Remove redundant memory leak btests

Or otherwise convert into a regular btest if it didn't already seem to be covered. There's no need for a separate memory leak test group since compiling with LeakSanitizer now covers leak checking for the full btest suite.
2025-10-02 14:48:21 +00:00 · 2020-01-01 14:29:31 -08:00 · 2020-01-01 14:29:31 -08:00 · e6f4e01041
commit e6f4e01041
parent 44d922c4b5
85 changed files with 105 additions and 4432 deletions
--- a/testing/btest/Baseline/core.leaks.hll_cluster/manager-1..stdout
+++ b/testing/btest/Baseline/core.leaks.hll_cluster/manager-1..stdout
--- a/testing/btest/Baseline/core.leaks.hll_cluster/worker-1..stdout
+++ b/testing/btest/Baseline/core.leaks.hll_cluster/worker-1..stdout
--- a/testing/btest/Baseline/core.leaks.hll_cluster/worker-2..stdout
+++ b/testing/btest/Baseline/core.leaks.hll_cluster/worker-2..stdout
--- a/testing/btest/Baseline/core.leaks.basic-cluster/manager-1.metrics.log
+++ b/testing/btest/Baseline/core.leaks.basic-cluster/manager-1.metrics.log
@ -1,12 +0,0 @@
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	metrics
 #open	2012-07-20-01-50-41
 #fields	ts	metric_id	filter_name	index.host	index.str	index.network	value
 #types	time	enum	string	addr	string	subnet	count
 1342749041.601712	TEST_METRIC	foo-bar	6.5.4.3	-	-	4
 1342749041.601712	TEST_METRIC	foo-bar	7.2.1.5	-	-	2
 1342749041.601712	TEST_METRIC	foo-bar	1.2.3.4	-	-	6
 #close	2012-07-20-01-50-49
--- a/testing/btest/Baseline/core.leaks.broker.clone_store/clone.clone.out
+++ b/testing/btest/Baseline/core.leaks.broker.clone_store/clone.clone.out
@ -1,24 +0,0 @@
 ----
 clone, one, Broker::SUCCESS, [data=broker::data{110}]
 clone, two, Broker::SUCCESS, [data=broker::data{223}]
 clone, [1, 2], Broker::SUCCESS, [data=broker::data{1947/tcp}]
 clone, three, Broker::FAILURE, [data=<uninitialized>]
 clone, four, Broker::FAILURE, [data=<uninitialized>]
 clone, five, Broker::FAILURE, [data=<uninitialized>]
 clone, six, Broker::FAILURE, [data=<uninitialized>]
 ----
 clone, one, Broker::SUCCESS, [data=broker::data{110}]
 clone, two, Broker::SUCCESS, [data=broker::data{223}]
 clone, [1, 2], Broker::SUCCESS, [data=broker::data{1947/tcp}]
 clone, three, Broker::SUCCESS, [data=broker::data{3.140000}]
 clone, four, Broker::SUCCESS, [data=broker::data{1.2.3.4}]
 clone, five, Broker::FAILURE, [data=<uninitialized>]
 clone, six, Broker::FAILURE, [data=<uninitialized>]
 ----
 clone, one, Broker::SUCCESS, [data=broker::data{110}]
 clone, two, Broker::SUCCESS, [data=broker::data{223}]
 clone, [1, 2], Broker::SUCCESS, [data=broker::data{1947/tcp}]
 clone, three, Broker::SUCCESS, [data=broker::data{3.140000}]
 clone, four, Broker::FAILURE, [data=<uninitialized>]
 clone, five, Broker::SUCCESS, [data=broker::data{555}]
 clone, six, Broker::SUCCESS, [data=broker::data{666}]
--- a/testing/btest/Baseline/core.leaks.broker.data/zeek..stdout
+++ b/testing/btest/Baseline/core.leaks.broker.data/zeek..stdout
@ -1,120 +0,0 @@
 Broker::BOOL
 Broker::INT
 Broker::COUNT
 Broker::DOUBLE
 Broker::STRING
 Broker::ADDR
 Broker::SUBNET
 Broker::PORT
 Broker::TIME
 Broker::INTERVAL
 Broker::ENUM
 Broker::SET
 Broker::TABLE
 Broker::VECTOR
 Broker::VECTOR
 ***************************
 T
 F
 1
 0
 -1
 1
 0
 1.1
 -11.1
 hello
 1.2.3.4
 192.168.0.0/16
 22/tcp
 42.0
 180.0
 Broker::BOOL
 {
 two,
 one,
 three
 }
 {
 [two] = 2,
 [one] = 1,
 [three] = 3
 }
 [zero, one, two]
 [a=<uninitialized>, b=bee, c=1]
 [a=test, b=bee, c=1]
 [a=test, b=testagain, c=1]
 ***************************
 0
 T
 1
 T
 F
 T
 2
 F
 2
 T
 1
 F
 {
 bye
 }
 T
 0
 {
 }
 ***************************
 0
 [data=<uninitialized>]
 1
 T
 42
 F
 [data=<uninitialized>]
 2
 [data=broker::data{7}]
 2
 37
 [data=broker::data{42}]
 1
 [data=<uninitialized>]
 1
 T
 0
 {
 }
 ***************************
 0
 T
 T
 T
 T
 [hi, salutations, hello, greetings]
 4
 [data=broker::data{hello}]
 [data=broker::data{bah}]
 [data=broker::data{hi}]
 [hi, salutations, bah, greetings]
 [data=broker::data{bah}]
 [hi, salutations, greetings]
 3
 T
 0
 []
 ***************************
 3
 T
 T
 T
 [data=broker::data{hi}]
 [data=broker::data{hello}]
 [data=broker::data{37}]
 3
 T
 3
 [data=broker::data{goodbye}]
 ***************************
 T
--- a/testing/btest/Baseline/core.leaks.broker.remote_event/recv.recv.out
+++ b/testing/btest/Baseline/core.leaks.broker.remote_event/recv.recv.out
@ -1,6 +0,0 @@
 got event msg, ping, 0
 got event msg, ping, 1
 got event msg, ping, 2
 got event msg, ping, 3
 got event msg, ping, 4
 got event msg, ping, 5
--- a/testing/btest/Baseline/core.leaks.broker.remote_event/send.send.out
+++ b/testing/btest/Baseline/core.leaks.broker.remote_event/send.send.out
@ -1,11 +0,0 @@
 Broker peer added, 127.0.0.1
 got event msg, pong, 0
 got auto event msg, ping, 0
 got event msg, pong, 1
 got auto event msg, ping, 1
 got event msg, pong, 2
 got auto event msg, ping, 2
 got event msg, pong, 3
 got auto event msg, ping, 3
 got event msg, pong, 4
 got auto event msg, ping, 4
--- a/testing/btest/Baseline/core.leaks.broker.remote_log/recv.recv.out
+++ b/testing/btest/Baseline/core.leaks.broker.remote_log/recv.recv.out
--- a/testing/btest/Baseline/core.leaks.broker.remote_log/recv.test.log
+++ b/testing/btest/Baseline/core.leaks.broker.remote_log/recv.test.log
@ -1,15 +0,0 @@
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	test
 #open	2017-04-26-01-04-25
 #fields	msg	num
 #types	string	count
 ping	0
 ping	1
 ping	2
 ping	3
 ping	4
 ping	5
 #close	2017-04-26-01-04-26
--- a/testing/btest/Baseline/core.leaks.broker.remote_log/send.send.out
+++ b/testing/btest/Baseline/core.leaks.broker.remote_log/send.send.out
@ -1 +0,0 @@
 Broker peer added, 127.0.0.1
--- a/testing/btest/Baseline/core.leaks.broker.remote_log/send.test.log
+++ b/testing/btest/Baseline/core.leaks.broker.remote_log/send.test.log
@ -1,15 +0,0 @@
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	test
 #open	2017-04-26-01-04-25
 #fields	msg	num
 #types	string	count
 ping	0
 ping	1
 ping	2
 ping	3
 ping	4
 ping	5
 #close	2017-04-26-01-04-26
--- a/testing/btest/Baseline/core.leaks.closure-sending/recv.recv.out
+++ b/testing/btest/Baseline/core.leaks.closure-sending/recv.recv.out
@ -1,26 +0,0 @@
 hello :-)
 peer added
 receiver got ping: function 2
 inside: 1 | outside: 11 | global: 100
 77
 receiver got ping: function 1
 begin: 100 | base_step: 2
 begin: 100 | base_step: 2 | step: 76
 178
 receiver got ping: function 2
 inside: 3 | outside: 11 | global: 100
 79
 receiver got ping: function 1
 begin: 100 | base_step: 4
 begin: 100 | base_step: 4 | step: 76
 180
 receiver got ping: function 2
 inside: 5 | outside: 11 | global: 100
 81
 receiver got ping: function 1
 begin: 100 | base_step: 6
 begin: 100 | base_step: 6 | step: 76
 182
 receiver got ping: function 2
 inside: 7 | outside: 11 | global: 100
 83
--- a/testing/btest/Baseline/core.leaks.closure-sending/send.send.out
+++ b/testing/btest/Baseline/core.leaks.closure-sending/send.send.out
@ -1,31 +0,0 @@
 hello :)
 peer added
 begin: 100 | base_step: 50
 sender got pong: function 2
 inside: 1 | outside: 11 | global: 10
 77
 begin: 100 | base_step: 50
 sender got pong: function 1
 begin: 178 | base_step: 2
 begin: 178 | base_step: 2 | step: 76
 256
 begin: 100 | base_step: 50
 sender got pong: function 2
 inside: 3 | outside: 11 | global: 10
 79
 begin: 100 | base_step: 50
 sender got pong: function 1
 begin: 180 | base_step: 4
 begin: 180 | base_step: 4 | step: 76
 260
 begin: 100 | base_step: 50
 sender got pong: function 2
 inside: 5 | outside: 11 | global: 10
 81
 begin: 100 | base_step: 50
 sender got pong: function 1
 begin: 182 | base_step: 6
 begin: 182 | base_step: 6 | step: 76
 264
 begin: 100 | base_step: 50
 peer lost
--- a/testing/btest/Baseline/scripts.base.protocols.irc.basic/out
+++ b/testing/btest/Baseline/scripts.base.protocols.irc.basic/out
@ -0,0 +1,58 @@
 irc_names_info, #easymovies, {
 WhatmeWor,
 starred,
 fvlkni,
 NeverServe,
 zgdB8_VzO,
 +TrEeHoUsE,
 zEmm,
 dezmond411,
 mikejo1,
 freeeman33,
 aJerk,
 +Luccutis,
 jafafar,
 |EasyMovie|,
 cguide,
 skillZ,
 +i-am-mojo,
 mo5,
 +Xedrethor,
 kitts,
 macbeth420,
 Picard,
 `Xenu,
 +gordon1`^,
 N2Oblivion,
 scum,
 bloed,
 katniss,
 GordonCamero,
 +Max_Renn,
 mzazzali,
 Verge,
 bouleemil,
 eag,
 +`AngelnTx,
 +Killazherb,
 gasman2,
 HagBard,
 wanker,
 habzels,
 ericdraven,
 nofire,
 +thenagualII,
 bga,
 friida,
 +ladyvampress,
 tonysaunt,
 Peebo,
 slickrick2
 }
 irc_names_info, #easymovies, {
 dx3d51,
 TinCan,
 Nachos,
 Latika,
 TooFast
 }
--- a/testing/btest/Baseline/scripts.base.protocols.krb.krb-service-name/conn.log
+++ b/testing/btest/Baseline/scripts.base.protocols.krb.krb-service-name/conn.log
@ -0,0 +1,10 @@
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	conn
 #open	2020-01-01-22-01-07
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	local_resp	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
 #types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	bool	count	string	count	count	count	count	set[string]
 1331918844.980000	CHhAvVGS1DHFjwGM9	192.168.202.110	43792	192.168.229.251	88	tcp	krb_tcp	0.010000	110	90	S1	-	-	0	^hADd	2	214	2	206	-
 #close	2020-01-01-22-01-07
--- a/testing/btest/Baseline/scripts.base.protocols.krb.krb-service-name/kerberos.log
+++ b/testing/btest/Baseline/scripts.base.protocols.krb.krb-service-name/kerberos.log
@ -0,0 +1,10 @@
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	kerberos
 #open	2020-01-01-22-01-07
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	request_type	client	service	success	error_msg	from	till	cipher	forwardable	renewable	client_cert_subject	client_cert_fuid	server_cert_subject	server_cert_fuid
 #types	time	string	addr	port	addr	port	string	string	string	bool	string	time	time	string	bool	bool	string	string	string	string
 1331918844.990000	CHhAvVGS1DHFjwGM9	192.168.202.110	43792	192.168.229.251	88	AS	/kerberos_realm_time.nasl	krbtgt/HEC.NET	F	KRB_ERR_GENERIC	-	2136422885.000000	-	T	F	-	-	-	-
 #close	2020-01-01-22-01-07
--- a/testing/btest/core/leaks/hll_cluster.zeek
+++ b/testing/btest/core/leaks/hll_cluster.zeek
@ -1,17 +1,12 @@
 # Needs perftools support.
 #
 # @TEST-PORT: BROKER_PORT1
 # @TEST-PORT: BROKER_PORT2
 # @TEST-PORT: BROKER_PORT3
 # @TEST-GROUP: leaks
 #
-# @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
+# @TEST-EXEC: zeek %INPUT>out
-#
+# @TEST-EXEC: btest-bg-run manager-1 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=manager-1 zeek %INPUT
-# @TEST-EXEC: zeek -m %INPUT>out
+# @TEST-EXEC: btest-bg-run worker-1 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-1 zeek runnumber=1 %INPUT
-# @TEST-EXEC: btest-bg-run manager-1 HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=manager-1 zeek -m %INPUT
+# @TEST-EXEC: btest-bg-run worker-2 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-2 zeek runnumber=2 %INPUT
-# @TEST-EXEC: btest-bg-run worker-1 HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-1 zeek -m runnumber=1 %INPUT
+# @TEST-EXEC: btest-bg-wait 30
 # @TEST-EXEC: btest-bg-run worker-2 HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-2 zeek -m runnumber=2 %INPUT
 # @TEST-EXEC: btest-bg-wait 120
 #
 # @TEST-EXEC: btest-diff manager-1/.stdout
 # @TEST-EXEC: btest-diff worker-1/.stdout
--- a/testing/btest/core/leaks/ayiya.test
+++ b/testing/btest/core/leaks/ayiya.test
@ -1,8 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/tunnels/ayiya3.trace
 # @TEST-EXEC: btest-bg-wait 90
--- a/testing/btest/core/leaks/basic-cluster.zeek
+++ b/testing/btest/core/leaks/basic-cluster.zeek
@ -1,90 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-PORT: BROKER_PORT1
 # @TEST-PORT: BROKER_PORT2
 # @TEST-PORT: BROKER_PORT3
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: btest-bg-run manager-1 HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=manager-1 zeek -m %INPUT
 # @TEST-EXEC: btest-bg-run worker-1  HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-1 zeek -m %INPUT
 # @TEST-EXEC: btest-bg-run worker-2  HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-2 zeek -m %INPUT
 # @TEST-EXEC: btest-bg-wait 120
@TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {
 	["manager-1"] = [$node_type=Cluster::MANAGER, $ip=127.0.0.1, $p=to_port(getenv("BROKER_PORT1"))],
 	["worker-1"]  = [$node_type=Cluster::WORKER,  $ip=127.0.0.1, $p=to_port(getenv("BROKER_PORT2")), $manager="manager-1", $interface="eth0"],
 	["worker-2"]  = [$node_type=Cluster::WORKER,  $ip=127.0.0.1, $p=to_port(getenv("BROKER_PORT3")), $manager="manager-1", $interface="eth1"],
 };
@TEST-END-FILE
 redef Log::default_rotation_interval = 0secs;
 global n = 0;
 event zeek_init() &priority=5
 	{
 	local r1: SumStats::Reducer = [$stream="test", $apply=set(SumStats::SUM, SumStats::MIN, SumStats::MAX, SumStats::AVERAGE, SumStats::STD_DEV, SumStats::VARIANCE, SumStats::UNIQUE)];
 	SumStats::create([$name="test",
 	                  $epoch=5secs,
 	                  $reducers=set(r1),
 	                  $epoch_result(ts: time, key: SumStats::Key, result: SumStats::Result) =
 	                  	{
 	                  	local r = result["test"];
 	                  	print fmt("Host: %s - num:%d - sum:%.1f - avg:%.1f - max:%.1f - min:%.1f - var:%.1f - std_dev:%.1f - unique:%d", key$host, r$num, r$sum, r$average, r$max, r$min, r$variance, r$std_dev, r$unique);
 	                  	},
 	                  $epoch_finished(ts: time) =
 	                  	{
 	                  	terminate();
 	                  	}]);
 	}
 event Broker::peer_lost(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	terminate();
 	}
 global ready_for_data: event();
 event zeek_init()
 	{
 	Broker::auto_publish(Cluster::worker_topic, ready_for_data);
 	}
 event ready_for_data()
 	{
 	if ( Cluster::node == "worker-1" )
 		{
 		SumStats::observe("test", [$host=1.2.3.4], [$num=34]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=30]);
 		SumStats::observe("test", [$host=6.5.4.3], [$num=1]);
 		SumStats::observe("test", [$host=7.2.1.5], [$num=54]);
 		}
 	if ( Cluster::node == "worker-2" )
 		{
 		SumStats::observe("test", [$host=1.2.3.4], [$num=75]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=30]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=3]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=57]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=52]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=61]);
 		SumStats::observe("test", [$host=1.2.3.4], [$num=95]);
 		SumStats::observe("test", [$host=6.5.4.3], [$num=5]);
 		SumStats::observe("test", [$host=7.2.1.5], [$num=91]);
 		SumStats::observe("test", [$host=10.10.10.10], [$num=5]);
 		}
 	}
@if ( Cluster::local_node_type() == Cluster::MANAGER )
 global peer_count = 0;
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	++peer_count;
 	if ( peer_count == 2 )
 		event ready_for_data();
 	}
@endif
--- a/testing/btest/core/leaks/bloomfilter.zeek
+++ b/testing/btest/core/leaks/bloomfilter.zeek
@ -1,101 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 function test_basic_bloom_filter()
  {
  # Basic usage with counts.
  local bf_cnt = bloomfilter_basic_init(0.1, 1000);
  bloomfilter_add(bf_cnt, 42);
  bloomfilter_add(bf_cnt, 84);
  bloomfilter_add(bf_cnt, 168);
  print bloomfilter_lookup(bf_cnt, 0);
  print bloomfilter_lookup(bf_cnt, 42);
  print bloomfilter_lookup(bf_cnt, 168);
  print bloomfilter_lookup(bf_cnt, 336);
  bloomfilter_add(bf_cnt, 0.5); # Type mismatch
  bloomfilter_add(bf_cnt, "foo"); # Type mismatch
  # Alternative constructor.
  local bf_dbl = bloomfilter_basic_init2(4, 10);
  bloomfilter_add(bf_dbl, 4.2);
  bloomfilter_add(bf_dbl, 3.14);
  print bloomfilter_lookup(bf_dbl, 4.2);
  print bloomfilter_lookup(bf_dbl, 3.14);
  # Basic usage with strings.
  local bf_str = bloomfilter_basic_init(0.9, 10);
  bloomfilter_add(bf_str, "foo");
  bloomfilter_add(bf_str, "bar");
  print bloomfilter_lookup(bf_str, "foo");
  print bloomfilter_lookup(bf_str, "bar");
  print bloomfilter_lookup(bf_str, "bazzz"), "fp"; # FP
  print bloomfilter_lookup(bf_str, "quuux"), "fp"; # FP
  bloomfilter_add(bf_str, 0.5); # Type mismatch
  bloomfilter_add(bf_str, 100); # Type mismatch
  # Edge cases.
  local bf_edge0 = bloomfilter_basic_init(0.000000000001, 1);
  local bf_edge1 = bloomfilter_basic_init(0.00000001, 100000000);
  local bf_edge2 = bloomfilter_basic_init(0.9999999, 1);
  local bf_edge3 = bloomfilter_basic_init(0.9999999, 100000000000);
  # Invalid parameters.
  local bf_bug0 = bloomfilter_basic_init(-0.5, 42);
  local bf_bug1 = bloomfilter_basic_init(1.1, 42);
  # Merging
  local bf_cnt2 = bloomfilter_basic_init(0.1, 1000);
  bloomfilter_add(bf_cnt2, 42);
  bloomfilter_add(bf_cnt, 100);
  local bf_merged = bloomfilter_merge(bf_cnt, bf_cnt2);
  print bloomfilter_lookup(bf_merged, 42);
  print bloomfilter_lookup(bf_merged, 84);
  print bloomfilter_lookup(bf_merged, 100);
  print bloomfilter_lookup(bf_merged, 168);
  #empty filter tests
  local bf_empty = bloomfilter_basic_init(0.1, 1000);
  local bf_empty_merged = bloomfilter_merge(bf_merged, bf_empty);
  print bloomfilter_lookup(bf_empty_merged, 42);
  }
 function test_counting_bloom_filter()
  {
  local bf = bloomfilter_counting_init(3, 32, 3);
  bloomfilter_add(bf, "foo");
  print bloomfilter_lookup(bf, "foo");    # 1
  bloomfilter_add(bf, "foo");
  print bloomfilter_lookup(bf, "foo");    # 2
  bloomfilter_add(bf, "foo");
  print bloomfilter_lookup(bf, "foo");    # 3
  bloomfilter_add(bf, "foo");
  print bloomfilter_lookup(bf, "foo");    # still 3
  bloomfilter_add(bf, "bar");
  bloomfilter_add(bf, "bar");
  print bloomfilter_lookup(bf, "bar");    # 2
  print bloomfilter_lookup(bf, "foo");    # still 3
  # Merging
  local bf2 = bloomfilter_counting_init(3, 32, 3);
  bloomfilter_add(bf2, "baz");
  bloomfilter_add(bf2, "baz");
  bloomfilter_add(bf2, "bar");
  local bf_merged = bloomfilter_merge(bf, bf2);
  print bloomfilter_lookup(bf_merged, "foo");
  print bloomfilter_lookup(bf_merged, "bar");
  print bloomfilter_lookup(bf_merged, "baz");
  }
 event new_connection(c: connection)
  {
  test_basic_bloom_filter();
  test_counting_bloom_filter();
  }
--- a/testing/btest/core/leaks/broker/clone_store.zeek
+++ b/testing/btest/core/leaks/broker/clone_store.zeek
@ -1,144 +0,0 @@
 # @TEST-PORT: BROKER_PORT
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-GROUP: leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run clone "zeek -m -b ../clone.zeek >clone.out"
 # @TEST-EXEC: btest-bg-run master "zeek -b ../master.zeek >master.out"
 # @TEST-EXEC: btest-bg-wait 90
 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff clone/clone.out
@TEST-START-FILE master.zeek
 redef exit_only_after_terminate = T;
 global query_timeout = 1sec;
 global ready: event();
 global h: opaque of Broker::Store;
 function print_index(k: any)
        {
        when ( local r = Broker::get(h, k) )
                {
                print "master", k, r$status, r$result;
                }
        timeout query_timeout
                {
                print "master", fmt("clone <timeout for %s>", k);
                }
        }
 event done()
 	{
 	terminate();
 	}
 event inserted()
 	{
 	Broker::erase(h, "four");
 	print("----");
 	print_index("one");
 	print_index("two");
 	print_index(vector(1,2));
 	print_index("three");
 	print_index("four");
 	print_index("five");
 	print_index("six");
        schedule 2secs { done() };
 	}
 event zeek_init()
 	{
 	Broker::auto_publish("bro/events", done);
 	Broker::subscribe("bro/");
 	h = Broker::create_master("test");
 	Broker::put(h, "one", "110");
 	Broker::put(h, "two", 223);
 	Broker::put(h, vector(1,2), 1947/tcp);
 	Broker::peer("127.0.0.1", to_port(getenv("BROKER_PORT")));
 	}
 event insert_more()
 	{
 	Broker::put(h, "three", 3.14);
 	Broker::put(h, "four", 1.2.3.4);
 	}
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
 	{
        schedule 4secs { insert_more() };
 	}
@TEST-END-FILE
@TEST-START-FILE clone.zeek
 redef exit_only_after_terminate = T;
 global query_timeout = 1sec;
 global h: opaque of Broker::Store;
 global inserted: event();
 function print_index(k: any)
        {
        when ( local r = Broker::get(h, k) )
                {
                print "clone", k, r$status, r$result;
                }
        timeout query_timeout
                {
                print "clone", fmt("clone <timeout for %s>", k);
                }
        }
 event lookup(stage: count)
 	{
 	print("----");
 	print_index("one");
 	print_index("two");
 	print_index(vector(1,2));
 	print_index("three");
 	print_index("four");
 	print_index("five");
 	print_index("six");
 	if ( stage == 1 )
 		schedule 4secs { lookup(2) };
 	if ( stage == 2 )
 		{
 		Broker::put(h, "five", "555");
 		Broker::put(h, "six", "666");
 		event inserted();
 		schedule 2secs { lookup(3) };
 		}
 	}
 event done()
 	{
 	terminate();
 	}
 event zeek_init()
 	{
 	Broker::auto_publish("bro/events", inserted);
 	Broker::subscribe("bro/");
 	Broker::listen("127.0.0.1", to_port(getenv("BROKER_PORT")));
 	}
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	h = Broker::create_clone("test");
 	schedule 2secs { lookup(1) };
 	}
@TEST-END-FILE
--- a/testing/btest/core/leaks/broker/data.zeek
+++ b/testing/btest/core/leaks/broker/data.zeek
@ -1,270 +0,0 @@
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-GROUP: leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 # @TEST-EXEC: btest-diff zeek/.stdout
 type bro_set: set[string];
 type bro_table: table[string] of count;
 type bro_vector: vector of string;
 type bro_record : record {
 	a: string &optional;
 	b: string &default = "bee";
 	c: count;
 };
 function broker_to_bro_record_recurse(it: opaque of Broker::RecordIterator,
                                      rval: bro_record,
                                      idx: count): bro_record
 	{
 	if ( Broker::record_iterator_last(it) )
 		return rval;
 	local field_value = Broker::record_iterator_value(it);
 	if ( field_value?$data )
 		switch ( idx ) {
 		case 0:
 			rval$a = field_value as string;
 			break;
 		case 1:
 			rval$b = field_value as string;
 			break;
 		case 2:
 			rval$c = field_value as count;
 			break;
 		};
 	++idx;
 	Broker::record_iterator_next(it);
 	return broker_to_bro_record_recurse(it, rval, idx);
 	}
 function broker_to_bro_record(d: Broker::Data): bro_record
 	{
 	return broker_to_bro_record_recurse(Broker::record_iterator(d),
 	                                    bro_record($c = 0), 0);
 	}
 function
 broker_to_bro_set_recurse(it: opaque of Broker::SetIterator,
                            rval: bro_set): bro_set
 	{
 	if ( Broker::set_iterator_last(it) )
 		return rval;
 	add rval[Broker::set_iterator_value(it) as string];
 	Broker::set_iterator_next(it);
 	return broker_to_bro_set_recurse(it, rval);
 	}
 function broker_to_bro_set(d: Broker::Data): bro_set
 	{
 	return broker_to_bro_set_recurse(Broker::set_iterator(d), bro_set());
 	}
 function
 broker_to_bro_table_recurse(it: opaque of Broker::TableIterator,
                                rval: bro_table): bro_table
 	{
 	if ( Broker::table_iterator_last(it) )
 		return rval;
 	local item = Broker::table_iterator_value(it);
 	rval[item$key as string] = item$val as count;
 	Broker::table_iterator_next(it);
 	return broker_to_bro_table_recurse(it, rval);
 	}
 function broker_to_bro_table(d: Broker::Data): bro_table
 	{
 	return broker_to_bro_table_recurse(Broker::table_iterator(d),
 	                                   bro_table());
 	}
 function broker_to_bro_vector_recurse(it: opaque of Broker::VectorIterator,
                                      rval: bro_vector): bro_vector
 	{
 	if ( Broker::vector_iterator_last(it) )
 		return rval;
 	rval += Broker::vector_iterator_value(it) as string;
 	Broker::vector_iterator_next(it);
 	return broker_to_bro_vector_recurse(it, rval);
 	}
 function broker_to_bro_vector(d: Broker::Data): bro_vector
 	{
 	return broker_to_bro_vector_recurse(Broker::vector_iterator(d),
 	                                    bro_vector());
 	}
 global did_it = F;
 event new_connection(c: connection)
 {
 if ( did_it ) return;
 did_it = T;
 ### Print every Broker data type
 print Broker::data_type(Broker::data(T));
 print Broker::data_type(Broker::data(+1));
 print Broker::data_type(Broker::data(1));
 print Broker::data_type(Broker::data(1.1));
 print Broker::data_type(Broker::data("1 (how creative)"));
 print Broker::data_type(Broker::data(1.1.1.1));
 print Broker::data_type(Broker::data(1.1.1.1/1));
 print Broker::data_type(Broker::data(1/udp));
 print Broker::data_type(Broker::data(double_to_time(1)));
 print Broker::data_type(Broker::data(1sec));
 print Broker::data_type(Broker::data(Broker::BOOL));
 local s: bro_set = bro_set("one", "two", "three");
 local t: bro_table = bro_table(["one"] = 1, ["two"] = 2, ["three"] = 3);
 local v: bro_vector = bro_vector("zero", "one", "two");
 local r: bro_record = bro_record($c = 1);
 print Broker::data_type(Broker::data(s));
 print Broker::data_type(Broker::data(t));
 print Broker::data_type(Broker::data(v));
 print Broker::data_type(Broker::data(r));
 print "***************************";
 ### Convert a Zeek value to a Broker value, then print the result
 print (Broker::data(T)) as bool;
 print (Broker::data(F)) as bool;
 print (Broker::data(+1)) as int;
 print (Broker::data(+0)) as int;
 print (Broker::data(-1)) as int;
 print (Broker::data(1)) as count;
 print (Broker::data(0)) as count;
 print (Broker::data(1.1)) as double;
 print (Broker::data(-11.1)) as double;
 print (Broker::data("hello")) as string;
 print (Broker::data(1.2.3.4)) as addr;
 print (Broker::data(192.168.1.1/16)) as subnet;
 print (Broker::data(22/tcp)) as port;
 print (Broker::data(double_to_time(42))) as time;
 print (Broker::data(3min)) as interval;
 print (Broker::data(Broker::BOOL)) as Broker::DataType;
 local cs = Broker::data(s);
 print broker_to_bro_set(cs);
 local ct = Broker::data(t);
 print broker_to_bro_table(ct);
 local cv = Broker::data(v);
 print broker_to_bro_vector(cv);
 local cr = Broker::data(r);
 print broker_to_bro_record(cr);
 r$a = "test";
 cr = Broker::data(r);
 print broker_to_bro_record(cr);
 r$b = "testagain";
 cr = Broker::data(r);
 print broker_to_bro_record(cr);
 print "***************************";
 ### Test the Broker set BIFs
 cs = Broker::set_create();
 print Broker::set_size(cs);
 print Broker::set_insert(cs, ("hi"));
 print Broker::set_size(cs);
 print Broker::set_contains(cs, ("hi"));
 print Broker::set_contains(cs, ("bye"));
 print Broker::set_insert(cs, ("bye"));
 print Broker::set_size(cs);
 print Broker::set_insert(cs, ("bye"));
 print Broker::set_size(cs);
 print Broker::set_remove(cs, ("hi"));
 print Broker::set_size(cs);
 print Broker::set_remove(cs, ("hi"));
 print broker_to_bro_set(cs);
 print Broker::set_clear(cs);
 print Broker::set_size(cs);
 print broker_to_bro_set(cs);
 print "***************************";
 ### Test the Broker table BIFs
 ct = Broker::table_create();
 print Broker::table_size(ct);
 print Broker::table_insert(ct, ("hi"), (42));
 print Broker::table_size(ct);
 print Broker::table_contains(ct, ("hi"));
 print (Broker::table_lookup(ct, ("hi"))) as count;
 print Broker::table_contains(ct, ("bye"));
 print Broker::table_insert(ct, ("bye"), (7));
 print Broker::table_size(ct);
 print Broker::table_insert(ct, ("bye"), (37));
 print Broker::table_size(ct);
 print (Broker::table_lookup(ct, ("bye"))) as count;
 print Broker::table_remove(ct, ("hi"));
 print Broker::table_size(ct);
 print Broker::table_remove(ct, ("hi"));
 print Broker::table_size(ct);
 print Broker::table_clear(ct);
 print Broker::table_size(ct);
 print broker_to_bro_table(ct);
 print "***************************";
 ### Test the Broker vector BIFs
 cv = Broker::vector_create();
 print Broker::vector_size(cv);
 print Broker::vector_insert(cv, 0, ("hi"));
 print Broker::vector_insert(cv, 1, ("hello"));
 print Broker::vector_insert(cv, 2, ("greetings"));
 print Broker::vector_insert(cv, 1, ("salutations"));
 print broker_to_bro_vector(cv);
 print Broker::vector_size(cv);
 print Broker::vector_replace(cv, 2, ("bah"));
 print Broker::vector_lookup(cv, 2);
 print Broker::vector_lookup(cv, 0);
 print broker_to_bro_vector(cv);
 print Broker::vector_remove(cv, 2);
 print broker_to_bro_vector(cv);
 print Broker::vector_size(cv);
 print Broker::vector_clear(cv);
 print Broker::vector_size(cv);
 print broker_to_bro_vector(cv);
 print "***************************";
 ### Test the Broker record BIFs
 cr = Broker::record_create(3);
 print Broker::record_size(cr);
 print Broker::record_assign(cr, 0, ("hi"));
 print Broker::record_assign(cr, 1, ("hello"));
 print Broker::record_assign(cr, 2, (37));
 print Broker::record_lookup(cr, 0);
 print Broker::record_lookup(cr, 1);
 print Broker::record_lookup(cr, 2);
 print Broker::record_size(cr);
 print Broker::record_assign(cr, 1, ("goodbye"));
 print Broker::record_size(cr);
 print Broker::record_lookup(cr, 1);
 print "***************************";
 ### Test an opaque value
 local k1: opaque of topk = topk_init(4);
 topk_add(k1, "a");
 print Broker::data(k1) is opaque of topk;
 Broker::data(k1) as opaque of topk;
 }
--- a/testing/btest/core/leaks/broker/master_store.zeek
+++ b/testing/btest/core/leaks/broker/master_store.zeek
@ -1,149 +0,0 @@
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-GROUP: leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef exit_only_after_terminate = T;
 global query_timeout = 45sec;
 global h: opaque of Broker::Store;
 global step: count = 0;
 function print_index(k: any)
 	{
 	when ( local r = Broker::get(h, k) )
 		{
 		step += 1;
 		print fmt("[%d]", step), k, r$status, r$result;
 		}
 	timeout query_timeout
 		{
 		step += 1;
 		print fmt("[%d] <timeout for %s>", step, k);
 		}
 	}
 function print_exists(k: any)
 	{
 	when ( local r = Broker::exists(h, k) )
 		{
 		step += 1;
 		print fmt("[%d]", step), k, r;
 		}
 	timeout query_timeout
 		{
 		step += 1;
 		print fmt("[%d] <timeout for %s>", step, k);
 		}
 	}
 function print_index_from_value(k: any, i: any)
 	{
 	when ( local r = Broker::get_index_from_value(h, k, i) )
 		{
 		step += 1;
 		print fmt("[%d]", step), k, r$status, r$result;
 		}
 	timeout query_timeout
 		{
 		step += 1;
 		print fmt("[%d] <timeout for %s>", step, k);
 		}
 	}
 function print_keys()
 	{
 	when ( local s = Broker::keys(h) )
 		{
 		step += 1;
 		print "keys", s;
 		}
 	timeout query_timeout
 		{
 		step += 1;
 		print fmt("[%d] <timeout for print keys>", step);
 		}
 	}
 event done()
 	{
 	terminate();
 	}
 event pk2()
 	{
 	print_keys();
 	}
 event pk1()
 	{
 	print_keys();
 	Broker::clear(h);
 	schedule 1sec { pk2() };
 	}
 event zeek_init()
 	{
 	h = Broker::create_master("master");
 	Broker::put(h, "one", "110");
 	Broker::put(h, "two", 220);
 	Broker::put(h, "three", 330);
 	Broker::put(h, "four", set(1, 2,3));
 	Broker::put(h, set("x", "y"), vector(1/tcp, 2/tcp, 3/tcp));
 	Broker::put(h, "str", "foo");
 	Broker::put(h, "vec", vector(1, 2,3));
 	Broker::put(h, "set", set("A", "B"));
 	Broker::put(h, "table", table(["a"] = 1, ["b"] = 2));
 	print_index("one");
 	print_index("two");
 	print_index("three");
 	print_index("four");
 	print_index("five");
 	print_index(set("x", "y"));
 	when ( step == 6 )
 		{
 		Broker::increment(h, "two");
 		Broker::increment(h, "two", 9);
 		Broker::decrement(h, "three");
 		Broker::decrement(h, "three", 9);
 		print_index("two");
 		print_index("three");
 		print_index("four");
 		print_keys();
 		Broker::erase(h, "four");
 		Broker::append(h, "str", "bar");
 		Broker::insert_into_set(h, "set", "C");
 		Broker::insert_into_table(h, "table", "c", 3);
 		Broker::remove_from(h, "set", 2);
 		Broker::remove_from(h, "table", "b");
 		Broker::push(h, "vec", 4);
 		Broker::push(h, "vec", 5);
 		Broker::pop(h, "vec");
 		print_index("str");
 		print_index("set");
 		print_index("table");
 		print_index("vec");
 		print_exists("one");
 		print_exists("NOPE");
        	print_index_from_value("vec", 1);
        	print_index_from_value("set", "A");
    	        print_index_from_value("table", "a");
    	        print_index_from_value("table", "X");
 		schedule 1sec { pk1() };
 		}
        schedule 15secs { done() };
 	}
--- a/testing/btest/core/leaks/broker/remote_event.test
+++ b/testing/btest/core/leaks/broker/remote_event.test
@ -1,85 +0,0 @@
 # @TEST-PORT: BROKER_PORT
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-GROUP: leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run recv "zeek -m -b ../recv.zeek >recv.out"
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run send "zeek -m -b ../send.zeek >send.out"
 # @TEST-EXEC: btest-bg-wait 90
 # @TEST-EXEC: btest-diff recv/recv.out
 # @TEST-EXEC: btest-diff send/send.out
@TEST-START-FILE recv.zeek
 redef exit_only_after_terminate = T;
 global event_handler: event(msg: string, c: count);
 global auto_event_handler: event(msg: string, c: count);
 event zeek_init()
 	{
 	Broker::subscribe("bro/event/");
 	Broker::auto_publish("bro/event/my_topic", auto_event_handler);
 	Broker::listen("127.0.0.1", to_port(getenv("BROKER_PORT")));
 	}
 global event_count = 0;
 global events_to_recv = 6;
 event event_handler(msg: string, n: count)
 	{
 	++event_count;
 	print "got event msg", msg, n;
 	if ( event_count == events_to_recv )
 		{
 		terminate();
 		return;
 		}
 	event auto_event_handler(msg, n);
 	Broker::publish("bro/event/my_topic", event_handler, "pong", n);
 	}
@TEST-END-FILE
@TEST-START-FILE send.zeek
 redef exit_only_after_terminate = T;
 global event_handler: event(msg: string, c: count);
 global auto_event_handler: event(msg: string, c: count);
 event zeek_init()
 	{
 	Broker::subscribe("bro/event/my_topic");
 	Broker::peer("127.0.0.1", to_port(getenv("BROKER_PORT")), 1secs);
 	}
 global event_count = 0;
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	print "Broker peer added", endpoint$network$address;
 	Broker::publish("bro/event/hi", event_handler, "ping", event_count);
 	++event_count;
 	}
 event Broker::peer_lost(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	terminate();
 	}
 event event_handler(msg: string, n: count)
 	{
 	print "got event msg", msg, n;
 	Broker::publish("bro/event/hi", event_handler, "ping", event_count);
 	++event_count;
 	}
 event auto_event_handler(msg: string, n: count)
 	{
 	print "got auto event msg", msg, n;
 	}
@TEST-END-FILE
--- a/testing/btest/core/leaks/broker/remote_log.test
+++ b/testing/btest/core/leaks/broker/remote_log.test
@ -1,88 +0,0 @@
 # @TEST-PORT: BROKER_PORT
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-GROUP: leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run recv "zeek -m -b ../recv.zeek >recv.out"
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run send "zeek -m -b ../send.zeek >send.out"
 # @TEST-EXEC: btest-bg-wait 90
 # @TEST-EXEC: btest-diff recv/recv.out
 # @TEST-EXEC: btest-diff recv/test.log
 # @TEST-EXEC: btest-diff send/send.out
 # @TEST-EXEC: btest-diff send/test.log
@TEST-START-FILE common.zeek
 redef exit_only_after_terminate = T;
 module Test;
 export {
 	redef enum Log::ID += { LOG };
 	type Info: record {
 		msg: string &log;
 		nolog: string &default="no";
 		num: count &log;
 	};
 }
 event zeek_init() &priority=5
 	{
 	Log::create_stream(Test::LOG, [$columns=Test::Info]);
 	}
 event Broker::peer_lost(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	terminate();
 	}
@TEST-END-FILE
@TEST-START-FILE recv.zeek
@load ./common
 event zeek_init()
 	{
 	Broker::subscribe("zeek/");
 	Broker::listen("127.0.0.1", to_port(getenv("BROKER_PORT")));
 	}
 event Broker::peer_removed(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	terminate();
 	}
@TEST-END-FILE
@TEST-START-FILE send.zeek
@load ./common
 event zeek_init()
 	{
 	Broker::peer("127.0.0.1", to_port(getenv("BROKER_PORT")));
 	}
 global n = 0;
 event do_write()
 	{
 	if ( n == 6 )
 		terminate();
 	else
 		{
 		Log::write(Test::LOG, [$msg = "ping", $num = n]);
 		++n;
 		schedule 0.1secs { do_write() };
 		}
 	}
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
 	{
 	print "Broker peer added", endpoint$network$address;
 	event do_write();
 	}
@TEST-END-FILE
--- a/testing/btest/core/leaks/closure-sending.zeek
+++ b/testing/btest/core/leaks/closure-sending.zeek
@ -1,168 +0,0 @@
 # @TEST-PORT: BROKER_PORT
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-GROUP: leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run recv "zeek -m -b ../recv.zeek >recv.out"
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run send "zeek -m -b ../send.zeek >send.out"
 # @TEST-EXEC: btest-bg-wait 90
 # @TEST-EXEC: btest-diff recv/recv.out
 # @TEST-EXEC: btest-diff send/send.out
@TEST-START-FILE send.zeek
 redef exit_only_after_terminate = T;
 type myfunctype: function(c: count) : function(d: count) : count;
 global global_with_same_name = 10;
 global ping: event(msg: string, f: myfunctype);
 event zeek_init()
    {
    print "hello :)";
    Broker::subscribe("zeek/event/my_topic");
    Broker::peer("127.0.0.1", to_port(getenv("BROKER_PORT")));
    }
 global n = 0;
 function send_event()
    {
    # in this frame event_count has an offset of three.
    # in the receiving frame it has an offset of one.
    # this tests to ensure that id lookups are being routed properly.
    local dog = 0;
    local not_dog = 1;
    local event_count = 11;
    local log : myfunctype = function(c: count) : function(d: count) : count
        {
        print fmt("inside: %s | outside: %s | global: %s", c, event_count, global_with_same_name);
        return function(d: count) : count { return d + c; };
        };
 	local two_part_adder_maker = function (begin : count) : function (base_step : count) : function ( step : count) : count
 		{
 		return function (base_step : count) : function (step : count) : count
 			{
                print fmt("begin: %s | base_step: %s", begin, base_step);
 				return function (step : count) : count
 					{
                    print fmt("begin: %s | base_step: %s | step: %s", begin, base_step, step);
 					return (begin += base_step + step); }; }; };
 	local l = two_part_adder_maker(100);
 	local stepper = l(50);
    ++n;
    if ( n % 2 == 0)
        {
        local e2 = Broker::make_event(ping, "function 1", l);
        Broker::publish("zeek/event/my_topic", e2);
        }
    else
        {
        local e = Broker::make_event(ping, "function 2", log);
        Broker::publish("zeek/event/my_topic", e);
        }
    }
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
    {
    print "peer added";
    send_event();
    }
 event Broker::peer_lost(endpoint: Broker::EndpointInfo, msg: string)
    {
    print "peer lost";
    terminate();
    }
 event pong(msg: string, f: myfunctype)
    {
    print fmt("sender got pong: %s", msg);
    local adder = f(n);
    print adder(76);
    send_event();
    }
@TEST-END-FILE
@TEST-START-FILE recv.zeek
 redef exit_only_after_terminate = T;
 const events_to_recv = 7;
 type myfunctype: function(c: count) : function(d: count) : count;
 # type myfunctype: function(c: count);
 global global_with_same_name = 100;
 global pong: event(msg: string, f: myfunctype);
 # This is one, of many, ways to declare your functions that you plan to receive.
 # All you are doing is giving the parser a version of their body, so they can be
 # anywhere. This seems to work quite nicely because it keeps them scoped and stops
 # them from ever being evaluated.
 function my_funcs()
    {
    return;
    local begin = 100;
    local event_count = begin;
    local l : myfunctype = function(c: count) : function(d: count) : count
    {
    print fmt("inside: %s | outside: %s | global: %s", c, event_count, global_with_same_name);
    return function(d: count) : count { return d + c; };
    };
    local dog_fish = function (base_step : count) : function (step : count) : count
        {
 # actual formatting doesn't matter for name resolution.
 print fmt("begin: %s | base_step: %s", begin, base_step);
        return function (step : count) : count
            {
                        print fmt("begin: %s | base_step: %s | step: %s", begin, base_step, step);
                        return (begin += base_step + step); }; };
        }
 event zeek_init()
    {
    print "hello :-)";
    Broker::subscribe("zeek/event/my_topic");
    Broker::listen("127.0.0.1", to_port(getenv("BROKER_PORT")));
    }
 event Broker::peer_added(endpoint: Broker::EndpointInfo, msg: string)
    {
    print "peer added";
    }
 event Broker::peer_lost(endpoint: Broker::EndpointInfo, msg: string)
    {
    print "peer lost";
    }
 global n = 0;
 event ping(msg: string, f: myfunctype)
    {
    print fmt("receiver got ping: %s", msg);
    ++n;
    local adder = f(n);
    print adder(76);
    if ( n == events_to_recv )
        {
        terminate();
        }
    else
        {
        local e = Broker::make_event(pong, msg, f);
        Broker::publish("zeek/event/my_topic", e);
        }
    }
@TEST-END-FILE
--- a/testing/btest/core/leaks/copy-all-opaques.zeek
+++ b/testing/btest/core/leaks/copy-all-opaques.zeek
@ -1,90 +0,0 @@
 # @TEST-GROUP: leaks
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 global did_it = F;
 event new_connection(c: connection)
 	{
 	if ( did_it )
 		return;
 	did_it = T;
 	print "============ Topk";
 	local k1: opaque of topk = topk_init(4);
 	topk_add(k1, "a");
 	topk_add(k1, "b");
 	topk_add(k1, "b");
 	topk_add(k1, "c");
 	local k2 = copy(k1);
 	print topk_get_top(k1, 5);
 	topk_add(k1, "shoulnotshowup");
 	print topk_get_top(k2, 5);
 	print "============ HLL";
 	local c1 = hll_cardinality_init(0.01, 0.95);
 	hll_cardinality_add(c1, 2001);
 	hll_cardinality_add(c1, 2002);
 	hll_cardinality_add(c1, 2003);
 	print hll_cardinality_estimate(c1);
 	local c2 = copy(c1);
 	hll_cardinality_add(c1, 2004);
 	print hll_cardinality_estimate(c2);
 	print "============ Bloom";
 	local bf_cnt = bloomfilter_basic_init(0.1, 1000);
 	bloomfilter_add(bf_cnt, 42);
 	bloomfilter_add(bf_cnt, 84);
 	bloomfilter_add(bf_cnt, 168);
 	print bloomfilter_lookup(bf_cnt, 0);
 	print bloomfilter_lookup(bf_cnt, 42);
 	local bf_copy = copy(bf_cnt);
 	bloomfilter_add(bf_cnt, 0);
 	print bloomfilter_lookup(bf_copy, 0);
 	print bloomfilter_lookup(bf_copy, 42);
 	# check that typefication transfered.
 	bloomfilter_add(bf_copy, 0.5); # causes stderr output
 	print "============ Hashes";
 	local md5a = md5_hash_init();
 	md5_hash_update(md5a, "one");
 	local md5b = copy(md5a);
 	md5_hash_update(md5a, "two");
 	md5_hash_update(md5b, "two");
 	print md5_hash_finish(md5a);
 	print md5_hash_finish(md5b);
 	local sha1a = sha1_hash_init();
 	sha1_hash_update(sha1a, "one");
 	local sha1b = copy(sha1a);
 	sha1_hash_update(sha1a, "two");
 	sha1_hash_update(sha1b, "two");
 	print sha1_hash_finish(sha1a);
 	print sha1_hash_finish(sha1b);
 	local sha256a = sha256_hash_init();
 	sha256_hash_update(sha256a, "one");
 	local sha256b = copy(sha256a);
 	sha256_hash_update(sha256a, "two");
 	sha256_hash_update(sha256b, "two");
 	print sha256_hash_finish(sha256a);
 	print sha256_hash_finish(sha256b);
 	print "============ X509";
 	local x509 = x509_from_der("\x30\x82\x03\x75\x30\x82\x02\x5D\xA0\x03\x02\x01\x02\x02\x0B\x04\x00\x00\x00\x00\x01\x15\x4B\x5A\xC3\x94\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x30\x57\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x42\x45\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x47\x6C\x6F\x62\x61\x6C\x53\x69\x67\x6E\x20\x6E\x76\x2D\x73\x61\x31\x10\x30\x0E\x06\x03\x55\x04\x0B\x13\x07\x52\x6F\x6F\x74\x20\x43\x41\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x47\x6C\x6F\x62\x61\x6C\x53\x69\x67\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x1E\x17\x0D\x39\x38\x30\x39\x30\x31\x31\x32\x30\x30\x30\x30\x5A\x17\x0D\x32\x38\x30\x31\x32\x38\x31\x32\x30\x30\x30\x30\x5A\x30\x57\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x42\x45\x31\x19\x30\x17\x06\x03\x55\x04\x0A\x13\x10\x47\x6C\x6F\x62\x61\x6C\x53\x69\x67\x6E\x20\x6E\x76\x2D\x73\x61\x31\x10\x30\x0E\x06\x03\x55\x04\x0B\x13\x07\x52\x6F\x6F\x74\x20\x43\x41\x31\x1B\x30\x19\x06\x03\x55\x04\x03\x13\x12\x47\x6C\x6F\x62\x61\x6C\x53\x69\x67\x6E\x20\x52\x6F\x6F\x74\x20\x43\x41\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\xDA\x0E\xE6\x99\x8D\xCE\xA3\xE3\x4F\x8A\x7E\xFB\xF1\x8B\x83\x25\x6B\xEA\x48\x1F\xF1\x2A\xB0\xB9\x95\x11\x04\xBD\xF0\x63\xD1\xE2\x67\x66\xCF\x1C\xDD\xCF\x1B\x48\x2B\xEE\x8D\x89\x8E\x9A\xAF\x29\x80\x65\xAB\xE9\xC7\x2D\x12\xCB\xAB\x1C\x4C\x70\x07\xA1\x3D\x0A\x30\xCD\x15\x8D\x4F\xF8\xDD\xD4\x8C\x50\x15\x1C\xEF\x50\xEE\xC4\x2E\xF7\xFC\xE9\x52\xF2\x91\x7D\xE0\x6D\xD5\x35\x30\x8E\x5E\x43\x73\xF2\x41\xE9\xD5\x6A\xE3\xB2\x89\x3A\x56\x39\x38\x6F\x06\x3C\x88\x69\x5B\x2A\x4D\xC5\xA7\x54\xB8\x6C\x89\xCC\x9B\xF9\x3C\xCA\xE5\xFD\x89\xF5\x12\x3C\x92\x78\x96\xD6\xDC\x74\x6E\x93\x44\x61\xD1\x8D\xC7\x46\xB2\x75\x0E\x86\xE8\x19\x8A\xD5\x6D\x6C\xD5\x78\x16\x95\xA2\xE9\xC8\x0A\x38\xEB\xF2\x24\x13\x4F\x73\x54\x93\x13\x85\x3A\x1B\xBC\x1E\x34\xB5\x8B\x05\x8C\xB9\x77\x8B\xB1\xDB\x1F\x20\x91\xAB\x09\x53\x6E\x90\xCE\x7B\x37\x74\xB9\x70\x47\x91\x22\x51\x63\x16\x79\xAE\xB1\xAE\x41\x26\x08\xC8\x19\x2B\xD1\x46\xAA\x48\xD6\x64\x2A\xD7\x83\x34\xFF\x2C\x2A\xC1\x6C\x19\x43\x4A\x07\x85\xE7\xD3\x7C\xF6\x21\x68\xEF\xEA\xF2\x52\x9F\x7F\x93\x90\xCF\x02\x03\x01\x00\x01\xA3\x42\x30\x40\x30\x0E\x06\x03\x55\x1D\x0F\x01\x01\xFF\x04\x04\x03\x02\x01\x06\x30\x0F\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x05\x30\x03\x01\x01\xFF\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x60\x7B\x66\x1A\x45\x0D\x97\xCA\x89\x50\x2F\x7D\x04\xCD\x34\xA8\xFF\xFC\xFD\x4B\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\xD6\x73\xE7\x7C\x4F\x76\xD0\x8D\xBF\xEC\xBA\xA2\xBE\x34\xC5\x28\x32\xB5\x7C\xFC\x6C\x9C\x2C\x2B\xBD\x09\x9E\x53\xBF\x6B\x5E\xAA\x11\x48\xB6\xE5\x08\xA3\xB3\xCA\x3D\x61\x4D\xD3\x46\x09\xB3\x3E\xC3\xA0\xE3\x63\x55\x1B\xF2\xBA\xEF\xAD\x39\xE1\x43\xB9\x38\xA3\xE6\x2F\x8A\x26\x3B\xEF\xA0\x50\x56\xF9\xC6\x0A\xFD\x38\xCD\xC4\x0B\x70\x51\x94\x97\x98\x04\xDF\xC3\x5F\x94\xD5\x15\xC9\x14\x41\x9C\xC4\x5D\x75\x64\x15\x0D\xFF\x55\x30\xEC\x86\x8F\xFF\x0D\xEF\x2C\xB9\x63\x46\xF6\xAA\xFC\xDF\xBC\x69\xFD\x2E\x12\x48\x64\x9A\xE0\x95\xF0\xA6\xEF\x29\x8F\x01\xB1\x15\xB5\x0C\x1D\xA5\xFE\x69\x2C\x69\x24\x78\x1E\xB3\xA7\x1C\x71\x62\xEE\xCA\xC8\x97\xAC\x17\x5D\x8A\xC2\xF8\x47\x86\x6E\x2A\xC4\x56\x31\x95\xD0\x67\x89\x85\x2B\xF9\x6C\xA6\x5D\x46\x9D\x0C\xAA\x82\xE4\x99\x51\xDD\x70\xB7\xDB\x56\x3D\x61\xE4\x6A\xE1\x5C\xD6\xF6\xFE\x3D\xDE\x41\xCC\x07\xAE\x63\x52\xBF\x53\x53\xF4\x2B\xE9\xC7\xFD\xB6\xF7\x82\x5F\x85\xD2\x41\x18\xDB\x81\xB3\x04\x1C\xC5\x1F\xA4\x80\x6F\x15\x20\xC9\xDE\x0C\x88\x0A\x1D\xD6\x66\x55\xE2\xFC\x48\xC9\x29\x26\x69\xE0");
 	local x5092 = copy(x509);
 	print x509_parse(x509);
 	print x509_parse(x5092);
 	print "============ Entropy";
 	local handle = entropy_test_init();
 	entropy_test_add(handle, "dh3Hie02uh^s#Sdf9L3frd243h$d78r2G4cM6*Q05d(7rh46f!0|4-f");
 	local handle2 = copy(handle);
 	print entropy_test_finish(handle);
 	print entropy_test_finish(handle2);
 	}
--- a/testing/btest/core/leaks/copy-all-types.zeek
+++ b/testing/btest/core/leaks/copy-all-types.zeek
@ -1,196 +0,0 @@
 # Note: opaque types in separate test
 # @TEST-GROUP: leaks
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 type MyEnum: enum { ENUMME };
 type InnerTestRecord: record {
 	a: string;
 };
 type TestRecord: record {
 	s1: string;
 	s2: string;
 	i1: InnerTestRecord;
 	i2: InnerTestRecord &optional;
 	donotset: InnerTestRecord &optional;
 	def: count &default=5;
 };
 function join_count_set(ss: set[count], j: string): string
 	{
 	local output="";
 	local i=0;
 	for ( s in ss )
 		{
 		if ( i > 0 )
 			output = cat(output, j);
 		output = cat(output, s);
 		++i;
 		}
 	return output;
 	}
 function do_format(i: any): any
 	{
 	local tpe = type_name(i);
 	switch ( tpe )
 		{
 		case "set[count]":
 			return join_count_set(i, ",");
 		case "table[string] of string":
 			local cast: table[string] of string = i;
 			local vout: vector of string = vector();
 			for ( el in cast )
 				{
 				vout += cat(el, "=", cast[el]);
 				}
 			return join_string_vec(vout, ";");
 		}
 	return i;
 	}
 function check(o1: any, o2: any, equal: bool, expect_same: bool)
 	{
 	local expect_msg = (equal ? "ok" : "FAIL0");
 	local same = same_object(o1, o2);
 	if ( expect_same && ! same )
 		expect_msg = "FAIL1";
 	if ( ! expect_same && same )
 		expect_msg = "FAIL2";
 	print fmt("orig=%s (%s) clone=%s (%s) equal=%s same_object=%s (%s)", do_format(o1), type_name(o1), do_format(o2), type_name(o2), equal, same, expect_msg);
 	}
 function check_vector_equal(a: vector of count, b: vector of count): bool
 	{
 	if ( |a| != |b| )
 		return F;
 	for ( i in a )
 		{
 		if ( a[i] != b[i] )
 			return F;
 		}
 	return T;
 	}
 function check_string_table_equal(a: table[string] of string, b: table[string] of string): bool
 	{
 	if ( |a| != |b| )
 		return F;
 	for ( i in a )
 		{
 		if ( a[i] != b[i] )
 			return F;
 		}
 	return T;
 	}
 function compare_otr(a: TestRecord, b: TestRecord): bool
 	{
 	if ( a$s1 != b$s1 )
 		return F;
 	if ( a$s2 != b$s2 )
 		return F;
 	if ( a$i1$a != b$i1$a )
 		return F;
 	if ( a$i2$a != b$i2$a )
 		return F;
 	if ( same_object(a$i1, b$i1) )
 		return F;
 	if ( same_object(a$i2, b$i2) )
 		return F;
 	# check that we restroe that i1 & i2 point to same object
 	if ( ! same_object(a$i1, a$i2) )
 		return F;
 	if ( ! same_object(b$i1, b$i2) )
 		return F;
 	if ( a$def != b$def )
 		return F;
 	return T;
 	}
 global did_it = F;
 event new_connection(c: connection)
 	{
 	if ( did_it )
 		return;
 	did_it = T;
 	local i1 = -42;
 	local i2 = copy(i1);
 	check(i1, i2, i1 == i2, T);
 	local c1 : count = 42;
 	local c2 = copy(c1);
 	check(c1, c2, c1 == c2, T);
 	local a1 = 127.0.0.1;
 	local a2 = copy(a1);
 	check(a1, a2, a1 == a2, T);
 	local p1 = 42/tcp;
 	local p2 = copy(p1);
 	check(p1, p2, p1 == p2, T);
 	local sn1 = 127.0.0.1/24;
 	local sn2 = copy(sn1);
 	check(sn1, sn2, sn1 == sn2, T);
 	local s1 = "Foo";
 	local s2 = copy(s1);
 	check(s1, s2, s1 == s2, F);
 	local pat1 = /.*PATTERN.*/;
 	local pat2 = copy(pat1);
 	# patterns cannot be directoy compared
 	if ( same_object(pat1, pat2) )
 		print "FAIL P1";
 	if ( ! ( pat1 == "PATTERN" ) )
 		print "FAIL P2";
 	if ( ! ( pat2 == "PATTERN" ) )
 		print "FAIL P3";
 	if ( pat2 == "PATERN" )
 		print "FAIL P4";
 	print fmt("orig=%s (%s) clone=%s (%s) same_object=%s", pat1, type_name(pat1), pat2, type_name(pat2), same_object(pat1, pat2));
 	local set1 = [1, 2, 3, 4, 5];
 	local set2 = copy(set1);
 	check(set1, set2, set1 == set2, F);
 	local v1 = vector(1, 2, 3, 4, 5);
 	local v2 = copy(v1);
 	check(v1, v2, check_vector_equal(v1, v2), F);
 	local t1 : table[string] of string = table();
 	t1["a"] = "va";
 	t1["b"] = "vb";
 	local t2 = copy(t1);
 	check(t1, t2, check_string_table_equal(t1, t2), F);
 	local e1 = ENUMME;
 	local e2 = copy(ENUMME);
 	check(e1, e2, e1 == e2, T);
 	local itr = InnerTestRecord($a="a");
 	local otr1 = TestRecord($s1="s1", $s2="s2", $i1=itr, $i2=itr);
 	local otr2 = copy(otr1);
 	check(otr1, otr2, compare_otr(otr1, otr2), F);
 	}
--- a/testing/btest/core/leaks/dns-nsec3.zeek
+++ b/testing/btest/core/leaks/dns-nsec3.zeek
@ -1,40 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -C -m -r $TRACES/dnssec/nsec3.pcap %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load policy/protocols/dns/auth-addl
 event dns_RRSIG(c: connection, msg: dns_msg, ans: dns_answer, rrsig: dns_rrsig_rr)
 	{
 	print "RRSIG", rrsig, bytestring_to_hexstr(rrsig$signature);
 	}
 event dns_DNSKEY(c: connection, msg: dns_msg, ans: dns_answer, dnskey: dns_dnskey_rr)
 	{
 	print "DNSKEY", dnskey, bytestring_to_hexstr(dnskey$public_key);
 	}
 event dns_NSEC(c: connection, msg: dns_msg, ans: dns_answer, next_name: string, bitmaps: string_vec)
 	{
 	print "NSEC", next_name, bitmaps;
 	for ( i in bitmaps )
 		print bytestring_to_hexstr(bitmaps[i]);
 	}
 event dns_NSEC3(c: connection, msg: dns_msg, ans: dns_answer, nsec3: dns_nsec3_rr)
 	{
 	print "NSEC3", nsec3,
 	      bytestring_to_hexstr(nsec3$nsec_salt),
 	      bytestring_to_hexstr(nsec3$nsec_hash);
 	}
 event dns_DS(c: connection, msg: dns_msg, ans: dns_answer, ds: dns_ds_rr)
 	{
 	print "DS", ds, bytestring_to_hexstr(ds$digest_val);
 	}
--- a/testing/btest/core/leaks/dns-txt.zeek
+++ b/testing/btest/core/leaks/dns-txt.zeek
@ -1,42 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef exit_only_after_terminate = T;
 global n1 = 0;
 function check_term_conditions()
 	{
 	if ( n1 > 7 )
 		terminate();
 	}
 event do_txt(s: string)
 	{
 	when ( local t1 = lookup_hostname_txt(s) )
 		{
 		print "t1", t1;
 		++n1;
 		check_term_conditions();
 		}
 	timeout 100secs
 		{
 		print "t1 timeout";
 		++n1;
 		check_term_conditions();
 		}
 	}
 event connection_established(c: connection)
 	{
 	event do_txt("localhost");
 	schedule 5sec { do_txt("localhost") };
 	}
--- a/testing/btest/core/leaks/dns.zeek
+++ b/testing/btest/core/leaks/dns.zeek
@ -1,81 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef exit_only_after_terminate = T;
 const foo: set[addr] = {
     google.com
 };
 global n1 = 0;
 global n2 = 0;
 global n3 = 0;
 global n4 = 0;
 function check_term_conditions()
 	{
 	if ( n1 > 4 && n2 > 4 && n3 > 4 && n4 > 4  )
 		terminate();
 	}
 event connection_established(c: connection)
 	{
 	when ( local addrs = lookup_hostname("localhost") )
 		{
 		print "1a", c$id$resp_h, addrs;
 		++n1;
 		check_term_conditions();
 		}
 	timeout 100secs
 		{
 		print "1b", c$id$resp_h;
 		++n1;
 		check_term_conditions();
 		}
 	when ( local addrs2 = lookup_hostname("qq.ww.ee.rrrrr") )
 		{
 		print "2a", c$id$resp_h, addrs2;
 		++n2;
 		check_term_conditions();
 		}
 	timeout 100secs
 		{
 		print "2b", c$id$resp_h;
 		++n2;
 		check_term_conditions();
 		}
 	when ( local a = lookup_addr(c$id$resp_h) )
 		{
 		print "3a", c$id$resp_h, a;
 		++n3;
 		check_term_conditions();
 		}
 	timeout 100secs
 		{
 		print "3b", c$id$resp_h;
 		++n3;
 		check_term_conditions();
 		}
 	when ( local a2 = lookup_addr(1.2.3.4) )
 		{
 		print "4a", c$id$resp_h, a2;
 		++n4;
 		check_term_conditions();
 		}
 	timeout 100secs
 		{
 		print "4b", c$id$resp_h;
 		++n4;
 		check_term_conditions();
 		}
 	}
--- a/testing/btest/core/leaks/dtls.zeek
+++ b/testing/btest/core/leaks/dtls.zeek
@ -1,15 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/tls/dtls1_0.pcap %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/ssl
 event ssl_established(c: connection) &priority=3
 	{
 	print "established";
 	}
--- a/testing/btest/core/leaks/exec.test
+++ b/testing/btest/core/leaks/exec.test
@ -1,79 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b ../exectest.zeek
 # @TEST-EXEC: btest-bg-wait 90
@TEST-START-FILE exectest.zeek
@load base/utils/exec
 redef exit_only_after_terminate = T;
 global c: count = 0;
 function check_exit_condition()
 	{
 	c += 1;
 	if ( c == 3 )
 		terminate();
 	}
 function test_cmd(label: string, cmd: Exec::Command)
 	{
 	when ( local result = Exec::run(cmd) )
 		{
 		print label, result;
 		check_exit_condition();
 		}
 	}
 event zeek_init()
 	{
 	test_cmd("test1", [$cmd="bash ../somescript.sh",
 	                   $read_files=set("out1", "out2")]);
 	test_cmd("test2", [$cmd="bash ../nofiles.sh"]);
 	# Not sure of a portable way to test signals yet.
 	#test_cmd("test3", [$cmd="bash ../suicide.sh"]);
 	test_cmd("test4", [$cmd="bash ../stdin.sh", $stdin="hibye"]);
 	}
@TEST-END-FILE
@TEST-START-FILE somescript.sh
 #! /usr/bin/env bash
 echo "insert text here" > out1
 echo "and here" >> out1
 echo "insert more text here" > out2
 echo "and there" >> out2
 echo "done"
 echo "exit"
 echo "stop"
@TEST-END-FILE
@TEST-START-FILE nofiles.sh
 #! /usr/bin/env bash
 echo "here's something on stdout"
 echo "some more stdout"
 echo "last stdout"
 echo "and some stderr" 1>&2
 echo "more stderr" 1>&2
 echo "last stderr" 1>&2
 exit 1
@TEST-END-FILE
@TEST-START-FILE suicide.sh
 #! /usr/bin/env bash
 echo "FML"
 kill -9 $$
 echo "nope"
@TEST-END-FILE
@TEST-START-FILE stdin.sh
 #! /usr/bin/env bash
 read -r line
 echo "$line"
@TEST-END-FILE
--- a/testing/btest/core/leaks/file-analysis-http-get.zeek
+++ b/testing/btest/core/leaks/file-analysis-http-get.zeek
@ -1,15 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/http/get.trace $SCRIPTS/file-analysis-test.zeek %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef test_file_analysis_source = "HTTP";
 redef test_get_file_name = function(f: fa_file): string
 	{
 	return fmt("%s-file", f$id);
 	};
--- a/testing/btest/core/leaks/function-closures.zeek
+++ b/testing/btest/core/leaks/function-closures.zeek
@ -1,107 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/http/get.trace $SCRIPTS/file-analysis-test.zeek %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 # maps a function to a vector
 function map_1 (f: function(a: count): count, v: vector of count) : vector of count
    {
    local out: vector of count;
    for ( i in v )
        out += f(v[i]);
    return out;
    }
 # stacks two functions
 function stacker (one : function(a: count): count, two: function (b: count): count): function(c: count): count
    {
    return function (c: count): count
        {
        return one(two(c));
        };
    }
 function make_dog(name: string, weight: count) : function(i: string, item: string)
    {
    return function(i: string, item: string)
        {
        switch i
            {
            case "set name":
                name = item;
                break;
            case "get name":
                print name;
                break;
            case "eat":
                print ++weight;
                break;
            case "run":
                print --weight;
                break;
            default:
                print "bark";
                break;
            }
        };
    }
 event new_connection(c: connection)
    {
    local v = vector(vector(1, 2, 3), vector(4, 5, 6));
    local make_laster = function(start: count) : function(i: count): count
        {
        return function(i: count): count
            {
            local temp = i;
            i += start;
            start = temp;
            return i;
            };
        };
    local test = vector(1, 2, 3);
    print "expect [1, 3, 5]";
    print map_1(make_laster(0), test);
    local times_two = function(i: count): count { return i*2; };
    local times_four = stacker(times_two, times_two);
    local times_eight = stacker(times_four, times_two);
    print "expect 16";
    print times_eight(2);
    print "expect [8, 16, 24]";
    print map_1(times_eight, test);
    # things like this are only possible becuse we allow functions to
    # mutate their closures.
    local thunder= make_dog("thunder", 10);
    thunder("get name", "");
    thunder("set name", "buster");
    thunder("get name", "");
    thunder("eat", "");
    thunder("eat", "");
    thunder("run", "");
    # why this works is a little bit of a mystery to me.
    # I suspect it has something to do with how for loops handle frames.
    # the above test shows that we are properly capturing primitives
    # by reference.
    local mfs: vector of function();
    local vs = vector("dog", "cat", "fish");
    for (i in vs)
        {
        mfs += function() { print i, vs[i]; };
        }
    for ( i in mfs)
        mfs[i]();
    }
--- a/testing/btest/core/leaks/gridftp.test
+++ b/testing/btest/core/leaks/gridftp.test
@ -1,25 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/globus-url-copy.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/ftp/gridftp
 module GridFTP;
 redef size_threshold = 2;
 redef enum Notice::Type += {
    Data_Channel
 };
 event GridFTP::data_channel_detected(c: connection)
 	{
 	local msg = fmt("GridFTP data channel over threshold %d bytes",
 	                size_threshold);
 	NOTICE([$note=Data_Channel, $msg=msg, $conn=c]);
 	}
--- a/testing/btest/core/leaks/gtp_opt_header.test
+++ b/testing/btest/core/leaks/gtp_opt_header.test
@ -1,16 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/tunnels/gtp/gtp6_gtp_0x32.pcap %INPUT >out
 # @TEST-EXEC: btest-bg-wait 90
 # Some GTPv1 headers have some optional fields totaling to a 4-byte extension
 # of the mandatory header.
 event gtpv1_g_pdu_packet(outer: connection, inner_gtp: gtpv1_hdr, inner_ip: pkt_hdr)
 	{
 	print "gtpv1_packet", inner_gtp;
 	}
--- a/testing/btest/core/leaks/hook.zeek
+++ b/testing/btest/core/leaks/hook.zeek
@ -1,101 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 type rec: record {
 	a: count;
 	b: string;
 };
 global myhook: hook(r: rec);
 global myhook2: hook(s: string);
 # a hook doesn't have to take any arguments
 global myhook4: hook();
 hook myhook(r: rec) &priority=5
 	{
 	print "myhook, &priority=5", r;
 	# break statement short-circuits the hook handling chain.
 	break;
 	print "ERROR: break statement should return from hook handler body";
 	}
 hook myhook(r: rec)
 	{
 	# This handler shouldn't execute ever because of the handler at priority=5
 	# exiting the body from a "break" statement.
 	print "myhook, &priority=0", rec;
 	}
 hook myhook(r: rec) &priority=10
 	{
 	print "myhook, &priority=10", r;
 	# modifications to the record argument will be seen by remaining handlers.
 	r$a = 37;
 	r$b = "goobye world";
 	# returning from the handler early, is fine, remaining handlers still run.
 	return;
 	print "ERROR: return statement should return from hook handler body";
 	}
 hook myhook(r: rec) &priority=9
 	{
 	print "myhook return F";
 	# return value is ignored, remaining handlers still run, final return
 	# value is whether any hook body returned via break statement
 	return F;
 	print "ERROR: return statement should return from hook handler body";
 	}
 hook myhook(r: rec) &priority=8
 	{
 	print "myhook return T";
 	# return value is ignored, remaining handlers still run, final return
 	# value is whether any hook body returned via break statement
 	return T;
 	print "ERROR: return statement should return from hook handler body";
 	}
 # hook function doesn't need a declaration, we can go straight to defining
 # a handler body.
 hook myhook3(i: count)
 	{
 	print "myhook3", i;
 	}
 hook myhook4() &priority=1
 	{
 	print "myhook4", 1;
 	}
 hook myhook4() &priority=2
 	{
 	print "myhook4", 2;
 	}
 event new_connection(c: connection)
 	{
 	print "new_connection", c$id;
 	print hook myhook([$a=1156, $b="hello world"]);
 	# A hook with no handlers is fine, it's just a no-op.
 	print hook myhook2("nope");
 	print hook myhook3(8);
 	print hook myhook4();
 	if ( hook myhook4() )
 		{
 		print "myhook4 all handlers ran";
 		}
 	# A hook can be treated like other data types and doesn't have to be
 	# invoked directly by name.
 	local h = myhook;
 	print hook h([$a=2, $b="it works"]);
 	}
--- a/testing/btest/core/leaks/http-connect.zeek
+++ b/testing/btest/core/leaks/http-connect.zeek
@ -1,14 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/http/connect-with-smtp.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/conn
@load base/protocols/http
@load base/protocols/smtp
@load base/protocols/tunnels
@load base/frameworks/dpd
--- a/testing/btest/core/leaks/incr-vec-expr.test
+++ b/testing/btest/core/leaks/incr-vec-expr.test
@ -1,36 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/chksums/ip4-udp-good-chksum.pcap %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 type rec: record {
    a: count;
    b: string;
    c: vector of count;
 };
 global vec: vector of count = vector(0,0,0);
 global v: rec = [$a=0, $b="test", $c=vector(1,2,3)];
 event new_connection(c: connection)
    {
    print vec;
    print v;
    ++vec;
    print vec;
    ++v$a;
    print v;
    ++v$c;
    print v;
    }
--- a/testing/btest/core/leaks/input-basic.zeek
+++ b/testing/btest/core/leaks/input-basic.zeek
@ -1,67 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef exit_only_after_terminate = T;
@TEST-START-FILE input.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	ns
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string
 T	-42	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	4242
@TEST-END-FILE
@load base/protocols/ssh
 global outfile: file;
 redef InputAscii::empty_field = "EMPTY";
 module A;
 type Idx: record {
 	i: int;
 };
 type Val: record {
 	b: bool;
 	e: Log::ID;
 	c: count;
 	p: port;
 	sn: subnet;
 	a: addr;
 	d: double;
 	t: time;
 	iv: interval;
 	s: string;
 	ns: string;
 	sc: set[count];
 	ss: set[string];
 	se: set[string];
 	vc: vector of int;
 	ve: vector of int;
 };
 global servers: table[int] of Val = table();
 event zeek_init()
 	{
 	outfile = open("../out");
 	# first read in the old stuff into the table...
 	Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
 	}
 event Input::end_of_data(name: string, source:string)
 	{
 	print outfile, servers;
 	print outfile, to_count(servers[-42]$ns); # try to actually use a string. If null-termination is wrong this will fail.
 	Input::remove("ssh");
 	close(outfile);
 	terminate();
 	}
--- a/testing/btest/core/leaks/input-errors.zeek
+++ b/testing/btest/core/leaks/input-errors.zeek
@ -1,196 +0,0 @@
 # Needs perftools support.
 # Test different kinds of errors of the input framework
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@TEST-START-FILE input.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	ns
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string
 T	-42	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	4242
@TEST-END-FILE
 redef Input::accept_unsupported_types = T;
 redef exit_only_after_terminate = T;
 module Test;
 global outfile: file;
 type Idx: record {
 	c: count;
 };
 type Idx2: record {
 	c: count;
 	i: int;
 };
 type FileVal: record {
 	i: int;
 	s: file;
 };
 type Val: record {
 	i: int;
 	s: string;
 	a: addr;
 };
 type OptionalRecordVal: record {
 	i: int;
 	r: FileVal &optional;
 };
 type OptionalFileVal: record {
 	i: int;
 	s: file &optional;
 };
 global file_table: table[count] of FileVal = table();
 global optional_file_table: table[count] of OptionalFileVal = table();
 global record_table: table[count] of OptionalRecordVal = table();
 global string_table: table[string] of OptionalRecordVal = table();
 global val_table: table[count] of Val = table();
 global val_table2: table[count, int] of Val = table();
 global val_table3: table[count, int] of int = table();
 global val_table4: table[count] of int;
 event line_file(description: Input::EventDescription, tpe: Input::Event, r:FileVal)
 	{
 	print outfile, description$name;
 	print outfile, r;
 	}
 event optional_line_file(description: Input::EventDescription, tpe: Input::Event, r:OptionalFileVal)
 	{
 	print outfile, description$name;
 	print outfile, r;
 	}
 event line_record(description: Input::EventDescription, tpe: Input::Event, r: OptionalRecordVal)
 	{
 	print outfile, description$name;
 	print outfile, r;
 	}
 event event1(description: Input::EventDescription, tpe: Input::Event, r: OptionalRecordVal, r2: OptionalRecordVal)
 	{
 	}
 event event2(description: Input::TableDescription, tpe: string, r: OptionalRecordVal, r2: OptionalRecordVal)
 	{
 	}
 event event3(description: Input::TableDescription, tpe: Input::Event, r: OptionalRecordVal, r2: OptionalRecordVal)
 	{
 	}
 event event4(description: Input::TableDescription, tpe: Input::Event, r: Idx, r2: OptionalRecordVal)
 	{
 	}
 event event5(description: Input::EventDescription, tpe: string, r: OptionalRecordVal, r2: OptionalRecordVal)
 	{
 	}
 event event6(description: Input::EventDescription, tpe: Input::Event, r: OptionalRecordVal)
 	{
 	}
 event event7(description: Input::EventDescription, tpe: Input::Event, r: OptionalRecordVal, r2:OptionalRecordVal)
 	{
 	}
 event event8(description: Input::EventDescription, tpe: Input::Event, i: int, s:string, a:string)
 	{
 	}
 event event9(description: Input::EventDescription, tpe: Input::Event, i: int, s:string, a:addr, ii: int)
 	{
 	}
 event event10(description: Input::TableDescription, tpe: Input::Event, i: Idx, c: count)
 	{
 	}
 # these are legit to test the error events
 event event11(description: Input::EventDescription, tpe: Input::Event, v: Val)
 	{
 	}
 event errorhandler1(desc: Input::TableDescription, msg: string, level: Reporter::Level)
 	{
 	}
 event errorhandler2(desc: Input::EventDescription, msg: string, level: Reporter::Level)
 	{
 	}
 event errorhandler3(desc: string, msg: string, level: Reporter::Level)
 	{
 	}
 event errorhandler4(desc: Input::EventDescription, msg: count, level: Reporter::Level)
 	{
 	}
 event errorhandler5(desc: Input::EventDescription, msg: string, level: count)
 	{
 	}
 event kill_me()
 	{
 	terminate();
 	}
 event zeek_init()
 	{
 	outfile = open("out");
 	Input::add_event([$source="input.log", $name="file", $fields=FileVal, $ev=line_file, $want_record=T]);
 	Input::add_event([$source="input.log", $name="optionalrecord", $fields=OptionalRecordVal, $ev=line_record, $want_record=T]);
 	Input::add_event([$source="input.log", $name="optionalfile", $fields=OptionalFileVal, $ev=optional_line_file, $want_record=T]);
 	Input::add_table([$source="input.log", $name="filetable", $idx=Idx, $val=FileVal, $destination=file_table]);
 	Input::add_table([$source="input.log", $name="optionalrecordtable", $idx=Idx, $val=OptionalRecordVal, $destination=record_table]);
 	Input::add_table([$source="input.log", $name="optionalfiletable", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table]);
 	Input::add_table([$source="input.log", $name="optionalfiletable", $idx=Idx, $val=OptionalFileVal, $destination=record_table]);
 	Input::add_table([$source="input.log", $name="optionalfiletable2", $idx=Idx, $val=OptionalFileVal, $destination=string_table]);
 	Input::add_table([$source="input.log", $name="optionalfiletable3", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=terminate]);
 	Input::add_table([$source="input.log", $name="optionalfiletable3", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=kill_me]);
 	Input::add_table([$source="input.log", $name="optionalfiletable4", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=event1]);
 	Input::add_table([$source="input.log", $name="optionalfiletable5", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=event2]);
 	Input::add_table([$source="input.log", $name="optionalfiletable6", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=event3]);
 	Input::add_table([$source="input.log", $name="optionalfiletable7", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=event4]);
 	Input::add_table([$source="input.log", $name="optionalfiletable8", $idx=Idx, $val=Val, $destination=val_table4, $want_record=F]);
 	Input::add_table([$source="input.log", $name="optionalfiletable9", $idx=Idx2, $val=Val, $destination=val_table, $want_record=F]);
 	Input::add_table([$source="input.log", $name="optionalfiletable10", $idx=Idx, $val=Val, $destination=val_table2, $want_record=F]);
 	Input::add_table([$source="input.log", $name="optionalfiletable11", $idx=Idx2, $val=Idx, $destination=val_table3, $want_record=F]);
 	Input::add_table([$source="input.log", $name="optionalfiletable12", $idx=Idx2, $val=Idx, $destination=val_table2, $want_record=F]);
 	Input::add_table([$source="input.log", $name="optionalfiletable14", $idx=Idx, $val=OptionalFileVal, $destination=optional_file_table, $ev=event10, $want_record=F]);
 	Input::add_table([$source="input.log", $name="optionalfiletable15", $idx=Idx2, $val=Idx, $destination=val_table2, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event1", $fields=OptionalFileVal, $ev=terminate, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event2", $fields=OptionalFileVal, $ev=kill_me, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event3", $fields=OptionalFileVal, $ev=event3, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event4", $fields=OptionalFileVal, $ev=event5, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event5", $fields=OptionalFileVal, $ev=event6, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event6", $fields=OptionalFileVal, $ev=event7, $want_record=T]);
 	Input::add_event([$source="input.log", $name="event7", $fields=OptionalFileVal, $ev=event7, $want_record=F]);
 	Input::add_event([$source="input.log", $name="event8", $fields=Val, $ev=event8, $want_record=F]);
 	Input::add_event([$source="input.log", $name="event9", $fields=Val, $ev=event9, $want_record=F]);
 	Input::add_event([$source="input.log", $name="error1", $fields=Val, $ev=event11, $want_record=T, $error_ev=errorhandler1]);
 	Input::add_table([$source="input.log", $name="error2", $idx=Idx, $val=Val, $destination=val_table, $error_ev=errorhandler2]);
 	Input::add_event([$source="input.log", $name="error3", $fields=Val, $ev=event11, $want_record=T, $error_ev=errorhandler3]);
 	Input::add_event([$source="input.log", $name="error4", $fields=Val, $ev=event11, $want_record=T, $error_ev=errorhandler4]);
 	Input::add_event([$source="input.log", $name="error5", $fields=Val, $ev=event11, $want_record=T, $error_ev=errorhandler5]);
 	schedule 3secs { kill_me() };
 	}
--- a/testing/btest/core/leaks/input-missing-enum.zeek
+++ b/testing/btest/core/leaks/input-missing-enum.zeek
@ -1,41 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@TEST-START-FILE input.log
 #fields	e	i
 IdoNot::Exist	1
@TEST-END-FILE
 redef exit_only_after_terminate = T;
 module A;
 type Idx: record {
 	i: int;
 };
 type Val: record {
 	e: Log::ID;
 };
 global etable: table[int] of Log::ID = table();
 event zeek_init()
 	{
 	# first read in the old stuff into the table...
 	Input::add_table([$source="../input.log", $name="enum", $idx=Idx, $val=Val, $destination=etable, $want_record=F]);
 	}
 event Input::end_of_data(name: string, source:string)
 	{
 	print "Table:";
 	print etable;
 	Input::remove("enum");
 	terminate();
 	}
--- a/testing/btest/core/leaks/input-optional-event.zeek
+++ b/testing/btest/core/leaks/input-optional-event.zeek
@ -1,65 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@TEST-START-FILE input.log
 #separator \x09
 #path	ssh
 #fields	i	b	r.a	r.b	r.c	
 #types	int	bool	string	string	string
 1	T	a	b	c
 2	T	a	b	c
 3	F	ba	bb	bc
 4	T	bb	bd	-
 5	F	a	b	c
 6	T	a	b	c
 7	T	a	b	c
@TEST-END-FILE
 redef exit_only_after_terminate = T;
 global outfile: file;
 redef InputAscii::empty_field = "EMPTY";
 module A;
 type Sub: record {
 	a: string;
 	aa: string &optional;
 	b : string;
 	bb: string &optional;
 	c: string &optional;
 	d: string &optional;
 };
 type Val: record {
 	i: int;
 	b: bool;
 	notb: bool &optional;
 	r: Sub;
 };
 event servers(desc: Input::EventDescription, tpe: Input::Event, item: Val)
 	{
 	print outfile, item;
 	}
 event zeek_init()
 	{
 	outfile = open("../out");
 	# first read in the old stuff into the table...
 	Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=servers]);
 	}
 event Input::end_of_data(name: string, source: string)
 	{
 	Input::remove("input");
 	close(outfile);
 	terminate();
 	}
--- a/testing/btest/core/leaks/input-optional-table.zeek
+++ b/testing/btest/core/leaks/input-optional-table.zeek
@ -1,68 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@TEST-START-FILE input.log
 #separator \x09
 #path	ssh
 #fields	i	b	r.a	r.b	r.c	
 #types	int	bool	string	string	string
 1	T	a	b	c
 2	T	a	b	c
 3	F	ba	bb	bc
 4	T	bb	bd	-
 5	T	a	b	c
 6	F	a	b	c
 7	T	a	b	c
@TEST-END-FILE
 redef exit_only_after_terminate = T;
 global outfile: file;
 redef InputAscii::empty_field = "EMPTY";
 module A;
 type Sub: record {
 	a: string;
 	aa: string &optional;
 	b : string;
 	bb: string &optional;
 	c: string &optional;
 	d: string &optional;
 };
 type Idx: record {
 	i: int;
 };
 type Val: record {
 	b: bool;
 	notb: bool &optional;
 	r: Sub;
 };
 global servers: table[int] of Val = table();
 event zeek_init()
 	{
 	outfile = open("../out");
 	# first read in the old stuff into the table...
 	Input::add_table([$source="../input.log", $name="input", $idx=Idx, $val=Val, $destination=servers, 
 				$pred(typ: Input::Event, left: Idx, right: Val) = { right$notb = !right$b; return T; }
 				]);
 	}
 event Input::end_of_data(name: string, source: string)
 	{
 	print outfile, servers;
 	Input::remove("input");
 	close(outfile);
 	terminate();
 	}
--- a/testing/btest/core/leaks/input-patterns.zeek
+++ b/testing/btest/core/leaks/input-patterns.zeek
@ -1,52 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef exit_only_after_terminate = T;
@TEST-START-FILE input.log
 #separator \x09
 #fields	i	p
 #types	count	pattern
 1	/dog/
 2	/cat/
 3	/foo|bar/
 4	/^oob/
@TEST-END-FILE
 global outfile: file;
 module A;
 type Idx: record {
 	i: int;
 };
 type Val: record {
 	p: pattern;
 };
 global pats: table[int] of Val = table();
 event zeek_init()
 	{
 	outfile = open("../out");
 	# first read in the old stuff into the table...
 	Input::add_table([$source="../input.log", $name="pats", $idx=Idx, $val=Val, $destination=pats]);
 	}
 event Input::end_of_data(name: string, source:string)
 	{
 	print outfile, (pats[3]$p in "foobar"); # T
 	print outfile, (pats[4]$p in "foobar"); # F
 	print outfile, (pats[3]$p == "foo"); # T
 	print outfile, pats;
 	Input::remove("pats");
 	close(outfile);
 	terminate();
 	}
--- a/testing/btest/core/leaks/input-raw.zeek
+++ b/testing/btest/core/leaks/input-raw.zeek
@ -1,72 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: cp input1.log input.log
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT 
 # @TEST-EXEC: $SCRIPTS/wait-for-file zeek/got2 90 || (btest-bg-wait -k 1 && false)
 # @TEST-EXEC: cat input2.log >> input.log
 # @TEST-EXEC: $SCRIPTS/wait-for-file zeek/got6 30 || (btest-bg-wait -k 1 && false)
 # @TEST-EXEC: cat input3.log >> input.log
 # @TEST-EXEC: btest-bg-wait 120
 redef exit_only_after_terminate = T;
@TEST-START-FILE input1.log
 sdfkh:KH;fdkncv;ISEUp34:Fkdj;YVpIODhfDF
@TEST-END-FILE
@TEST-START-FILE input2.log
 DSF"DFKJ"SDFKLh304yrsdkfj@#(*U$34jfDJup3UF
 q3r3057fdf
@TEST-END-FILE
@TEST-START-FILE input3.log
 sdfs\d
 dfsdf
 sdf
 3rw43wRRERLlL#RWERERERE.
@TEST-END-FILE
 module A;
 type Val: record {
 	s: string;
 };
 global try: count;
 global outfile: file;
 event line(description: Input::EventDescription, tpe: Input::Event, s: string)
 	{
 	print outfile, description$name;
 	print outfile, tpe;
 	print outfile, s;
 	try = try + 1;
 	if ( try == 2 )
 		system("touch got2");
 	else if ( try == 6 )
 		system("touch got6");
 	else if ( try == 16 )
 		{
 		print outfile, "done";
 		close(outfile);
 		Input::remove("input");
 		Input::remove("tail");
 		terminate();
 		}
 	}
 event zeek_init()
 	{
 	outfile = open("../out");
 	try = 0;
 	Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line, $want_record=F]);
 	Input::add_event([$source="tail -f ../input.log |", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="tail", $fields=Val, $ev=line, $want_record=F]);
 	}
--- a/testing/btest/core/leaks/input-reread.zeek
+++ b/testing/btest/core/leaks/input-reread.zeek
@ -1,164 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: cp input1.log input.log
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: $SCRIPTS/wait-for-file zeek/got2 90 || (btest-bg-wait -k 1 && false)
 # @TEST-EXEC: cp input2.log input.log
 # @TEST-EXEC: $SCRIPTS/wait-for-file zeek/got4 20 || (btest-bg-wait -k 1 && false)
 # @TEST-EXEC: cp input3.log input.log
 # @TEST-EXEC: $SCRIPTS/wait-for-file zeek/got6 20 || (btest-bg-wait -k 1 && false)
 # @TEST-EXEC: cp input4.log input.log
 # @TEST-EXEC: $SCRIPTS/wait-for-file zeek/got8 20 || (btest-bg-wait -k 1 && false)
 # @TEST-EXEC: cp input5.log input.log
 # @TEST-EXEC: btest-bg-wait 150
@TEST-START-FILE input1.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	r.a	r.b
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string	string
 T	-42	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortytwo	-
@TEST-END-FILE
@TEST-START-FILE input2.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	r.a	r.b
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string	string
 T	-42	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortytwo	-
 T	-43	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortythree	43
@TEST-END-FILE
@TEST-START-FILE input3.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	r.a	r.b
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string	string
 T	-42	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortytwo	-
 F	-43	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortythree	43
@TEST-END-FILE
@TEST-START-FILE input4.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	r.a	r.b	r.d
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string	string	string
 T	-42	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortytwo	-	-
 F	-43	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortythree	43	-
 F	-44	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fortyfour	-	-
 F	-45	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fourtyfive	-	-
 F	-46	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fourtysix	-	-
 F	-47	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fourtyseven	-	-
 F	-48	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fourtyeight	48	f
@TEST-END-FILE
@TEST-START-FILE input5.log
 #separator \x09
 #path	ssh
 #fields	b	i	e	c	p	sn	a	d	t	iv	s	sc	ss	se	vc	ve	r.a	r.b	r.d
 #types	bool	int	enum	count	port	subnet	addr	double	time	interval	string	table	table	table	vector	vector	string	string	string
 F	-48	SSH::LOG	21	123	10.0.0.0/24	1.2.3.4	3.14	1315801931.273616	100.000000	hurz	2,4,1,3	CC,AA,BB	EMPTY	10,20,30	EMPTY	fourtyeight	48	f
@TEST-END-FILE
@load base/protocols/ssh
 redef exit_only_after_terminate = T;
 redef InputAscii::empty_field = "EMPTY";
 module A;
 type Sub: record {
 	a: string;
 	b: string &optional;
 	c: string &optional;
 	d: string &optional;
 };
 type Idx: record {
 	i: int;
 };
 type Val: record {
 	b: bool;
 	e: Log::ID;
 	c: count;
 	p: port;
 	sn: subnet;
 	a: addr;
 	d: double;
 	t: time;
 	iv: interval;
 	s: string;
 	sc: set[count];
 	ss: set[string];
 	se: set[string];
 	vc: vector of int;
 	ve: vector of int;
 	r: Sub;
 };
 global servers: table[int] of Val = table();
 global outfile: file;
 global try: count;
 event servers_ev(description: Input::EventDescription, tpe: Input::Event, item: Val)
 	{
 	print outfile, "============EVENT EVENT============";
 	print outfile, item;
 	}
 event line(description: Input::TableDescription, tpe: Input::Event, left: Idx, right: Val)
 	{
 	print outfile, "============TABLE EVENT============";
 	print outfile, "Left";
 	print outfile, left;
 	print outfile, "Right";
 	print outfile, right;
 	}
 event zeek_init()
 	{
 	outfile = open("../out");
 	try = 0;
 	# first read in the old stuff into the table...
 	Input::add_table([$source="../input.log", $mode=Input::REREAD, $name="ssh", $idx=Idx, $val=Val, $destination=servers, $ev=line,
 	$pred(typ: Input::Event, left: Idx, right: Val) = { 
 	print outfile, "============PREDICATE============";
 	print outfile, left;
 	print outfile, right;
 	return T;
 	}
 	]);
 	Input::add_event([$source="../input.log", $mode=Input::REREAD, $name="sshevent", $fields=Val, $ev=servers_ev]);
 	}
 event Input::end_of_data(name: string, source: string)
 	{
 	if ( name == "ssh" ) {
 		print outfile, "==========SERVERS============";
 		print outfile, servers;
 	} else {
 		print outfile, "==========END OF EVENTS EVENTS===========";
 	}
 	try = try + 1;
 	if ( try == 2 )
 		system("touch got2");
 	else if ( try == 4 )
 		system("touch got4");
 	else if ( try == 6 )
 		system("touch got6");
 	else if ( try == 8 )
 		system("touch got8");
 	else if ( try == 10 )
 		{
 		print outfile, "done";
 		close(outfile);
 		Input::remove("input");
 		terminate();
 		}
 	}
--- a/testing/btest/core/leaks/input-sqlite.zeek
+++ b/testing/btest/core/leaks/input-sqlite.zeek
@ -1,105 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 # @TEST-REQUIRES: which sqlite3
 #
 # @TEST-EXEC: cat conn.sql | sqlite3 conn.sqlite
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@TEST-START-FILE conn.sql
 PRAGMA foreign_keys=OFF;
 BEGIN TRANSACTION;
 CREATE TABLE conn (
 'ts' double precision,
 'uid' text,
 'id.orig_h' text,
 'id.orig_p' integer,
 'id.resp_h' text,
 'id.resp_p' integer,
 'proto' text,
 'service' text,
 'duration' double precision,
 'orig_bytes' integer,
 'resp_bytes' integer,
 'conn_state' text,
 'local_orig' boolean,
 'local_resp' boolean,
 'missed_bytes' integer,
 'history' text,
 'orig_pkts' integer,
 'orig_ip_bytes' integer,
 'resp_pkts' integer,
 'resp_ip_bytes' integer,
 'tunnel_parents' text
 );
 INSERT INTO "conn" VALUES(1.30047516709653496744e+09,'dnGM1AdIVyh','141.142.220.202',5353,'224.0.0.251',5353,'udp','dns',NULL,NULL,NULL,'S0',NULL,NULL,0,'D',1,73,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516709701204296e+09,'fv9q7WjEgp1','fe80::217:f2ff:fed7:cf65',5353,'ff02::fb',5353,'udp',NULL,NULL,NULL,NULL,'S0',NULL,NULL,0,'D',1,199,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516709981608392e+09,'0Ox0H56yl88','141.142.220.50',5353,'224.0.0.251',5353,'udp',NULL,NULL,NULL,NULL,'S0',NULL,NULL,0,'D',1,179,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885389900212e+09,'rvmSc7rDQub','141.142.220.118',43927,'141.142.2.2',53,'udp','dns',4.351139068603515625e-04,38,89,'SF',NULL,NULL,0,'Dd',1,66,1,117,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885437798497e+09,'ogkztouSArh','141.142.220.118',37676,'141.142.2.2',53,'udp','dns',4.20093536376953125e-04,52,99,'SF',NULL,NULL,0,'Dd',1,80,1,127,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885483694076e+09,'0UIDdXFt7Tb','141.142.220.118',40526,'141.142.2.2',53,'udp','dns',3.9196014404296875e-04,38,183,'SF',NULL,NULL,0,'Dd',1,66,1,211,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885795593258e+09,'WqFYV51UIq7','141.142.220.118',32902,'141.142.2.2',53,'udp','dns',3.17096710205078125e-04,38,89,'SF',NULL,NULL,0,'Dd',1,66,1,117,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885830593104e+09,'ylcqZpbz6K2','141.142.220.118',59816,'141.142.2.2',53,'udp','dns',3.430843353271484375e-04,52,99,'SF',NULL,NULL,0,'Dd',1,80,1,127,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885871291159e+09,'blhldTzA7Y6','141.142.220.118',59714,'141.142.2.2',53,'udp','dns',3.750324249267578125e-04,38,183,'SF',NULL,NULL,0,'Dd',1,66,1,211,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889164400098e+09,'Sc34cGJo3Kg','141.142.220.118',58206,'141.142.2.2',53,'udp','dns',3.39031219482421875e-04,38,89,'SF',NULL,NULL,0,'Dd',1,66,1,117,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889203691487e+09,'RzvFrfXSRfk','141.142.220.118',38911,'141.142.2.2',53,'udp','dns',3.349781036376953125e-04,52,99,'SF',NULL,NULL,0,'Dd',1,80,1,127,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889241409298e+09,'GaaFI58mpbe','141.142.220.118',59746,'141.142.2.2',53,'udp','dns',4.208087921142578125e-04,38,183,'SF',NULL,NULL,0,'Dd',1,66,1,211,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889398789407e+09,'tr7M6tvAIQa','141.142.220.118',45000,'141.142.2.2',53,'udp','dns',3.840923309326171875e-04,38,89,'SF',NULL,NULL,0,'Dd',1,66,1,117,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889442205426e+09,'gV0TcSc2pb4','141.142.220.118',48479,'141.142.2.2',53,'udp','dns',3.168582916259765625e-04,52,99,'SF',NULL,NULL,0,'Dd',1,80,1,127,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889478707315e+09,'MOG0z4PYOhk','141.142.220.118',48128,'141.142.2.2',53,'udp','dns',4.22954559326171875e-04,38,183,'SF',NULL,NULL,0,'Dd',1,66,1,211,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516890174889565e+09,'PlehgEduUyj','141.142.220.118',56056,'141.142.2.2',53,'udp','dns',4.022121429443359375e-04,36,131,'SF',NULL,NULL,0,'Dd',1,64,1,159,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516890219497676e+09,'4eZgk09f2Re','141.142.220.118',55092,'141.142.2.2',53,'udp','dns',3.740787506103515625e-04,36,198,'SF',NULL,NULL,0,'Dd',1,64,1,226,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516989943790432e+09,'3xwJPc7mQ9a','141.142.220.44',5353,'224.0.0.251',5353,'udp','dns',NULL,NULL,NULL,'S0',NULL,NULL,0,'D',1,85,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047517086238408089e+09,'yxTcvvTKWQ4','141.142.220.226',137,'141.142.220.255',137,'udp','dns',2.61301684379577636718e+00,350,0,'S0',NULL,NULL,0,'D',7,546,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047517167537188525e+09,'8bLW3XNfhCj','fe80::3074:17d5:2052:c324',65373,'ff02::1:3',5355,'udp','dns',1.00096225738525390625e-01,66,0,'S0',NULL,NULL,0,'D',2,162,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047517167708110807e+09,'rqjhiiRPjEe','141.142.220.226',55131,'224.0.0.252',5355,'udp','dns',1.00020885467529296875e-01,66,0,'S0',NULL,NULL,0,'D',2,122,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047517311674904827e+09,'hTPyfL3QSGa','fe80::3074:17d5:2052:c324',54213,'ff02::1:3',5355,'udp','dns',9.980106353759765625e-02,66,0,'S0',NULL,NULL,0,'D',2,162,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047517311736202235e+09,'EruUQ9AJRj4','141.142.220.226',55671,'224.0.0.252',5355,'udp','dns',9.98489856719970703125e-02,66,0,'S0',NULL,NULL,0,'D',2,122,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047517315367889406e+09,'sw1bKJOMjuk','141.142.220.238',56641,'141.142.220.255',137,'udp','dns',NULL,NULL,NULL,'S0',NULL,NULL,0,'D',1,78,0,0,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516872400689127e+09,'NPHCuyWykE7','141.142.220.118',48649,'208.80.152.118',80,'tcp','http',1.19904994964599609375e-01,525,232,'S1',NULL,NULL,0,'ShADad',4,741,3,396,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889293599126e+09,'VapPqRhPgJ4','141.142.220.118',50000,'208.80.152.3',80,'tcp','http',2.29603052139282226562e-01,1148,734,'S1',NULL,NULL,0,'ShADad',6,1468,4,950,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885916304588e+09,'3607hh8C3bc','141.142.220.118',49998,'208.80.152.3',80,'tcp','http',2.15893030166625976562e-01,1130,734,'S1',NULL,NULL,0,'ShADad',6,1450,4,950,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516885530495647e+09,'tgYMrIvzDSg','141.142.220.118',49996,'208.80.152.3',80,'tcp','http',2.1850109100341796875e-01,1171,733,'S1',NULL,NULL,0,'ShADad',6,1491,4,949,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516889526700977e+09,'xQsjPwNBrXd','141.142.220.118',50001,'208.80.152.3',80,'tcp','http',2.27283954620361328125e-01,1178,734,'S1',NULL,NULL,0,'ShADad',6,1498,4,950,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516890263509747e+09,'Ap3GzMI1vM9','141.142.220.118',35642,'208.80.152.2',80,'tcp','http',1.200408935546875e-01,534,412,'S1',NULL,NULL,0,'ShADad',4,750,3,576,'(empty)');
 INSERT INTO "conn" VALUES(1300475168.85533,'FTVcgrmNy52','141.142.220.118',49997,'208.80.152.3',80,'tcp','http',2.19720125198364257812e-01,1125,734,'S1',NULL,NULL,0,'ShADad',6,1445,4,950,'(empty)');
 INSERT INTO "conn" VALUES(1.30047516978033089643e+09,'1xFx4PGdeq5','141.142.220.235',6705,'173.192.163.128',80,'tcp',NULL,NULL,NULL,NULL,'OTH',NULL,NULL,0,'h',0,0,1,48,'(empty)');
 INSERT INTO "conn" VALUES(1.3004751686520030498e+09,'WIG1ud65z22','141.142.220.118',35634,'208.80.152.2',80,'tcp',NULL,6.1328887939453125e-02,463,350,'OTH',NULL,NULL,0,'DdA',2,567,1,402,'(empty)');
 INSERT INTO "conn" VALUES(1.3004751688929131031e+09,'o2gAkl4V7sa','141.142.220.118',49999,'208.80.152.3',80,'tcp','http',2.20960855484008789062e-01,1137,733,'S1',NULL,NULL,0,'ShADad',6,1457,4,949,'(empty)');
 COMMIT;
@TEST-END-FILE
@load base/protocols/conn
 redef exit_only_after_terminate = T; 
 redef Input::accept_unsupported_types = T;
 global outfile: file;
 module A;
 event line(description: Input::EventDescription, tpe: Input::Event, r: Conn::Info)
 	{
 	print outfile, r;
 	print outfile, |r$tunnel_parents|; # to make sure I got empty right
 	}
 event zeek_init()
 	{
 	local config_strings: table[string] of string = {
 		 ["query"] = "select * from conn;",
 	};
 	outfile = open("../out");
 	Input::add_event([$source="../conn", $name="conn", $fields=Conn::Info, $ev=line, $want_record=T, $reader=Input::READER_SQLITE, $config=config_strings]);
 	}
 event Input::end_of_data(name: string, source:string)
 	{
 	print outfile, "End of data";
 	close(outfile);
 	terminate();
 	}
--- a/testing/btest/core/leaks/input-with-remove.zeek
+++ b/testing/btest/core/leaks/input-with-remove.zeek
@ -1,63 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/frameworks/input
 redef exit_only_after_terminate = T;
 global c: count = 0;
 type OneLine: record {
 	s: string;
 };
 event line(description: Input::EventDescription, tpe: Input::Event, s: string)
 	{
 	print "1", "Line";
 	}
 event InputRaw::process_finished(name: string, source:string, exit_code:count, signal_exit:bool)
 	{
 	Input::remove(name);
 	print "2", name;
 	}
 function run(): count
 	{
 	Input::add_event([$name=unique_id(""),
 	                  $source=fmt("%s |", "date"),
 	                  $reader=Input::READER_RAW,
 	                  $mode=Input::STREAM,
 	                  $fields=OneLine,
 	                  $ev=line,
 	                  $want_record=F]);
 	return 1;
 	}
 event do()
       {
       run();
    	}
 event do_term() {
 	terminate();
 }
 event zeek_init() {
 	schedule 1sec { 
 	 do() 
 	};
 	schedule 3sec { 
 	 do_term() 
 	};
 }
--- a/testing/btest/core/leaks/ip-in-ip.test
+++ b/testing/btest/core/leaks/ip-in-ip.test
@ -1,33 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek1 zeek -m -b -r $TRACES/tunnels/6in6.pcap %INPUT
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek2 zeek -m -b -r $TRACES/tunnels/6in6in6.pcap %INPUT
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek3 zeek -m -b -r $TRACES/tunnels/6in6-tunnel-change.pcap %INPUT
 # @TEST-EXEC: btest-bg-wait 120
 event new_connection(c: connection)
 	{
 	if ( c?$tunnel )
 		{
 		print "new_connection: tunnel";
 		print fmt("    conn_id: %s", c$id);
 		print fmt("    encap: %s", c$tunnel);
 		}
 	else
 		{
 		print "new_connection: no tunnel";
 		}
 	}
 event tunnel_changed(c: connection, e: EncapsulatingConnVector)
 	{
 	print "tunnel_changed:";
 	print fmt("    conn_id: %s", c$id);
 	if ( c?$tunnel )
 		print fmt("    old: %s", c$tunnel);
 	print fmt("    new: %s", e);
 	}
--- a/testing/btest/core/leaks/ipv6_ext_headers.test
+++ b/testing/btest/core/leaks/ipv6_ext_headers.test
@ -1,37 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/ipv6-hbh-routing0.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 # Just check that the event is raised correctly for a packet containing
 # extension headers.
 event ipv6_ext_headers(c: connection, p: pkt_hdr)
 	{
 	print p;
 	}
 # Also check the weird for routing type 0 extensions headers
 event flow_weird(name: string, src: addr, dst: addr, addl: string)
 	{
 	print fmt("weird %s from %s to %s", name, src, dst);
 	}
 # And the connection for routing type 0 packets with non-zero segments left
 # should use the last address in that extension header.
 event new_connection(c: connection)
 	{
 	print c$id;
 	}
 event ipv6_ext_headers(c: connection, p: pkt_hdr)
    {
 	for ( h in p$ip6$exts )
 		if ( p$ip6$exts[h]$id == IPPROTO_ROUTING )
 			if ( p$ip6$exts[h]$routing$rtype == 0 )
 				print routing0_data_to_addrs(p$ip6$exts[h]$routing$data);
 	}
--- a/testing/btest/core/leaks/irc.test
+++ b/testing/btest/core/leaks/irc.test
@ -1,13 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/irc-dcc-send.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 event irc_names_info(c: connection, is_orig: bool, c_type: string, channel: string, users: string_set)
 	{
 	print channel, users;
 	}
--- a/testing/btest/core/leaks/krb-service-name.test
+++ b/testing/btest/core/leaks/krb-service-name.test
@ -1,8 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/krb/optional-service-name.pcap
 # @TEST-EXEC: btest-bg-wait 90
--- a/testing/btest/core/leaks/krb.test
+++ b/testing/btest/core/leaks/krb.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/krb/kinit.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/krb
--- a/testing/btest/core/leaks/kv-iteration.zeek
+++ b/testing/btest/core/leaks/kv-iteration.zeek
@ -1,22 +0,0 @@
 # @TEST-GROUP: leaks
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 event new_connection(c: connection)
 	{
 	local t: table[count] of string = table();
 	t[1] = "hello";
 	t[55] = "goodbye";
 	for (key, value in t)
 		print key, value;
 	local tkk: table[string, string] of count = table();
 	tkk["hello", "world"] = 1;
 	tkk["goodbye", "world"] = 55;
 	for ([k1, k2], val in tkk)
 		print k1, k2, val;
 	}
--- a/testing/btest/core/leaks/mysql.test
+++ b/testing/btest/core/leaks/mysql.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/mysql/mysql.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/mysql
--- a/testing/btest/core/leaks/paraglob.zeek
+++ b/testing/btest/core/leaks/paraglob.zeek
@ -1,34 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 120
 event new_connection (c : connection)
 {
  local v1 = vector("*", "d?g", "*og", "d?", "d[!wl]g");
  local v2 = vector("once", "!o*", "once");
  local v3 = vector("https://*.google.com/*", "*malware*", "*.gov*");
  local p1 = paraglob_init(v1);
  local p2: opaque of paraglob = paraglob_init(v2);
  local p3 = paraglob_init(v3);
  local p_eq = paraglob_init(v1);
  # paraglob_init should not modify v1
  print (v1 == vector("*", "d?g", "*og", "d?", "d[!wl]g"));
  # p_eq and p1 should be the same paraglobs
  print paraglob_equals(p_eq, p1);
  print paraglob_match(p1, "dog");
  print paraglob_match(p2, "once");
  print paraglob_match(p3, "www.strange-malware-domain.gov");
  local large_glob: opaque of paraglob = paraglob_init(v3);
  print paraglob_match(large_glob, "www.strange-malware-domain.gov");
 }
--- a/testing/btest/core/leaks/pattern.zeek
+++ b/testing/btest/core/leaks/pattern.zeek
@ -1,67 +0,0 @@
 # @TEST-GROUP: leaks
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 function test_case(msg: string, expect: bool)
    {
    print fmt("%s (%s)", msg, expect ? "PASS" : "FAIL");
    }
 event new_connection(c: connection)
 	{
 	print "new connection";
 	local p1: pattern = /foo|bar/; 
 	local p2: pattern = /oob/; 
 	local p3: pattern = /^oob/; 
 	local p4 = /foo/;
 	# Type inference tests
 	test_case( "type inference", type_name(p4) == "pattern" );
 	# Operator tests
 	test_case( "equality operator", "foo" == p1 );
 	test_case( "equality operator (order of operands)", p1 == "foo" );
 	test_case( "inequality operator", "foobar" != p1 );
 	test_case( "inequality operator (order of operands)", p1 != "foobar" );
 	test_case( "in operator", p1 in "foobar" );
 	test_case( "in operator", p2 in "foobar" );
 	test_case( "!in operator", p3 !in "foobar" );
 	test_case( "& operator", p1 & p2 in "baroob" );
 	test_case( "& operator", p2 & p1 in "baroob" );
 	test_case( "| operator", p1 | p2 in "lazybarlazy" );
 	test_case( "| operator", p3 | p4 in "xoob" );
 	test_case( "/i pattern modifier", /fOO/i in "xFoObar" );
 	test_case( "/i pattern modifier", /fOO/i == "Foo" );
 	test_case( "/i double-quote escape", /"fOO"/i in "xFoObar" );
 	test_case( "/i double-quote escape", /"fOO"/i in "xfOObar" );
 	test_case( "case-sensitive pattern", /fOO/ in "xFoObar" );
 	test_case( "case-sensitive pattern", /fOO/ == "Foo" );
 	test_case( "case-sensitive pattern", /fOO/ == "fOO" );
 	test_case( "/i pattern disjunction", /bar/i | /bez/ == "bez" );
 	test_case( "/i pattern disjunction", /bar/i | /bez/ == "bEz" );
 	test_case( "/i pattern disjunction", /bar/i | /bez/ == "bar" );
 	test_case( "/i pattern disjunction", /bar/i | /bez/ == "bAr" );
 	test_case( "/i pattern concatenation", /bar/i & /bez/ == "barbez" );
 	test_case( "/i pattern concatenation", /bar/i & /bez/ == "barbEz" );
 	test_case( "/i pattern concatenation", /BAR/i & /bez/ == "barbEz" );
 	test_case( "/i pattern concatenation", /bar/i & /bez/ == "bArbez" );
 	test_case( "/i pattern concatenation", /BAR/i & /bez/ == "bArbez" );
 	test_case( "/i pattern concatenation", /bar/i & /bez/ == "bArbEz" );
 	test_case( "/i pattern character class", /ba[0a-c99S-Z0]/i & /bEz/ == "bArbEz" );
 	test_case( "/i pattern character class", /ba[0a-c99M-S0]/i & /bEz/ == "bArbEz" );
 	test_case( "(?i:...) pattern construct", /foo|(?i:bar)/ in "xBAry" );
 	test_case( "(?i:...) pattern construct", /foo|(?i:bar)/ in "xFOoy" );
 	test_case( "(?i:...) pattern construct", /foo|(?i:bar)/ | /foo/i in "xFOoy" );
 	}
--- a/testing/btest/core/leaks/pe.test
+++ b/testing/btest/core/leaks/pe.test
@ -1,12 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/pe/pe.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/ftp
@load base/files/pe
--- a/testing/btest/core/leaks/print-log.zeek
+++ b/testing/btest/core/leaks/print-log.zeek
@ -1,14 +0,0 @@
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef Log::print_to_log = Log::REDIRECT_ALL;
 event new_connection(c: connection)
    {
    print "hello world ,";
    print 2,T;
    }
--- a/testing/btest/core/leaks/radius.test
+++ b/testing/btest/core/leaks/radius.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/radius/radius.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/radius
--- a/testing/btest/core/leaks/returnwhen.zeek
+++ b/testing/btest/core/leaks/returnwhen.zeek
@ -1,84 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: btest-bg-run zeek HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local zeek -m -b %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 redef exit_only_after_terminate = T;
 global my_set: set[string] = set();
 global flag: string = "flag";
 global done: bool = F;
 function dummyfunc(s: string): string
 	{
 	return "dummy " + s;
 	}
 function async_func(s: string): string
 	{
 	print dummyfunc("from async_func() " + s);
 	return when ( flag in my_set )
 		{
 		return flag + " in my_set";
 		}
 	timeout 3sec
 		{
 		return "timeout";
 		}
 	}
 event set_flag()
 	{
 	add my_set[flag];
 	}
 event do_another()
 	{
 	delete my_set[flag];
 	local local_dummy = dummyfunc;
 	local anon = function(s: string): string { return s + "!"; };
 	if ( ! done )
 		schedule 1sec { set_flag() };
 	when ( local result = async_func("from do_another()") )
 		{
 		print "async_func() return result in do_another()", result;
 		print local_dummy("from do_another() when block");
 		print anon("hi");
 		if ( result == "timeout" )
 			terminate();
 		else
 			{
 			done = T;
 			schedule 10msec { do_another() };
 			}
 		}
 	}
 event zeek_init()
 	{
 	local local_dummy = dummyfunc;
 	local anon = function(s: string): string { return s + "!"; };
 	schedule 1sec { set_flag() };
 	when ( local result = async_func("from zeek_init()") )
 		{
 		print "async_func() return result in zeek_init()", result;
 		print local_dummy("from zeek_init() when block");
 		print anon("hi");
 		if ( result == "timeout" ) terminate();
 		schedule 10msec { do_another() };
 		}
 	}
--- a/testing/btest/core/leaks/set.zeek
+++ b/testing/btest/core/leaks/set.zeek
@ -1,194 +0,0 @@
 # @TEST-GROUP: leaks
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 function test_case(msg: string, expect: bool)
    {
    print fmt("%s (%s)", msg, expect ? "PASS" : "FAIL");
    }
 # Note: only global sets can be initialized with curly braces
 global sg1: set[string] = { "curly", "braces" };
 global sg2: set[port, string, bool] = { [10/udp, "curly", F],
 		[11/udp, "braces", T] };
 global sg3 = { "more", "curly", "braces" };
 global did_once = F;
 event new_connection(cc: connection)
 	{
 	if ( did_once )
 		return;
 	did_once = T;
 	local s1: set[string] = set( "test", "example" );
 	local s2: set[string] = set();
 	local s3: set[string];
 	local s4 = set( "type inference" );
 	local s5: set[port, string, bool] = set( [1/tcp, "test", T],
 			 [2/tcp, "example", F] );
 	local s6: set[port, string, bool] = set();
 	local s7: set[port, string, bool];
 	local s8 = set( [8/tcp, "type inference", T] );
 	# Type inference tests
 	test_case( "type inference", type_name(s4) == "set[string]" );
 	test_case( "type inference", type_name(s8) == "set[port,string,bool]" );
 	test_case( "type inference", type_name(sg3) == "set[string]" );
 	# Test the size of each set
 	test_case( "cardinality", |s1| == 2 );
 	test_case( "cardinality", |s2| == 0 );
 	test_case( "cardinality", |s3| == 0 );
 	test_case( "cardinality", |s4| == 1 );
 	test_case( "cardinality", |s5| == 2 );
 	test_case( "cardinality", |s6| == 0 );
 	test_case( "cardinality", |s7| == 0 );
 	test_case( "cardinality", |s8| == 1 );
 	test_case( "cardinality", |sg1| == 2 );
 	test_case( "cardinality", |sg2| == 2 );
 	test_case( "cardinality", |sg3| == 3 );
 	# Test iterating over each set
 	local ct: count;
 	ct = 0;
 	for ( c in s1 )
 	{
 		if ( type_name(c) != "string" )
 			print "Error: wrong set element type";
 		++ct;
 	}
 	test_case( "iterate over set", ct == 2 );
 	ct = 0;
 	for ( c in s2 )
 	{
 		++ct;
 	}
 	test_case( "iterate over set", ct == 0 );
 	ct = 0;
 	for ( [c1,c2,c3] in s5 )
 	{
 		++ct;
 	}
 	test_case( "iterate over set", ct == 2 );
 	ct = 0;
 	for ( [c1,c2,c3] in sg2 )
 	{
 		++ct;
 	}
 	test_case( "iterate over set", ct == 2 );
 	# Test adding elements to each set (Note: cannot add elements to sets
 	# of multiple types)
 	add s1["added"];
 	add s1["added"];  # element already exists (nothing happens)
 	test_case( "add element", |s1| == 3 );
 	test_case( "in operator", "added" in s1 );
 	add s2["another"];
 	test_case( "add element", |s2| == 1 );
 	add s2["test"];
 	test_case( "add element", |s2| == 2 );
 	test_case( "in operator", "another" in s2 );
 	test_case( "in operator", "test" in s2 );
 	add s3["foo"];
 	test_case( "add element", |s3| == 1 );
 	test_case( "in operator", "foo" in s3 );
 	add s4["local"];
 	test_case( "add element", |s4| == 2 );
 	test_case( "in operator", "local" in s4 );
 	add sg1["global"];
 	test_case( "add element", |sg1| == 3 );
 	test_case( "in operator", "global" in sg1 );
 	add sg3["more global"];
 	test_case( "add element", |sg3| == 4 );
 	test_case( "in operator", "more global" in sg3 );
 	# Test removing elements from each set (Note: cannot remove elements
 	# from sets of multiple types)
 	delete s1["test"];
 	delete s1["foobar"];  # element does not exist (nothing happens)
 	test_case( "remove element", |s1| == 2 );
 	test_case( "!in operator", "test" !in s1 );
 	delete s2["test"];
 	test_case( "remove element", |s2| == 1 );
 	test_case( "!in operator", "test" !in s2 );
 	delete s3["foo"];
 	test_case( "remove element", |s3| == 0 );
 	test_case( "!in operator", "foo" !in s3 );
 	delete s4["type inference"];
 	test_case( "remove element", |s4| == 1 );
 	test_case( "!in operator", "type inference" !in s4 );
 	delete sg1["braces"];
 	test_case( "remove element", |sg1| == 2 );
 	test_case( "!in operator", "braces" !in sg1 );
 	delete sg3["curly"];
 	test_case( "remove element", |sg3| == 3 );
 	test_case( "!in operator", "curly" !in sg3 );
 	local a = set(1,5,7,9,8,14);
 	local b = set(1,7,9,2);
 	local a_plus_b = set(1,2,5,7,9,8,14);
 	local a_also_b = set(1,7,9);
 	local a_sans_b = set(5,8,14);
 	local b_sans_a = set(2);
 	local a_or_b = a | b;
 	local a_and_b = a & b;
 	test_case( "union", a_or_b == a_plus_b );
 	test_case( "intersection", a_and_b == a_plus_b );
 	test_case( "difference", a - b == a_sans_b );
 	test_case( "difference", b - a == b_sans_a );
 	test_case( "union/inter.", |b & set(1,7,9,2)| == |b | set(1,7,2,9)| );
 	test_case( "relational", |b & a_or_b| == |b| && |b| < |a_or_b| );
 	test_case( "relational", b < a_or_b && a < a_or_b && a_or_b > a_and_b );
 	test_case( "subset", b < a );
 	test_case( "subset", a < b );
 	test_case( "subset", b < (a | set(2)) );
 	test_case( "superset", b > a );
 	test_case( "superset", b > (a | set(2)) );
 	test_case( "superset", b | set(8, 14, 5) > (a | set(2)) );
 	test_case( "superset", b | set(8, 14, 99, 5) > (a | set(2)) );
 	test_case( "non-ordering", (a <= b) || (a >= b) );
 	test_case( "non-ordering", (a <= a_or_b) && (a_or_b >= b) );
 	test_case( "superset", (b | set(14, 5)) > a - set(8) );
 	test_case( "superset", (b | set(14)) > a - set(8) );
 	test_case( "superset", (b | set(14)) > a - set(8,5) );
 	test_case( "superset", b >= a - set(5,8,14) );
 	test_case( "superset", b > a - set(5,8,14) );
 	test_case( "superset", (b - set(2)) > a - set(5,8,14) );
 	test_case( "equality", a == a | set(5) );
 	test_case( "equality", a == a | set(5,11) );
 	test_case( "non-equality", a != a | set(5,11) );
 	test_case( "equality", a == a | set(5,11) );
 	test_case( "magnitude", |a_and_b| == |a_or_b|);
 	}
--- a/testing/btest/core/leaks/sip.test
+++ b/testing/btest/core/leaks/sip.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/sip/wireshark.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/sip
--- a/testing/btest/core/leaks/smtp_attachment.test
+++ b/testing/btest/core/leaks/smtp_attachment.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/smtp.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/smtp
--- a/testing/btest/core/leaks/snmp.test
+++ b/testing/btest/core/leaks/snmp.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/snmp/snmpv1_get.pcap -r $TRACES/snmp/snmpv1_get_short.pcap -r $TRACES/snmp/snmpv1_set.pcap -r $TRACES/snmp/snmpv1_trap.pcap -r $TRACES/snmp/snmpv2_get_bulk.pcap -r $TRACES/snmp/snmpv2_get_next.pcap -r $TRACES/snmp/snmpv2_get.pcap -r $TRACES/snmp/snmpv3_get_next.pcap $SCRIPTS/snmp-test.zeek %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/snmp
--- a/testing/btest/core/leaks/ssh.test
+++ b/testing/btest/core/leaks/ssh.test
@ -1,10 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/ssh/ssh.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/ssh
--- a/testing/btest/core/leaks/stats.zeek
+++ b/testing/btest/core/leaks/stats.zeek
@ -1,15 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load policy/misc/stats
 event load_sample(samples: load_sample_info, CPU: interval, dmem: int)
 	{
 	print CPU;
 	}
--- a/testing/btest/core/leaks/string-indexing.zeek
+++ b/testing/btest/core/leaks/string-indexing.zeek
@ -1,27 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 event new_connection(c: connection)
 	{
 	local s = "0123456789";
 	print s[1];
 	print s[1:2];
 	print s[1:6];
 	print s[0:20];
 	print s[-2];
 	print s[-3:1];
 	print s[-1:10];
 	print s[-1:0];
 	print s[-1:5];
 	print s[20:23];
 	print s[-20:23];
 	print s[0:5][2];
 	print s[0:5][1:3][0];
 	}
--- a/testing/btest/core/leaks/switch-statement.zeek
+++ b/testing/btest/core/leaks/switch-statement.zeek
@ -1,299 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 type MyEnum: enum {
 	RED,
 	GREEN,
 	BLUE,
 	PINK,
 };
 function switch_bool(v: bool): string
 	{
 	switch (v) {
 	case T:
 		return "true";
 	case F:
 		return "false";
 	}
 	return "n/a";
 	}
 function switch_int(v: int): string
 	{
 	switch (v) {
 	case +1:
 		return "one";
 	case +2:
 		return "two";
 	case -3:
 		return "minus three";
 	}
 	return "n/a";
 	}
 function switch_enum(v: MyEnum): string
 	{
 	switch (v) {
 	case RED:
 		return "red";
 	case GREEN:
 		return "green";
 	case BLUE:
 		return "blue";
 	}
 	return "n/a";
 	}
 function switch_count(v: count): string
 	{
 	switch (v) {
 	case 1:
 		return "1";
 	case 2:
 		return "2";
 	case 3:
 		return "3";
 	}
 	return "n/a";
 	}
 function switch_port(v: port): string
 	{
 	switch (v) {
 	case 22/tcp:
 		return "ssh";
 	case 53/udp:
 		return "dns";
 	case 0/icmp:
 		return "echo";
 	}
 	return "n/a";
 	}
 function switch_double(v: double): string
 	{
 	switch (v) {
 	case 1.1:
 		return "1.1";
 	case 2.2:
 		return "2.2";
 	case 3.3:
 		return "3.3";
 	}
 	return "n/a";
 	}
 function switch_interval(v: interval): string
 	{
 	switch (v) {
 	case 1sec:
 		return "1sec";
 	case 2day:
 		return "2day";
 	case 3min:
 		return "3min";
 	}
 	return "n/a";
 	}
 function switch_string(v: string): string
 	{
 	switch (v) {
 	case "one":
 		return "first";
 	case "two":
 		return "second";
 	case "three":
 		return "third";
 	}
 	return "n/a";
 	}
 function switch_addr(v: addr): string
 	{
 	switch (v) {
 	case 1.2.3.4:
 		return "ipv4";
 	case [fe80::1]:
 		return "ipv6";
 	case 0.0.0.0:
 		return "unspec";
 	}
 	return "n/a";
 	}
 function switch_subnet(v: subnet): string
 	{
 	switch (v) {
 	case 1.2.3.0/24:
 		return "1.2.3.0/24";
 	case [fe80::0]/96:
 		return "[fe80::0]";
 	case 192.168.0.0/16:
 		return "192.168.0.0/16";
 	}
 	return "n/a";
 	}
 function switch_empty(v: count): string
 	{
 	switch ( v ) {
 	}
 	return "n/a";
 	}
 function switch_fallthrough(v: count): string
 	{
 	local rval = "";
 	switch ( v ) {
 	case 1:
 		rval += "test";
 		fallthrough;
 	case 2:
 		rval += "testing";
 		fallthrough;
 	case 3:
 		rval += "tested";
 		break;
 	}
 	return rval + "return";
 	}
 function switch_default(v: count): string
 	{
 	local rval = "";
 	switch ( v ) {
 	case 1:
 		rval += "1";
 		fallthrough;
 	case 2:
 		rval += "2";
 		break;
 	case 3:
 		rval += "3";
 		fallthrough;
 	default:
 		rval += "d";
 		break;
 	}
 	return rval + "r";
 	}
 function switch_default_placement(v: count): string
 	{
 	local rval = "";
 	switch ( v ) {
 	case 1:
 		rval += "1";
 		fallthrough;
 	default:
 		rval += "d";
 		fallthrough;
 	case 2:
 		rval += "2";
 		break;
 	case 3:
 		rval += "3";
 		break;
 	}
 	return rval + "r";
 	}
 function switch_case_list(v: count): string
 	{
 	switch ( v ) {
 	case 1, 2:
 		return "1,2";
 	case 3, 4, 5:
 		return "3,4,5";
 	case 6, 7, 8, 9:
 		return "6,7,8,9";
 	}
 	return "n/a";
 	}
 function test_switch(actual: string, expect: string)
 	{
 	if ( actual != expect )
 		print fmt("%s != %s", actual, expect);
 	}
 event new_connection(c: connection)
 	{
 	test_switch( switch_bool(T) , "true" );
 	test_switch( switch_bool(F) , "false" );
 	test_switch( switch_int(+1) , "one" );
 	test_switch( switch_int(+2) , "two" );
 	test_switch( switch_int(-3) , "minus three" );
 	test_switch( switch_int(40) , "n/a" );
 	test_switch( switch_enum(RED) , "red" );
 	test_switch( switch_enum(BLUE) , "blue" );
 	test_switch( switch_enum(GREEN) , "green" );
 	test_switch( switch_enum(PINK) , "n/a" );
 	test_switch( switch_count(1) , "1" );
 	test_switch( switch_count(2) , "2" );
 	test_switch( switch_count(3) , "3" );
 	test_switch( switch_count(100) , "n/a" );
 	test_switch( switch_port(22/tcp) , "ssh" );
 	test_switch( switch_port(53/udp) , "dns" );
 	test_switch( switch_port(0/icmp) , "echo" );
 	test_switch( switch_port(1000/tcp) , "n/a" );
 	test_switch( switch_double(1.1) , "1.1" );
 	test_switch( switch_double(2.2) , "2.2" );
 	test_switch( switch_double(3.3) , "3.3" );
 	test_switch( switch_interval(1sec) , "1sec" );
 	test_switch( switch_interval(2day) , "2day" );
 	test_switch( switch_interval(3min) , "3min" );
 	test_switch( switch_string("one") , "first" );
 	test_switch( switch_string("two") , "second" );
 	test_switch( switch_string("three") , "third" );
 	test_switch( switch_addr(1.2.3.4) , "ipv4" );
 	test_switch( switch_addr([fe80::1]) , "ipv6" );
 	test_switch( switch_addr(0.0.0.0) , "unspec" );
 	test_switch( switch_subnet(1.2.3.4/24) , "1.2.3.0/24" );
 	test_switch( switch_subnet([fe80::1]/96) , "[fe80::0]" );
 	test_switch( switch_subnet(192.168.1.100/16) , "192.168.0.0/16" );
 	test_switch( switch_empty(2) , "n/a" );
 	test_switch( switch_fallthrough(1) , "testtestingtestedreturn" );
 	test_switch( switch_fallthrough(2) , "testingtestedreturn" );
 	test_switch( switch_fallthrough(3) , "testedreturn" );
 	test_switch( switch_default(1) , "12r" );
 	test_switch( switch_default(2) , "2r" );
 	test_switch( switch_default(3) , "3dr" );
 	test_switch( switch_default(4) , "dr" );
 	test_switch( switch_default_placement(1) , "1d2r" );
 	test_switch( switch_default_placement(2) , "2r" );
 	test_switch( switch_default_placement(3) , "3r" );
 	test_switch( switch_default_placement(4) , "d2r" );
 	local v = vector(0,1,2,3,4,5,6,7,9,10);
 	local expect: string;
 	for ( i in v )
 		{
 		switch ( v[i] ) {
 		case 1, 2:
 			expect = "1,2";
 			break;
 		case 3, 4, 5:
 			expect = "3,4,5";
 			break;
 		case 6, 7, 8, 9:
 			expect = "6,7,8,9";
 			break;
 		default:
 			expect = "n/a";
 			break;
 		}
 		test_switch( switch_case_list(v[i]) , expect );
 		}
 	print "done";
 	}
--- a/testing/btest/core/leaks/teredo.zeek
+++ b/testing/btest/core/leaks/teredo.zeek
@ -1,38 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/tunnels/Teredo.pcap %INPUT >output
 # @TEST-EXEC: btest-bg-wait 90
 function print_teredo(name: string, outer: connection, inner: teredo_hdr)
 	{
 	print fmt("%s: %s", name, outer$id);
 	print fmt("    ip6: %s", inner$hdr$ip6);
 	if ( inner?$auth )
 		print fmt("    auth: %s", inner$auth);
 	if ( inner?$origin )
 		print fmt("    origin: %s", inner$origin);
 	}
 event teredo_packet(outer: connection, inner: teredo_hdr)
 	{
 	print_teredo("packet", outer, inner);
 	}
 event teredo_authentication(outer: connection, inner: teredo_hdr)
 	{
 	print_teredo("auth", outer, inner);
 	}
 event teredo_origin_indication(outer: connection, inner: teredo_hdr)
 	{
 	print_teredo("origin", outer, inner);
 	}
 event teredo_bubble(outer: connection, inner: teredo_hdr)
 	{
 	print_teredo("bubble", outer, inner);
 	}
--- a/testing/btest/core/leaks/test-all.zeek
+++ b/testing/btest/core/leaks/test-all.zeek
@ -1,8 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -r $TRACES/wikipedia.trace test-all-policy
 # @TEST-EXEC: btest-bg-wait 90
--- a/testing/btest/core/leaks/to_json.zeek
+++ b/testing/btest/core/leaks/to_json.zeek
@ -1,140 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 type color: enum { Red, White, Blue };
 type myrec1: record {
 	c: count &optional;
 	s: string &log;
 };
 type myrec2: record {
 	m: myrec1 &log;
 };
 global did_it = F;
 event new_connection(myconn: connection)
 	{
 	if ( did_it )
 		return;
 	did_it = T;
 	# #####################################
 	# Test the basic (non-container) types:
 	local b: bool = T;
 	print to_json(b);
 	local c: count = 123;
 	print to_json(c);
 	local i: int = -999;
 	print to_json(i);
 	local d1: double = 3.14;
 	local d2: double = -1.23456789e308;
 	local d3: double = 9e-308;
 	print to_json(d1);
 	print to_json(d2);
 	print to_json(d3);
 	local t: time = double_to_time(1480788576.868945);
 	print to_json(t);
 	local ti: interval = -12hr;
 	print to_json(ti);
 	local s1: string = "hello";
 	local s2: string = "";
 	print to_json(s1);
 	print to_json(s2);
 	local p1: port = 65535/tcp;
 	local p2: port = 1/udp;
 	local p3: port = 123/icmp;
 	local p4: port = 0/unknown;
 	print to_json(p1);
 	print to_json(p2);
 	print to_json(p3);
 	print to_json(p4);
 	local a1: addr = 1.2.3.4;
 	local a2: addr = [ffff:1234::1];
 	local a3: addr = [::ffff:123.123.123.123];
 	print to_json(a1);
 	print to_json(a2);
 	print to_json(a3);
 	local su1: subnet = 192.0.0.0/8;
 	local su2: subnet = [fe80::]/64;
 	print to_json(su1);
 	print to_json(su2);
 	local e: color = Red;
 	print to_json(e);
 	local p: pattern = /^abcd/;
 	print to_json(p);
 	# #########################
 	# Test the container types:
 	# Records
 	local re1 = myrec1($c=100, $s="test");
 	local re2 = myrec1($s="test");
 	local re3 = myrec2($m=myrec1($c=15, $s="test"));
 	print to_json(re1);
 	print to_json(re1, T);
 	print to_json(re2);
 	print to_json(re3, T);
 	# Vectors
 	local ve1: vector of count = vector();
 	local ve2: vector of count = vector(2, 1);
 	local ve3: vector of addr = vector(1.2.3.4);
 	local ve4: vector of set[bool] = vector(set(T, F));
 	local ve5: vector of myrec1 = vector(myrec1($s="test", $c=2));
 	local ve6: vector of count;
 	ve6[0] = 0;
 	ve6[2] = 2;
 	print to_json(ve1);
 	print to_json(ve2);
 	print to_json(ve3);
 	print to_json(ve4);
 	print to_json(ve5, T);
 	print to_json(ve6);
 	# Sets
 	local st1: set[count] = set();
 	local st2: set[count] = set(2, 1);
 	local st3: set[addr] = set(1.2.3.4);
 	local st4: set[myrec1] = set(myrec1($s="test"));
 	local st5: set[myrec1] = set(myrec1($s="test", $c=2));
 	local st6: set[string, count] = { ["one", 1], ["two", 2], ["three", 3] };
 	print to_json(st1);
 	print to_json(st2);
 	print to_json(st3);
 	print to_json(st4);
 	print to_json(st5, T);
 	print to_json(st6);
 	# Tables
 	local ta1: table[count] of addr = table();
 	local ta2: table[count] of addr = {[1] = 10.1.1.1, [2] = 10.2.2.2};
 	local ta3: table[addr] of table[string] of count = {[10.1.1.1] = table(["a"] = 1), [10.2.2.2] = table(["b"] = 2)};
 	local ta4: table[addr] of vector of count = {[10.1.1.1] = vector(1, 2), [10.2.2.2] = vector(3, 5)};
 	local ta5: table[count] of myrec1 = {[1] = myrec1($s="test", $c=2)};
 	print to_json(ta1);
 	print to_json(ta2);
 	print to_json(ta3);
 	print to_json(ta4);
 	print to_json(ta5, T);
 	}
--- a/testing/btest/core/leaks/vector-indexing.zeek
+++ b/testing/btest/core/leaks/vector-indexing.zeek
@ -1,30 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/wikipedia.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 global did_it = F;
 event new_connection(c: connection)
 	{
 	if ( did_it )
 		return;
 	did_it = T;
 	# Slicing tests.
 	local v17 = vector( 1, 2, 3, 4, 5 );
 	print v17[0:2];
 	print v17[-3:-1];
 	print v17[:2];
 	print v17[2:];
 	print v17[:];
 	v17[0:1] = vector(6);
 	v17[2:4] = vector(7, 8);
 	v17[2:4] = vector(9, 10, 11);
 	v17[2:5] = vector(9);
 	}
--- a/testing/btest/core/leaks/vector-val-bifs.test
+++ b/testing/btest/core/leaks/vector-val-bifs.test
@ -1,28 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # The BIFS used in this test originally didn't call the VectorVal() ctor right,
 # assuming that it didn't automatically Ref the VectorType argument and thus
 # leaked that memeory.
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/ftp/ipv4.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 function myfunc(aa: interval, bb: interval): int
    {
    if ( aa < bb )
        return -1;
    else
        return 1;
    }
 event new_connection(c: connection)
    {
    local a = vector( 5, 2, 8, 3 );
    print order(a);
    str_split("this is a test string", a);
    print addr_to_counts(c$id$orig_h);
    }
--- a/testing/btest/core/leaks/while.zeek
+++ b/testing/btest/core/leaks/while.zeek
@ -1,80 +0,0 @@
 # @TEST-GROUP: leaks
 # @TEST-REQUIRES: zeek --help 2>&1 | grep -q mem-leaks
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -m -b -r $TRACES/http/get.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
 function test_noop()
 	{
 	while ( F )
 		print "noooooooooo";
 	}
 function test_it()
 	{
 	local i = 0;
 	while ( i < 10 )
 		++i;
 	print i;
 	}
 function test_break()
 	{
 	local s = "";
 	while ( T )
 		{
 		s += "s";
 		print s;
 		if ( s == "sss" )
 			break;
 		}
 	}
 function test_next()
 	{
 	local s: set[count];
 	local i = 0;
 	while ( 9 !in s )
 		{
 		++i;
 		if ( i % 2 == 0 )
 			next;
 		add s[i];
 		}
 	print s;
 	}
 function test_return(): vector of string
 	{
 	local i = 0;
 	local rval: vector of string;
 	while ( T )
 		{
 		rval[i] = fmt("number %d", i);
 		++i;
 		if ( i == 13 )
 			return rval;
 		}
 	rval[0] = "noooo";
 	return rval;
 	}
 event new_connection(c: connection)
 	{
 	test_noop();
 	test_it();
 	test_break();
 	test_next();
 	print test_return();
 	}
--- a/testing/btest/core/leaks/x509_ocsp_verify.zeek
+++ b/testing/btest/core/leaks/x509_ocsp_verify.zeek
@ -1,19 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/tls/ocsp-stapling.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/ssl
 event ssl_stapled_ocsp(c: connection, is_orig: bool, response: string)
 	{
 	local chain: vector of opaque of x509 = vector();
 	for ( i in c$ssl$cert_chain )
 		chain[i] = c$ssl$cert_chain[i]$x509$handle;
 	print x509_ocsp_verify(chain, response, SSL::root_certs);
 	}
--- a/testing/btest/core/leaks/x509_verify.zeek
+++ b/testing/btest/core/leaks/x509_verify.zeek
@ -1,33 +0,0 @@
 # Needs perftools support.
 #
 # @TEST-GROUP: leaks
 #
 # @TEST-REQUIRES: zeek  --help 2>&1 | grep -q mem-leaks
 #
 # @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local btest-bg-run zeek zeek -b -m -r $TRACES/tls/tls-expired-cert.trace %INPUT
 # @TEST-EXEC: btest-bg-wait 90
@load base/protocols/ssl
 event ssl_established(c: connection) &priority=3
 	{
 	local chain: vector of opaque of x509 = vector();
 	for ( i in c$ssl$cert_chain )
 		{
 		chain[i] = c$ssl$cert_chain[i]$x509$handle;
 		}
 	local result = x509_verify(chain, SSL::root_certs);
 	print fmt("Validation result: %s", result$result_string);
 	if ( result$result != 0 ) # not ok
 		return;
 	print "Resulting chain:";
 	for ( i in result$chain_certs )
 		{
 		local cert = result$chain_certs[i];
 		local certinfo = x509_parse(cert);
 		local sha1 = sha1_hash(x509_get_certificate_string(cert));
 		print fmt("Fingerprint: %s, Subject: %s", sha1, certinfo$subject);
 		}
 	}
--- a/testing/btest/scripts/base/protocols/irc/basic.test
+++ b/testing/btest/scripts/base/protocols/irc/basic.test
@ -1,9 +1,10 @@
 # This tests that basic IRC commands (NICK, USER, JOIN, DCC SEND)
 # are logged for a client.
-# @TEST-EXEC: zeek -r $TRACES/irc-dcc-send.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/irc-dcc-send.trace %INPUT >out
 # @TEST-EXEC: btest-diff irc.log
 # @TEST-EXEC: btest-diff conn.log
 # @TEST-EXEC: btest-diff out
 # dcc mime types are irrelevant to this test, so filter it out
 event zeek_init()
@ -11,3 +12,8 @@ event zeek_init()
 	Log::remove_default_filter(IRC::LOG);
 	Log::add_filter(IRC::LOG, [$name="remove-mime", $exclude=set("dcc_mime_type")]);
 	}
 event irc_names_info(c: connection, is_orig: bool, c_type: string, channel: string, users: string_set)
 	{
 	print "irc_names_info", channel, users;
 	}
--- a/testing/btest/scripts/base/protocols/krb/krb-service-name.test
+++ b/testing/btest/scripts/base/protocols/krb/krb-service-name.test
@ -0,0 +1,3 @@
 # @TEST-EXEC: zeek -r $TRACES/krb/optional-service-name.pcap
 # @TEST-EXEC: btest-diff conn.log
 # @TEST-EXEC: btest-diff kerberos.log
--- a/testing/btest/scripts/policy/misc/stats.zeek
+++ b/testing/btest/scripts/policy/misc/stats.zeek
@ -0,0 +1,10 @@
 # @TEST-EXEC: zeek -r $TRACES/wikipedia.trace %INPUT
@load policy/misc/stats
 event load_sample(samples: load_sample_info, CPU: interval, dmem: int)
 	{
 	# This output not part of baseline as it varies, but guess this test
 	# should still exist to cover potential memory leaks.
 	print CPU;
 	}
--- a/testing/external/commit-hash.zeek-testing
+++ b/testing/external/commit-hash.zeek-testing
@ -1 +1 @@
-8be265e13e9ddb2dda704bf1574b1307fc17eea9
+a1ef7ec7b6ad7f43a09dc31166ae3aba6267ecb9
--- a/testing/external/commit-hash.zeek-testing-private
+++ b/testing/external/commit-hash.zeek-testing-private
@ -1 +1 @@
-0df146fde4f878b4b2219d96dc3a9a69f81b8ee1
+b6a220488de8a53a10a30cd2e8390bdff1627761
`@ -1 +1 @@`
	`8be265e13e9ddb2dda704bf1574b1307fc17eea9`	`a1ef7ec7b6ad7f43a09dc31166ae3aba6267ecb9`
`@ -1 +1 @@`
	`0df146fde4f878b4b2219d96dc3a9a69f81b8ee1`	`b6a220488de8a53a10a30cd2e8390bdff1627761`