This test triggered ubsan by putting a function with the wrong type
as a post-processor into the .shadow file. Don't do that.
Likely Zeek should provide a better error message, but hand-crafting
.shadow files isn't what is normally done and this is to fix the
master build for now.
* topic/awelzel/3112-log-suffix-left-over-log-rotation:
cluster/logger: Fix leftover-log-rotation in multi-logger setups
cluster/logger: Fix global var reference
Using break in either of the hooks allows to suppress the default reporter
error message rather than suppressing solely based on the existence of an
assertion_failure() handler.
Populating log_metadata during zeek_init() is too late for the
leftover-log-rotation functionality, so do it at script parse time.
Also, prepend archiver_ to the log_metadata table and encoding function
due to being in the global namespace and to align with the
archiver_rotation_format_func. This hasn't been in a released
version yet, so fine to rename still.
Closes#3112
* origin/topic/awelzel/cluster-at-if-removal:
test-all-policy: Do not load nodes-experimental/manager.zeek
cluster/main: Remove extra @if ( Cluster::is_enabled() )
Turns out loading this script in non-cluster mode uses Cluster::log()
and creates cluster.log in the external baselines saying "cluster
started". Do not load it into test-all-policy.zeek and instead rely
on the new test-all-policy-cluster.test to load it transitively
when running as manager for basic checking.
These have been discussed in the context of "@if &analyze" [1] and
am much in favor for not disabling/removing ~100 lines (more than
fits on a single terminal) out from the middle of a file. There's no
performance impact for having these handlers enabled unconditionally.
Also, any future work on "@if &analyze" will look at them again which
we could also skip.
This also reverts back to the behavior where the Cluster::LOG stream
is created even in non cluster setups like in previous Zeek versions.
As long as no one writes to it there's essentially no difference. If
someone does write to Cluster::LOG, I'd argue not black holing these
messages is better. Schema generators using Log::active_streams will
continue to discover Cluster::LOG even if they run in non-cluster
mode.
https://github.com/zeek/zeek/pull/3062#discussion_r1200498905
* origin/master: (200 commits)
Update link to slack in README.md
Update bifcl, binpac, and broker repos for cmake changes
bison_target argument changes from HEADER to DEFINES_FILE
Update cmake submodule [nomail]
Start of 6.1.0 development
Switch broker submodule back to master
Update broker submodule to 2.6.0 release tag [nomail] [skip ci]
Update docs submodule [nomail] [skip ci]
Updating CHANGES and VERSION.
Update baseline for coverage.test-all-policy-cluster test
catch-and-release: Mark cr_check_rule as is_used
Add test-all-policy-cluster
Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'"
Simplify code generated for Spicy analyzer port ranges.
Register test analyzer only for required ports.
Update doc submodule [nomail] [skip ci]
Update broker submodule [nomail]
Update ZeekJS submodule to 0.9.1
Fix disappearing unit fields in Spicy type export.
Bump cluster testsuite to latest main
...
After the introduction of @if ... analyze, a lot of warnings were
triggered due to nested @if and @if .. analyze usage.
Add a test for coverage of all policy scripts in cluster mode
for the usual node types so this does not happen again.
