[darcs-devel] [issue1461] case-folding can lead to working directory corruption

Ganesh Sittampalam bugs at darcs.net
Sat Jul 13 13:10:29 UTC 2019


Ganesh Sittampalam <ganesh at earth.li> added the comment:

On 13/07/2019 12:49, Ben Franksen wrote:
> 
> Ben Franksen <ben.franksen at online.de> added the comment:
> 
>>>>  - We probably can't protect against all possible failures. 
>>>> Reordering patches could lead to invalid states being created even 
>>>> when a particular linearisation of the repository looked fine.
>>>
>>> I don't believe this is so. [...]
>>
>> The kind of example I had in mind was this:
>>
>> patch 1: add a
>> patch 2: rm a
>> patch 3: add A
>>
>> now unpull 2.
> 
> OMG I feel so stupid. Yes, this could only be avoided if we make it a
> global property i.e. you cannot 'add A' if there is an 'add a'
> /anywhere/ in the repo (and likewise with move).

And you also can never merge a repo that ever created 'a' with a repo
that ever created 'A'.

>> I'd be surprised if both of the following worked without special care:
>>
>> atomic patch containing rm A ; add a
>> atomic patch containing add a ; rm A
> 
> Given your refutation, rather than adding this kind of complexity and
> not even gaining full safety, I think the better solution is the global
> property. That would mean we forbid a "patch that both removes A and
> creates a (or renames A to a)". This is straight forward to implement
> and fully safe, unless the user expressly overrides it with a command
> line option as I proposed before.

I think that as it happens all these specific cases (atomic patches that
add a and remove A, or one that moves A to a) are perfectly safe. The
atomicity of the patches guarantees they are never both present no
matter what the patch ordering.

I've run into situations in practice where fixing the case of files on
Windows was important, e.g. because a project name is determined by the
exact name of the project file (including its case).

Of course this would only ever be an optional warning so we don't have
to get it perfect. But my preference would be to err on the side of
making case changes in a repo pleasant, compared to guarding against the
much less likely case of commuting generating a dangerous repo.

TBH I'm probably one of the very few darcs users on Windows and I am not
desperate for this feature, so it's unlikely to be much of a development
priority in any case.

Ganesh

__________________________________
Darcs bug tracker <bugs at darcs.net>
<http://bugs.darcs.net/issue1461>
__________________________________


More information about the darcs-devel mailing list