Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid leaking file descriptors #83

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Avoid leaking file descriptors #83

wants to merge 1 commit into from

Conversation

DemiMarie
Copy link
Contributor

@DemiMarie DemiMarie commented Dec 10, 2021
edited
Loading

This mostly avoids spurious SELinux denials, but it is good practice anyway.

Should fix the file descriptor leakage in QubesOS/qubes-issues#5214.

@DemiMarie
Avoid leaking file descriptors
bc0c077 
This mostly avoids spurious SELinux denials, but it is good practice
anyway.

Should fix the file descriptor leakage in #5214.
@DemiMarie DemiMarie marked this pull request as draft December 10, 2021 07:25
@qubesos-bot
Copy link

qubesos-bot commented Feb 18, 2022
edited
Loading

OpenQA test summary

Complete test suite and dependencies: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.1&build=2022021806-4.1&flavor=pull-requests

New failures, excluding unstable

Compared to: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.1&build=2022021706-4.1&flavor=update

  • system_tests_update@hw1
    • update: unnamed test (unknown)
    • update: Failed (test died)
      # Test died: no candidate needle with tag(s) 'UPDATE-FAILED' matche...

Failed tests

2 failures
  • system_tests_update@hw1
    • update: unnamed test (unknown)
    • update: Failed (test died)
      # Test died: no candidate needle with tag(s) 'UPDATE-FAILED' matche...

Fixed failures

Compared to: https://openqa.qubes-os.org/tests/35157#dependencies

21 fixed

  • system_tests_dispvm

    • TC_20_DispVM_whonix-ws-16: test_100_open_in_dispvm (failure + cleanup)
      AssertionError: libvirt event impl drain timeout

  • system_tests_basic_vm_qrexec_gui_ext4

    • TC_03_QvmRevertTemplateChanges: test_000_revert_linux (error)
      NotImplementedError: FileVolume supports maximum 1 volume revision ...

  • system_tests_qrexec

  • system_tests_extra

    • TC_00_PDFConverter_fedora-34: test_000_one_page (failure)
      AssertionError: 1 != 0 : qvm-convert-pdf failed: b'Sending file to ...

  • system_tests_pvgrub_salt_storage

    • TC_40_PVGrub_debian-11: test_010_template_based_vm (error + timed out)
      qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...

  • system_tests_suspend@hw1

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: qr/p5~T5-\d+-/u...

    • suspend: Failed (test died + timed out)
      # Test died: command 'true' timed out at qubesos/tests/suspend.pm l...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "xl info; echo 8Ye1l-\$?-"...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: qr/8Ye1l-\d+-/u...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "# "...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "xl list; echo MfjdI-\$?-"...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: qr/MfjdI-\d+-/u...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "# "...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "xl dmesg; echo hNz_G-\$?-"...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: qr/hNz_G-\d+-/u...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "# "...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "journalctl -b|tail -n 10000; echo Adw2Q-\$...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: qr/Adw2Q-\d+-/u...

    • suspend: wait_serial (wait serial expected)
      # wait_serial expected: "# "...

  • system_tests_splitgpg

Unstable tests

  • system_tests_whonix@hw1

    whonixcheck/ (1/5 times with errors)
    whonixcheck/fail (1/5 times with errors)
    • job 31055 Whonixcheck for anon-whonix failed...

  • system_tests_basic_vm_qrexec_gui@hw1

    TC_30_Gui_daemon/test_000_clipboard (1/5 times with errors)
    • job 30502 qubes.exc.QubesMemoryError: Not enough memory to start domain 'test...
    TC_00_AppVM_whonix-ws-16/test_223_audio_play_hvm (1/5 times with errors)
    • job 31021 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_fedora-34-xfce/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
    • job 30502 AssertionError: only silence detected, no useful audio data
    • job 31021 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_whonix-gw-16/test_300_bug_1028_gui_memory_pinning (1/5 times with errors)
    • job 30119 subprocess.CalledProcessError: Command 'qubes.WaitForSession' retur...

  • system_tests_gui_tools@hw1

    qubesmanager_vmsettings/ (1/4 times with errors)
    qubesmanager_vmsettings/ (1/4 times with errors)
    qubesmanager_vmsettings/Failed (1/4 times with errors)
    • job 28667 # Test died: no candidate needle with tag(s) 'vm-settings-correct_c...
    qubesmanager_vmsettings/Failed (1/4 times with errors)
    • job 30515 # Test died: no candidate needle with tag(s) 'vm-settings-def-dvm-o...

  • system_tests_suspend@hw1

    suspend/Failed (1/5 times with errors)
    • job 27078 # Test died: command 'true' timed out at qubesos/tests/suspend.pm l...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/p5~T5-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "xl info; echo 8Ye1l-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/8Ye1l-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "xl list; echo MfjdI-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/MfjdI-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "xl dmesg; echo hNz_G-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/hNz_G-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "journalctl -b|tail -n 10000; echo Adw2Q-\$...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/Adw2Q-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "cat /var/log/salt/minion; echo 5Ktxw-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/5Ktxw-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "cat /var/log/libvirt/libxl/libxl-driver.lo...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/SBh43-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "tail /var/log/xen/console/guest*-dm.log; e...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/MZxne-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "grep -B 60 'Kernel panic' /var/log/xen/con...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/kuoMm-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "ip r |grep ^default; echo 4tG2W-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/4tG2W-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "curl --form upload=\@/var/log/libvirt/libx...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/XVE2M-\d+-/u...

  • system_tests_whonix

    whonixcheck/ (1/5 times with errors)
    whonixcheck/fail (1/5 times with errors)
    • job 31055 Whonixcheck for anon-whonix failed...

  • system_tests_gui_tools

    qubesmanager_vmsettings/ (1/4 times with errors)
    qubesmanager_vmsettings/ (1/4 times with errors)
    qubesmanager_vmsettings/Failed (1/4 times with errors)
    • job 28667 # Test died: no candidate needle with tag(s) 'vm-settings-correct_c...
    qubesmanager_vmsettings/Failed (1/4 times with errors)
    • job 30515 # Test died: no candidate needle with tag(s) 'vm-settings-def-dvm-o...

  • system_tests_suspend

    suspend/Failed (1/5 times with errors)
    • job 27078 # Test died: command 'true' timed out at qubesos/tests/suspend.pm l...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/p5~T5-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "xl info; echo 8Ye1l-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/8Ye1l-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "xl list; echo MfjdI-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/MfjdI-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "xl dmesg; echo hNz_G-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/hNz_G-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "journalctl -b|tail -n 10000; echo Adw2Q-\$...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/Adw2Q-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "cat /var/log/salt/minion; echo 5Ktxw-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/5Ktxw-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "cat /var/log/libvirt/libxl/libxl-driver.lo...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/SBh43-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "tail /var/log/xen/console/guest*-dm.log; e...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/MZxne-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "grep -B 60 'Kernel panic' /var/log/xen/con...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/kuoMm-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "ip r |grep ^default; echo 4tG2W-\$?-"...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/4tG2W-\d+-/u...
    suspend/wait_serial (1/5 times with errors)
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: "curl --form upload=\@/var/log/libvirt/libx...
    suspend/wait_serial (1/5 times with errors)
    • job 27078 # wait_serial expected: qr/XVE2M-\d+-/u...

  • system_tests_basic_vm_qrexec_gui

    TC_30_Gui_daemon/test_000_clipboard (1/5 times with errors)
    • job 30502 qubes.exc.QubesMemoryError: Not enough memory to start domain 'test...
    TC_00_AppVM_whonix-ws-16/test_223_audio_play_hvm (1/5 times with errors)
    • job 31021 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_fedora-34-xfce/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
    • job 30502 AssertionError: only silence detected, no useful audio data
    • job 31021 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_whonix-gw-16/test_300_bug_1028_gui_memory_pinning (1/5 times with errors)
    • job 30119 subprocess.CalledProcessError: Command 'qubes.WaitForSession' retur...

  • system_tests_network

    VmNetworking_whonix-gw-16/test_111_dynamic_detach_attach (1/5 times with errors)

  • system_tests_pvgrub_salt_storage

    TC_40_PVGrub_debian-11/test_000_standalone_vm (2/5 times with errors)
    • job 28615 qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...
    • job 30128 qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...
    TC_41_HVMGrub_debian-11/test_000_standalone_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_41_HVMGrub_fedora-34/test_000_standalone_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_41_HVMGrub_fedora-34-xfce/test_000_standalone_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_42_PVHGrub_debian-11/test_000_standalone_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    StorageLVM/test_000_volatile (1/5 times with errors)
    • job 30449 AssertionError: libvirt event impl drain timeout
    TC_10_VMSalt_fedora-34-xfce/test_001_multi_state_highstate (1/5 times with errors)
    • job 28615 AssertionError: Salt command '['qubesctl', '--skip-dom0', '--show-o...
    TC_40_PVGrub_debian-11/test_010_template_based_vm (1/5 times with errors)
    • job 28615 qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...
    TC_41_HVMGrub_debian-11/test_010_template_based_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_41_HVMGrub_fedora-34/test_010_template_based_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_41_HVMGrub_fedora-34-xfce/test_010_template_based_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_42_PVHGrub_debian-11/test_010_template_based_vm (2/5 times with errors)
    • job 30449 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31030 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...

  • system_tests_splitgpg

    TC_10_Thunderbird_debian-11/test_000_send_receive_default (1/5 times with errors)
    • job 35180 dogtail.tree.SearchError: descendent of [application | Thunderbird]...
    TC_10_Thunderbird_fedora-34/test_000_send_receive_default (1/5 times with errors)
    • job 31031 dogtail.tree.SearchError: child of [desktop frame | main]: "Thunder...
    TC_10_Thunderbird_fedora-34-xfce/test_000_send_receive_default (1/5 times with errors)
    • job 31031 dogtail.tree.SearchError: child of [desktop frame | main]: "Thunder...
    TC_10_Thunderbird_whonix-ws-16/test_000_send_receive_default (1/5 times with errors)
    • job 28616 AssertionError: 255 != 0 : Thunderbird send/receive failed:
    TC_10_Thunderbird_debian-11/test_010_send_receive_inline_signed_only (2/5 times with errors)
    • job 28616 AssertionError: 255 != 0 : Thunderbird send/receive failed: searchi...
    • job 35180 dogtail.tree.SearchError: descendent of [application | Thunderbird]...
    TC_10_Thunderbird_fedora-34/test_010_send_receive_inline_signed_only (1/5 times with errors)
    • job 31031 dogtail.tree.SearchError: child of [desktop frame | main]: "Thunder...
    TC_10_Thunderbird_fedora-34-xfce/test_010_send_receive_inline_signed_only (1/5 times with errors)
    • job 31031 dogtail.tree.SearchError: child of [desktop frame | main]: "Thunder...
    TC_10_Thunderbird_whonix-ws-16/test_010_send_receive_inline_signed_only (1/5 times with errors)
    • job 30450 dogtail.tree.SearchError: descendent of [application | Thunderbird]...
    TC_10_Thunderbird_debian-11/test_020_send_receive_inline_with_attachment (1/5 times with errors)
    • job 35180 Exception: Failed to send message with error 'unknown'
    TC_10_Thunderbird_fedora-34/test_020_send_receive_inline_with_attachment (1/5 times with errors)
    • job 31031 dogtail.tree.SearchError: child of [desktop frame | main]: "Thunder...
    TC_10_Thunderbird_fedora-34-xfce/test_020_send_receive_inline_with_attachment (1/5 times with errors)
    • job 31031 dogtail.tree.SearchError: child of [desktop frame | main]: "Thunder...
    TC_10_Thunderbird_whonix-ws-16/test_020_send_receive_inline_with_attachment (1/5 times with errors)
    • job 31031 assert received_attachment == orig_attachment... AssertionError

  • system_tests_extra

    TC_00_ImgConverter_fedora-34/test_000_png (1/5 times with errors)
    • job 30509 AssertionError: 255 != 0 : qvm-convert-img failed: b''
    TC_01_InputProxyExclude_debian-11/test_000_qemu_tablet (1/5 times with errors)
    • job 31022 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_01_InputProxyExclude_fedora-34/test_000_qemu_tablet (1/5 times with errors)
    • job 31022 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_01_InputProxyExclude_fedora-34-xfce/test_000_qemu_tablet (1/5 times with errors)
    • job 31022 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_10_AppmenusIntegration/test_011_icon_color_label_change (1/5 times with errors)
    • job 31022 AssertionError: Icon /home/user/.local/share/qubes-appmenus/test-in...
    TC_00_InputProxy_debian-11/test_050_mouse_late_attach (1/5 times with errors)
    • job 31022 AssertionError: unexpectedly None : Device 'test-inst-input: Test i...
    TC_00_InputProxy_fedora-34/test_050_mouse_late_attach (1/5 times with errors)
    • job 31022 AssertionError: unexpectedly None : Device 'test-inst-input: Test i...
    TC_00_InputProxy_fedora-34-xfce/test_050_mouse_late_attach (1/5 times with errors)
    • job 31022 AssertionError: unexpectedly None : Device 'test-inst-input: Test i...

  • system_tests_usbproxy

    TC_20_USBProxy_core3_debian-11/test_090_attach_stubdom (1/5 times with errors)
    • job 30108 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_20_USBProxy_core3_fedora-34/test_090_attach_stubdom (2/5 times with errors)
    • job 30108 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31054 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_20_USBProxy_core3_fedora-34-xfce/test_090_attach_stubdom (2/5 times with errors)
    • job 30108 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31054 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_20_USBProxy_core3_whonix-gw-16/test_090_attach_stubdom (2/5 times with errors)
    • job 30108 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31054 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_20_USBProxy_core3_whonix-ws-16/test_090_attach_stubdom (2/5 times with errors)
    • job 30108 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31054 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...

  • system_tests_qrexec

    TC_00_Qrexec_debian-11/test_050_qrexec_simple_eof (1/5 times with errors)
    • job 30514 AssertionError: Timeout, probably EOF wasn't transferred to the VM ...
    TC_00_Qrexec_debian-11/test_070_qrexec_vm_simultaneous_write (1/5 times with errors)
    • job 30514 AssertionError: Timeout, probably deadlock

  • system_tests_network_ipv6

    VmIPv6Networking_debian-11/test_020_simple_proxyvm_nm (1/5 times with errors)
    • job 30147 AssertionError: 1 != 0 : nm-applet window not found
    VmIPv6Networking_debian-11/test_040_inter_vm (1/5 times with errors)
    • job 27126 raise exceptions.TimeoutError()... asyncio.exceptions.TimeoutError
    VmIPv6Networking_whonix-ws-16/test_520_ipv6_simple_proxyvm_nm (1/5 times with errors)
    VmIPv6Networking_debian-11/test_540_ipv6_inter_vm (1/5 times with errors)
    • job 27126 raise exceptions.TimeoutError()... asyncio.exceptions.TimeoutError

  • system_tests_network_updates

    TC_11_QvmTemplateMgmtVM_fedora-34-xfce/test_000_template_list (1/5 times with errors)
    • job 27127 AssertionError: libvirt event impl drain timeout

  • system_tests_dispvm

    TC_04_DispVM/test_003_cleanup_destroyed (1/5 times with errors)
    • job 31011 raise exceptions.TimeoutError()... asyncio.exceptions.TimeoutError
    TC_20_DispVM_fedora-34/test_010_simple_dvm_run (3/5 times with errors)
    • job 28668 assert len(self.loop._selector.get_map()) \... AssertionError
    • job 30110 assert len(self.loop._selector.get_map()) \... AssertionError
    • job 31011 assert len(self.loop._selector.get_map()) \... AssertionError
    TC_20_DispVM_fedora-34-xfce/test_010_simple_dvm_run (3/5 times with errors)
    • job 28668 assert len(self.loop._selector.get_map()) \... AssertionError
    • job 30110 assert len(self.loop._selector.get_map()) \... AssertionError
    • job 31011 assert len(self.loop._selector.get_map()) \... AssertionError
    TC_20_DispVM_whonix-gw-16/test_010_simple_dvm_run (2/5 times with errors)
    TC_20_DispVM_whonix-ws-16/test_010_simple_dvm_run (2/5 times with errors)
    • job 28668 assert len(self.loop._selector.get_map()) \... AssertionError
    • job 31011 assert len(self.loop._selector.get_map()) \... AssertionError
    TC_20_DispVM_whonix-gw-16/test_020_gui_app (2/5 times with errors)
    TC_20_DispVM_debian-11/test_030_edit_file (2/5 times with errors)
    • job 28668 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: Timeout while waiting for disp[0-9]* window to show
    TC_20_DispVM_fedora-34/test_030_edit_file (2/5 times with errors)
    • job 28668 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: Timeout while waiting for disp[0-9]* window to show
    TC_20_DispVM_fedora-34-xfce/test_030_edit_file (2/5 times with errors)
    • job 28668 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: Timeout while waiting for disp[0-9]* window to show
    TC_20_DispVM_whonix-gw-16/test_030_edit_file (2/5 times with errors)
    TC_20_DispVM_whonix-ws-16/test_030_edit_file (2/5 times with errors)
    • job 28668 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: Timeout while waiting for disp[0-9]* window to show
    TC_20_DispVM_debian-11/test_100_open_in_dispvm (3/5 times with errors)
    • job 28668 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 30110 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: './open-file test.txt' failed with ./open-file test...
    TC_20_DispVM_fedora-34/test_100_open_in_dispvm (3/5 times with errors)
    • job 28668 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 30110 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: './open-file test.txt' failed with ./open-file test...
    TC_20_DispVM_fedora-34-xfce/test_100_open_in_dispvm (3/5 times with errors)
    • job 28668 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 30110 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 31011 AssertionError: './open-file test.txt' failed with ./open-file test...
    TC_20_DispVM_whonix-gw-16/test_100_open_in_dispvm (2/5 times with errors)
    TC_20_DispVM_whonix-ws-16/test_100_open_in_dispvm (5/5 times with errors)
    • job 27058 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 27110 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 28668 AssertionError: './open-file test.txt' failed with ./open-file test...
    • job 30110 AssertionError: Timeout while waiting for disp[0-9]* window to show
    • job 31011 AssertionError: './open-file test.txt' failed with ./open-file test...

  • system_tests_devices

    TC_10_Attach_fedora-34/test_000_attach_reattach (1/5 times with errors)
    • job 30432 subprocess.CalledProcessError: Command 'ls /dev/xvdi' returned non-...

  • system_tests_basic_vm_qrexec_gui_btrfs

    TC_30_Gui_daemon/test_000_clipboard (1/4 times with errors)
    • job 30506 self.assertEqual(clipboard_content, ... AssertionError: '' != 'test23'
    TC_00_AppVM_whonix-ws-16-pool/test_000_start_shutdown (2/4 times with errors)
    • job 28670 qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...
    • job 31014 qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...
    TC_00_AppVM_debian-11-pool/test_223_audio_play_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-pool/test_223_audio_play_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-xfce-pool/test_223_audio_play_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_whonix-ws-16-pool/test_223_audio_play_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_debian-11-pool/test_224_audio_rec_muted_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-pool/test_224_audio_rec_muted_hvm (2/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 30146 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-xfce-pool/test_224_audio_rec_muted_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_whonix-ws-16-pool/test_224_audio_rec_muted_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_debian-11-pool/test_225_audio_rec_unmuted_hvm (2/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 30506 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_fedora-34-pool/test_225_audio_rec_unmuted_hvm (1/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-xfce-pool/test_225_audio_rec_unmuted_hvm (3/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 30146 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 31014 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_whonix-ws-16-pool/test_225_audio_rec_unmuted_hvm (2/4 times with errors)
    • job 28670 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 30146 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...

  • system_tests_basic_vm_qrexec_gui_ext4

    TC_00_AppVM_whonix-gw-16-pool/test_000_start_shutdown (1/5 times with errors)
    • job 28600 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_whonix-ws-16-pool/test_223_audio_play_hvm (1/5 times with errors)
    • job 30507 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_00_AppVM_whonix-ws-16-pool/test_224_audio_rec_muted_hvm (1/5 times with errors)
    • job 30507 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_00_AppVM_fedora-34-pool/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 28600 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_fedora-34-xfce-pool/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 31015 FloatingPointError: invalid value encountered in double_scalars
    TC_00_AppVM_whonix-ws-16-pool/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
    • job 28600 AssertionError: only silence detected, no useful audio data
    • job 30507 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_00_AppVM_debian-11-pool/test_300_bug_1028_gui_memory_pinning (1/5 times with errors)
    • job 31015 assert len(self.loop._selector.get_map()) \... AssertionError
    TC_00_AppVM_fedora-34-pool/test_300_bug_1028_gui_memory_pinning (4/5 times with errors)
    • job 28600 AssertionError: Dom0 window doesn't match VM window content
    • job 30148 AssertionError: Dom0 window doesn't match VM window content
    • job 30507 AssertionError: Dom0 window doesn't match VM window content
    • job 31015 AssertionError: Dom0 window doesn't match VM window content
    TC_00_AppVM_fedora-34-xfce-pool/test_300_bug_1028_gui_memory_pinning (4/5 times with errors)
    • job 28600 AssertionError: Dom0 window doesn't match VM window content
    • job 30148 AssertionError: Dom0 window doesn't match VM window content
    • job 30507 AssertionError: Dom0 window doesn't match VM window content
    • job 31015 AssertionError: Dom0 window doesn't match VM window content

  • system_tests_basic_vm_qrexec_gui_xfs

    TC_00_AppVM_whonix-gw-16-pool/test_000_start_shutdown (1/5 times with errors)
    • job 27114 qubes.exc.QubesVMShutdownTimeoutError: Domain shutdown timed out: '...
    TC_00_AppVM_debian-11-pool/test_223_audio_play_hvm (2/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 30508 AssertionError: Timeout waiting for pulseaudio start in test-inst-v...
    TC_00_AppVM_fedora-34-pool/test_223_audio_play_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-xfce-pool/test_223_audio_play_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_whonix-ws-16-pool/test_223_audio_play_hvm (3/5 times with errors)
    • job 27114 AssertionError: only silence detected, no useful audio data
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    • job 30508 AssertionError: only silence detected, no useful audio data
    TC_00_AppVM_debian-11-pool/test_224_audio_rec_muted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-pool/test_224_audio_rec_muted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-xfce-pool/test_224_audio_rec_muted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_whonix-ws-16-pool/test_224_audio_rec_muted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_debian-11-pool/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-pool/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_fedora-34-xfce-pool/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...
    TC_00_AppVM_whonix-ws-16-pool/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 30157 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 90 secon...

marmarek
marmarek requested changes Feb 18, 2022
View reviewed changes
agent/qrexec-agent.c
errno = 0;
fd_num = strtol(entry->d_name, &endptr, 10);
if (errno || !endptr || *endptr || fd_num < 0 || fd_num > INT_MAX)
errx(1, "bad number in /proc/self/fd");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This always trips, I'm pretty sure it's about . or ...

Anyway, setting all FDs to O_CLOEXEC sounds fragile (there may be cases when inheriting open FD would be desirable, even if currently it isn't used), and also could hide other issues. I'd prefer to do it properly:

  • inspect what FDs are currently passed on to children, and for each consciously decide whether O_CLOEXEC is desirable (or maybe it shouldn't be left open at all?)
  • (optionally) add a test that checks for FD leaks - we do have proper unit tests in this repo, so it shouldn't be too hard. see qrexec/tests/socket/agent.py for example

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marmarek marmarek marmarek requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DemiMarie @qubesos-bot @marmarek