On Fri, Nov 03, 2023 at 10:58:00PM +0100, Wilko Meyer wrote:
On CI, this package failed to build with a hash mismatch for the kernel
source tarball:
------
Starting download of /gnu/store/31g0vm5hlgfi4d9lfwj07fasjn5667af-linux-6.5.10.tar.xz
[...]
[K ….10.tar.xz 90.0MiB 62.4MiB/s 00:01 [##################] 100.0%
@ hash-mismatch /gnu/store/31g0vm5hlgfi4d9lfwj07fasjn5667af-linux-6.5.10.tar.xz sha256 12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1 1drdjrbhdiljcqapjrjyvyvvf7dvpxdw4wxnqxjh1xy7f5vimxm9
hash mismatch for store item '/gnu/store/31g0vm5hlgfi4d9lfwj07fasjn5667af-linux-6.5.10.tar.xz'
------
I downloaded the tarball 'by hand' from kernel.org and calculated the
hash:
------
$ guix hash linux-6.5.10.tar.xz
12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1
------
... and that matches your patch:
However, Guix uses a mirror provided by the University of Oslo, and that
indeed provides a file with a different hash. That file appears to be
truncated, since tar fails to extract it, and it is about 2/3 the size
of the file from kernel.org (133 MiB):
------
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 90.0M 100 90.0M 0 0 6333k 0 0:00:14 0:00:14 --:--:-- 7441k
$ guix hash linux-6.5.10.tar.xz
1drdjrbhdiljcqapjrjyvyvvf7dvpxdw4wxnqxjh1xy7f5vimxm9
$ tar xf linux-6.5.10.tar.xz
xz: (stdin): Unexpected end of input
tar: Unexpected EOF in archive
tar: Unexpected EOF in archive
tar: Error is not recoverable: exiting now
------
kernel.org already runs a CDN to distribute demand effectively, so I
replaced the bogus source with the canonical upstream in our list of
download URLs, in 'guix/download.scm'.
I've pushed an updated patch series to 'kernel-updates' with this
change.