Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rg --files triggers MsMpEng.exe on Windows #600

Closed
chrmarti opened this issue Sep 7, 2017 · 7 comments
Closed

rg --files triggers MsMpEng.exe on Windows #600

chrmarti opened this issue Sep 7, 2017 · 7 comments

Comments

@chrmarti
Copy link
Contributor

chrmarti commented Sep 7, 2017

Version 0.6.0.

Not sure what might cause that, but MsMpEng.exe hogs the CPU and rg.exe makes only very slow progress.

When I use an alternate implementation to list the files in node.js, MsMpEng.exe remains silent or at least doesn't jam the CPU.
@BurntSushi
Copy link
Owner

BurntSushi commented Sep 7, 2017 via email

@chrmarti
Copy link
Contributor Author

chrmarti commented Sep 7, 2017

MsMpEng.exe is part of an antispyware. It looks like ripgrep triggers its activity. I would kind of expect this to happen if ripgrep scanned the contents of the files, but with --files that should not be the case.

Since using node.js to list all files does not show this behavior, I guess ripgrep must be using some API that triggers it.

@BurntSushi
Copy link
Owner

But --files does need to read some files. It has to read, for example, .gitignore/.ignore files to determine which files to filter.

I don't really know what you expect me to do about this.

@chrmarti
Copy link
Contributor Author

chrmarti commented Sep 7, 2017

I'm using --no-ignore, that should skip reading of these files I assume. Interestingly the problem stopped appearing on one machine, but still does on a VM.

@chrmarti
Copy link
Contributor Author

chrmarti commented Sep 7, 2017

I have captured traces of ripgrep and the node implementation using ProcMon. One difference is how they open files, ripgrep uses 'Generic Read' while node uses 'Read Attributes'.

ripgrep:
image

node:
image

@chrmarti
Copy link
Contributor Author

chrmarti commented Sep 7, 2017

@BurntSushi I would like to modify it to use 'Read Attributes' to see if maybe 'Generic Read' triggers MsMpEng.exe's scanning, but can't figure out where that is set. (I'm new to Rust.)

chrmarti added a commit to chrmarti/ripgrep that referenced this issue Sep 8, 2017
@chrmarti
Avoid expensive check with --files (fixes BurntSushi#600)
6cf282c
@chrmarti chrmarti mentioned this issue Sep 8, 2017
Merged
roblourens added a commit to roblourens/ripgrep that referenced this issue Sep 12, 2017
@roblourens
Avoid expensive check with --files (fixes BurntSushi#600)
1359201
@BurntSushi
Copy link
Owner

@chrmarti If you aren't searching with memory maps (force it with --no-mmap), then the File::open call is here:

ripgrep/src/worker.rs

Line 221 in beb010d

let file = match File::open(path) {
You can presumably change the open attributes using std::fs::OpenOptions. You may need to use a platform specific OpenOptionsExt trait for Windows to set Windows-specific attributes though.

You could also try forcing the issue with --mmap to open files with memory maps.

It occurs to me that this is all for opening files to search. For opening .gitignore files, I believe the File::open call is here:

ripgrep/ignore/src/gitignore.rs

Line 351 in 0668c74

let file = match File::open(path) {

BurntSushi pushed a commit that referenced this issue Sep 18, 2017
@chrmarti @BurntSushi
Avoid expensive check with --files (fixes #600)
1136f8a
This was referenced Nov 26, 2018
Closed
Merged
BurntSushi pushed a commit that referenced this issue Jan 24, 2019
@roblourens @BurntSushi
ripgrep: don't skip stdout in --files mode
4691d11 
Specifically, this avoids triggering Windows antimalware when in --files mode.

See also #600.

Fixes #1121
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@BurntSushi @chrmarti