Skip to main content

Manifest destiny

In a previous blog I wrote about the perils of auto-updating the EVE launcher on Windows when it is installed in Program Files - a protected folder - as it would elevate the process. Due to a bug (that's now been fixed) the launcher would then also start elevated after the update. Any files it would write in that elevated sessions would be owned by the administrator - subsequent launcher sessions where the launcher was started regularly would not be able to overwrite those files.

To further complicate matters we were occasionally getting reports of the client reporting damaged files even when the launcher seemed to be downloading and staging files successfully.

Protecting system files

This turned out be due to a very helpful feature of Windows, actually going back to Vista, when the UAC was introduced. When a legacy application wants to create a file in a protected location where it does not have write permissions, Windows will open a file in the Virtual Store folder, rather than letting the file create operation fail. When reading files, Windows will look in the Virtual Store first, so for many applications this will probably work fine.

The drawback to this helpful feature is that it can be downright confusing. Let's say we have an application that checks in the folder where the application lives for a file called myfile.txt. If it exists, it reads the file and displays the contents. If it doesn't exist, it prompts you for some text and writes to the file. Just to make this a bit more concrete, I've put this program up on github if you want to test this for yourself.

Show me

Put this application under C:\Program Files\TestVirtualStore. Run the app, it tells you the file C:\Program Files\TestVirtualStore\myfile.txt does not exist, prompts you for some text and proceeds to writing the file. You look in C:\Program Files\TestVirtualStoreand there is no file called myfile.txt there. You run the application again - this time it reads from the file myfile.txt and succeeds, showing you the text you typed earlier.

If you run the same application again, this time as administrator, it will again tell you the file does not exist. Type in some text for the application to write - make sure it is different from before. You look in C:\Program Files\MyApp again and lo and behold, the file is there.

Now run again normally (not as administrator) - you will see the original text displayed again. Where was it saved? In a folder called VirtualStore under %LOCALAPPDATA%. The virtual store kicks in when a legacy application wants to write to a protected folder but can't due to lack of permissions. This means that the application gets a different view of the world depending on whether it is run normally or as administrator. I find that somewhat confusing, to say the least.

Now I'm confused...

Let's look at another example, this time writing to C:\ProgramData\TestVirtualStore\myfile.txt. Normally, writing to ProgramData is allowed, but if the permissions of C:\ProgramData\TestVirtualStore do not allow writing, the VirtualStore kicks in again, with the same behavior as for Program Files. The same goes for permissions of individual files - if a file ends up there owned by the administrator, a regular launcher session would simply write a file to the VirtualStore instead. This time finding the file is obscured even further by the fact that ProgramData is a hidden folder - you won't see it unless you have view hidden files enabled in the Explorer.

Just to add to this perfect storm of events, the Windows 10 update would in some cases mess up the permissions of the ProgramData folder.

What is your legacy?

So why was this an issue for the launcher? Surely it's not a legacy application? Well, by definition it was, due to an unfortunate oversight. A legacy application is defined as 32-bit, not running with administrative privileges and not including a Windows manifest file. This is where I messed up - I forgot to include a manifest when setting up the EVE launcher project. Normally when starting up new project in Visual Studio it will include a manifest by default - in fact, I had to explicitly remove it when setting up the sample programs used above. The launcher is a Qt project, and it does not include a manifest by default - I had to add it explicitly. This blog here has a good description of how to do it for Qt projects.

If the launcher was a standalone program this probably wouldn't have been an issue, aside from sometimes seeing files and sometimes not, depending on whether you ran as administrator or not. The problem is that the launcher is staging files for the EVE client to use, and the EVE client was already set up with a manifest file so it was not classified as a legacy application. If the launcher ended up writing any files to the VirtualStore the client would never see those files, and worse still, it might see a different version of a file than what the launcher would see.

Don't forget your manifest

The moral of the story - make sure your Windows application has a manifest!


Popular posts from this blog

Mnesia queries

I've added search and trim to my expiring records module in Erlang. This started out as an in-memory key/value store, that I then migrated over to using Mnesia and eventually to a replicated Mnesia table. The fetch/1 function is already doing a simple query, with match_object. Result=mnesia:match_object(expiring_records, #record{key=Key, value='_', expires_at='_'}, read) The three parameters there are the name of the table - expiring_records, the matching pattern and the lock type (read lock). The fetch/1 function looks up the key as it was added to the table with store/3. If the key is a tuple, we can also do a partial match: Result=mnesia:match_object(expiring_records, #record{key= {'_', "bongo"}, value='_', expires_at='_'}, read) I've added a search/1 function the module that takes in a matching pattern and returns a list of items where the key matches the pattern. Here's the test for the search/1 function: search_partial_…

Replicated Mnesia

I'm still working on my expiring records module in Erlang (see here and here for my previous posts on this). Previously, I had started using Mnesia, but only a RAM based table. I've now switched it over to a replicated disc based table. That was easy enough, but it took a while to figure out how to do, nonetheless. I had assumed that simply adding ... {disc_copies, [node()]} ... to the arguments to mnesia:create_table would be enough. This resulted in an error: {app_test,init_per_testcase, {{badmatch, {aborted, {bad_type,expiring_records,disc_copies,nonode@nohost}}}, ... After some head-scratching and lots of Googling I realized that I was missing a call to mnesia:create_schema to allow it to create disc based tables. My tests for this module are done with common_test so I set up a per suite initialization function like this: init_per_suite(Config) ->mnesia:create_schema([node()]), mnesia:start(…

Optimizing Wine on OS X

I've been doing some performance analysis of EVE running under Wine on OS X. My main test cases are a series of scenes run with the EVE Probe - our internal benchmarking tool. This is far more convenient than running the full EVE client, as it focuses purely on the graphics performance and does not require any user input.

Wine Staging One thing I tried was to build Wine Staging. On its own, that did not really change anything. Turning on CSMT, on the other hand, made quite a difference, taking the average frame time down by 30% for the test scene I used. While the performance boost was significant there were also significant glitches in the rendering, with parts of the scene flickering in and out. Too bad - it means I can't consider this yet for EVE, but I will monitor the progress of this. OpenGL Profiler Apple has the very useful OpenGL profiler available for download. I tried running one of the simpler scenes under the profiler to capture statistics on the OpenGL calls mad…