Merge remote-tracking branch 'origin/topic/jsiwek/gh-1122'

* origin/topic/jsiwek/gh-1122:
  GH-165: Fix global initializations that indirectly use builtin types
  Improve how primary/top-level BIFs get initialized
  GH-1122: Allow initializing globals with calls to subdir BIFs
  GH-1122: Improve error for global record initialization exceptions

CHANGES

@@ -1,4 +1,14 @@
 
+3.3.0-dev.247 | 2020-09-04 17:24:28 -0700
+
+  * GH-165: Fix global initializations that indirectly use builtin types (Jon Siwek, Corelight)
+
+  * Improve how primary/top-level BIFs get initialized (Jon Siwek, Corelight)
+
+  * GH-1122: Allow initializing globals with calls to subdir BIFs (Jon Siwek, Corelight)
+
+  * GH-1122: Improve error for global record initialization exceptions (Jon Siwek, Corelight)
+
 3.3.0-dev.241 | 2020-09-03 15:02:29 -0700
 
   * Change a script comment to use "code-block" directive (Jon Siwek, Corelight)

VERSION

@@ -1 +1 @@
-3.3.0-dev.241
+3.3.0-dev.247

auxil/bifcl

@@ -1 +1 @@
-Subproject commit 89878a05efe2a99eb14c286716676efca6c18b71
+Subproject commit 8301e2914a26df39a0c788f5ca5fd4c8202bd96a

scripts/base/init-bare.zeek

@@ -5331,3 +5331,13 @@ const digest_salt = "Please change this value." &redef;
 global done_with_network = F;
 event net_done(t: time)
 	{ done_with_network = T; }
+
+# This sets up primary BIFs such that they can be used by any
+# further scripts within their global initializations and is intended to be
+# the last thing done within this script.  It's called within @if simply so
+# that it executes at parse-time.  An alternative way to do that is to call
+# it during a global variable assignment/initialization.  Formally adding a
+# @run directive to the language whose sole purpose is parse-time code
+# execution would be another idea.
+@if ( __init_primary_bifs() )
+@endif

scripts/base/init-frameworks-and-bifs.zeek

@@ -14,3 +14,13 @@
 
 # Load BiFs defined by plugins.
 @load base/bif/plugins
+
+# This sets up secondary/subdir BIFs such that they can be used by any
+# further scripts within their global initializations and is intended to be
+# the last thing done within this script.  It's called within @if simply so
+# that it executes at parse-time.  An alternative way to do that is to call
+# it during a global variable assignment/initialization.  Formally adding a
+# @run directive to the language whose sole purpose is parse-time code
+# execution would be another idea.
+@if ( __init_secondary_bifs() )
+@endif

src/Func.cc

@@ -74,6 +74,7 @@ extern	RETSIGTYPE sig_handler(int signo);
 namespace zeek::detail {
 std::vector<CallInfo> call_stack;
 bool did_builtin_init = false;
+std::vector<void (*)()> bif_initializers;
 static const std::pair<bool, zeek::ValPtr> empty_hook_result(false, nullptr);
 } // namespace zeek::detail
 
@@ -901,6 +902,38 @@ void emit_builtin_exception(const char* msg, Obj* arg)
 	emit_builtin_error_common(msg, arg, true);
 	}
 
+void init_primary_bifs()
+	{
+	if ( did_builtin_init )
+		return;
+
+	ProcStats = id::find_type<RecordType>("ProcStats");
+	NetStats = id::find_type<RecordType>("NetStats");
+	MatcherStats = id::find_type<RecordType>("MatcherStats");
+	ConnStats = id::find_type<RecordType>("ConnStats");
+	ReassemblerStats = id::find_type<RecordType>("ReassemblerStats");
+	DNSStats = id::find_type<RecordType>("DNSStats");
+	GapStats = id::find_type<RecordType>("GapStats");
+	EventStats = id::find_type<RecordType>("EventStats");
+	TimerStats = id::find_type<RecordType>("TimerStats");
+	FileAnalysisStats = id::find_type<RecordType>("FileAnalysisStats");
+	ThreadStats = id::find_type<RecordType>("ThreadStats");
+	BrokerStats = id::find_type<RecordType>("BrokerStats");
+	ReporterStats = id::find_type<RecordType>("ReporterStats");
+
+	var_sizes = id::find_type("var_sizes")->AsTableType();
+
+#include "zeek.bif.func_init"
+#include "stats.bif.func_init"
+#include "reporter.bif.func_init"
+#include "strings.bif.func_init"
+#include "option.bif.func_init"
+#include "supervisor.bif.func_init"
+
+	init_builtin_types();
+	did_builtin_init = true;
+	}
+
 } // namespace detail
 
 
@@ -935,39 +968,3 @@ void builtin_error(const char* msg, zeek::Obj* arg)
 	{
 	zeek::emit_builtin_error(msg, arg);
 	}
-
-#include "__all__.bif.cc" // Autogenerated for compiling in the bif_target() code.
-#include "__all__.bif.register.cc" // Autogenerated for compiling in the bif_target() code.
-
-void init_builtin_funcs()
-	{
-	ProcStats = zeek::id::find_type<zeek::RecordType>("ProcStats");
-	NetStats = zeek::id::find_type<zeek::RecordType>("NetStats");
-	MatcherStats = zeek::id::find_type<zeek::RecordType>("MatcherStats");
-	ConnStats = zeek::id::find_type<zeek::RecordType>("ConnStats");
-	ReassemblerStats = zeek::id::find_type<zeek::RecordType>("ReassemblerStats");
-	DNSStats = zeek::id::find_type<zeek::RecordType>("DNSStats");
-	GapStats = zeek::id::find_type<zeek::RecordType>("GapStats");
-	EventStats = zeek::id::find_type<zeek::RecordType>("EventStats");
-	TimerStats = zeek::id::find_type<zeek::RecordType>("TimerStats");
-	FileAnalysisStats = zeek::id::find_type<zeek::RecordType>("FileAnalysisStats");
-	ThreadStats = zeek::id::find_type<zeek::RecordType>("ThreadStats");
-	BrokerStats = zeek::id::find_type<zeek::RecordType>("BrokerStats");
-	ReporterStats = zeek::id::find_type<zeek::RecordType>("ReporterStats");
-
-	var_sizes = zeek::id::find_type("var_sizes")->AsTableType();
-
-#include "zeek.bif.func_init"
-#include "stats.bif.func_init"
-#include "reporter.bif.func_init"
-#include "strings.bif.func_init"
-#include "option.bif.func_init"
-#include "supervisor.bif.func_init"
-
-	zeek::detail::did_builtin_init = true;
-	}
-
-void init_builtin_funcs_subdirs()
-	{
-#include "__all__.bif.init.cc" // Autogenerated for compiling in the bif_target() code.
-	}

src/Func.h

@@ -276,6 +276,16 @@ extern std::vector<CallInfo> call_stack;
 
 // This is set to true after the built-in functions have been initialized.
 extern bool did_builtin_init;
+extern std::vector<void (*)()> bif_initializers;
+extern void init_primary_bifs();
+
+inline void run_bif_initializers()
+	{
+	for ( const auto& bi : bif_initializers )
+		bi();
+
+	bif_initializers = {};
+	}
 
 extern void emit_builtin_exception(const char* msg);
 extern void emit_builtin_exception(const char* msg, const ValPtr& arg);
@@ -301,12 +311,6 @@ using function_ingredients [[deprecated("Remove in v4.1. Use zeek::detail::funct
 constexpr auto check_built_in_call [[deprecated("Remove in v4.1. Use zeek::detail::check_built_in_call.")]] = zeek::detail::check_built_in_call;
 constexpr auto render_call_stack [[deprecated("Remove in v4.1. Use zeek::render_call_stack.")]] = zeek::render_call_stack;
 
-// TODO: these are still here because of how all of the bif code gets included in Func.c. There could be a
-// renamed version inside the namespace, but the way that the code gets included complicates the matter. It
-// might need to be revisited after everything is namespaced everywhere else.
-void init_builtin_funcs();
-void init_builtin_funcs_subdirs();
-
 // TODO: do call_stack and did_builtin_init need to be aliased?
 
 // These have to be implemented as actual methods due to function overloading breaking the use of aliases.

src/ID.cc

@@ -90,7 +90,7 @@ FuncPtr id::find_func(std::string_view name)
 	return v->AsFuncPtr();
 	}
 
-void id::detail::init()
+void id::detail::init_types()
 	{
 	conn_id = id::find_type<RecordType>("conn_id");
 	endpoint = id::find_type<RecordType>("endpoint");

src/ID.h

@@ -272,7 +272,7 @@ extern VectorTypePtr index_vec;
 
 namespace detail {
 
-void init();
+void init_types();
 
 } // namespace detail
 } // namespace zeek::id

src/NetVar.cc

@@ -207,11 +207,15 @@ static void bif_init_event_handlers()
 static void bif_init_net_var()
 	{
 #include "const.bif.netvar_init"
-#include "types.bif.netvar_init"
 #include "reporter.bif.netvar_init"
 #include "supervisor.bif.netvar_init"
 	}
 
+static void init_bif_types()
+	{
+#include "types.bif.netvar_init"
+	}
+
 #include "const.bif.netvar_def"
 #include "types.bif.netvar_def"
 #include "event.bif.netvar_def"
@@ -240,11 +244,16 @@ void init_general_global_var()
 
 extern void zeek_legacy_netvar_init();
 
+void init_builtin_types()
+	{
+	init_bif_types();
+	id::detail::init_types();
+	}
+
 void init_net_var()
 	{
 	bif_init_net_var();
 
-	id::detail::init();
 	zeek_legacy_netvar_init();
 
 	ignore_checksums = id::find_val("ignore_checksums")->AsBool();

src/NetVar.h

@@ -103,6 +103,7 @@ extern void init_general_global_var();
 
 extern void init_event_handlers();
 extern void init_net_var();
+extern void init_builtin_types();
 
 } // namespace zeek::detail
 

src/Val.cc

@@ -2886,7 +2886,22 @@ RecordVal::RecordVal(RecordTypePtr t, bool init_fields) : Val(std::move(t))
 		{
 		detail::Attributes* a = rt->FieldDecl(i)->attrs.get();
 		detail::Attr* def_attr = a ? a->Find(detail::ATTR_DEFAULT).get() : nullptr;
-		auto def = def_attr ? def_attr->GetExpr()->Eval(nullptr) : nullptr;
+		ValPtr def;
+
+		if ( def_attr )
+			try
+				{
+				def = def_attr->GetExpr()->Eval(nullptr);
+				}
+			catch ( InterpreterException& )
+				{
+				if ( run_state::is_parsing )
+					parse_time_records[rt].pop_back();
+
+				delete AsNonConstRecord();
+				throw;
+				}
+
 		const auto& type = rt->FieldDecl(i)->type;
 
 		if ( def && type->Tag() == TYPE_RECORD &&

src/Var.cc

@@ -252,7 +252,15 @@ static void make_var(const IDPtr& id, TypePtr t, InitClass c, ExprPtr init,
 
 			if ( t->Tag() == TYPE_RECORD )
 				{
-				aggr = make_intrusive<RecordVal>(cast_intrusive<RecordType>(t));
+				try
+					{
+					aggr = make_intrusive<RecordVal>(cast_intrusive<RecordType>(t));
+					}
+				catch ( InterpreterException& )
+					{
+					id->Error("initialization failed");
+					return;
+					}
 
 				if ( init && t )
 					// Have an initialization and type is not deduced.

src/scan.l

@@ -842,16 +842,6 @@ int yywrap()
 	if ( zeek::reporter->Errors() > 0 )
 		return 1;
 
-	if ( ! did_builtin_init && file_stack.length() == 1 )
-		{
-		// ### This is a gross hack - we know that the first file
-		// we parse is init-bare.zeek, and after it it's safe to initialize
-		// the built-ins.  Furthermore, we want to initialize the
-		// built-in's *right* after parsing bro.init, so that other
-		// source files can use built-in's when initializing globals.
-		init_builtin_funcs();
-		}
-
 	yy_delete_buffer(YY_CURRENT_BUFFER);
 
 	if ( file_stack.length() > 0 )

src/zeek-setup.cc

@@ -62,6 +62,7 @@ extern "C" {
 #include "broker/Manager.h"
 
 #include "binpac_zeek.h"
+#include "module_util.h"
 
 #include "3rdparty/sqlite3.h"
 
@@ -388,8 +389,7 @@ static std::vector<std::string> get_script_signature_files()
 	return rval;
 	}
 
-SetupResult setup(int argc, char** argv,
+SetupResult setup(int argc, char** argv, Options* zopts)
-                                Options* zopts)
 	{
 	ZEEK_LSAN_DISABLE();
 	std::set_new_handler(bro_new_handler);
@@ -631,6 +631,19 @@ SetupResult setup(int argc, char** argv,
 	HeapLeakChecker::Disabler disabler;
 #endif
 
+	auto ipbid = install_ID("__init_primary_bifs", GLOBAL_MODULE_NAME,
+	                        true, true);
+	auto ipbft = make_intrusive<FuncType>(make_intrusive<RecordType>(nullptr),
+	                                      base_type(TYPE_BOOL),
+	                                      FUNC_FLAVOR_FUNCTION);
+	ipbid->SetType(std::move(ipbft));
+	auto init_bifs = [](Frame* frame, const Args* args) -> BifReturnVal
+		{
+		init_primary_bifs();
+		return val_mgr->True();
+		};
+	auto ipbb = make_intrusive<BuiltinFunc>(init_bifs, ipbid->Name(), false);
+
 	run_state::is_parsing = true;
 	yyparse();
 	run_state::is_parsing = false;
@@ -640,7 +653,7 @@ SetupResult setup(int argc, char** argv,
 
 	init_general_global_var();
 	init_net_var();
-	init_builtin_funcs_subdirs();
+	run_bif_initializers();
 
 	// Must come after plugin activation (and also after hash
 	// initialization).

src/zeek.bif

@@ -5046,6 +5046,24 @@ function match_signatures%(c: connection, pattern_type: int, s: string,
 	return zeek::val_mgr->True();
 	%}
 
+%%{
+// Autogenerated from CMake bif_target()
+#include "__all__.bif.cc"
+#include "__all__.bif.register.cc"
+
+static void init_secondary_bifs()
+	{
+	#include "__all__.bif.init.cc"
+	}
+%%}
+
+## An internal function that helps initialize BIFs.
+function __init_secondary_bifs%(%): bool
+	%{
+	init_secondary_bifs();
+	return zeek::val_mgr->True();
+	%}
+
 # ===========================================================================
 #
 #                            Anonymization Functions

testing/btest/Baseline/language.global-init-calls-bif-using-builtin-type/out

@@ -0,0 +1 @@
+tcp and port 80

testing/btest/Baseline/language.global-init-calls-bif/out

@@ -0,0 +1 @@
+3.002199

testing/btest/Baseline/language.record-global-init-exception/out

@@ -0,0 +1,2 @@
+expression error in /home/jon/pro/zeek/zeek/testing/btest/.tmp/language.record-global-init-exception/record-global-init-exception.zeek, line 7: value used but not set (my_count)
+error in /home/jon/pro/zeek/zeek/testing/btest/.tmp/language.record-global-init-exception/record-global-init-exception.zeek, line 14: initialization failed (my_record)

testing/btest/Baseline/plugins.hooks/output

@@ -282,7 +282,7 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1594057891.73307, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Broker::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Config::LOG)) -> <no result>
@@ -463,7 +463,7 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1594057891.73307, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::init, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
@@ -569,6 +569,8 @@
 0.000000   MetaHookPost  CallFunction(SumStats::register_observe_plugin, <frame>, (SumStats::UNIQUE, lambda_<10387912117292132662>{ if (!SumStats::rv?$unique_vals) SumStats::rv$unique_vals = (coerce set() to set[SumStats::Observation])if (SumStats::r?$unique_max) SumStats::rv$unique_max = SumStats::r$unique_maxif (!SumStats::r?$unique_max || sizeofSumStats::rv$unique_vals <= SumStats::r$unique_max) add SumStats::rv$unique_vals[SumStats::obs]SumStats::rv$unique = sizeofSumStats::rv$unique_vals})) -> <no result>
 0.000000   MetaHookPost  CallFunction(SumStats::register_observe_plugin, <frame>, (SumStats::VARIANCE, lambda_<6557258612059469785>{ if (1 < SumStats::rv$num) SumStats::rv$var_s += ((SumStats::val - SumStats::rv$prev_avg) * (SumStats::val - SumStats::rv$average))SumStats::calc_variance(SumStats::rv)SumStats::rv$prev_avg = SumStats::rv$average})) -> <no result>
 0.000000   MetaHookPost  CallFunction(SumStats::register_observe_plugins, <frame>, ()) -> <no result>
+0.000000   MetaHookPost  CallFunction(__init_primary_bifs, <null>, ()) -> <no result>
+0.000000   MetaHookPost  CallFunction(__init_secondary_bifs, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(current_time, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(filter_change_tracking, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(getenv, <null>, (CLUSTER_NODE)) -> <no result>
@@ -1205,7 +1207,7 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1594057891.73307, node=zeek, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Broker::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Config::LOG))
@@ -1386,7 +1388,7 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1594057891.73307, node=zeek, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(NetControl::check_plugins, <frame>, ())
 0.000000   MetaHookPre   CallFunction(NetControl::init, <null>, ())
 0.000000   MetaHookPre   CallFunction(Notice::want_pp, <frame>, ())
@@ -1492,6 +1494,8 @@
 0.000000   MetaHookPre   CallFunction(SumStats::register_observe_plugin, <frame>, (SumStats::UNIQUE, lambda_<10387912117292132662>{ if (!SumStats::rv?$unique_vals) SumStats::rv$unique_vals = (coerce set() to set[SumStats::Observation])if (SumStats::r?$unique_max) SumStats::rv$unique_max = SumStats::r$unique_maxif (!SumStats::r?$unique_max || sizeofSumStats::rv$unique_vals <= SumStats::r$unique_max) add SumStats::rv$unique_vals[SumStats::obs]SumStats::rv$unique = sizeofSumStats::rv$unique_vals}))
 0.000000   MetaHookPre   CallFunction(SumStats::register_observe_plugin, <frame>, (SumStats::VARIANCE, lambda_<6557258612059469785>{ if (1 < SumStats::rv$num) SumStats::rv$var_s += ((SumStats::val - SumStats::rv$prev_avg) * (SumStats::val - SumStats::rv$average))SumStats::calc_variance(SumStats::rv)SumStats::rv$prev_avg = SumStats::rv$average}))
 0.000000   MetaHookPre   CallFunction(SumStats::register_observe_plugins, <frame>, ())
+0.000000   MetaHookPre   CallFunction(__init_primary_bifs, <null>, ())
+0.000000   MetaHookPre   CallFunction(__init_secondary_bifs, <null>, ())
 0.000000   MetaHookPre   CallFunction(current_time, <frame>, ())
 0.000000   MetaHookPre   CallFunction(filter_change_tracking, <null>, ())
 0.000000   MetaHookPre   CallFunction(getenv, <null>, (CLUSTER_NODE))
@@ -2127,7 +2131,7 @@
 0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1594057891.73307, node=zeek, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction Log::add_default_filter(Broker::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Config::LOG)
@@ -2308,7 +2312,7 @@
 0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1594057891.73307, node=zeek, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction NetControl::check_plugins()
 0.000000 | HookCallFunction NetControl::init()
 0.000000 | HookCallFunction Notice::want_pp()
@@ -2414,6 +2418,8 @@
 0.000000 | HookCallFunction SumStats::register_observe_plugin(SumStats::UNIQUE, lambda_<10387912117292132662>{ if (!SumStats::rv?$unique_vals) SumStats::rv$unique_vals = (coerce set() to set[SumStats::Observation])if (SumStats::r?$unique_max) SumStats::rv$unique_max = SumStats::r$unique_maxif (!SumStats::r?$unique_max || sizeofSumStats::rv$unique_vals <= SumStats::r$unique_max) add SumStats::rv$unique_vals[SumStats::obs]SumStats::rv$unique = sizeofSumStats::rv$unique_vals})
 0.000000 | HookCallFunction SumStats::register_observe_plugin(SumStats::VARIANCE, lambda_<6557258612059469785>{ if (1 < SumStats::rv$num) SumStats::rv$var_s += ((SumStats::val - SumStats::rv$prev_avg) * (SumStats::val - SumStats::rv$average))SumStats::calc_variance(SumStats::rv)SumStats::rv$prev_avg = SumStats::rv$average})
 0.000000 | HookCallFunction SumStats::register_observe_plugins()
+0.000000 | HookCallFunction __init_primary_bifs()
+0.000000 | HookCallFunction __init_secondary_bifs()
 0.000000 | HookCallFunction current_time()
 0.000000 | HookCallFunction filter_change_tracking()
 0.000000 | HookCallFunction getenv(CLUSTER_NODE)
@@ -2762,7 +2768,7 @@
 0.000000 | HookLoadFile  base<...>/xmpp
 0.000000 | HookLoadFile  base<...>/zeek.bif.zeek
 0.000000 | HookLogInit   packet_filter 1/1 {ts (time), node (string), filter (string), init (bool), success (bool)}
-0.000000 | HookLogWrite  packet_filter [ts=1594057891.733070, node=zeek, filter=ip or not ip, init=T, success=T]
+0.000000 | HookLogWrite  packet_filter [ts=1598558690.596616, node=zeek, filter=ip or not ip, init=T, success=T]
 0.000000 | HookQueueEvent NetControl::init()
 0.000000 | HookQueueEvent filter_change_tracking()
 0.000000 | HookQueueEvent zeek_init()

testing/btest/language/global-init-calls-bif-using-builtin-type.zeek

@@ -0,0 +1,14 @@
+# @TEST-EXEC: zeek -b %INPUT >out
+# @TEST-EXEC: btest-diff out
+
+# This test isn't specifically testing the PacketFilter functionality, rather
+# that a global variable can be initialized using a BIF call and that BIF call
+# can make use of some global type pointers to builtin types/aliases.
+
+@load base/frameworks/packet-filter
+redef PacketFilter::restricted_filter = PacketFilter::port_to_bpf(80/tcp);
+
+event zeek_init()
+	{
+	print PacketFilter::restricted_filter;
+	}

testing/btest/language/global-init-calls-bif.zeek

@@ -0,0 +1,14 @@
+# @TEST-EXEC: zeek -b %INPUT >out
+# @TEST-EXEC: btest-diff out
+
+# This test isn't specifically testing the HLL cardinality functionality,
+# rather that a global variable can be initialized using a BIF call.
+# Also, it's particularly not a top-level BIF, but one defined in a subdir
+# of the Zeek source tree (those are treated differently than top-level BIFs).
+
+global my_cc = hll_cardinality_init(0.1, 0.999);
+
+hll_cardinality_add(my_cc, 1);
+hll_cardinality_add(my_cc, 2);
+hll_cardinality_add(my_cc, 3);
+print hll_cardinality_estimate(my_cc);

testing/btest/language/record-global-init-exception.zeek

@@ -0,0 +1,14 @@
+# @TEST-EXEC-FAIL: zeek -b %INPUT >out 2>&1
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out
+
+global my_count: count;
+
+type MyRecord: record {
+	f: count &default=my_count;
+};
+
+# This global initialization encounters the uninitialized 'my_count' when
+# evaluating the &default expression.  The test simply checking that the
+# interpreter exception is caught and at least fails out with a nice error
+# message instead of letting an uncaught exception cause termination.
+global my_record = MyRecord();