[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1111496: Unstable kauditd after DSA 5973-1 on QEMU VMs

Package: linux-image-amd64
Version: 6.1.147-1
After updating kernel from linux-image-6.1.0-37-amd64 to linux-image-6.1.0-38-amd64 virtual machines (qemu/kvm) sometimes stop booting after auditd.service is started (hard reset required). 

Noticed that sometimes restarting auditd with

systemctl restart auditd

makes kauditd to saturate CPU:
2025-08-18 16:52:09 myhost kernel: [  161.943629] rcu: INFO: rcu_preempt self-detected stall on CPU 2025-08-18 16:52:09 myhost kernel: [  161.943633] rcu: 1-....: (1 GPs behind) idle=8664/1/0x4000000000000000 softirq=50309/50310 fqs=2621 2025-08-18 16:52:09 myhost kernel: [  161.943645]      (t=5250 jiffies g=14713 q=6748 ncpus=2) 2025-08-18 16:52:09 myhost kernel: [  161.943648] CPU: 1 PID: 28 Comm: kauditd Not tainted 6.1.0-38-amd64 #1  Debian 6.1.147-1 2025-08-18 16:52:09 myhost kernel: [  161.943650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 2025-08-18 16:52:09 myhost kernel: [  161.943653] RIP: 0010:__netlink_lookup+0x7e/0x150 2025-08-18 16:52:09 myhost kernel: [  161.943661] Code: 04 24 89 ce 31 ca c1 c6 0e 29 f2 89 d6 31 d0 c1 c6 0b 29 f0 89 c6 31 c1 c1 ce 07 29 f1 89 ce 31 ca c1 c6 10 29 f2 89 d6 31 d0 <c1> c6 04 29 f0 31 c1 c1 c0 0e 29 c1 8b 45 00 31 ca c1 c9 08 8d 70 2025-08-18 16:52:09 myhost kernel: [  161.943662] RSP: 0018:ffffb481c00f7de0 EFLAGS: 00000282 2025-08-18 16:52:09 myhost kernel: [  161.943664] RAX: 000000009729b464 RBX: ffff9de94129c750 RCX: 00000000c99eae01 2025-08-18 16:52:09 myhost kernel: [  161.943665] RDX: 00000000bc1dd355 RSI: 00000000bc1dd355 RDI: ffff9de94129c750 2025-08-18 16:52:09 myhost kernel: [  161.943666] RBP: ffff9de949f18100 R08: ffff9de9493b8b48 R09: ffff9de949f18169 2025-08-18 16:52:09 myhost kernel: [  161.943667] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9de94ac4cb00 2025-08-18 16:52:09 myhost kernel: [  161.943668] R13: 00000000000050dd R14: 0000000000000001 R15: ffffffff96895cc0 2025-08-18 16:52:09 myhost kernel: [  161.943669] FS: 0000000000000000(0000) GS:ffff9de97ed00000(0000) knlGS:0000000000000000 2025-08-18 16:52:09 myhost kernel: [  161.943670] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 2025-08-18 16:52:09 myhost kernel: [  161.943671] CR2: 00007f896f0ff445 CR3: 000000001d810005 CR4: 0000000000170ee0 
2025-08-18 16:52:09 myhost kernel: [  161.943676] Call Trace:
2025-08-18 16:52:09 myhost kernel: [  161.943684]  <TASK>
2025-08-18 16:52:09 myhost kernel: [  161.943692] netlink_unicast+0x130/0x3d0 2025-08-18 16:52:09 myhost kernel: [  161.943695]  ? audit_net_exit+0x30/0x30 2025-08-18 16:52:09 myhost kernel: [  161.943698] kauditd_send_queue+0xab/0x180 2025-08-18 16:52:09 myhost kernel: [  161.943702]  ? audit_log_lost+0x90/0x90 
2025-08-18 16:52:09 myhost kernel: [  161.943704] kauditd_thread+0x12e/0x2d0
2025-08-18 16:52:09 myhost kernel: [  161.943706]  ? cpuusage_read+0x10/0x10
2025-08-18 16:52:09 myhost kernel: [  161.943709]  ? auditd_reset+0x90/0x90
2025-08-18 16:52:09 myhost kernel: [  161.943710] kthread+0xda/0x100
2025-08-18 16:52:09 myhost kernel: [  161.943715]  ? kthread_complete_and_exit+0x20/0x20 
2025-08-18 16:52:09 myhost kernel: [  161.943717] ret_from_fork+0x22/0x30
2025-08-18 16:52:09 myhost kernel: [  161.943732]  </TASK>
No such problem when choosing prev kernel "6.1.0-37-amd64" in grub or after new kernel deinstallation with 

apt-get remove linux-image-6.1.0-38-amd64

--

Regards,

Paweł Bogusławski
E:pawel.boguslawski@ib.pl
Reply to: