Bug 277432 - iwlwifi panic: Sleeping thread owns a non-sleepable lock (FIXED)
Summary: iwlwifi panic: Sleeping thread owns a non-sleepable lock (FIXED)
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: wireless (show other bugs)
Version: 13.3-RELEASE
Hardware: amd64 Any
: --- Affects Only Me
Assignee: freebsd-wireless (Nobody)
URL:
Keywords: crash
Depends on:
Blocks: iwlwifi
  Show dependency treegraph
 
Reported: 2024-03-02 10:35 UTC by weiss
Modified: 2025-05-25 20:36 UTC (History)
6 users (show)

See Also:

Attachments
backtrace w/ dmesg (18.57 KB, text/plain)
2024-05-04 15:10 UTC, Son Phan Trung 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description weiss 2024-03-02 10:35:46 UTC 
FreeBSD  13.3-RC1 FreeBSD 13.3-RC1 releng/13.3-n257425-8997b0270dae GENERIC amd64

with 13.2 userland, wireless WPA2-PSK, 
Mar  2 10:13:14 laptop kernel: iwlwifi0: <iwlwifi> mem 0xec000000-0xec001fff irq 18 at device 0.0 on pci2
Mar  2 10:13:14 laptop kernel: iwlwifi0: Detected crf-id 0xbadcafe, cnv-id 0x10 wfpm id 0x80000000
Mar  2 10:13:14 laptop kernel: iwlwifi0: PCI dev 24fd/0050, rev=0x230, rfid=0xd55555d5
Mar  2 10:13:14 laptop kernel: iwlwifi0: successfully loaded firmware image 'iwlwifi-8265-36.ucode'
Mar  2 10:13:14 laptop kernel: iwlwifi0: loaded firmware version 36.ca7b901d.0 8265-36.ucode op_mode iwlmvm
Mar  2 10:13:14 laptop kernel: iwlwifi0: Detected Intel(R) Dual Band Wireless AC 8265, REV=0x230
Mar  2 10:13:14 laptop kernel: iwlwifi0: base HW address: 24:ee:9a:b6:36:ea, OTP minor version: 0x0
u

after about an hour of usage I got this panic:


Mar  2 11:09:10 laptop kernel: iwlwifi0: linuxkpi_ieee80211_connection_loss: vif 0xfffffe0093b72e80 vap 0xfffffe0093b72010 state RUN
Mar  2 11:09:10 laptop kernel: wlan0: link state changed to DOWN
Mar  2 11:09:10 laptop wpa_supplicant[350]: wlan0: CTRL-EVENT-DISCONNECTED bssid=a0:f3:c1:74:98:ec reason=0
Mar  2 11:09:10 laptop wpa_supplicant[350]: ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Can't assign requested address
Mar  2 11:09:10 laptop kernel: iwlwifi0: Couldn't drain frames for staid 0, status 0x8
Mar  2 11:09:10 laptop kernel: iwlwifi0: lkpi_sta_run_to_init:2173: mo_sta_state(NOTEXIST) failed: -5
Mar  2 11:09:10 laptop kernel: iwlwifi0: lkpi_iv_newstate: error -5 during state transition 5 (RUN) -> 0 (INIT)
Mar  2 11:09:11 laptop kernel: iwlwifi0: lkpi_sta_scan_to_auth:1033: lvif 0xfffffe0093b72000 vap 0xfffffe0093b72010 iv_bss 0xfffffe00d21f9000 lvif_bss 0xfffff8000715c
800 lvif_bss->ni 0xfffffe00cafe2000 synched 0
Mar  2 11:09:11 laptop kernel: iwlwifi0: lkpi_iv_newstate: error 16 during state transition 1 (SCAN) -> 2 (AUTH)
Mar  2 11:10:00 laptop syslogd: kernel boot file is /boot/kernel/kernel
Mar  2 11:10:00 laptop kernel: Sleeping thread (tid 100876, pid 0) owns a non-sleepable lock
Mar  2 11:10:00 laptop kernel: KDB: stack backtrace of thread 100876:
Mar  2 11:10:00 laptop kernel: #0 0xffffffff80c11dbf at mi_switch+0xbf
Mar  2 11:10:00 laptop kernel: #1 0xffffffff80c11520 at _sleep+0x1f0
Mar  2 11:10:00 laptop kernel: #2 0xffffffff80c67151 at taskqueue_thread_loop+0xb1
Mar  2 11:10:00 laptop kernel: #3 0xffffffff80bc094d at fork_exit+0x7d
Mar  2 11:10:00 laptop kernel: #4 0xffffffff8109ab9e at fork_trampoline+0xe
Mar  2 11:10:00 laptop kernel: panic: sleeping thread
Mar  2 11:10:00 laptop kernel: cpuid = 1
Mar  2 11:10:00 laptop kernel: time = 1709374162
Mar  2 11:10:00 laptop kernel: KDB: stack backtrace:
Mar  2 11:10:00 laptop kernel: #0 0xffffffff80c514c5 at kdb_backtrace+0x65
Mar  2 11:10:00 laptop kernel: #1 0xffffffff80c04e22 at vpanic+0x152
Mar  2 11:10:00 laptop kernel: #2 0xffffffff80c04cc3 at panic+0x43
Mar  2 11:10:00 laptop kernel: #3 0xffffffff80c69673 at propagate_priority+0x293
Mar  2 11:10:00 laptop kernel: #4 0xffffffff80c6a1c4 at turnstile_wait+0x314
Mar  2 11:10:00 laptop kernel: #5 0xffffffff80be1bbb at __mtx_lock_sleep+0x17b
Mar  2 11:10:00 laptop kernel: #6 0xffffffff80e58960 at linuxkpi_ieee80211_find_sta+0xd0
Mar  2 11:10:00 laptop kernel: #7 0xffffffff80e58a0f at linuxkpi_ieee80211_find_sta_by_ifaddr+0x7f
Mar  2 11:10:00 laptop kernel: #8 0xffffffff831312b8 at iwl_mvm_rx_rx_mpdu+0x1e8
Mar  2 11:10:00 laptop kernel: #9 0xffffffff8315eeb4 at iwl_pcie_rx_handle+0x444
Mar  2 11:10:00 laptop kernel: #10 0xffffffff8315e78d at iwl_pcie_napi_poll+0x2d
Mar  2 11:10:00 laptop kernel: #11 0xffffffff80e674cf at lkpi_napi_task+0xf
Mar  2 11:10:00 laptop kernel: #12 0xffffffff80c65ed2 at taskqueue_run_locked+0x182
Mar  2 11:10:00 laptop kernel: #13 0xffffffff80c67162 at taskqueue_thread_loop+0xc2
Mar  2 11:10:00 laptop kernel: #14 0xffffffff80bc094d at fork_exit+0x7d
Mar  2 11:10:00 laptop kernel: #15 0xffffffff8109ab9e at fork_trampoline+0xe
Mar  2 11:10:00 laptop kernel: Uptime: 56m26s
Comment 1 Bjoern A. Zeeb freebsd_committer freebsd_triage 2024-03-02 10:53:36 UTC 
I believe the first half of the problem is a duplicate of PR 275255 with a more recent incarnation after other changes.
It seems that for the "older" iwlwifi (FW) API something else we do already removes the station from the firmware and so when we try to explicitly do it we get an error;  from there on state is out of sync and follow-up errors happen.


The second half seems (locking) could be an issue and shouldn't happen, but I wonder as-to how much that is also an error recovery path or due to out-of-sync something (in net80211) happened which shouldn't.  That part will need separate investigation.
Comment 2 Son Phan Trung 2024-05-04 15:10:20 UTC 
Created attachment 250369 [details]
backtrace w/ dmesg

Hi, I also got the error (similar), and I'd like to provide some backtrace to the crash. I got the error on boot, after failing to connect. Using stable/14-n267603-7b082bdf72e6
`
Comment 3 zhang feng 2024-11-24 08:00:52 UTC 
I got the similar panic at 14.1.

FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64

/var/log/messages:
Nov 23 17:39:00 zfeng wpa_supplicant[340]: wlan0: CTRL-EVENT-DISCONNECTED bssid=c4:48:fa:4d:92:c0 reason=0
Nov 23 17:39:00 zfeng kernel: iwlwifi0: linuxkpi_ieee80211_connection_loss: vif 0xfffffe0110c46e80 vap 0xfffffe0110c46010 state RUN
Nov 23 17:39:00 zfeng kernel: wlan0: link state changed to DOWN
Nov 23 17:39:00 zfeng wpa_supplicant[340]: ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Can't assign requested address
Nov 23 17:39:01 zfeng kernel: iwlwifi0: Couldn't drain frames for staid 0, status 0x8
Nov 23 17:39:01 zfeng kernel: iwlwifi0: lkpi_sta_run_to_init:2310: mo_sta_state(NOTEXIST) failed: -5
Nov 23 17:39:01 zfeng kernel: iwlwifi0: lkpi_iv_newstate: error -5 during state transition 5 (RUN) -> 0 (INIT)
Nov 23 17:39:02 zfeng wpa_supplicant[340]: wlan0: Trying to associate with c4:48:fa:4d:92:c0 (SSID='ChinaNet-007' freq=2412 MHz)
Nov 23 17:39:02 zfeng kernel: iwlwifi0: lkpi_sta_scan_to_auth:1131: lvif 0xfffffe0110c46000 vap 0xfffffe0110c46010 iv_bss 0xfffffe010eb9e000 lvif_bss 0xfffff8000b211800 lvif_bss->ni 0xfffffe010eabe000 synched 0
Nov 23 17:39:02 zfeng kernel: iwlwifi0: lkpi_iv_newstate: error 16 during state transition 1 (SCAN) -> 2 (AUTH)
Nov 23 17:40:14 zfeng syslogd: kernel boot file is /boot/kernel/kernel
Nov 23 17:40:14 zfeng kernel: Sleeping thread (tid 100866, pid 0) owns a non-sleepable lock
Nov 23 17:40:14 zfeng kernel: KDB: stack backtrace of thread 100866:
Nov 23 17:40:14 zfeng kernel: #0 0xffffffff80b3faab at mi_switch+0xbb
Nov 23 17:40:14 zfeng kernel: #1 0xffffffff80b3f228 at _sleep+0x1e8
Nov 23 17:40:14 zfeng kernel: #2 0xffffffff80b96341 at taskqueue_thread_loop+0xb1
Nov 23 17:40:14 zfeng kernel: #3 0xffffffff80aecd1f at fork_exit+0x7f
Nov 23 17:40:14 zfeng kernel: #4 0xffffffff80fd7aae at fork_trampoline+0xe
Nov 23 17:40:14 zfeng kernel: panic: sleeping thread
Nov 23 17:40:14 zfeng kernel: cpuid = 0
Nov 23 17:40:14 zfeng kernel: time = 1732354742
Nov 23 17:40:14 zfeng kernel: KDB: stack backtrace:
Nov 23 17:40:14 zfeng kernel: #0 0xffffffff80b7fbfd at kdb_backtrace+0x5d
Nov 23 17:40:14 zfeng kernel: #1 0xffffffff80b32961 at vpanic+0x131
Nov 23 17:40:14 zfeng kernel: #2 0xffffffff80b32823 at panic+0x43
Nov 23 17:40:14 zfeng kernel: #3 0xffffffff80b9861e at propagate_priority+0x29e
Nov 23 17:40:14 zfeng kernel: #4 0xffffffff80b99151 at turnstile_wait+0x301
Nov 23 17:40:14 zfeng kernel: #5 0xffffffff80b0ef05 at __mtx_lock_sleep+0x175
Nov 23 17:40:14 zfeng kernel: #6 0xffffffff80d93dd0 at linuxkpi_ieee80211_find_sta+0xd0
Nov 23 17:40:14 zfeng kernel: #7 0xffffffff80d93e6f at linuxkpi_ieee80211_find_sta_by_ifaddr+0x6f
Nov 23 17:40:14 zfeng kernel: #8 0xffffffff83abaadc at iwl_mvm_rx_mpdu_mq+0x41c
Nov 23 17:40:14 zfeng kernel: #9 0xffffffff83ae61a5 at iwl_pcie_rx_handle+0x485
Nov 23 17:40:14 zfeng kernel: #10 0xffffffff83ae5c00 at iwl_pcie_napi_poll_msix+0x30
Nov 23 17:40:14 zfeng kernel: #11 0xfsleepinuxkpifffffff80da281f at lkpi_napi_task+0xf
Nov 23 17:40:14 zfeng kernel: #12 0xffffffff80b950d2 at taskqueue_run_locked+0x182
Nov 23 17:40:14 zfeng kernel: #13 0xffffffff80b96352 at taskqueue_thread_loop+0xc2
Nov 23 17:40:14 zfeng kernel: #14 0xffffffff80aecd1f at fork_exit+0x7f
Nov 23 17:40:14 zfeng kernel: #15 0xffffffff80fd7aae at fork_trampoline+0xe
Nov 23 17:40:14 zfeng kernel: Uptime: 1h52m55s
Comment 4 Bjoern A. Zeeb freebsd_committer freebsd_triage 2025-04-11 23:15:16 UTC 
This was likely fixed by:
https://cgit.FreeBSD.org/src/commit/?id=a8f735a66130aa737999fad9b3246159099dc9eb (main)
https://cgit.FreeBSD.org/src/commit/?id=8468f05ff74d84d9f4f9094bf42f7356a9ac6045 (stable/14)

Can you by any chance test this on a newer version than 13.3 or 14.1?

Otherwise I would close this until it happens again.
Comment 5 Bjoern A. Zeeb freebsd_committer freebsd_triage 2025-05-25 20:36:09 UTC 
Hi,
assuming the problem went away.  No feedback the last month.  If the problem persists with FreeBSd 14.3-RELEASE (BETA/RC, stable/14, or main) please feel free to re-open.