Latest Node 18 bookworm based image does not start but bullseye works

[msonowal]

Environment

• Platform: Ubuntu 22.04
• Docker Version: Docker version 19.03.2, build 6a30dfc
• Node.js Version: 18
• Image Tag: node:18

Expected Behavior

It should start the interactive shell successfully

Current Behavior

it throws error below

node[1]: ../src/node_platform.cc:68:std::unique_ptr<long unsigned int> node::WorkerThreadsTaskRunner::DelayedTaskScheduler::Start(): Assertion `(0) == (uv_thread_create(t.get(), start_thread, this))' failed.

See screenshot where first part shows error but the second execution works fine

Possible Solution

No idea

Steps to Reproduce

docker run -it node:18 /bin/sh

See errors

But if you run docker run -it node:18-bullseye /bin/sh it successfully launches

Additional Information

[yosifkit]

Sounds the same as #1931 and docker-library/python#837 (comment). TL;DR: update libseccomp, Docker, and runc on the host.

[sergei-lobanov]

Any plans to fix it? Its broken since July or mb earlie

[yosifkit]

Any plans to fix it? Its broken since July or mb earlie

There is nothing that can be fixed from the image. The two solutions from my link above: use the -bullseye images, or update libseccomp and docker on the host running the containers.

---

Root cause: it is Docker with libseccomp. Newer syscalls used in Debian Bookworm packages/libs are being blocked.

libseccomp lets you configure allowed syscalls for a process. Docker sets a default seccomp profile for all containers such that only certain syscalls are allowed and everything else is blocked (so, newer syscalls that are not yet known to libseccomp or docker are blocked).