SOCD report detected: (AP watchdog expired)

Just to add another datapoint, here is my system setup:

• Mac Mini (M1 2020)
• 16 GB memory
• 256 GB storage
• Big Sur 11.4
• Received just 6 days ago and used Migration Assistant to migrate from an iMac 2020 (Intel) running Mojave.
• So far, the computer has only crashed overnight while asleep, not while I was using it; it's now happened two nights in a row.
• Peripherals:
  • HDMI: Main monitor
  • USB-C (1): Second monitor via HDMI plugged into USB-C hub (not powered)
  • USB-C (2): Elgato Cam Link 4K via USB 3 -> USB-C adapter
  • USB 3.0 (1): Powered USB 3.0 hub
  • USB 3.0 (2): [Nothing]
  • Ethernet cable (because in addition to crashing for no reason, this computer also has unforgivably bad wifi)

I just removed the unpowered USB-C hub that I was using to connect my second monitor via HDMI and instead plugged that monitor into its own USB-C adapter. Let's see if that works. I'm not exactly hopeful...

I can add my specs, not that it's terribly useful either.

• Mac mini (M1 2020)
• 16 GB memory
• 256 GB storage
• Big Sur 11.4
• Never migrated from anything, but activated with an iCloud account that had 30-50GB of crap in iCloud Drive folders synced to the desktop
• Peripherals:
  • HDMI: Main monitor (LG 24U58-B, EDID identical to the 27" model, so both claim to be 27")
  • USB-C 1: Second monitor via DisplayPort to USB-C cable (Dell P2414H)
  • USB-C 2: Sabrent EC-T3NS equipped with a Samsung 980 Pro 1TB M.2 SSD
  • USB 3.0 1: Powered USB 3.0 hub, which also has both an unpowered USB 3.0 switchable hub and the P2414H's USB 2.0 hub plugged into it
  • USB 3.0 2: Apple SuperDrive that Apple stopped identifying the model name of thanks to System Integrity Protection (It used to come up with the correct name on Intel Macs when it was plugged in prior to booting.)
  • Ethernet cable (I always use Ethernet with desktops anyway. But not only is the WiFi unforgivably bad, so is the Bluetooth!)

Returned my M1 Mac mini yesterday (16GB, 1TB SSD). I had to put up a fuss to get Apple to take it back as I got it in April but have had many issues, received one replacement and didn't want a second replacement.

Issues:

• random reboots, SOCD
• rapid battery drain on magic keyboard and trackpad (1-2 days full to empty)
• USB devices go missing on each reboot, requiring the cable to be removed and replugged
• TimeMachine backup drive (connection Thunderbolt to Firewire with genuine Apple cables) randomly gets kicked offline and marked read-only, sometimes requiring it to be re-initialized.
• Occasional screen flicker that can take several powers off/on to remedy

Many, many hours on the phone with Apple truing to sort this out. I finally gave up.

I do not recommend the M1 Mac Mini at the present time.

From what I read on the Apple site that d3cbgf linked in his post and from what is written in the panic log file, I don‘t think this issue is a kernel panic (KP) of macOS. In case of a kernel panic we would have seen a typical function call backtrace of the kernel in the panic log, but we don‘t see this here.

It looks more that the secure enclave processor or the application processor (they both work close together on the SoC) have a kind of „panic“. As Apple it self points out in the linked site these are two processors that are completely independent from the CPU processors (ARM) where macOS and the kernel is running on. On the SoC runs its own operating system called sepOS and I think this OS have a „panic“ for whatever reason.

They point out a few „reset“ events when SoC needs to restart (and maybe macOS too, since secure enclave seems very important for its security), but it could be not all "reset" reasons are mentioned on the linked site. These are the mentioned „reset“ reasons as far as I understand them:

• a Signature failure during booting of sepOS
• Power and clock monitors of SoC detect an illegal operating point of voltage or frequency 
• Memory Protection Engine in SoC detect an memory authentication error

I found the mentioned power and clock monitors interesting that supervise the voltage and frequency of the SoC to prevent external attacks of the SoC. I wonder if some external USB devices, like the very often by users here reported connected external USB devices, could have a negative impact to the voltage of the power rail and if the power monitor misinterprets this as an external attack and trigger this reset? But without any schematics and an expert expert analysing them, we will not know this.

Could be also a bug in sepOS that leads to this also mentioned memory authentication error or there is a bug in the way macOS communicate with the SoC over the I2C bus that leads to this memory authentication error? In the end I have no idea what the reason(or reasons) is that is causing this SoC reset.

Only the vendor can analyse this issue deeper and find the exact reason and hopefully will fix it.

Yes, I've actually resolved the issue on my machine!

I first tried the advice of @d3cbgf a bit back in this thread:

csrutil disable
bputil -nkcas

after which I didn't see the crash for a few days (It's quite likely that this fixed the problem).

However, since I don't want to run my system without this protection (NOT recommended!), I decided to reinstall OS X (On a second volume). Importantly, I didn't enable FileVault on the new volume, and I think this is the "fix" / workaround.

I then tediously reinstalled my applications one by one, to see if any of them caused the crash to start appearing. I'm now running almost everything I did before the reinstall, and I haven't had any system crash for 2 months.

I think the solution was one of the following:

1. Not enabling FileVault on the volume (At this point, I don't want to try enabling it)
2. Not installing any kernel extensions (I had OS X Fuse and perhaps one more kext)

Good luck!

BTW, Please let me know your findings, maybe I can start using FileVault again if that isn't the problem...

Although it may not be relevant, I had the same problem with iPhone 12 (iOS 14.6). It happened at 2 a.m. while charging, while I was sleeping. When I woke up I found that the iPhone had restarted. There wasn't any hard drive connected, just the charger.

I have another thing to check: WiFi, I've recently switched from using only Wifi to using only Ethernet. My system has been utterly stable since.

Also, I was doing a constant ping this morning to see how stable my new VDSL connection is and I also had my iPhone connected to the computer and when I disconnected it I got the following ping results, with packets lost initially and finally arriving after 4 - 19 seconds (the rest of the morning ping was at 70ms with a stddev of 1ms)

"SOCDContainer" : "PRIVATE",

perhaps since any debug information seems to be hidden with cryptography, it further points to relationship with SEP & sepOS. maybe this is the case with all crash reports though.

SOCD = system on chip daemon?

AP = application processor ?

then we could even speculate that Rosetta 2 is somehow at play here as well.

Literally just happened to me, too. I only purchased my Mac Mini on 26th Feb 2021.

And, I was running Google Chrome, Apple Mail and Whatsapp. At the time, I was merely watching a YouTube video, and then bam, bright green screen.

Not a positive start really...

Hmm, well, that is rather interesting. I do have a Samsung SSD connected via USB. This drive is used for Time Machine backups.

I guess the question is, if that is the cause, how is one to use the unit with an external USB drive, without this issue? And, further more, how would one perform backups?

Thanks for taking the time to share your experience, and what Apple advised you.

Further update:

Just looked in my 'IT box', and found a USB A to USB C adapter. I have since disconnected my Time Machine backup drive that was connected to USB A, and used the adapter to connect it.

Let's see if this error, "SOCD report detected: (AP watchdog expired)" happens again.

PS: Maybe it is just me, but, already feel as if my mouse is moving MUCH better than it was...

For me, 3 days without any drives connected, and it never happened. Reconnected my drive today, via a USB A, as requested. We will see how that goes. Thus far (2 hours or so), and still working okay.

PS: So, you have no Time Machine backup(s), in a week?

Eight days and counting, no more crashes/restarts. And when checking Terminal \ uptime, it has not restarted at night or anything.

I will add, I have a schedule setup now for Sleep. Sleep mode starts around 22:30 - 06:00...

Actually, the sleep schedule might be connected? I didn’t use it for the first month or so, but started using it since last week. Even with it I usually put my computer to sleep, but there was one night that it went to sleep by schedule. It is possible, but I’m not certain, that that was the night it happened.