syzbot

 sign-in | mailing list | source | docs
🐞 Open [1502]
Subsystems
🐞 Fixed [6662]
🐞 Invalid [17063]
Missing Backports [214]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers (3)

Status: upstream: reported on 2025/09/02 17:24
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+7287222a6d88bdb559a7@syzkaller.appspotmail.com
First crash: 50d, last: 13h07m
Discussions (3)
Title Replies (including bot) Last reply
[syzbot] Monthly hams report (Sep 2025) 0 (1) 2025/09/23 13:33
Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base 2 (2) 2025/09/03 10:11
[syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) 0 (1) 2025/09/02 17:24
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 1854d 1850d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1545d 1569d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 13 14h53m 43d 0/2 upstream: reported on 2025/09/06 01:04
linux-6.1 WARNING: ODEBUG bug in __run_timers -1 44 1d06h 43d 0/3 upstream: reported on 2025/09/06 07:06

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object: ffff88805f6a4890 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 include/linux/skbuff.h:2927
WARNING: CPU: 0 PID: 9160 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 lib/debugobjects.c:612
Modules linked in:
CPU: 0 UID: 0 PID: 9160 Comm: kworker/0:2H Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Workqueue: events_highpri snd_vmidi_output_work
RIP: 0010:debug_print_object+0x1a2/0x2b0 lib/debugobjects.c:612
Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 20 fb f1 8b 4c 89 e6 48 c7 c7 a0 ef f1 8b e8 4f 81 c7 fc 90 <0f> 0b 90 90 58 83 05 56 7d cf 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
RSP: 0018:ffffc90000007a18 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b6ee8
RDX: ffff88805ffdc900 RSI: ffffffff817b6ef5 RDI: 0000000000000001
RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: fffffffffffc0470 R12: ffffffff8bf1f640
R13: ffffffff8b901fe0 R14: ffffffff8a53ad30 R15: ffffc90000007b18
FS:  0000000000000000(0000) GS:ffff8881249d6000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000020000000b000 CR3: 0000000061a7e000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 __debug_check_no_obj_freed lib/debugobjects.c:1099 [inline]
 debug_check_no_obj_freed+0x4b7/0x600 lib/debugobjects.c:1129
 slab_free_hook mm/slub.c:2454 [inline]
 slab_free mm/slub.c:6611 [inline]
 kfree+0x291/0x6d0 mm/slub.c:6818
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x53f/0x630 net/rose/rose_timer.c:183
 call_timer_fn+0x19a/0x620 kernel/time/timer.c:1747
 expire_timers kernel/time/timer.c:1798 [inline]
 __run_timers+0x6ef/0x960 kernel/time/timer.c:2372
 __run_timer_base kernel/time/timer.c:2384 [inline]
 __run_timer_base kernel/time/timer.c:2376 [inline]
 run_timer_base+0x114/0x190 kernel/time/timer.c:2393
 run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2403
 handle_softirqs+0x219/0x8e0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0x109/0x170 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]
 sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1052
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 kernel/locking/spinlock.c:194
Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 a6 d7 2f f6 48 89 df e8 8e 2b 30 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 45 36 20 f6 65 8b 05 7e 65 3b 08 85 c0 74 16 5b
RSP: 0018:ffffc9000c737b40 EFLAGS: 00000246
RAX: 0000000000000002 RBX: ffff88803053a238 RCX: 0000000000000006
RDX: 0000000000000000 RSI: ffffffff8db03e7e RDI: ffffffff8bf1ea40
RBP: 0000000000000293 R08: 0000000000000001 R09: 0000000000000001
R10: ffffffff908338d7 R11: 0000000000000000 R12: ffff88803053a238
R13: 0000000000000293 R14: 0000000000000001 R15: ffff888030b4b800
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 class_spinlock_irqsave_destructor include/linux/spinlock.h:585 [inline]
 snd_rawmidi_transmit+0x117/0x160 sound/core/rawmidi.c:1486
 snd_vmidi_output_work+0x111/0x390 sound/core/seq/seq_virmidi.c:151
 process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3263
 process_scheduled_works kernel/workqueue.c:3346 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3427
 kthread+0x3c5/0x780 kernel/kthread.c:463
 ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
----------------
Code disassembly (best guess):
   0:	f5                   	cmc
   1:	53                   	push   %rbx
   2:	48 8b 74 24 10       	mov    0x10(%rsp),%rsi
   7:	48 89 fb             	mov    %rdi,%rbx
   a:	48 83 c7 18          	add    $0x18,%rdi
   e:	e8 a6 d7 2f f6       	call   0xf62fd7b9
  13:	48 89 df             	mov    %rbx,%rdi
  16:	e8 8e 2b 30 f6       	call   0xf6302ba9
  1b:	f7 c5 00 02 00 00    	test   $0x200,%ebp
  21:	75 23                	jne    0x46
  23:	9c                   	pushf
  24:	58                   	pop    %rax
  25:	f6 c4 02             	test   $0x2,%ah
  28:	75 37                	jne    0x61
* 2a:	bf 01 00 00 00       	mov    $0x1,%edi <-- trapping instruction
  2f:	e8 45 36 20 f6       	call   0xf6203679
  34:	65 8b 05 7e 65 3b 08 	mov    %gs:0x83b657e(%rip),%eax        # 0x83b65b9
  3b:	85 c0                	test   %eax,%eax
  3d:	74 16                	je     0x55
  3f:	5b                   	pop    %rbx

Crashes (172):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/10/17 18:31 upstream 98ac9cc4b445 7adf5298 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/17 10:40 upstream 98ac9cc4b445 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/17 09:19 upstream 98ac9cc4b445 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/17 09:15 upstream 98ac9cc4b445 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/16 21:33 upstream 634ec1fc7982 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/16 13:03 upstream 7ea30958b305 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/16 08:22 upstream 7ea30958b305 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/16 03:46 upstream 1f4a222b0e33 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/15 22:26 upstream 1f4a222b0e33 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/15 20:37 upstream 1f4a222b0e33 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/15 19:53 upstream 1f4a222b0e33 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/15 12:42 upstream 9b332cece987 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/14 07:41 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/13 22:47 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/13 06:55 upstream 3a8660878839 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/13 05:54 upstream 3a8660878839 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/13 05:43 upstream 3a8660878839 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/07 18:55 upstream c746c3b51698 8ef35d49 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/06 21:49 upstream fd94619c4336 91305dbe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/06 07:09 upstream 7a405dbb0f03 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/05 07:48 upstream d104e3d17f7b 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/04 17:14 upstream cbf33b8e0b36 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/04 09:13 upstream 9b0d551bcc05 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/03 19:33 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/03 13:42 upstream e406d57be7bd 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/03 02:20 upstream 7f7072574127 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/02 17:58 upstream 7f7072574127 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/02 07:29 upstream 080ffb4bec4d a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/10/01 08:52 upstream 50c19e20ed2e 65a0eece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/09/30 21:00 upstream 30d4efb2f5a5 65a0eece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/09/29 19:29 upstream e5f0a698b34e 86341da6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/09/28 10:22 upstream 51a24b7deaae 001c9061 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/09/25 16:00 upstream bf40f4b87761 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/09/24 15:42 upstream cec1e6e5d1ab 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/09/23 11:23 upstream cec1e6e5d1ab 0ac7291c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/09/02 12:30 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/08/30 11:22 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/10/19 00:26 upstream 1c64efcb083c 1c8c8cd8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/18 15:15 upstream f406055cb18c 1c8c8cd8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/17 13:14 upstream 98ac9cc4b445 e18aa505 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/14 23:07 upstream 9b332cece987 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/14 18:44 upstream 9b332cece987 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/08 17:58 upstream 0d97f2067c16 7e2882b3 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/07 07:02 upstream c746c3b51698 8ef35d49 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/05 23:12 upstream 6a74422b9710 49379ee0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/05 06:00 upstream 6093a688a07d 49379ee0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/10/03 01:04 upstream f79e772258df 49379ee0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/09/30 15:30 upstream 30d4efb2f5a5 65a0eece .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/09/29 00:43 upstream 8f9736633f8c 001c9061 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/09/28 04:11 upstream 51a24b7deaae 001c9061 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/09/27 03:37 upstream 083fc6d7fa0d 001c9061 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.