mstarzinger@chromium.org
    
    Change-Id: Ie6eb8719bf85d49c03b4a28e2f054480195a1471
    Reviewed-on: https://chromium-review.googlesource.com/973616
    Commit-Queue: Michael Stanton <mvstanton@chromium.org>
    Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
    Reviewed-by: 's avatarMichael Stanton <mvstanton@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#52123}
    1177f703
code-generator-mips.cc 136 KB