SIGSEGV: segmentation violation when building image

[Grepsd]

On : linux ubuntu 19.10 docker-slim version linux|Transformer|1.28.0|c9c3681a3a8b6e8ec8caec7311a1c8329f26cdb9|2020-03-07_07:52:46AM Docker version 19.03.7, build 7141c199a2

dist_linux/docker-slim build --include-path /etc/ssl --include-path /usr/share/ca-certificates indexer-php docker-slim[build]: info=http.probe message='using default probe' docker-slim[build]: state=started docker-slim[build]: info=params target=indexer-php continue.mode=probe rt.as.user=true keep.perms=true docker-slim[build]: state=image.inspection.start docker-slim[build]: info=image id=sha256:761c343436ab68ea31830c2a17ccc04bf754f20998c1b75b3f861317d8b0e924 size.bytes=473038913 size.human=473 MB docker-slim[build]: info=image.stack index=0 name='php:7.4-fpm-alpine' id='sha256:014a46b60a9dfb720893f1d7edbb5619ea82036431f0f3be1fb60fbf4a07c5c7' docker-slim[build]: info=image.stack index=1 name='indexer-php:latest' id='sha256:761c343436ab68ea31830c2a17ccc04bf754f20998c1b75b3f861317d8b0e924' docker-slim[build]: info=image.exposed_ports list='9000' docker-slim[build]: state=image.inspection.done docker-slim[build]: state=container.inspection.start docker-slim[build]: info=container status=created name=dockerslimk_11767_20200310081948 id=23ec8f6473fe793f65a6dd87b12144da4cfba33b09320f4c1c4def3cc6ab7a59 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x8507c1]

goroutine 1 [running]: github.com/docker-slim/docker-slim/pkg/ipc/channel.(Client).Read(0xc00080c1c0, 0x3, 0x3, 0x4b, 0x0) github.com/docker-slim/docker-slim/pkg/ipc/channel/channel.go:388 +0x401 github.com/docker-slim/docker-slim/pkg/ipc/channel.verifyCommandChannel(0xc00080c1c0, 0x3, 0x3c, 0xf) github.com/docker-slim/docker-slim/pkg/ipc/channel/channel.go:487 +0x169 github.com/docker-slim/docker-slim/pkg/ipc/channel.NewCommandClient(0xc0004c8260, 0xf, 0x3c, 0xf, 0x1e, 0x1e, 0xf, 0xc0002b6001, 0x14) github.com/docker-slim/docker-slim/pkg/ipc/channel/channel.go:453 +0x173 github.com/docker-slim/docker-slim/internal/app/master/inspectors/container/ipc.(Client).initChannels(0xc00045e000, 0xc00045e000, 0xa83298) github.com/docker-slim/docker-slim/internal/app/master/inspectors/container/ipc/ipc.go:57 +0x134 github.com/docker-slim/docker-slim/internal/app/master/inspectors/container/ipc.NewClient(0xa78ddf, 0x9, 0xc0004c81c0, 0x5, 0xc0004c81d7, 0x5, 0x3c, 0x0, 0x20, 0x9c4fa0) github.com/docker-slim/docker-slim/internal/app/master/inspectors/container/ipc/ipc.go:47 +0x262 github.com/docker-slim/docker-slim/internal/app/master/inspectors/container.(Inspector).initContainerChannels(0xc000370000, 0x1, 0x1) github.com/docker-slim/docker-slim/internal/app/master/inspectors/container/container_inspector.go:691 +0x8f github.com/docker-slim/docker-slim/internal/app/master/inspectors/container.(Inspector).RunContainer(0xc000370000, 0x4, 0xc0001e7f98) github.com/docker-slim/docker-slim/internal/app/master/inspectors/container/container_inspector.go:460 +0x20d0 github.com/docker-slim/docker-slim/internal/app/master/commands.OnBuild(0xc0002ac050, 0x7fff6fc72222, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa77701, ...) github.com/docker-slim/docker-slim/internal/app/master/commands/build.go:263 +0x1617 github.com/docker-slim/docker-slim/internal/app/master.init.0.func8(0xc0002aa160, 0x0, 0xc0002b02f0) github.com/docker-slim/docker-slim/internal/app/master/cli.go:931 +0x16e3 github.com/urfave/cli.HandleAction(0x9a60c0, 0xaa40d0, 0xc0002aa160, 0xc0002aa160, 0x0) github.com/urfave/cli@v1.22.1/app.go:523 +0x11a github.com/urfave/cli.Command.Run(0xa753fb, 0x5, 0x0, 0x0, 0xc0001f05d0, 0x1, 0x1, 0xa97fed, 0x3e, 0x0, ...) github.com/urfave/cli@v1.22.1/command.go:174 +0x56e github.com/urfave/cli.(*App).Run(0xc0001d6000, 0xc00001e070, 0x7, 0x7, 0x0, 0x0) github.com/urfave/cli@v1.22.1/app.go:276 +0x7ae github.com/docker-slim/docker-slim/internal/app/master.runCli() github.com/docker-slim/docker-slim/internal/app/master/cli.go:1321 +0x55 github.com/docker-slim/docker-slim/internal/app/master.Run() github.com/docker-slim/docker-slim/internal/app/master/app.go:6 +0x25 main.main() github.com/docker-slim/docker-slim/cmd/docker-slim/main.go:8 +0x20 make: *** [Makefile:22: images] Error 2

The image is a php-fpm with composer and symfony 5.

[kcq]

@Grepsd thanks for opening this issue! This looks like an IPC-related bug... It crashed because it tried to print an ipc frame metadata and there was no frame... Can you give me a hand with debugging this? If you run docker-slim with the --debug flag (e.g., docker-slim --debug build your-target-image) you should see a number of IPC related messages ("channel.Client.Read() - (MSG)reader.ReadString => err=MSG raw=MSG" and "channel.Client.Read: got raw frame ='MSG'") before the crash.

[Grepsd]

I can't reproduce the bug anymore, i've been moving in my new home and now I can't seem to have the crash anymore.

BUT, I have some errors but they don't seem to block the process :

docker-slim[build]: info=container status=created name=dockerslimk_14574_20200312112739 id=c8866c21d85ab9351eed300bff02668320194bf19fe36ef4a67c7506bb6ffbd5 time="2020-03-12T12:27:39+01:00" level=error msg="channel.Client.Read: read error (read tcp 127.0.0.1:54622->127.0.0.1:32769: read: connection reset by peer), exiting..." time="2020-03-12T12:27:39+01:00" level=error msg="channel.NewCommandClient: channel verify error = read tcp 127.0.0.1:54622->127.0.0.1:32769: read: connection reset by peer"

sudo dist_linux/docker-slim build --include-path /etc/ssl --include-path /usr/share/ca-certificates indexer-php docker-slim[build]: info=http.probe message='using default probe' docker-slim[build]: state=started docker-slim[build]: info=params target=indexer-php continue.mode=probe rt.as.user=true keep.perms=true docker-slim[build]: state=image.inspection.start docker-slim[build]: info=image id=sha256:761c343436ab68ea31830c2a17ccc04bf754f20998c1b75b3f861317d8b0e924 size.bytes=473038913 size.human=473 MB docker-slim[build]: info=image.stack index=0 name='php:7.4-fpm-alpine' id='sha256:014a46b60a9dfb720893f1d7edbb5619ea82036431f0f3be1fb60fbf4a07c5c7' docker-slim[build]: info=image.stack index=1 name='indexer-php:latest' id='sha256:761c343436ab68ea31830c2a17ccc04bf754f20998c1b75b3f861317d8b0e924' docker-slim[build]: info=image.exposed_ports list='9000' docker-slim[build]: state=image.inspection.done docker-slim[build]: state=container.inspection.start docker-slim[build]: info=container status=created name=dockerslimk_14574_20200312112739 id=c8866c21d85ab9351eed300bff02668320194bf19fe36ef4a67c7506bb6ffbd5 time="2020-03-12T12:27:39+01:00" level=error msg="channel.Client.Read: read error (read tcp 127.0.0.1:54622->127.0.0.1:32769: read: connection reset by peer), exiting..." time="2020-03-12T12:27:39+01:00" level=error msg="channel.NewCommandClient: channel verify error = read tcp 127.0.0.1:54622->127.0.0.1:32769: read: connection reset by peer" docker-slim[build]: info=cmd.startmonitor status=sent docker-slim[build]: info=event.startmonitor.done status=received docker-slim[build]: info=container name=dockerslimk_14574_20200312112739 id=c8866c21d85ab9351eed300bff02668320194bf19fe36ef4a67c7506bb6ffbd5 target.port.list=[32770] target.port.info=[9000/tcp => 0.0.0.0:32770] message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER' docker-slim[build]: state=http.probe.starting message='WAIT FOR HTTP PROBE TO FINISH' docker-slim[build]: info=continue.after mode=probe message='no input required, execution will resume when HTTP probing is completed' docker-slim[build]: info=prompt message='waiting for the HTTP probe to finish' docker-slim[build]: state=http.probe.running docker-slim[build]: info=http.probe.ports count=1 targets='32770' docker-slim[build]: info=http.probe.commands count=1 commands='GET /' docker-slim[build]: info=http.probe.call status=error method=GET target=http://127.0.0.1:32770/ attempt=1 error='Get "http://127.0.0.1:32770/": EOF' time=2020-03-12T11:27:56Z docker-slim[build]: info=http.probe.call status=error method=GET target=http://127.0.0.1:32770/ attempt=2 error='Get "http://127.0.0.1:32770/": EOF' time=2020-03-12T11:28:12Z docker-slim[build]: info=http.probe.call status=error method=GET target=http://127.0.0.1:32770/ attempt=3 error='Get "http://127.0.0.1:32770/": EOF' time=2020-03-12T11:28:28Z docker-slim[build]: info=http.probe.call status=error method=GET target=http://127.0.0.1:32770/ attempt=4 error='Get "http://127.0.0.1:32770/": EOF' time=2020-03-12T11:28:44Z docker-slim[build]: info=http.probe.call status=error method=GET target=http://127.0.0.1:32770/ attempt=5 error='Get "http://127.0.0.1:32770/": EOF' time=2020-03-12T11:29:00Z docker-slim[build]: info=http.probe.summary total=5 failures=5 successful=0 docker-slim[build]: state=http.probe.done warning=no.successful.calls docker-slim[build]: info=event message='HTTP probe is done' docker-slim[build]: state=container.inspection.finishing docker-slim[build]: state=container.inspection.artifact.processing docker-slim[build]: state=container.inspection.done docker-slim[build]: state=building message='building optimized image' docker-slim[build]: state=completed docker-slim[build]: info=results status='MINIFIED BY 17.05X [473038913 (473 MB) => 27750663 (28 MB)]' docker-slim[build]: info=results image.name=indexer-php.slim image.size='28 MB' data=true docker-slim[build]: info=results artifacts.location='/home/grepsd/Documents/indexer/dist_linux/.docker-slim-state/images/761c343436ab68ea31830c2a17ccc04bf754f20998c1b75b3f861317d8b0e924/artifacts' docker-slim[build]: info=results artifacts.report=creport.json docker-slim[build]: info=results artifacts.dockerfile.original=Dockerfile.fat docker-slim[build]: info=results artifacts.dockerfile.new=Dockerfile docker-slim[build]: info=results artifacts.seccomp=indexer-php-seccomp.json docker-slim[build]: info=results artifacts.apparmor=indexer-php-apparmor-profile docker-slim[build]: state=done docker-slim[build]: info=version status=OUTDATED local=1.28.0 current=1.28.1 docker-slim[build]: info=message message='Your version of DockerSlim is out of date! Use the "update" command or download the new version from https://dockersl.im/downloads.html' docker-slim[build]: info=report file='slim.report.json'

[kcq]

@Grepsd those reset errors are ok, but i'll take a look to see what can be done to remove that noise :)

[emrekgn]

Hi @kcq ,

I also seem to have a similar error log (signal SIGSEGV: segmentation violation code). This happens for any docker-slim command (x-ray, build, etc.) on our docker image. The image uses ibm-semeru-runtimes:open-11-jre-focal as the base image, if it helps.

This is the first time I'm trying docker-slim, so am I missing something here? And is there any way I can help? Thanks.

Here is my full log:

docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
cmd=build info=param.http.probe message='using default probe' 
cmd=build state=started
cmd=build info=params target='repo.internal.XXX.co/repository/docker-hosted/XXX:latest' continue.mode='probe' rt.as.user='true' keep.perms='true' tags='XXX:latest-slim' target.type='image' 
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:23d7bddbbed102f5bbfa632d5118f7fbdecf2bd287bf63ccb5225c6857f7df63' size.bytes='292382975' size.human='292 MB' 
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x8de6b7]

goroutine 1 [running]:
github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse.deserialiseHealtheckInstruction(0xc00063e0df, 0x98, 0xf60ab6, 0x1, 0x0, 0x1, 0xc00059a860)
    github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse/reverse.go:659 +0x97
github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse.DockerfileFromHistory(0xc0007942d0, 0x7ffe253731d5, 0x49, 0xc00061c448, 0xc00061c448, 0x0)
    github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse/reverse.go:350 +0x1525
github.com/docker-slim/docker-slim/pkg/app/master/inspectors/image.(*Inspector).ProcessCollectedData(0xc0007cc000, 0x4, 0xc000616368)
    github.com/docker-slim/docker-slim/pkg/app/master/inspectors/image/image_inspector.go:289 +0x55
github.com/docker-slim/docker-slim/pkg/app/master/commands/build.OnCommand(0xc00059aa20, 0xc000456300, 0x7ffe253731d5, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    github.com/docker-slim/docker-slim/pkg/app/master/commands/build/handler.go:726 +0x1e3c
github.com/docker-slim/docker-slim/pkg/app/master/commands/build.glob..func1(0xc000188c00, 0x7a, 0x100)
    github.com/docker-slim/docker-slim/pkg/app/master/commands/build/cli.go:636 +0x339d
github.com/urfave/cli/v2.(*Command).Run(0x16dade0, 0xc000716a40, 0x0, 0x0)
    github.com/urfave/cli/v2@v2.3.0/command.go:163 +0x4ed
github.com/urfave/cli/v2.(*App).RunContext(0xc0006a61a0, 0x10dfdc0, 0xc0001a6000, 0xc000184120, 0x6, 0x6, 0x0, 0x0)
    github.com/urfave/cli/v2@v2.3.0/app.go:313 +0x81f
github.com/urfave/cli/v2.(*App).Run(...)
    github.com/urfave/cli/v2@v2.3.0/app.go:224
github.com/docker-slim/docker-slim/pkg/app/master.Run()
    github.com/docker-slim/docker-slim/pkg/app/master/app.go:15 +0x6c
main.main()
    github.com/docker-slim/docker-slim/cmd/docker-slim/main.go:15 +0x54

Ubuntu 20.04 focal Docker version 20.10.13, build a224086 docker-slim version linux|Transformer|1.37.4|2e1992528f556df7e5f91109aef813f0d4488404|2022-02-28_05:50:22AM

[kcq]

@emrekgn the new 1.37.5 release should address the crash you are seeing: https://github.com/docker-slim/docker-slim/releases/tag/1.37.5

[emrekgn]

Hi @kcq, Sorry for the late reply. I finally tried it with the latest release and it works! Thank you so much.

[kcq]

@emrekgn nice!