0

I am using ExamDiff Pro with git for Windows under Windows 10.

When I run git difftool --dir-diff <branch1> <branch2>, the directory comparison screen of EDP is brought up, showing the different files, but then I start getting popups that the files have changed, prompting me to recompare.

I don't know if the problem is with my git settings (below), with ExamDiff or with Windows.

[core]
    autocrlf = true
    fscache = true
    symlinks = false
    useBuiltinFSMonitor = true
    compression = 0

[diff]
    tool = edp
    guitool = edp

[difftool "edp"]
    path = "C:\\Program Files\\ExamDiff Pro\\ExamDiff.exe"
    cmd = "\"C:\\Program Files\\ExamDiff Pro\\ExamDiff.exe\" \"$LOCAL\" \"$REMOTE\" -nh -r2"
    trustExitCode = false
Alex O
  • 1,429
  • 2
  • 13
  • 20
  • First, note that `git diff` never compares *branches*. It only compares *commits*. So `git diff`, or `git difftool` (which uses the same internals), just turns the two branch names into two commit hash IDs, and then proceeds from there. – torek Feb 14 '22 at 04:07
  • Now, with that in mind, remember that the `--dir-diff` option pushes *all* the work off to the diff tool itself: Git just extracts the two commits to be compared into two temporary directories, and then sends the names of the two directories to the diff tool. So everything that shows up from the moment the diff tool starts, until the entire `git difftool` command finishes, is because of the tool. – torek Feb 14 '22 at 04:08
  • Why your tool thinks the files are changing—whether they are or not—is a matter for the tool and the OS, so you're on the right track looking at both examdiff and Windows-10. Git, at this point, is just waiting for `examdiff` to exit and return control to Git itself. Git will then remove the two temporary directories to clean up after itself. If the tool exits prematurely, that will tell Git that the comparison is done, and Git will remove the temporary directories, so if *that* is what is happening, you have a badly behaved tool. – torek Feb 14 '22 at 04:10

1 Answers1

0

I figured out what is going on.

I used the SysInternals Process Monitor to see what processes access the files. Turned out that the files are accessed by two processes: Windows Defender and (obviously) ExamDiff.

What happens is that once git copies the files to the temp folder, Windows Defender starts scanning them in the background.

Now and antivirus shouldn't modify the files that it scans, but apparently it does, by changing the files' extended attributes:

MsSense.exe,6168,SetEAFile,C:\Temp\git-difftool.a35220\right\Dir1\Dir2\Dir3\File.cpp,SUCCESS,

This should not affect the comparison in any way, but apparently it triggers the directory change notification

ExamDiff.exe,22236,NotifyChangeDirectory,C:\Temp\git-difftool.a35220\right,SUCCESS,"Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME, FILE_NOTIFY_CHANGE_ATTRIBUTES, FILE_NOTIFY_CHANGE_SIZE, FILE_NOTIFY_CHANGE_LAST_WRITE, FILE_NOTIFY_CHANGE_CREATION, FILE_NOTIFY_CHANGE_SECURITY"

And there we have it: ExamDiff is listening for directory changes (either file contents or metadata) in order to alert the user that the directory has changed. It doesn't care about the NTFS extended attributes changing, doesn't (or cannot) filter it out.

I wonder if there is a way in Win32 to check whether a change didn't affect anything other than the extended attributes (without saving the state of the folder and comparing), but that's a different question.

Edit: found a link: https://social.technet.microsoft.com/Forums/en-US/c900b28d-4281-4a98-b6ca-418cf84f3cab/microsoft-defender-atp-mssenseexe-is-creating-extended-attributes

Alex O
  • 1,429
  • 2
  • 13
  • 20