search

docker / for-mac

Bug reports for Docker Desktop for Mac
https://www.docker.com/products/docker#/mac
2.43k stars 118 forks source link

Docker Rosetta x64 emulation failing #7093

Open curiousdev opened 10 months ago

curiousdev commented 10 months ago

Description

Describe the bug

Using SDK 8.0 image, run a RUN dotnet test... in your dockerfile.

To Reproduce

  1. Does NOT reproduce on x64. Reproduces on arm64 mac-m hardware.
  2. Include --platform=linux/amd64 in your docker build command.
  3. Include Use Rosetta for x86/amd64 emulation on Apple Silicon feature is checked in docker engine.

Exceptions

 > [build-env 4/5] RUN  DOTNET test ./src/MyProject.Tests -c Release /p:CollectCoverage=true /p:Threshold=75:
1.790 Fatal error. System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
1.791    at DynamicClass.lambda_method1(System.Runtime.CompilerServices.Closure, System.Object)
1.791    at Newtonsoft.Json.Serialization.ExpressionValueProvider.GetValue(System.Object)
1.791    at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CalculatePropertyDetails(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter ByRef, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object, Boolean ByRef, System.Object ByRef, Newtonsoft.Json.Serialization.JsonContract ByRef, Boolean ByRef, Boolean ByRef)
1.791    at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)

Further technical details

[build-env 4/6] RUN dotnet --info
#8 0.511 .NET SDK:
#8 0.511  Version:           8.0.100
#8 0.511  Commit:            57efcf1350
#8 0.625  Workload version:  8.0.100-manifests.6c33ef20
#8 0.625 
#8 0.625 Runtime Environment:
#8 0.627  OS Name:     debian
#8 0.627  OS Version:  12
#8 0.629  OS Platform: Linux
#8 0.638  RID:         linux-x64
#8 0.638  Base Path:   /usr/share/dotnet/sdk/8.0.100/
#8 0.638 
#8 0.638 .NET workloads installed:
#8 0.643  Workload version: 8.0.100-manifests.6c33ef20
#8 0.643 There are no installed workloads to display.
#8 0.649 
#8 0.649 Host:
#8 0.649   Version:      8.0.0
#8 0.649   Architecture: x64
#8 0.649   Commit:       5535e31a71
#8 0.649 
#8 0.649 .NET SDKs installed:
#8 0.649   8.0.100 [/usr/share/dotnet/sdk]
#8 0.649 
#8 0.649 .NET runtimes installed:
#8 0.649   Microsoft.AspNetCore.App 8.0.0 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
#8 0.649   Microsoft.NETCore.App 8.0.0 [/usr/share/dotnet/shared/Microsoft.NETCore.App]
docker --version
Docker version 24.0.4, build 3713ee1eea

Reproduce

Describe the bug

Using SDK 8.0 image, run a RUN dotnet test... in your dockerfile.

To Reproduce

  1. Does NOT reproduce on x64. Reproduces on arm64 mac-m hardware.
  2. Include --platform=linux/amd64 in your docker build command.
  3. Include Use Rosetta for x86/amd64 emulation on Apple Silicon feature is checked in docker engine.

Exceptions

 > [build-env 4/5] RUN  DOTNET test ./src/MyProject.Tests -c Release /p:CollectCoverage=true /p:Threshold=75:
1.790 Fatal error. System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
1.791    at DynamicClass.lambda_method1(System.Runtime.CompilerServices.Closure, System.Object)
1.791    at Newtonsoft.Json.Serialization.ExpressionValueProvider.GetValue(System.Object)
1.791    at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CalculatePropertyDetails(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter ByRef, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object, Boolean ByRef, System.Object ByRef, Newtonsoft.Json.Serialization.JsonContract ByRef, Boolean ByRef, Boolean ByRef)
1.791    at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)

Further technical details

[build-env 4/6] RUN dotnet --info
#8 0.511 .NET SDK:
#8 0.511  Version:           8.0.100
#8 0.511  Commit:            57efcf1350
#8 0.625  Workload version:  8.0.100-manifests.6c33ef20
#8 0.625 
#8 0.625 Runtime Environment:
#8 0.627  OS Name:     debian
#8 0.627  OS Version:  12
#8 0.629  OS Platform: Linux
#8 0.638  RID:         linux-x64
#8 0.638  Base Path:   /usr/share/dotnet/sdk/8.0.100/
#8 0.638 
#8 0.638 .NET workloads installed:
#8 0.643  Workload version: 8.0.100-manifests.6c33ef20
#8 0.643 There are no installed workloads to display.
#8 0.649 
#8 0.649 Host:
#8 0.649   Version:      8.0.0
#8 0.649   Architecture: x64
#8 0.649   Commit:       5535e31a71
#8 0.649 
#8 0.649 .NET SDKs installed:
#8 0.649   8.0.100 [/usr/share/dotnet/sdk]
#8 0.649 
#8 0.649 .NET runtimes installed:
#8 0.649   Microsoft.AspNetCore.App 8.0.0 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
#8 0.649   Microsoft.NETCore.App 8.0.0 [/usr/share/dotnet/shared/Microsoft.NETCore.App]
docker --version
Docker version 24.0.4, build 3713ee1eea

Expected behavior

I should be able to build docker amd64 images with rosetta emulation.

docker version

Client: Docker Engine - Community
 Version:           24.0.4
 API version:       1.43
 Go version:        go1.20.5
 Git commit:        3713ee1eea
 Built:             Fri Jun 30 17:55:44 2023
 OS/Arch:           darwin/arm64
 Context:           desktop-linux

Server: Docker Desktop 4.25.2 (129061)
 Engine:
  Version:          24.0.6
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.7
  Git commit:       1a79695
  Built:            Mon Sep  4 12:31:36 2023
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.22
  GitCommit:        8165feabfdfe38c65b599c4993d227328c231fca
 runc:
  Version:          1.1.8
  GitCommit:        v1.1.8-0-g82f18fe
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client: Docker Engine - Community
 Version:    24.0.4
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.11.2-desktop.5
    Path:     /Users/foo/.docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.23.0-desktop.1
    Path:     /Users/foo/.docker/cli-plugins/docker-compose
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.0
    Path:     /Users/foo/.docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.20
    Path:     /Users/foo/.docker/cli-plugins/docker-extension
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v0.1.0-beta.9
    Path:     /Users/foo/.docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /Users/foo/.docker/cli-plugins/docker-sbom
  scan: Docker Scan (Docker Inc.)
    Version:  v0.26.0
    Path:     /Users/foo/.docker/cli-plugins/docker-scan
  scout: Docker Scout (Docker Inc.)
    Version:  v1.0.9
    Path:     /Users/foo/.docker/cli-plugins/docker-scout

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 19
 Server Version: 24.0.6
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
 runc version: v1.1.8-0-g82f18fe
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
  cgroupns
 Kernel Version: 6.4.16-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: aarch64
 CPUs: 10
 Total Memory: 7.661GiB
 Name: linuxkit-2a6a79c09772
 ID: 16fa8bba-bd69-4365-b830-baf520e019ff
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: daemon is not using the default seccomp profile

Diagnostics ID

BCE2C6D2-92E8-45E9-A41B-8830A46D5474/20231128000102

Additional Info

No response

dgageot commented 10 months ago

Hi @curiousdev, do you have a minimal project or set of commands we could use to reproduce your issue?

curiousdev commented 10 months ago

So the issue is this:

The .net 7 release and beyond introduced clr-runtime performance optimizations that will reorder read-write memory operations. This re-ordering optimization is apparently incompatible with some emulation frameworks like QEMU and Rosetta.

I'll try to author and small reproduction, however given this is a on-the-fly perf optimization. I'm concerned it will not always be consistent. Especially if I shrink the console app to something very small.

The workaround is to disable this performance optimization. Not ideal.

Here's a link to the conversation thread at the dotnet project.

https://github.com/dotnet/sdk/issues/37169#issuecomment-1830372715

pastalex commented 6 months ago

Hi! Any updates on this?

n4n0r commented 3 days ago

Hi, I have a similar issue compiling Nginx and OpenSSL and theLink-Time Optimization (LTO) process. I tend to think the issue should be raised with Apple / Rosetta?

objs/addon/src/ngx_http_modsecurity_log.o \
objs/addon/src/ngx_http_modsecurity_rewrite.o \
objs/ngx_modules.o \
-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie -lpthread -lcrypt -lmodsecurity -lpcre2-8 /home/eng/openssl/.openssl/lib/libssl.a /home/eng/openssl/.openssl/lib/libcrypto.a -lpthread -lz \
-Wl,-E
during IPA pass: static-var
lto1: internal compiler error: in return_token, at opts-common.cc:2135
0x19bb73a internal_error(char const*, ...)
    ???:0
0x683a32 fancy_abort(char const*, int, char const*)
    ???:0
0x6ba314 lto_main()
    ???:0
Please submit a full bug report, with preprocessed source (by using -freport-bug).
Please include the complete backtrace with any bug report.
See <file:///usr/share/doc/gcc-13/README.Bugs> for instructions.
lto-wrapper: fatal error: /usr/bin/cc returned 1 exit status
compilation terminated.
/usr/bin/ld: error: lto-wrapper failed
collect2: error: ld returned 1 exit status