More file system function improvements#15244
Open
Ericson2314 wants to merge 2 commits into
Open
Conversation
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
from
13edb5e to
35e7906
Compare
|
🎉 All dependencies have been resolved ! |
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
7 times, most recently
from
c3e9b54 to
eaf0a71
Compare
xokdvium
reviewed
Feb 18, 2026
xokdvium
reviewed
Feb 18, 2026
xokdvium
reviewed
Feb 18, 2026
xokdvium
reviewed
Feb 18, 2026
xokdvium
reviewed
Feb 18, 2026
xokdvium
reviewed
Feb 18, 2026
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
3 times, most recently
from
7c98970 to
1c9afd4
Compare
github-actions
Bot
added
new-cli
Ericson2314
changed the title
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
2 times, most recently
from
485ad45 to
0405c86
Compare
xokdvium
reviewed
Feb 18, 2026
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
2 times, most recently
from
3ef6142 to
c3003a2
Compare
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
4 times, most recently
from
d48824a to
c1c4646
Compare
xokdvium
reviewed
Feb 27, 2026
Comment on lines
495
to
496
| if (std::filesystem::exists(destDir)) | ||
| throw Error("cannot clone into existing path %s", PathFmt(destDir)); |
Contributor
There was a problem hiding this comment.
Doesn't this prevent the case where the destination exists and is a symlink?
Contributor
There was a problem hiding this comment.
Ah right, it follows symlinks. We should add a test for this I suppose
xokdvium
reviewed
Feb 27, 2026
xokdvium
reviewed
Feb 27, 2026
Comment on lines
-180
to
-181
| /* O_EXCL together with O_CREAT ensures symbolic links in the last | ||
| component are not followed. */ |
Contributor
There was a problem hiding this comment.
Can we leave this comment in place?
xokdvium
reviewed
Feb 27, 2026
xokdvium
reviewed
Feb 27, 2026
xokdvium
reviewed
Feb 27, 2026
xokdvium
reviewed
Feb 27, 2026
xokdvium
reviewed
Feb 27, 2026
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
2 times, most recently
from
bc44c1b to
f28c385
Compare
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
5 times, most recently
from
959f0f5 to
1430607
Compare
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
4 times, most recently
from
eb72105 to
75abe59
Compare
xokdvium
reviewed
Apr 12, 2026
| outcome::unchecked<AutoCloseFD, std::error_code> | ||
| openDirectoryAt(Descriptor dirFd, const std::filesystem::path & path, bool create, mode_t mode) | ||
| { | ||
| assert(path.is_relative()); |
Contributor
There was a problem hiding this comment.
There's a slight regression there that the path can now contain ... That shouldn't regress I think?
| } | ||
|
|
||
| OsString readLinkAt(Descriptor dirFd, const CanonPath & path) | ||
| OsString readLinkAt(Descriptor dirFd, const std::filesystem::path & path) |
Contributor
There was a problem hiding this comment.
I'm not sure we want to use std::filesystem::path for these functions. Maybe OsCanonPath or something?
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
from
75abe59 to
ca13d43
Compare
Both are newtype around `std::filesystem::path`s. `OsFilename` is a single filename that is not something special like `.` or `..`, and `OsCanonPath` is for canonical relative paths suitable for `openat` and Windows NT equivalents. `OsCanonPath` provides an iterator yielding `OsFilename` references for each component, and four `operator/` overloads covering all combinations of `OsCanonPath` and `OsFilename`. Convert `readLinkAt`, `openFileEnsureBeneathNoSymlinks`, and `unix::fchmodatTryNoFollow` from `const CanonPath &` to `const OsCanonPath &`. Existing call sites work via implicit `CanonPath -> OsCanonPath` conversion. Change `SymlinkNotAllowed::path` from `CanonPath` to `std::variant<CanonPath, std::filesystem::path>`, with constructor overloads for both types including template variants for custom error messages. `writeBuilderFile` now takes `OsFilename` instead of `const std::string &`, which implicitly converts to `OsCanonPath` for `openFileEnsureBeneathNoSymlinks`, replacing the manual `std::filesystem::path` normalization assertion.
Use `OsCanonPath` and `OsFilename` throughout the `*At` functions and their callers, replacing both `CanonPath` and `std::filesystem::path` parameters. - FD-based symlink creation on Unix and Windows with wrappers (`createFileSymlinkAt`, `createDirectorySymlinkAt`, `createUnknownSymlinkAt`), all taking `OsCanonPath`. Windows distinguishes between file and directory symlinks. Directory symlinks can be traversed as path components, file symlinks cannot. `createUnknownSymlinkAt` opens the symlink's parent directory and tries to open the target with `FILE_DIRECTORY_FILE` to determine if it's a directory, with `fstat` as defense in depth. This avoids relying on `descriptorToPath` which doesn't work correctly in Wine. `createUnknownSymlinkAt` is a poor solution, and a replacement for NARs should be careful to store enough information to avoid needing it at unpack time, but it is the best we can do for now. - Make `RestoreSink` more cross-platform: use `openDirectoryAt` for directory creation, `createUnknownSymlinkAt` for symlinks, and `openFileEnsureBeneathNoSymlinks` for intermediate paths on both Unix and Windows. Remove the Windows-only `std::filesystem` / `CreateFileW` / `nix::createSymlink` code paths that bypassed fd-based symlink safety. `getParentFdAndName` now returns `OsFilename` instead of `CanonPath`. - Validate `OsCanonPath` uses preferred separators on Windows (no forward slashes). Remove `lexically_normal().make_preferred()` calls from Windows `*At` implementations, since `OsCanonPath` now guarantees native separators. - Fix Wine `openFileEnsureBeneathNoSymlinks` final-component handling: check for symlinks on `ERROR_DIRECTORY` (suspected Wine-specific behavior when opening directory symlinks with `FILE_OPEN_REPARSE_POINT | FILE_DIRECTORY_FILE`). - Fix Windows error propagation in `openFileEnsureBeneathNoSymlinks`: call `SetLastError(lastError)` before returning an invalid handle, so that callers can inspect the Win32 error code. Previously the NTSTATUS was converted via `RtlNtStatusToDosError` but never stored, so `GetLastError()` returned 0. - Add `ThrowsWinError` gmock matcher. Use `NativeSysError` in test helpers so the right exception type is thrown per platform. - Update tests to use `OsFilename`/`CanonPath` instead of bare `std::filesystem::path` for `*At` function calls. Co-authored-by: Sergei Zimmerman <sergei@zimmerman.foo>
Ericson2314
force-pushed
the
windows-fs-sink-fixes
branch
from
ca13d43 to
e17a8ea
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
It keeps growing bigger and bigger! See the commit message