+ struct bytecode_runtime *bytecode = filter_data;
+ void *pc, *next_pc, *start_pc;
+ int ret = -EINVAL;
+ int retval = 0;
+ struct reg reg[NR_REG];
+ int i;
+
+ for (i = 0; i < NR_REG; i++) {
+ reg[i].type = REG_S64;
+ reg[i].v = 0;
+ reg[i].str = NULL;
+ reg[i].seq_len = 0;
+ reg[i].literal = 0;
+ }
+
+ start_pc = &bytecode->data[0];
+ for (pc = next_pc = start_pc; pc - start_pc < bytecode->len;
+ pc = next_pc) {
+ if (unlikely(pc >= start_pc + bytecode->len)) {
+ fprintf(stderr, "[error] filter bytecode overflow\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ dbg_printf("Executing op %s (%u)\n",
+ print_op((unsigned int) *(filter_opcode_t *) pc),
+ (unsigned int) *(filter_opcode_t *) pc);
+ switch (*(filter_opcode_t *) pc) {
+ case FILTER_OP_UNKNOWN:
+ default:
+ fprintf(stderr, "[error] unknown bytecode op %u\n",
+ (unsigned int) *(filter_opcode_t *) pc);
+ ret = -EINVAL;
+ goto end;
+
+ case FILTER_OP_RETURN:
+ retval = !!reg[0].v;
+ ret = 0;
+ goto end;
+
+ /* binary */
+ case FILTER_OP_MUL:
+ case FILTER_OP_DIV:
+ case FILTER_OP_MOD:
+ case FILTER_OP_PLUS:
+ case FILTER_OP_MINUS:
+ case FILTER_OP_RSHIFT:
+ case FILTER_OP_LSHIFT:
+ case FILTER_OP_BIN_AND:
+ case FILTER_OP_BIN_OR:
+ case FILTER_OP_BIN_XOR:
+ fprintf(stderr, "[error] unsupported bytecode op %u\n",
+ (unsigned int) *(filter_opcode_t *) pc);
+ ret = -EINVAL;
+ goto end;
+
+ case FILTER_OP_EQ:
+ {
+ if (unlikely((reg[REG_R0].type == REG_S64 && reg[REG_R1].type != REG_S64)
+ || (reg[REG_R0].type != REG_S64 && reg[REG_R1].type == REG_S64))) {
+ fprintf(stderr, "[error] type mismatch for '==' binary operator\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ switch (reg[REG_R0].type) {
+ default:
+ fprintf(stderr, "[error] unknown register type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case REG_STRING:
+ case REG_SEQUENCE:
+ reg[REG_R0].v = (reg_strcmp(reg, "==") == 0);
+ break;
+ case REG_S64:
+ reg[REG_R0].v = (reg[REG_R0].v == reg[REG_R1].v);
+ break;
+ }
+ reg[REG_R0].type = REG_S64;
+ next_pc += sizeof(struct binary_op);
+ break;
+ }
+ case FILTER_OP_NE:
+ {
+ if (unlikely((reg[REG_R0].type == REG_S64 && reg[REG_R1].type != REG_S64)
+ || (reg[REG_R0].type != REG_S64 && reg[REG_R1].type == REG_S64))) {
+ fprintf(stderr, "[error] type mismatch for '!=' binary operator\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ switch (reg[REG_R0].type) {
+ default:
+ fprintf(stderr, "[error] unknown register type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case REG_STRING:
+ case REG_SEQUENCE:
+ reg[REG_R0].v = (reg_strcmp(reg, "!=") != 0);
+ break;
+ case REG_S64:
+ reg[REG_R0].v = (reg[REG_R0].v != reg[REG_R1].v);
+ break;
+ }
+ reg[REG_R0].type = REG_S64;
+ next_pc += sizeof(struct binary_op);
+ break;
+ }
+ case FILTER_OP_GT:
+ {
+ if (unlikely((reg[REG_R0].type == REG_S64 && reg[REG_R1].type != REG_S64)
+ || (reg[REG_R0].type != REG_S64 && reg[REG_R1].type == REG_S64))) {
+ fprintf(stderr, "[error] type mismatch for '>' binary operator\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ switch (reg[REG_R0].type) {
+ default:
+ fprintf(stderr, "[error] unknown register type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case REG_STRING:
+ case REG_SEQUENCE:
+ reg[REG_R0].v = (reg_strcmp(reg, ">") > 0);
+ break;
+ case REG_S64:
+ reg[REG_R0].v = (reg[REG_R0].v > reg[REG_R1].v);
+ break;
+ }
+ reg[REG_R0].type = REG_S64;
+ next_pc += sizeof(struct binary_op);
+ break;
+ }
+ case FILTER_OP_LT:
+ {
+ if (unlikely((reg[REG_R0].type == REG_S64 && reg[REG_R1].type != REG_S64)
+ || (reg[REG_R0].type != REG_S64 && reg[REG_R1].type == REG_S64))) {
+ fprintf(stderr, "[error] type mismatch for '<' binary operator\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ switch (reg[REG_R0].type) {
+ default:
+ fprintf(stderr, "[error] unknown register type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case REG_STRING:
+ case REG_SEQUENCE:
+ reg[REG_R0].v = (reg_strcmp(reg, "<") < 0);
+ break;
+ case REG_S64:
+ reg[REG_R0].v = (reg[REG_R0].v < reg[REG_R1].v);
+ break;
+ }
+ reg[REG_R0].type = REG_S64;
+ next_pc += sizeof(struct binary_op);
+ break;
+ }
+ case FILTER_OP_GE:
+ {
+ if (unlikely((reg[REG_R0].type == REG_S64 && reg[REG_R1].type != REG_S64)
+ || (reg[REG_R0].type != REG_S64 && reg[REG_R1].type == REG_S64))) {
+ fprintf(stderr, "[error] type mismatch for '>=' binary operator\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ switch (reg[REG_R0].type) {
+ default:
+ fprintf(stderr, "[error] unknown register type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case REG_STRING:
+ case REG_SEQUENCE:
+ reg[REG_R0].v = (reg_strcmp(reg, ">=") >= 0);
+ break;
+ case REG_S64:
+ reg[REG_R0].v = (reg[REG_R0].v >= reg[REG_R1].v);
+ break;
+ }
+ reg[REG_R0].type = REG_S64;
+ next_pc += sizeof(struct binary_op);
+ break;
+ }
+ case FILTER_OP_LE:
+ {
+ if (unlikely((reg[REG_R0].type == REG_S64 && reg[REG_R1].type != REG_S64)
+ || (reg[REG_R0].type != REG_S64 && reg[REG_R1].type == REG_S64))) {
+ fprintf(stderr, "[error] type mismatch for '<=' binary operator\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ switch (reg[REG_R0].type) {
+ default:
+ fprintf(stderr, "[error] unknown register type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case REG_STRING:
+ case REG_SEQUENCE:
+ reg[REG_R0].v = (reg_strcmp(reg, "<=") <= 0);
+ break;
+ case REG_S64:
+ reg[REG_R0].v = (reg[REG_R0].v <= reg[REG_R1].v);
+ break;
+ }
+ reg[REG_R0].type = REG_S64;
+ next_pc += sizeof(struct binary_op);
+ break;
+ }
+
+ /* unary */
+ case FILTER_OP_UNARY_PLUS:
+ {
+ struct unary_op *insn = (struct unary_op *) pc;
+
+ if (unlikely(insn->reg >= REG_ERROR)) {
+ fprintf(stderr, "[error] invalid register %u\n",
+ (unsigned int) insn->reg);
+ ret = -EINVAL;
+ goto end;
+ }
+ if (unlikely(reg[insn->reg].type != REG_S64)) {
+ fprintf(stderr, "[error] Unary plus can only be applied to numeric register\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ next_pc += sizeof(struct unary_op);
+ break;
+ }
+ case FILTER_OP_UNARY_MINUS:
+ {
+ struct unary_op *insn = (struct unary_op *) pc;
+
+ if (unlikely(insn->reg >= REG_ERROR)) {
+ fprintf(stderr, "[error] invalid register %u\n",
+ (unsigned int) insn->reg);
+ ret = -EINVAL;
+ goto end;
+ }
+ if (unlikely(reg[insn->reg].type != REG_S64)) {
+ fprintf(stderr, "[error] Unary minus can only be applied to numeric register\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ reg[insn->reg].v = -reg[insn->reg].v;
+ next_pc += sizeof(struct unary_op);
+ break;
+ }
+ case FILTER_OP_UNARY_NOT:
+ {
+ struct unary_op *insn = (struct unary_op *) pc;
+
+ if (unlikely(insn->reg >= REG_ERROR)) {
+ fprintf(stderr, "[error] invalid register %u\n",
+ (unsigned int) insn->reg);
+ ret = -EINVAL;
+ goto end;
+ }
+ if (unlikely(reg[insn->reg].type != REG_S64)) {
+ fprintf(stderr, "[error] Unary not can only be applied to numeric register\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ reg[insn->reg].v = !reg[insn->reg].v;
+ next_pc += sizeof(struct unary_op);
+ break;
+ }
+ /* logical */
+ case FILTER_OP_AND:
+ {
+ struct logical_op *insn = (struct logical_op *) pc;
+
+ if (unlikely(reg[REG_R0].type != REG_S64)) {
+ fprintf(stderr, "[error] Logical operator 'and' can only be applied to numeric register\n");
+ ret = -EINVAL;
+ goto end;
+ }
+
+ /* If REG_R0 is 0, skip and evaluate to 0 */
+ if (reg[REG_R0].v == 0) {
+ dbg_printf("Jumping to bytecode offset %u\n",
+ (unsigned int) insn->skip_offset);
+ next_pc = start_pc + insn->skip_offset;
+ if (unlikely(next_pc <= pc)) {
+ fprintf(stderr, "[error] Loops are not allowed in bytecode\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ } else {
+ next_pc += sizeof(struct logical_op);
+ }
+ break;
+ }
+ case FILTER_OP_OR:
+ {
+ struct logical_op *insn = (struct logical_op *) pc;
+
+ if (unlikely(reg[REG_R0].type != REG_S64)) {
+ fprintf(stderr, "[error] Logical operator 'and' can only be applied to numeric register\n");
+ ret = -EINVAL;
+ goto end;
+ }
+
+ /* If REG_R0 is nonzero, skip and evaluate to 1 */
+ if (reg[REG_R0].v != 0) {
+ reg[REG_R0].v = 1;
+ dbg_printf("Jumping to bytecode offset %u\n",
+ (unsigned int) insn->skip_offset);
+ next_pc = start_pc + insn->skip_offset;
+ if (unlikely(next_pc <= pc)) {
+ fprintf(stderr, "[error] Loops are not allowed in bytecode\n");
+ ret = -EINVAL;
+ goto end;
+ }
+ } else {
+ next_pc += sizeof(struct logical_op);
+ }
+ break;
+ }
+
+ /* load */
+ case FILTER_OP_LOAD_FIELD_REF:
+ {
+ struct load_op *insn = (struct load_op *) pc;
+ struct field_ref *ref = (struct field_ref *) insn->data;
+
+ if (unlikely(insn->reg >= REG_ERROR)) {
+ fprintf(stderr, "[error] invalid register %u\n",
+ (unsigned int) insn->reg);
+ ret = -EINVAL;
+ goto end;
+ }
+ dbg_printf("load field ref offset %u type %u\n",
+ ref->offset, ref->type);
+ switch (ref->type) {
+ case FIELD_REF_UNKNOWN:
+ default:
+ fprintf(stderr, "[error] unknown field ref type\n");
+ ret = -EINVAL;
+ goto end;
+
+ case FIELD_REF_STRING:
+ reg[insn->reg].str =
+ *(const char * const *) &filter_stack_data[ref->offset];
+ reg[insn->reg].type = REG_STRING;
+ reg[insn->reg].seq_len = UINT_MAX;
+ reg[insn->reg].literal = 0;
+ dbg_printf("ref load string %s\n", reg[insn->reg].str);
+ break;
+ case FIELD_REF_SEQUENCE:
+ reg[insn->reg].seq_len =
+ *(unsigned long *) &filter_stack_data[ref->offset];
+ reg[insn->reg].str =
+ *(const char **) (&filter_stack_data[ref->offset
+ + sizeof(unsigned long)]);
+ reg[insn->reg].type = REG_SEQUENCE;
+ reg[insn->reg].literal = 0;
+ break;
+ case FIELD_REF_S64:
+ memcpy(®[insn->reg].v, &filter_stack_data[ref->offset],
+ sizeof(struct literal_numeric));
+ reg[insn->reg].type = REG_S64;
+ reg[insn->reg].literal = 0;
+ dbg_printf("ref load s64 %" PRIi64 "\n", reg[insn->reg].v);
+ break;
+ }
+
+ next_pc += sizeof(struct load_op) + sizeof(struct field_ref);
+ break;
+ }
+
+ case FILTER_OP_LOAD_STRING:
+ {
+ struct load_op *insn = (struct load_op *) pc;
+
+ if (unlikely(insn->reg >= REG_ERROR)) {
+ fprintf(stderr, "[error] invalid register %u\n",
+ (unsigned int) insn->reg);
+ ret = -EINVAL;
+ goto end;
+ }
+ dbg_printf("load string %s\n", insn->data);
+ reg[insn->reg].str = insn->data;
+ reg[insn->reg].type = REG_STRING;
+ reg[insn->reg].seq_len = UINT_MAX;
+ reg[insn->reg].literal = 1;
+ next_pc += sizeof(struct load_op) + strlen(insn->data) + 1;
+ break;
+ }
+
+ case FILTER_OP_LOAD_S64:
+ {
+ struct load_op *insn = (struct load_op *) pc;
+
+ if (unlikely(insn->reg >= REG_ERROR)) {
+ fprintf(stderr, "[error] invalid register %u\n",
+ (unsigned int) insn->reg);
+ ret = -EINVAL;
+ goto end;
+ }
+ memcpy(®[insn->reg].v, insn->data,
+ sizeof(struct literal_numeric));
+ dbg_printf("load s64 %" PRIi64 "\n", reg[insn->reg].v);
+ reg[insn->reg].type = REG_S64;
+ next_pc += sizeof(struct load_op)
+ + sizeof(struct literal_numeric);
+ break;
+ }
+ }
+ }
+end:
+ /* return 0 (discard) on error */
+ if (ret)
+ return 0;
+ return retval;
+}
+
+static
+int apply_field_reloc(struct ltt_event *event,
+ struct bytecode_runtime *runtime,
+ uint32_t runtime_len,
+ uint32_t reloc_offset,
+ const char *field_name)
+{
+ const struct lttng_event_desc *desc;
+ const struct lttng_event_field *fields, *field = NULL;
+ unsigned int nr_fields, i;
+ struct field_ref *field_ref;
+ uint32_t field_offset = 0;
+
+ fprintf(stderr, "Apply reloc: %u %s\n", reloc_offset, field_name);
+
+ /* Ensure that the reloc is within the code */
+ if (runtime_len - reloc_offset < sizeof(uint16_t))
+ return -EINVAL;
+
+ /* Lookup event by name */
+ desc = event->desc;
+ if (!desc)
+ return -EINVAL;
+ fields = desc->fields;
+ if (!fields)
+ return -EINVAL;
+ nr_fields = desc->nr_fields;
+ for (i = 0; i < nr_fields; i++) {
+ if (!strcmp(fields[i].name, field_name)) {
+ field = &fields[i];
+ break;
+ }
+ /* compute field offset */
+ switch (fields[i].type.atype) {
+ case atype_integer:
+ case atype_enum:
+ field_offset += sizeof(int64_t);
+ break;
+ case atype_array:
+ case atype_sequence:
+ field_offset += sizeof(unsigned long);
+ field_offset += sizeof(void *);
+ break;
+ case atype_string:
+ field_offset += sizeof(void *);
+ break;
+ case atype_float:
+ field_offset += sizeof(double);
+ default:
+ return -EINVAL;
+ }
+ }
+ if (!field)
+ return -EINVAL;
+
+ /* Check if field offset is too large for 16-bit offset */
+ if (field_offset > FILTER_BYTECODE_MAX_LEN)
+ return -EINVAL;
+
+ /* set type */
+ field_ref = (struct field_ref *) &runtime->data[reloc_offset];
+ switch (field->type.atype) {
+ case atype_integer:
+ case atype_enum:
+ field_ref->type = FIELD_REF_S64;
+ field_ref->type = FIELD_REF_S64;
+ break;
+ case atype_array:
+ case atype_sequence:
+ field_ref->type = FIELD_REF_SEQUENCE;
+ break;
+ case atype_string:
+ field_ref->type = FIELD_REF_STRING;
+ break;
+ case atype_float:
+ return -EINVAL;
+ default:
+ return -EINVAL;
+ }
+ /* set offset */
+ field_ref->offset = (uint16_t) field_offset;