The ccache version shipped with Ubuntu 24.04 does not yet recognize
--fprofile-update=atomic, install one that does.
Now that the asan_sanitizer build also includes building Spicy and
running the spicyz test suite, ccache is quite important.
Reference ccache/ccache#1408 and zeek/zeek#3777.
* origin/topic/awelzel/threading-manager-metrics-follow-up:
telemetry/Manager: Check RegisterFd() return value
telemetry/Manager: Track sent_in and sent_out totals without callback
threading/Manager: Switch inf bucket from infinity() to max()
threading/Manager: "lt" to "le" and do not break
UBSAN's vptr sanitize isn't happy with the call to _fmt()
in its member initializer list.
$ zeek -r Traces/ssh/single-conn.trace .tmp/spicy.event-args-mismatch/test.hlto .tmp/spicy.event-args-mismatch/event-args-mismatch.zeek
<...>/src/include/zeek/spicy/runtime-support.h:80:29: runtime error: member call on address 0x511000369540 which does not point to an object of type 'zeek::spicy::rt::ParameterMismatch'
0x511000369540: note: object has invalid vptr
00 00 00 00 be be be be be be be be be be be be be be be be be be be be be be be be be be be be
^~~~~~~~~~~~~~~~~~~~~~~
invalid vptr
#0 0x7f9c9977b019 in zeek::spicy::rt::ParameterMismatch::ParameterMismatch(std::basic_string_view<char, std::char_traits<char>>, zeek::IntrusivePtr<zeek::Type> const&, std::basic_string_view<char, std::char_traits<char>>) <...>/src/include/zeek/spicy/runtime-support.h:80:29
#1 0x7f9c9977a6a2 in zeek::spicy::rt::to_val(hilti::rt::Bytes const&, zeek::IntrusivePtr<zeek::Type> const&) <...>/src/include/zeek/spicy/runtime-support.h:562:15
Initial fuzzing caused a bind response to arrive before a bind request,
resulting in an unset field expression error:
expression error in base/protocols/ldap/main.zeek, line 270: field value missing (LDAP::m$opcode)
Prevent this by ensuring m$opcode is set and raising instead.
LDAP supports both, UDP and TCP as separate analyzers. The corpus
is identical, however. Started to hit the TLS analyzer fairly
quickly, too.
Closes#3860
The current test attempts to instantiate two spicy::SSH_1 protocol
analyzers in the .evt file. The intention likely was to use two
distinct protocol analyzer both trying to replace the builtin SSH
analyzer.
Coincidentally, fixing this happens to workaround TSAN errors tickled
by the FatalError() call while loading the .hlto with two identically
named analyzers.
$ cat .tmp/spicy.replaces-conflicts/output
error: redefinition of protocol analyzer spicy::SSH_1
ThreadSanitizer: main thread finished with ignores enabled
One of the following ignores was not ended (in order of probability)
Ignore was enabled at:
#0 __llvm_gcov_init __linker___d192e45c25d5ee23-484d3e0fc2caf5b4.cc (ssh.hlto+0x34036) (BuildId: 091934ca4da885e7)
#1 __llvm_gcov_init __linker___d192e45c25d5ee23-484d3e0fc2caf5b4.cc (ssh.hlto+0x34036) (BuildId: 091934ca4da885e7)
...
I was tempted to replace FatalError() with Error() and rely on
zeek-setup.cc's early exiting on any reporter errors, but this
seems easier for now.
Relates to #3865.
For terminated threads, the totals would go down once the threads are
removed, which isn't great. Move tracking of sent in and sent out
messages from callback to explicit `Inc()` calls.
Also fixes total_messages_in_metric being initialized twice rather
than total_messages_out_metric.
For uint64_t, std::numeric_limits<T>::has_infinity is false and infinity()
actually returns 0. Use uint64_t's max() instead. We could cast to double
and use the double infinity, but this seems reasonable, too.
This was found while trying to provoke some pending messages and being
confused why all but the "inf" bucket increased.
The buckets are specified as lower-equal (changed from lower-than now),
which means we shouldn't break: The larger "le" bucket contains all previous
buckets, too. The "inf" bucket represents the current number of threads.
For example, with a total of 10 threads, 5 threads with 0 messages pending,
another 4 threads with 50 messages, and on with 2000 messages, the metrics
would end end up as follows:
pending_buckets{le=1} = 5
pending_buckets{le=10} = 5
pending_buckets{le=100} = 9
pending_buckets{le=1000} = 9
pending_buckets{le=10000} = 10
pending_buckets{le=inf} = 10
This might be strange initially, but aligns with the Prometheus
histogram approach (though we're using gauges here).
* origin/topic/timw/3081-prof-log-metrics:
Remove some unnecessary #includes
Avoid capturing 'this' for callback in telemetry::Manager
Make telemetry metrics out of MsgThread statistics
Split cpu time metric into user/system components like prof.log
Move broker statistics to be telemetry metrics
Add timer counts as telemetry metrics
Move thread manager stats to telemetry metric
Add extra metrics to session_mgr
Move dns_mgr stats to telemetry instruments
Move trigger stats to telemetry instruments
Move pulling of global state inside 'expensive' check for stats
This avoids the callbacks from being processed on the worker thread
spawned by Civetweb. It fixes data race issues with lookups involving
global variables, amongst other threading issues.
The ctu-sme-11-win7ad-1-ldap-tcp-50041.pcap file was harvested
from the CTU-SME-11 (Experiment-VM-Microsoft-Windows7AD-1) dataset
at https://zenodo.org/records/7958259 (DOI 10.5281/zenodo.7958258).
Closes#3853
* origin/topic/awelzel/mysql-amazing-pp-issue-2716-additions:
mysql: Simplify length computation
mysql: Improve date and time parsing
btest/mysql: Clean query-attr.pcapng
mysql: Support non-string query attributes
btest/mysql: Add pcap with non-string query attributes
mysql: Introduce mysql_ssl_request event
mysql: Fix EOFIfLegacyThenResultSet
mysql: Add data parameter to mysql_auth_plugin
mysql: Add mysql_auth_plugin, mysql_auth_more_data and mysql_auth_switch_request events
mysql: AuthSwitchRequest: &enforce a 0xfe / 254 status
mysql: Make auth_plugin_ a std::string
mysql: Fix auth_plugin_data_part2 length computation
Refactored connection phase state handling
Add support for "auth switch" and "query attrs"
Add support for parsing the "caching_sha2_password" auth plugin
