[INFO] fetching crate threatfalcon 0.5.0...
[INFO] testing threatfalcon-0.5.0 against 1.95.0 for beta-1.96-2
[INFO] extracting crate threatfalcon 0.5.0 into /workspace/builds/worker-1-tc1/source
[INFO] started tweaking crates.io crate threatfalcon 0.5.0
[INFO] removed 0 missing examples
[INFO] removed 0 missing tests
[INFO] finished tweaking crates.io crate threatfalcon 0.5.0
[INFO] tweaked toml for crates.io crate threatfalcon 0.5.0 written to /workspace/builds/worker-1-tc1/source/Cargo.toml
[INFO] validating manifest of crates.io crate threatfalcon 0.5.0 on toolchain 1.95.0
[INFO] running `Command { std: CARGO_HOME="/workspace/cargo-home" RUSTUP_HOME="/workspace/rustup-home" "/workspace/cargo-home/bin/cargo" "+1.95.0" "metadata" "--manifest-path" "Cargo.toml" "--no-deps", kill_on_drop: false }`
[INFO] crate crates.io crate threatfalcon 0.5.0 already has a lockfile, it will not be regenerated
[INFO] running `Command { std: CARGO_HOME="/workspace/cargo-home" RUSTUP_HOME="/workspace/rustup-home" "/workspace/cargo-home/bin/cargo" "+1.95.0" "fetch" "--manifest-path" "Cargo.toml", kill_on_drop: false }`
[INFO] [stderr]     Blocking waiting for file lock on package cache
[INFO] [stderr]     Updating crates.io index
[INFO] [stderr]  Downloading crates ...
[INFO] [stderr]   Downloaded widestring v1.2.1
[INFO] [stderr]   Downloaded predicates-core v1.0.10
[INFO] [stderr]   Downloaded fallible-streaming-iterator v0.1.9
[INFO] [stderr]   Downloaded predicates-tree v1.0.13
[INFO] [stderr]   Downloaded termtree v0.5.1
[INFO] [stderr]   Downloaded hashlink v0.9.1
[INFO] [stderr]   Downloaded clap_derive v4.6.0
[INFO] [stderr]   Downloaded assert_cmd v2.2.0
[INFO] [stderr]   Downloaded predicates v3.1.4
[INFO] [stderr]   Downloaded assert-json-diff v2.0.2
[INFO] [stderr]   Downloaded colored v3.1.1
[INFO] [stderr]   Downloaded hyper-rustls v0.27.8
[INFO] [stderr]   Downloaded uuid v1.23.0
[INFO] [stderr]   Downloaded wait-timeout v0.2.1
[INFO] [stderr]   Downloaded windows-service v0.7.0
[INFO] [stderr]   Downloaded openssl-sys v0.9.113
[INFO] [stderr]   Downloaded clap v4.6.0
[INFO] [stderr]   Downloaded rustls-webpki v0.103.11
[INFO] [stderr]   Downloaded mockito v1.7.2
[INFO] [stderr]   Downloaded difflib v0.4.0
[INFO] [stderr]   Downloaded float-cmp v0.10.0
[INFO] [stderr]   Downloaded normalize-line-endings v0.3.0
[INFO] [stderr]   Downloaded rusqlite v0.31.0
[INFO] [stderr]   Downloaded openssl v0.10.77
[INFO] [stderr]   Downloaded bstr v1.12.1
[INFO] [stderr]   Downloaded tokio v1.51.1
[INFO] [stderr]   Downloaded libsqlite3-sys v0.28.0
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:d429b63d4308055ea97f60fb1d3dfca48854a00942f1bd2ad806beaf015945ec" "/opt/rustwide/cargo-home/bin/cargo" "+1.95.0" "metadata" "--no-deps" "--format-version=1", kill_on_drop: false }`
[INFO] [stdout] b269043494c4f505b3ce5ecae466c4e15da7f165e1b1e6fa5cce9ade5d523faf
[INFO] running `Command { std: "docker" "start" "-a" "b269043494c4f505b3ce5ecae466c4e15da7f165e1b1e6fa5cce9ade5d523faf", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "inspect" "b269043494c4f505b3ce5ecae466c4e15da7f165e1b1e6fa5cce9ade5d523faf", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "b269043494c4f505b3ce5ecae466c4e15da7f165e1b1e6fa5cce9ade5d523faf", kill_on_drop: false }`
[INFO] [stdout] b269043494c4f505b3ce5ecae466c4e15da7f165e1b1e6fa5cce9ade5d523faf
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=warn" "-e" "RUSTDOCFLAGS=--cap-lints=warn" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:d429b63d4308055ea97f60fb1d3dfca48854a00942f1bd2ad806beaf015945ec" "/opt/rustwide/cargo-home/bin/cargo" "+1.95.0" "build" "--frozen" "--message-format=json", kill_on_drop: false }`
[INFO] [stdout] 7c71bdb58ebd538d9f754bfd1675107efd2c01b5ea408a3ee017ae1badb9b9f1
[INFO] running `Command { std: "docker" "start" "-a" "7c71bdb58ebd538d9f754bfd1675107efd2c01b5ea408a3ee017ae1badb9b9f1", kill_on_drop: false }`
[INFO] [stderr]    Compiling libc v0.2.185
[INFO] [stderr]    Compiling serde_core v1.0.228
[INFO] [stderr]    Compiling pkg-config v0.3.33
[INFO] [stderr]    Compiling cc v1.2.60
[INFO] [stderr]    Compiling itoa v1.0.18
[INFO] [stderr]    Compiling serde v1.0.228
[INFO] [stderr]    Compiling hashbrown v0.17.0
[INFO] [stderr]    Compiling slab v0.4.12
[INFO] [stderr]    Compiling litemap v0.8.2
[INFO] [stderr]    Compiling writeable v0.6.3
[INFO] [stderr]    Compiling icu_normalizer_data v2.2.0
[INFO] [stderr]    Compiling icu_properties_data v2.2.0
[INFO] [stderr]    Compiling futures-io v0.3.32
[INFO] [stderr]    Compiling zerocopy v0.8.48
[INFO] [stderr]    Compiling zerovec-derive v0.11.3
[INFO] [stderr]    Compiling zerofrom-derive v0.1.7
[INFO] [stderr]    Compiling yoke-derive v0.8.2
[INFO] [stderr]    Compiling tokio-macros v2.7.0
[INFO] [stderr]    Compiling http v1.4.0
[INFO] [stderr]    Compiling tracing v0.1.44
[INFO] [stderr]    Compiling openssl v0.10.77
[INFO] [stderr]    Compiling foreign-types-shared v0.1.1
[INFO] [stderr]    Compiling foreign-types v0.3.2
[INFO] [stderr]    Compiling futures-util v0.3.32
[INFO] [stderr]    Compiling ahash v0.8.12
[INFO] [stderr]    Compiling openssl-macros v0.1.1
[INFO] [stderr]    Compiling fnv v1.0.7
[INFO] [stderr]    Compiling try-lock v0.2.5
[INFO] [stderr]    Compiling indexmap v2.14.0
[INFO] [stderr]    Compiling native-tls v0.2.18
[INFO] [stderr]    Compiling want v0.3.1
[INFO] [stderr]    Compiling utf8parse v0.2.2
[INFO] [stderr]    Compiling simd-adler32 v0.3.9
[INFO] [stderr]    Compiling openssl-probe v0.2.1
[INFO] [stderr]    Compiling num-traits v0.2.19
[INFO] [stderr]    Compiling anstyle-parse v1.0.0
[INFO] [stderr]    Compiling sync_wrapper v1.0.2
[INFO] [stderr]    Compiling is_terminal_polyfill v1.70.2
[INFO] [stderr]    Compiling anstyle v1.0.14
[INFO] [stderr]    Compiling colorchoice v1.0.5
[INFO] [stderr]    Compiling http-body v1.0.1
[INFO] [stderr]    Compiling anstyle-query v1.1.5
[INFO] [stderr]    Compiling ipnet v2.12.0
[INFO] [stderr]    Compiling anstream v1.0.0
[INFO] [stderr]    Compiling miniz_oxide v0.8.9
[INFO] [stderr]    Compiling bumpalo v3.20.2
[INFO] [stderr]    Compiling http-body-util v0.1.3
[INFO] [stderr]    Compiling clap_lex v1.1.0
[INFO] [stderr]    Compiling toml_write v0.1.2
[INFO] [stderr]    Compiling parking_lot_core v0.9.12
[INFO] [stderr]    Compiling errno v0.3.14
[INFO] [stderr]    Compiling mio v1.2.0
[INFO] [stderr]    Compiling parking_lot v0.12.5
[INFO] [stderr]    Compiling socket2 v0.6.3
[INFO] [stderr]    Compiling openssl-sys v0.9.113
[INFO] [stderr]    Compiling libsqlite3-sys v0.28.0
[INFO] [stderr]    Compiling getrandom v0.4.2
[INFO] [stderr]    Compiling signal-hook-registry v1.4.8
[INFO] [stderr]    Compiling zip v2.4.2
[INFO] [stderr]    Compiling winnow v0.7.15
[INFO] [stderr]    Compiling zerofrom v0.1.7
[INFO] [stderr]    Compiling strsim v0.11.1
[INFO] [stderr]    Compiling iri-string v0.7.12
[INFO] [stderr]    Compiling flate2 v1.1.9
[INFO] [stderr]    Compiling yoke v0.8.2
[INFO] [stderr]    Compiling zopfli v0.8.3
[INFO] [stderr]    Compiling zerovec v0.11.6
[INFO] [stderr]    Compiling zerotrie v0.2.4
[INFO] [stderr]    Compiling clap_builder v4.6.0
[INFO] [stderr]    Compiling tokio v1.51.1
[INFO] [stderr]    Compiling clap_derive v4.6.0
[INFO] [stderr]    Compiling encoding_rs v0.8.35
[INFO] [stderr]    Compiling fastrand v2.4.1
[INFO] [stderr]    Compiling fallible-streaming-iterator v0.1.9
[INFO] [stderr]    Compiling fallible-iterator v0.3.0
[INFO] [stderr]    Compiling tinystr v0.8.3
[INFO] [stderr]    Compiling potential_utf v0.1.5
[INFO] [stderr]    Compiling icu_collections v2.2.0
[INFO] [stderr]    Compiling icu_locale_core v2.2.0
[INFO] [stderr]    Compiling tempfile v3.27.0
[INFO] [stderr]    Compiling async-trait v0.1.89
[INFO] [stderr]    Compiling serde_json v1.0.149
[INFO] [stderr]    Compiling uuid v1.23.0
[INFO] [stderr]    Compiling icu_provider v2.2.0
[INFO] [stderr]    Compiling serde_spanned v0.6.9
[INFO] [stderr]    Compiling toml_datetime v0.6.11
[INFO] [stderr]    Compiling serde_urlencoded v0.7.1
[INFO] [stderr]    Compiling icu_normalizer v2.2.0
[INFO] [stderr]    Compiling icu_properties v2.2.0
[INFO] [stderr]    Compiling tracing-serde v0.2.0
[INFO] [stderr]    Compiling toml_edit v0.22.27
[INFO] [stderr]    Compiling chrono v0.4.44
[INFO] [stderr]    Compiling clap v4.6.0
[INFO] [stderr]    Compiling tracing-subscriber v0.3.23
[INFO] [stderr]    Compiling idna_adapter v1.2.1
[INFO] [stderr]    Compiling idna v1.1.0
[INFO] [stderr]    Compiling url v2.5.8
[INFO] [stderr]    Compiling toml v0.8.23
[INFO] [stderr]    Compiling hashbrown v0.14.5
[INFO] [stderr]    Compiling hashlink v0.9.1
[INFO] [stderr]    Compiling tokio-util v0.7.18
[INFO] [stderr]    Compiling tower v0.5.3
[INFO] [stderr]    Compiling tokio-native-tls v0.3.1
[INFO] [stderr]    Compiling h2 v0.4.13
[INFO] [stderr]    Compiling tower-http v0.6.8
[INFO] [stderr]    Compiling hyper v1.9.0
[INFO] [stderr]    Compiling rusqlite v0.31.0
[INFO] [stderr]    Compiling hyper-util v0.1.20
[INFO] [stderr]    Compiling hyper-tls v0.6.0
[INFO] [stderr]    Compiling reqwest v0.12.28
[INFO] [stderr]    Compiling threatfalcon v0.5.0 (/opt/rustwide/workdir)
[INFO] [stderr]     Finished `dev` profile [unoptimized + debuginfo] target(s) in 54.17s
[INFO] running `Command { std: "docker" "inspect" "7c71bdb58ebd538d9f754bfd1675107efd2c01b5ea408a3ee017ae1badb9b9f1", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "7c71bdb58ebd538d9f754bfd1675107efd2c01b5ea408a3ee017ae1badb9b9f1", kill_on_drop: false }`
[INFO] [stdout] 7c71bdb58ebd538d9f754bfd1675107efd2c01b5ea408a3ee017ae1badb9b9f1
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=warn" "-e" "RUSTDOCFLAGS=--cap-lints=warn" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:d429b63d4308055ea97f60fb1d3dfca48854a00942f1bd2ad806beaf015945ec" "/opt/rustwide/cargo-home/bin/cargo" "+1.95.0" "test" "--frozen" "--no-run" "--message-format=json", kill_on_drop: false }`
[INFO] [stdout] 545d4015f8e3223d363e03074f895408f71cf96b08bd9167b8bf04ffcc5cf0d4
[INFO] running `Command { std: "docker" "start" "-a" "545d4015f8e3223d363e03074f895408f71cf96b08bd9167b8bf04ffcc5cf0d4", kill_on_drop: false }`
[INFO] [stderr]    Compiling regex-syntax v0.8.10
[INFO] [stderr]    Compiling hyper v1.9.0
[INFO] [stderr]    Compiling getrandom v0.3.4
[INFO] [stderr]    Compiling ppv-lite86 v0.2.21
[INFO] [stderr]    Compiling predicates-core v1.0.10
[INFO] [stderr]    Compiling float-cmp v0.10.0
[INFO] [stderr]    Compiling normalize-line-endings v0.3.0
[INFO] [stderr]    Compiling termtree v0.5.1
[INFO] [stderr]    Compiling assert_cmd v2.2.0
[INFO] [stderr]    Compiling difflib v0.4.0
[INFO] [stderr]    Compiling assert-json-diff v2.0.2
[INFO] [stderr]    Compiling wait-timeout v0.2.1
[INFO] [stderr]    Compiling colored v3.1.1
[INFO] [stderr]    Compiling similar v2.7.0
[INFO] [stderr]    Compiling rand_core v0.9.5
[INFO] [stderr]    Compiling predicates-tree v1.0.13
[INFO] [stderr]    Compiling rand_chacha v0.9.0
[INFO] [stderr]    Compiling rand v0.9.4
[INFO] [stderr]    Compiling hyper-util v0.1.20
[INFO] [stderr]    Compiling regex-automata v0.4.14
[INFO] [stderr]    Compiling hyper-tls v0.6.0
[INFO] [stderr]    Compiling reqwest v0.12.28
[INFO] [stderr]    Compiling regex v1.12.3
[INFO] [stderr]    Compiling matchers v0.2.0
[INFO] [stderr]    Compiling bstr v1.12.1
[INFO] [stderr]    Compiling tracing-subscriber v0.3.23
[INFO] [stderr]    Compiling predicates v3.1.4
[INFO] [stderr]    Compiling mockito v1.7.2
[INFO] [stderr]    Compiling threatfalcon v0.5.0 (/opt/rustwide/workdir)
[INFO] [stderr]     Finished `test` profile [unoptimized + debuginfo] target(s) in 32.44s
[INFO] running `Command { std: "docker" "inspect" "545d4015f8e3223d363e03074f895408f71cf96b08bd9167b8bf04ffcc5cf0d4", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "545d4015f8e3223d363e03074f895408f71cf96b08bd9167b8bf04ffcc5cf0d4", kill_on_drop: false }`
[INFO] [stdout] 545d4015f8e3223d363e03074f895408f71cf96b08bd9167b8bf04ffcc5cf0d4
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-1-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=warn" "-e" "RUSTDOCFLAGS=--cap-lints=warn" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:d429b63d4308055ea97f60fb1d3dfca48854a00942f1bd2ad806beaf015945ec" "/opt/rustwide/cargo-home/bin/cargo" "+1.95.0" "test" "--frozen", kill_on_drop: false }`
[INFO] [stdout] cc6e17b46106facf35fffe7228f3e52d8b3b488cf2691258a94f6d9949b2f1a6
[INFO] running `Command { std: "docker" "start" "-a" "cc6e17b46106facf35fffe7228f3e52d8b3b488cf2691258a94f6d9949b2f1a6", kill_on_drop: false }`
[INFO] [stderr]     Finished `test` profile [unoptimized + debuginfo] target(s) in 0.32s
[INFO] [stderr]      Running unittests src/main.rs (/opt/rustwide/target/debug/deps/threatfalcon-288e9a199771a2b3)
[INFO] [stdout] 
[INFO] [stdout] running 360 tests
[INFO] [stdout] test collectors::etw::tests::dns_type_known ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_completed_no_response ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_completed_aaaa ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_unicode_domain ... ok
[INFO] [stdout] test collectors::etw::tests::empty_user_data_reader ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_completed_multi_answer ... ok
[INFO] [stdout] test collectors::etw::tests::dns_type_unknown ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_amsi_scan_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_completed_with_response ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_completed_empty_result ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_file_rename_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_file_name_create_unc_path ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_file_setinfo_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_image_load_32bit_unicode ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_file_rename_32bit ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_image_load_bare_filename ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_dns_query_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_image_load_signed_detection ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_image_load_payload_64bit ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_powershell_scriptblock_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_process_create_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_image_load_unsigned ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_process_create_long_path ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_process_create_unicode_cmdline ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_delete_key_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_create_key_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_process_stop_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_rename_key_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_image_load_payload_32bit ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_set_value_dword_no_capture ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_delete_value_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_set_value_unicode_data ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_tcp_ipv4_max_ports ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_tcp_ipv4_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_set_value_empty_captured_data ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_tcp_ipv6_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_tcp_ipv4_zero_addr ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_set_value_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_allocvm_remote ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_allocvm_local ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_common_header_parse ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_set_value_with_data ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_max_pid_boundary ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_protectvm_remote ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_mapview_local ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_queueapc_remote ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_allocvm_remote_32bit ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_registry_open_key_payload ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_mapview_remote ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_setcontext_remote ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::best_stop_recovers_v3 ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_resume_thread_remote ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_udp_ipv4_payload ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::best_start_recovers_v3_from_wrong_declaration ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::accept_bare_name_images ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::plausible_empty_is_ok ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::accept_empty_image_with_valid_cmdline ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::plausible_normal_path ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::plausible_short_but_valid ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::parse_v3_layout ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::accept_valid_image_paths ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::bare_name_image_not_rejected ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::dotted_package_id_does_not_steal_layout ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::reject_corrupt_images ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::reject_empty_image_with_control_cmdline ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::reject_single_char_garbage ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_suspend_thread_remote ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::reject_two_char_garbage ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_ti_protectvm_local ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::process_stop_rejects_empty_image ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::v2_data_parsed_as_v3_stop_fails_validation ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::v3_data_parsed_as_v2_fails_validation ... ok
[INFO] [stdout] test collectors::etw::tests::read_ipv4 ... ok
[INFO] [stdout] test collectors::etw::tests::fixture_udp_ipv6_payload ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::v2_data_parsed_as_v3_start_fails_validation ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::parse_v2_layout ... ok
[INFO] [stdout] test collectors::etw::tests::process_validation::v2_wscript_correct_declaration_works ... ok
[INFO] [stdout] test collectors::etw::tests::read_u32_le ... ok
[INFO] [stdout] test collectors::etw::tests::read_ipv6_loopback ... ok
[INFO] [stdout] test collectors::etw::tests::read_u64_le ... ok
[INFO] [stdout] test collectors::etw::tests::read_utf16_bytes_odd_count ... ok
[INFO] [stdout] test collectors::etw::tests::read_u8_basic ... ok
[INFO] [stdout] test collectors::etw::tests::read_multiple_strings ... ok
[INFO] [stdout] test collectors::etw::tests::read_past_end_returns_none ... ok
[INFO] [stdout] test collectors::etw::tests::read_pointer_32bit ... ok
[INFO] [stdout] test collectors::etw::tests::read_utf16_nul_empty_string ... ok
[INFO] [stdout] test collectors::etw::tests::read_utf16_nul_no_terminator ... ok
[INFO] [stdout] test collectors::etw::tests::read_utf16_nul_simple ... ok
[INFO] [stdout] test collectors::etw::tests::remaining_tracks_correctly ... ok
[INFO] [stdout] test collectors::etw::tests::skip_past_end_clamps ... ok
[INFO] [stdout] test collectors::evasion::tests::accept_plausible_ssn ... ok
[INFO] [stdout] test collectors::etw::tests::read_pointer_64bit ... ok
[INFO] [stdout] test collectors::etw::tests::read_u16_be ... ok
[INFO] [stdout] test collectors::etw::tests::read_u16_le ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_classic_e_invalidarg ... ok
[INFO] [stdout] test collectors::etw::tests::read_utf16_bytes_fixed_length ... ok
[INFO] [stdout] test collectors::etw::tests::skip_advances_position ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_immediate_ret ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_mov_eax_arbitrary ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_nop_ret ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_no_match_normal_prologue ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_s_false ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_xor_eax_ret ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_classic_syscall_stub ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_indirect_syscall_jmp_r9 ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_indirect_syscall_jmp_rip ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_int2e_stub ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_indirect_syscall_jmp_r11 ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_reversed_prologue ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_reversed_prologue_alternate_encoding ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_wow64_variant_with_gap ... ok
[INFO] [stdout] test collectors::evasion::tests::amsi_patch_too_short ... ok
[INFO] [stdout] test collectors::evasion::tests::empty_input ... ok
[INFO] [stdout] test collectors::evasion::tests::mixed_direct_and_indirect_stubs ... ok
[INFO] [stdout] test collectors::evasion::tests::detect_alternate_mov_r10_encoding ... ok
[INFO] [stdout] test collectors::evasion::tests::instruction_display ... ok
[INFO] [stdout] test collectors::evasion::tests::reject_implausible_ssn ... ok
[INFO] [stdout] test collectors::evasion::tests::short_input_no_panic ... ok
[INFO] [stdout] test collectors::evasion::tests::no_match_on_regular_code ... ok
[INFO] [stdout] test collectors::evasion::tests::no_match_when_gap_too_large ... ok
[INFO] [stdout] test collectors::evasion::tests::single_indirect_stub_not_enough ... ok
[INFO] [stdout] test collectors::evasion::tests::stub_embedded_in_larger_code ... ok
[INFO] [stdout] test collectors::evasion::tests::multiple_stubs_detected ... ok
[INFO] [stdout] test collectors::evasion::tests::no_match_without_mov_eax ... ok
[INFO] [stdout] test collectors::evasion::tests::whitelist_rejects_non_system ... ok
[INFO] [stdout] test collectors::evasion::tests::stub_without_trailing_ret ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_file_delete ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_ads_stream_create ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_driver_loaded ... ok
[INFO] [stdout] test collectors::evasion::tests::whitelist_system_dlls ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::all_xml_entities ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_network_connect_inbound ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_network_connect_outbound ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_process_access_hex ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::map_process_create ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::parse_event_id ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::parse_fields ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::process_tampering_hollowing ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::process_tampering_herpaderping ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::process_tampering_unknown_type ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::self_closing_data_tag ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::sysmon_detection_severity_is_critical ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::sysmon_all_rules_have_defense_evasion_tactic ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::unknown_event_returns_none ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::telemetry_events_have_no_rule ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::sysmon_evidence_includes_event_source ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::xml_entity_decoding ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::sysmon_detection_confidence_is_high ... ok
[INFO] [stdout] test config::tests::empty_toml_uses_defaults ... ok
[INFO] [stdout] test config::tests::evasion_partial_overrides ... ok
[INFO] [stdout] test config::tests::http_sink_config ... ok
[INFO] [stdout] test config::tests::custom_providers_replace_defaults ... ok
[INFO] [stdout] test config::tests::default_config_is_valid ... ok
[INFO] [stdout] test config::tests::keywords_integer ... ok
[INFO] [stdout] test config::tests::keywords_hex_string ... ok
[INFO] [stdout] test collectors::sysmon_parser::tests::sysmon_suspicious_telemetry_elevated_severity ... ok
[INFO] [stdout] test config::tests::resolve_paths_resolves_relative ... ok
[INFO] [stdout] test config::tests::resolve_paths_skips_absolute ... ok
[INFO] [stdout] test config::tests::rules_custom_lolbins ... ok
[INFO] [stdout] test config::tests::keywords_negative_rejected ... ok
[INFO] [stdout] test config::tests::rules_partial_override ... ok
[INFO] [stdout] test config::tests::resolve_paths_none_anchor_leaves_unchanged ... ok
[INFO] [stdout] test config::tests::config_file_lookup_returns_none_when_missing ... ok
[INFO] [stdout] test config::tests::config_file_lookup_finds_in_cwd ... ok
[INFO] [stdout] test config::tests::load_from_none_uses_defaults_when_no_file ... ok
[INFO] [stdout] test config::tests::partial_toml_merges_with_defaults ... ok
[INFO] [stdout] test config::tests::with_base_dir_some_uses_absolute_paths ... ok
[INFO] [stdout] test config::tests::load_from_custom_path ... ok
[INFO] [stdout] test events::tests::amsi_result_name_clean ... ok
[INFO] [stdout] test events::tests::amsi_result_name_detected ... ok
[INFO] [stdout] test config::tests::spool_dir_resolved_relative_to_config_dir ... ok
[INFO] [stdout] test config::tests::rules_defaults_match_original_values ... ok
[INFO] [stdout] test events::tests::amsi_result_name_not_detected ... ok
[INFO] [stdout] test events::tests::amsi_result_name_blocked_by_admin ... ok
[INFO] [stdout] test config::tests::stdout_sink_config ... ok
[INFO] [stdout] test config::tests::load_from_missing_custom_path_errors ... ok
[INFO] [stdout] test events::tests::detection_event_has_rule ... ok
[INFO] [stdout] test config::tests::with_base_dir_none_uses_relative_paths ... ok
[INFO] [stdout] test events::tests::health_event_roundtrip ... ok
[INFO] [stdout] test config::tests::roundtrip_serialization ... ok
[INFO] [stdout] test config::tests::state_path_resolved_relative_to_config_dir ... ok
[INFO] [stdout] test config::tests::with_base_dir_output_paths_match_sensor ... ok
[INFO] [stdout] test events::tests::health_event_serialization ... ok
[INFO] [stdout] test events::tests::rule_metadata_json_excludes_null_rule ... ok
[INFO] [stdout] test config::tests::rules_roundtrip ... ok
[INFO] [stdout] test events::tests::rule_metadata_roundtrip ... ok
[INFO] [stdout] test events::tests::severity_ordering ... ok
[INFO] [stdout] test events::tests::telemetry_event_has_no_rule ... ok
[INFO] [stdout] test index::tests::index_path_derivation ... ok
[INFO] [stdout] test index::tests::corrupt_index_recovery ... ok
[INFO] [stdout] test index::tests::try_open_returns_none_when_no_index ... ok
[INFO] [stdout] test investigate::tests::amsi_scan_result_name_in_summary ... ok
[INFO] [stdout] test investigate::tests::amsi_scan_roundtrip_with_new_fields ... ok
[INFO] [stdout] test investigate::tests::bundle_creates_valid_json ... ok
[INFO] [stdout] test index::tests::build_creates_index_with_correct_count ... ok
[INFO] [stdout] test investigate::tests::bundle_excludes_different_process_key ... ok
[INFO] [stdout] test investigate::tests::bundle_non_zip_extension_stays_json ... ok
[INFO] [stdout] test index::tests::query_filter_by_source_type ... ok
[INFO] [stdout] test index::tests::rebuild_reindexes_everything ... ok
[INFO] [stdout] test investigate::tests::bundle_related_events_are_chronological ... ok
[INFO] [stdout] test index::tests::needs_update_detects_new_data ... ok
[INFO] [stdout] test index::tests::fetch_events_by_offset ... ok
[INFO] [stdout] test index::tests::query_filter_by_rule_id ... ok
[INFO] [stdout] test index::tests::find_by_process_key_within_window ... ok
[INFO] [stdout] test index::tests::query_filter_by_severity ... ok
[INFO] [stdout] test index::tests::find_by_id_exact_and_prefix ... ok
[INFO] [stdout] test investigate::tests::category_match_case_insensitive ... ok
[INFO] [stdout] test investigate::tests::contains_matches_windows_path_with_backslashes ... ok
[INFO] [stdout] test index::tests::truncated_file_triggers_rebuild ... ok
[INFO] [stdout] test index::tests::query_filter_by_pid ... ok
[INFO] [stdout] test index::tests::status_reports_correctly ... ok
[INFO] [stdout] test investigate::tests::bundle_zip_creates_valid_archive ... ok
[INFO] [stdout] test investigate::tests::bundle_zip_target_event_matches ... ok
[INFO] [stdout] test investigate::tests::empty_jsonl_file ... ok
[INFO] [stdout] test investigate::tests::find_event_exact_match ... ok
[INFO] [stdout] test investigate::tests::find_event_not_found ... ok
[INFO] [stdout] test investigate::tests::explain_builds_timeline ... ok
[INFO] [stdout] test investigate::tests::explain_json_output ... ok
[INFO] [stdout] test investigate::tests::explain_script_correlation_respects_window ... ok
[INFO] [stdout] test investigate::tests::explain_timeline_is_chronological ... ok
[INFO] [stdout] test investigate::tests::bundle_manifest_has_time_range ... ok
[INFO] [stdout] test investigate::tests::bundle_zip_related_events_as_jsonl ... ok
[INFO] [stdout] test investigate::tests::explain_script_amsi_correlation ... ok
[INFO] [stdout] test investigate::tests::is_zip_extension_variants ... ok
[INFO] [stdout] test index::tests::query_with_limit ... ok
[INFO] [stdout] test investigate::tests::event_summary_covers_all_variants ... ok
[INFO] [stdout] test investigate::tests::malformed_lines_skipped ... ok
[INFO] [stdout] test index::tests::incremental_update_indexes_only_new_events ... ok
[INFO] [stdout] test index::tests::source_detail_enables_provider_name_search ... ok
[INFO] [stdout] test investigate::tests::bundle_zip_bundle_json_matches_standalone ... ok
[INFO] [stdout] test investigate::tests::missing_file_errors ... ok
[INFO] [stdout] test investigate::tests::old_scriptblock_json_without_new_fields_deserializes ... ok
[INFO] [stdout] test investigate::tests::parse_datetime_invalid ... ok
[INFO] [stdout] test investigate::tests::parse_datetime_valid ... ok
[INFO] [stdout] test investigate::tests::find_event_prefix_match ... ok
[INFO] [stdout] test investigate::tests::is_script_related_matches_script_events ... ok
[INFO] [stdout] test investigate::tests::parse_severity_variants ... ok
[INFO] [stdout] test investigate::tests::query_combined_filters ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_contains ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_source_etw ... ok
[INFO] [stdout] test investigate::tests::script_block_roundtrip_with_new_fields ... ok
[INFO] [stdout] test investigate::tests::query_limit_applied ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_category ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_source_provider_name ... ok
[INFO] [stdout] test investigate::tests::query_filter_contains_case_insensitive ... ok
[INFO] [stdout] test investigate::tests::old_amsi_json_without_result_name_deserializes ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_from_and_to ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_source_evasion ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_process_key ... ok
[INFO] [stdout] test investigate::tests::script_block_summary_without_path ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_pid ... ok
[INFO] [stdout] test investigate::tests::source_matches_variants ... ok
[INFO] [stdout] test investigate::tests::truncate_emoji ... ok
[INFO] [stdout] test investigate::tests::truncate_long_string ... ok
[INFO] [stdout] test investigate::tests::truncate_short_string ... ok
[INFO] [stdout] test investigate::tests::truncate_multibyte_boundary_exact ... ok
[INFO] [stdout] test output::tests::create_sink_stdout ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_severity ... ok
[INFO] [stdout] test output::tests::create_sink_file ... ok
[INFO] [stdout] test output::tests::file_bytes_written_tracks_correctly ... ok
[INFO] [stdout] test output::tests::file_rotation_creates_numbered_file ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_since ... ok
[INFO] [stdout] test output::tests::file_existing_size_captured ... ok
[INFO] [stdout] test output::tests::file_write_single_event ... ok
[INFO] [stdout] test investigate::tests::truncate_multibyte_cjk ... ok
[INFO] [stdout] test output::tests::file_generation_continues_from_existing ... ok
[INFO] [stdout] test output::tests::create_sink_http_requires_url ... ok
[INFO] [stdout] test investigate::tests::bundle_zip_manifest_is_valid ... ok
[INFO] [stdout] test output::tests::file_rotated_contains_valid_jsonl ... ok
[INFO] [stdout] test output::tests::file_multiple_rotations_increment_generation ... ok
[INFO] [stdout] test investigate::tests::script_block_summary_includes_path ... ok
[INFO] [stdout] test investigate::tests::query_filter_by_rule_id ... ok
[INFO] [stdout] test output::tests::file_rotation_disabled_when_zero ... ok
[INFO] [stdout] test output::tests::http_sink_body_is_json_array ... ok
[INFO] [stdout] test output::tests::http_sink_flush_drains_spool_without_new_events ... ok
[INFO] [stdout] test output::tests::http_sink_sends_batch ... ok
[INFO] [stdout] test output::tests::stdout_sink_flush_succeeds ... ok
[INFO] [stdout] test output::tests::stdout_sink_pretty_prints ... ok
[INFO] [stdout] test output::tests::stdout_sink_writes_jsonl ... ok
[INFO] [stdout] test pe::tests::bad_magic_returns_none ... ok
[INFO] [stdout] test pe::tests::empty_buffer_returns_none ... ok
[INFO] [stdout] test pe::tests::entry_point_rva_parsed ... ok
[INFO] [stdout] test pe::tests::export_ordinal_base ... ok
[INFO] [stdout] test pe::tests::find_export_rva_by_name ... ok
[INFO] [stdout] test pe::tests::first_exec_finds_text ... ok
[INFO] [stdout] test output::tests::http_sink_gzip_sends_compressed ... ok
[INFO] [stdout] test output::tests::http_sink_empty_flush_is_noop ... ok
[INFO] [stdout] test pe::tests::first_exec_prefers_text_over_others ... ok
[INFO] [stdout] test pe::tests::forwarder_detection ... ok
[INFO] [stdout] test pe::tests::machine_name_variants ... ok
[INFO] [stdout] test pe::tests::no_export_directory_returns_none ... ok
[INFO] [stdout] test pe::tests::no_import_directory_returns_none ... ok
[INFO] [stdout] test pe::tests::no_mz_signature_returns_none ... ok
[INFO] [stdout] test pe::tests::no_pe_signature_returns_none ... ok
[INFO] [stdout] test pe::tests::first_exec_none_for_data_only ... ok
[INFO] [stdout] test pe::tests::parse_exports_basic ... ok
[INFO] [stdout] test pe::tests::parse_imports_multiple_dlls ... ok
[INFO] [stdout] test pe::tests::parse_imports_pe32 ... ok
[INFO] [stdout] test pe::tests::parse_imports_single_dll ... ok
[INFO] [stdout] test pe::tests::parse_multiple_sections ... ok
[INFO] [stdout] test pe::tests::parse_pe32_single_text_section ... ok
[INFO] [stdout] test pe::tests::read_section_data_returns_correct_bytes ... ok
[INFO] [stdout] test pe::tests::rva_to_file_offset_maps_correctly ... ok
[INFO] [stdout] test pe::tests::section_name_exactly_8_chars ... ok
[INFO] [stdout] test pe::tests::subsystem_parsed ... ok
[INFO] [stdout] test pe::tests::truncated_buffer_returns_none ... ok
[INFO] [stdout] test pe::tests::parse_pe64_single_text_section ... ok
[INFO] [stdout] test process_cache::tests::activity_event_enriched_with_full_context ... ok
[INFO] [stdout] test process_cache::tests::capacity_allows_replace_existing_pid ... ok
[INFO] [stdout] test process_cache::tests::create_without_create_time_uses_zero ... ok
[INFO] [stdout] test process_cache::tests::capacity_limit_prevents_unbounded_growth ... ok
[INFO] [stdout] test process_cache::tests::dns_event_enriched ... ok
[INFO] [stdout] test process_cache::tests::empty_user_and_integrity_become_none ... ok
[INFO] [stdout] test process_cache::tests::etw_create_overwrites_sysmon_entry ... ok
[INFO] [stdout] test process_cache::tests::file_event_enriched ... ok
[INFO] [stdout] test process_cache::tests::health_event_not_enriched ... ok
[INFO] [stdout] test process_cache::tests::pid_reuse_replaces_old_entry ... ok
[INFO] [stdout] test process_cache::tests::process_context_backward_compatible_deserialization ... ok
[INFO] [stdout] test process_cache::tests::process_context_serialization_omits_none_fields ... ok
[INFO] [stdout] test process_cache::tests::process_create_inserts_and_sets_key ... ok
[INFO] [stdout] test process_cache::tests::process_key_format ... ok
[INFO] [stdout] test process_cache::tests::process_terminate_evicts_and_enriches ... ok
[INFO] [stdout] test process_cache::tests::sysmon_create_does_not_overwrite_etw_entry ... ok
[INFO] [stdout] test process_cache::tests::sysmon_only_mode_works_with_weak_keys ... ok
[INFO] [stdout] test process_cache::tests::sysmon_terminate_does_not_evict_etw_entry ... ok
[INFO] [stdout] test process_cache::tests::sysmon_terminate_evicts_sysmon_entry ... ok
[INFO] [stdout] test process_cache::tests::terminate_with_mismatched_create_time_does_not_evict ... ok
[INFO] [stdout] test process_cache::tests::registry_event_enriched ... ok
[INFO] [stdout] test process_cache::tests::unknown_pid_returns_no_context ... ok
[INFO] [stdout] test sensor::tests::sensor_disabled_collectors ... ok
[INFO] [stdout] test sensor::tests::sensor_tracks_collector_states ... ok
[INFO] [stdout] test sensor::tests::sensor_writes_final_health_event ... ok
[INFO] [stdout] test spool::tests::empty_dir ... ok
[INFO] [stdout] test spool::tests::fifo_ordering ... ok
[INFO] [stdout] test spool::tests::max_size_enforcement ... ok
[INFO] [stdout] test spool::tests::non_spool_files_ignored ... ok
[INFO] [stdout] test output::tests::http_sink_bearer_token ... ok
[INFO] [stdout] test pe::tests::first_exec_finds_upx0 ... ok
[INFO] [stdout] test spool::tests::write_and_read_roundtrip ... ok
[INFO] [stdout] test spool::tests::remove_decrements_bytes ... ok
[INFO] [stdout] test state::tests::concurrent_create_returns_existing_id ... ok
[INFO] [stdout] test state::tests::concurrent_persist_noclobber_race ... ok
[INFO] [stdout] test state::tests::creates_new_state_file ... ok
[INFO] [stdout] test state::tests::invalid_state_file_errors ... ok
[INFO] [stdout] test state::tests::creates_parent_directories ... ok
[INFO] [stdout] test output::tests::http_sink_spools_on_failure ... ok
[INFO] [stdout] test state::tests::reuses_existing_state ... ok
[INFO] [stdout] test output::tests::http_sink_drain_stops_on_failure ... ok
[INFO] [stdout] test spool::tests::open_resumes_from_existing_files ... ok
[INFO] [stdout] test output::tests::create_sink_http ... ok
[INFO] [stdout] test output::tests::http_sink_flush_sends_partial ... ok
[INFO] [stdout] test sensor::tests::sensor_health_disabled_still_emits_final ... ok
[INFO] [stdout] test output::tests::http_sink_drains_spool_on_recovery ... ok
[INFO] [stdout] test output::tests::http_sink_spool_full_falls_back_to_drop ... ok
[INFO] [stdout] test output::tests::http_sink_configurable_retry_count ... ok
[INFO] [stdout] test output::tests::http_sink_retries_on_failure ... ok
[INFO] [stdout] test output::tests::http_sink_dropped_events_tracks_batch_count ... ok
[INFO] [stdout] test output::tests::http_sink_custom_headers ... ok
[INFO] [stdout] test output::tests::http_sink_no_spool_preserves_drop_behavior ... ok
[INFO] [stdout] test output::tests::http_sink_errors_after_retries ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 360 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 1.66s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/cli.rs (/opt/rustwide/target/debug/deps/cli-461cbc6fcb31c966)
[INFO] [stdout] 
[INFO] [stdout] running 142 tests
[INFO] [stdout] test alert_stdin_exits_on_eof ... ok
[INFO] [stdout] test alert_stdin_detects_lolbin ... ok
[INFO] [stdout] test alert_help ... ok
[INFO] [stdout] test bundle_to_stdout ... ok
[INFO] [stdout] test bundle_help ... ok
[INFO] [stdout] test bundle_to_zip ... ok
[INFO] [stdout] test alert_webhook_help ... ok
[INFO] [stdout] test explain_event_not_found ... ok
[INFO] [stdout] test dump_default_config_is_valid_toml ... ok
[INFO] [stdout] test explain_help ... ok
[INFO] [stdout] test explain_help_shows_json_flag ... ok
[INFO] [stdout] test dump_default_config ... ok
[INFO] [stdout] test bundle_to_file ... ok
[INFO] [stdout] test explain_json_output ... ok
[INFO] [stdout] test explain_no_index_pid_fallback_no_process_context ... ok
[INFO] [stdout] test help_flag ... ok
[INFO] [stdout] test help_shows_alert_subcommand ... ok
[INFO] [stdout] test explain_shows_event_detail ... ok
[INFO] [stdout] test help_shows_index_subcommand ... ok
[INFO] [stdout] test explain_indexed_pid_fallback_no_process_context ... ok
[INFO] [stdout] test help_shows_inspect_subcommand ... ok
[INFO] [stdout] test alert_webhook_posts_to_server ... ok
[INFO] [stdout] test help_shows_ioc_subcommand ... ok
[INFO] [stdout] test help_shows_hunt_subcommand ... ok
[INFO] [stdout] test help_shows_score_subcommand ... ok
[INFO] [stdout] test help_shows_subcommands ... ok
[INFO] [stdout] test help_shows_tree_subcommand ... ok
[INFO] [stdout] test help_shows_stats_subcommand ... ok
[INFO] [stdout] test alert_webhook_failure_does_not_crash ... ok
[INFO] [stdout] test hunt_default_lolbin_not_in_custom_config ... ok
[INFO] [stdout] test help_shows_tail_subcommand ... ok
[INFO] [stdout] test hunt_beaconing ... ok
[INFO] [stdout] test hunt_empty_file ... ok
[INFO] [stdout] test hunt_help ... ok
[INFO] [stdout] test hunt_invalid_rule_rejected ... ok
[INFO] [stdout] test hunt_json_output ... ok
[INFO] [stdout] test hunt_no_false_positives_normal_process ... ok
[INFO] [stdout] test hunt_pid_reuse_suspicious_parent_correct_attribution ... ok
[INFO] [stdout] test hunt_pid_reuse_unsigned_dll_correct_process ... ok
[INFO] [stdout] test hunt_pid_reuse_beaconing_separate_instances ... ok
[INFO] [stdout] test hunt_rule_filter ... ok
[INFO] [stdout] test hunt_lolbin ... ok
[INFO] [stdout] test hunt_suspicious_parent ... ok
[INFO] [stdout] test hunt_suspicious_parent_out_of_order_events ... ok
[INFO] [stdout] test hunt_unsigned_dll ... ok
[INFO] [stdout] test hunt_uses_config_lolbins ... ok
[INFO] [stdout] test index_help ... ok
[INFO] [stdout] test index_build_creates_index_file ... ok
[INFO] [stdout] test help_shows_replay_subcommand ... ok
[INFO] [stdout] test explain_prefix_match ... ok
[INFO] [stdout] test inspect_help ... ok
[INFO] [stdout] test inspect_invalid_pe ... ok
[INFO] [stdout] test inspect_malformed_import_table_warns ... ok
[INFO] [stdout] test inspect_missing_file ... ok
[INFO] [stdout] test install_service_conflicts_with_stdout ... ok
[INFO] [stdout] test inspect_shows_pe_info ... ok
[INFO] [stdout] test hunt_config_case_insensitive ... ok
[INFO] [stdout] test inspect_json_output ... ok
[INFO] [stdout] test index_rebuild_reindexes ... ok
[INFO] [stdout] test ioc_deduplicates_by_count ... ok
[INFO] [stdout] test install_service_rejected_on_non_windows ... ok
[INFO] [stdout] test ioc_extracts_ips_and_domains ... ok
[INFO] [stdout] test ioc_extracts_hashes ... ok
[INFO] [stdout] test ioc_empty_file ... ok
[INFO] [stdout] test ioc_invalid_type_rejected ... ok
[INFO] [stdout] test ioc_help ... ok
[INFO] [stdout] test query_filter_by_category ... ok
[INFO] [stdout] test ioc_json_output ... ok
[INFO] [stdout] test query_filter_by_contains ... ok
[INFO] [stdout] test query_filter_by_rule_id ... ok
[INFO] [stdout] test query_empty_file ... ok
[INFO] [stdout] test query_filter_by_from_to ... ok
[INFO] [stdout] test query_filter_by_source_evasion ... ok
[INFO] [stdout] test ioc_type_filter ... ok
[INFO] [stdout] test query_filter_by_severity ... ok
[INFO] [stdout] test query_filter_by_source_etw ... ok
[INFO] [stdout] test query_help_shows_new_flags ... ok
[INFO] [stdout] test query_missing_file ... ok
[INFO] [stdout] test query_help ... ok
[INFO] [stdout] test query_returns_matching_events ... ok
[INFO] [stdout] test query_since_alias_works ... ok
[INFO] [stdout] test query_no_index_flag_shown_in_help ... ok
[INFO] [stdout] test replay_empty_file ... ok
[INFO] [stdout] test alert_webhook_with_bearer_token ... ok
[INFO] [stdout] test replay_outputs_all_events_in_order ... ok
[INFO] [stdout] test replay_outputs_valid_jsonl ... ok
[INFO] [stdout] test query_with_index_returns_same_results ... ok
[INFO] [stdout] test query_no_index_forces_scan ... ok
[INFO] [stdout] test score_detection_events_add_points ... ok
[INFO] [stdout] test score_empty_file ... ok
[INFO] [stdout] test index_status_shows_health ... ok
[INFO] [stdout] test score_help ... ok
[INFO] [stdout] test score_limit_respected ... ok
[INFO] [stdout] test score_ranks_by_signals ... ok
[INFO] [stdout] test replay_stderr_shows_progress ... ok
[INFO] [stdout] test score_suspicious_parent_adds_points ... ok
[INFO] [stdout] test score_unsigned_dll_adds_points ... ok
[INFO] [stdout] test score_uses_config_weights ... ok
[INFO] [stdout] test service_and_output_conflict ... ok
[INFO] [stdout] test replay_help ... ok
[INFO] [stdout] test score_human_readable_output ... ok
[INFO] [stdout] test service_flag_rejected_on_non_windows ... ok
[INFO] [stdout] test stats_empty_file ... ok
[INFO] [stdout] test service_flags_shown_in_help ... ok
[INFO] [stdout] test service_and_stdout_conflict ... ok
[INFO] [stdout] test replay_pipe_to_alert_stdin ... ok
[INFO] [stdout] test stats_pid_reuse_separates_by_process_key ... ok
[INFO] [stdout] test stats_shows_detection_rules ... ok
[INFO] [stdout] test stats_json_output ... ok
[INFO] [stdout] test stdout_and_output_conflict ... ok
[INFO] [stdout] test stats_shows_summary ... ok
[INFO] [stdout] test stats_help ... ok
[INFO] [stdout] test stats_shows_time_range ... ok
[INFO] [stdout] test tail_help ... ok
[INFO] [stdout] test tree_help ... ok
[INFO] [stdout] test tree_leaf_process_has_no_descendants ... ok
[INFO] [stdout] test tree_json_output ... ok
[INFO] [stdout] test tree_pid_not_found ... ok
[INFO] [stdout] test tree_pid_reuse_ancestors_picks_correct_parent ... ok
[INFO] [stdout] test tree_pid_reuse_descendants_picks_correct_instance ... ok
[INFO] [stdout] test tree_shows_descendants ... ok
[INFO] [stdout] test uninstall_service_conflicts_with_service ... ok
[INFO] [stdout] test uninstall_service_rejected_on_non_windows ... ok
[INFO] [stdout] test validate_config_missing_file_errors ... ok
[INFO] [stdout] test validate_config_with_invalid_file ... ok
[INFO] [stdout] test validate_config_with_valid_file ... ok
[INFO] [stdout] test tree_shows_ancestors ... ok
[INFO] [stdout] test replay_with_speed_respects_timing ... ok
[INFO] [stdout] test version_flag ... ok
[INFO] [stdout] test tail_applies_filters ... ok
[INFO] [stdout] test tail_picks_up_appended_events ... ok
[INFO] [stdout] test tail_skips_existing_content ... ok
[INFO] [stdout] test alert_detects_lolbin ... ok
[INFO] [stdout] test alert_score_threshold ... ok
[INFO] [stdout] test alert_human_readable_output ... ok
[INFO] [stdout] test alert_detects_evasion ... ok
[INFO] [stdout] test alert_suspicious_parent_child_before_parent ... ok
[INFO] [stdout] test alert_uses_config_threshold ... ok
[INFO] [stdout] test alert_suspicious_parent ... ok
[INFO] [stdout] test tail_survives_file_rotation ... ok
[INFO] [stdout] test alert_dedup_suppresses_repeat ... ok
[INFO] [stdout] test alert_score_threshold_re_notifies_after_cooldown ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 142 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 8.01s
[INFO] [stdout] 
[INFO] running `Command { std: "docker" "inspect" "cc6e17b46106facf35fffe7228f3e52d8b3b488cf2691258a94f6d9949b2f1a6", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "cc6e17b46106facf35fffe7228f3e52d8b3b488cf2691258a94f6d9949b2f1a6", kill_on_drop: false }`
[INFO] [stdout] cc6e17b46106facf35fffe7228f3e52d8b3b488cf2691258a94f6d9949b2f1a6