-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug: LocalFree #1557
Comments
I understand the sentiment, it's certainly an odd use case.
Some find it useful to catch invalid handle errors. The way I think it would as simple as a 1 character change to conform to the -::windows_core::imp::then(!result__.is_invalid(), || result__).ok_or_else(::windows_core::Error::from_win32)
+::windows_core::imp::then(result__.is_invalid(), || result__).ok_or_else(::windows_core::Error::from_win32) |
Sure, but the code is generated from metadata and I prefer to influence this through the metadata if needed. https://kennykerr.ca/rust-getting-started/how-are-crates-built.html |
Perhaps the metadata generation isn't aware of SAL? With all due respect, I believe instances like this should be labeled as "bugs"/"tooling defects"/etc. The work here is already adopted by many and Microsoft should ensure correctness. Dismissing or ignoring the these types of problems are going to reach a critical mass and will reflect poorly on Microsoft+Rust. |
If the metadata marks the function as |
Should this be marked with |
Sure, I don't recall the difference between these two attributes. |
Either works for me. I just treat them all as "don't transform signature" in Rust, but I guess "CanReturnErrorsAsSuccess" sounds like its closest to the intent here. @riverar may have a better answer as he invented this distinction. |
This API returns a handle, not an error code, and we annotate the invalid handle values. So it's not clear what metadata changes are needed here. Looks like a crate bug?
Edit: Am re-reading microsoft/windows-rs#2392 maybe I missed something. |
I see, this API is a mutant and returns invalid handles on success. That's unfortunate. Agree, |
At times you don't know the handle is invalid or corrupt until you pass it to an API to do something with it. The user of the API has no insight, really, into the internal handle table. Yes, 0 and -1 are "invalid". But failure on a rogue handle can't be known until it crosses the API boundary and is inspected by the component owning the handle table. |
Also, I hate to be pedantic here, but accuracy for this project matters. And technically...
|
Let's consider it in the abstract. Any handle on the system is subject to being manipulated by another process or the kernel. A handle in a process can be closed by a separate process that isn't the one who owns it. Or, an even simpler case of a closing a handle twice. These are situations where error codes should be propagated clearly such that bugs have visibility and not receiving a correct error code can be detrimental for visibility and debug-ability of any system. |
Not quite. Acceptance of invalid handle values does not make the handles valid. It just means the API accepts invalid handles and handles them in the documented manner. |
Thanks for taking care of this issue @mikebattista. @riverar I think my point is being overlooked, I may have done a poor job at expressing it.
Yes, that's what I said. Perhaps the quotes didn't read the way I intended them to... The point I'd like to make clear: SAL an excellent source of documentation (usually better than MSDN). Everything you need to know about the input and output of the API is right on the signature. And from what I've gathered the metadata doesn't take that into account. It should. Regardless, I appreciate everyone's effort. Thank you. |
We process SAL annotations that ClangSharp scrapes. It doesn't scrape them in this case. @tannergooding FYI. |
Agreed. We do some minimal handling of some SAL variants in win32metadata, but there's certainly room for improvement. I believe clangsharp spits out all the raw data we need, we just need to build a SAL lexer/parser. |
No it's not scraping |
I stumbled upon this issue as I ran into the same behavior that jxy-s reported (thank you!) but according to the above conversations; it seems like this is fixed?
I ran into this with the latest Cheers |
Looks like commit 2047b58 is part of v54.0.44-preview. windows-rs 0.51.1 is still on 53.x https://github.com/microsoft/windows-rs/tree/0.51.1/crates/libs/bindgen/default |
That makes sense - thanks for the details, I'll wait patiently for a new
release :)
Cheers
…On Mon, Aug 21, 2023 at 9:30 PM Rafael Rivera ***@***.***> wrote:
Looks like commit 2047b58
<2047b58>
is part of v54.0.44-preview. windows-rs 0.51.1 is still on 53.x
https://github.com/microsoft/windows-rs/tree/0.51.1/crates/libs/bindgen/default
—
Reply to this email directly, view it on GitHub
<#1557 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIOROHKSHF25PEFZIG35LXWQYVZANCNFSM6AAAAAAXS6Z4OA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
@0vercl0k I think in the interim, we can get that merged into the master branch soon (today?) so you can point to the repository in your Cargo.toml. |
I'd love that - if you end up making this happen let me know and I'll be
happy to try it out!
Cheers
…On Tue, Aug 22, 2023 at 8:39 AM Rafael Rivera ***@***.***> wrote:
@0vercl0k <https://github.com/0vercl0k> I think in the interim, we can
get that merged into the master branch soon (today?) so you can point to
the repository in your Cargo.toml.
—
Reply to this email directly, view it on GitHub
<#1557 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIORM6NQCAY7I4SVB3AGTXWTHDVANCNFSM6AAAAAAXS6Z4OA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Ah, Rust is currently blocked waiting for 1b2ffca to make its way to a release. cc: @mikebattista for awareness |
First, apologies for bumping this old thread. Maybe I am missing something, but I expected the new What am I missing 😅? Cheers |
We haven't brought in the new metadata yet on the Rust side, apologies. There's a known issue with the current metadata that is blocking our ingest, and we're waiting for the next metadata release. |
I see, bummer :( Thank you for letting me know!
Cheers
…On Sat, Dec 2, 2023 at 5:43 PM Rafael Rivera ***@***.***> wrote:
We haven't brought in the new metadata yet on the Rust side, apologies.
There's a known issue with the current metadata that is blocking our
ingest, and we're waiting for the next metadata release.
—
Reply to this email directly, view it on GitHub
<#1557 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIORKWOD42YZITISFCFTDYHNLDDAVCNFSM6AAAAAAXS6Z4OCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMZXGE4TSMJVHA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
@riverar we released an update 3 weeks ago that contains this fix. Or are you blocked on something else? |
@mikebattista The latest release has the LsaRegisterLogonProcess change (#1735) that was reverted hours later that didn't make it into that release. So we don't want to release a new Rust crate with that bug in it. |
There's no further changes there. It was reverted by design since Reserved wasn't appropriate. |
@mikebattista Ah, there was some confusion here because the release notes still have the change listed. So it didn't look like the revert made it in. But looking at GitHub, it did! https://github.com/microsoft/win32metadata/commits/v56.0.13-preview We'll get the wheels spinning on the Rust side, thanks for the ping. |
Excellent. Glad you're unblocked. |
Rafael, let me know if there is / when there is an issue or something I can
subscribe to to follow the work :)
Thank you all!
…On Tue, Dec 5, 2023 at 9:52 PM Mike Battista ***@***.***> wrote:
Excellent. Glad you're unblocked.
—
Reply to this email directly, view it on GitHub
<#1557 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIORJBUZINAZSX2CDPTSDYH6CR3AVCNFSM6AAAAAAXS6Z4OCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBRGU4TIMJWGY>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Will do momentarily! |
@0vercl0k PR for updating crate metadata microsoft/windows-rs#2724, if all goes well should have that in today. |
Amazing, thank you so much Rafael 🙏 |
Reopening. |
We had a long discussion about these attributes and PreserveSig at #1315. I'm not sure PreserveSig is correct here based on that discussion. |
@mikebattista In this case, the API doesn't return an error code or HRESULT, but rather a handle, so I think both of the attributes are off the table. This one appears to need real (Recall |
Which crate is this about?
windows
Crate version
master
Summary
LocalFree
has incorrect error handling.LocalFree
returnsNULL
on success. This will return an error whenLocalFree
succeeds:https://github.com/microsoft/windows-rs/blob/2e7f99d9ca80bb8f1216db7964062daf42e80158/crates/libs/windows/src/Windows/Win32/System/Memory/mod.rs#L465-L472
Toolchain version/configuration
No response
Reproducible example
No response
Crate manifest
No response
Expected behavior
No response
Actual behavior
No response
Additional comments
No response
The text was updated successfully, but these errors were encountered: