4 * LTTng UST filter code.
6 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; only
11 * version 2.1 of the License.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
26 #include <lttng/ust-events.h>
32 #include <usterr-signal-safe.h>
33 #include "filter-bytecode.h"
38 #define min_t(type, a, b) \
39 ((type) (a) < (type) (b) ? (type) (a) : (type) (b))
43 #define likely(x) __builtin_expect(!!(x), 1)
47 #define unlikely(x) __builtin_expect(!!(x), 0)
51 #define dbg_printf(fmt, args...) printf("[debug bytecode] " fmt, ## args)
53 #define dbg_printf(fmt, args...) \
55 /* do nothing but check printf format */ \
57 printf("[debug bytecode] " fmt, ## args); \
62 struct bytecode_runtime
{
73 /* Validation registers */
76 int literal
; /* is string literal ? */
79 /* Execution registers */
87 int literal
; /* is string literal ? */
90 static const char *opnames
[] = {
91 [ FILTER_OP_UNKNOWN
] = "UNKNOWN",
93 [ FILTER_OP_RETURN
] = "RETURN",
96 [ FILTER_OP_MUL
] = "MUL",
97 [ FILTER_OP_DIV
] = "DIV",
98 [ FILTER_OP_MOD
] = "MOD",
99 [ FILTER_OP_PLUS
] = "PLUS",
100 [ FILTER_OP_MINUS
] = "MINUS",
101 [ FILTER_OP_RSHIFT
] = "RSHIFT",
102 [ FILTER_OP_LSHIFT
] = "LSHIFT",
103 [ FILTER_OP_BIN_AND
] = "BIN_AND",
104 [ FILTER_OP_BIN_OR
] = "BIN_OR",
105 [ FILTER_OP_BIN_XOR
] = "BIN_XOR",
106 [ FILTER_OP_EQ
] = "EQ",
107 [ FILTER_OP_NE
] = "NE",
108 [ FILTER_OP_GT
] = "GT",
109 [ FILTER_OP_LT
] = "LT",
110 [ FILTER_OP_GE
] = "GE",
111 [ FILTER_OP_LE
] = "LE",
114 [ FILTER_OP_UNARY_PLUS
] = "UNARY_PLUS",
115 [ FILTER_OP_UNARY_MINUS
] = "UNARY_MINUS",
116 [ FILTER_OP_UNARY_NOT
] = "UNARY_NOT",
119 [ FILTER_OP_AND
] = "AND",
120 [ FILTER_OP_OR
] = "OR",
123 [ FILTER_OP_LOAD_FIELD_REF
] = "LOAD_FIELD_REF",
124 [ FILTER_OP_LOAD_STRING
] = "LOAD_STRING",
125 [ FILTER_OP_LOAD_S64
] = "LOAD_S64",
126 [ FILTER_OP_LOAD_DOUBLE
] = "LOAD_DOUBLE",
130 const char *print_op(enum filter_op op
)
132 if (op
>= NR_FILTER_OPS
)
139 * -1: wildcard found.
140 * -2: unknown escape char.
145 int parse_char(const char **p
)
165 int reg_strcmp(struct reg reg
[NR_REG
], const char *cmp_type
)
167 const char *p
= reg
[REG_R0
].str
, *q
= reg
[REG_R1
].str
;
174 if (unlikely(p
- reg
[REG_R0
].str
> reg
[REG_R0
].seq_len
|| *p
== '\0')) {
175 if (q
- reg
[REG_R1
].str
> reg
[REG_R1
].seq_len
|| *q
== '\0')
181 if (unlikely(q
- reg
[REG_R1
].str
> reg
[REG_R1
].seq_len
|| *q
== '\0')) {
182 if (p
- reg
[REG_R0
].str
> reg
[REG_R0
].seq_len
|| *p
== '\0')
188 if (reg
[REG_R0
].literal
) {
189 ret
= parse_char(&p
);
192 } else if (ret
== -2) {
195 /* else compare both char */
197 if (reg
[REG_R1
].literal
) {
198 ret
= parse_char(&q
);
201 } else if (ret
== -2) {
222 int lttng_filter_false(void *filter_data
,
223 const char *filter_stack_data
)
229 int lttng_filter_interpret_bytecode(void *filter_data
,
230 const char *filter_stack_data
)
232 struct bytecode_runtime
*bytecode
= filter_data
;
233 void *pc
, *next_pc
, *start_pc
;
236 struct reg reg
[NR_REG
];
239 for (i
= 0; i
< NR_REG
; i
++) {
240 reg
[i
].type
= REG_S64
;
248 start_pc
= &bytecode
->data
[0];
249 for (pc
= next_pc
= start_pc
; pc
- start_pc
< bytecode
->len
;
251 if (unlikely(pc
>= start_pc
+ bytecode
->len
)) {
252 ERR("filter bytecode overflow\n");
256 dbg_printf("Executing op %s (%u)\n",
257 print_op((unsigned int) *(filter_opcode_t
*) pc
),
258 (unsigned int) *(filter_opcode_t
*) pc
);
259 switch (*(filter_opcode_t
*) pc
) {
260 case FILTER_OP_UNKNOWN
:
262 ERR("unknown bytecode op %u\n",
263 (unsigned int) *(filter_opcode_t
*) pc
);
267 case FILTER_OP_RETURN
:
277 case FILTER_OP_MINUS
:
278 case FILTER_OP_RSHIFT
:
279 case FILTER_OP_LSHIFT
:
280 case FILTER_OP_BIN_AND
:
281 case FILTER_OP_BIN_OR
:
282 case FILTER_OP_BIN_XOR
:
283 ERR("unsupported bytecode op %u\n",
284 (unsigned int) *(filter_opcode_t
*) pc
);
290 if (unlikely((reg
[REG_R0
].type
== REG_STRING
&& reg
[REG_R1
].type
!= REG_STRING
)
291 || (reg
[REG_R0
].type
!= REG_STRING
&& reg
[REG_R1
].type
== REG_STRING
))) {
292 ERR("type mismatch for '==' binary operator\n");
296 switch (reg
[REG_R0
].type
) {
298 ERR("unknown register type\n");
303 reg
[REG_R0
].v
= (reg_strcmp(reg
, "==") == 0);
306 switch (reg
[REG_R1
].type
) {
308 ERR("unknown register type\n");
313 reg
[REG_R0
].v
= (reg
[REG_R0
].v
== reg
[REG_R1
].v
);
316 reg
[REG_R0
].v
= (reg
[REG_R0
].v
== reg
[REG_R1
].d
);
321 switch (reg
[REG_R1
].type
) {
323 ERR("unknown register type\n");
328 reg
[REG_R0
].v
= (reg
[REG_R0
].d
== reg
[REG_R1
].v
);
331 reg
[REG_R0
].v
= (reg
[REG_R0
].d
== reg
[REG_R1
].d
);
336 reg
[REG_R0
].type
= REG_S64
;
337 next_pc
+= sizeof(struct binary_op
);
342 if (unlikely((reg
[REG_R0
].type
== REG_STRING
&& reg
[REG_R1
].type
!= REG_STRING
)
343 || (reg
[REG_R0
].type
!= REG_STRING
&& reg
[REG_R1
].type
== REG_STRING
))) {
344 ERR("type mismatch for '!=' binary operator\n");
348 switch (reg
[REG_R0
].type
) {
350 ERR("unknown register type\n");
355 reg
[REG_R0
].v
= (reg_strcmp(reg
, "!=") != 0);
358 switch (reg
[REG_R1
].type
) {
360 ERR("unknown register type\n");
365 reg
[REG_R0
].v
= (reg
[REG_R0
].v
!= reg
[REG_R1
].v
);
368 reg
[REG_R0
].v
= (reg
[REG_R0
].v
!= reg
[REG_R1
].d
);
373 switch (reg
[REG_R1
].type
) {
375 ERR("unknown register type\n");
380 reg
[REG_R0
].v
= (reg
[REG_R0
].d
!= reg
[REG_R1
].v
);
383 reg
[REG_R0
].v
= (reg
[REG_R0
].d
!= reg
[REG_R1
].d
);
388 reg
[REG_R0
].type
= REG_S64
;
389 next_pc
+= sizeof(struct binary_op
);
394 if (unlikely((reg
[REG_R0
].type
== REG_STRING
&& reg
[REG_R1
].type
!= REG_STRING
)
395 || (reg
[REG_R0
].type
!= REG_STRING
&& reg
[REG_R1
].type
== REG_STRING
))) {
396 ERR("type mismatch for '>' binary operator\n");
400 switch (reg
[REG_R0
].type
) {
402 ERR("unknown register type\n");
407 reg
[REG_R0
].v
= (reg_strcmp(reg
, ">") > 0);
410 switch (reg
[REG_R1
].type
) {
412 ERR("unknown register type\n");
417 reg
[REG_R0
].v
= (reg
[REG_R0
].v
> reg
[REG_R1
].v
);
420 reg
[REG_R0
].v
= (reg
[REG_R0
].v
> reg
[REG_R1
].d
);
425 switch (reg
[REG_R1
].type
) {
427 ERR("unknown register type\n");
432 reg
[REG_R0
].v
= (reg
[REG_R0
].d
> reg
[REG_R1
].v
);
435 reg
[REG_R0
].v
= (reg
[REG_R0
].d
> reg
[REG_R1
].d
);
440 reg
[REG_R0
].type
= REG_S64
;
441 next_pc
+= sizeof(struct binary_op
);
446 if (unlikely((reg
[REG_R0
].type
== REG_STRING
&& reg
[REG_R1
].type
!= REG_STRING
)
447 || (reg
[REG_R0
].type
!= REG_STRING
&& reg
[REG_R1
].type
== REG_STRING
))) {
448 ERR("type mismatch for '<' binary operator\n");
452 switch (reg
[REG_R0
].type
) {
454 ERR("unknown register type\n");
459 reg
[REG_R0
].v
= (reg_strcmp(reg
, "<") < 0);
462 switch (reg
[REG_R1
].type
) {
464 ERR("unknown register type\n");
469 reg
[REG_R0
].v
= (reg
[REG_R0
].v
< reg
[REG_R1
].v
);
472 reg
[REG_R0
].v
= (reg
[REG_R0
].v
< reg
[REG_R1
].d
);
477 switch (reg
[REG_R1
].type
) {
479 ERR("unknown register type\n");
484 reg
[REG_R0
].v
= (reg
[REG_R0
].d
< reg
[REG_R1
].v
);
487 reg
[REG_R0
].v
= (reg
[REG_R0
].d
< reg
[REG_R1
].d
);
492 reg
[REG_R0
].type
= REG_S64
;
493 next_pc
+= sizeof(struct binary_op
);
498 if (unlikely((reg
[REG_R0
].type
== REG_STRING
&& reg
[REG_R1
].type
!= REG_STRING
)
499 || (reg
[REG_R0
].type
!= REG_STRING
&& reg
[REG_R1
].type
== REG_STRING
))) {
500 ERR("type mismatch for '>=' binary operator\n");
504 switch (reg
[REG_R0
].type
) {
506 ERR("unknown register type\n");
511 reg
[REG_R0
].v
= (reg_strcmp(reg
, ">=") >= 0);
514 switch (reg
[REG_R1
].type
) {
516 ERR("unknown register type\n");
521 reg
[REG_R0
].v
= (reg
[REG_R0
].v
>= reg
[REG_R1
].v
);
524 reg
[REG_R0
].v
= (reg
[REG_R0
].v
>= reg
[REG_R1
].d
);
529 switch (reg
[REG_R1
].type
) {
531 ERR("unknown register type\n");
536 reg
[REG_R0
].v
= (reg
[REG_R0
].d
>= reg
[REG_R1
].v
);
539 reg
[REG_R0
].v
= (reg
[REG_R0
].d
>= reg
[REG_R1
].d
);
544 reg
[REG_R0
].type
= REG_S64
;
545 next_pc
+= sizeof(struct binary_op
);
550 if (unlikely((reg
[REG_R0
].type
== REG_STRING
&& reg
[REG_R1
].type
!= REG_STRING
)
551 || (reg
[REG_R0
].type
!= REG_STRING
&& reg
[REG_R1
].type
== REG_STRING
))) {
552 ERR("type mismatch for '<=' binary operator\n");
556 switch (reg
[REG_R0
].type
) {
558 ERR("unknown register type\n");
563 reg
[REG_R0
].v
= (reg_strcmp(reg
, "<=") <= 0);
566 switch (reg
[REG_R1
].type
) {
568 ERR("unknown register type\n");
573 reg
[REG_R0
].v
= (reg
[REG_R0
].v
<= reg
[REG_R1
].v
);
576 reg
[REG_R0
].v
= (reg
[REG_R0
].v
<= reg
[REG_R1
].d
);
581 switch (reg
[REG_R1
].type
) {
583 ERR("unknown register type\n");
588 reg
[REG_R0
].v
= (reg
[REG_R0
].d
<= reg
[REG_R1
].v
);
591 reg
[REG_R0
].v
= (reg
[REG_R0
].d
<= reg
[REG_R1
].d
);
596 reg
[REG_R0
].type
= REG_S64
;
597 next_pc
+= sizeof(struct binary_op
);
602 case FILTER_OP_UNARY_PLUS
:
604 struct unary_op
*insn
= (struct unary_op
*) pc
;
606 if (unlikely(insn
->reg
>= REG_ERROR
)) {
607 ERR("invalid register %u\n",
608 (unsigned int) insn
->reg
);
612 switch (reg
[insn
->reg
].type
) {
614 ERR("unknown register type\n");
619 ERR("Unary plus can only be applied to numeric or floating point registers\n");
627 next_pc
+= sizeof(struct unary_op
);
630 case FILTER_OP_UNARY_MINUS
:
632 struct unary_op
*insn
= (struct unary_op
*) pc
;
634 if (unlikely(insn
->reg
>= REG_ERROR
)) {
635 ERR("invalid register %u\n",
636 (unsigned int) insn
->reg
);
640 switch (reg
[insn
->reg
].type
) {
642 ERR("unknown register type\n");
647 ERR("Unary minus can only be applied to numeric or floating point registers\n");
651 reg
[insn
->reg
].v
= -reg
[insn
->reg
].v
;
654 reg
[insn
->reg
].d
= -reg
[insn
->reg
].d
;
657 next_pc
+= sizeof(struct unary_op
);
660 case FILTER_OP_UNARY_NOT
:
662 struct unary_op
*insn
= (struct unary_op
*) pc
;
664 if (unlikely(insn
->reg
>= REG_ERROR
)) {
665 ERR("invalid register %u\n",
666 (unsigned int) insn
->reg
);
670 switch (reg
[insn
->reg
].type
) {
672 ERR("unknown register type\n");
677 ERR("Unary not can only be applied to numeric or floating point registers\n");
681 reg
[insn
->reg
].v
= !reg
[insn
->reg
].v
;
684 reg
[insn
->reg
].d
= !reg
[insn
->reg
].d
;
687 if (unlikely(reg
[insn
->reg
].type
!= REG_S64
)) {
688 ERR("Unary not can only be applied to numeric register\n");
692 reg
[insn
->reg
].v
= !reg
[insn
->reg
].v
;
693 next_pc
+= sizeof(struct unary_op
);
699 struct logical_op
*insn
= (struct logical_op
*) pc
;
701 if (unlikely(reg
[REG_R0
].type
== REG_STRING
)) {
702 ERR("Logical operator 'and' can only be applied to numeric and floating point registers\n");
707 /* If REG_R0 is 0, skip and evaluate to 0 */
708 if ((reg
[REG_R0
].type
== REG_S64
&& reg
[REG_R0
].v
== 0)
709 || (reg
[REG_R0
].type
== REG_DOUBLE
&& reg
[REG_R0
].d
== 0.0)) {
710 dbg_printf("Jumping to bytecode offset %u\n",
711 (unsigned int) insn
->skip_offset
);
712 next_pc
= start_pc
+ insn
->skip_offset
;
713 if (unlikely(next_pc
<= pc
)) {
714 ERR("Loops are not allowed in bytecode\n");
719 next_pc
+= sizeof(struct logical_op
);
725 struct logical_op
*insn
= (struct logical_op
*) pc
;
727 if (unlikely(reg
[REG_R0
].type
== REG_STRING
)) {
728 ERR("Logical operator 'or' can only be applied to numeric and floating point registers\n");
733 /* If REG_R0 is nonzero, skip and evaluate to 1 */
735 if ((reg
[REG_R0
].type
== REG_S64
&& reg
[REG_R0
].v
!= 0)
736 || (reg
[REG_R0
].type
== REG_DOUBLE
&& reg
[REG_R0
].d
!= 0.0)) {
738 dbg_printf("Jumping to bytecode offset %u\n",
739 (unsigned int) insn
->skip_offset
);
740 next_pc
= start_pc
+ insn
->skip_offset
;
741 if (unlikely(next_pc
<= pc
)) {
742 ERR("Loops are not allowed in bytecode\n");
747 next_pc
+= sizeof(struct logical_op
);
753 case FILTER_OP_LOAD_FIELD_REF
:
755 struct load_op
*insn
= (struct load_op
*) pc
;
756 struct field_ref
*ref
= (struct field_ref
*) insn
->data
;
758 if (unlikely(insn
->reg
>= REG_ERROR
)) {
759 ERR("invalid register %u\n",
760 (unsigned int) insn
->reg
);
764 dbg_printf("load field ref offset %u type %u\n",
765 ref
->offset
, ref
->type
);
767 case FIELD_REF_UNKNOWN
:
769 ERR("unknown field ref type\n");
773 case FIELD_REF_STRING
:
775 *(const char * const *) &filter_stack_data
[ref
->offset
];
776 reg
[insn
->reg
].type
= REG_STRING
;
777 reg
[insn
->reg
].seq_len
= UINT_MAX
;
778 reg
[insn
->reg
].literal
= 0;
779 dbg_printf("ref load string %s\n", reg
[insn
->reg
].str
);
781 case FIELD_REF_SEQUENCE
:
782 reg
[insn
->reg
].seq_len
=
783 *(unsigned long *) &filter_stack_data
[ref
->offset
];
785 *(const char **) (&filter_stack_data
[ref
->offset
786 + sizeof(unsigned long)]);
787 reg
[insn
->reg
].type
= REG_STRING
;
788 reg
[insn
->reg
].literal
= 0;
791 memcpy(®
[insn
->reg
].v
, &filter_stack_data
[ref
->offset
],
792 sizeof(struct literal_numeric
));
793 reg
[insn
->reg
].type
= REG_S64
;
794 reg
[insn
->reg
].literal
= 0;
795 dbg_printf("ref load s64 %" PRIi64
"\n", reg
[insn
->reg
].v
);
797 case FIELD_REF_DOUBLE
:
798 memcpy(®
[insn
->reg
].d
, &filter_stack_data
[ref
->offset
],
799 sizeof(struct literal_double
));
800 reg
[insn
->reg
].type
= REG_DOUBLE
;
801 reg
[insn
->reg
].literal
= 0;
802 dbg_printf("ref load double %g\n", reg
[insn
->reg
].d
);
806 next_pc
+= sizeof(struct load_op
) + sizeof(struct field_ref
);
810 case FILTER_OP_LOAD_STRING
:
812 struct load_op
*insn
= (struct load_op
*) pc
;
814 if (unlikely(insn
->reg
>= REG_ERROR
)) {
815 ERR("invalid register %u\n",
816 (unsigned int) insn
->reg
);
820 dbg_printf("load string %s\n", insn
->data
);
821 reg
[insn
->reg
].str
= insn
->data
;
822 reg
[insn
->reg
].type
= REG_STRING
;
823 reg
[insn
->reg
].seq_len
= UINT_MAX
;
824 reg
[insn
->reg
].literal
= 1;
825 next_pc
+= sizeof(struct load_op
) + strlen(insn
->data
) + 1;
829 case FILTER_OP_LOAD_S64
:
831 struct load_op
*insn
= (struct load_op
*) pc
;
833 if (unlikely(insn
->reg
>= REG_ERROR
)) {
834 ERR("invalid register %u\n",
835 (unsigned int) insn
->reg
);
839 memcpy(®
[insn
->reg
].v
, insn
->data
,
840 sizeof(struct literal_numeric
));
841 dbg_printf("load s64 %" PRIi64
"\n", reg
[insn
->reg
].v
);
842 reg
[insn
->reg
].type
= REG_S64
;
843 next_pc
+= sizeof(struct load_op
)
844 + sizeof(struct literal_numeric
);
848 case FILTER_OP_LOAD_DOUBLE
:
850 struct load_op
*insn
= (struct load_op
*) pc
;
852 if (unlikely(insn
->reg
>= REG_ERROR
)) {
853 ERR("invalid register %u\n",
854 (unsigned int) insn
->reg
);
858 memcpy(®
[insn
->reg
].d
, insn
->data
,
859 sizeof(struct literal_double
));
860 dbg_printf("load s64 %g\n", reg
[insn
->reg
].d
);
861 reg
[insn
->reg
].type
= REG_DOUBLE
;
862 next_pc
+= sizeof(struct load_op
)
863 + sizeof(struct literal_double
);
869 /* return 0 (discard) on error */
876 int bin_op_compare_check(struct vreg reg
[NR_REG
], const char *str
)
878 switch (reg
[REG_R0
].type
) {
883 switch (reg
[REG_R1
].type
) {
896 switch (reg
[REG_R1
].type
) {
915 ERR("type mismatch for '%s' binary operator\n", str
);
920 int lttng_filter_validate_bytecode(struct bytecode_runtime
*bytecode
)
922 void *pc
, *next_pc
, *start_pc
;
924 struct vreg reg
[NR_REG
];
927 for (i
= 0; i
< NR_REG
; i
++) {
928 reg
[i
].type
= REG_S64
;
932 start_pc
= &bytecode
->data
[0];
933 for (pc
= next_pc
= start_pc
; pc
- start_pc
< bytecode
->len
;
935 if (unlikely(pc
>= start_pc
+ bytecode
->len
)) {
936 ERR("filter bytecode overflow\n");
940 dbg_printf("Validating op %s (%u)\n",
941 print_op((unsigned int) *(filter_opcode_t
*) pc
),
942 (unsigned int) *(filter_opcode_t
*) pc
);
943 switch (*(filter_opcode_t
*) pc
) {
944 case FILTER_OP_UNKNOWN
:
946 ERR("unknown bytecode op %u\n",
947 (unsigned int) *(filter_opcode_t
*) pc
);
951 case FILTER_OP_RETURN
:
960 case FILTER_OP_MINUS
:
961 case FILTER_OP_RSHIFT
:
962 case FILTER_OP_LSHIFT
:
963 case FILTER_OP_BIN_AND
:
964 case FILTER_OP_BIN_OR
:
965 case FILTER_OP_BIN_XOR
:
966 ERR("unsupported bytecode op %u\n",
967 (unsigned int) *(filter_opcode_t
*) pc
);
973 ret
= bin_op_compare_check(reg
, "==");
976 reg
[REG_R0
].type
= REG_S64
;
977 next_pc
+= sizeof(struct binary_op
);
982 ret
= bin_op_compare_check(reg
, "!=");
985 reg
[REG_R0
].type
= REG_S64
;
986 next_pc
+= sizeof(struct binary_op
);
991 ret
= bin_op_compare_check(reg
, ">");
994 reg
[REG_R0
].type
= REG_S64
;
995 next_pc
+= sizeof(struct binary_op
);
1000 ret
= bin_op_compare_check(reg
, "<");
1003 reg
[REG_R0
].type
= REG_S64
;
1004 next_pc
+= sizeof(struct binary_op
);
1009 ret
= bin_op_compare_check(reg
, ">=");
1012 reg
[REG_R0
].type
= REG_S64
;
1013 next_pc
+= sizeof(struct binary_op
);
1018 ret
= bin_op_compare_check(reg
, "<=");
1021 reg
[REG_R0
].type
= REG_S64
;
1022 next_pc
+= sizeof(struct binary_op
);
1027 case FILTER_OP_UNARY_PLUS
:
1028 case FILTER_OP_UNARY_MINUS
:
1029 case FILTER_OP_UNARY_NOT
:
1031 struct unary_op
*insn
= (struct unary_op
*) pc
;
1033 if (unlikely(insn
->reg
>= REG_ERROR
)) {
1034 ERR("invalid register %u\n",
1035 (unsigned int) insn
->reg
);
1039 switch (reg
[insn
->reg
].type
) {
1041 ERR("unknown register type\n");
1046 ERR("Unary op can only be applied to numeric or floating point registers\n");
1054 next_pc
+= sizeof(struct unary_op
);
1061 struct logical_op
*insn
= (struct logical_op
*) pc
;
1063 if (unlikely(reg
[REG_R0
].type
== REG_STRING
)) {
1064 ERR("Logical operator 'and' can only be applied to numeric and floating point registers\n");
1069 dbg_printf("Validate jumping to bytecode offset %u\n",
1070 (unsigned int) insn
->skip_offset
);
1071 if (unlikely(start_pc
+ insn
->skip_offset
<= pc
)) {
1072 ERR("Loops are not allowed in bytecode\n");
1076 next_pc
+= sizeof(struct logical_op
);
1081 case FILTER_OP_LOAD_FIELD_REF
:
1083 struct load_op
*insn
= (struct load_op
*) pc
;
1084 struct field_ref
*ref
= (struct field_ref
*) insn
->data
;
1086 if (unlikely(insn
->reg
>= REG_ERROR
)) {
1087 ERR("invalid register %u\n",
1088 (unsigned int) insn
->reg
);
1092 dbg_printf("Validate load field ref offset %u type %u\n",
1093 ref
->offset
, ref
->type
);
1094 switch (ref
->type
) {
1095 case FIELD_REF_UNKNOWN
:
1097 ERR("unknown field ref type\n");
1101 case FIELD_REF_STRING
:
1102 reg
[insn
->reg
].type
= REG_STRING
;
1103 reg
[insn
->reg
].literal
= 0;
1105 case FIELD_REF_SEQUENCE
:
1106 reg
[insn
->reg
].type
= REG_STRING
;
1107 reg
[insn
->reg
].literal
= 0;
1110 reg
[insn
->reg
].type
= REG_S64
;
1111 reg
[insn
->reg
].literal
= 0;
1113 case FIELD_REF_DOUBLE
:
1114 reg
[insn
->reg
].type
= REG_DOUBLE
;
1115 reg
[insn
->reg
].literal
= 0;
1119 next_pc
+= sizeof(struct load_op
) + sizeof(struct field_ref
);
1123 case FILTER_OP_LOAD_STRING
:
1125 struct load_op
*insn
= (struct load_op
*) pc
;
1127 if (unlikely(insn
->reg
>= REG_ERROR
)) {
1128 ERR("invalid register %u\n",
1129 (unsigned int) insn
->reg
);
1133 reg
[insn
->reg
].type
= REG_STRING
;
1134 reg
[insn
->reg
].literal
= 1;
1135 next_pc
+= sizeof(struct load_op
) + strlen(insn
->data
) + 1;
1139 case FILTER_OP_LOAD_S64
:
1141 struct load_op
*insn
= (struct load_op
*) pc
;
1143 if (unlikely(insn
->reg
>= REG_ERROR
)) {
1144 ERR("invalid register %u\n",
1145 (unsigned int) insn
->reg
);
1149 reg
[insn
->reg
].type
= REG_S64
;
1150 next_pc
+= sizeof(struct load_op
)
1151 + sizeof(struct literal_numeric
);
1155 case FILTER_OP_LOAD_DOUBLE
:
1157 struct load_op
*insn
= (struct load_op
*) pc
;
1159 if (unlikely(insn
->reg
>= REG_ERROR
)) {
1160 ERR("invalid register %u\n",
1161 (unsigned int) insn
->reg
);
1165 reg
[insn
->reg
].type
= REG_DOUBLE
;
1166 next_pc
+= sizeof(struct load_op
)
1167 + sizeof(struct literal_double
);
1177 int apply_field_reloc(struct ltt_event
*event
,
1178 struct bytecode_runtime
*runtime
,
1179 uint32_t runtime_len
,
1180 uint32_t reloc_offset
,
1181 const char *field_name
)
1183 const struct lttng_event_desc
*desc
;
1184 const struct lttng_event_field
*fields
, *field
= NULL
;
1185 unsigned int nr_fields
, i
;
1186 struct field_ref
*field_ref
;
1187 uint32_t field_offset
= 0;
1189 dbg_printf("Apply reloc: %u %s\n", reloc_offset
, field_name
);
1191 /* Ensure that the reloc is within the code */
1192 if (runtime_len
- reloc_offset
< sizeof(uint16_t))
1195 /* Lookup event by name */
1199 fields
= desc
->fields
;
1202 nr_fields
= desc
->nr_fields
;
1203 for (i
= 0; i
< nr_fields
; i
++) {
1204 if (!strcmp(fields
[i
].name
, field_name
)) {
1208 /* compute field offset */
1209 switch (fields
[i
].type
.atype
) {
1212 field_offset
+= sizeof(int64_t);
1215 case atype_sequence
:
1216 field_offset
+= sizeof(unsigned long);
1217 field_offset
+= sizeof(void *);
1220 field_offset
+= sizeof(void *);
1223 field_offset
+= sizeof(double);
1232 /* Check if field offset is too large for 16-bit offset */
1233 if (field_offset
> FILTER_BYTECODE_MAX_LEN
)
1237 field_ref
= (struct field_ref
*) &runtime
->data
[reloc_offset
];
1238 switch (field
->type
.atype
) {
1241 field_ref
->type
= FIELD_REF_S64
;
1242 field_ref
->type
= FIELD_REF_S64
;
1245 case atype_sequence
:
1246 field_ref
->type
= FIELD_REF_SEQUENCE
;
1249 field_ref
->type
= FIELD_REF_STRING
;
1252 field_ref
->type
= FIELD_REF_DOUBLE
;
1258 field_ref
->offset
= (uint16_t) field_offset
;
1263 * Take a bytecode with reloc table and link it to an event to create a
1267 int _lttng_filter_event_link_bytecode(struct ltt_event
*event
,
1268 struct lttng_ust_filter_bytecode
*filter_bytecode
)
1270 int ret
, offset
, next_offset
;
1271 struct bytecode_runtime
*runtime
= NULL
;
1272 size_t runtime_alloc_len
;
1274 if (!filter_bytecode
)
1276 /* Even is not connected to any description */
1279 /* Bytecode already linked */
1280 if (event
->filter
|| event
->filter_data
)
1283 dbg_printf("Linking\n");
1285 /* We don't need the reloc table in the runtime */
1286 runtime_alloc_len
= sizeof(*runtime
) + filter_bytecode
->reloc_offset
;
1287 runtime
= zmalloc(runtime_alloc_len
);
1292 runtime
->len
= filter_bytecode
->reloc_offset
;
1293 /* copy original bytecode */
1294 memcpy(runtime
->data
, filter_bytecode
->data
, runtime
->len
);
1296 * apply relocs. Those are a uint16_t (offset in bytecode)
1297 * followed by a string (field name).
1299 for (offset
= filter_bytecode
->reloc_offset
;
1300 offset
< filter_bytecode
->len
;
1301 offset
= next_offset
) {
1302 uint16_t reloc_offset
=
1303 *(uint16_t *) &filter_bytecode
->data
[offset
];
1304 const char *field_name
=
1305 (const char *) &filter_bytecode
->data
[offset
+ sizeof(uint16_t)];
1307 ret
= apply_field_reloc(event
, runtime
, runtime
->len
, reloc_offset
, field_name
);
1311 next_offset
= offset
+ sizeof(uint16_t) + strlen(field_name
) + 1;
1313 /* Validate bytecode */
1314 ret
= lttng_filter_validate_bytecode(runtime
);
1318 event
->filter_data
= runtime
;
1319 event
->filter
= lttng_filter_interpret_bytecode
;
1323 event
->filter
= lttng_filter_false
;
1328 void lttng_filter_event_link_bytecode(struct ltt_event
*event
,
1329 struct lttng_ust_filter_bytecode
*filter_bytecode
)
1333 ret
= _lttng_filter_event_link_bytecode(event
, filter_bytecode
);
1335 fprintf(stderr
, "[lttng filter] error linking event bytecode\n");
1340 * Link bytecode to all events for a wildcard. Skips events that already
1341 * have a bytecode linked.
1342 * We do not set each event's filter_bytecode field, because they do not
1343 * own the filter_bytecode: the wildcard owns it.
1345 void lttng_filter_wildcard_link_bytecode(struct session_wildcard
*wildcard
)
1347 struct ltt_event
*event
;
1350 if (!wildcard
->filter_bytecode
)
1353 cds_list_for_each_entry(event
, &wildcard
->events
, wildcard_list
) {
1356 ret
= _lttng_filter_event_link_bytecode(event
,
1357 wildcard
->filter_bytecode
);
1359 fprintf(stderr
, "[lttng filter] error linking wildcard bytecode\n");
1367 * Need to attach filter to an event before starting tracing for the
1368 * session. We own the filter_bytecode if we return success.
1370 int lttng_filter_event_attach_bytecode(struct ltt_event
*event
,
1371 struct lttng_ust_filter_bytecode
*filter_bytecode
)
1373 if (event
->chan
->session
->been_active
)
1375 if (event
->filter_bytecode
)
1377 event
->filter_bytecode
= filter_bytecode
;
1382 * Need to attach filter to a wildcard before starting tracing for the
1383 * session. We own the filter_bytecode if we return success.
1385 int lttng_filter_wildcard_attach_bytecode(struct session_wildcard
*wildcard
,
1386 struct lttng_ust_filter_bytecode
*filter_bytecode
)
1388 if (wildcard
->chan
->session
->been_active
)
1390 if (wildcard
->filter_bytecode
)
1392 wildcard
->filter_bytecode
= filter_bytecode
;