|
| 1 | +1.6.1 | 2023-01-25 09:39:36 +0100 |
| 2 | + |
| 3 | + * Add stringification to UnitContext. (Benjamin Bannier, Corelight) |
| 4 | + |
| 5 | + Not adding this in the first place broke e.g., `-X flow` or `-X trace`. |
| 6 | + |
| 7 | + (cherry picked from commit 7ee860a2bb81962d60864d10090930cc8cb2ea64) |
| 8 | + |
| 9 | + * Remove potential race during JIT when using `HILTI_CXX_COMPILER_LAUNCHER`. (Benjamin Bannier, Corelight) |
| 10 | + |
| 11 | + We previously would not create unique names for different JIT |
| 12 | + invocations if they came from the same directory. This causes issues if |
| 13 | + the same module is imported into different analyzers where previously we |
| 14 | + would generate the same C++ and object file name. Different JIT runs |
| 15 | + could then race on the same output files and e.g., remove each others |
| 16 | + inputs/outputs. As far as I can tell this was very unlikely to produce |
| 17 | + incorrect behavior at runtime. |
| 18 | + |
| 19 | + We now include all input files from a JIT run in the JIT hash. With that |
| 20 | + above race is not possible anymore. |
| 21 | + |
| 22 | + (cherry picked from commit 709990fe5593284e24822aa898e73ad988217d85) |
| 23 | + |
| 24 | + * GH-1349: Fix incremental regexp matching for potentially empty results. (Robin Sommer, Corelight) |
| 25 | + |
| 26 | + When feeding data incrementally into the regexp matcher, we could run |
| 27 | + into an assert trying to ensure that the end of a match wasn't in the |
| 28 | + previous chunk already. Turns out, however, that *is* possible with |
| 29 | + empty matches that are determined only later (and maybe it's possible |
| 30 | + in other cases, too). To fix this, we need to account for potentially |
| 31 | + backtracking into data from a previous round. This could be a bit |
| 32 | + surprising to callers of the `advance()` method, but should |
| 33 | + work as long as they aren't trimming the stream in between (which in |
| 34 | + our use cases shouldn't be the case). |
| 35 | + |
| 36 | + Closes #1349. |
| 37 | + |
| 38 | + * Bump Zeek version in zeek-plugin CI job. (Benjamin Bannier, Corelight) |
| 39 | + |
| 40 | + (cherry picked from commit 41922f69769d4ba20c45675ccd99caf117588735) |
| 41 | + |
| 42 | + * Fix test `Backtrace.comparison` for aggressive constant folding. (Benjamin Bannier, Corelight) |
| 43 | + |
| 44 | + This is a fixup commit for 1333be6b40de6 which addresses compilers not |
| 45 | + interpreting `optnone`. For such compilers we want to continue setting |
| 46 | + `noinline`. |
| 47 | + |
| 48 | + (cherry picked from commit 422b8f4c2ebe12ce257cbed28092758ee3e905fe) |
| 49 | + |
| 50 | + * Fix test `Backtrace.comparison` for aggressive constant folding. (Benjamin Bannier, Corelight) |
| 51 | + |
| 52 | + In order to test construction of backtraces we used a helper function |
| 53 | + which was marked `noinline` to guarantee that it always constructed a |
| 54 | + new stack frame. It seems this was not enough as a sufficiently smart |
| 55 | + compiler might perform other optimizations like e.g., constant folding |
| 56 | + which would also remove the stack frame. |
| 57 | + |
| 58 | + We now disable optimizations for this function to make sure it is |
| 59 | + emitted. |
| 60 | + |
| 61 | + (cherry picked from commit 1333be6b40de6042d353c8b36f90bc80991e9442) |
| 62 | + |
| 63 | + * Bump Cirrus macos CI. (Benjamin Bannier, Corelight) |
| 64 | + |
| 65 | + As of 2023-01-01 Cirrus will not offer Intel-based macos instances |
| 66 | + anymore. This patch moves the Cirrus macos CI to M1 virtual machines. |
| 67 | + Since M1 virtual machines do not support the previously tested OS |
| 68 | + versions we also bump CI to test the last two macos version. |
| 69 | + |
| 70 | + (cherry picked from commit c739aa886dc112fec4e5a8dcfb5e198af330dcc6) |
| 71 | + |
| 72 | + * Remove performance pessimization introduced in `84fb4f21f494`. (Benjamin Bannier, Corelight) |
| 73 | + |
| 74 | + When exposing this function directly we made the argument always |
| 75 | + evaluate. This now causes us to compute strings for logging even if they |
| 76 | + are never emitted. |
| 77 | + |
| 78 | + Undo this change as it is actually not needed for the cleanup it was |
| 79 | + initially intended for. |
| 80 | + |
| 81 | + (cherry picked from commit d5fef37c379ac76762a7d8e2d9e3f9a417409a1b) |
| 82 | + |
| 83 | + * Install full nlohmann JSON header as well. (Benjamin Bannier, Corelight) |
| 84 | + |
| 85 | + We previously would only install the nlohmann header with forward |
| 86 | + declaration while in `hilti/rt/json.h` we include the full header. With |
| 87 | + that it was impossible to include this header in user code. |
| 88 | + |
| 89 | + This patch makes sure we install the full header as well. |
| 90 | + |
| 91 | + (cherry picked from commit f101790bb82345a3d029ed5f4f94e8eda1ae8851) |
| 92 | + |
| 93 | + * GH-1345: Fix pathological performance for `_haveEod` on highly chunked streams. (Benjamin Bannier, Corelight) |
| 94 | + |
| 95 | + This function was identified as a performance bottleneck when parsing |
| 96 | + `bytes` with a huge size from a stream with many chunks. The reason it |
| 97 | + performed so poorly was due to its use of `unsafeEnd`: since `unsafeEnd` |
| 98 | + creates an unsafe iterator from `end()` it always needs to compute the |
| 99 | + chunk the safe iterator pointed to; if the stream contains many chunks |
| 100 | + this causes the seen poor performance. |
| 101 | + |
| 102 | + Since we only access `offset` use safe iterators instead. This makes it |
| 103 | + much cheaper to call this function so we can safely use it during |
| 104 | + parsing. |
| 105 | + |
| 106 | + Since this change only affects performance we do not add a test case. |
| 107 | + For a benchmark see #1345. |
| 108 | + |
| 109 | + Closes #1345. |
| 110 | + |
| 111 | + (cherry picked from commit 9a218491de15bd8eab22f8018a2725a9046e01c4) |
| 112 | + |
1 | 113 | 1.6.0 | 2022-12-12 12:38:01 +0100 |
2 | 114 |
|
3 | 115 | * Release 1.6.0. (Benjamin Bannier, Corelight) |
|
0 commit comments