@@ -33,7 +33,7 @@ github.com/imdario/mergo                            1afb36080aec31e0d1528973ebe6

 golang.org/x/sync                                   cd5d95a43a6e21273425c7ae415d3df9ea832eeb

 # buildkit

-github.com/moby/buildkit                            9065b18ba4633c75862befca8188de4338d9f94a # v0.8.2

+github.com/moby/buildkit                            81c2cbd8a418918d62b71e347a00034189eea455 # v0.8.3

 github.com/tonistiigi/fsutil                        0834f99b7b85462efb69b4f571a4fa3ca7da5ac9

 github.com/tonistiigi/units                         6950e57a87eaf136bbe44ef2ec8e75b9e3569de2

 github.com/grpc-ecosystem/grpc-opentracing          8e809c8a86450a29b90dcc9efbf062d0fe6d9746

@@ -406,17 +406,19 @@ func (cc *cacheContext) ChecksumWildcard(ctx context.Context, mountable cache.Mo

 		return digest.FromBytes([]byte{}), nil

 	}

-	if len(wildcards) > 1 {

-		digester := digest.Canonical.Digester()

-		for i, w := range wildcards {

-			if i != 0 {

-				digester.Hash().Write([]byte{0})

-			}

-			digester.Hash().Write([]byte(w.Record.Digest))

+	if len(wildcards) == 1 && path.Base(p) == path.Base(wildcards[0].Path) {

+		return wildcards[0].Record.Digest, nil

+	}

+

+	digester := digest.Canonical.Digester()

+	for i, w := range wildcards {

+		if i != 0 {

+			digester.Hash().Write([]byte{0})

 		}

-		return digester.Digest(), nil

+		digester.Hash().Write([]byte(path.Base(w.Path)))

+		digester.Hash().Write([]byte(w.Record.Digest))

 	}

-	return wildcards[0].Record.Digest, nil

+	return digester.Digest(), nil

 }

 func (cc *cacheContext) Checksum(ctx context.Context, mountable cache.Mountable, p string, followLinks bool, s session.Group) (digest.Digest, error) {

@@ -9,6 +9,7 @@ require (

 	github.com/Microsoft/hcsshim v0.8.10

 	github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect

 	github.com/containerd/console v1.0.1

+	// containerd: the actual version is replaced in replace()

 	github.com/containerd/containerd v1.4.1-0.20201117152358-0edc412565dc

 	github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe

 	github.com/containerd/go-cni v1.0.1

@@ -71,6 +72,11 @@ require (

 )

 replace (

+	// containerd: Forked from 0edc412565dcc6e3d6125ff9e4b009ad4b89c638 (20201117) with:

+	// - `Adjust overlay tests to expect "index=off"`        (#4719, for ease of cherry-picking #5076)

+	// - `overlay: support "userxattr" option (kernel 5.11)` (#5076)

+	// - `docker: avoid concurrent map access panic`         (#4855)

+	github.com/containerd/containerd => github.com/AkihiroSuda/containerd v1.1.1-0.20210312044057-48f85a131bb8

 	// protobuf: corresponds to containerd

 	github.com/golang/protobuf => github.com/golang/protobuf v1.3.5

 	github.com/hashicorp/go-immutable-radix => github.com/tonistiigi/go-immutable-radix v0.0.0-20170803185627-826af9ccf0fe

@@ -69,8 +69,8 @@ func cloneExecOp(old *pb.ExecOp) pb.ExecOp {

 	}

 	n.Meta = &meta

 	n.Mounts = nil

-	for i := range n.Mounts {

-		m := *n.Mounts[i]

+	for i := range old.Mounts {

+		m := *old.Mounts[i]

 		n.Mounts = append(n.Mounts, &m)

 	}

 	return n

@@ -97,6 +97,22 @@ func (e *execOp) CacheMap(ctx context.Context, g session.Group, index int) (*sol

 		}

 	}

+	// Special case for cache compatibility with buggy versions that wrongly

+	// excluded Exec.Mounts: for the default case of one root mount (i.e. RUN

+	// inside a Dockerfile), do not include the mount when generating the cache

+	// map.

+	if len(op.Mounts) == 1 &&

+		op.Mounts[0].Dest == "/" &&

+		op.Mounts[0].Selector == "" &&

+		!op.Mounts[0].Readonly &&

+		op.Mounts[0].MountType == pb.MountType_BIND &&

+		op.Mounts[0].CacheOpt == nil &&

+		op.Mounts[0].SSHOpt == nil &&

+		op.Mounts[0].SecretOpt == nil &&

+		op.Mounts[0].ResultID == "" {

+		op.Mounts = nil

+	}

+

 	dt, err := json.Marshal(struct {

 		Type    string

 		Exec    *pb.ExecOp

@@ -65,7 +65,7 @@ func CopyChain(ctx context.Context, ingester content.Ingester, provider content.

 	handlers := []images.Handler{

 		images.ChildrenHandler(provider),

 		filterHandler,

-		retryhandler.New(remotes.FetchHandler(ingester, &localFetcher{provider}), nil),

+		retryhandler.New(remotes.FetchHandler(ingester, &localFetcher{provider}), func(_ []byte) {}),

 	}

 	if err := images.Dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil {

@@ -101,7 +101,7 @@ func Config(ctx context.Context, str string, resolver remotes.Resolver, cache Co

 	children := childrenConfigHandler(cache, platform)

 	handlers := []images.Handler{

-		retryhandler.New(remotes.FetchHandler(cache, fetcher), nil),

+		retryhandler.New(remotes.FetchHandler(cache, fetcher), func(_ []byte) {}),

 		children,

 	}

 	if err := images.Dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil {

@@ -132,6 +132,7 @@ func (sw *streamWriter) Close() error {

 func LoggerFromContext(ctx context.Context) func([]byte) {

 	return func(dt []byte) {

 		pw, _, _ := progress.FromContext(ctx)

+		defer pw.Close()

 		pw.Write(identity.NewID(), client.VertexLog{

 			Stream: stderr,

 			Data:   []byte(dt),

@@ -9,6 +9,7 @@ import (

 	"time"

 	"github.com/containerd/containerd/images"

+	remoteserrors "github.com/containerd/containerd/remotes/errors"

 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"

 	"github.com/pkg/errors"

 )

@@ -47,6 +48,14 @@ func New(f images.HandlerFunc, logger func([]byte)) images.HandlerFunc {

 }

 func retryError(err error) bool {

+	// Retry on 5xx errors

+	var errUnexpectedStatus remoteserrors.ErrUnexpectedStatus

+	if errors.As(err, &errUnexpectedStatus) &&

+		errUnexpectedStatus.StatusCode >= 500 &&

+		errUnexpectedStatus.StatusCode <= 599 {

+		return true

+	}

+

 	if errors.Is(err, io.EOF) || errors.Is(err, syscall.ECONNRESET) || errors.Is(err, syscall.EPIPE) {

 		return true

 	}