Downgrade prevention triggers erroneously with 'guix pull'

  • Open
  • quality assurance status badge
Details
6 participants
  • 45mg
  • Jack Hill
  • Leo Famulari
  • Ludovic Courtès
  • Simon Tournier
  • Tomas Volf
Owner
unassigned
Submitted by
Jack Hill
Severity
important

Debbugs page

J
J
Jack Hill wrote on 1 Mar 08:37 -0800
current guix pull doesn't authenticate
(address . bug-guix@gnu.org)
alpine.DEB.2.21.2503011134420.24671@marsh.hcoop.net
jackhill@lissome ~$ guix describe
Generation 159 Feb 27 2025 22:08:27 (current)
guix f13f076
branch: master
commit: f13f0769688493271f43f31a016957355dbecb30
jackhill@lissome ~$ guix pull
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: aborting update of channel 'guix' to commit 6ca7b07a251739dfaefa639e74c01e3013c9454c, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
hint: This could indicate that the channel has been tampered with and is trying to force a
roll-back, preventing you from getting the latest updates. If you think this is not the
case, explicitly allow non-forward updates.

I don't have reason to believe the channel needs to be rolled back, I
assume something is wrong with the savannah copy of the repo, but don't
know. Can someone confirm?

Thanks!
Jack
T
T
Tomas Volf wrote on 1 Mar 13:41 -0800
(name . Jack Hill)(address . jackhill@jackhill.us)(address . 76660@debbugs.gnu.org)
87y0xoo2df.fsf@wolfsden.cz
Jack Hill <jackhill@jackhill.us> writes:

Toggle quote (17 lines)
> jackhill@lissome ~$ guix describe
> Generation 159 Feb 27 2025 22:08:27 (current)
> guix f13f076
> repository URL: https://git.savannah.gnu.org/git/guix.git
> branch: master
> commit: f13f0769688493271f43f31a016957355dbecb30
> jackhill@lissome ~$ guix pull
> Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
> guix pull: error: aborting update of channel 'guix' to commit 6ca7b07a251739dfaefa639e74c01e3013c9454c, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
> hint: This could indicate that the channel has been tampered with and is trying to force a
> roll-back, preventing you from getting the latest updates. If you think this is not the
> case, explicitly allow non-forward updates.
>
> I don't have reason to believe the channel needs to be rolled back, I assume
> something is wrong with the savannah copy of the repo, but don't know. Can
> someone confirm?

Can confirm.

Toggle snippet (12 lines)
/tmp/test$ /tmp/test/profile/bin/guix describe
Generation 1 Mar 01 2025 21:04:08 (current)
guix f13f076
repository URL: https://git.savannah.gnu.org/git/guix.git
commit: f13f0769688493271f43f31a016957355dbecb30
/tmp/test$ /tmp/test/profile/bin/guix pull -q --commit=6ca7b07a251739dfaefa639e74c01e3013c9454c --profile=/tmp/test/profile
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: aborting update of channel 'guix' to commit 6ca7b07a251739dfaefa639e74c01e3013c9454c, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
hint: Use `--allow-downgrades' to force this downgrade.


There is nothing wrong with the repository, and the commit is a
descendant:

Toggle snippet (5 lines)
$ git merge-base --is-ancestor f13f0769688493271f43f31a016957355dbecb30 6ca7b07a251739dfaefa639e74c01e3013c9454c
$ echo $?
0

Given that f13f0769688493271f43f31a016957355dbecb30 has fairly large
commit message, maybe the known bugs in how we are using guile-git
finally caught up with us.

I guess you can use the --allow-downgrades to by-pass the check after
you manually verify in the git repository the relation of the commits.
Sucks, but should allow you to pull.

Have a nice day,
Tomas
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmfDfvwOHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wal0+w/9GRSwlMSW4/jlguoRyE1CX+57cQBg3Ow6pMss
jEas7juKSmSlxvxGTzNWZ5dABNjNjT/GcqqxLrdYWMaCIsn8dMMrhhu3e3T8WtCu
e3lgNhwBfOQzlDvONGGEHR+JcRSnYz94sQiXTz2KAX1pBEcl6zzqVnzti9yuFRWI
PgrLIu4i1noP+IpbOi+q1yxdTiFgi9Al/23UBQnNXPmYraxT00KxVqSrhhVEyK++
Mi8XnnWYL1J9jmAvjudleZSrXEY82CW9CQ7uVpu+pZmBBykv0bhU5BDhPgp5S438
lDx6j5wkYb5BPUgqkcrTjEdlcOFWDOFONMC3+BRm0e2K2RZzEVYmqRnIjFdke37N
zLhwLvFEs4loXmvWudGBYn8wCYz4Y2IT1pTtCvm9cQ2gjJbl8RPxdds/tCNA9Bw0
4FpkDLgL6vC+6aX+1ADgFvAXquBm+Pa77xsbgy3nPh7Rwxk+1+g9vmZY8bM6c9rU
YihMLErYWMokcR1iodWxsU5+bxgLWCv29hxNPW9d2TGjzK54JyHL+Iu2w9qMKire
EBnmWjjqfH9NMLp9hE+brtx8dQNgSqGnDdg3xsWoeIAfd8BaJS85JKDaU4KrIeyq
AqYyZ+RV4WbRFpUFlYKTm5uclEh86nkKXU0LDZsnLopGAz6FHRnR1mcu5z1tuewk
deBaL1U=
=igMl
-----END PGP SIGNATURE-----

4
(address . 76660@debbugs.gnu.org)
877c58q79k.fsf@gmail.com
Tomas Volf <~@wolfsden.cz> writes:

Toggle quote (1 lines)
> Jack Hill <jackhill@jackhill.us> writes:
[...]
Toggle quote (12 lines)
>> jackhill@lissome ~$ guix pull
>> Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
>> guix pull: error: aborting update of channel 'guix' to commit 6ca7b07a251739dfaefa639e74c01e3013c9454c, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
>> hint: This could indicate that the channel has been tampered with and is trying to force a
>> roll-back, preventing you from getting the latest updates. If you think this is not the
>> case, explicitly allow non-forward updates.
>>
>> I don't have reason to believe the channel needs to be rolled back, I assume
>> something is wrong with the savannah copy of the repo, but don't know. Can
>> someone confirm?
>
> Can confirm.
[...]
Toggle quote (4 lines)
> Given that f13f0769688493271f43f31a016957355dbecb30 has fairly large
> commit message, maybe the known bugs in how we are using guile-git
> finally caught up with us.

I just re-authenticated my existing checkout of Guix from scratch (`rm
-r ~/.cache/guix/authentication/* && guix git authenticate`), and the
authentication was successful. (The checkout is up-to-date, as both
6ca7b07a251739dfaefa639e74c01e3013c9454c and
f13f0769688493271f43f31a016957355dbecb30 can be found in `git log`.)

However, I have not yet pulled 6ca7b07a251739dfaefa639e74c01e3013c9454c.
I'm currently on b9063be5a73114c1bfb23121b7c9b612835d014d [1].

So, I think you're right - it's probably an issue in `guix pull` or the
authentication mechanism, not the Guix repository (assuming that others
can also reproduce this).


[1] ...well, technically, I'm pulling from a personal authenticated fork
where upstream commits are rebased onto the branch I pull from; so
the hashes are all different even though the commit contents are all
the same. So I'm not actually on
b9063be5a73114c1bfb23121b7c9b612835d014d; rather, that's the last
commit that I rebased onto my fork branch.
L
L
Leo Famulari wrote on 2 Mar 10:50 -0800
(name . Jack Hill)(address . jackhill@jackhill.us)(address . 76660@debbugs.gnu.org)
Z8Sog2wmaP2rT0IT@jasmine.lan
On Sat, Mar 01, 2025 at 11:37:40AM -0500, Jack Hill wrote:
Toggle quote (5 lines)
> guix pull: error: aborting update of channel 'guix' to commit 6ca7b07a251739dfaefa639e74c01e3013c9454c, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
> hint: This could indicate that the channel has been tampered with and is trying to force a
> roll-back, preventing you from getting the latest updates. If you think this is not the
> case, explicitly allow non-forward updates.

I successfully pulled from the latest commit on the 'master' branch:

------
$ guix package -p ~/.config/guix/current -l
[...]
Generation 242 Mar 02 2025 13:45:23 (current)
+ nonguix 45bde19 out /gnu/store/ahqhr9qbhq9w83fl3yif8qy5vfkhay7c-nonguix
+ guix 56a374a out /gnu/store/lfwph6c7099c0f5dzfpffg1qm93va5iv-guix-56a374aa7
- nonguix 87c5b72 out /gnu/store/1kbmg93s0sc3ic01pql1jic6nr8mzkhi-nonguix
- guix 55a5181 out /gnu/store/vc2sn17c6g7ww4akd7p9dcfby6zykr81-guix-55a5181e7
------

This commit is a descendant of both of the commits from your error
message.

And `guix git authenticate` succeeds from 56a374a as well.

So what's going on?
T
T
Tomas Volf wrote on 2 Mar 11:08 -0800
(name . Leo Famulari)(address . leo@famulari.name)
87mse3jlml.fsf@wolfsden.cz
Leo Famulari <leo@famulari.name> writes:

Toggle quote (8 lines)
> On Sat, Mar 01, 2025 at 11:37:40AM -0500, Jack Hill wrote:
>> guix pull: error: aborting update of channel 'guix' to commit 6ca7b07a251739dfaefa639e74c01e3013c9454c, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
>> hint: This could indicate that the channel has been tampered with and is trying to force a
>> roll-back, preventing you from getting the latest updates. If you think this is not the
>> case, explicitly allow non-forward updates.
>
> I successfully pulled from the latest commit on the 'master' branch:

Can you pull *any* commit from 6ca7b07a251739dfaefa639e74c01e3013c9454c?
I have just tried:

Toggle snippet (12 lines)
$ /tmp/test/profile/bin/guix describe
Generation 1 Mar 01 2025 21:04:08 (current)
guix f13f076
repository URL: https://git.savannah.gnu.org/git/guix.git
commit: f13f0769688493271f43f31a016957355dbecb30
$ /tmp/test/profile/bin/guix pull -q --profile=/tmp/test/profile
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: aborting update of channel 'guix' to commit 56a374aa79fd93a90373417b9a33b27dda633449, which is not a descendant of f13f0769688493271f43f31a016957355dbecb30
hint: This could indicate that the channel has been tampered with and is trying to force a roll-back, preventing you from getting the latest updates. If you think this is not the case,
explicitly allow non-forward updates.

So it does not work for 56a374aa79fd93a90373417b9a33b27dda633449
(current master) on my machine. Out of curiosity, can you try to pull
current master, but from 6ca7b07a251739dfaefa639e74c01e3013c9454c?

Toggle quote (18 lines)
>
> ------
> $ guix package -p ~/.config/guix/current -l
> [...]
> Generation 242 Mar 02 2025 13:45:23 (current)
> + nonguix 45bde19 out /gnu/store/ahqhr9qbhq9w83fl3yif8qy5vfkhay7c-nonguix
> + guix 56a374a out /gnu/store/lfwph6c7099c0f5dzfpffg1qm93va5iv-guix-56a374aa7
> - nonguix 87c5b72 out /gnu/store/1kbmg93s0sc3ic01pql1jic6nr8mzkhi-nonguix
> - guix 55a5181 out /gnu/store/vc2sn17c6g7ww4akd7p9dcfby6zykr81-guix-55a5181e7
> ------
>
> This commit is a descendant of both of the commits from your error
> message.
>
> And `guix git authenticate` succeeds from 56a374a as well.
>
> So what's going on?

Possible explanation would be that there is a bug in the descendancy
detection when your current Guix is on specific commits (my guesstimate
would be the trigger is having large commit message, I have reported
this issue before).

Have a nice day,
Tomas

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmfErMIOHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wal52A/+MMf4iUxZcMeu/KKpCDF5XWT91MJbT7gVOEle
EPFahIW/Fda8NH15k4ojORsb8sF0gedl7g0v55vTrzYx6jiPGYz0pzMF86LZlBev
5/YOSJ+oeZ3Pinjf3VBt+fi6Q5fe+TMOmz+KAREJdnDml9UGkQiP4kdGR7SxFv9k
MuyhJQgr+qRg6cmoyBPKrexqKndWE5waqMCFlASllFlsBlfU7g9XAaUwIs7yYoCb
mllvH23cThfc1CGE3lAlk7aBQagqvQDy5RCKUWXitjHNjySedr8T73vvzWu7d9oe
OP60F7IwYfbG24quZCr5uLaq3fECHIO1hoVWjvmdfbLJ8almxSjCwsv8uSg7Lde0
A6IKaIEV1oOtp9bbIu/TF/Mo/iBMZIaZ52d3NFuoexSgfvAMNaCcD6R9UA1GyJqQ
xPv1TiYZIYlkiPtFhk4TCIgkLBHP1wqXeDhWiftOgp4+pkoZCSY9P0qroZ0arKYm
bBGxgLvZKRxPPGOKbNIzut6KY2WVXtndSmZE+C0jTEn7nryDhLiney/2DBLv6E6Y
nEnAWSYohRrYI5pnGaRKCMDLlAIz/28jQoH0ttWicRZthYqIJkXlsuGs5vB3THOU
UjSqgYdSNv5VD1car5LRNq5c9vc2dqLxAYaiLeYi6jQXK4elORzoDFF+91TYzIEE
w1ds9B4=
=8I3F
-----END PGP SIGNATURE-----

L
L
Leo Famulari wrote on 2 Mar 14:47 -0800
(name . Tomas Volf)(address . ~@wolfsden.cz)
Z8TgDzBDgv5UPBUJ@jasmine.lan
On Sun, Mar 02, 2025 at 08:08:50PM +0100, Tomas Volf wrote:
Toggle quote (5 lines)
> Possible explanation would be that there is a bug in the descendancy
> detection when your current Guix is on specific commits (my guesstimate
> would be the trigger is having large commit message, I have reported
> this issue before).

Can you share these prior reports here?
L
L
Leo Famulari wrote on 2 Mar 15:39 -0800
(name . Tomas Volf)(address . ~@wolfsden.cz)
Z8TsS1f-Q4n7B5tR@jasmine.lan
On Sun, Mar 02, 2025 at 08:08:50PM +0100, Tomas Volf wrote:
Toggle quote (2 lines)
> Can you pull *any* commit from 6ca7b07a251739dfaefa639e74c01e3013c9454c?

Yes:

------
$ guix package -p ~/.config/guix/current -l
[...]
Generation 242 Mar 02 2025 18:24:39
+ guix 6ca7b07 out /gnu/store/3bp49nygmmfq340fcgwpslryvqlbmlm9-guix-6ca7b07a2
- nonguix 87c5b72 out /gnu/store/1kbmg93s0sc3ic01pql1jic6nr8mzkhi-nonguix
- guix 55a5181 out /gnu/store/vc2sn17c6g7ww4akd7p9dcfby6zykr81-guix-55a5181e7

Generation 243 Mar 02 2025 18:31:47 (current)
+ guix 08bf8d1 out /gnu/store/0xp5zrr6ii0xwpy0md4bgxqaprijmh47-guix-08bf8d175
- guix 6ca7b07 out /gnu/store/3bp49nygmmfq340fcgwpslryvqlbmlm9-guix-6ca7b07a2
------

I did notice that I was unable to pull from 6ca7b07 along with nonguix.
In that case the package-cache failed to build like this:

------
[...]
building package cache...
(repl-version 0 1 1)
Generating package cache for '/gnu/store/b4f6r9wn4wc6mvw2fv6vbm2kz1gpxmgx-profile'...

Backtrace:
In guix/repl.scm:
141:4 19 (machine-repl _ _)
126:7 18 (_)
In ice-9/boot-9.scm:
1747:15 17 (with-exception-handler #<procedure 7fffefeff3f0 at ic…> …)
1752:10 16 (with-exception-handler _ _ #:unwind? _ # _)
In guix/repl.scm:
99:21 15 (_)
In unknown file:
14 (_ #<procedure 7ffff4ab11e0 at guix/repl.scm:100:25 ()> …)
13 (primitive-load "/gnu/store/3myfgdm742h3r3g3xl4fay58g0a…")
In ice-9/boot-9.scm:
1752:10 12 (with-exception-handler _ _ #:unwind? _ # _)
In gnu/packages.scm:
465:11 11 (generate-package-cache _)
In srfi/srfi-1.scm:
460:18 10 (fold #<procedure expand-cache expr> _ _)
In gnu/packages.scm:
425:37 9 (expand-cache . _)
In guix/packages.scm:
1444:17 8 (supported-package? #<package dotnet@3.1.419 nongnu/pa…> …)
In guix/memoization.scm:
101:0 7 (_ #<hash-table 7fffe09093a0 9870/14051> #<package dot…> …)
In guix/packages.scm:
1422:39 6 (_)
1692:16 5 (package->bag _ _ _ #:graft? _)
1793:48 4 (thunk)
In nongnu/packages/dotnet.scm:
290:19 3 (inputs #<package dotnet@3.1.419 nongnu/packages/dotnet…>)
In ice-9/boot-9.scm:
1685:16 2 (raise-exception _ #:continuable? _)
1780:13 1 (_ #<&compound-exception components: (#<&undefined-vari…>)
In unknown file:
0 (backtrace #<undefined>)

(exception unbound-variable (value #f) (value "Unbound variable: ~S") (value (icu4c-71)) (value #f))
builder for `/gnu/store/m5jxnijhnkhz2y8210l67g0f9azlqm2n-guix-package-cache.drv' failed to produce output path `/gnu/store/s91dv1ihqdvavmykxialqvgifjfvsl8z-guix-package-cache'
build of /gnu/store/m5jxnijhnkhz2y8210l67g0f9azlqm2n-guix-package-cache.drv failed
hint: This usually indicates a bug in one of the channels you are pulling from, or some incompatibility among them. You can check the build log and report the issue to the channel developers.

The channels you are pulling from are: nonguix guix.
------
T
T
Tomas Volf wrote on 2 Mar 15:44 -0800
(name . Leo Famulari)(address . leo@famulari.name)
875xkrj8vg.fsf@wolfsden.cz
Leo Famulari <leo@famulari.name> writes:

Toggle quote (8 lines)
> On Sun, Mar 02, 2025 at 08:08:50PM +0100, Tomas Volf wrote:
>> Possible explanation would be that there is a bug in the descendancy
>> detection when your current Guix is on specific commits (my guesstimate
>> would be the trigger is having large commit message, I have reported
>> this issue before).
>
> Can you share these prior reports here?

I expect the root cause to be the same as in 66268. (Man, is it over an
year already? The time sure does fly.)

I assume this[0] commit from my fork should fix the issue, does not
apply cleanly (should be trivial to adjust). The current way to compare
commits from guile-git (eq?) is simply wrong.

Tomas


--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmfE7VMOHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wal6DA/9FPEOBHmEWkDUD1rxUc1wj4id25BIqjzWHj4h
N+/Ug6lq2YB6sCh7Oaid2f9KnKnwLchOhOWztOxCJhz0a+3mCHLE1VRqQXvCeQW3
L+Sm7Ff+xGDXT4CYTbuxjA/yr72T9izN74JzQfJExA5k+DSlHfLUnM/4LAv2S8H4
dz5c0WlYQwQCWnztUJ/3xtU/vqy1xxAFStMEz+7YXQUagv9MhVBlK8wcTngdJWoj
yYm5C5SqThfxh1stJR9NJje8NwSZT4yinT3aCDpsyFCL30ZqidHhD9VXu+8ag6st
2Seu0jFpY52tH6suIEDl/BRwKeWNig47c4/MnxC36JE5+BmC826n+Z+gLotyPIqe
xlcRj2JkFmjyIXO5SLJJTAIHMDoyzTGD3nvR2Eg3OlPmwxGjeWpn2L1qLH+bNoPy
Utp0tIDtai4SLIjCkSi5y73t/XkMyxQf8/Er3zZZrBxL6E1ITAyXPXrrgy21Il9D
fsDtMMdnKIsvD+Cby8DDAOzu8dTevcFjJcMaRhvBQ2v2pbs2iaz52B7LA9Fgc2ET
+D7MF0UOxbNorEeXMAJPLM+mQixafrHYHF2p3jiHhXzmV9EqxuN2S3l2AmqpyB7Y
SgHH3BwioRoLXi9Yp62zh39692B6bE5cn4QqDtosG+jnkKX0EZUkwFhSkZ0W1qjB
5rDoA94=
=ekNp
-----END PGP SIGNATURE-----

J
J
Jack Hill wrote on 7 Mar 19:16 -0800
(name . Tomas Volf)(address . ~@wolfsden.cz)
alpine.DEB.2.21.2503072212540.24671@marsh.hcoop.net
Assuming I understand correctly that there's no way to get this commit to
verify: what are the next steps?

Future looking, we should apply the patch so that we don't get
non-verifiable commits in the future, but that won't help me, since I'll
have to verify it with my current guix.

How can I reset my state and move forward in a safe way? I assume it
involves some manually verifying of commits?

I'm afraid I don't understand why only some people run into this problem.

Thanks!
Jack
T
T
Tomas Volf wrote on 9 Mar 01:33 -0800
(name . Jack Hill)(address . jackhill@jackhill.us)
87ldtezgxy.fsf@wolfsden.cz
Jack Hill <jackhill@jackhill.us> writes:

Toggle quote (10 lines)
> Assuming I understand correctly that there's no way to get this commit to
> verify: what are the next steps?
>
> Future looking, we should apply the patch so that we don't get non-verifiable
> commits in the future, but that won't help me, since I'll have to verify it with
> my current guix.
>
> How can I reset my state and move forward in a safe way? I assume it involves
> some manually verifying of commits?

I see few options:

1. Revert to previous good state using `guix pull --roll-back', and try
pulling again. Maybe it will help.

2. Checkout the Guix repository, switch to the last commit known to you
to be safe, patch the guix/git.scm file ([0] should now apply
clearly), build the modified Guix locally and pull using it.

3. Take someones word that some specific new commit is safe, and just
pull while disabling protections. Statistically, if few people
independently confirm the commit on IRC, if should be pretty safe.

Number 1 is probably quickest to just try. :)

Toggle quote (4 lines)
>
> I'm afraid I don't understand why only some people run into this
> problem.

I think it could be influenced by the commit you are currently on, and
the commit you are pulling as latest. So depending on time of previous
and current pull, it might work or it might not work. I assume that
limits the amount of affected people.

Toggle quote (5 lines)
>
> Thanks!
> Jack
>


--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
L
L
Leo Famulari wrote on 9 Mar 14:31 -0700
(name . Tomas Volf)(address . ~@wolfsden.cz)
Z84IoyZfmIiwBq9n@jasmine.lan
On Sun, Mar 09, 2025 at 10:33:45AM +0100, Tomas Volf wrote:
Toggle quote (5 lines)
> I think it could be influenced by the commit you are currently on, and
> the commit you are pulling as latest. So depending on time of previous
> and current pull, it might work or it might not work. I assume that
> limits the amount of affected people.

Yes, it might or might not work. Some of us can pull from the "bad
commit", and some of us can't:


So, either we don't understand all the conditions that trigger this bug,
or it's not deterministic. But we should work to get the fix into
guile-git.
T
T
Tomas Volf wrote on 9 Mar 16:38 -0700
(name . Leo Famulari)(address . leo@famulari.name)
871pv5zser.fsf@wolfsden.cz
Leo Famulari <leo@famulari.name> writes:

Toggle quote (15 lines)
> On Sun, Mar 09, 2025 at 10:33:45AM +0100, Tomas Volf wrote:
>> I think it could be influenced by the commit you are currently on, and
>> the commit you are pulling as latest. So depending on time of previous
>> and current pull, it might work or it might not work. I assume that
>> limits the amount of affected people.
>
> Yes, it might or might not work. Some of us can pull from the "bad
> commit", and some of us can't:
>
> https://issues.guix.gnu.org/76660#6
>
> So, either we don't understand all the conditions that trigger this bug,
> or it's not deterministic. But we should work to get the fix into
> guile-git.

There is nothing to fix in guile-git, the fix needs to go into (guix
git). The libgit2 (which guile-git is wrapping) simply does not
guarantee that two gets of the same commit hash will return identical
pointer. So I believe (guix git) is in the wrong here for using eq?.

Well, I guess guile-git could go beyond what libgit2 promises, and
introduce its own caching layer, but I am not sure that is the correct
course of action. But its up to Ludo' of course.

Tomas

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmfOJmwOHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wamNsQ/9FigMFs7LOAE9uS1D9uFiqUNJE4JIsLqHtj3V
DonigVt+PCx1K0XzkZcYxdxatcOn4cV1uD3ZgUhihI5SLXhC9f8mdi/xXYS7KLrX
4VghwVElN6j34eLGcmHzF6rFW9QWkj+I1vLT15JNDi3VuyhCL3W7U8Z0NH1Jp958
kibdHhlnR5Ub7blzkuM05WUM2fmtuh15aiz2RLa3AEUdzdgwMO89axnpcJGsiYlf
duKbuPJO9mrHJBCeZWZ29jtm61blUFAQj8H6459CXKsW/Rf5986Zcbqm6upSq9Jo
BSrVrSWe8s3wW1LHGtEudJHvcE+nZ4HEBhkwy3rfzdIvFTV9mNyCGOT7i/DUOlt/
zbxif4vIA0b6C+Swz6EPDdD1y7lwOEK1Kg+sv7MOhUuk/ukUFMGdod91tW7cuxRb
RGWHvaZooULYcZ/yAPiWRzcoK8pSE1806ghaDkW/zNGZ9LsaQLN/hygMB4wAQnaX
CwUQlLeiUwABGDLbziwNzOTe6R/MqHPjnai9GTOz86MNh/Rr7EjOABjALFxhiway
iI5wN5WuKYrI0YQBAFAfXPwLP0YQ2oviQ3BG/djD2C8amqeZH/PVhiox8BSG71Nq
8GuThsKGAUuh8evY03D8DtqQHcANQlBFz6WoFpiWuLScPH663Kr6upJim2Q79ceu
IxVi/4E=
=937b
-----END PGP SIGNATURE-----

L
L
Leo Famulari wrote on 9 Mar 20:27 -0700
(name . Tomas Volf)(address . ~@wolfsden.cz)
Z85cEKiiRJ9mecXr@jasmine.lan
On Mon, Mar 10, 2025 at 12:38:20AM +0100, Tomas Volf wrote:
Toggle quote (3 lines)
> There is nothing to fix in guile-git, the fix needs to go into (guix
> git).

Sorry, my mistake.
L
L
Ludovic Courtès wrote on 10 Mar 07:24 -0700
control message for bug #76660
(address . control@debbugs.gnu.org)
874j01q7zj.fsf@gnu.org
retitle 76660 Downgrade prevention triggers erroneously with 'guix pull'
quit
L
L
Ludovic Courtès wrote on 10 Mar 07:24 -0700
(address . control@debbugs.gnu.org)
8734flq7zc.fsf@gnu.org
severity 76660 important
quit
L
L
Ludovic Courtès wrote on 10 Mar 07:27 -0700
Re: bug#76660: current guix pull doesn't authenticate
(name . Tomas Volf)(address . ~@wolfsden.cz)
87wmcxot8z.fsf@gnu.org
Tomas Volf <~@wolfsden.cz> skribis:

Toggle quote (13 lines)
> Leo Famulari <leo@famulari.name> writes:
>
>> On Sun, Mar 02, 2025 at 08:08:50PM +0100, Tomas Volf wrote:
>>> Possible explanation would be that there is a bug in the descendancy
>>> detection when your current Guix is on specific commits (my guesstimate
>>> would be the trigger is having large commit message, I have reported
>>> this issue before).
>>
>> Can you share these prior reports here?
>
> I expect the root cause to be the same as in 66268. (Man, is it over an
> year already? The time sure does fly.)

It looks like it! Terrible that such a serious bug didn’t triaged
appropriately.

I relied there, let’s see how we can fix it.

Thanks,
Ludo’.
S
S
Simon Tournier wrote on 10 Mar 12:46 -0700
87zfhshdnr.fsf@gmail.com
Hi,

On Mon, 10 Mar 2025 at 15:27, Ludovic Courtès <ludo@gnu.org> wrote:

Toggle quote (6 lines)
>> I expect the root cause to be the same as in 66268. (Man, is it over an
>> year already? The time sure does fly.)
>
> It looks like it! Terrible that such a serious bug didn’t triaged
> appropriately.

Somehow, the fix seems to rely on “git merge-base --is-ancestor” for
implementing “commit-relation”?

Since “build: Add dependency on Git” commit
f651a359691cbe4750f1fe8d14dd964f7971f91 from Sep 26 2023 we can assume
Git is available by the code that run “commit-relation”, no?

And, to my knowledge, the implementation relying on “git merge-base
--is-ancestor” does not have the problem, right?

Last cherry on the top, from [1], the implementation relying on “git
merge-base --is-ancestor” is 35x faster.

Win-win, no? Because the fix for ’eq?’ will introduce performance cost
and ’commit-relation’ will be even slower, no?

Cheers,
simon

1: comparing commit-relation using Scheme+libgit2 vs shellout plumbing Git
Simon Tournier <zimon.toutoune@gmail.com>
Tue, 12 Sep 2023 00:48:30 +0200
id:865y4gz5q9.fsf@gmail.com
L
L
Ludovic Courtès wrote on 10 Mar 14:57 -0700
(name . Simon Tournier)(address . zimon.toutoune@gmail.com)
87cyeomtvg.fsf@gnu.org
Simon Tournier <zimon.toutoune@gmail.com> skribis:

Toggle quote (3 lines)
> Last cherry on the top, from [1], the implementation relying on “git
> merge-base --is-ancestor” is 35x faster.

Uh, interesting! I would still like to avoid shelling out to Git for
common operations, but this comparison shows there’s a lot of room to
improve the performance of the current implementation.

Ludo’.
J
J
Jack Hill wrote on 10 Mar 20:19 -0700
(name . Tomas Volf)(address . ~@wolfsden.cz)
alpine.DEB.2.21.2503102254550.24671@marsh.hcoop.net
On Sun, 9 Mar 2025, Tomas Volf wrote:

Toggle quote (5 lines)
> I see few options:
>
> 1. Revert to previous good state using `guix pull --roll-back', and try
> pulling again. Maybe it will help.

I reverted back to the oldest guix I had,
4eaeff997907bc1b67884a6dc087756a50f175e2, and was able to pull with
authentication up to the newest, 42773718d5d5d42137ac84826850256fd6bed606.

Many thanks!
Jack
S
S
Simon Tournier wrote on 24 Mar 05:48 -0700
(name . Ludovic Courtès)(address . ludo@gnu.org)
87msdalhl3.fsf@gmail.com
Hi Ludo,

On Mon, 10 Mar 2025 at 22:57, Ludovic Courtès <ludo@gnu.org> wrote:
Toggle quote (9 lines)
> Simon Tournier <zimon.toutoune@gmail.com> skribis:
>
>> Last cherry on the top, from [1], the implementation relying on “git
>> merge-base --is-ancestor” is 35x faster.
>
> Uh, interesting! I would still like to avoid shelling out to Git for
> common operations, but this comparison shows there’s a lot of room to
> improve the performance of the current implementation.

You mean the current implementation of ligbit2, right? Because, from my
poor understanding, it’s part of the performance barrier.

Cheers,
simon
T
T
Tomas Volf wrote on 25 Mar 14:01 -0700
(name . Simon Tournier)(address . zimon.toutoune@gmail.com)
87ldss6d0x.fsf@wolfsden.cz
Simon Tournier <zimon.toutoune@gmail.com> writes:

Toggle quote (15 lines)
> Hi Ludo,
>
> On Mon, 10 Mar 2025 at 22:57, Ludovic Courtès <ludo@gnu.org> wrote:
>> Simon Tournier <zimon.toutoune@gmail.com> skribis:
>>
>>> Last cherry on the top, from [1], the implementation relying on “git
>>> merge-base --is-ancestor” is 35x faster.
>>
>> Uh, interesting! I would still like to avoid shelling out to Git for
>> common operations, but this comparison shows there’s a lot of room to
>> improve the performance of the current implementation.
>
> You mean the current implementation of ligbit2, right? Because, from my
> poor understanding, it’s part of the performance barrier.

There is git_graph_descendant_of function in libgit2, but it is not
exposed by the guile-git binding. Maybe we could try to use it to
implement the check instead the current approach (which does it in
Guile). I wonder how well that would perform compared to --is-ancestor.

Tomas

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmfjGY4OHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wakz3g//cfcQf3tpw7WyZEBdGKGVnkH7sn2HAiNF10vy
QgRXZqDYR2yNuqfer9h6fGh6t9NqanVz8cuwvabAYt93Yh+vYTtb0WM8RdrwvX6o
pIZKvI+w2bBLf74pdixOmnkVltOEgaU8RmxE7b+xUYBWuxZ/S4yDMYq+UMz0HERx
t2BgCx+AyOcZIlS9932S7/CmKdcRJ7WC9Fcq5rrxNy94Ombsla5952IZ9ePUmWUb
+uqcHMn/bgUAu1QZMST2VnsMZUrEbSeaSjpi86N6B0U6HddsTXIuI/14Je10ARJ3
AMTPOw2222JC34mDx7Q1KmYhr23rlzEDDF68+4el3YxdgksubX2ZpnIJt4RbgdBo
gdpymA+TyV7tiuzPbqCY4FSESweqxeO6iMW7H83StM9z9RqsqUd34FYXdU1jUJvE
D6gwK8eUz2LHx1Or1FrxRQuUt7/mvzyNM4tprGxhi42JNu+Dk9d3bQh5/pPS0hEv
1ccaLKwe8GxlEhxXsO1cyhLZazop4q7PKAz3WSmkV92d7TZhjT+diF5hAITyuBFu
qZAfPmROoYlZON+noPnpHjcNtrLbh6AchCAzrl2z2fa0pi44q5Af6jG7Kq+b22SE
6qrAStex6NaUQtm+N+RIzikEr5SHoOBKzlUljAKxyU6S5kXDmXTJpLNholtY21li
9imKXsk=
=fbd+
-----END PGP SIGNATURE-----

4
875xjw9gai.fsf@gmail.com
Tomas Volf <~@wolfsden.cz> writes:

Toggle quote (5 lines)
> There is git_graph_descendant_of function in libgit2, but it is not
> exposed by the guile-git binding. Maybe we could try to use it to
> implement the check instead the current approach (which does it in
> Guile). I wonder how well that would perform compared to --is-ancestor.

I actually opened a MR to add that binding upstream. Maybe copying the
code from there might save you a little bit of work:

?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 76660@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 76660
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch