On 05/01/18 09:51, Richard Biener wrote:
> On Thu, Jan 4, 2018 at 2:58 PM, Richard Earnshaw
> <[email protected]> wrote:
>>
>> This patch implements support for __builtin_load_no_speculate on
>> AArch64. On this architecture we inhibit speclation by emitting a
>> combination of CSEL and a hint instruction that ensures the CSEL is
>> full resolved when the operands to the CSEL may involve a speculative
>> load.
>
> Missing a high-level exlanation here but it looks like you do sth like
>
> if (access is not in bounds)
> no-speculate-access;
> else
> regular access;
For aarch64 we end up with a sequence like
CMP 'bounds'
B<cond> out-of-range
LDR x1, [ptr]
out-of-range:
CSEL x1, FAILVAL, x1, <cond>
CSDB
The CSEL+CSDB combination ensures that even if we do fetch x1 from an
out-of-range location the value won't persist beyond the end of the code
sequence and thus can't be used for further speculation.
>
> with the upper/lower bounds. Is this because 'no-speculate-access' is
> prohibitely
> expensive even when factoring in the condition computation and the condjump?
> (trying to reverse engineer how the actual assembly will look like
> from the patch,
It's all in the white paper.
> there isn't even a testcase :/)
>
>> * config/aarch64/aarch64.c (aarch64_print_operand): Handle zero
>> passed
>> to 'H' operand qualifier.
>> (aarch64_inhibit_load_speculation): New function.
>> (TARGET_INHIBIT_LOAD_SPECULATION): Redefine.
>> * config/aarch64/aarch64.md (UNSPECV_NOSPECULATE): New
>> unspec_volatile
>> code.
>> (nospeculate<ALLI:mode>, nospeculateti): New patterns.
>> ---
>> gcc/config/aarch64/aarch64.c | 92
>> +++++++++++++++++++++++++++++++++++++++++++
>> gcc/config/aarch64/aarch64.md | 28 +++++++++++++
>> 2 files changed, 120 insertions(+)
>>
