Re: GIT issue while cloning (fatal: pack is corrupted (SHA1 mismatch)) !!!

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: Jeff King <peff@peff.net>
Cc: "Vanak\, Ibrahim" <ibrahim.vanak@hpe.com>,
	"git\@vger.kernel.org" <git@vger.kernel.org>
Subject: Re: GIT issue while cloning (fatal: pack is corrupted (SHA1 mismatch)) !!!
Date: Tue, 28 May 2019 11:51:20 +0200	[thread overview]
Message-ID: <87ef4inbzb.fsf@evledraar.gmail.com> (raw)
In-Reply-To: <20190528093728.GA15106@sigill.intra.peff.net>


On Tue, May 28 2019, Jeff King wrote:

> On Tue, May 28, 2019 at 09:10:12AM +0000, Vanak, Ibrahim wrote:
>
>> We are seeing issue with GIT 2.14 version. When we try to clone the
>> repos, it is taking HUGE amount of time on HPUX, whereas on the linux
>> machine with same network configuration, it's getting cloned in less
>> than mins. So we want to know has anyone reported this issue? What is
>> the fix for this? Has the fix been released for this? Whom should we
>> contact for this?
>
> I don't know about the slowness, but...
>
>> Below is the HPUX system where we are seeing issue, it is taking 1 hr 45 mins and later it failed:
>>
>> root@sstl002.in.rdlabs.hpecorp.net# uname -a
>> HP-UX sstl002 B.11.31 U ia64 0158936019 unlimited-user license
>> root@sstl002.in.rdlabs.hpecorp.net# time git clone git@github.hpe.com:HPUX/SysFaultMgmt.git
>> Cloning into 'SysFaultMgmt'...
>> remote: Enumerating objects: 63627, done.
>> remote: Total 63627 (delta 0), reused 0 (delta 0), pack-reused 63627
>> Receiving objects: 100% (63627/63627), 681.90 MiB | 111.00 KiB/s, done.
>> fatal: pack is corrupted (SHA1 mismatch)
>> fatal: index-pack failed
>
> Git v2.14 uses the sha1collision-detection implementation of sha1 by
> default. That has a bug that was fixed recently with:
>
>   commit 4125f78222749cb8fc91115abec3ac83e5dfb194
>   Author: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
>   Date:   Tue May 14 00:17:01 2019 +0200
>
>       sha1dc: update from upstream
>
>       Update sha1dc from the latest version by the upstream
>       maintainer[1]. See 07a20f569b ("Makefile: fix unaligned loads in
>       sha1dc with UBSan", 2019-03-12) for the last update.
>
>       This fixes an issue where HP-UX IA64 was wrongly detected as a
>       Little-endian instead of a Big-endian system, see [2] and [3].
>
>       1. https://github.com/cr-marcstevens/sha1collisiondetection/commit/855827c583bc30645ba427885caa40c5b81764d2
>       2. https://public-inbox.org/git/603989bd-f86d-c61d-c6f5-fb6748a65ba9@siemens.com/
>       3. https://github.com/cr-marcstevens/sha1collisiondetection/pull/50
>
> which looks like it would impact your system. You can either:
>
>   1. Try v2.22.0-rc1, which will be the first release with that fix.
>
>   2. Try cherry-picking the various fixes on top of v2.14.0:
>
>        git checkout v2.14.0
>        git cherry-pick 23e37f8e9d5961c0c8d52ac481693d3fca5309ce
>        git cherry-pick 07a20f569b4b1690e717eaac0954007a8edfbfc2
>        git cherry-pick 4125f78222749cb8fc91115abec3ac83e5dfb194
>
>   3. Compile with another sha1 implementation. E.g.:
>
>        # if you have openssl available; otherwise,
>        # try BLK_SHA1
>        echo 'OPENSSL_SHA1 = Yes' >config.mak
>        make
>
>      Note that you won't be protected from collision attacks, but those
>      are still impractically expensive to mount at this point. It may be
>      a good tradeoff until you can upgrade to a more recent Git.
>
> -Peff

As a follow-up perhaps we should hash_object_file_literally() early in
main() (or maybe just clone & init) to detect this issue & exit with
some "zomg broken!".

Vanak: Also, this issue suggests whoever compiled the package you're
using (you?) installed it with a failing "make test", so a lot of other
things may be broken...

next prev parent reply	other threads:[~2019-05-28  9:51 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-28  9:10 GIT issue while cloning (fatal: pack is corrupted (SHA1 mismatch)) !!! Vanak, Ibrahim
2019-05-28  9:37 ` Jeff King
2019-05-28  9:51   ` Ævar Arnfjörð Bjarmason [this message]
2019-05-28 18:45   ` Vanak, Ibrahim
2019-05-28 21:30     ` Jeff King
2019-05-29  5:29       ` Vanak, Ibrahim
2019-05-29  9:06         ` Vanak, Ibrahim
2019-05-30 11:57           ` Jeff King
2019-06-11 16:39             ` Vanak, Ibrahim
2019-06-18 14:31               ` Vanak, Ibrahim
2019-06-18 17:15                 ` Jeff Hostetler
2019-06-28 16:18                   ` Vanak, Ibrahim
2019-06-28 23:55                     ` Jeff King
2019-05-28 10:16 ` Johannes Schindelin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ef4inbzb.fsf@evledraar.gmail.com \
    --to=avarab@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=ibrahim.vanak@hpe.com \
    --cc=peff@peff.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.