Prune orphaned-state DACL ACEs whose target no longer exists#517
Open
MGudgin wants to merge 1 commit into
Open
Prune orphaned-state DACL ACEs whose target no longer exists#517MGudgin wants to merge 1 commit into
MGudgin wants to merge 1 commit into
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR addresses repeated startup failures in Windows DACL recovery by pruning orphaned DACL-state ACE entries when the target path is confirmed missing, preventing perpetual PATH_NOT_FOUND retries. It also adds reporting so the recovery diagnostic distinguishes “restored” vs “pruned (missing)” ACEs, and includes a unit test for the missing-target pruning behavior.
Changes:
- Prune orphaned-state ACE entries when
try_exists() == Ok(false), including a re-check after a failed restore attempt to handle delete-during-recovery races. - Extend
RecoveryReportwithaces_pruned_missingand surface it in thewxcstartup recovery log line. - Add a unit test ensuring missing-target ACEs are pruned (not treated as errors) and fully-pruned state files are removed.
Show a summary per file
| File | Description |
|---|---|
| src/core/wxc/src/main.rs | Updates the startup “DACL recovery” diagnostic to include the count of pruned missing-target ACEs. |
| src/core/wxc_common/src/filesystem_dacl.rs | Implements pruning logic for missing targets, adds reporting via RecoveryReport, and adds a unit test covering the new behavior. |
Copilot's findings
- Files reviewed: 2/2 changed files
- Comments generated: 0
This PR fixes a perpetual DACL-recovery error: recover_orphaned_state() retained any ACE whose restore failed, including ACEs whose target path was already gone, so every startup re-attempted the restore and failed with PATH_NOT_FOUND forever. Details * Prune an ACE when its target is confirmed missing (try_exists() == Ok(false)); an ambiguous Err (e.g. access denied) is still retried, with a re-check after a failed restore to cover the delete-during-recovery race. * Add RecoveryReport.aces_pruned_missing and surface the count in the recovery diagnostic line. Tests * New unit test: a dead-pid orphan whose ACE targets a missing path is pruned rather than errored, and the fully-pruned state file is removed. * cargo check -p wxc passed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
MGudgin
force-pushed
the
user/gudge/dacl-prune-orphaned-aces
branch
from
24be88c to
c06110d
Compare
Member
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR fixes a perpetual DACL-recovery error:
recover_orphaned_state()retained any ACE whose restore failed, including ACEs whose target path was already gone, so every startup re-attempted the restore and failed withPATH_NOT_FOUNDforever.Details
try_exists() == Ok(false)); an ambiguousErr(e.g. access denied) is still retried, with a re-check after a failed restore to cover the delete-during-recovery race.RecoveryReport.aces_pruned_missingand surface the count in the recovery diagnostic line.Tests
cargo check -p wxcpassed.