BUG: soft lockup in addrconf_rs

Kernel	Title	Rank 🛈	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	BUG: soft lockup in addrconf_rs_timer (3) net	1	syz			8	936d	1000d	0/29	auto-obsoleted due to no activity on 2024/01/05 16:48
upstream	BUG: soft lockup in addrconf_rs_timer (4) net	1				1	832d	832d	0/29	closed as invalid on 2024/03/12 13:17
android-6-1	BUG: soft lockup in addrconf_rs_timer	1				1	905d	905d	0/2	auto-obsoleted due to no activity on 2024/01/27 13:54
android-5-10	BUG: soft lockup in addrconf_rs_timer (2)	1	C			265	336d	667d	0/2	auto-obsoleted due to no activity on 2025/07/28 18:01
android-5-10	BUG: soft lockup in addrconf_rs_timer	1				2	995d	1013d	0/2	auto-obsoleted due to no activity on 2023/10/29 01:38
linux-6.1	BUG: soft lockup in addrconf_rs_timer	1	C		done	26	1042d	1054d	3/3	fixed on 2023/07/30 15:47
linux-4.19	BUG: soft lockup in addrconf_rs_timer	1	syz		error	24	1177d	1859d	0/1	upstream: reported syz repro on 2021/03/19 06:05
linux-4.14	BUG: soft lockup in addrconf_rs_timer	1	C		error	133	1215d	2417d	0/1	upstream: reported C repro on 2019/09/08 14:09
android-5-10	BUG: soft lockup in addrconf_rs_timer (3)	1				1	76d	76d	0/2	premoderation: reported on 2026/02/04 01:38
linux-5.15	BUG: soft lockup in addrconf_rs_timer	1	C		error	36	1042d	1054d	0/3	auto-obsoleted due to no activity on 2023/08/23 09:06
android-5-15	BUG: soft lockup in addrconf_rs_timer (3)	1				1	23h08m	23h07m	0/2	premoderation: reported on 2026/04/20 17:07
android-5-15	BUG: soft lockup in addrconf_rs_timer (2)	1	syz			99	481d	724d	0/2	auto-obsoleted due to no activity on 2025/02/14 09:13
android-6-1	BUG: soft lockup in addrconf_rs_timer (3)	1				1	381d	381d	0/2	auto-obsoleted due to no activity on 2025/07/03 20:11
linux-6.6	INFO: rcu detected stall in addrconf_rs_timer origin:lts-only	1	C		error	11	1d08h	142d	0/2	upstream: reported C repro on 2025/11/29 19:55
android-54	BUG: soft lockup in addrconf_rs_timer	1				190	656d	711d	0/2	auto-obsoleted due to no activity on 2024/08/22 17:20
upstream	BUG: soft lockup in addrconf_rs_timer net	1				18	2220d	2417d	0/29	auto-closed as invalid on 2020/07/20 22:25
android-6-1	BUG: soft lockup in addrconf_rs_timer (2)	1	syz			176	502d	707d	0/2	auto-obsoleted due to no activity on 2025/01/24 01:43
upstream	BUG: soft lockup in addrconf_rs_timer (2) net	1	C			51	1035d	1055d	23/29	fixed on 2023/07/04 09:17
android-6-1	BUG: soft lockup in addrconf_rs_timer (4)	1				7	104d	252d	0/2	auto-obsoleted due to no activity on 2026/04/06 21:21
android-5-15	BUG: soft lockup in addrconf_rs_timer	1				1	1003d	1003d	0/2	auto-obsoleted due to no activity on 2023/10/21 14:14
upstream	INFO: rcu detected stall in addrconf_rs_timer (4) net	1	C	error	error	121	1632d	2086d	0/29	closed as invalid on 2022/02/08 10:39
linux-6.1	INFO: rcu detected stall in addrconf_rs_timer origin:lts-only	1	C		done	98	41d	696d	0/3	upstream: reported C repro on 2024/05/24 18:08
linux-5.15	INFO: rcu detected stall in addrconf_rs_timer origin:lts-only	1	C		error	97	1d14h	863d	0/3	upstream: reported C repro on 2023/12/10 10:27
upstream	INFO: rcu detected stall in addrconf_rs_timer (6) virt mm netfilter	1	syz	error	error	701	7d06h	689d	0/29	upstream: reported syz repro on 2024/06/01 13:51
upstream	INFO: rcu detected stall in addrconf_rs_timer (5) kvm	1				4	1456d	1456d	0/29	auto-closed as invalid on 2022/06/24 22:41

watchdog: BUG: soft lockup - CPU#0 stuck for 266s! [syz.2.517:2095] Modules linked in: CPU: 0 PID: 2095 Comm: syz.2.517 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 RIP: 0010:arch_stack_walk+0x115/0x150 arch/x86/kernel/stacktrace.c:27 Code: 74 40 4c 8d bd 78 ff ff ff 4c 89 ff e8 44 98 05 00 48 85 c0 74 2c 48 89 df 48 89 c6 41 ba 4a 9c 94 52 45 03 56 fc 74 02 0f 0b <41> ff d6 84 c0 74 11 4c 89 ff e8 6c 99 05 00 83 bd 78 ff ff ff 00 RSP: 0018:ffffc90000006c08 EFLAGS: 00000257 RAX: ffffffff84faa8d9 RBX: ffffc90000006cc0 RCX: 0000000000006c00 RDX: ffffc90000007f01 RSI: ffffffff84faa8d9 RDI: ffffc90000006cc0 RBP: ffffc90000006c90 R08: ffffc90000006cd0 R09: ffffc90000006cc8 R10: 0000000000000000 R11: fffff52000000d8d R12: ffff888119016540 R13: 0000000000000000 R14: ffffffff81620a50 R15: ffffc90000006c08 FS: 00007fb1d2bf76c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000013d67c000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 Call Trace: <IRQ> stack_trace_save+0xa6/0xf0 kernel/stacktrace.c:122 kasan_save_stack mm/kasan/common.c:46 [inline] kasan_set_track+0x4b/0x70 mm/kasan/common.c:53 kasan_save_free_info+0x31/0x50 mm/kasan/generic.c:516 ____kasan_slab_free+0x132/0x180 mm/kasan/common.c:242 __kasan_slab_free+0x11/0x20 mm/kasan/common.c:250 kasan_slab_free include/linux/kasan.h:178 [inline] slab_free_hook mm/slub.c:1750 [inline] slab_free_freelist_hook+0xc2/0x190 mm/slub.c:1776 slab_free mm/slub.c:3712 [inline] __kmem_cache_free+0xb7/0x1b0 mm/slub.c:3728 kfree+0x6f/0xf0 mm/slab_common.c:990 skb_free_head net/core/skbuff.c:765 [inline] skb_release_data+0x63f/0x890 net/core/skbuff.c:794 skb_release_all net/core/skbuff.c:859 [inline] __kfree_skb net/core/skbuff.c:873 [inline] kfree_skb_reason+0xd4/0x230 net/core/skbuff.c:896 kfree_skb include/linux/skbuff.h:1271 [inline] vti6_tnl_xmit+0xfee/0x18f0 net/ipv6/ip6_vti.c:596 __netdev_start_xmit include/linux/netdevice.h:4930 [inline] netdev_start_xmit include/linux/netdevice.h:4944 [inline] xmit_one net/core/dev.c:3694 [inline] dev_hard_start_xmit+0x20b/0x750 net/core/dev.c:3710 __dev_queue_xmit+0x195d/0x3470 net/core/dev.c:4374 dev_queue_xmit include/linux/netdevice.h:3085 [inline] neigh_connected_output+0x469/0x500 net/core/neighbour.c:1592 neigh_output include/net/neighbour.h:552 [inline] ip6_finish_output2+0x1606/0x18a0 net/ipv6/ip6_output.c:138 __ip6_finish_output net/ipv6/ip6_output.c:205 [inline] ip6_finish_output+0x5f9/0xbb0 net/ipv6/ip6_output.c:216 NF_HOOK_COND include/linux/netfilter.h:294 [inline] ip6_output+0x1fa/0x410 net/ipv6/ip6_output.c:237 dst_output include/net/dst.h:453 [inline] NF_HOOK include/linux/netfilter.h:305 [inline] ndisc_send_skb+0x7dc/0xcc0 net/ipv6/ndisc.c:513 ndisc_send_rs+0x670/0x870 net/ipv6/ndisc.c:723 addrconf_rs_timer+0x2cf/0x610 net/ipv6/addrconf.c:4005 call_timer_fn+0x46/0x2a0 kernel/time/timer.c:1553 expire_timers kernel/time/timer.c:1604 [inline] __run_timers+0x65b/0x9f0 kernel/time/timer.c:1875 run_timer_softirq+0x6a/0xf0 kernel/time/timer.c:1888 handle_softirqs+0x1d7/0x600 kernel/softirq.c:642 __do_softirq kernel/softirq.c:680 [inline] invoke_softirq kernel/softirq.c:497 [inline] __irq_exit_rcu+0x52/0xf0 kernel/softirq.c:729 irq_exit_rcu+0x9/0x10 kernel/softirq.c:741 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1118 [inline] sysvec_apic_timer_interrupt+0xa9/0xc0 arch/x86/kernel/apic/apic.c:1118 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:691 RIP: 0010:preempt_schedule_irq+0xa5/0x120 kernel/sched/core.c:7067 Code: 44 24 20 00 02 00 00 43 c6 44 37 04 f8 74 0b 0f 0b 48 f7 03 08 00 00 00 74 4d bf 01 00 00 00 e8 91 a2 4c fc fb bf 01 00 00 00 <e8> f6 e4 ff ff fa bf 01 00 00 00 e8 3b a4 4c fc 65 48 8b 1d 43 6b RSP: 0018:ffffc90001097a40 EFLAGS: 00000246 RAX: 1ffff11023202e01 RBX: ffffc90001097b08 RCX: ffffffff87b7a100 RDX: 1ffffffff0f6e400 RSI: 0000000000000000 RDI: 0000000000000001 RBP: ffffc90001097ab8 R08: ffffffff87b72008 R09: ffffffff87b72018 R10: ffffffff87b72003 R11: 1ffffffff0f6e400 R12: 0000000000000000 R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000212f48 raw_irqentry_exit_cond_resched+0x29/0x30 kernel/entry/common.c:396 irqentry_exit+0x37/0x40 kernel/entry/common.c:439 sysvec_apic_timer_interrupt+0x64/0xc0 arch/x86/kernel/apic/apic.c:1118 asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:691 RIP: 0010:__sanitizer_cov_trace_pc+0x1/0x60 kernel/kcov.c:209 Code: fb e8 23 00 00 00 48 8b 3d bc 6b 21 06 48 89 de e8 84 a3 44 00 5b 5d c3 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 <48> 89 e5 48 8b 45 08 65 48 8b 0d b0 fe 90 7e 65 8b 15 b1 fe 90 7e RSP: 0018:ffffc90001097bb0 EFLAGS: 00000202 RAX: ffffffff81469301 RBX: 0000000000000001 RCX: 0000000000000002 RDX: ffff888119016540 RSI: 0000000000000002 RDI: 0000000000000002 RBP: ffffc90001097cb0 R08: 0000000000000000 R09: 1ffff92000212f86 R10: dffffc0000000000 R11: fffff52000212f87 R12: 1ffff92000212f80 R13: 0000000000000002 R14: 0000000000000002 R15: 0000000000000002 __ia32_sys_rt_sigreturn+0x639/0x730 arch/x86/kernel/signal.c:678 x64_sys_call+0x832/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:16 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x68/0xd2 RIP: 0033:0x7fb1d4062b04 Code: 5d 41 5c 41 5e c3 48 8b 44 24 20 48 8b 5c 24 08 48 8b b0 88 00 00 00 8b 78 08 48 8d 53 30 e8 d3 3b ff ff 48 89 83 88 00 00 00 <e9> 35 fe ff ff 0f 1f 80 00 00 00 00 8b 7c 24 1c 48 8d 74 24 50 ba RSP: 002b:00007fb1d2bf7050 EFLAGS: 00000206 RAX: 0000000000000000 RBX: 00007fb1d4415fa0 RCX: 00007fb1d4232c91 RDX: 0000000000000000 RSI: 0000000040042408 RDI: 0000000000000006 RBP: 00007fb1d4232c91 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fb1d4416038 R14: 00007fb1d4415fa0 R15: 00007ffd27129418 </TASK> Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 43 Comm: kworker/u4:2 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 Workqueue: events_unbound toggle_allocation_gate RIP: 0010:csd_lock_wait kernel/smp.c:453 [inline] RIP: 0010:smp_call_function_many_cond+0x88d/0x980 kernel/smp.c:998 Code: 41 8b 1f 89 de 83 e6 01 31 ff e8 1e 74 09 00 83 e3 01 48 bb 00 00 00 00 00 fc ff df 75 0a e8 ea 6f 09 00 e9 38 ff ff ff f3 90 <41> 0f b6 44 1d 00 84 c0 75 14 41 f7 07 01 00 00 00 0f 84 1a ff ff RSP: 0018:ffffc900002cf840 EFLAGS: 00000293 RAX: ffffffff8167ff39 RBX: dffffc0000000000 RCX: ffff88810a150000 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: ffffc900002cf978 R08: ffffc900002cf7c7 R09: 1ffff92000059ef8 R10: 0000000000000000 R11: fffff52000059ef9 R12: 1ffff1103ede7218 R13: 1ffff1103edc7ae1 R14: 0000000000000000 R15: ffff8881f6e3d708 FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffd0e48dbdc CR3: 000000000700f000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 Call Trace: <TASK> on_each_cpu_cond_mask+0x43/0x80 kernel/smp.c:1165 on_each_cpu include/linux/smp.h:71 [inline] text_poke_sync arch/x86/kernel/alternative.c:1574 [inline] text_poke_bp_batch+0x1cf/0x600 arch/x86/kernel/alternative.c:1774 text_poke_flush arch/x86/kernel/alternative.c:1965 [inline] text_poke_finish+0x1a/0x30 arch/x86/kernel/alternative.c:1972 arch_jump_label_transform_apply+0x15/0x30 arch/x86/kernel/jump_label.c:146 __jump_label_update+0x37c/0x3a0 kernel/jump_label.c:451 jump_label_update+0x39b/0x450 kernel/jump_label.c:797 static_key_enable_cpuslocked+0x126/0x240 kernel/jump_label.c:173 static_key_enable+0x1a/0x30 kernel/jump_label.c:186 toggle_allocation_gate+0xba/0x440 mm/kfence/core.c:820 process_one_work+0x71f/0xc40 kernel/workqueue.c:2302 worker_thread+0xa29/0x11e0 kernel/workqueue.c:2449 kthread+0x281/0x320 kernel/kthread.c:386 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 </TASK>

Crashes (1):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2026/04/19 17:28	android14-6.1	7790109d9d13	303e2802	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-android-6-1-perf	BUG: soft lockup in addrconf_rs_timer

Crashes (1):

Assets (help?)