(HTTP code 500) server error - hcsshim::ActivateLayer failed in Win32: The process cannot access the file because it is being used by another process. (0x20) #2553
Description
Describe the bug
I want to run windows docker container(--isolation=process) and first time it run just fine but when I rerun it it will report this error
(HTTP code 500) server error - hcsshim::ActivateLayer failed in Win32: The process cannot access the file because it is being used by another process. (0x20)
All fine with --isolation=hyperv
To Reproduce
- docker run -it --isolation=process --name hello-world hello-world:latest
- docker start -i hello-world
- container don't start
Expected behavior
container will start
Configuration:
docker version
Client:
Version: 28.5.1
API version: 1.51
Go version: go1.24.8
Git commit: e180ab8
Built: Wed Oct 8 12:19:16 2025
OS/Arch: windows/amd64
Context: desktop-windows
Server: Docker Desktop 4.50.0 (209931)
Engine:
Version: 28.5.1
API version: 1.51 (minimum version 1.24)
Go version: go1.24.8
Git commit: f8215cc
Built: Wed Oct 8 12:16:52 2025
OS/Arch: windows/amd64
Experimental: falsedocker info
Client:
Version: 28.5.1
Context: desktop-windows
Debug Mode: false
Plugins:
ai: Docker AI Agent - Ask Gordon (Docker Inc.)
Version: v1.9.11
Path: C:\Program Files\Docker\cli-plugins\docker-ai.exe
buildx: Docker Buildx (Docker Inc.)
Version: v0.29.1-desktop.1
Path: C:\Program Files\Docker\cli-plugins\docker-buildx.exe
compose: Docker Compose (Docker Inc.)
Version: v2.40.3-desktop.1
Path: C:\Program Files\Docker\cli-plugins\docker-compose.exe
debug: Get a shell into any image or container (Docker Inc.)
Version: 0.0.45
Path: C:\Program Files\Docker\cli-plugins\docker-debug.exe
desktop: Docker Desktop commands (Docker Inc.)
Version: v0.2.0
Path: C:\Program Files\Docker\cli-plugins\docker-desktop.exe
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.31
Path: C:\Program Files\Docker\cli-plugins\docker-extension.exe
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v1.4.0
Path: C:\Program Files\Docker\cli-plugins\docker-init.exe
mcp: Docker MCP Plugin (Docker Inc.)
Version: v0.25.0
Path: C:\Program Files\Docker\cli-plugins\docker-mcp.exe
model: Docker Model Runner (Docker Inc.)
Version: v0.1.46
Path: C:\Program Files\Docker\cli-plugins\docker-model.exe
offload: Docker Offload (Docker Inc.)
Version: v0.5.10
Path: C:\Program Files\Docker\cli-plugins\docker-offload.exe
sandbox: Docker Sandbox (Docker Inc.)
Version: v0.5.0
Path: C:\Program Files\Docker\cli-plugins\docker-sandbox.exe
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: C:\Program Files\Docker\cli-plugins\docker-sbom.exe
scout: Docker Scout (Docker Inc.)
Version: v1.18.3
Path: C:\Program Files\Docker\cli-plugins\docker-scout.exe
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 1
Server Version: 28.5.1
Storage Driver: windowsfilter
Windows:
Logging Driver: json-file
Plugins:
Volume: local
Network: ics internal l2bridge l2tunnel nat null overlay private transparent
Log: awslogs etwlogs fluentd gcplogs gelf json-file local splunk syslog
CDI spec directories:
/etc/cdi
/var/run/cdi
Swarm: inactive
Default Isolation: hyperv
Kernel Version: 10.0 26200 (26100.1.amd64fre.ge_release.240331-1435)
Operating System: Microsoft Windows Version 24H2 (OS Build 26200.5622)
OSType: windows
Architecture: x86_64
CPUs: 32
Total Memory: 55.65GiB
Name: DESKTOP-04AV7JL
ID: 56ff010a-fc8e-4dad-a922-3921a3981575
Docker Root Dir: C:\ProgramData\Docker
Debug Mode: false
Labels:
com.docker.desktop.address=npipe://\\.\pipe\docker_cli
Experimental: false
Insecure Registries:
::1/128
127.0.0.0/8
Live Restore Enabled: false
Product License: Community EngineAdditional context
OS: windows 11 25H2
Clean install of windows + docker desktop
AMD drivers Adrenalin 25.10.2 from 2025-10-29 (whql-amd-software-adrenalin-edition-25.10.2-win10-win11-oct-rdna3.exe)
Asus Z13 with AMD 395+ MAX + Radeon 8060
I did spend like one week to find out what is source of this problem. As I can't reporoduce this with clean install in virtual machine. When I install windows 11 (us eng iso) + drivers + updates + docker desktop on my Asus Z13 I started to have this error.
So I did install windows(us eng iso) on Asus Z13 but I disabled windows update with blackisting windows update in hosts
0.0.0.0 *.download.windowsupdate.com
0.0.0.0 *.microsoft.com
0.0.0.0 *.update.microsoft.com
0.0.0.0 *.windowsupdate.com
0.0.0.0 *.windowsupdate.microsoft.com
0.0.0.0 download.microsoft.com
0.0.0.0 download.windowsupdate.com
0.0.0.0 ntservicepack.microsoft.com
0.0.0.0 test.stats.update.microsoft.com
0.0.0.0 windowsupdate.microsoft.com
0.0.0.0 wustat.windows.com
0.0.0.0 tlu.dl.delivery.mp.microsoft.com
0.0.0.0 cp801.prod.do.dsp.mp.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 geo.prod.do.dsp.mp.microsoft.com
0.0.0.0 fe3cr.delivery.mp.microsoft.com
0.0.0.0 kv801.prod.do.dsp.mp.microsoft.com
0.0.0.0 msedge.b.tlu.dl.delivery.mp.microsoft.com
And I was finnaly able to run docker image without problem. So I installed driver by driver on this clean Windows and I found that when I install AMD drivers I will start to get this error.
And it really is. When I disable AMD gfx in Device manager all works fine :)
And I also found that when I install McAfee and
when I enable real time virus detection all works fine
when I disable real time virus detection "hcsshim::ActivateLayer failed in Win32..."
Tested on
AMD 395+ MAX + Radeon 8060(RDNA3.5) error
intel 9700K CPU + RX 5500 XT(RDNA1) no problem
intel CPU + intel GPU no problem
AMD 9950x + iGPU(RDNA2) no problem
intel 9700K + AMD Radeon RX 9060(RDNA4) error
time="2025-11-06T22:28:41.383924200+01:00" level=info msg="sending event" container=95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 event=create module=libcontainerd
time="2025-11-06T22:28:41.422088400+01:00" level=info msg="sending event" container=95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 event=start event-info="{95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 14160 0 0001-01-01 00:00:00 +0000 UTC <nil>}" module=libcontainerd
time="2025-11-06T22:28:41.441121000+01:00" level=info msg="sending event" container=95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 event=exit event-info="{95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 14160 0 2025-11-06 22:28:41.441121 +0100 CET m=+228.522013501 <nil>}" module=libcontainerd
time="2025-11-06T22:28:41.810994200+01:00" level=error msg="error unmounting container" container=95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 error="hcsshim::UnprepareLayer failed in Win32: Do not detach the filter from the volume at this time. (0x801f0010)"
time="2025-11-06T22:28:41.820062900+01:00" level=error msg="Error setting up exec command in container 95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046: container 95a5174cba3696f2ea327704ad81ae68c82be4cd8ae4253b2d9f04534ccbe046 is not running"
Bug report on docker
docker/for-win#14977