Skip to content

DNS config corrupted after daemon reload (SIGHUP) - netip.Addr incompatible with copystructure #52057

Closed as duplicate of#52056
#52060
Closed as duplicate of#52056
DNS config corrupted after daemon reload (SIGHUP) - netip.Addr incompatible with copystructure#52057
#52060
Labels
kind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triage
@chlunde

Description

@chlunde
chlunde
opened on Feb 18, 2026

Description

After PR #50600 changed DNSConfig.DNS from []net.IP to []netip.Addr, daemon reload (SIGHUP) corrupts DNS configuration. Containers created after reload get "invalid IP" in their /etc/resolv.conf.

Root Cause:

daemon/reload.go uses copystructure.Copy() to deep-copy the config:

copied, err := copystructure.Copy(daemon.config().Config)

copystructure uses reflection, which cannot access unexported fields. netip.Addr has only unexported fields (addr, z), so copies become zero-valued. Zero netip.Addr returns "invalid IP" from .String().

https://github.com/mitchellh/copystructure/blob/master/copystructure.go#L16

Reproduction:

package main

import (
    "fmt"
    "net/netip"
    "github.com/mitchellh/copystructure"
)

func main() {
    original := []netip.Addr{netip.MustParseAddr("8.8.8.8")}
    copied, _ := copystructure.Copy(original)
    fmt.Printf("Original: %v\n", original)           // [8.8.8.8]
    fmt.Printf("Copied:   %v\n", copied.([]netip.Addr)) // [invalid IP]
}

Affected fields:

  • DNSConfig.DNS
  • DNSConfig.HostGatewayIPs

Proposed Fix:

Register custom copiers for netip types in daemon/config/copystructure.go:

func init() {
    copystructure.Copiers[reflect.TypeOf(netip.Addr{})] = func(v interface{}) (interface{}, error) {
        return v.(netip.Addr), nil
    }
    // Same for netip.Prefix and netip.AddrPort
}

Since netip.Addr is immutable, returning the value as-is is safe.
https://pkg.go.dev/net/netip#Addr

Related:

Reproduce

daemon.json: {  "dns": ["1.1.1.1"] }
$ kill -HUP $docker_pid
$ docker run -it --rm fedora cat /etc/resolv.conf
# Generated by Docker Engine.
# This file can be edited; Docker Engine will not make further changes once it
# has been modified.

nameserver invalid IP

# Based on host file: '/etc/resolv.conf' (legacy)
# Overrides: [nameservers]

Expected behavior

working DNS after reload

docker version

Client:
 Version:           29.2.0
 API version:       1.53
 Go version:        go1.25.6
 Git commit:        0b9d198
 Built:             Mon Jan 26 19:25:13 2026
 OS/Arch:           darwin/arm64
 Context:           desktop-linux

Server: Docker Desktop 4.60.1 (218372)
 Engine:
  Version:          29.2.0
  API version:      1.53 (minimum version 1.44)
  Go version:       go1.25.6
  Git commit:       9c62384
  Built:            Mon Jan 26 19:25:48 2026
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          v2.2.1
  GitCommit:        dea7da592f5d1d2b7755e3a161be07f43fad8f75
 runc:
  Version:          1.3.4
  GitCommit:        v1.3.4-0-gd6d73eb8
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

-

Additional Info

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions