Hello! I am running Ubuntu 24, and our TeamCity agents (JVM-based)
became inoperational after unattended-upgrades installed openjdk-17
patch 17.0.13+11-2ubuntu1~24.04
I saw errors like:
[2024-11-14 20:52:45,091] WARN - l.patch.AbstractSourcesUpdater -
Exception occurred while patch applying: Cannot run program "chmod": error=0,
Failed to exec spawn helper: pid: 161418, exit value: 1
java.io.IOException: Cannot run program "chmod": error=0, Failed to exec
spawn helper: pid: 161418, exit value: 1
The TeamCity ticket is: https://youtrack.jetbrains.com/issue/TW-88215
I saw this issue on ARM and x86_64 based instances.
I had to restart the TeamCity agent service (create a new JVM) to get
the service back online.
launchpad janitor says this bug was fixed in 17.0.12 but I saw it in
17.0.13. So, is this the same bug or is it a different bug? Should I
expect the upgrade to 17.0.14 to be a breaking change as well?
I looked at https://bugs.openjdk.org/browse/JDK-8325621 that @slovdahl
linked but to be honest I didn't fully understand it. The ticket is in
a Resolved state? but from the comment history it doesn't seem that it
is resolved.
I've blacklisted openjdk for unattended upgrades in the meantime (added
"openjdk-" to the Unattended-Upgrade::Package-Blacklist in
/etc/apt/apt.conf.d/50unattended-upgrades).
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/2055280
Title:
openjdk-17-jre-headless 17.0.10+7-1~22.04.1: segfault in jspawnhelper
Status in openjdk-17 package in Ubuntu:
Fix Released
Status in unattended-upgrades package in Ubuntu:
Confirmed
Bug description:
We recently upgraded a bunch of Jenkins build machines that run Ubuntu
22.04.04 LTS to openjdk-17-jre-headless_17.0.10+7-1~22.04.1. Shortly
after, all the Jenkins agents running on these machines were getting
segfaults in jspawnhelper, when the JRE tried to spawn an external
shell to run build jobs:
$ /bin/sh -xe /tmp/jenkins12814566742512325555.sh
FATAL: command execution failed
java.io.IOException: error=0, Failed to exec spawn helper: pid: 1291715,
signal: 11
at java.base/java.lang.ProcessImpl.forkAndExec(Native Method)
at java.base/java.lang.ProcessImpl.<init>(ProcessImpl.java:314)
at java.base/java.lang.ProcessImpl.start(ProcessImpl.java:244)
at java.base/java.lang.ProcessBuilder.start(ProcessBuilder.java:1110)
Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to
ubuntu22-amd64-docker-3
at
hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1787)
at
hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
at hudson.remoting.Channel.call(Channel.java:1003)
at hudson.Launcher$RemoteLauncher.launch(Launcher.java:1121)
at hudson.Launcher$ProcStarter.start(Launcher.java:506)
at
hudson.tasks.CommandInterpreter.perform(CommandInterpreter.java:144)
at
hudson.tasks.CommandInterpreter.perform(CommandInterpreter.java:92)
at
hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
at
hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:818)
at hudson.model.Build$BuildExecution.build(Build.java:199)
at hudson.model.Build$BuildExecution.doRun(Build.java:164)
at
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:526)
at hudson.model.Run.execute(Run.java:1895)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:44)
at
hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
I'm unsure how Jenkins's agent exactly invokes jspawnhelper, but I
assume it just uses Java's regular API to run external processes, as
shown in the above stack trace. I.e. it uses java.lang.ProcessBuilder,
which implicitly invokes its java.lang.ProcessImpl.forkAndExec method.
And finally I assume that java.lang.ProcessImpl.forkAndExec somehow
forks jspawnhelper to do its thing.
In any case, with 17.0.10+7-1~22.04.1 this almost always results in a
segfault now, which the previous version of openjdk-17-jre-headless
never did. So it is some sort of regression.
For now, I have downgraded to the release version, which is
17.0.2+8-1, since the previous security update version has disappeared
from the Ubuntu mirrors.
I have not yet dug any deeper since I have a lack of time to spend on
it, but I wanted to make this bug report so other people experiencing
this might be able to find it on Launchpad.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-17/+bug/2055280/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
