syzbot

 sign-in | mailing list | source | docs
🐞 Open [1452]
Subsystems
🐞 Fixed [6881]
🐞 Invalid [17867]
Missing Backports [224]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers (3)

Status: upstream: reported on 2025/09/02 17:24
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+7287222a6d88bdb559a7@syzkaller.appspotmail.com
First crash: 146d, last: 14h41m
Discussions (6)
Title Replies (including bot) Last reply
[syzbot] Monthly hams report (Dec 2025) 0 (1) 2025/12/26 07:48
[syzbot] Monthly hams report (Nov 2025) 0 (1) 2025/11/25 08:46
[syzbot] Monthly hams report (Oct 2025) 0 (1) 2025/10/24 18:48
[syzbot] Monthly hams report (Sep 2025) 0 (1) 2025/09/23 13:33
Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base 2 (2) 2025/09/03 10:11
[syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) 0 (1) 2025/09/02 17:24
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 1951d 1947d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1641d 1666d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 39 11d 140d 0/2 upstream: reported on 2025/09/06 01:04
linux-6.1 WARNING: ODEBUG bug in __run_timers origin:upstream -1 syz 80 1d07h 140d 0/3 upstream: reported syz repro on 2025/09/06 07:06

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object: ffff88805aacf490 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 include/linux/skbuff.h:2927
WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0 lib/debugobjects.c:612, CPU#0: syz.1.4157/22531
Modules linked in:
CPU: 0 UID: 0 PID: 22531 Comm: syz.1.4157 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
RIP: 0010:debug_print_object+0x19b/0x2a0 lib/debugobjects.c:612
Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 52 09 d2 0b 41 56 48 8b 14 dd 60 47 fa 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 bc f0 c7 0b 01 48 83 c4 18 5b 5d 41 5c 41
RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffffffff8bfa46a0 RSI: ffffffff8bfa42c0 RDI: ffffffff90c18100
RBP: 0000000000000001 R08: ffff88805aacf490 R09: ffffffff8b92b900
R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bfa42c0
R13: ffffffff8b92b940 R14: ffffffff8a661ac0 R15: ffffc90000007b18
FS:  00007fcd61b0f6c0(0000) GS:ffff8881245dc000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2daeeff8 CR3: 0000000064fc9000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 __debug_check_no_obj_freed lib/debugobjects.c:1099 [inline]
 debug_check_no_obj_freed+0x4da/0x630 lib/debugobjects.c:1129
 slab_free_hook mm/slub.c:2471 [inline]
 slab_free mm/slub.c:6674 [inline]
 kfree+0x34c/0x690 mm/slub.c:6882
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x53f/0x630 net/rose/rose_timer.c:183
 call_timer_fn+0x19a/0x590 kernel/time/timer.c:1748
 expire_timers kernel/time/timer.c:1799 [inline]
 __run_timers+0x757/0xac0 kernel/time/timer.c:2373
 __run_timer_base kernel/time/timer.c:2385 [inline]
 __run_timer_base kernel/time/timer.c:2377 [inline]
 run_timer_base+0x114/0x190 kernel/time/timer.c:2394
 run_timer_softirq+0x1a/0x50 kernel/time/timer.c:2404
 handle_softirqs+0x1ea/0x910 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xef/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa3/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:finish_task_switch.isra.0+0x20d/0xb70 kernel/sched/core.c:5118
Code: d7 e2 0e 48 85 d2 0f 85 7a 06 00 00 85 c0 0f 85 a6 01 00 00 48 89 df e8 31 e5 ff ff e8 fc 57 3a 00 fb 49 8d bc 24 48 16 00 00 <48> b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 84
RSP: 0018:ffffc90000117850 EFLAGS: 00000202
RAX: 000000000006d625 RBX: ffff8880b843ac80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8dc45362 RDI: ffff88807a403b08
RBP: ffffc90000117898 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff88807a4024c0
R13: ffff88801deca4c0 R14: ffff88801deca4c0 R15: ffff8880b843bab0
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0xfec/0x5e10 kernel/sched/core.c:6867
 __schedule_loop kernel/sched/core.c:6949 [inline]
 schedule+0xdd/0x390 kernel/sched/core.c:6964
 schedule_timeout+0x127/0x280 kernel/time/sleep_timeout.c:99
 snd_rawmidi_write+0x492/0xc60 sound/core/rawmidi.c:1616
 do_loop_readv_writev fs/read_write.c:850 [inline]
 do_loop_readv_writev fs/read_write.c:835 [inline]
 vfs_writev+0x5ea/0xe10 fs/read_write.c:1059
 do_writev+0x28a/0x340 fs/read_write.c:1103
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcd60b9acb9
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fcd61b0f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
RAX: ffffffffffffffda RBX: 00007fcd60e15fa0 RCX: 00007fcd60b9acb9
RDX: 0000000000000002 RSI: 0000200000000840 RDI: 0000000000000004
RBP: 00007fcd60c08bf7 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fcd60e16038 R14: 00007fcd60e15fa0 R15: 00007ffebf2878c8
 </TASK>
----------------
Code disassembly (best guess):
   0:	b8 00 00 00 00       	mov    $0x0,%eax
   5:	00 fc                	add    %bh,%ah
   7:	ff                   	lcall  (bad)
   8:	df 48 89             	fisttps -0x77(%rax)
   b:	fa                   	cli
   c:	48 c1 ea 03          	shr    $0x3,%rdx
  10:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  14:	75 4f                	jne    0x65
  16:	48 8d 3d 52 09 d2 0b 	lea    0xbd20952(%rip),%rdi        # 0xbd2096f
  1d:	41 56                	push   %r14
  1f:	48 8b 14 dd 60 47 fa 	mov    -0x7405b8a0(,%rbx,8),%rdx
  26:	8b
  27:	4c 89 e6             	mov    %r12,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	58                   	pop    %rax
  30:	83 05 bc f0 c7 0b 01 	addl   $0x1,0xbc7f0bc(%rip)        # 0xbc7f0f3
  37:	48 83 c4 18          	add    $0x18,%rsp
  3b:	5b                   	pop    %rbx
  3c:	5d                   	pop    %rbp
  3d:	41 5c                	pop    %r12
  3f:	41                   	rex.B

Crashes (493):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/01/23 11:27 upstream c072629f05d7 82c9c083 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 21:09 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/21 19:30 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 18:14 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 18:13 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 17:11 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 07:17 upstream c03e9c42ae8f 2494e18d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/18 16:34 upstream e84d960149e7 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/16 20:53 upstream 983d014aafb1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/15 11:23 upstream 944aacb68baf d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/15 11:22 upstream 944aacb68baf d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/14 15:41 upstream c537e12daeec d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/13 01:31 upstream b71e635feefc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/12 11:52 upstream 7143203341dc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/12 10:46 upstream 0f61b1860cc3 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/12 00:08 upstream 755bc1335e3b d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/11 19:08 upstream 755bc1335e3b d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/09 04:33 upstream 79b95d74470d d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/07 10:02 upstream f0b9d8eb98df d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/06 05:58 upstream 7f98ab9da046 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/12/29 22:30 upstream 7839932417dd d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/12/28 16:58 upstream d26143bb38e2 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/12/28 05:54 upstream d26143bb38e2 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/12/27 23:58 upstream c53f467229a7 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/12/27 09:40 upstream 3f0e9c8cefa9 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/12/27 09:36 upstream 3f0e9c8cefa9 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/12/26 12:17 upstream ccd1cdca5cd4 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/12/26 06:12 upstream ccd1cdca5cd4 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/09/02 12:30 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/08/30 11:22 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/23 17:55 upstream c072629f05d7 1aa92270 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/22 00:36 upstream cf38b2340c0e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/21 23:18 upstream cf38b2340c0e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/21 14:29 upstream 6c790212c588 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/16 02:49 upstream 603c05a1639f d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/12 18:21 upstream 0f61b1860cc3 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/12 04:20 upstream 9c7ef209cd0f d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/11 03:01 upstream 97313d6113ab d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/08 02:19 upstream f0b9d8eb98df d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 21:55 upstream f0b9d8eb98df d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 19:51 upstream f0b9d8eb98df d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 03:22 upstream 7f98ab9da046 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 03:21 upstream 7f98ab9da046 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 00:38 upstream 7f98ab9da046 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/05 11:23 upstream 3609fa95fb0f d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/04 00:59 upstream aacb0a6d604a d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/02 05:03 upstream b69053dd3ffb d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/01 01:07 upstream 349bd28a86f2 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/12/31 12:40 upstream c8ebd433459b d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/12/28 01:07 upstream d26143bb38e2 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/12/27 16:08 upstream c53f467229a7 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2025/12/26 20:54 upstream 3f0e9c8cefa9 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.