detect: more detailed state profiling

diff --git a/src/detect.c b/src/detect.c
index f73157d7faed7b6971e8325776e2ea4a64c6f592..cae56a007a5c84048fa9aed894ad026c9d9b1a67 100644 (file)
--- a/src/detect.c
+++ b/src/detect.c
@@ -1075,7 +1075,7 @@ void SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineT
 
     DetectPrefilterSetNonPrefilterList(p, det_ctx);
 
-    PACKET_PROFILING_DETECT_START(p, PROF_DETECT_STATEFUL);
+    PACKET_PROFILING_DETECT_START(p, PROF_DETECT_STATEFUL_CONT);
     /* stateful app layer detection */
     if ((p->flags & PKT_HAS_FLOW) && has_state) {
         memset(det_ctx->de_state_sig_array, 0x00, det_ctx->de_state_sig_array_len);
@@ -1086,7 +1086,7 @@ void SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineT
                                            flow_flags, alproto);
         }
     }
-    PACKET_PROFILING_DETECT_END(p, PROF_DETECT_STATEFUL);
+    PACKET_PROFILING_DETECT_END(p, PROF_DETECT_STATEFUL_CONT);
 
     /* create our prefilter mask */
     SignatureMask mask = 0;
@@ -1344,10 +1344,10 @@ void SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineT
              * signature match. It will then call PacketAlertAppend
              * itself, so we can skip it below. This is done so it
              * can store the tx_id with the alert */
-            PACKET_PROFILING_DETECT_START(p, PROF_DETECT_STATEFUL);
+            PACKET_PROFILING_DETECT_START(p, PROF_DETECT_STATEFUL_START);
             state_alert = DeStateDetectStartDetection(th_v, de_ctx, det_ctx, s,
                                                       p, pflow, flow_flags, alproto);
-            PACKET_PROFILING_DETECT_END(p, PROF_DETECT_STATEFUL);
+            PACKET_PROFILING_DETECT_END(p, PROF_DETECT_STATEFUL_START);
             if (state_alert == 0)
                 goto next;
 
@@ -1389,9 +1389,9 @@ end:
 
     /* see if we need to increment the inspect_id and reset the de_state */
     if (has_state && AppLayerParserProtocolSupportsTxs(p->proto, alproto)) {
-        PACKET_PROFILING_DETECT_START(p, PROF_DETECT_STATEFUL);
+        PACKET_PROFILING_DETECT_START(p, PROF_DETECT_STATEFUL_UPDATE);
         DeStateUpdateInspectTransactionId(pflow, flow_flags);
-        PACKET_PROFILING_DETECT_END(p, PROF_DETECT_STATEFUL);
+        PACKET_PROFILING_DETECT_END(p, PROF_DETECT_STATEFUL_UPDATE);
     }
 
     /* so now let's iterate the alerts and remove the ones after a pass rule

diff --git a/src/suricata-common.h b/src/suricata-common.h
index e8936307978bb240ac1452b2ce4e4b179d0ff102..063e904a1fc6e3c0fd6f9702620a85c6aa073950 100644 (file)
--- a/src/suricata-common.h
+++ b/src/suricata-common.h
@@ -357,7 +357,9 @@
 typedef enum PacketProfileDetectId_ {
     PROF_DETECT_IPONLY,
     PROF_DETECT_RULES,
-    PROF_DETECT_STATEFUL,
+    PROF_DETECT_STATEFUL_START,
+    PROF_DETECT_STATEFUL_CONT,
+    PROF_DETECT_STATEFUL_UPDATE,
     PROF_DETECT_PREFILTER,
     PROF_DETECT_PF_PKT,
     PROF_DETECT_PF_PAYLOAD,

diff --git a/src/util-profiling.c b/src/util-profiling.c
index 274805d01f5fc1d9e02e9fc9b626c5c57f0dfa05..24ef3aca467e4dd36a97e24f93db043f7be1aeaf 100644 (file)
--- a/src/util-profiling.c
+++ b/src/util-profiling.c
@@ -1312,7 +1312,9 @@ const char * PacketProfileDetectIdToString(PacketProfileDetectId id)
         CASE_CODE (PROF_DETECT_PF_TX);
         CASE_CODE (PROF_DETECT_PF_SORT1);
         CASE_CODE (PROF_DETECT_PF_SORT2);
-        CASE_CODE (PROF_DETECT_STATEFUL);
+        CASE_CODE (PROF_DETECT_STATEFUL_START);
+        CASE_CODE (PROF_DETECT_STATEFUL_CONT);
+        CASE_CODE (PROF_DETECT_STATEFUL_UPDATE);
         CASE_CODE (PROF_DETECT_ALERT);
         CASE_CODE (PROF_DETECT_CLEANUP);
         CASE_CODE (PROF_DETECT_GETSGH);