Update of python3.11 image from bullseye to bookworm broke azure-cognitiveservices-speech package

[msehnout]

Hello,

I'm not sure if this is an issue in the package or the underlying container image, but the recent update of Python3.11 image broke the package completely and it is impossible to run the speech recognizer. There is an issue created in the Github repo of the project: Azure-Samples/cognitive-services-speech-sdk#1986

The error is not very helpful, just a list of .so files:

RuntimeError: Exception with error code: 
[CALL STACK BEGIN]

/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1d2181) [0x7f7bfefd2181]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1ef2c1) [0x7f7bfefef2c1]
/lib/x86_64-linux-gnu/libc.so.6(+0x8de37) [0x7f7c08b75e37]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1f034e) [0x7f7bfeff034e]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1a6d3b) [0x7f7bfefa6d3b]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1a65e7) [0x7f7bfefa65e7]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1d9654) [0x7f7bfefd9654]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1b3d6a) [0x7f7bfefb3d6a]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1c47fa) [0x7f7bfefc47fa]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0xe9b41) [0x7f7bfeee9b41]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1d9654) [0x7f7bfefd9654]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1bc453) [0x7f7bfefbc453]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(+0x1fd4be) [0x7f7bfeffd4be]
/usr/local/lib/python3.11/site-packages/azure/cognitiveservices/speech/libMicrosoft.CognitiveServices.Speech.core.so(synthesizer_create_speech_synthesizer_from_config+0xf3) [0x7f7bfeea1bd8]
/lib/x86_64-linux-gnu/libffi.so.8(+0x6f7a) [0x7f7c08112f7a]
/lib/x86_64-linux-gnu/libffi.so.8(+0x640e) [0x7f7c0811240e]
/lib/x86_64-linux-gnu/libffi.so.8(ffi_call+0xcd) [0x7f7c08112b0d]
[CALL STACK END]

Runtime error: Failed to initialize platform (azure-c-shared). Error: 2153

Rollback to an older version seems to help.

[behnam354]

Running into similar issues with python:3.9-slim image. As pointed out in the azure's cognitive-services-speech-sdk issue here, azure's sdk doesn't support OpenSSL-3 which is the default in Deb 12 that the latest python images are based on.
The possible workarounds could be to

1. pin the docker image to an older python docker using its digest info (which I successfully confirmed); or
2. downgrade the OpenSSL to 1.x (which I haven't confirmed but seems to be an approach discussed on the azure Github issue).

[yosifkit]

Same comment as #835 (comment), although I am unsure if azure-cognitiveservices-speech in your environment is hitting any libseccomp issues or just the OpenSSL version change.

---

From #837 (comment):

I'd suggest updating docker and libseccomp on the host. Newer base OS's use newer system calls and an older libseccomp can block them since they are unknown to it. You can verify that it is libseccomp by running the bookworm image with --security-opt seccomp=unconfined.

This is similar to the update to Ubuntu focal: docker-library/mongo#606 (comment)

If you are having issues with the new bookworm based images, then switching to the *-bullseye images is one possible workaround.

Similar to #836 and #837

[yosifkit]

Closing for now. Solution seems to be to use the bullseye images.