search

Quuxplusone / LLVMBugzillaTest

0 stars 0 forks source link

Ubuntu repository broken #35632

Open Quuxplusone opened 6 years ago

Quuxplusone commented 6 years ago
Bugzilla Link PR36659
Status NEW
Importance P normal
Reported by Heikki Hellgren (heiccih@gmail.com)
Reported on 2018-03-09 02:57:35 -0800
Last modified on 2018-03-13 03:25:03 -0700
Version unspecified
Hardware PC Linux
CC anton@korobeynikov.info, llvm-bugs@lists.llvm.org, steven@uplinklabs.net
Fixed by commit(s)
Attachments
Blocks
Blocked by
See also 
I just added deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main to my
sources list and added also the  wget -O - https://apt.llvm.org/llvm-
snapshot.gpg.key|sudo apt-key add - but after apt update I get the following
error message:

E: Failed to fetch http://apt.llvm.org/xenial/dists/llvm-toolchain-
xenial/main/binary-amd64/Packages.gz  Hash Sum mismatch
E: Some index files failed to download. They have been ignored, or old ones
used instead.

Once I got the apt-get updated (for some reason it works sometimes) I got the
warning:

W: The repository 'http://apt.llvm.org/xenial llvm-toolchain-xenial Release'
does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore
potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration
details.

Trying to install clang-format-7 after this gives warning:

WARNING: The following packages cannot be authenticated!
  libllvm7 clang-format-7
Install these packages without verification? [y/N]

Answering yes outputs the following:

Err:1 http://apt.llvm.org/xenial llvm-toolchain-xenial/main amd64 libllvm7
amd64 1:7~svn325738-1~exp1
  404  Not Found
Err:2 http://apt.llvm.org/xenial llvm-toolchain-xenial/main amd64 clang-format-
7 amd64 1:7~svn325738-1~exp1
  404  Not Found
E: Failed to fetch http://apt.llvm.org/xenial/pool/main/l/llvm-toolchain-
snapshot/libllvm7_7~svn325738-1~exp1_amd64.deb  404  Not Found

E: Failed to fetch http://apt.llvm.org/xenial/pool/main/l/llvm-toolchain-
snapshot/clang-format-7_7~svn325738-1~exp1_amd64.deb  404  Not Found

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-
missing?

Does not work with update or fix-missing.
Quuxplusone commented 6 years ago

This is only problem with Xenial repository. For example artful works just fine.

Quuxplusone commented 6 years ago 
Here is apt debug information:

0% [4 InRelease gpgv 4 218 B]201 URI Done:
https://apt.llvm.org/xenial/dists/llvm-toolchain-xenial/InRelease
ReceivedHash:
ExpectedHash:

Got Codename: llvm-toolchain-xenial
Expecting Dist:
Transformed Dist:
Signature verification succeeded:
/var/lib/apt/lists/partial/apt.llvm.org_xenial_dists_llvm-toolchain-xenial_InRelease
Get:8 https://apt.llvm.org/xenial llvm-toolchain-xenial/main amd64 Packages
[8 897 B]
0% [5 InRelease gpgv 102 kB] [Waiting for headers] [8 Packages 3 611 B/8 834 B
41%]201 URI Done: https://apt.llvm.org/xenial/dists/llvm-toolchain-
xenial/main/binary-amd64/Packages.gz
ReceivedHash:
    - SHA256:3db3e1e9035f15686d7dd446c3b7bc16a43cc991afc26cb8348304d9def7057a
    - SHA1:a0533625a8d4502bf0413e88e2716d3d30670be6
    - MD5Sum:a3f9ace3745b3b63efffbb48866db134
    - Checksum-FileSize:8834
ExpectedHash:
    - Checksum-FileSize:8897
    - SHA256:e37df9ae4d3031b932cd11ef97aaf933d860c4ce62245a4b9758b4cacc3dcfb7
    - SHA1:5865716fd5ee28ad1862a6340450d4dac49ecb54
    - MD5Sum:17125da93d76685c89a1908768c8c267

Err:8 https://apt.llvm.org/xenial llvm-toolchain-xenial/main amd64 Packages
  Hash Sum mismatch
0% [5 InRelease gpgv 102 kB] [Waiting for headers]201 URI Done:
https://apt.llvm.org/xenial/dists/llvm-toolchain-xenial/main/binary-i386/Packages.gz
ReceivedHash:
    - SHA256:31daef1da9baa304dbe4f7054767e744ff51a65c064fbac6bd352634da408d3b
    - SHA1:f1737f65e30eb18ca8ec02705faadaf43dac709d
    - MD5Sum:3835710a720ebe613acfbac3f22266aa
    - Checksum-FileSize:7156
ExpectedHash:
    - Checksum-FileSize:7156
    - SHA256:31daef1da9baa304dbe4f7054767e744ff51a65c064fbac6bd352634da408d3b
    - SHA1:f1737f65e30eb18ca8ec02705faadaf43dac709d
    - MD5Sum:3835710a720ebe613acfbac3f22266aa
Quuxplusone commented 6 years ago

Anton, could you please check if "Packages.gz" aren't also cached in the cdn (and failing because of the in place replacement?)

Quuxplusone commented 6 years ago 
It's not just the Packages.gz that's borked. I'm using the Debian Stretch repos
and getting this:

root@debian-stretch:~# apt --debug update
E: Command line option --debug is not understood in combination with the other
options
root@debian-stretch:~# apt update
Get:1 http://apt.llvm.org/stretch llvm-toolchain-stretch InRelease [4,225 B]
Ign:2 http://mirrors.us.kernel.org/debian stable InRelease
Hit:3 http://apt.llvm.org/stretch llvm-toolchain-stretch-5.0 InRelease
Hit:4 http://apt.llvm.org/stretch llvm-toolchain-stretch-6.0 InRelease
Get:5 http://mirrors.us.kernel.org/debian stable-updates InRelease [91.0 kB]
Get:6 http://mirrors.us.kernel.org/debian stable Release [118 kB]
Hit:7 http://deb.debian.org/debian-security stable/updates InRelease
Get:8 http://apt.llvm.org/stretch llvm-toolchain-stretch/main Sources [2,465 B]
Err:8 http://apt.llvm.org/stretch llvm-toolchain-stretch/main Sources
  Hash Sum mismatch
  Hashes of expected file:
   - Filesize:2465 [weak]
   - SHA256:daade9ea47cdf16b0f60b21cf0fee79284ece9d4a0fe33d571fd63807ccee0fd
   - SHA1:f9bb23e593ed44d9ae311d38f472259cc7b63057 [weak]
   - MD5Sum:9f68f2966b970d5808e093e937684a15 [weak]
  Hashes of received file:
   - SHA256:8a44cbff97bd6d450b1a9c551367f3847e7a7b0ed91666dfc44651a26afb0419
   - SHA1:76f41439c5211ffb4ac7074f383656521d89e244 [weak]
   - MD5Sum:65396a0125f623a2ecaaa8296612f9e4 [weak]
   - Filesize:2462 [weak]
  Last modification reported: Sun, 11 Mar 2018 23:05:56 +0000
  Release file created at: Mon, 12 Mar 2018 15:59:20 +0000
Hit:10 http://ftp.debian.org/debian stretch-backports InRelease
Fetched 211 kB in 0s (419 kB/s)
Reading package lists... Done
E: Failed to fetch http://apt.llvm.org/stretch/dists/llvm-toolchain-
stretch/main/source/Sources.gz  Hash Sum mismatch
   Hashes of expected file:
    - Filesize:2465 [weak]
    - SHA256:daade9ea47cdf16b0f60b21cf0fee79284ece9d4a0fe33d571fd63807ccee0fd
    - SHA1:f9bb23e593ed44d9ae311d38f472259cc7b63057 [weak]
    - MD5Sum:9f68f2966b970d5808e093e937684a15 [weak]
   Hashes of received file:
    - SHA256:8a44cbff97bd6d450b1a9c551367f3847e7a7b0ed91666dfc44651a26afb0419
    - SHA1:76f41439c5211ffb4ac7074f383656521d89e244 [weak]
    - MD5Sum:65396a0125f623a2ecaaa8296612f9e4 [weak]
    - Filesize:2462 [weak]
   Last modification reported: Sun, 11 Mar 2018 23:05:56 +0000
   Release file created at: Mon, 12 Mar 2018 15:59:20 +0000
E: Failed to fetch http://apt.llvm.org/stretch/dists/llvm-toolchain-
stretch/main/binary-amd64/Packages.gz
E: Some index files failed to download. They have been ignored, or old ones
used instead.

So at least one of the Sources.gz files is broken too.
Quuxplusone commented 6 years ago

Also as seen from my previous log it seems that only amd64 packages are broken and i386 packages have correct hashes. Could it be that broken build in Jenkins overwrites some of the files but not all?

Quuxplusone commented 6 years ago 
(In reply to Sylvestre Ledru from comment #3)
> Anton, could you please check if "Packages.gz" aren't also cached in the cdn
> (and failing because of the in place replacement?)
All .gz files have (default) cache expiration time of 1 hour.
Quuxplusone commented 6 years ago

Late last evening the repository started to work again.