BPF backend


BPF backend


  • cleanup tests


  • addressed feedback from David:
  • switched to range-based 'for' loops
  • fixed formatting of tests


  • rebased and adjusted AsmPrinter args
  • CamelCased .td, fixed formatting, cleaned up names, removed unused patterns
  • diffstat: 3 files changed, 203 insertions(+), 227 deletions(-)


  • addressed feedback from Chandler:
  • reinstated full verbose standard banner in all files
  • fixed variables that were not in CamelCase
  • fixed names of #ifdef in header files
  • removed redundant braces in if/else chains with single statements
  • fixed comments
  • removed trailing empty line
  • dropped debug annotations from tests
  • diffstat of these changes: 46 files changed, 456 insertions(+), 469 deletions(-)


  • fix setLoadExtAction() interface
  • clang-formated all where it made sense


  • added CODE_OWNERS entry for BPF backend


  • fix metadata in tests


  • addressed feedback from Tom and Matt
  • removed top level change to configure (now everything via 'experimental-backend')
  • reworked error reporting via DiagnosticInfo (similar to R600)
  • added few more tests
  • added cmake build
  • added Triple::bpf
  • tested on linux and darwin

V1 cover letter:

recently linux gained "universal in-kernel virtual machine" which is called
eBPF or extended BPF. The name comes from "Berkeley Packet Filter", since
new instruction set is based on it.
This patch adds a new backend that emits extended BPF instruction set.

The concept and development are covered by the following articles:

One of use cases: dtrace/systemtap alternative.

bpf syscall manpage:

instruction set description and differences vs classic BPF:

Short summary of instruction set:

  • 64-bit registers R0 - return value from in-kernel function, and exit value for BPF program R1 - R5 - arguments from BPF program to in-kernel function R6 - R9 - callee saved registers that in-kernel function will preserve R10 - read-only frame pointer to access stack
  • two-operand instructions like +, -, *, mov, load/store
  • implicit prologue/epilogue (invisible stack pointer)
  • no floating point, no simd

Short history of extended BPF in kernel:
interpreter in 3.15, x64 JIT in 3.16, arm64 JIT, verifier, bpf syscall in 3.18, more to come in the future.

It's a very small and simple backend.
There is no support for global variables, arbitrary function calls, floating point, varargs,
exceptions, indirect jumps, arbitrary pointer arithmetic, alloca, etc.
From C front-end point of view it's very restricted. It's done on purpose, since kernel
rejects all programs that it cannot prove safe. It rejects programs with loops
and with memory accesses via arbitrary pointers. When kernel accepts the program it is
guaranteed that program will terminate and will not crash the kernel.

This patch implements all 'must have' bits. There are several things on TODO list,
so this is not the end of development.
Most of the code is a boiler plate code, copy-pasted from other backends.
Only odd things are lack or < and <= instructions, specialized load_byte intrinsics
and 'compare and goto' as single instruction.
Current instruction set is fixed, but more instructions can be added in the future.

Signed-off-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>

Subscribers: majnemer, chandlerc, echristo, joerg, pete, rengolin, kristof.beyls, arsenm, t.p.northover, tstellarAMD, aemerson, llvm-commits

Differential Revision: http://reviews.llvm.org/D6494


astJan 24 2015, 9:51 AM
Differential Revision
D6494: BPF backend
rL227007: test: Convert some tests to FileCheck