watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz.0.106:5143]
Modules linked in:
irq event stamp: 7429
hardirqs last  enabled at (7428): [<ffff80008673eb94>] irqentry_exit_to_kernel_mode_after_preempt include/linux/irq-entry-common.h:507 [inline]
hardirqs last  enabled at (7428): [<ffff80008673eb94>] arm64_exit_to_kernel_mode+0x80/0x94 arch/arm64/kernel/entry-common.c:62
hardirqs last disabled at (7429): [<ffff80008673aba4>] __el1_irq arch/arm64/kernel/entry-common.c:510 [inline]
hardirqs last disabled at (7429): [<ffff80008673aba4>] el1_interrupt+0x28/0x60 arch/arm64/kernel/entry-common.c:526
softirqs last  enabled at (512): [<ffff800084aa9cf8>] spin_unlock_bh include/linux/spinlock.h:396 [inline]
softirqs last  enabled at (512): [<ffff800084aa9cf8>] release_sock+0x150/0x228 net/core/sock.c:3825
softirqs last disabled at (518): [<ffff800084abdcfc>] spin_lock_bh include/linux/spinlock.h:348 [inline]
softirqs last disabled at (518): [<ffff800084abdcfc>] lock_sock_nested+0x70/0x110 net/core/sock.c:3802
CPU: 0 UID: 0 PID: 5143 Comm: syz.0.106 Not tainted syzkaller #0 PREEMPT 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
pstate: 03400005 (nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : queued_spin_lock_slowpath+0x138/0xd0c kernel/locking/qspinlock.c:197
lr : queued_spin_lock_slowpath+0x144/0xd0c kernel/locking/qspinlock.c:197
sp : ffff800098b175e0
x29: ffff800098b17680 x28: 1fffe0001900194b x27: ffff800098b17600
x26: ffff0000c9775700 x25: dfff800000000000 x24: ffff700013162ec0
x23: ffff700013162ee0 x22: ffff0000c9775710 x21: ffff0000c800ca58
x20: ffff0000c800ca60 x19: ffff0000c800ca50 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000000020000080
x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000000
x11: 0000000000000000 x10: ffff60001900194b x9 : 0000000000000000
x8 : 0000000000000001 x7 : ffff800084abdcfc x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000867600d4
x2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000001
Call trace:
 __cmpwait_case_8 arch/arm64/include/asm/cmpxchg.h:231 [inline] (P)
 __cmpwait arch/arm64/include/asm/cmpxchg.h:259 [inline] (P)
 queued_spin_lock_slowpath+0x138/0xd0c kernel/locking/qspinlock.c:197 (P)
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x21c/0x2d0 kernel/locking/spinlock_debug.c:116
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:151 [inline]
 _raw_spin_lock_bh+0x50/0x60 kernel/locking/spinlock.c:182
 spin_lock_bh include/linux/spinlock.h:348 [inline]
 lock_sock_nested+0x70/0x110 net/core/sock.c:3802
 lock_sock include/net/sock.h:1713 [inline]
 tipc_sendstream+0x50/0x84 net/tipc/socket.c:1545
 sock_sendmsg_nosec net/socket.c:787 [inline]
 __sock_sendmsg+0xc8/0x138 net/socket.c:802
 ____sys_sendmsg+0x418/0x70c net/socket.c:2698
 ___sys_sendmsg+0x198/0x224 net/socket.c:2752
 __sys_sendmsg+0x160/0x214 net/socket.c:2784
 __do_sys_sendmsg net/socket.c:2789 [inline]
 __se_sys_sendmsg net/socket.c:2787 [inline]
 __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2787
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x244 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0xe8/0x23c arch/arm64/kernel/syscall.c:121
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:140
 el0_svc+0x64/0x260 arch/arm64/kernel/entry-common.c:740
 el0t_64_sync_handler+0x48/0x148 arch/arm64/kernel/entry-common.c:759
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:594
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5144 Comm: syz.0.106 Not tainted syzkaller #0 PREEMPT 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : should_resched arch/arm64/include/asm/preempt.h:78 [inline]
pc : __local_bh_enable_ip+0x1f0/0x35c kernel/softirq.c:457
lr : __local_bh_enable_ip+0x1ec/0x35c kernel/softirq.c:455
sp : ffff800098b26450
x29: ffff800098b26460 x28: ffff0000c800c880 x27: ffff800098b265a0
x26: ffff700013164cac x25: ffff800098b267c0 x24: 0000000000000001
x23: dfff800000000000 x22: 1fffe000192ee741 x21: ffff80008627e568
x20: 0000000000000201 x19: ffff0000c9773a08 x18: 00000000ffffffff
x17: ffff80008a0e0c80 x16: ffff80008a3f9ef8 x15: ffff800084a9e588
x14: ffff800084a9e464 x13: 0000000000000001 x12: 0000000000000000
x11: ffff80008a356d08 x10: 0000000000000003 x9 : 0000000000000000
x8 : 0000000002a1e992 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000008 x3 : ffff800080154bd4
x2 : 0000000000000002 x1 : ffff0000c9773a00 x0 : ffff80012588a000
Call trace:
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable arch/arm64/include/asm/irqflags.h:48 [inline] (P)
 __local_bh_enable_ip+0x1f0/0x35c kernel/softirq.c:455 (P)
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:196 [inline]
 _raw_spin_unlock_bh+0x3c/0x4c kernel/locking/spinlock.c:214
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 tipc_skb_peek_port net/tipc/msg.h:1235 [inline]
 tipc_sk_rcv+0x2c8/0x1534 net/tipc/socket.c:2491
 tipc_node_xmit+0x1c8/0xb9c net/tipc/node.c:1701
 tipc_node_xmit_skb net/tipc/node.c:1766 [inline]
 tipc_node_distr_xmit+0x260/0x364 net/tipc/node.c:1781
 tipc_sk_rcv+0xf98/0x1534 net/tipc/socket.c:2501
 tipc_node_xmit+0x1c8/0xb9c net/tipc/node.c:1701
 tipc_sk_push_backlog+0x3b0/0x764 net/tipc/socket.c:1312
 tipc_sk_conn_proto_rcv net/tipc/socket.c:1366 [inline]
 tipc_sk_proto_rcv+0x5f8/0xeb8 net/tipc/socket.c:2156
 tipc_sk_filter_rcv+0x1d48/0x20d0 net/tipc/socket.c:2352
 tipc_sk_enqueue net/tipc/socket.c:2445 [inline]
 tipc_sk_rcv+0x5c4/0x1534 net/tipc/socket.c:2497
 tipc_node_xmit+0x1c8/0xb9c net/tipc/node.c:1701
 tipc_node_xmit_skb net/tipc/node.c:1766 [inline]
 tipc_node_distr_xmit+0x260/0x364 net/tipc/node.c:1781
 tipc_sk_backlog_rcv+0x178/0x238 net/tipc/socket.c:2412
 sk_backlog_rcv include/net/sock.h:1190 [inline]
 __release_sock+0x178/0x2c0 net/core/sock.c:3216
 release_sock+0x174/0x228 net/core/sock.c:3815
 sockopt_release_sock net/core/sock.c:1163 [inline]
 sk_setsockopt+0x2148/0x25f4 net/core/sock.c:1676
 sock_setsockopt+0x68/0x80 net/core/sock.c:1683
 do_sock_setsockopt+0x1a0/0x330 net/socket.c:2377
 __sys_setsockopt+0x104/0x170 net/socket.c:2406
 __do_sys_setsockopt net/socket.c:2412 [inline]
 __se_sys_setsockopt net/socket.c:2409 [inline]
 __arm64_sys_setsockopt+0xb8/0xd4 net/socket.c:2409
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x244 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0xe8/0x23c arch/arm64/kernel/syscall.c:121
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:140
 el0_svc+0x64/0x260 arch/arm64/kernel/entry-common.c:740
 el0t_64_sync_handler+0x48/0x148 arch/arm64/kernel/entry-common.c:759
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:594
watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [syz.0.106:5144]
Modules linked in:
irq event stamp: 44188623
hardirqs last  enabled at (44188622): [<ffff800080308254>] __local_bh_enable_ip+0x1ec/0x35c kernel/softirq.c:455
hardirqs last disabled at (44188623): [<ffff80008673aba4>] __el1_irq arch/arm64/kernel/entry-common.c:510 [inline]
hardirqs last disabled at (44188623): [<ffff80008673aba4>] el1_interrupt+0x28/0x60 arch/arm64/kernel/entry-common.c:526
softirqs last  enabled at (72): [<ffff80008627e568>] spin_unlock_bh include/linux/spinlock.h:396 [inline]
softirqs last  enabled at (72): [<ffff80008627e568>] tipc_skb_peek_port net/tipc/msg.h:1235 [inline]
softirqs last  enabled at (72): [<ffff80008627e568>] tipc_sk_rcv+0x2c8/0x1534 net/tipc/socket.c:2491
softirqs last disabled at (74): [<ffff80008627e588>] spin_trylock_bh include/linux/spinlock.h:414 [inline]
softirqs last disabled at (74): [<ffff80008627e588>] tipc_sk_rcv+0x2e8/0x1534 net/tipc/socket.c:2496