From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: Jeff King <peff@peff.net>
Cc: "Vanak\, Ibrahim" <ibrahim.vanak@hpe.com>,
"git\@vger.kernel.org" <git@vger.kernel.org>
Subject: Re: GIT issue while cloning (fatal: pack is corrupted (SHA1 mismatch)) !!!
Date: Tue, 28 May 2019 11:51:20 +0200 [thread overview]
Message-ID: <87ef4inbzb.fsf@evledraar.gmail.com> (raw)
In-Reply-To: <20190528093728.GA15106@sigill.intra.peff.net>
On Tue, May 28 2019, Jeff King wrote:
> On Tue, May 28, 2019 at 09:10:12AM +0000, Vanak, Ibrahim wrote:
>
>> We are seeing issue with GIT 2.14 version. When we try to clone the
>> repos, it is taking HUGE amount of time on HPUX, whereas on the linux
>> machine with same network configuration, it's getting cloned in less
>> than mins. So we want to know has anyone reported this issue? What is
>> the fix for this? Has the fix been released for this? Whom should we
>> contact for this?
>
> I don't know about the slowness, but...
>
>> Below is the HPUX system where we are seeing issue, it is taking 1 hr 45 mins and later it failed:
>>
>> root@sstl002.in.rdlabs.hpecorp.net# uname -a
>> HP-UX sstl002 B.11.31 U ia64 0158936019 unlimited-user license
>> root@sstl002.in.rdlabs.hpecorp.net# time git clone git@github.hpe.com:HPUX/SysFaultMgmt.git
>> Cloning into 'SysFaultMgmt'...
>> remote: Enumerating objects: 63627, done.
>> remote: Total 63627 (delta 0), reused 0 (delta 0), pack-reused 63627
>> Receiving objects: 100% (63627/63627), 681.90 MiB | 111.00 KiB/s, done.
>> fatal: pack is corrupted (SHA1 mismatch)
>> fatal: index-pack failed
>
> Git v2.14 uses the sha1collision-detection implementation of sha1 by
> default. That has a bug that was fixed recently with:
>
> commit 4125f78222749cb8fc91115abec3ac83e5dfb194
> Author: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
> Date: Tue May 14 00:17:01 2019 +0200
>
> sha1dc: update from upstream
>
> Update sha1dc from the latest version by the upstream
> maintainer[1]. See 07a20f569b ("Makefile: fix unaligned loads in
> sha1dc with UBSan", 2019-03-12) for the last update.
>
> This fixes an issue where HP-UX IA64 was wrongly detected as a
> Little-endian instead of a Big-endian system, see [2] and [3].
>
> 1. https://github.com/cr-marcstevens/sha1collisiondetection/commit/855827c583bc30645ba427885caa40c5b81764d2
> 2. https://public-inbox.org/git/603989bd-f86d-c61d-c6f5-fb6748a65ba9@siemens.com/
> 3. https://github.com/cr-marcstevens/sha1collisiondetection/pull/50
>
> which looks like it would impact your system. You can either:
>
> 1. Try v2.22.0-rc1, which will be the first release with that fix.
>
> 2. Try cherry-picking the various fixes on top of v2.14.0:
>
> git checkout v2.14.0
> git cherry-pick 23e37f8e9d5961c0c8d52ac481693d3fca5309ce
> git cherry-pick 07a20f569b4b1690e717eaac0954007a8edfbfc2
> git cherry-pick 4125f78222749cb8fc91115abec3ac83e5dfb194
>
> 3. Compile with another sha1 implementation. E.g.:
>
> # if you have openssl available; otherwise,
> # try BLK_SHA1
> echo 'OPENSSL_SHA1 = Yes' >config.mak
> make
>
> Note that you won't be protected from collision attacks, but those
> are still impractically expensive to mount at this point. It may be
> a good tradeoff until you can upgrade to a more recent Git.
>
> -Peff
As a follow-up perhaps we should hash_object_file_literally() early in
main() (or maybe just clone & init) to detect this issue & exit with
some "zomg broken!".
Vanak: Also, this issue suggests whoever compiled the package you're
using (you?) installed it with a failing "make test", so a lot of other
things may be broken...
next prev parent reply other threads:[~2019-05-28 9:51 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-28 9:10 GIT issue while cloning (fatal: pack is corrupted (SHA1 mismatch)) !!! Vanak, Ibrahim
2019-05-28 9:37 ` Jeff King
2019-05-28 9:51 ` Ævar Arnfjörð Bjarmason [this message]
2019-05-28 18:45 ` Vanak, Ibrahim
2019-05-28 21:30 ` Jeff King
2019-05-29 5:29 ` Vanak, Ibrahim
2019-05-29 9:06 ` Vanak, Ibrahim
2019-05-30 11:57 ` Jeff King
2019-06-11 16:39 ` Vanak, Ibrahim
2019-06-18 14:31 ` Vanak, Ibrahim
2019-06-18 17:15 ` Jeff Hostetler
2019-06-28 16:18 ` Vanak, Ibrahim
2019-06-28 23:55 ` Jeff King
2019-05-28 10:16 ` Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ef4inbzb.fsf@evledraar.gmail.com \
--to=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=ibrahim.vanak@hpe.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).