What's the scenario where this is happening? Multiple build directories using the same DL_DIR? Or was this a single build?
Ross On Thu, 3 Mar 2022 at 08:10, Konrad Weihmann <[email protected]> wrote: > > Sadly I encountered this here last night > > NOTE: recipe cve-update-db-native-1.0-r0: task do_cve_check: Started > ERROR: cve-update-db-native-1.0-r0 do_cve_check: Error executing a > python function in exec_func_python() autogenerated: > > The stack trace of python calls that resulted in this exception/failure was: > File: 'exec_func_python() autogenerated', lineno: 2, function: <module> > 0001: > *** 0002:do_cve_check(d) > 0003: > File: '/opt/build/sources/poky/meta/classes/cve-check.bbclass', lineno: > 104, function: do_cve_check > 0100: try: > 0101: patched_cves = get_patched_cves(d) > 0102: except FileNotFoundError: > 0103: bb.fatal("Failure in searching patches") > *** 0104: whitelisted, patched, unpatched = check_cves(d, > patched_cves) > 0105: if patched or unpatched: > 0106: cve_data = get_cve_info(d, patched + unpatched) > 0107: cve_write_data(d, patched, unpatched, > whitelisted, cve_data) > 0108: else: > File: '/opt/build/sources/poky/meta/classes/cve-check.bbclass', lineno: > 198, function: check_cves > 0194: else: > 0195: vendor = "%" > 0196: > 0197: # Find all relevant CVE IDs. > *** 0198: for cverow in conn.execute("SELECT DISTINCT ID FROM > PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)): > 0199: cve = cverow[0] > 0200: > 0201: if cve in cve_whitelist: > 0202: bb.note("%s-%s has been whitelisted for %s" % > (product, pv, cve)) > Exception: sqlite3.OperationalError: attempt to write a readonly database > > So it seems your patch doesn't solve the issue > > > > On 23.02.22 13:54, Ross Burton wrote: > > All of the function in cve-check should open the database read-only, as > > the only writer is the fetch task in cve-update-db. However, > > get_cve_info() was failing to do this, which might be causing locking > > issues with sqlite. > > > > Signed-off-by: Ross Burton <[email protected]> > > --- > > meta/classes/cve-check.bbclass | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass > > index 2d69aeba4b..d715fbf4d8 100644 > > --- a/meta/classes/cve-check.bbclass > > +++ b/meta/classes/cve-check.bbclass > > @@ -265,7 +265,8 @@ def get_cve_info(d, cves): > > import sqlite3 > > > > cve_data = {} > > - conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE")) > > + db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") > > + conn = sqlite3.connect(db_file, uri=True) > > > > for cve in cves: > > for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", > > (cve,)): > > > > > > > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#162648): https://lists.openembedded.org/g/openembedded-core/message/162648 Mute This Topic: https://lists.openembedded.org/mt/89339702/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
