X-Git-Url: https://git.lttng.org/?a=blobdiff_plain;f=liblttng-ust%2Flttng-filter-validator.c;h=6cdfd8c164764e075bab11a5cb8234c51765890f;hb=refs%2Fheads%2Fstable-2.2;hp=b164cbbfc421d3c555a3b61c08bb81c6692a9a29;hpb=bf956ec0051ba7f365693e194bc0aeaf4343a82c;p=lttng-ust.git diff --git a/liblttng-ust/lttng-filter-validator.c b/liblttng-ust/lttng-filter-validator.c index b164cbbf..6cdfd8c1 100644 --- a/liblttng-ust/lttng-filter-validator.c +++ b/liblttng-ust/lttng-filter-validator.c @@ -28,12 +28,22 @@ #include #include "lttng-hash-helper.h" +/* + * Number of merge points for hash table size. Hash table initialized to + * that size, and we do not resize, because we do not want to trigger + * RCU worker thread execution: fall-back on linear traversal if number + * of merge points exceeds this value. + */ +#define DEFAULT_NR_MERGE_POINTS 128 +#define MIN_NR_BUCKETS 128 +#define MAX_NR_BUCKETS 128 + /* merge point table node */ struct lfht_mp_node { struct cds_lfht_node node; /* Context at merge point */ - struct vreg reg[NR_REG]; + struct vstack stack; unsigned long target_pc; }; @@ -54,13 +64,31 @@ int lttng_hash_match(struct cds_lfht_node *node, const void *key) } static -int merge_point_add(struct cds_lfht *ht, unsigned long target_pc, - const struct vreg reg[NR_REG]) +int merge_points_compare(const struct vstack *stacka, + const struct vstack *stackb) +{ + int i, len; + + if (stacka->top != stackb->top) + return 1; + len = stacka->top + 1; + assert(len >= 0); + for (i = 0; i < len; i++) { + if (stacka->e[i].type != stackb->e[i].type) + return 1; + } + return 0; +} + +static +int merge_point_add_check(struct cds_lfht *ht, unsigned long target_pc, + const struct vstack *stack) { struct lfht_mp_node *node; unsigned long hash = lttng_hash_mix((const void *) target_pc, sizeof(target_pc), lttng_hash_seed); + struct cds_lfht_node *ret; dbg_printf("Filter: adding merge point at offset %lu, hash %lu\n", target_pc, hash); @@ -68,30 +96,41 @@ int merge_point_add(struct cds_lfht *ht, unsigned long target_pc, if (!node) return -ENOMEM; node->target_pc = target_pc; - memcpy(node->reg, reg, sizeof(node->reg)); - cds_lfht_add(ht, hash, &node->node); + memcpy(&node->stack, stack, sizeof(node->stack)); + ret = cds_lfht_add_unique(ht, hash, lttng_hash_match, + (const void *) target_pc, &node->node); + if (ret != &node->node) { + struct lfht_mp_node *ret_mp = + caa_container_of(ret, struct lfht_mp_node, node); + + /* Key already present */ + dbg_printf("Filter: compare merge points for offset %lu, hash %lu\n", + target_pc, hash); + free(node); + if (merge_points_compare(stack, &ret_mp->stack)) { + ERR("Merge points differ for offset %lu\n", + target_pc); + return -EINVAL; + } + } return 0; } /* - * Number of merge points for hash table size. Hash table initialized to - * that size, and we do not resize, because we do not want to trigger - * RCU worker thread execution: fall-back on linear traversal if number - * of merge points exceeds this value. + * Binary comparators use top of stack and top of stack -1. */ -#define DEFAULT_NR_MERGE_POINTS 128 -#define MIN_NR_BUCKETS 128 -#define MAX_NR_BUCKETS 128 - static -int bin_op_compare_check(const struct vreg reg[NR_REG], const char *str) +int bin_op_compare_check(struct vstack *stack, const char *str) { - switch (reg[REG_R0].type) { + if (unlikely(!vstack_ax(stack) || !vstack_bx(stack))) + goto error_unknown; + + switch (vstack_ax(stack)->type) { default: goto error_unknown; case REG_STRING: - switch (reg[REG_R1].type) { + switch (vstack_bx(stack)->type) { default: goto error_unknown; @@ -104,7 +143,7 @@ int bin_op_compare_check(const struct vreg reg[NR_REG], const char *str) break; case REG_S64: case REG_DOUBLE: - switch (reg[REG_R1].type) { + switch (vstack_bx(stack)->type) { default: goto error_unknown; @@ -120,8 +159,8 @@ int bin_op_compare_check(const struct vreg reg[NR_REG], const char *str) return 0; error_unknown: - return -EINVAL; + error_mismatch: ERR("type mismatch for '%s' binary operator\n", str); return -EINVAL; @@ -151,7 +190,7 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, { if (unlikely(pc + sizeof(struct return_op) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } @@ -198,10 +237,22 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, case FILTER_OP_LT_DOUBLE: case FILTER_OP_GE_DOUBLE: case FILTER_OP_LE_DOUBLE: + case FILTER_OP_EQ_DOUBLE_S64: + case FILTER_OP_NE_DOUBLE_S64: + case FILTER_OP_GT_DOUBLE_S64: + case FILTER_OP_LT_DOUBLE_S64: + case FILTER_OP_GE_DOUBLE_S64: + case FILTER_OP_LE_DOUBLE_S64: + case FILTER_OP_EQ_S64_DOUBLE: + case FILTER_OP_NE_S64_DOUBLE: + case FILTER_OP_GT_S64_DOUBLE: + case FILTER_OP_LT_S64_DOUBLE: + case FILTER_OP_GE_S64_DOUBLE: + case FILTER_OP_LE_S64_DOUBLE: { if (unlikely(pc + sizeof(struct binary_op) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } @@ -219,7 +270,7 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, { if (unlikely(pc + sizeof(struct unary_op) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } @@ -230,30 +281,41 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, { if (unlikely(pc + sizeof(struct logical_op) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } - /* load */ + /* load field ref */ case FILTER_OP_LOAD_FIELD_REF: { ERR("Unknown field ref type\n"); ret = -EINVAL; break; } + /* get context ref */ + case FILTER_OP_GET_CONTEXT_REF: + { + ERR("Unknown field ref type\n"); + ret = -EINVAL; + break; + } case FILTER_OP_LOAD_FIELD_REF_STRING: case FILTER_OP_LOAD_FIELD_REF_SEQUENCE: case FILTER_OP_LOAD_FIELD_REF_S64: case FILTER_OP_LOAD_FIELD_REF_DOUBLE: + case FILTER_OP_GET_CONTEXT_REF_STRING: + case FILTER_OP_GET_CONTEXT_REF_S64: + case FILTER_OP_GET_CONTEXT_REF_DOUBLE: { if (unlikely(pc + sizeof(struct load_op) + sizeof(struct field_ref) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } + /* load from immediate operand */ case FILTER_OP_LOAD_STRING: { struct load_op *insn = (struct load_op *) pc; @@ -261,7 +323,7 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, if (unlikely(pc + sizeof(struct load_op) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; break; } @@ -269,7 +331,7 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, str_len = strnlen(insn->data, maxlen); if (unlikely(str_len >= maxlen)) { /* Final '\0' not found within range */ - ret = -EINVAL; + ret = -ERANGE; } break; } @@ -278,7 +340,7 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, { if (unlikely(pc + sizeof(struct load_op) + sizeof(struct literal_numeric) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } @@ -287,7 +349,7 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, { if (unlikely(pc + sizeof(struct load_op) + sizeof(struct literal_double) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } @@ -298,10 +360,11 @@ int bytecode_validate_overflow(struct bytecode_runtime *bytecode, { if (unlikely(pc + sizeof(struct cast_op) > start_pc + bytecode->len)) { - ret = -EINVAL; + ret = -ERANGE; } break; } + } return ret; @@ -333,7 +396,7 @@ unsigned long delete_all_nodes(struct cds_lfht *ht) */ static int validate_instruction_context(struct bytecode_runtime *bytecode, - const struct vreg reg[NR_REG], + struct vstack *stack, void *start_pc, void *pc) { @@ -374,42 +437,42 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_EQ: { - ret = bin_op_compare_check(reg, "=="); + ret = bin_op_compare_check(stack, "=="); if (ret) goto end; break; } case FILTER_OP_NE: { - ret = bin_op_compare_check(reg, "!="); + ret = bin_op_compare_check(stack, "!="); if (ret) goto end; break; } case FILTER_OP_GT: { - ret = bin_op_compare_check(reg, ">"); + ret = bin_op_compare_check(stack, ">"); if (ret) goto end; break; } case FILTER_OP_LT: { - ret = bin_op_compare_check(reg, "<"); + ret = bin_op_compare_check(stack, "<"); if (ret) goto end; break; } case FILTER_OP_GE: { - ret = bin_op_compare_check(reg, ">="); + ret = bin_op_compare_check(stack, ">="); if (ret) goto end; break; } case FILTER_OP_LE: { - ret = bin_op_compare_check(reg, "<="); + ret = bin_op_compare_check(stack, "<="); if (ret) goto end; break; @@ -422,8 +485,13 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_GE_STRING: case FILTER_OP_LE_STRING: { - if (reg[REG_R0].type != REG_STRING - || reg[REG_R1].type != REG_STRING) { + if (!vstack_ax(stack) || !vstack_bx(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + if (vstack_ax(stack)->type != REG_STRING + || vstack_bx(stack)->type != REG_STRING) { ERR("Unexpected register type for string comparator\n"); ret = -EINVAL; goto end; @@ -438,8 +506,13 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_GE_S64: case FILTER_OP_LE_S64: { - if (reg[REG_R0].type != REG_S64 - || reg[REG_R1].type != REG_S64) { + if (!vstack_ax(stack) || !vstack_bx(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + if (vstack_ax(stack)->type != REG_S64 + || vstack_bx(stack)->type != REG_S64) { ERR("Unexpected register type for s64 comparator\n"); ret = -EINVAL; goto end; @@ -454,14 +527,53 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_GE_DOUBLE: case FILTER_OP_LE_DOUBLE: { - if ((reg[REG_R0].type != REG_DOUBLE && reg[REG_R0].type != REG_S64) - || (reg[REG_R1].type != REG_DOUBLE && reg[REG_R1].type != REG_S64)) { - ERR("Unexpected register type for double comparator\n"); + if (!vstack_ax(stack) || !vstack_bx(stack)) { + ERR("Empty stack\n"); ret = -EINVAL; goto end; } - if (reg[REG_R0].type != REG_DOUBLE && reg[REG_R1].type != REG_DOUBLE) { - ERR("Double operator should have at least one double register\n"); + if (vstack_ax(stack)->type != REG_DOUBLE && vstack_bx(stack)->type != REG_DOUBLE) { + ERR("Double operator should have two double registers\n"); + ret = -EINVAL; + goto end; + } + break; + } + + case FILTER_OP_EQ_DOUBLE_S64: + case FILTER_OP_NE_DOUBLE_S64: + case FILTER_OP_GT_DOUBLE_S64: + case FILTER_OP_LT_DOUBLE_S64: + case FILTER_OP_GE_DOUBLE_S64: + case FILTER_OP_LE_DOUBLE_S64: + { + if (!vstack_ax(stack) || !vstack_bx(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + if (vstack_ax(stack)->type != REG_S64 && vstack_bx(stack)->type != REG_DOUBLE) { + ERR("Double-S64 operator has unexpected register types\n"); + ret = -EINVAL; + goto end; + } + break; + } + + case FILTER_OP_EQ_S64_DOUBLE: + case FILTER_OP_NE_S64_DOUBLE: + case FILTER_OP_GT_S64_DOUBLE: + case FILTER_OP_LT_S64_DOUBLE: + case FILTER_OP_GE_S64_DOUBLE: + case FILTER_OP_LE_S64_DOUBLE: + { + if (!vstack_ax(stack) || !vstack_bx(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + if (vstack_ax(stack)->type != REG_DOUBLE && vstack_bx(stack)->type != REG_S64) { + ERR("S64-Double operator has unexpected register types\n"); ret = -EINVAL; goto end; } @@ -473,15 +585,12 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_UNARY_MINUS: case FILTER_OP_UNARY_NOT: { - struct unary_op *insn = (struct unary_op *) pc; - - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); ret = -EINVAL; goto end; } - switch (reg[insn->reg].type) { + switch (vstack_ax(stack)->type) { default: ERR("unknown register type\n"); ret = -EINVAL; @@ -503,15 +612,12 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_UNARY_MINUS_S64: case FILTER_OP_UNARY_NOT_S64: { - struct unary_op *insn = (struct unary_op *) pc; - - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); ret = -EINVAL; goto end; } - if (reg[insn->reg].type != REG_S64) { + if (vstack_ax(stack)->type != REG_S64) { ERR("Invalid register type\n"); ret = -EINVAL; goto end; @@ -523,15 +629,12 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, case FILTER_OP_UNARY_MINUS_DOUBLE: case FILTER_OP_UNARY_NOT_DOUBLE: { - struct unary_op *insn = (struct unary_op *) pc; - - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); ret = -EINVAL; goto end; } - if (reg[insn->reg].type != REG_DOUBLE) { + if (vstack_ax(stack)->type != REG_DOUBLE) { ERR("Invalid register type\n"); ret = -EINVAL; goto end; @@ -545,7 +648,12 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, { struct logical_op *insn = (struct logical_op *) pc; - if (reg[REG_R0].type != REG_S64) { + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + if (vstack_ax(stack)->type != REG_S64) { ERR("Logical comparator expects S64 register\n"); ret = -EINVAL; goto end; @@ -561,7 +669,7 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, break; } - /* load */ + /* load field ref */ case FILTER_OP_LOAD_FIELD_REF: { ERR("Unknown field ref type\n"); @@ -574,12 +682,6 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, struct load_op *insn = (struct load_op *) pc; struct field_ref *ref = (struct field_ref *) insn->data; - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); - ret = -EINVAL; - goto end; - } dbg_printf("Validate load field ref offset %u type string\n", ref->offset); break; @@ -589,12 +691,6 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, struct load_op *insn = (struct load_op *) pc; struct field_ref *ref = (struct field_ref *) insn->data; - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); - ret = -EINVAL; - goto end; - } dbg_printf("Validate load field ref offset %u type s64\n", ref->offset); break; @@ -604,53 +700,24 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, struct load_op *insn = (struct load_op *) pc; struct field_ref *ref = (struct field_ref *) insn->data; - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); - ret = -EINVAL; - goto end; - } dbg_printf("Validate load field ref offset %u type double\n", ref->offset); break; } + /* load from immediate operand */ case FILTER_OP_LOAD_STRING: { - struct load_op *insn = (struct load_op *) pc; - - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); - ret = -EINVAL; - goto end; - } break; } case FILTER_OP_LOAD_S64: { - struct load_op *insn = (struct load_op *) pc; - - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); - ret = -EINVAL; - goto end; - } break; } case FILTER_OP_LOAD_DOUBLE: { - struct load_op *insn = (struct load_op *) pc; - - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); - ret = -EINVAL; - goto end; - } break; } @@ -659,13 +726,12 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, { struct cast_op *insn = (struct cast_op *) pc; - if (unlikely(insn->reg >= REG_ERROR)) { - ERR("invalid register %u\n", - (unsigned int) insn->reg); + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); ret = -EINVAL; goto end; } - switch (reg[insn->reg].type) { + switch (vstack_ax(stack)->type) { default: ERR("unknown register type\n"); ret = -EINVAL; @@ -681,7 +747,7 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, break; } if (insn->op == FILTER_OP_CAST_DOUBLE_TO_S64) { - if (reg[insn->reg].type != REG_DOUBLE) { + if (vstack_ax(stack)->type != REG_DOUBLE) { ERR("Cast expects double\n"); ret = -EINVAL; goto end; @@ -694,6 +760,41 @@ int validate_instruction_context(struct bytecode_runtime *bytecode, break; } + /* get context ref */ + case FILTER_OP_GET_CONTEXT_REF: + { + ERR("Unknown get context ref type\n"); + ret = -EINVAL; + goto end; + } + case FILTER_OP_GET_CONTEXT_REF_STRING: + { + struct load_op *insn = (struct load_op *) pc; + struct field_ref *ref = (struct field_ref *) insn->data; + + dbg_printf("Validate get context ref offset %u type string\n", + ref->offset); + break; + } + case FILTER_OP_GET_CONTEXT_REF_S64: + { + struct load_op *insn = (struct load_op *) pc; + struct field_ref *ref = (struct field_ref *) insn->data; + + dbg_printf("Validate get context ref offset %u type s64\n", + ref->offset); + break; + } + case FILTER_OP_GET_CONTEXT_REF_DOUBLE: + { + struct load_op *insn = (struct load_op *) pc; + struct field_ref *ref = (struct field_ref *) insn->data; + + dbg_printf("Validate get context ref offset %u type double\n", + ref->offset); + break; + } + } end: return ret; @@ -707,7 +808,7 @@ end: static int validate_instruction_all_contexts(struct bytecode_runtime *bytecode, struct cds_lfht *merge_points, - const struct vreg reg[NR_REG], + struct vstack *stack, void *start_pc, void *pc) { @@ -715,29 +816,32 @@ int validate_instruction_all_contexts(struct bytecode_runtime *bytecode, unsigned long target_pc = pc - start_pc; struct cds_lfht_iter iter; struct cds_lfht_node *node; + struct lfht_mp_node *mp_node; unsigned long hash; /* Validate the context resulting from the previous instruction */ - ret = validate_instruction_context(bytecode, reg, start_pc, pc); + ret = validate_instruction_context(bytecode, stack, start_pc, pc); if (ret) return ret; /* Validate merge points */ hash = lttng_hash_mix((const void *) target_pc, sizeof(target_pc), lttng_hash_seed); - cds_lfht_for_each_duplicate(merge_points, hash, lttng_hash_match, - (const void *) target_pc, &iter, node) { - struct lfht_mp_node *mp_node = - caa_container_of(node, struct lfht_mp_node, node); + cds_lfht_lookup(merge_points, hash, lttng_hash_match, + (const void *) target_pc, &iter); + node = cds_lfht_iter_get_node(&iter); + if (node) { + mp_node = caa_container_of(node, struct lfht_mp_node, node); dbg_printf("Filter: validate merge point at offset %lu\n", target_pc); - ret = validate_instruction_context(bytecode, mp_node->reg, - start_pc, pc); - if (ret) - return ret; + if (merge_points_compare(stack, &mp_node->stack)) { + ERR("Merge points differ for offset %lu\n", + target_pc); + return -EINVAL; + } /* Once validated, we can remove the merge point */ - dbg_printf("Filter: remove one merge point at offset %lu\n", + dbg_printf("Filter: remove merge point at offset %lu\n", target_pc); ret = cds_lfht_del(merge_points, node); assert(!ret); @@ -754,7 +858,7 @@ int validate_instruction_all_contexts(struct bytecode_runtime *bytecode, static int exec_insn(struct bytecode_runtime *bytecode, struct cds_lfht *merge_points, - struct vreg reg[NR_REG], + struct vstack *stack, void **_next_pc, void *pc) { @@ -773,6 +877,11 @@ int exec_insn(struct bytecode_runtime *bytecode, case FILTER_OP_RETURN: { + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } ret = 0; goto end; } @@ -813,20 +922,36 @@ int exec_insn(struct bytecode_runtime *bytecode, case FILTER_OP_LT_S64: case FILTER_OP_GE_S64: case FILTER_OP_LE_S64: - { - reg[REG_R0].type = REG_S64; - next_pc += sizeof(struct binary_op); - break; - } - case FILTER_OP_EQ_DOUBLE: case FILTER_OP_NE_DOUBLE: case FILTER_OP_GT_DOUBLE: case FILTER_OP_LT_DOUBLE: case FILTER_OP_GE_DOUBLE: case FILTER_OP_LE_DOUBLE: + case FILTER_OP_EQ_DOUBLE_S64: + case FILTER_OP_NE_DOUBLE_S64: + case FILTER_OP_GT_DOUBLE_S64: + case FILTER_OP_LT_DOUBLE_S64: + case FILTER_OP_GE_DOUBLE_S64: + case FILTER_OP_LE_DOUBLE_S64: + case FILTER_OP_EQ_S64_DOUBLE: + case FILTER_OP_NE_S64_DOUBLE: + case FILTER_OP_GT_S64_DOUBLE: + case FILTER_OP_LT_S64_DOUBLE: + case FILTER_OP_GE_S64_DOUBLE: + case FILTER_OP_LE_S64_DOUBLE: { - reg[REG_R0].type = REG_DOUBLE; + /* Pop 2, push 1 */ + if (vstack_pop(stack)) { + ret = -EINVAL; + goto end; + } + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_S64; next_pc += sizeof(struct binary_op); break; } @@ -839,7 +964,13 @@ int exec_insn(struct bytecode_runtime *bytecode, case FILTER_OP_UNARY_MINUS_S64: case FILTER_OP_UNARY_NOT_S64: { - reg[REG_R0].type = REG_S64; + /* Pop 1, push 1 */ + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_S64; next_pc += sizeof(struct unary_op); break; } @@ -848,7 +979,13 @@ int exec_insn(struct bytecode_runtime *bytecode, case FILTER_OP_UNARY_MINUS_DOUBLE: case FILTER_OP_UNARY_NOT_DOUBLE: { - reg[REG_R0].type = REG_DOUBLE; + /* Pop 1, push 1 */ + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_DOUBLE; next_pc += sizeof(struct unary_op); break; } @@ -861,68 +998,92 @@ int exec_insn(struct bytecode_runtime *bytecode, int merge_ret; /* Add merge point to table */ - merge_ret = merge_point_add(merge_points, insn->skip_offset, reg); + merge_ret = merge_point_add_check(merge_points, + insn->skip_offset, stack); if (merge_ret) { ret = merge_ret; goto end; } /* Continue to next instruction */ + /* Pop 1 when jump not taken */ + if (vstack_pop(stack)) { + ret = -EINVAL; + goto end; + } next_pc += sizeof(struct logical_op); break; } - /* load */ + /* load field ref */ case FILTER_OP_LOAD_FIELD_REF: { ERR("Unknown field ref type\n"); ret = -EINVAL; goto end; } + /* get context ref */ + case FILTER_OP_GET_CONTEXT_REF: + { + ERR("Unknown get context ref type\n"); + ret = -EINVAL; + goto end; + } case FILTER_OP_LOAD_FIELD_REF_STRING: case FILTER_OP_LOAD_FIELD_REF_SEQUENCE: + case FILTER_OP_GET_CONTEXT_REF_STRING: { - struct load_op *insn = (struct load_op *) pc; - - reg[insn->reg].type = REG_STRING; - reg[insn->reg].literal = 0; + if (vstack_push(stack)) { + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_STRING; next_pc += sizeof(struct load_op) + sizeof(struct field_ref); break; } case FILTER_OP_LOAD_FIELD_REF_S64: + case FILTER_OP_GET_CONTEXT_REF_S64: { - struct load_op *insn = (struct load_op *) pc; - - reg[insn->reg].type = REG_S64; - reg[insn->reg].literal = 0; + if (vstack_push(stack)) { + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_S64; next_pc += sizeof(struct load_op) + sizeof(struct field_ref); break; } case FILTER_OP_LOAD_FIELD_REF_DOUBLE: + case FILTER_OP_GET_CONTEXT_REF_DOUBLE: { - struct load_op *insn = (struct load_op *) pc; - - reg[insn->reg].type = REG_DOUBLE; - reg[insn->reg].literal = 0; + if (vstack_push(stack)) { + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_DOUBLE; next_pc += sizeof(struct load_op) + sizeof(struct field_ref); break; } + /* load from immediate operand */ case FILTER_OP_LOAD_STRING: { struct load_op *insn = (struct load_op *) pc; - reg[insn->reg].type = REG_STRING; - reg[insn->reg].literal = 1; + if (vstack_push(stack)) { + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_STRING; next_pc += sizeof(struct load_op) + strlen(insn->data) + 1; break; } case FILTER_OP_LOAD_S64: { - struct load_op *insn = (struct load_op *) pc; - - reg[insn->reg].type = REG_S64; - reg[insn->reg].literal = 1; + if (vstack_push(stack)) { + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_S64; next_pc += sizeof(struct load_op) + sizeof(struct literal_numeric); break; @@ -930,10 +1091,11 @@ int exec_insn(struct bytecode_runtime *bytecode, case FILTER_OP_LOAD_DOUBLE: { - struct load_op *insn = (struct load_op *) pc; - - reg[insn->reg].type = REG_DOUBLE; - reg[insn->reg].literal = 1; + if (vstack_push(stack)) { + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_DOUBLE; next_pc += sizeof(struct load_op) + sizeof(struct literal_double); break; @@ -942,9 +1104,13 @@ int exec_insn(struct bytecode_runtime *bytecode, case FILTER_OP_CAST_TO_S64: case FILTER_OP_CAST_DOUBLE_TO_S64: { - struct cast_op *insn = (struct cast_op *) pc; - - reg[insn->reg].type = REG_S64; + /* Pop 1, push 1 */ + if (!vstack_ax(stack)) { + ERR("Empty stack\n"); + ret = -EINVAL; + goto end; + } + vstack_ax(stack)->type = REG_S64; next_pc += sizeof(struct cast_op); break; } @@ -968,13 +1134,9 @@ int lttng_filter_validate_bytecode(struct bytecode_runtime *bytecode) struct cds_lfht *merge_points; void *pc, *next_pc, *start_pc; int ret = -EINVAL; - struct vreg reg[NR_REG]; - int i; + struct vstack stack; - for (i = 0; i < NR_REG; i++) { - reg[i].type = REG_TYPE_UNKNOWN; - reg[i].literal = 0; - } + vstack_init(&stack); if (!lttng_hash_seed_ready) { lttng_hash_seed = time(NULL); @@ -996,9 +1158,10 @@ int lttng_filter_validate_bytecode(struct bytecode_runtime *bytecode) start_pc = &bytecode->data[0]; for (pc = next_pc = start_pc; pc - start_pc < bytecode->len; pc = next_pc) { - if (bytecode_validate_overflow(bytecode, start_pc, pc) != 0) { - ERR("filter bytecode overflow\n"); - ret = -EINVAL; + ret = bytecode_validate_overflow(bytecode, start_pc, pc); + if (ret != 0) { + if (ret == -ERANGE) + ERR("filter bytecode overflow\n"); goto end; } dbg_printf("Validating op %s (%u)\n", @@ -1011,10 +1174,10 @@ int lttng_filter_validate_bytecode(struct bytecode_runtime *bytecode) * all merge points targeting this instruction. */ ret = validate_instruction_all_contexts(bytecode, merge_points, - reg, start_pc, pc); + &stack, start_pc, pc); if (ret) goto end; - ret = exec_insn(bytecode, merge_points, reg, &next_pc, pc); + ret = exec_insn(bytecode, merge_points, &stack, &next_pc, pc); if (ret <= 0) goto end; }