Bug 212332

Summary: panic with Sleeping thread owns a non-sleepable lock from uipc_send
Product: Base System Reporter: Markus Wild <freebsd-bugs>
Component: kernAssignee: freebsd-threads (Nobody) <threads>
Status: Closed Overcome By Events    
Severity: Affects Only Me CC: markj
Priority: ---    
Version: 11.0-STABLE   
Hardware: amd64   
OS: Any   

Description Markus Wild 2016-09-02 14:15:18 UTC 
I've had multiple panics recently with 11, where I did get a kernel dump stored, but where kgdb complains about a corrupt stack:

kgdb /boot/kernel/kernel /var/crash/vmcore.0
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...(no debugging symbols found)...
Attempt to extract a component of a value that is not a structure pointer.
Attempt to extract a component of a value that is not a structure pointer.
#0  0xffffffff80ad6e1f in doadump ()
(kgdb) bt
#0  0xffffffff80ad6e1f in doadump ()
#1  0xffffffff80ad6e48 in doadump ()
#2  0xfffffe0841422490 in ?? ()
#3  0xffffffff80ad6ab9 in kern_reboot ()
Previous frame identical to this frame (corrupt stack?)


The dmesg output is more helpful:
Sleeping thread (tid 101191, pid 1063) owns a non-sleepable lock
KDB: stack backtrace of thread 101191:
#0 0xffffffff80ae23a2 at mi_switch+0xd2
#1 0xffffffff80b301f7 at sleepq_catch_signals+0xb7
#2 0xffffffff80b308b4 at sleepq_timedwait_sig+0x14
#3 0xffffffff80a645b4 at _cv_timedwait_sig_sbt+0x1c4
#4 0xffffffff80b40c67 at seltdwait+0xc7
#5 0xffffffff80b40759 at kern_select+0x979
#6 0xffffffff80b40b94 at sys_select+0x54
#7 0xffffffff80fa06b8 at amd64_syscall+0x4d8
#8 0xffffffff80f82c9b at Xfast_syscall+0xfb
panic: sleeping thread
cpuid = 11
KDB: stack backtrace:
#0 0xffffffff80b220c7 at kdb_backtrace+0x67
#1 0xffffffff80ad7032 at vpanic+0x182
#2 0xffffffff80ad6ea3 at panic+0x43
#3 0xffffffff80b37ac9 at propagate_priority+0x299
#4 0xffffffff80b385cf at turnstile_wait+0x3ef
#5 0xffffffff80ab24bd at __mtx_lock_sleep+0x13d
#6 0xffffffff80b41a92 at doselwakeup+0x162
#7 0xffffffff80b6cd6e at sowakeup+0x1e
#8 0xffffffff80b7f18a at uipc_send+0xe3a
#9 0xffffffff80b71be7 at sosend_generic+0x5e7
#10 0xffffffff80b49b59 at soo_write+0x49
#11 0xffffffff80b3f307 at dofilewrite+0x87
#12 0xffffffff80b3efe8 at kern_writev+0x68
#13 0xffffffff80b3f256 at sys_writev+0x36
#14 0xffffffff80fa06b8 at amd64_syscall+0x4d8
#15 0xffffffff80f82c9b at Xfast_syscall+0xfb

This system is current to 11-stable as of today:
At revision 305285.

System is used as Xorg workstation, using Linux emulation (specifically skype client with /proc and /sys filesystems). 
If I can extract further data from the kernel dump than what kgdb reports, please let me know. Using the ports kgdb 
doesn't yield more details, either:

kgdb7111 /boot/kernel/kernel /var/crash/vmcore.0 
GNU gdb (GDB) 7.11.1 [GDB v7.11.1 for FreeBSD]
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd11.0".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /boot/kernel/kernel...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/linprocfs.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/linux_common.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/linsysfs.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/zfs.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/opensolaris.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/linux.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/coretemp.ko...(no debugging symbols found)...done.
Reading symbols from /boot/modules/nvidia.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/sem.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/tmpfs.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/ums.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/uhid.ko...(no debugging symbols found)...done.
Reading symbols from /boot/modules/vboxdrv.ko...(no debugging symbols found)...done.
Reading symbols from /boot/modules/vboxnetflt.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/netgraph.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/ng_ether.ko...(no debugging symbols found)...done.
Reading symbols from /boot/modules/vboxnetadp.ko...(no debugging symbols found)...done.
Reading symbols from /boot/kernel/linux64.ko...(no debugging symbols found)...done.
0xffffffff80ad6e1f in doadump ()
(kgdb) bt
#0  0xffffffff80ad6e1f in doadump ()
#1  0xffffffff80ad6e48 in doadump ()
#2  0xfffffe0841422490 in ?? ()
#3  0xffffffff80ad6ab9 in kern_reboot ()
Backtrace stopped: frame did not save the PC



Kind regards,
Markus
Comment 1 Mark Johnston freebsd_committer freebsd_triage 2024-01-29 19:01:59 UTC 
I'm sorry that this didn't get any attention when it was reported.  The unix domain socket code has changed quite a lot since then and there haven't been any reports of similar panics on newer FreeBSD versions.  Please re-open the bug if this panic still occurs on supported releases, i.e., 13.x or 14.x.