There was an implicit assumption in Britney that was violated recently
(presumbly in 12d9ae8). This assumption is that a source package will
reference the *latest* version of an arch:all package; even if that
version is not built by that source (version).
Image the following packages:
* p-all/1 and p-all/2 are arch:all packages.
- p-all/1 is generally superseded by p-all/2 except it has not
been removed yet (regardless of why that happens).
* src-a/2 builds p-all/2.
When Britney loads the packages (assuming packages are sorted[1]):
* p-all/1 is read and associated with src-a/2 (despite not being
built from that source)
* p-all/2 is read afterwards. It would replace p-all/1 and be
assoicated with src-a/2 as well.
- Prior to 12d9ae8, the assoication would be "pkg, arch" and
therefore the same.
- In 12d9ae8a and after, the association would include version
and both would be associated at the same time.
* Since p-all/1 is discarded, it is never added to the
installability tester (nor the solver). It then promptly throws
an exception when asked to deal with a package it believe does
not exist.
- This can trivially be solved by removing the association
between p-all/1 and src-a/2 when p-all/2 is read.
So far so good. Unfortunately, this adds another another problem!
When Britney migrates a binNMU, she currently removes *all* binary
packages on that architecture - *including* the arch:all packages.
This works out in the end because the arch:all packages be re-added
since they associated with the source package.
At first glance, this appears to be a non-issue until you add
hijacking to the mix. This is *exactly* the case behind #709460.
However, now we end up in a situation where the arch:all package is
removed during binNMU and not re-added (because the arch:all package
is not associated with *that* source any more).
This commit fixes all of the above by:
1) Correctly disassociating superseded arch:all packages from their
source packages
2) Falsely associating the "new" arch:all package to the source that
provided the superseded arch:all package (to avoid issues with
binNMUs and hijacked packages).
- This should probably be undone at some point when Britney does
not need this "hack" any more.
This fix is currently relying on the packages being sorted. But so
did the fix for #709460 (see [1] again). It might be prudent to fix
that as well (or at least reject the packages file rather than produce
"random" results).
[1] Which is another assumption we have been relying and that is
currently satisfied.
Signed-off-by: Niels Thykier <niels@thykier.net>
* A package being removed is *not* affected
- It will just be filtered out later in "check_packages"
* Since all transitive reverse dependencies will be added to
"affected" at the end of the method, there is no reason to
find the immediate set of reverse dependencies of a package
if the package is added itself as well.
Signed-off-by: Niels Thykier <niels@thykier.net>
Adds a --components command line argument (and corresponding config file
option). If specified, package info is expected to be in the usual Debian
mirror layout, ie:
testing/source/Sources
testing/binary-${ARCH}/Packages
(nthykier: Squashed, rebased and did some porting to Python3)
Signed-off-by: Niels Thykier <niels@thykier.net>
A package can have old cruft no longer in testing, which can't
migrate because it depends on old libraries or packages that
aren't in testing anymore, preventing migration.
There's no point in trying to migrate old cruft that has already
been removed in testing anyway, so don't do that.
Signed-off-by: Emilio Pozuelo Monfort <pochu@debian.org>
Signed-off-by: Niels Thykier <niels@thykier.net>
The "include_hijacked" parameter of "_compute_groups" was always
false, so there was little point in having it.
Signed-off-by: Niels Thykier <niels@thykier.net>
The same_source is supposed to compare two versions and (if needed)
"massage" a binNMU version into a source version. This extra feature
of same_source happens to be unused (and not generally applicable):
1) We always compare two source versions, so there is never a
binNMU version in the first place.
2) binary versions are *not* always equal to their source version
(even with the binNMU suffix stripped). This happens when
packages use "dpkg-gencontrol -v<version>".
Note this causes results from some live-data tests to change, because
there has been a sourceful upload with a binNMU version. It was
intended as a binNMU, but was uploaded with the source as well. As
Britney no longer works around this issue, it makes her remove the
affected packages in the end (as their source version does not match
the version in testing).
Signed-off-by: Niels Thykier <niels@thykier.net>
This bug involves a corner case that involves:
* source orig providing liborig1 and orig-doc in testing
* source orig providing liborig2 and orig-doc in unstable
* source hijack providing liborig2 and orig-doc in both testing and unstable,
where the versions of hijack's binaries has a higher version than those of
"orig".
The arch:all packages are needed to trigger this, because Britney
flags an arch:any package as "out of date" and stops the migration
there. However, she is more lenient with arch:all packages.
What happens is that Britney realises that src:orig need to be updated
in testing (to remove liborig1). This leaves src:orig with no
binaries left in testing (as the orig-doc from hijack is used) and it
is therefore removed as an obsolete source. The obsolete removal then
exploded because Britney was also trying to remove the liborig1
package, which is no longer there.
Signed-off-by: Niels Thykier <niels@thykier.net>
With this patch, Britney will correctly parse (and deparse) a
versioned Provides. Furthermore, she will allow it to satisfy any
unversioned dependency on the provided package.
This is the easy half of #786803.
Signed-off-by: Niels Thykier <niels@thykier.net>
It can be used to A) to make the mismatch check more efficient and B)
share identical binaries between suites.
Signed-off-by: Niels Thykier <niels@thykier.net>
Previously whether such packages received excuses, and the specific
content of such excuses, was dependent on the order in which their
binary packages were considered.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
This made iter_packages_hint a thin wrapper around try_migration, so
it was inlined into its only caller "do_all".
Signed-off-by: Niels Thykier <niels@thykier.net>
The callers of get_dependency_solvers need to do those table lookups
anyway. By moving it out, it is now possible to reuse the results.
Signed-off-by: Niels Thykier <niels@thykier.net>
Rely on the Installability tester to locate all of the affected
packages plus their transitive reverse dependencies. As the
InstallabilityTester is suite agnostic, the set of affected packages
now includes (versions of) packages not in testing, which is filtered
out during the check.
Signed-off-by: Niels Thykier <niels@thykier.net>
If we have an up-to-date arch all package available for this architecture,
that doesn't mean this architecture has an up-to-date build. We need an
architecture specific up-to-date package for that.
Signed-off-by: Ivo De Decker <ivodd@debian.org>
For fucked architectures, binaries from older versions are allowed to be in
testing, so we only remove them if they are gone from unstable.
Signed-off-by: Ivo De Decker <ivodd@debian.org>
Move nuninst cloning out of the check loop and always populate the new
nuninst entirely.
This will allow some simplifications in other places.
Signed-off-by: Niels Thykier <niels@thykier.net>
Use a set to filter out seen items to avoid doing O(n^2)
de-duplication. For very large hints, this can take considerable
time.
Using "seen_items" to build the actual hints on the (unverified)
assumption that Python can do something "smart" to turn a set into a
frozenset faster than it can with a list.
Signed-off-by: Niels Thykier <niels@thykier.net>
Britney is now smart enough to produce the same result from hints
regardless of the order of the items in the hint. With this in mind,
we can have the original auto-hinter produce hints as sets and filter
out duplicates as we produce them.
Note that the hints are sorted to produce deterministic output (to
make it easier to compare the hints between runs and changes).
Signed-off-by: Niels Thykier <niels@thykier.net>
Avoid some cases of O(n^2) behaviour in sort_actions and reduce the
size of n for the remaining O(n^2)-ish behaviour by filtering out
removals early on.
Signed-off-by: Niels Thykier <niels@thykier.net>
It's more natural to say "check this package if the current arch is in
this list" than "do not check this package if the current arch is not
in this list"
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
This updates the doop_source and _compute_groups functions so
that binary packages that are built from a different source
aren't included as part of an update to the original source.
In the event that it's a binary-only update, also don't remove
the hijacked packages from testing.
This change also removes an obsolete comment regardarding pre-conditions
for the _compute_groups function.
The live-data tests rely on an inconsistency, since they were before
Britney started to record the Essential field.
Signed-off-by: Niels Thykier <niels@thykier.net>
britney assumes that a package build is uniquely described by its
name, version and architecture. Particularly when constructing
Packages files by hand for testing purposes this assumption can be
violated, leading to confusing behaviour. This change makes britney
look for such mismatches, and report if any are found.
Notably:
* Avoid repeated calls frozenset(X), where we can trivially do
without.
* Skip the inner loop, when "i" is in "to_skip".
* Use a set rather than a list for "to_skip" as we do more
membership tests.
Signed-off-by: Niels Thykier <niels@thykier.net>
The get_dependency_solvers method returns a (boolean, list)-tuple, but
the boolean can always be implied from the list (in boolean context).
Signed-off-by: Niels Thykier <niels@thykier.net>
cmp is gone in python3. Also add a sorting method to Excuse that is
compatible with its __eq__/__hash__ methods.
Signed-off-by: Julien Cristau <jcristau@debian.org>
It doesn't exist in python3, but 1000 days should be safe enough as a
fallback for a package without urgency.
Signed-off-by: Julien Cristau <jcristau@debian.org>