On 3/11/07, Nagy Gabor <ngaba@petra.hos.u-szeged.hu> wrote:
The bug is in package.c/_alpm_pkg_update_requiredby:
if(strcmp(dep->name, alpm_pkg_get_name(pkg)) == 0) { _alpm_log(PM_LOG_DEBUG, _("adding '%s' in requiredby field for '%s'"), cachepkg->name, pkg->name); alpm_list_t *reqs = alpm_pkg_get_requiredby(pkg); reqs = alpm_list_add(reqs, strdup(alpm_pkg_get_name(cachepkg))); pkg->requiredby = reqs; }
So we don't check if that packagename which we add is in reqs or not.
An other (much smaller) bug I realized, that in this function we don't check before adding foo to REQUIREDBY of pkg that pkg really satisfies foo's dependency, just checks if foo's dependency name is pkg. However we can break dependencies by -d switch, so absolutely not guaranteed that pkg is needed by foo. I think REQUIREDBY means by definition that pkg satisfies one of foo's dependencies and we don't ensure about this.
Bye, Nagy Gabor
Hopefully the easy part of this is now fixed in CVS. Of course, while fixing it I found perhaps another big issue, and I haven't really looked over what Nagy said above yet. -Dan