Add btests to verify Zeek's handling of SIGTERM and reading stdin

The core.load-stdin test checks Zeek's ability to read scripts from stdin. core.sigterm-regular and core.sigterm-stdin verify that SIGTERM shuts down a Zeek process during normal operation and while reading script content from stdin, respectively. For technical reasons we don't test with SIGINT, as ctrl-c would trigger -- see comments for details.
2025-10-02 06:38:20 +00:00 · 2022-07-08 12:47:10 -07:00 · 2022-07-08 12:47:10 -07:00 · 5beb68194d
commit 5beb68194d
parent 963b27f054
7 changed files with 132 additions and 0 deletions
--- a/testing/btest/Baseline/core.load-stdin/output.explicit
+++ b/testing/btest/Baseline/core.load-stdin/output.explicit
@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+stdin
--- a/testing/btest/Baseline/core.load-stdin/output.implicit
+++ b/testing/btest/Baseline/core.load-stdin/output.implicit
@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+stdin
--- a/testing/btest/Baseline/core.load-stdin/output.mixed
+++ b/testing/btest/Baseline/core.load-stdin/output.mixed
@ -0,0 +1,3 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+test
+stdin
--- a/testing/btest/Baseline/core.load-stdin/output.nostdin
+++ b/testing/btest/Baseline/core.load-stdin/output.nostdin
@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+test
--- a/testing/btest/core/load-stdin.zeek
+++ b/testing/btest/core/load-stdin.zeek
@ -0,0 +1,11 @@
+# This verifies Zeek's ability to load scripts from stdin.
+# @TEST-EXEC: echo 'print "stdin";' | zeek -b >output.implicit
+# @TEST-EXEC: echo 'print "stdin";' | zeek -b - >output.explicit
+# @TEST-EXEC: echo 'print "stdin";' | zeek -b %INPUT >output.nostdin
+# @TEST-EXEC: echo 'print "stdin";' | zeek -b %INPUT - >output.mixed
+# @TEST-EXEC: btest-diff output.implicit
+# @TEST-EXEC: btest-diff output.explicit
+# @TEST-EXEC: btest-diff output.nostdin
+# @TEST-EXEC: btest-diff output.mixed
+
+print "test";
--- a/testing/btest/core/sigterm-regular.sh
+++ b/testing/btest/core/sigterm-regular.sh
@ -0,0 +1,49 @@
+# This test verifies that Zeek terminates upon SIGTERM during regular script
+# processing.
+#
+# See the sigterm-stdin.sh test for additional explanation of what's happening.
+#
+# Use a separate output file since btest-bg-wait replaces .stdout/.stderr:
+# @TEST-EXEC: bash %INPUT >output 2>&1
+
+# Helper to return the PID of the Zeek process launched in the background.
+zeek_pid() {
+    # The btest-bg-run .pid file contains the parent of the Zeek process
+    local ppid=$(cat zeek/.pid)
+    ps -xo pid,ppid,comm | awk "\$2 == \"$ppid\" && \$3 == \"zeek\" { print \$1 }"
+}
+
+cleanup() {
+    btest-bg-wait -k 5
+}
+
+trap cleanup EXIT
+
+btest-bg-run zeek "zeek exit_only_after_terminate=T"
+
+# Wait until we see Zeek running.
+for i in $(seq 10); do
+    pid=$(zeek_pid)
+    [ -n "$pid" ] && break
+    sleep 1
+done
+
+if [ -z "$pid" ]; then
+    echo "Couldn't determine Zeek PID"
+    exit 1
+fi
+
+for i in $(seq 10); do
+    kill $pid
+    [ -z "$(zeek_pid)" ] && break
+    sleep 1
+done
+
+pid=$(zeek_pid)
+
+if [ -n "$pid" ]; then
+    echo "Zeek PID $pid did not shut down"
+    exit 1
+fi
+
+exit 0
--- a/testing/btest/core/sigterm-stdin.sh
+++ b/testing/btest/core/sigterm-stdin.sh
@ -0,0 +1,63 @@
+# This test verifies that Zeek, while reading stdin to parse scripts, terminates
+# upon SIGTERM.
+#
+# Running Zeek in a way that portably delivers SIGINT (as ctrl-c would do) is
+# tricky. With job control done locally in this script, even when run by an
+# interactive bash, SIGINT is blocked. When running via btest-bg-run, the
+# backgrounded processes have their SIGINT and SIGQUIT blocked, per POSIX:
+# https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html
+#
+# Use a separate output file since btest-bg-wait replaces .stdout/.stderr:
+# @TEST-EXEC: bash %INPUT >output 2>&1
+
+# Helper to return the PID of the Zeek process launched in the background.
+zeek_pid() {
+    # The btest-bg-run .pid file contains the parent of the Zeek process
+    local ppid=$(cat zeek/.pid)
+    ps -xo pid,ppid,comm | awk "\$2 == \"$ppid\" && \$3 == \"zeek\" { print \$1 }"
+}
+
+cleanup() {
+    btest-bg-wait -k 5
+}
+
+trap cleanup EXIT
+
+# Launch Zeek so it stalls, reading from stdin.
+mkfifo input
+btest-bg-run zeek "cat ../input | zeek"
+
+# Wait until we see Zeek running.
+for i in $(seq 10); do
+    pid=$(zeek_pid)
+    [ -n "$pid" ] && break
+    sleep 1
+done
+
+if [ -z "$pid" ]; then
+    echo "Couldn't determine Zeek PID"
+    exit 1
+fi
+
+# Now try several times to terminate the process via SIGTERM. We try repeatedly
+# because we might hit Zeek in a brief window in time where the signal is
+# blocked -- it gets unblocked during the parsing stage, since this enables
+# ctrl-c to work during interactive input.
+#
+# Terminating Zeek does not terminate the "cat", since the latter would only
+# notice upon a data write that the pipe is gone. We leave it to btest-bg-wait
+# to clean up at exit.
+for i in $(seq 10); do
+    kill $pid
+    [ -z "$(zeek_pid)" ] && break
+    sleep 1
+done
+
+pid=$(zeek_pid)
+
+if [ -n "$pid" ]; then
+    echo "Zeek PID $pid did not shut down"
+    exit 1
+fi
+
+exit 0