Hi, On Tue, 28 Jan 2020, Derrick Stolee wrote: > On 1/28/2020 12:21 AM, Elijah Newren wrote: > > On Sun, Jan 26, 2020 at 6:09 AM Derrick Stolee <stolee@xxxxxxxxx> wrote: > >> > >> On 1/25/2020 3:59 PM, Elijah Newren wrote: > >>> On Fri, Jan 24, 2020 at 7:41 AM Derrick Stolee <stolee@xxxxxxxxx> wrote: > >>>> I'm CC'ing Elijah because he also made changes to dir.c, and > >>>> perhaps he has some idea of what's going on. > >>> > >>> If you think it might be related to the dir.c changes, I can take a > >>> look. I don't have any immediate ideas off the top of my head. > >> > >> The only thing I can think of is that these paths are already > >> marked as sparse, but something is requiring us to test if the > >> path can be created with the filesystem. I'll try to debug > >> more into exactly where that is. It's telling that this happens > >> both in cone mode and without. > > > > Yeah, I'll take a look. The exponentially slow 'status --ignored' > > report is forcing me to look at dir.c again anyway, though it's also > > delaying me from getting a chance to look at this particular report. > > I made some progress, at least, in root-causing the issue. > The problem bisects down to 4dc42c6c1 (mingw: refuse paths > containing reserved names, 2019-12-21) [1]. CC'ing Dscho. > > That commit updates is_valid_win32_path() to fail on these > paths. We were _already_ calling this method even for paths > outside the sparse cone, but the method didn't fail for these > examples. > > This means the fix is probably even more complicated: we need > to not call this method when traversing paths that have the > skip-worktree bit enabled. This may lead to some tiny > performance gains when hydrating a very small fraction of a > very large index. Hmm. I am actually not sure that this would be a fix. It is all too easy for a skip-worktree entry to become checked out (think e.g. a merge conflict in a cherry-pick, during a three-way merge of a file that is not in the cone but still needs to be handled). My preferred solution for this issue would be for the files/directories to be renamed using `git -c core.protectntfs=false mv <reserved-name> <non-reserved-name>`. I think if we try to play extra games with the skip-worktree bit, we risk opening a vulnerability again. Ciao, Dscho > > Thanks, > -Stolee > > [1] http://github.com/git/git/commit/4dc42c6c1867a52e22f1f04a1a247b5a7538b8af >
