Merge remote-tracking branch 'origin/topic/timw/clang-format-fixes'

* origin/topic/timw/clang-format-fixes:
  clang-format: Set penalty for breaking after assignment operator
  clang-format: Set IndentCaseBlocks to false
  clang-format: Other minor formatting changes
  clang-format: Other include ordering changes
  clang-format: Enforce ordering of includes in ZBody
  clang-format: A few minor comment-spacing fixes
  clang-format: Force zeek-config.h to be earlier in the config ordering

.clang-format

@@ -30,7 +30,7 @@ BreakBeforeBraces: Whitesmiths
 #   SplitEmptyNamespace: false
 
 AccessModifierOffset: -4
-AlignAfterOpenBracket: true
+AlignAfterOpenBracket: Align
 AlignTrailingComments: false
 AllowShortBlocksOnASingleLine: Empty
 AllowShortEnumsOnASingleLine: true
@@ -47,7 +47,7 @@ ColumnLimit: 100
 ConstructorInitializerAllOnOneLineOrOnePerLine: false
 FixNamespaceComments: false
 IndentCaseLabels: true
-IndentCaseBlocks: true
+IndentCaseBlocks: false
 IndentExternBlock: NoIndent
 IndentPPDirectives: None
 IndentWidth: 4
@@ -70,6 +70,10 @@ SpacesInParentheses: false
 TabWidth: 4
 UseTab: AlignWithSpaces
 
+# Setting this to a high number causes clang-format to prefer breaking somewhere else
+# over breaking after the assignment operator in a line that's over the column limit
+PenaltyBreakAssignment: 100
+
 IncludeBlocks: Regroup
 
 # Include categories go like this:
@@ -81,11 +85,14 @@ IncludeBlocks: Regroup
 # 5: everything else, which should catch any of the auto-generated code from the
 #    build directory as well
 #
-# Sections 0-1 and 2-3 get group together in their respective blocks
+# Sections 0-1 and 2-3 get grouped together in their respective blocks
 IncludeCategories:
   - Regex: '^"zeek-config\.h"'
-    Priority: 0
+    Priority: 1
     SortPriority: 1
+  - Regex: '^"zeek/zeek-config\.h"'
+    Priority: 1
+    SortPriority: 2
   - Regex: '^<[[:print:]]+\.(h|hh)>'
     Priority: 2
     SortPriority: 2

CHANGES

@@ -1,3 +1,6 @@
+4.2.0-dev.233 | 2021-09-27 12:06:27 -0700
+
+  * Fix a number of issues with the initial pass of clang-format (Tim Wojtulewicz, Corelight)
 
 4.2.0-dev.224 | 2021-09-26 10:27:05 -0700
 

VERSION

@@ -1 +1 @@
-4.2.0-dev.224
+4.2.0-dev.233

src/Attr.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/Attr.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Desc.h"
 #include "zeek/Expr.h"
 #include "zeek/IntrusivePtr.h"
 #include "zeek/Val.h"
 #include "zeek/input/Manager.h"
 #include "zeek/threading/SerialTypes.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -330,8 +331,8 @@ void Attributes::CheckAttr(Attr* a)
 			FuncType* aft = at->AsFuncType();
 			if ( ! same_type(aft->Yield(), type) )
 				{
-					a->GetExpr()->Error(
+				a->GetExpr()->Error(is_add
-						is_add ? "&add_func function must yield same type as variable"
+				                        ? "&add_func function must yield same type as variable"
 				                        : "&delete_func function must yield same type as variable");
 				break;
 				}
@@ -358,8 +359,7 @@ void Attributes::CheckAttr(Attr* a)
 
 				// Record defaults may be promotable.
 				if ( (type->Tag() == TYPE_RECORD && atype->Tag() == TYPE_RECORD &&
-					      record_promotion_compatible(atype->AsRecordType(),
+				      record_promotion_compatible(atype->AsRecordType(), type->AsRecordType())) )
-					                                  type->AsRecordType())) )
 					// Ok.
 					break;
 
@@ -392,8 +392,7 @@ void Attributes::CheckAttr(Attr* a)
 					if ( atype->Tag() == TYPE_FUNC )
 						{
 						FuncType* f = atype->AsFuncType();
-							if ( ! f->CheckArgs(tt->GetIndexTypes()) ||
+						if ( ! f->CheckArgs(tt->GetIndexTypes()) || ! same_type(f->Yield(), ytype) )
-							     ! same_type(f->Yield(), ytype) )
 							Error("&default function type clash");
 
 						// Ok.
@@ -431,8 +430,7 @@ void Attributes::CheckAttr(Attr* a)
 					// Ok.
 					break;
 
-					if ( (atype->Tag() == TYPE_TABLE &&
+				if ( (atype->Tag() == TYPE_TABLE && atype->AsTableType()->IsUnspecifiedTable()) )
-					      atype->AsTableType()->IsUnspecifiedTable()) )
 					{
 					auto e = check_and_promote_expr(a->GetExpr(), type);
 

src/Base64.cc

@@ -1,11 +1,12 @@
 #include "zeek/Base64.h"
 
+#include "zeek/zeek-config.h"
+
 #include <math.h>
 
 #include "zeek/Conn.h"
 #include "zeek/Reporter.h"
 #include "zeek/ZeekString.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/Base64.h

@@ -1,9 +1,9 @@
 #pragma once
 
-#include <string>
-
 #include "zeek/zeek-config.h"
 
+#include <string>
+
 namespace zeek
 	{
 

src/BifReturnVal.h

@@ -2,9 +2,10 @@
 
 #pragma once
 
-#include "zeek/IntrusivePtr.h"
 #include "zeek/zeek-config.h"
 
+#include "zeek/IntrusivePtr.h"
+
 namespace zeek
 	{
 

src/CCL.cc

@@ -2,11 +2,12 @@
 
 #include "zeek/CCL.h"
 
+#include "zeek/zeek-config.h"
+
 #include <algorithm>
 
 #include "zeek/DFA.h"
 #include "zeek/RE.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/CompHash.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/CompHash.h"
 
+#include "zeek/zeek-config.h"
+
 #include <cstring>
 #include <map>
 #include <vector>
@@ -13,7 +15,6 @@
 #include "zeek/Reporter.h"
 #include "zeek/Val.h"
 #include "zeek/ZeekString.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -262,8 +263,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 					const auto& f = Func::GetFuncPtrByID(id);
 
 					if ( ! f )
-								reporter->InternalError(
+						reporter->InternalError("failed to look up unique function id %" PRIu32
-									"failed to look up unique function id %" PRIu32
 						                        " in CompositeHash::RecoverOneVal()",
 						                        id);
 
@@ -313,8 +313,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 					RE_Matcher* re = new RE_Matcher(texts[0], texts[1]);
 
 					if ( ! re->Compile() )
-								reporter->InternalError(
+						reporter->InternalError("failed compiling table/set key pattern: %s",
-									"failed compiling table/set key pattern: %s",
 						                        re->PatternText());
 
 					*pval = make_intrusive<PatternVal>(re);
@@ -334,8 +333,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 						Attributes* a = rt->FieldDecl(i)->attrs.get();
 						bool optional = (a && a->Find(ATTR_OPTIONAL));
 
-								if ( ! RecoverOneVal(hk, rt->GetFieldType(i).get(), &v, optional,
+						if ( ! RecoverOneVal(hk, rt->GetFieldType(i).get(), &v, optional, false) )
-								                     false) )
 							{
 							*pval = nullptr;
 							return false;
@@ -377,8 +375,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 					for ( int i = 0; i < n; ++i )
 						{
 						ValPtr key;
-								if ( ! RecoverOneVal(hk, tt->GetIndices().get(), &key, false,
+						if ( ! RecoverOneVal(hk, tt->GetIndices().get(), &key, false, false) )
-								                     false) )
 							{
 							*pval = nullptr;
 							return false;
@@ -389,8 +386,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 						else
 							{
 							ValPtr value;
-									if ( ! RecoverOneVal(hk, tt->Yield().get(), &value, false,
+							if ( ! RecoverOneVal(hk, tt->Yield().get(), &value, false, false) )
-									                     false) )
 								{
 								*pval = nullptr;
 								return false;
@@ -454,8 +450,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 
 				default:
 					{
-							reporter->InternalError(
+					reporter->InternalError("bad index type in CompositeHash::RecoverOneVal");
-								"bad index type in CompositeHash::RecoverOneVal");
 					*pval = nullptr;
 					return false;
 					}
@@ -473,8 +468,7 @@ bool CompositeHash::RecoverOneVal(const HashKey& hk, Type* t, ValPtr* pval, bool
 				hk.EnsureReadSpace(n);
 				}
 
-				*pval =
+			*pval = make_intrusive<StringVal>(new String((const byte_vec)hk.KeyAtRead(), n, true));
-					make_intrusive<StringVal>(new String((const byte_vec)hk.KeyAtRead(), n, true));
 			hk.SkipRead("string", n);
 			}
 			break;
@@ -568,10 +562,8 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type
 						hk.Allocate();
 						}
 
-							hk.Write("pattern-string1", static_cast<const void*>(texts[0]),
+					hk.Write("pattern-string1", static_cast<const void*>(texts[0]), lens[0]);
-							         lens[0]);
+					hk.Write("pattern-string2", static_cast<const void*>(texts[1]), lens[1]);
-							hk.Write("pattern-string2", static_cast<const void*>(texts[1]),
-							         lens[1]);
 					break;
 					}
 
@@ -594,8 +586,8 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type
 						if ( ! (rv_i || optional_attr) )
 							return false;
 
-								if ( ! SingleValHash(hk, rv_i.get(), rt->GetFieldType(i).get(),
+						if ( ! SingleValHash(hk, rv_i.get(), rt->GetFieldType(i).get(), type_check,
-								                     type_check, optional_attr, false) )
+						                     optional_attr, false) )
 							return false;
 						}
 					break;
@@ -615,16 +607,16 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type
 						{
 						auto key = kv.second;
 
-								if ( ! SingleValHash(hk, key.get(), key->GetType().get(),
+						if ( ! SingleValHash(hk, key.get(), key->GetType().get(), type_check, false,
-								                     type_check, false, false) )
+						                     false) )
 							return false;
 
 						if ( ! v->GetType()->IsSet() )
 							{
 							auto val = const_cast<TableVal*>(tv)->FindOrDefault(key);
 
-									if ( ! SingleValHash(hk, val.get(), val->GetType().get(),
+							if ( ! SingleValHash(hk, val.get(), val->GetType().get(), type_check,
-									                     type_check, false, false) )
+							                     false, false) )
 								return false;
 							}
 						}
@@ -647,8 +639,8 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type
 						hk.Write("vector-idx", i);
 						hk.Write("vector-idx-present", val != nullptr);
 
-								if ( val && ! SingleValHash(hk, val.get(), vt->Yield().get(),
+						if ( val && ! SingleValHash(hk, val.get(), vt->Yield().get(), type_check,
-								                            type_check, false, false) )
+						                            false, false) )
 							return false;
 						}
 					}
@@ -672,8 +664,8 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type
 					for ( int i = 0; i < lv->Length(); ++i )
 						{
 						Val* entry_val = lv->Idx(i).get();
-								if ( ! SingleValHash(hk, entry_val, entry_val->GetType().get(),
+						if ( ! SingleValHash(hk, entry_val, entry_val->GetType().get(), type_check,
-								                     type_check, false, false) )
+						                     false, false) )
 							return false;
 						}
 					}
@@ -681,8 +673,7 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type
 
 				default:
 					{
-							reporter->InternalError(
+					reporter->InternalError("bad index type in CompositeHash::SingleValHash");
-								"bad index type in CompositeHash::SingleValHash");
 					return false;
 					}
 				}
@@ -803,10 +794,9 @@ bool CompositeHash::ReserveSingleTypeKeySize(HashKey& hk, Type* bt, const Val* v
 						}
 
 					// +1 in the following to include null terminators
-							hk.Reserve("pattern-string1", strlen(v->AsPattern()->PatternText()) + 1,
+					hk.Reserve("pattern-string1", strlen(v->AsPattern()->PatternText()) + 1, 0);
+					hk.Reserve("pattern-string1", strlen(v->AsPattern()->AnywherePatternText()) + 1,
 					           0);
-							hk.Reserve("pattern-string1",
-							           strlen(v->AsPattern()->AnywherePatternText()) + 1, 0);
 					break;
 					}
 
@@ -825,9 +815,9 @@ bool CompositeHash::ReserveSingleTypeKeySize(HashKey& hk, Type* bt, const Val* v
 						bool optional_attr = (a && a->Find(ATTR_OPTIONAL));
 
 						auto rv_v = rv ? rv->GetField(i) : nullptr;
-								if ( ! ReserveSingleTypeKeySize(
+						if ( ! ReserveSingleTypeKeySize(hk, rt->GetFieldType(i).get(), rv_v.get(),
-										 hk, rt->GetFieldType(i).get(), rv_v.get(), type_check,
+						                                type_check, optional_attr, calc_static_size,
-										 optional_attr, calc_static_size, false) )
+						                                false) )
 							return false;
 						}
 					break;
@@ -855,9 +845,9 @@ bool CompositeHash::ReserveSingleTypeKeySize(HashKey& hk, Type* bt, const Val* v
 						if ( ! bt->IsSet() )
 							{
 							auto val = const_cast<TableVal*>(tv)->FindOrDefault(key);
-									if ( ! ReserveSingleTypeKeySize(hk, val->GetType().get(),
+							if ( ! ReserveSingleTypeKeySize(hk, val->GetType().get(), val.get(),
-									                                val.get(), type_check, false,
+							                                type_check, false, calc_static_size,
-									                                calc_static_size, false) )
+							                                false) )
 								return false;
 							}
 						}

src/Conn.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Conn.h"
 
+#include "zeek/zeek-config.h"
+
 #include <binpac.h>
 #include <ctype.h>
 
@@ -19,7 +21,6 @@
 #include "zeek/packet_analysis/protocol/ip/SessionAdapter.h"
 #include "zeek/packet_analysis/protocol/tcp/TCP.h"
 #include "zeek/session/Manager.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek
 	{

src/DFA.cc

@@ -2,10 +2,11 @@
 
 #include "zeek/DFA.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Desc.h"
 #include "zeek/EquivClass.h"
 #include "zeek/Hash.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/DNS_Mgr.cc

@@ -2,10 +2,10 @@
 
 #include "zeek/DNS_Mgr.h"
 
+#include "zeek/zeek-config.h"
+
 #include <sys/socket.h>
 #include <sys/types.h>
-
-#include "zeek/zeek-config.h"
 #ifdef TIME_WITH_SYS_TIME
 #include <sys/time.h>
 #include <time.h>
@@ -1167,15 +1167,15 @@ void DNS_Mgr::IssueAsyncRequests()
 		if ( req->IsAddrReq() )
 			success = DoRequest(nb_dns, new DNS_Mgr_Request(req->host));
 		else if ( req->is_txt )
-			success =
+			success = DoRequest(nb_dns,
-				DoRequest(nb_dns, new DNS_Mgr_Request(req->name.c_str(), AF_INET, req->is_txt));
+			                    new DNS_Mgr_Request(req->name.c_str(), AF_INET, req->is_txt));
 		else
 			{
 			// If only one request type succeeds, don't consider it a failure.
-			success =
+			success = DoRequest(nb_dns,
-				DoRequest(nb_dns, new DNS_Mgr_Request(req->name.c_str(), AF_INET, req->is_txt));
+			                    new DNS_Mgr_Request(req->name.c_str(), AF_INET, req->is_txt));
-			success =
+			success = DoRequest(nb_dns,
-				DoRequest(nb_dns, new DNS_Mgr_Request(req->name.c_str(), AF_INET6, req->is_txt)) ||
+			                    new DNS_Mgr_Request(req->name.c_str(), AF_INET6, req->is_txt)) ||
 			          success;
 			}
 

src/DbgBreakpoint.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/DbgBreakpoint.h"
 
+#include "zeek/zeek-config.h"
+
 #include <assert.h>
 
 #include "zeek/Debug.h"
@@ -15,7 +17,6 @@
 #include "zeek/Timer.h"
 #include "zeek/Val.h"
 #include "zeek/module_util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/DbgHelp.cc

@@ -1,4 +1,5 @@
 // Bro Debugger Help
 
-#include "zeek/Debug.h"
 #include "zeek/zeek-config.h"
+
+#include "zeek/Debug.h"

src/DbgWatch.cc

@@ -2,9 +2,10 @@
 
 #include "zeek/DbgWatch.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Debug.h"
 #include "zeek/Reporter.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/Debug.cc

@@ -2,14 +2,14 @@
 
 #include "zeek/Debug.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <signal.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <string>
 
-#include "zeek/zeek-config.h"
-
 #ifdef HAVE_READLINE
 #include <readline/history.h>
 #include <readline/readline.h>

src/DebugCmds.cc

@@ -3,6 +3,8 @@
 
 #include "zeek/DebugCmds.h"
 
+#include "zeek/zeek-config.h"
+
 #include <assert.h>
 #include <regex.h>
 #include <string.h>
@@ -21,7 +23,6 @@
 #include "zeek/Stmt.h"
 #include "zeek/Val.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 using namespace std;
 

src/DebugLogger.h

@@ -5,12 +5,12 @@
 
 #ifdef DEBUG
 
+#include "zeek/zeek-config.h"
+
 #include <stdio.h>
 #include <set>
 #include <string>
 
-#include "zeek/zeek-config.h"
-
 #define DBG_LOG(stream, args...)                                                                   \
 	if ( ::zeek::detail::debug_logger.IsEnabled(stream) )                                          \
 	::zeek::detail::debug_logger.Log(stream, args)

src/Desc.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Desc.h"
 
+#include "zeek/zeek-config.h"
+
 #include <errno.h>
 #include <math.h>
 #include <stdlib.h>
@@ -11,7 +13,6 @@
 #include "zeek/File.h"
 #include "zeek/IPAddr.h"
 #include "zeek/Reporter.h"
-#include "zeek/zeek-config.h"
 
 #define DEFAULT_SIZE 128
 #define SLOP 10

src/Dict.cc

@@ -1060,8 +1060,8 @@ int Dictionary::LookupIndex(const void* key, int key_size, detail::hash_t hash,
 #ifdef DEBUG
 	int linear_position = LinearLookupIndex(key, key_size, hash);
 #endif // DEBUG
-	int position =
+	int position = LookupIndex(key, key_size, hash, bucket, Capacity(), insert_position,
-		LookupIndex(key, key_size, hash, bucket, Capacity(), insert_position, insert_distance);
+	                           insert_distance);
 	if ( position >= 0 )
 		{
 		ASSERT(position == linear_position); // same as linearLookup

src/Discard.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Discard.h"
 
+#include "zeek/zeek-config.h"
+
 #include <algorithm>
 
 #include "zeek/Func.h"
@@ -11,7 +13,6 @@
 #include "zeek/Val.h"
 #include "zeek/Var.h"
 #include "zeek/ZeekString.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -71,8 +72,8 @@ bool Discarder::NextPacket(const std::unique_ptr<IP_Hdr>& ip, int len, int caple
 
 	bool is_tcp = (proto == IPPROTO_TCP);
 	bool is_udp = (proto == IPPROTO_UDP);
-	int min_hdr_len =
+	int min_hdr_len = is_tcp ? sizeof(struct tcphdr)
-		is_tcp ? sizeof(struct tcphdr) : (is_udp ? sizeof(struct udphdr) : sizeof(struct icmp));
+	                         : (is_udp ? sizeof(struct udphdr) : sizeof(struct icmp));
 
 	if ( len < min_hdr_len || caplen < min_hdr_len )
 		// we don't have a complete protocol header

src/EquivClass.cc

@@ -2,9 +2,10 @@
 
 #include "zeek/EquivClass.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/CCL.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/Event.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Event.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Desc.h"
 #include "zeek/Func.h"
 #include "zeek/NetVar.h"
@@ -11,7 +13,6 @@
 #include "zeek/iosource/Manager.h"
 #include "zeek/iosource/PktSrc.h"
 #include "zeek/plugin/Manager.h"
-#include "zeek/zeek-config.h"
 
 zeek::EventMgr zeek::event_mgr;
 zeek::EventMgr& mgr = zeek::event_mgr;

src/EventHandler.cc

@@ -32,8 +32,8 @@ const FuncTypePtr& EventHandler::GetType(bool check_export)
 	if ( type )
 		return type;
 
-	const auto& id =
+	const auto& id = detail::lookup_ID(name.data(), detail::current_module.c_str(), false, false,
-		detail::lookup_ID(name.data(), detail::current_module.c_str(), false, false, check_export);
+	                                   check_export);
 
 	if ( ! id )
 		return FuncType::nil;

src/EventRegistry.h

@@ -2,14 +2,14 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <map>
 #include <memory>
 #include <string>
 #include <string_view>
 #include <vector>
 
-#include "zeek/zeek-config.h"
-
 namespace zeek
 	{
 

src/Expr.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Expr.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/DebugLogger.h"
 #include "zeek/Desc.h"
 #include "zeek/Event.h"
@@ -20,7 +22,6 @@
 #include "zeek/digest.h"
 #include "zeek/module_util.h"
 #include "zeek/script_opt/ExprOptInfo.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -276,8 +277,8 @@ void Expr::AssignToIndex(ValPtr v1, ValPtr v2, ValPtr v3) const
 	{
 	bool iterators_invalidated;
 
-	auto error_msg =
+	auto error_msg = assign_to_index(std::move(v1), std::move(v2), std::move(v3),
-		assign_to_index(std::move(v1), std::move(v2), std::move(v3), iterators_invalidated);
+	                                 iterators_invalidated);
 
 	if ( iterators_invalidated )
 		{
@@ -378,8 +379,8 @@ const char* assign_to_index(ValPtr v1, ValPtr v2, ValPtr v3, bool& iterators_inv
 					auto vtt = vt->Tag();
 					std::string tn = vtt == TYPE_RECORD ? vt->GetName() : type_name(vtt);
 					return util::fmt(
-							"table index assignment failed for invalid type '%s', value: %s",
+						"table index assignment failed for invalid type '%s', value: %s", tn.data(),
-							tn.data(), d.Description());
+						d.Description());
 					}
 				else
 					return "assignment failed with null value";
@@ -717,8 +718,8 @@ ValPtr UnaryExpr::Fold(Val* v) const
 
 void UnaryExpr::ExprDescribe(ODesc* d) const
 	{
-	bool is_coerce =
+	bool is_coerce = Tag() == EXPR_ARITH_COERCE || Tag() == EXPR_RECORD_COERCE ||
-		Tag() == EXPR_ARITH_COERCE || Tag() == EXPR_RECORD_COERCE || Tag() == EXPR_TABLE_COERCE;
+	                 Tag() == EXPR_TABLE_COERCE;
 
 	if ( d->IsReadable() )
 		{
@@ -1083,8 +1084,8 @@ ValPtr BinaryExpr::PatternFold(Val* v1, Val* v2) const
 	if ( tag != EXPR_AND && tag != EXPR_OR )
 		BadTag("BinaryExpr::PatternFold");
 
-	RE_Matcher* res =
+	RE_Matcher* res = tag == EXPR_AND ? RE_Matcher_conjunction(re1, re2)
-		tag == EXPR_AND ? RE_Matcher_conjunction(re1, re2) : RE_Matcher_disjunction(re1, re2);
+	                                  : RE_Matcher_disjunction(re1, re2);
 
 	return make_intrusive<PatternVal>(res);
 	}
@@ -2859,8 +2860,8 @@ IndexExpr::IndexExpr(ExprPtr arg_op1, ListExprPtr arg_op2, bool arg_is_slice)
 
 	if ( match_type == DOES_NOT_MATCH_INDEX )
 		{
-		std::string error_msg =
+		std::string error_msg = util::fmt(
-			util::fmt("expression with type '%s' is not a type that can be indexed",
+			"expression with type '%s' is not a type that can be indexed",
 			type_name(op1->GetType()->Tag()));
 		SetError(error_msg.data());
 		}
@@ -3994,8 +3995,8 @@ RecordCoerceExpr::RecordCoerceExpr(ExprPtr arg_op, RecordTypePtr r)
 				if ( ! is_arithmetic_promotable(sup_t_i.get(), sub_t_i.get()) &&
 				     ! is_record_promotable(sup_t_i.get(), sub_t_i.get()) )
 					{
-					std::string error_msg =
+					std::string error_msg = util::fmt("type clash for field \"%s\"",
-						util::fmt("type clash for field \"%s\"", sub_r->FieldName(i));
+					                                  sub_r->FieldName(i));
 					Error(error_msg.c_str(), sub_t_i.get());
 					SetError();
 					break;
@@ -4014,8 +4015,8 @@ RecordCoerceExpr::RecordCoerceExpr(ExprPtr arg_op, RecordTypePtr r)
 				{
 				if ( ! t_r->FieldDecl(i)->GetAttr(ATTR_OPTIONAL) )
 					{
-					std::string error_msg =
+					std::string error_msg = util::fmt("non-optional field \"%s\" missing",
-						util::fmt("non-optional field \"%s\" missing", t_r->FieldName(i));
+					                                  t_r->FieldName(i));
 					Error(error_msg.c_str());
 					SetError();
 					break;
@@ -4100,8 +4101,8 @@ RecordValPtr coerce_to_record(RecordTypePtr rt, Val* v, const std::vector<int>&
 			if ( rhs_type->Tag() == TYPE_RECORD && field_type->Tag() == TYPE_RECORD &&
 			     ! same_type(rhs_type, field_type) )
 				{
-				if ( auto new_val =
+				if ( auto new_val = rhs->AsRecordVal()->CoerceTo(
-				         rhs->AsRecordVal()->CoerceTo(cast_intrusive<RecordType>(field_type)) )
+						 cast_intrusive<RecordType>(field_type)) )
 					rhs = std::move(new_val);
 				}
 			else if ( BothArithmetic(rhs_type->Tag(), field_type->Tag()) &&
@@ -4124,8 +4125,8 @@ RecordValPtr coerce_to_record(RecordTypePtr rt, Val* v, const std::vector<int>&
 				if ( def_type->Tag() == TYPE_RECORD && field_type->Tag() == TYPE_RECORD &&
 				     ! same_type(def_type, field_type) )
 					{
-					auto tmp =
+					auto tmp = def_val->AsRecordVal()->CoerceTo(
-						def_val->AsRecordVal()->CoerceTo(cast_intrusive<RecordType>(field_type));
+						cast_intrusive<RecordType>(field_type));
 
 					if ( tmp )
 						def_val = std::move(tmp);
@@ -4566,9 +4567,9 @@ LambdaExpr::LambdaExpr(std::unique_ptr<function_ingredients> arg_ing, IDPList ar
 
 	// Install a dummy version of the function globally for use only
 	// when broker provides a closure.
-	auto dummy_func =
+	auto dummy_func = make_intrusive<ScriptFunc>(ingredients->id, ingredients->body,
-		make_intrusive<ScriptFunc>(ingredients->id, ingredients->body, ingredients->inits,
+	                                             ingredients->inits, ingredients->frame_size,
-	                               ingredients->frame_size, ingredients->priority);
+	                                             ingredients->priority);
 
 	dummy_func->SetOuterIDs(outer_ids);
 
@@ -4879,8 +4880,8 @@ TypePtr ListExpr::InitType() const
 			// Collapse any embedded sets or lists.
 			if ( ti->IsSet() || ti->Tag() == TYPE_LIST )
 				{
-				TypeList* til =
+				TypeList* til = ti->IsSet() ? ti->AsSetType()->GetIndices().get()
-					ti->IsSet() ? ti->AsSetType()->GetIndices().get() : ti->AsTypeList();
+				                            : ti->AsTypeList();
 
 				if ( ! til->IsPure() || ! til->AllMatch(til->GetPureType(), true) )
 					tl->Append({NewRef{}, til});
@@ -5163,8 +5164,8 @@ RecordAssignExpr::RecordAssignExpr(const ExprPtr& record, const ExprPtr& init_li
 				if ( field >= 0 && same_type(lhs->GetFieldType(field), t->GetFieldType(j)) )
 					{
 					auto fe_lhs = make_intrusive<FieldExpr>(record, field_name);
-					auto fe_rhs =
+					auto fe_rhs = make_intrusive<FieldExpr>(IntrusivePtr{NewRef{}, init},
-						make_intrusive<FieldExpr>(IntrusivePtr{NewRef{}, init}, field_name);
+					                                        field_name);
 					Append(get_assign_expr(std::move(fe_lhs), std::move(fe_rhs), is_init));
 					}
 				}

src/File.cc

@@ -2,9 +2,9 @@
 
 #include "zeek/File.h"
 
-#include <sys/types.h>
-
 #include "zeek/zeek-config.h"
+
+#include <sys/types.h>
 #ifdef TIME_WITH_SYS_TIME
 #include <sys/time.h>
 #include <time.h>

src/Frag.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/Frag.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Hash.h"
 #include "zeek/IP.h"
 #include "zeek/NetVar.h"
 #include "zeek/Reporter.h"
 #include "zeek/RunState.h"
 #include "zeek/session/Manager.h"
-#include "zeek/zeek-config.h"
 
 constexpr uint32_t MIN_ACCEPTABLE_FRAG_SIZE = 64;
 constexpr uint32_t MAX_ACCEPTABLE_FRAG_SIZE = 64000;

src/Func.cc

@@ -3,10 +3,10 @@
 
 #include "zeek/Func.h"
 
+#include "zeek/zeek-config.h"
+
 #include <sys/stat.h>
 #include <sys/types.h>
-
-#include "zeek/zeek-config.h"
 #ifdef TIME_WITH_SYS_TIME
 #include <sys/time.h>
 #include <time.h>
@@ -278,15 +278,14 @@ void Func::CheckPluginResult(bool handled, const ValPtr& hook_result, FunctionFl
 			if ( (! yt) || yt->Tag() == TYPE_VOID )
 				{
 				if ( hook_result )
-						reporter->InternalError(
+					reporter->InternalError("plugin returned non-void result for void method %s",
-							"plugin returned non-void result for void method %s", this->Name());
+					                        this->Name());
 				}
 
 			else if ( hook_result && hook_result->GetType()->Tag() != yt->Tag() &&
 			          yt->Tag() != TYPE_ANY )
 				{
-					reporter->InternalError(
+				reporter->InternalError("plugin returned wrong type (got %d, expecting %d) for %s",
-						"plugin returned wrong type (got %d, expecting %d) for %s",
 				                        hook_result->GetType()->Tag(), yt->Tag(), this->Name());
 				}
 

src/Hash.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Hash.h"
 
+#include "zeek/zeek-config.h"
+
 #include <highwayhash/highwayhash_target.h>
 #include <highwayhash/instruction_sets.h>
 #include <highwayhash/sip_hash.h>
@@ -12,7 +14,6 @@
 #include "zeek/Val.h" // needed for const.bif
 #include "zeek/ZeekString.h"
 #include "zeek/digest.h"
-#include "zeek/zeek-config.h"
 
 #include "const.bif.netvar_h"
 

src/ID.cc

@@ -3,6 +3,8 @@
 
 #include "zeek/ID.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Attr.h"
 #include "zeek/Desc.h"
 #include "zeek/Dict.h"
@@ -16,7 +18,6 @@
 #include "zeek/Val.h"
 #include "zeek/module_util.h"
 #include "zeek/script_opt/IDOptInfo.h"
-#include "zeek/zeek-config.h"
 #include "zeek/zeekygen/IdentifierInfo.h"
 #include "zeek/zeekygen/Manager.h"
 #include "zeek/zeekygen/ScriptInfo.h"

src/IP.cc

@@ -70,8 +70,7 @@ RecordValPtr IPv6_Hdr::ToVal(VectorValPtr chain) const
 			rv->Assign(5, make_intrusive<AddrVal>(IPAddr(ip6->ip6_src)));
 			rv->Assign(6, make_intrusive<AddrVal>(IPAddr(ip6->ip6_dst)));
 			if ( ! chain )
-					chain =
+				chain = make_intrusive<VectorVal>(id::find_type<VectorType>("ip6_ext_hdr_chain"));
-						make_intrusive<VectorVal>(id::find_type<VectorType>("ip6_ext_hdr_chain"));
 			rv->Assign(7, std::move(chain));
 			}
 			break;
@@ -224,8 +223,8 @@ RecordValPtr IPv6_Hdr::ToVal(VectorValPtr chain) const
 					auto m = make_intrusive<RecordVal>(ip6_mob_hot_type);
 					m->Assign(0, ntohs(*((uint16_t*)msg_data)));
 					m->Assign(1, ntohll(*((uint64_t*)(msg_data + sizeof(uint16_t)))));
-							m->Assign(2, ntohll(*((uint64_t*)(msg_data + sizeof(uint16_t) +
+					m->Assign(
-							                                  sizeof(uint64_t)))));
+						2, ntohll(*((uint64_t*)(msg_data + sizeof(uint16_t) + sizeof(uint64_t)))));
 					off += sizeof(uint16_t) + 2 * sizeof(uint64_t);
 					m->Assign(3, BuildOptionsVal(data + off, Length() - off));
 					msg->Assign(4, std::move(m));
@@ -237,8 +236,8 @@ RecordValPtr IPv6_Hdr::ToVal(VectorValPtr chain) const
 					auto m = make_intrusive<RecordVal>(ip6_mob_cot_type);
 					m->Assign(0, ntohs(*((uint16_t*)msg_data)));
 					m->Assign(1, ntohll(*((uint64_t*)(msg_data + sizeof(uint16_t)))));
-							m->Assign(2, ntohll(*((uint64_t*)(msg_data + sizeof(uint16_t) +
+					m->Assign(
-							                                  sizeof(uint64_t)))));
+						2, ntohll(*((uint64_t*)(msg_data + sizeof(uint16_t) + sizeof(uint64_t)))));
 					off += sizeof(uint16_t) + 2 * sizeof(uint64_t);
 					m->Assign(3, BuildOptionsVal(data + off, Length() - off));
 					msg->Assign(5, std::move(m));
@@ -250,17 +249,13 @@ RecordValPtr IPv6_Hdr::ToVal(VectorValPtr chain) const
 					auto m = make_intrusive<RecordVal>(ip6_mob_bu_type);
 					m->Assign(0, ntohs(*((uint16_t*)msg_data)));
 					m->Assign(1, static_cast<bool>(
-											 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) &
+									 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) & 0x8000));
-											 0x8000));
 					m->Assign(2, static_cast<bool>(
-											 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) &
+									 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) & 0x4000));
-											 0x4000));
 					m->Assign(3, static_cast<bool>(
-											 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) &
+									 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) & 0x2000));
-											 0x2000));
 					m->Assign(4, static_cast<bool>(
-											 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) &
+									 ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))) & 0x1000));
-											 0x1000));
 					m->Assign(5, ntohs(*((uint16_t*)(msg_data + 2 * sizeof(uint16_t)))));
 					off += 3 * sizeof(uint16_t);
 					m->Assign(6, BuildOptionsVal(data + off, Length() - off));
@@ -272,8 +267,8 @@ RecordValPtr IPv6_Hdr::ToVal(VectorValPtr chain) const
 					{
 					auto m = make_intrusive<RecordVal>(ip6_mob_back_type);
 					m->Assign(0, *((uint8_t*)msg_data));
-							m->Assign(1, static_cast<bool>(
+					m->Assign(1,
-											 *((uint8_t*)(msg_data + sizeof(uint8_t))) & 0x80));
+					          static_cast<bool>(*((uint8_t*)(msg_data + sizeof(uint8_t))) & 0x80));
 					m->Assign(2, ntohs(*((uint16_t*)(msg_data + sizeof(uint16_t)))));
 					m->Assign(3, ntohs(*((uint16_t*)(msg_data + 2 * sizeof(uint16_t)))));
 					off += 3 * sizeof(uint16_t);
@@ -646,8 +641,7 @@ void IPv6_Hdr_Chain::ProcessDstOpts(const struct ip6_dest* d, uint16_t len)
 				// Double-check that the len can hold the whole option structure.
 				// Otherwise we get a buffer-overflow when we check the option_len.
 				// Also check that it holds everything for the option itself.
-					if ( len < sizeof(struct ip6_opt) ||
+				if ( len < sizeof(struct ip6_opt) || len < sizeof(struct ip6_opt) + opt->ip6o_len )
-					     len < sizeof(struct ip6_opt) + opt->ip6o_len )
 					{
 					reporter->Weird(SrcAddr(), DstAddr(), "bad_ipv6_dest_opt_len");
 					len = 0;
@@ -662,8 +656,8 @@ void IPv6_Hdr_Chain::ProcessDstOpts(const struct ip6_dest* d, uint16_t len)
 						if ( homeAddr )
 							reporter->Weird(SrcAddr(), DstAddr(), "multiple_home_addr_opts");
 						else
-								homeAddr =
+							homeAddr = new IPAddr(
-									new IPAddr(*((const in6_addr*)(data + sizeof(struct ip6_opt))));
+								*((const in6_addr*)(data + sizeof(struct ip6_opt))));
 						}
 					else
 						reporter->Weird(SrcAddr(), DstAddr(), "bad_home_addr_len");

src/IP.h

@@ -2,11 +2,13 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
+// clang-format off
 #include <sys/types.h> // for u_char
 #include <netinet/in.h>
 #include <netinet/ip.h>
-
+// clang-format on
-#include "zeek/zeek-config.h"
 
 #ifdef HAVE_NETINET_IP6_H
 #include <netinet/ip6.h>

src/NFA.cc

@@ -2,12 +2,13 @@
 
 #include "zeek/NFA.h"
 
+#include "zeek/zeek-config.h"
+
 #include <algorithm>
 
 #include "zeek/Desc.h"
 #include "zeek/EquivClass.h"
 #include "zeek/IntSet.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/NetVar.cc

@@ -2,11 +2,12 @@
 
 #include "zeek/NetVar.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/EventHandler.h"
 #include "zeek/ID.h"
 #include "zeek/Val.h"
 #include "zeek/Var.h"
-#include "zeek/zeek-config.h"
 
 zeek::RecordType* conn_id;
 zeek::RecordType* endpoint;
@@ -291,8 +292,8 @@ void init_net_var()
 
 	udp_content_deliver_all_orig = bool(id::find_val("udp_content_deliver_all_orig")->AsBool());
 	udp_content_deliver_all_resp = bool(id::find_val("udp_content_deliver_all_resp")->AsBool());
-	udp_content_delivery_ports_use_resp =
+	udp_content_delivery_ports_use_resp = bool(
-		bool(id::find_val("udp_content_delivery_ports_use_resp")->AsBool());
+		id::find_val("udp_content_delivery_ports_use_resp")->AsBool());
 
 	dns_session_timeout = id::find_val("dns_session_timeout")->AsInterval();
 	rpc_timeout = id::find_val("rpc_timeout")->AsInterval();

src/Obj.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/Obj.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 
 #include "zeek/Desc.h"
 #include "zeek/File.h"
 #include "zeek/Func.h"
 #include "zeek/plugin/Manager.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek
 	{

src/Obj.h

@@ -2,10 +2,10 @@
 
 #pragma once
 
-#include <limits.h>
-
 #include "zeek/zeek-config.h"
 
+#include <limits.h>
+
 namespace zeek
 	{
 

src/Options.cc

@@ -2,10 +2,11 @@
 
 #include "zeek/Options.h"
 
+#include "zeek/zeek-config.h"
+
 #include <unistd.h>
 
 #include "zeek/script_opt/ScriptOpt.h"
-#include "zeek/zeek-config.h"
 
 #ifdef HAVE_GETOPT_H
 #include <getopt.h>

src/PolicyFile.cc

@@ -1,5 +1,7 @@
 #include "zeek/PolicyFile.h"
 
+#include "zeek/zeek-config.h"
+
 #include <assert.h>
 #include <errno.h>
 #include <stdio.h>
@@ -12,7 +14,6 @@
 #include "zeek/Debug.h"
 #include "zeek/Reporter.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 using namespace std;
 

src/PrefixTable.cc

@@ -94,8 +94,8 @@ std::list<std::tuple<IPPrefix, void*>> PrefixTable::FindAll(const SubNetVal* val
 void* PrefixTable::Lookup(const IPAddr& addr, int width, bool exact) const
 	{
 	prefix_t* prefix = MakePrefix(addr, width);
-	patricia_node_t* node =
+	patricia_node_t* node = exact ? patricia_search_exact(tree, prefix)
-		exact ? patricia_search_exact(tree, prefix) : patricia_search_best(tree, prefix);
+	                              : patricia_search_best(tree, prefix);
 
 	int elems = 0;
 	patricia_node_t** list = nullptr;

src/PriorityQueue.cc

@@ -2,12 +2,13 @@
 
 #include "zeek/PriorityQueue.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdio.h>
 #include <stdlib.h>
 
 #include "zeek/Reporter.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/PriorityQueue.h

@@ -2,11 +2,11 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <math.h>
 #include <stdint.h>
 
-#include "zeek/zeek-config.h"
-
 namespace zeek::detail
 	{
 

src/RE.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/RE.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 #include <utility>
 
@@ -10,7 +12,6 @@
 #include "zeek/EquivClass.h"
 #include "zeek/Reporter.h"
 #include "zeek/ZeekString.h"
-#include "zeek/zeek-config.h"
 
 zeek::detail::CCL* zeek::detail::curr_ccl = nullptr;
 zeek::detail::Specific_RE_Matcher* zeek::detail::rem = nullptr;

src/RandTest.h

@@ -1,9 +1,9 @@
 #pragma once
 
-#include <stdint.h>
-
 #include "zeek/zeek-config.h"
 
+#include <stdint.h>
+
 #define RT_MONTEN                                                                                  \
 	6 /* Bytes used as Monte Carlo                                                                 \
 	     co-ordinates. This should be no more                                                      \

src/Reassem.cc

@@ -2,10 +2,11 @@
 
 #include "zeek/Reassem.h"
 
+#include "zeek/zeek-config.h"
+
 #include <algorithm>
 
 #include "zeek/Desc.h"
-#include "zeek/zeek-config.h"
 
 using std::min;
 

src/Reporter.cc

@@ -4,6 +4,8 @@
 
 #include "zeek/Reporter.h"
 
+#include "zeek/zeek-config.h"
+
 #include <syslog.h>
 #include <unistd.h>
 
@@ -20,7 +22,6 @@
 #include "zeek/input.h"
 #include "zeek/plugin/Manager.h"
 #include "zeek/plugin/Plugin.h"
-#include "zeek/zeek-config.h"
 
 #ifdef SYSLOG_INT
 extern "C"
@@ -599,10 +600,10 @@ void Reporter::DoLog(const char* prefix, EventHandlerPtr event, FILE* out, Conne
 		if ( locations.size() )
 			{
 			auto locs = locations.back();
-			raise_event =
+			raise_event = PLUGIN_HOOK_WITH_RESULT(HOOK_REPORTER,
-				PLUGIN_HOOK_WITH_RESULT(HOOK_REPORTER,
 			                                      HookReporter(prefix, event, conn, addl, location,
-			                                         locs.first, locs.second, time, buffer),
+			                                                   locs.first, locs.second, time,
+			                                                   buffer),
 			                                      true);
 			}
 		else

src/Rule.cc

@@ -1,9 +1,10 @@
 #include "zeek/Rule.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/RuleAction.h"
 #include "zeek/RuleCondition.h"
 #include "zeek/RuleMatcher.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/RuleAction.cc

@@ -1,5 +1,7 @@
 #include "zeek/RuleAction.h"
 
+#include "zeek/zeek-config.h"
+
 #include <string>
 
 #include "zeek/Conn.h"
@@ -8,7 +10,6 @@
 #include "zeek/RuleMatcher.h"
 #include "zeek/analyzer/Manager.h"
 #include "zeek/analyzer/protocol/pia/PIA.h"
-#include "zeek/zeek-config.h"
 
 using std::string;
 

src/RuleCondition.cc

@@ -1,5 +1,7 @@
 #include "zeek/RuleCondition.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Func.h"
 #include "zeek/ID.h"
 #include "zeek/Reporter.h"
@@ -7,7 +9,6 @@
 #include "zeek/Scope.h"
 #include "zeek/Val.h"
 #include "zeek/analyzer/protocol/tcp/TCP.h"
-#include "zeek/zeek-config.h"
 
 static inline bool is_established(const zeek::analyzer::tcp::TCP_Endpoint* e)
 	{

src/RuleMatcher.cc

@@ -1,6 +1,8 @@
 
 #include "zeek/RuleMatcher.h"
 
+#include "zeek/zeek-config.h"
+
 #include <algorithm>
 #include <functional>
 
@@ -22,7 +24,6 @@
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/Analyzer.h"
 #include "zeek/module_util.h"
-#include "zeek/zeek-config.h"
 
 using namespace std;
 
@@ -662,8 +663,8 @@ RuleMatcher::MIME_Matches* RuleMatcher::Match(RuleFileMagicState* state, const u
 #ifdef DEBUG
 	if ( debug_logger.IsEnabled(DBG_RULES) )
 		{
-		const char* s =
+		const char* s = util::fmt_bytes(reinterpret_cast<const char*>(data),
-			util::fmt_bytes(reinterpret_cast<const char*>(data), min(40, static_cast<int>(len)));
+		                                min(40, static_cast<int>(len)));
 		DBG_LOG(DBG_RULES, "Matching %s rules on |%s%s|", Rule::TypeToString(Rule::FILE_MAGIC), s,
 		        len > 40 ? "..." : "");
 		}
@@ -805,8 +806,8 @@ RuleEndpointState* RuleMatcher::InitEndpoint(analyzer::Analyzer* analyzer, const
 					case RuleHdrTest::ICMPv6:
 					case RuleHdrTest::TCP:
 					case RuleHdrTest::UDP:
-						match =
+						match = compare(*h->vals, getval(ip->Payload() + h->offset, h->size),
-							compare(*h->vals, getval(ip->Payload() + h->offset, h->size), h->comp);
+						                h->comp);
 						break;
 
 					case RuleHdrTest::IPSrc:
@@ -1404,8 +1405,8 @@ void RuleMatcherState::InitEndpointMatcher(analyzer::Analyzer* analyzer, const I
 			delete orig_match_state;
 			}
 
-		orig_match_state =
+		orig_match_state = rule_matcher->InitEndpoint(analyzer, ip, caplen, resp_match_state,
-			rule_matcher->InitEndpoint(analyzer, ip, caplen, resp_match_state, from_orig, pia);
+		                                              from_orig, pia);
 		}
 
 	else
@@ -1416,8 +1417,8 @@ void RuleMatcherState::InitEndpointMatcher(analyzer::Analyzer* analyzer, const I
 			delete resp_match_state;
 			}
 
-		resp_match_state =
+		resp_match_state = rule_matcher->InitEndpoint(analyzer, ip, caplen, orig_match_state,
-			rule_matcher->InitEndpoint(analyzer, ip, caplen, orig_match_state, from_orig, pia);
+		                                              from_orig, pia);
 		}
 	}
 

src/RunState.cc

@@ -2,9 +2,9 @@
 
 #include "zeek/RunState.h"
 
-#include <sys/types.h>
-
 #include "zeek/zeek-config.h"
+
+#include <sys/types.h>
 #ifdef TIME_WITH_SYS_TIME
 #include <sys/time.h>
 #include <time.h>
@@ -386,8 +386,9 @@ void get_final_stats()
 		{
 		iosource::PktSrc::Stats s;
 		ps->Statistics(&s);
-		double dropped_pct =
+		double dropped_pct = s.dropped > 0.0
-			s.dropped > 0.0 ? ((double)s.dropped / ((double)s.received + (double)s.dropped)) * 100.0
+		                         ? ((double)s.dropped / ((double)s.received + (double)s.dropped)) *
+		                               100.0
 		                         : 0.0;
 		reporter->Info("%" PRIu64 " packets received on interface %s, %" PRIu64 " (%.2f%%) dropped",
 		               s.received, ps->Path().c_str(), s.dropped, dropped_pct);

src/RunState.h

@@ -2,11 +2,11 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <optional>
 #include <string>
 
-#include "zeek/zeek-config.h"
-
 namespace zeek
 	{
 

src/Scope.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/Scope.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Desc.h"
 #include "zeek/ID.h"
 #include "zeek/IntrusivePtr.h"
 #include "zeek/Reporter.h"
 #include "zeek/Val.h"
 #include "zeek/module_util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -110,8 +111,8 @@ const IDPtr& lookup_ID(const char* name, const char* curr_module, bool no_global
 	std::string fullname = make_full_var_name(curr_module, name);
 
 	std::string ID_module = extract_module_name(fullname.c_str());
-	bool need_export =
+	bool need_export = check_export &&
-		check_export && (ID_module != GLOBAL_MODULE_NAME && ID_module != curr_module);
+	                   (ID_module != GLOBAL_MODULE_NAME && ID_module != curr_module);
 
 	for ( auto s_i = scopes.rbegin(); s_i != scopes.rend(); ++s_i )
 		{

src/SerializationFormat.h

@@ -2,11 +2,11 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <stdint.h>
 #include <string>
 
-#include "zeek/zeek-config.h"
-
 struct in_addr;
 struct in6_addr;
 

src/SmithWaterman.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/SmithWaterman.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <algorithm>
 
@@ -9,7 +11,6 @@
 #include "zeek/Val.h"
 #include "zeek/Var.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/Stats.cc

@@ -392,13 +392,15 @@ void SegmentProfiler::Report()
 	struct rusage final_rusage;
 	getrusage(RUSAGE_SELF, &final_rusage);
 
-	double start_time =
+	double start_time = double(initial_rusage.ru_utime.tv_sec) +
-		double(initial_rusage.ru_utime.tv_sec) + double(initial_rusage.ru_utime.tv_usec) / 1e6 +
+	                    double(initial_rusage.ru_utime.tv_usec) / 1e6 +
-		double(initial_rusage.ru_stime.tv_sec) + double(initial_rusage.ru_stime.tv_usec) / 1e6;
+	                    double(initial_rusage.ru_stime.tv_sec) +
+	                    double(initial_rusage.ru_stime.tv_usec) / 1e6;
 
-	double stop_time =
+	double stop_time = double(final_rusage.ru_utime.tv_sec) +
-		double(final_rusage.ru_utime.tv_sec) + double(final_rusage.ru_utime.tv_usec) / 1e6 +
+	                   double(final_rusage.ru_utime.tv_usec) / 1e6 +
-		double(final_rusage.ru_stime.tv_sec) + double(final_rusage.ru_stime.tv_usec) / 1e6;
+	                   double(final_rusage.ru_stime.tv_sec) +
+	                   double(final_rusage.ru_stime.tv_usec) / 1e6;
 
 	int start_mem = initial_rusage.ru_maxrss * 1024;
 	int stop_mem = initial_rusage.ru_maxrss * 1024;

src/Stats.h

@@ -2,13 +2,13 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <stdint.h>
 #include <sys/resource.h>
 #include <sys/time.h>
 #include <sys/types.h>
 
-#include "zeek/zeek-config.h"
-
 namespace zeek
 	{
 

src/Stmt.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Stmt.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/CompHash.h"
 #include "zeek/Debug.h"
 #include "zeek/Desc.h"
@@ -19,7 +21,6 @@
 #include "zeek/logging/Manager.h"
 #include "zeek/logging/logging.bif.h"
 #include "zeek/script_opt/StmtOptInfo.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -344,8 +345,8 @@ void do_print_stmt(const std::vector<ValPtr>& vals)
 		++offset;
 		}
 
-	static auto print_log_type =
+	static auto print_log_type = static_cast<BifEnum::Log::PrintLogType>(
-		static_cast<BifEnum::Log::PrintLogType>(id::find_val("Log::print_to_log")->AsEnum());
+		id::find_val("Log::print_to_log")->AsEnum());
 
 	switch ( print_log_type )
 		{

src/Tag.h

@@ -2,12 +2,13 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <stdint.h>
 #include <string>
 
 #include "zeek/IntrusivePtr.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek
 	{

src/Timer.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Timer.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Desc.h"
 #include "zeek/NetVar.h"
 #include "zeek/RunState.h"
@@ -9,7 +11,6 @@
 #include "zeek/iosource/Manager.h"
 #include "zeek/iosource/PktSrc.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{
@@ -102,8 +103,8 @@ void TimerMgr::Process()
 
 	// Just advance the timer manager based on the current network time. This won't actually
 	// change the time, but will dispatch any timers that need dispatching.
-	run_state::current_dispatched +=
+	run_state::current_dispatched += Advance(run_state::network_time,
-		Advance(run_state::network_time, max_timer_expires - run_state::current_dispatched);
+	                                         max_timer_expires - run_state::current_dispatched);
 	}
 
 void TimerMgr::InitPostScript()

src/TunnelEncapsulation.h

@@ -2,13 +2,14 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <vector>
 
 #include "zeek/ID.h"
 #include "zeek/IPAddr.h"
 #include "zeek/NetVar.h"
 #include "zeek/UID.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek
 	{

src/Type.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Type.h"
 
+#include "zeek/zeek-config.h"
+
 #include <list>
 #include <map>
 #include <string>
@@ -14,7 +16,6 @@
 #include "zeek/Val.h"
 #include "zeek/Var.h"
 #include "zeek/module_util.h"
-#include "zeek/zeek-config.h"
 #include "zeek/zeekygen/IdentifierInfo.h"
 #include "zeek/zeekygen/Manager.h"
 #include "zeek/zeekygen/ScriptInfo.h"
@@ -519,8 +520,8 @@ TableType::TableType(TypeListPtr ind, TypePtr yield)
 
 		if ( ! is_supported_index_type(tli, &unsupported_type_name) )
 			{
-			auto msg =
+			auto msg = util::fmt("index type containing '%s' is not supported",
-				util::fmt("index type containing '%s' is not supported", unsupported_type_name);
+			                     unsupported_type_name);
 			Error(msg, tli.get());
 			SetError();
 			break;
@@ -1719,8 +1720,8 @@ void EnumType::DescribeReST(ODesc* d, bool roles_only) const
 		if ( doc->GetDeclaringScript() )
 			enum_from_script = doc->GetDeclaringScript()->Name();
 
-		zeekygen::detail::IdentifierInfo* type_doc =
+		zeekygen::detail::IdentifierInfo* type_doc = detail::zeekygen_mgr->GetIdentifierInfo(
-			detail::zeekygen_mgr->GetIdentifierInfo(GetName());
+			GetName());
 
 		if ( type_doc && type_doc->GetDeclaringScript() )
 			type_from_script = type_doc->GetDeclaringScript()->Name();
@@ -2100,8 +2101,7 @@ bool same_type(const Type& arg_t1, const Type& arg_t2, bool is_init, bool match_
 			{
 			auto tt1 = t1->AsTypeType();
 			auto tt2 = t2->AsTypeType();
-				result =
+			result = same_type(tt1->GetType(), tt1->GetType(), is_init, match_record_field_names);
-					same_type(tt1->GetType(), tt1->GetType(), is_init, match_record_field_names);
 			break;
 			}
 
@@ -2310,10 +2310,10 @@ TypePtr merge_types(const TypePtr& arg_t1, const TypePtr& arg_t2)
 				// actually see those changes from the redef.
 				return id->GetType();
 
-				std::string msg =
+			std::string msg = util::fmt("incompatible enum types: '%s' and '%s'"
-					util::fmt("incompatible enum types: '%s' and '%s'"
 			                            " ('%s' enum type ID is invalid)",
-				              t1->GetName().data(), t2->GetName().data(), t1->GetName().data());
+			                            t1->GetName().data(), t2->GetName().data(),
+			                            t1->GetName().data());
 			t1->Error(msg.data(), t2);
 			return nullptr;
 			}

src/Val.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Val.h"
 
+#include "zeek/zeek-config.h"
+
 #include <netdb.h>
 #include <netinet/in.h>
 #include <stdio.h>
@@ -35,7 +37,6 @@
 #include "zeek/broker/Manager.h"
 #include "zeek/broker/Store.h"
 #include "zeek/threading/formatters/JSON.h"
-#include "zeek/zeek-config.h"
 
 using namespace std;
 
@@ -1838,8 +1839,8 @@ ValPtr TableVal::Default(const ValPtr& index)
 		     record_promotion_compatible(dtype->AsRecordType(), ytype->AsRecordType()) )
 			{
 			auto rt = cast_intrusive<RecordType>(ytype);
-			auto coerce =
+			auto coerce = make_intrusive<detail::RecordCoerceExpr>(def_attr->GetExpr(),
-				make_intrusive<detail::RecordCoerceExpr>(def_attr->GetExpr(), std::move(rt));
+			                                                       std::move(rt));
 
 			def_val = coerce->Eval(nullptr);
 			}

src/Val.h

@@ -271,8 +271,8 @@ public:
 	static constexpr bro_uint_t PREALLOCATED_COUNTS = 4096;
 	static constexpr bro_uint_t PREALLOCATED_INTS = 512;
 	static constexpr bro_int_t PREALLOCATED_INT_LOWEST = -255;
-	static constexpr bro_int_t PREALLOCATED_INT_HIGHEST =
+	static constexpr bro_int_t PREALLOCATED_INT_HIGHEST = PREALLOCATED_INT_LOWEST +
-		PREALLOCATED_INT_LOWEST + PREALLOCATED_INTS - 1;
+	                                                      PREALLOCATED_INTS - 1;
 
 	ValManager();
 

src/Var.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/Var.h"
 
+#include "zeek/zeek-config.h"
+
 #include <memory>
 
 #include "zeek/EventRegistry.h"
@@ -16,7 +18,6 @@
 #include "zeek/Val.h"
 #include "zeek/module_util.h"
 #include "zeek/script_opt/ScriptOpt.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::detail
 	{

src/ZeekString.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/ZeekString.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <algorithm>
 #include <iostream>
@@ -12,7 +14,6 @@
 #include "zeek/Reporter.h"
 #include "zeek/Val.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 #ifdef DEBUG
 #define DEBUG_STR(msg) DBG_LOG(zeek::DBG_STRING, msg)

src/ZeekString.h

@@ -2,13 +2,13 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <sys/types.h>
 #include <iosfwd>
 #include <string>
 #include <vector>
 
-#include "zeek/zeek-config.h"
-
 namespace zeek
 	{
 

src/analyzer/Component.h

@@ -2,11 +2,12 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/analyzer/Tag.h"
 #include "zeek/plugin/Component.h"
 #include "zeek/plugin/TaggedComponent.h"
 #include "zeek/util.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek
 	{

src/analyzer/Tag.h

@@ -3,9 +3,10 @@
 
 #pragma once
 
-#include "zeek/Tag.h"
 #include "zeek/zeek-config.h"
 
+#include "zeek/Tag.h"
+
 namespace zeek
 	{
 

src/analyzer/protocol/bittorrent/BitTorrentTracker.cc

@@ -536,8 +536,7 @@ int BitTorrentTracker_Analyzer::ResponseParseBenc(void)
 								benc_raw_type = detail::BENC_TYPE_DIR;
 								/* fall through */
 							default:
-									VIOLATION_IF(benc_stack.back() == 'd' &&
+								VIOLATION_IF(benc_stack.back() == 'd' && ! (benc_count.back() % 2),
-									                 ! (benc_count.back() % 2),
 								             "BitTorrentTracker: directory key is not a string "
 								             "but a directory")
 								++benc_raw_len;
@@ -561,8 +560,7 @@ int BitTorrentTracker_Analyzer::ResponseParseBenc(void)
 								/* fall through */
 
 							default:
-									VIOLATION_IF(benc_stack.back() == 'd' &&
+								VIOLATION_IF(benc_stack.back() == 'd' && ! (benc_count.back() % 2),
-									                 ! (benc_count.back() % 2),
 								             "BitTorrentTracker: directory key is not a string "
 								             "but a list")
 								++benc_raw_len;
@@ -573,11 +571,9 @@ int BitTorrentTracker_Analyzer::ResponseParseBenc(void)
 						break;
 
 					case 'i':
-							VIOLATION_IF(
+						VIOLATION_IF(! benc_stack.size(),
-								! benc_stack.size(),
 						             "BitTorrentTracker: not a bencoded directory (first char: i)")
-							VIOLATION_IF(
+						VIOLATION_IF(benc_stack.back() == 'd' && ! (benc_count.back() % 2),
-								benc_stack.back() == 'd' && ! (benc_count.back() % 2),
 						             "BitTorrentTracker: directory key is not a string but an int")
 
 						if ( benc_raw_type != detail::BENC_TYPE_NONE )
@@ -587,8 +583,7 @@ int BitTorrentTracker_Analyzer::ResponseParseBenc(void)
 						break;
 
 					case 'e':
-							VIOLATION_IF(
+						VIOLATION_IF(! benc_stack.size(),
-								! benc_stack.size(),
 						             "BitTorrentTracker: not a bencoded directory (first char: e)")
 						VIOLATION_IF(benc_stack.back() == 'd' && benc_count.back() % 2,
 						             "BitTorrentTracker: directory has an odd count of members")

src/analyzer/protocol/dce-rpc/DCE_RPC.cc

@@ -2,12 +2,12 @@
 
 #include "zeek/analyzer/protocol/dce-rpc/DCE_RPC.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 #include <map>
 #include <string>
 
-#include "zeek/zeek-config.h"
-
 using namespace std;
 
 namespace zeek::analyzer::dce_rpc

src/analyzer/protocol/dns/DNS.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/dns/DNS.h"
 
+#include "zeek/zeek-config.h"
+
 #include <arpa/inet.h>
 #include <ctype.h>
 #include <netinet/in.h>
@@ -14,7 +16,6 @@
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/dns/events.bif.h"
 #include "zeek/session/Manager.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::dns
 	{
@@ -800,8 +801,8 @@ bool DNS_Interpreter::ParseRR_EDNS(detail::DNS_MsgInfo* msg, const u_char*& data
 					break;
 					}
 
-					analyzer->EnqueueConnEvent(dns_EDNS_ecs, analyzer->ConnVal(),
+				analyzer->EnqueueConnEvent(dns_EDNS_ecs, analyzer->ConnVal(), msg->BuildHdrVal(),
-					                           msg->BuildHdrVal(), msg->BuildEDNS_ECS_Val(&opt));
+				                           msg->BuildEDNS_ECS_Val(&opt));
 				data += option_len;
 				break;
 				} // END EDNS ECS
@@ -859,18 +860,16 @@ bool DNS_Interpreter::ParseRR_EDNS(detail::DNS_MsgInfo* msg, const u_char*& data
 				int client_cookie_len = 8;
 				int server_cookie_len = option_len - client_cookie_len;
 
-					cookie.client_cookie =
+				cookie.client_cookie = ExtractStream(data, client_cookie_len, client_cookie_len);
-						ExtractStream(data, client_cookie_len, client_cookie_len);
 				cookie.server_cookie = nullptr;
 
 				if ( server_cookie_len >= 8 )
 					{
-						cookie.server_cookie =
+					cookie.server_cookie = ExtractStream(data, server_cookie_len,
-							ExtractStream(data, server_cookie_len, server_cookie_len);
+					                                     server_cookie_len);
 					}
 
-					analyzer->EnqueueConnEvent(dns_EDNS_cookie, analyzer->ConnVal(),
+				analyzer->EnqueueConnEvent(dns_EDNS_cookie, analyzer->ConnVal(), msg->BuildHdrVal(),
-					                           msg->BuildHdrVal(),
 				                           msg->BuildEDNS_COOKIE_Val(&cookie));
 
 				break;

src/analyzer/protocol/finger/Finger.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/analyzer/protocol/finger/Finger.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 
 #include "zeek/Event.h"
 #include "zeek/NetVar.h"
 #include "zeek/analyzer/protocol/finger/events.bif.h"
 #include "zeek/analyzer/protocol/tcp/ContentLine.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::finger
 	{

src/analyzer/protocol/ftp/FTP.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/ftp/FTP.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 
 #include "zeek/Base64.h"
@@ -12,7 +14,6 @@
 #include "zeek/analyzer/Manager.h"
 #include "zeek/analyzer/protocol/ftp/events.bif.h"
 #include "zeek/analyzer/protocol/login/NVT.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::ftp
 	{

src/analyzer/protocol/gnutella/Gnutella.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/gnutella/Gnutella.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <algorithm>
 
@@ -10,7 +12,6 @@
 #include "zeek/analyzer/Manager.h"
 #include "zeek/analyzer/protocol/gnutella/events.bif.h"
 #include "zeek/analyzer/protocol/pia/PIA.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::gnutella
 	{

src/analyzer/protocol/http/HTTP.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/http/HTTP.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <math.h>
 #include <stdlib.h>
@@ -13,7 +15,6 @@
 #include "zeek/analyzer/protocol/http/events.bif.h"
 #include "zeek/analyzer/protocol/mime/MIME.h"
 #include "zeek/file_analysis/Manager.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::http
 	{
@@ -329,8 +330,8 @@ void HTTP_Entity::SubmitData(int len, const char* buf)
 	else
 		{
 		if ( send_size && content_length > 0 )
-			precomputed_file_id =
+			precomputed_file_id = file_mgr->SetSize(
-				file_mgr->SetSize(content_length, http_message->MyHTTP_Analyzer()->GetAnalyzerTag(),
+				content_length, http_message->MyHTTP_Analyzer()->GetAnalyzerTag(),
 				http_message->MyHTTP_Analyzer()->Conn(), http_message->IsOrig(),
 				precomputed_file_id);
 
@@ -893,8 +894,8 @@ void HTTP_Analyzer::DeliverStream(int len, const u_char* data, bool is_orig)
 	const char* line = reinterpret_cast<const char*>(data);
 	const char* end_of_line = line + len;
 
-	analyzer::tcp::ContentLine_Analyzer* content_line =
+	analyzer::tcp::ContentLine_Analyzer* content_line = is_orig ? content_line_orig
-		is_orig ? content_line_orig : content_line_resp;
+	                                                            : content_line_resp;
 
 	if ( content_line->IsPlainDelivery() )
 		{
@@ -941,8 +942,7 @@ void HTTP_Analyzer::DeliverStream(int len, const u_char* data, bool is_orig)
 					request_ongoing = 1;
 					unanswered_requests.push(request_method);
 					HTTP_Request();
-						InitHTTPMessage(content_line, request_message, is_orig, HTTP_BODY_MAYBE,
+					InitHTTPMessage(content_line, request_message, is_orig, HTTP_BODY_MAYBE, len);
-						                len);
 					}
 
 				else
@@ -1063,8 +1063,8 @@ void HTTP_Analyzer::Undelivered(uint64_t seq, int len, bool is_orig)
 
 	HTTP_Message* msg = is_orig ? request_message : reply_message;
 
-	analyzer::tcp::ContentLine_Analyzer* content_line =
+	analyzer::tcp::ContentLine_Analyzer* content_line = is_orig ? content_line_orig
-		is_orig ? content_line_orig : content_line_resp;
+	                                                            : content_line_resp;
 
 	if ( ! content_line->IsSkippedContents(seq, len) )
 		{

src/analyzer/protocol/ident/Ident.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/analyzer/protocol/ident/Ident.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 
 #include "zeek/Event.h"
 #include "zeek/NetVar.h"
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/ident/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::ident
 	{

src/analyzer/protocol/krb/KRB.h

@@ -2,10 +2,10 @@
 
 #pragma once
 
-#include <mutex>
-
 #include "zeek/zeek-config.h"
 
+#include <mutex>
+
 #ifdef USE_KRB5
 #include <krb5.h>
 #endif

src/analyzer/protocol/login/Login.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/login/Login.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <stdlib.h>
 
@@ -12,7 +14,6 @@
 #include "zeek/Var.h"
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/login/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::login
 	{

src/analyzer/protocol/login/NVT.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/login/NVT.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 
 #include "zeek/Event.h"
@@ -10,7 +12,6 @@
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/login/events.bif.h"
 #include "zeek/analyzer/protocol/tcp/TCP.h"
-#include "zeek/zeek-config.h"
 
 #define IS_3_BYTE_OPTION(c) (c >= 251 && c <= 254)
 
@@ -208,8 +209,7 @@ void TelnetAuthenticateOption::RecvSubOption(u_char* data, int len)
 		{
 		case HERE_IS_AUTHENTICATION:
 			{
-				TelnetAuthenticateOption* peer =
+			TelnetAuthenticateOption* peer = (TelnetAuthenticateOption*)endp->FindPeerOption(code);
-					(TelnetAuthenticateOption*)endp->FindPeerOption(code);
 
 			if ( ! peer )
 				{

src/analyzer/protocol/login/RSH.cc

@@ -2,11 +2,12 @@
 
 #include "zeek/analyzer/protocol/login/RSH.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Event.h"
 #include "zeek/NetVar.h"
 #include "zeek/Reporter.h"
 #include "zeek/analyzer/protocol/login/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::login
 	{

src/analyzer/protocol/login/Rlogin.cc

@@ -2,11 +2,12 @@
 
 #include "zeek/analyzer/protocol/login/Rlogin.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Event.h"
 #include "zeek/NetVar.h"
 #include "zeek/Reporter.h"
 #include "zeek/analyzer/protocol/login/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::login
 	{

src/analyzer/protocol/login/Telnet.cc

@@ -2,9 +2,10 @@
 
 #include "zeek/analyzer/protocol/login/Telnet.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/analyzer/protocol/login/NVT.h"
 #include "zeek/analyzer/protocol/login/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::login
 	{

src/analyzer/protocol/mime/MIME.cc

@@ -1,12 +1,13 @@
 #include "zeek/analyzer/protocol/mime/MIME.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Base64.h"
 #include "zeek/NetVar.h"
 #include "zeek/Reporter.h"
 #include "zeek/analyzer/protocol/mime/events.bif.h"
 #include "zeek/digest.h"
 #include "zeek/file_analysis/Manager.h"
-#include "zeek/zeek-config.h"
 
 // Here are a few things to do:
 //
@@ -1460,9 +1461,9 @@ void MIME_Mail::SubmitData(int len, const char* buf)
 		                           make_intrusive<StringVal>(data_len, data));
 		}
 
-	cur_entity_id =
+	cur_entity_id = file_mgr->DataIn(reinterpret_cast<const u_char*>(buf), len,
-		file_mgr->DataIn(reinterpret_cast<const u_char*>(buf), len, analyzer->GetAnalyzerTag(),
+	                                 analyzer->GetAnalyzerTag(), analyzer->Conn(), is_orig,
-	                     analyzer->Conn(), is_orig, cur_entity_id);
+	                                 cur_entity_id);
 
 	cur_entity_len += len;
 	buffer_start = (buf + len) - (char*)data_buffer->Bytes();

src/analyzer/protocol/ncp/NCP.cc

@@ -2,13 +2,14 @@
 
 #include "zeek/analyzer/protocol/ncp/NCP.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 #include <map>
 #include <string>
 
 #include "zeek/analyzer/protocol/ncp/consts.bif.h"
 #include "zeek/analyzer/protocol/ncp/events.bif.h"
-#include "zeek/zeek-config.h"
 
 using namespace std;
 

src/analyzer/protocol/netbios/NetbiosSSN.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/netbios/NetbiosSSN.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 
 #include "zeek/Event.h"
@@ -10,7 +12,6 @@
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/netbios/events.bif.h"
 #include "zeek/session/Manager.h"
-#include "zeek/zeek-config.h"
 
 constexpr double netbios_ssn_session_timeout = 15.0;
 

src/analyzer/protocol/pia/PIA.cc

@@ -106,9 +106,9 @@ void PIA::PIA_DeliverPacket(int len, const u_char* data, bool is_orig, uint64_t
 	if ( (pkt_buffer.state == BUFFERING || new_state == BUFFERING) && len > 0 )
 		{
 		AddToBuffer(&pkt_buffer, seq, len, data, is_orig, ip);
-		if ( pkt_buffer.size > zeek::detail::dpd_buffer_size || ++pkt_buffer.chunks > zeek::detail::dpd_max_packets )
+		if ( pkt_buffer.size > zeek::detail::dpd_buffer_size ||
-			new_state = zeek::detail::dpd_match_only_beginning ?
+		     ++pkt_buffer.chunks > zeek::detail::dpd_max_packets )
-						SKIPPING : MATCHING_ONLY;
+			new_state = zeek::detail::dpd_match_only_beginning ? SKIPPING : MATCHING_ONLY;
 		}
 
 	// FIXME: I'm not sure why it does not work with eol=true...
@@ -280,9 +280,9 @@ void PIA_TCP::DeliverStream(int len, const u_char* data, bool is_orig)
 	if ( stream_buffer.state == BUFFERING || new_state == BUFFERING )
 		{
 		AddToBuffer(&stream_buffer, len, data, is_orig);
-		if ( stream_buffer.size > zeek::detail::dpd_buffer_size || ++stream_buffer.chunks > zeek::detail::dpd_max_packets )
+		if ( stream_buffer.size > zeek::detail::dpd_buffer_size ||
-			new_state = zeek::detail::dpd_match_only_beginning ?
+		     ++stream_buffer.chunks > zeek::detail::dpd_max_packets )
-						SKIPPING : MATCHING_ONLY;
+			new_state = zeek::detail::dpd_match_only_beginning ? SKIPPING : MATCHING_ONLY;
 		}
 
 	DoMatch(data, len, is_orig, false, false, false, nullptr);
@@ -382,11 +382,11 @@ void PIA_TCP::ActivateAnalyzer(analyzer::Tag tag, const zeek::detail::Rule* rule
 
 	auto* tcp = static_cast<packet_analysis::TCP::TCPSessionAdapter*>(Parent());
 
-	auto* reass_orig =
+	auto* reass_orig = new tcp::TCP_Reassembler(this, tcp, tcp::TCP_Reassembler::Direct,
-		new tcp::TCP_Reassembler(this, tcp, tcp::TCP_Reassembler::Direct, tcp->Orig());
+	                                            tcp->Orig());
 
-	auto* reass_resp =
+	auto* reass_resp = new tcp::TCP_Reassembler(this, tcp, tcp::TCP_Reassembler::Direct,
-		new tcp::TCP_Reassembler(this, tcp, tcp::TCP_Reassembler::Direct, tcp->Resp());
+	                                            tcp->Resp());
 
 	uint64_t orig_seq = 0;
 	uint64_t resp_seq = 0;

src/analyzer/protocol/pop3/POP3.cc

@@ -3,6 +3,8 @@
 
 #include "zeek/analyzer/protocol/pop3/POP3.h"
 
+#include "zeek/zeek-config.h"
+
 #include <ctype.h>
 #include <string>
 #include <vector>
@@ -11,7 +13,6 @@
 #include "zeek/Reporter.h"
 #include "zeek/analyzer/Manager.h"
 #include "zeek/analyzer/protocol/pop3/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::pop3
 	{
@@ -584,9 +585,9 @@ void POP3_Analyzer::ProcessReply(int length, const char* line)
 
 	if ( multiLine == true )
 		{
-		bool terminator =
+		bool terminator = line[0] == '.' &&
-			line[0] == '.' &&
+		                  (length == 1 ||
-			(length == 1 || (length > 1 && (line[1] == '\n' ||
+		                   (length > 1 && (line[1] == '\n' ||
 		                                   (length > 2 && line[1] == '\r' && line[2] == '\n'))));
 
 		if ( terminator )

src/analyzer/protocol/rpc/MOUNT.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/rpc/MOUNT.h"
 
+#include "zeek/zeek-config.h"
+
 #include <algorithm>
 #include <vector>
 
@@ -10,7 +12,6 @@
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/rpc/XDR.h"
 #include "zeek/analyzer/protocol/rpc/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::rpc
 	{

src/analyzer/protocol/rpc/NFS.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/rpc/NFS.h"
 
+#include "zeek/zeek-config.h"
+
 #include <utility>
 #include <vector>
 
@@ -10,7 +12,6 @@
 #include "zeek/ZeekString.h"
 #include "zeek/analyzer/protocol/rpc/XDR.h"
 #include "zeek/analyzer/protocol/rpc/events.bif.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::rpc
 	{

src/analyzer/protocol/rpc/Portmap.cc

@@ -2,11 +2,12 @@
 
 #include "zeek/analyzer/protocol/rpc/Portmap.h"
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/Event.h"
 #include "zeek/NetVar.h"
 #include "zeek/analyzer/protocol/rpc/XDR.h"
 #include "zeek/analyzer/protocol/rpc/events.bif.h"
-#include "zeek/zeek-config.h"
 
 #define PMAPPROC_NULL 0
 #define PMAPPROC_SET 1

src/analyzer/protocol/rpc/RPC.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/rpc/RPC.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 #include <string>
 
@@ -11,7 +13,6 @@
 #include "zeek/analyzer/protocol/rpc/XDR.h"
 #include "zeek/analyzer/protocol/rpc/events.bif.h"
 #include "zeek/session/Manager.h"
-#include "zeek/zeek-config.h"
 
 namespace
 	{ // local namespace
@@ -68,8 +69,8 @@ RPC_CallInfo::RPC_CallInfo(uint32_t arg_xid, const u_char*& buf, int& n, double
 		stamp = extract_XDR_uint32(cred_opaque, cred_opaque_n);
 		int machinename_n;
 		constexpr auto max_machinename_len = 255;
-		auto mnp =
+		auto mnp = extract_XDR_opaque(cred_opaque, cred_opaque_n, machinename_n,
-			extract_XDR_opaque(cred_opaque, cred_opaque_n, machinename_n, max_machinename_len);
+		                              max_machinename_len);
 
 		if ( ! mnp )
 			{
@@ -649,15 +650,15 @@ void Contents_RPC::DeliverStream(int len, const u_char* data, bool orig)
 
 					if ( ! dummy_p )
 						{
-							reporter->AnalyzerError(this,
+						reporter->AnalyzerError(this, "inconsistent RPC record marker extraction");
-							                        "inconsistent RPC record marker extraction");
 						return;
 						}
 
 					last_frag = (marker & 0x80000000) != 0;
 					marker &= 0x7fffffff;
 					// printf("%.6f %d marker= %u <> last_frag= %d <> expected=%llu <>
-						// processed= %llu <> len = %d\n", 		run_state::network_time, IsOrig(), marker,
+					// processed= %llu <> len = %d\n", 		run_state::network_time, IsOrig(),
+					// marker,
 					// last_frag, msg_buf.GetExpected(), msg_buf.GetProcessed(), len);
 
 					if ( ! msg_buf.AddToExpected(marker) )
@@ -690,9 +691,8 @@ void Contents_RPC::DeliverStream(int len, const u_char* data, bool orig)
 						const u_char* dummy_p = msg_buf.GetBuf();
 						int dummy_len = (int)msg_buf.GetFill();
 
-							if ( ! interp->DeliverRPC(dummy_p, dummy_len,
+						if ( ! interp->DeliverRPC(dummy_p, dummy_len, (int)msg_buf.GetExpected(),
-							                          (int)msg_buf.GetExpected(), IsOrig(),
+						                          IsOrig(), start_time, last_time) )
-							                          start_time, last_time) )
 							Conn()->Weird("partial_RPC");
 
 						state = WAIT_FOR_MESSAGE;

src/analyzer/protocol/rpc/XDR.cc

@@ -2,11 +2,12 @@
 
 #include "zeek/analyzer/protocol/rpc/XDR.h"
 
+#include "zeek/zeek-config.h"
+
 #include <string.h>
 #include <algorithm>
 
 #include "zeek/analyzer/protocol/rpc/events.bif.h"
-#include "zeek/zeek-config.h"
 
 uint32_t zeek::analyzer::rpc::extract_XDR_uint32(const u_char*& buf, int& len)
 	{

src/analyzer/protocol/smtp/SMTP.cc

@@ -2,6 +2,8 @@
 
 #include "zeek/analyzer/protocol/smtp/SMTP.h"
 
+#include "zeek/zeek-config.h"
+
 #include <stdlib.h>
 
 #include "zeek/Event.h"
@@ -9,7 +11,6 @@
 #include "zeek/Reporter.h"
 #include "zeek/analyzer/Manager.h"
 #include "zeek/analyzer/protocol/smtp/events.bif.h"
-#include "zeek/zeek-config.h"
 
 #undef SMTP_CMD_DEF
 #define SMTP_CMD_DEF(cmd) #cmd,

src/analyzer/protocol/tcp/TCP_Reassembler.cc

@@ -42,14 +42,14 @@ TCP_Reassembler::TCP_Reassembler(analyzer::Analyzer* arg_dst_analyzer,
 
 	if ( ::tcp_contents )
 		{
-		static auto tcp_content_delivery_ports_orig =
+		static auto tcp_content_delivery_ports_orig = id::find_val<TableVal>(
-			id::find_val<TableVal>("tcp_content_delivery_ports_orig");
+			"tcp_content_delivery_ports_orig");
-		static auto tcp_content_delivery_ports_resp =
+		static auto tcp_content_delivery_ports_resp = id::find_val<TableVal>(
-			id::find_val<TableVal>("tcp_content_delivery_ports_resp");
+			"tcp_content_delivery_ports_resp");
-		const auto& dst_port_val =
+		const auto& dst_port_val = val_mgr->Port(ntohs(tcp_analyzer->Conn()->RespPort()),
-			val_mgr->Port(ntohs(tcp_analyzer->Conn()->RespPort()), TRANSPORT_TCP);
+		                                         TRANSPORT_TCP);
-		const auto& ports =
+		const auto& ports = IsOrig() ? tcp_content_delivery_ports_orig
-			IsOrig() ? tcp_content_delivery_ports_orig : tcp_content_delivery_ports_resp;
+		                             : tcp_content_delivery_ports_resp;
 		auto result = ports->FindOrDefault(dst_port_val);
 
 		if ( (IsOrig() && zeek::detail::tcp_content_deliver_all_orig) ||
@@ -519,9 +519,9 @@ void TCP_Reassembler::AckReceived(uint64_t seq)
 		// Nothing to do.
 		return;
 
-	bool test_active =
+	bool test_active = ! skip_deliveries && ! tcp_analyzer->Skipping() &&
-		! skip_deliveries && ! tcp_analyzer->Skipping() &&
+	                   (BifConst::report_gaps_for_partial ||
-		(BifConst::report_gaps_for_partial || (endp->state == TCP_ENDPOINT_ESTABLISHED &&
+	                    (endp->state == TCP_ENDPOINT_ESTABLISHED &&
 	                     endp->peer->state == TCP_ENDPOINT_ESTABLISHED));
 
 	uint64_t num_missing = TrimToSeq(seq);

src/analyzer/protocol/zip/ZIP.h

@@ -2,10 +2,11 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include <zlib.h>
 
 #include "zeek/analyzer/protocol/tcp/TCP.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek::analyzer::zip
 	{

src/broker/Data.cc

@@ -364,8 +364,8 @@ struct val_converter
 			unsigned int pos = 0;
 			for ( auto& item : a )
 				{
-				auto item_val =
+				auto item_val = data_to_val(move(item),
-					data_to_val(move(item), pure ? lt->GetPureType().get() : types[pos].get());
+				                            pure ? lt->GetPureType().get() : types[pos].get());
 				pos++;
 
 				if ( ! item_val )

src/broker/Manager.cc

@@ -376,8 +376,8 @@ void Manager::InitializeBrokerStoreForwarding()
 		if ( id->HasVal() && id->GetAttr(zeek::detail::ATTR_BACKEND) )
 			{
 			const auto& attr = id->GetAttr(zeek::detail::ATTR_BACKEND);
-			auto e =
+			auto e = static_cast<BifEnum::Broker::BackendType>(
-				static_cast<BifEnum::Broker::BackendType>(attr->GetExpr()->Eval(nullptr)->AsEnum());
+				attr->GetExpr()->Eval(nullptr)->AsEnum());
 			auto storename = std::string("___sync_store_") + global.first;
 			id->GetVal()->AsTableVal()->SetBrokerStore(storename);
 			AddForwardedStore(storename, cast_intrusive<TableVal>(id->GetVal()));
@@ -739,8 +739,8 @@ bool Manager::PublishLogWrite(EnumVal* stream, EnumVal* writer, string path, int
 	std::string serial_data(data, len);
 	free(data);
 
-	auto v =
+	auto v = log_topic_func->Invoke(IntrusivePtr{NewRef{}, stream},
-		log_topic_func->Invoke(IntrusivePtr{NewRef{}, stream}, make_intrusive<StringVal>(path));
+	                                make_intrusive<StringVal>(path));
 
 	if ( ! v )
 		{
@@ -1797,8 +1797,8 @@ void Manager::BrokerStoreToZeekTable(const std::string& name, const detail::Stor
 		if ( its.size() == 1 )
 			zeek_key = detail::data_to_val(key, its[0].get());
 		else
-			zeek_key =
+			zeek_key = detail::data_to_val(key,
-				detail::data_to_val(key, table->GetType()->AsTableType()->GetIndices().get());
+			                               table->GetType()->AsTableType()->GetIndices().get());
 
 		if ( ! zeek_key )
 			{

src/broker/Store.cc

@@ -70,8 +70,7 @@ broker::backend_options to_backend_options(broker::backend backend, RecordVal* o
 		{
 		case broker::backend::sqlite:
 			{
-				auto path =
+			auto path = options->GetFieldAs<RecordVal>(0)->GetFieldAs<StringVal>(0)->CheckString();
-					options->GetFieldAs<RecordVal>(0)->GetFieldAs<StringVal>(0)->CheckString();
 			return {{"path", path}};
 			}
 

src/file_analysis/Component.h

@@ -2,10 +2,11 @@
 
 #pragma once
 
+#include "zeek/zeek-config.h"
+
 #include "zeek/file_analysis/Tag.h"
 #include "zeek/plugin/Component.h"
 #include "zeek/plugin/TaggedComponent.h"
-#include "zeek/zeek-config.h"
 
 namespace zeek
 	{