zeek
Windows: failure reading 2009-M57-day11-18 as part of testing
I tried to run Zeek on Windows with the following command-line:
zeek -G testing/btest/random.seed -r 2009-M57-day11-18.trace testing/external/zeek-testing/tests/m57-long.zeek
This results in a repeated error from script-land:
1258595506.961134 expression error in C:\Users\Tim\Desktop\projects\zeek2019\scripts\policy\frameworks/notice/./extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
As well as a some errors down inside of broker:
[broker/ERROR] 2022-11-14T15:23:52.262 exception: POLLRDHUP: cannot read from closed pipe
[broker/ERROR] 2022-11-14T15:24:04.915 wrong number of bytes written to the pipe
*** unhandled exception: [id: 4, name: broker.core, exception typeid: class%20std.runtime_error]: wrong number of bytes written to the pipe
[broker/ERROR] 2022-11-14T15:24:04.920 wrong number of bytes written to the pipe
I don't have a backtrace for the first error because it didn't hit an abort or anything, but the second one does abort because the exception is unhandled:
zeek.exe!issue_debug_notification(const wchar_t * const message) Line 28
zeek.exe!__acrt_report_runtime_error(const wchar_t * message) Line 154
zeek.exe!abort() Line 61
zeek.exe!terminate() Line 59
[External Code]
zeek.exe!broker::internal::connector::write_to_pipe(caf::span<enum caf::byte const> bytes, bool shutdown_after_write) Line 1817
zeek.exe!broker::internal::connector::async_shutdown() Line 1794
zeek.exe!broker::`anonymous namespace'::connector_task::~connector_task() Line 397
[External Code]
zeek.exe!broker::endpoint::shutdown() Line 634
zeek.exe!broker::endpoint::~endpoint() Line 579
[External Code]
zeek.exe!zeek::Broker::Manager::~Manager() Line 249
[External Code]
zeek.exe!zeek::iosource::Manager::~Manager() Line 77
[External Code]
zeek.exe!zeek::detail::terminate_zeek() Line 434
zeek.exe!zeek::detail::cleanup(bool did_run_loop) Line 1124
zeek.exe!main(int argc, char * * argv) Line 90
[External Code]
For anyone trying to reproduce this one in Visual Studio, here's a launch.vs.json that sets everything up for you. You'll need to download the traces for zeek-testing, gunzip the 2009-M57-day11-18.trace.gz file, and put the full path to it in the json.
{
"version": "0.2.1",
"defaults": {},
"configurations": [
{
"type": "default",
"project": "CMakeLists.txt",
"projectTarget": "zeek.exe (src\\zeek.exe)",
"name": "zeek.exe (src\\zeek.exe)",
"env": {
"ZEEKPATH": ".;${workspaceRoot}\\scripts;${workspaceRoot}\\scripts\\policy;${workspaceRoot}\\scripts\\site;${workspaceRoot}\\out\\build\\x64-Debug\\scripts;${workspaceRoot}\\out\\build\\x64-Debug\\scripts\\builtin-plugins;${workspaceRoot}\\testing\\external\\scripts;",
"ZEEK_PLUGIN_PATH": "${workspaceRoot}\\out\\build\\x64-Debug\\src;",
"HILTI_INCLUDE_DIRS": "${workspaceRoot}\\auxil\\spicy\\spicy\\hilti\\runtime\\include;${workspaceRoot}\\auxil\\spicy\\spicy\\spicy\\runtime\\include;${workspaceRoot}\\out\\build\\x64-Debug\\auxil\\spicy\\spicy\\include;${workspaceRoot}\\out\\build\\x64-Debug;${workspaceRoot}\\out\\build\\x64-Debug\\src;${workspaceRoot}\\out\\build\\x64-Debug\\src\\include;${workspaceRoot}\\src;${workspaceRoot}\\auxil\\broker\\include\\",
"SPICY_PATH": ".;${workspaceRoot}\\auxil\\spicy\\spicy\\spicy\\lib;${workspaceRoot}\\auxil\\spicy\\spicy\\hilti\\lib"
},
"args": [
"-G",
"${workspaceRoot}\\testing\\btest\\random.seed",
"-r",
"2009-M57-day11-18.trace",
"${workspaceRoot}\\testing\\external\\zeek-testing\\tests\\m57-long.zeek"
]
}
]
}
I opened https://github.com/zeek/broker/issues/316 to cover the broker error.