New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/sys/windows/svc: EventType always 0 for SessionChange #25660
Comments
/cc @alexbrainman |
@cpowski I do not understand what your problem is. Please, provide full small program that I could run here. And tell me what your program does wrong. Thank you. Alex |
Hi @alexbrainman, the program I'm writing is a windows service that detects logon/off events. I've started with the windows service example in the golang docs. I've combined the 5 files from that project into one and shared it on play.golang.org. The example project does not handle
The rest of the file is unchanged from the sample project. Once built, the executable needs to be installed as as service and started with I log in/out of a test profile on my machine to trigger a session change event. In the logs I see this:
The I've tested on windows 10 and windows server 2008 r2 with the same result. I have a c++ service running on the same machines, with the same configuration/service account. It's doing the same thing and successfully receiving the event type. Let me know if you need any more info. |
Thank you. I will try and run it here.
I will need the source code for that service too. I have never written code that does something similar. So C++ example would be helpful for me to debug Go code. Thank you. Alex |
I have this same problem. What is important: when I build my sample service as 32 bit application everything works fine! EventType and EventData have valid values and I can for example read WTSSESSION_NOTIFICATION structure. So parameters are passed incorrectly only in 64 bit code: EventType is 0, EventData have value from EventType and pointer to WTSSESSION_NOTIFICATION is missing. |
I think you are wrong. Look at: https://msdn.microsoft.com/pl-pl/library/windows/desktop/ms683241%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 for SERVICE_CONTROL_SESSIONCHANGE EventType is one of WTS_CONSOLE_XXX values and EventData is a pointer to a WTSSESSION_NOTIFICATION structure. |
Any news ? I also noted problems in 32 bit application. In some cases sessionID is invalid (in my tests has value 4784210). |
I think I am having a similar issue and may have found a solution. For a The evtype value is always zero, the evdata value contains what should be stored in evtype and the context value stores the value which should be in evdata. After doing this, I can cast the returned value to a pointer to a WTSSESSION_NOTIFICATION structure and read the session ID from there.
I'm guessing this issue is specifically related to the Go assembly files since the parameters seem to have been shifted but unfortunately I am not familiar enough with it to spot the error. For reference I am using Go 1.10.7 amd64 on a fully updated Windows 10 machine. |
Maybe you are correct, and there is a bug here. Maybe Windows passes ctl and evtype parameters as 4 byte each, but Go function reserves 8 bytes for each argument. If that was broken forever, how would other services work? If someone can provide me with some reproducible example of this problem, that would make my investigation quicker. Thank you very much. Alex |
Thanks for the quick response! I have created a gist which contains two files. The first is a modified version of svc\example\service.go which has been changed to write two messages to the Application event log when a session change event occurs. The first log entry is a dump of the contents of the ChangeRequest structure and the second is the Session ID. The second file is a modified version of svc\service.go which is changed only to pass the context parameter through to the service example program. This is to show that it does have a value and appears to be pointing to a valid WTSSESSION_NOTIFICATION structure. After installing and starting the example service, to test I have been locking my session and then unlocking, this creates log entries similar to the following: As for why this has not been brought up before, I would imagine that not a lot of people are using the SessionChange notification in their services. But I could of course be wrong on that not having any real statistics to look at. I hope this helps, if you need anything more I am happy to try and assist as best I can. |
I can confirm that niallnsec sample shows problem. |
Thank you very much. I will see what I can do with that, when I have free time. Alex |
Change https://golang.org/cl/158698 mentions this issue: |
Change https://golang.org/cl/158697 mentions this issue: |
@cpowski, @Green7 and @niallnsec please test my change https://go-review.googlesource.com/c/sys/+/158698 Thank you. Alex |
It works for me. |
Thanks for the fix @alexbrainman |
Thanks for checking. Now we need to wait for review. Alex |
New Context field will be used in the following CL to test ctlHandler parameter alignments. Also adjust TestExample to pass hard coded Context value of 123456 to test service, and verify that correct value is logged. Final part of the test is commented out, and will be adjusted in the next CL. Updates golang/go#25660 Change-Id: Iad2896ae497ee1edc0d62655eaf08671ec2651c5 Reviewed-on: https://go-review.googlesource.com/c/158697 Run-TryBot: Alex Brainman <alex.brainman@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
What version of Go are you using (
go version
)?1.9.2
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?windows 10, windows server 2008 r2 / amd64
What did you do?
I'm writing a windows service using the example project found at:
https://github.com/golang/sys/tree/master/windows/svc/example
In the service
Execute
function I've addedAcceptSessionChange
to the accepted commands and added a case to the switch statement:These are the only changes made to the example project.
What did you expect to see?
EventType populated with status code indicating the event type, as described in:
https://msdn.microsoft.com/en-us/library/aa383828(v=vs.85).aspx
EventData populated with SessionID of event.
What did you see instead?
EventType is always
0
EventData is correct
The text was updated successfully, but these errors were encountered: