syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1340]
Subsystems
🐞 Fixed [7059]
🐞 Invalid [18498]
Missing Backports [222]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers (3)

Status: upstream: reported C repro on 2025/09/02 17:24
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+7287222a6d88bdb559a7@syzkaller.appspotmail.com
First crash: 227d, last: 1h54m
Discussions (8)
Title Replies (including bot) Last reply
[syzbot] Monthly hams report (Mar 2026) 0 (1) 2026/03/31 08:06
[syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) 0 (2) 2026/02/13 22:17
[syzbot] Monthly hams report (Jan 2026) 0 (1) 2026/01/26 07:12
[syzbot] Monthly hams report (Dec 2025) 0 (1) 2025/12/26 07:48
[syzbot] Monthly hams report (Nov 2025) 0 (1) 2025/11/25 08:46
[syzbot] Monthly hams report (Oct 2025) 0 (1) 2025/10/24 18:48
[syzbot] Monthly hams report (Sep 2025) 0 (1) 2025/09/23 13:33
Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base 2 (2) 2025/09/03 10:11
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 2032d 2028d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1722d 1747d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 88 1d13h 221d 0/2 upstream: reported on 2025/09/06 01:04
linux-6.1 WARNING: ODEBUG bug in __run_timers origin:upstream missing-backport -1 syz error 136 1d12h 221d 0/3 upstream: reported syz repro on 2025/09/06 07:06

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object: ffff8880375c4c90 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 include/linux/skbuff.h:2928
WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0 lib/debugobjects.c:612, CPU#3: swapper/3/0
Modules linked in:
CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:debug_print_object+0x19b/0x2a0 lib/debugobjects.c:612
Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 72 78 ee 0b 41 56 48 8b 14 dd 60 ec 1a 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 9c 48 e4 0b 01 48 83 c4 18 5b 5d 41 5c 41
RSP: 0018:ffffc900006f8a38 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffffffff8c1aeba0 RSI: ffffffff8c1ae7c0 RDI: ffffffff90e333c0
RBP: 0000000000000001 R08: ffff8880375c4c90 R09: ffffffff8bb2c880
R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1ae7c0
R13: ffffffff8bb2c8c0 R14: ffffffff8a6eed50 R15: ffffc900006f8b38
FS:  0000000000000000(0000) GS:ffff8880d668b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f4962e00ff8 CR3: 000000003801e000 CR4: 0000000000352ef0
Call Trace:
 <IRQ>
 __debug_check_no_obj_freed lib/debugobjects.c:1099 [inline]
 debug_check_no_obj_freed+0x4da/0x630 lib/debugobjects.c:1129
 slab_free_hook mm/slub.c:2601 [inline]
 slab_free mm/slub.c:6082 [inline]
 kfree+0x343/0x670 mm/slub.c:6399
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x53f/0x630 net/rose/rose_timer.c:183
 call_timer_fn+0x19a/0x590 kernel/time/timer.c:1748
 expire_timers kernel/time/timer.c:1799 [inline]
 __run_timers+0x757/0xac0 kernel/time/timer.c:2373
 __run_timer_base kernel/time/timer.c:2385 [inline]
 __run_timer_base kernel/time/timer.c:2377 [inline]
 run_timer_base+0x114/0x190 kernel/time/timer.c:2394
 run_timer_softirq+0x1a/0x50 kernel/time/timer.c:2404
 handle_softirqs+0x1ea/0x910 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xef/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa3/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:63
Code: 0e 91 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 ed 2a 00 fb f4 <e9> 3c 34 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
RSP: 0018:ffffc90000197df0 EFLAGS: 00000202
RAX: 0000000000128aa1 RBX: ffff88801ee8a480 RCX: ffffffff8b80ac75
RDX: 0000000000000000 RSI: ffffffff8de6b9c0 RDI: ffffffff8c1adaa0
RBP: 0000000000000003 R08: 0000000000000001 R09: ffffed100d4e6755
R10: ffff88806a733aab R11: 0000000000000000 R12: ffffed1003dd1490
R13: 0000000000000003 R14: ffffffff90d8d0d0 R15: 0000000000000000
 arch_safe_halt arch/x86/include/asm/paravirt.h:73 [inline]
 default_idle+0x9/0x10 arch/x86/kernel/process.c:767
 default_idle_call+0x6c/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:191 [inline]
 do_idle+0x35b/0x4b0 kernel/sched/idle.c:332
 cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:430
 start_secondary+0x21d/0x2d0 arch/x86/kernel/smpboot.c:312
 common_startup_64+0x13e/0x148
 </TASK>
----------------
Code disassembly (best guess):
   0:	b8 00 00 00 00       	mov    $0x0,%eax
   5:	00 fc                	add    %bh,%ah
   7:	ff                   	lcall  (bad)
   8:	df 48 89             	fisttps -0x77(%rax)
   b:	fa                   	cli
   c:	48 c1 ea 03          	shr    $0x3,%rdx
  10:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  14:	75 4f                	jne    0x65
  16:	48 8d 3d 72 78 ee 0b 	lea    0xbee7872(%rip),%rdi        # 0xbee788f
  1d:	41 56                	push   %r14
  1f:	48 8b 14 dd 60 ec 1a 	mov    -0x73e513a0(,%rbx,8),%rdx
  26:	8c
  27:	4c 89 e6             	mov    %r12,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	58                   	pop    %rax
  30:	83 05 9c 48 e4 0b 01 	addl   $0x1,0xbe4489c(%rip)        # 0xbe448d3
  37:	48 83 c4 18          	add    $0x18,%rsp
  3b:	5b                   	pop    %rbx
  3c:	5d                   	pop    %rbp
  3d:	41 5c                	pop    %r12
  3f:	41                   	rex.B

Crashes (775):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/13 22:16 upstream cee73b1e840c 1e62d198 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/04/15 07:37 upstream 508fed679541 e2e976a8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/15 04:38 upstream 508fed679541 e2e976a8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/14 21:41 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/14 18:37 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/14 13:45 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/13 21:44 upstream 0f0013213293 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/13 18:14 upstream 028ef9c96e96 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/13 11:15 upstream 028ef9c96e96 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/13 00:28 upstream f5459048c38a 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/12 23:44 upstream f5459048c38a 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/12 15:30 upstream f5459048c38a 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/12 03:18 upstream e753c16cb3dd 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/12 01:36 upstream e753c16cb3dd 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/11 19:34 upstream e774d5f1bc27 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/10 14:04 upstream 9a9c8ce300cd 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/10 09:06 upstream 9a9c8ce300cd 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/09 23:44 upstream 8b02520ec5f7 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/09 11:33 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/09 09:00 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/09 09:00 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/09 04:27 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/09 02:19 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/08 18:03 upstream 3036cd0d3328 d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/08 02:10 upstream 3036cd0d3328 2c961e87 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/07 14:55 upstream bfe62a454542 628666c6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/07 11:24 upstream bfe62a454542 628666c6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/06 23:14 upstream bfe62a454542 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/06 19:22 upstream 591cd656a1bf 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/06 09:59 upstream 591cd656a1bf 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/06 08:04 upstream 1791c390149f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/06 01:10 upstream 1791c390149f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/05 20:20 upstream 1791c390149f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 10:52 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 09:10 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 09:10 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 08:10 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 06:54 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 05:51 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/05 02:12 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/04 12:25 upstream 7ca6d1cfec80 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/04/03 23:08 upstream 631919fb12fe 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/02 21:15 upstream 5619b098e2fb 8b15d4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/02 16:55 upstream 9147566d8016 8b15d4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/01 19:34 upstream 9147566d8016 0285fe54 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/03/31 18:04 upstream d0c3bcd5b897 aeea1c72 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/03/30 22:44 upstream 7aaa8047eafd 458630d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/03/30 15:37 upstream 7aaa8047eafd 458630d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/03/30 14:36 upstream 7aaa8047eafd 458630d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/03/30 03:52 upstream f242ac4a0944 356bdfc9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/03/29 04:43 upstream be762d8b6dd7 356bdfc9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/09/02 12:30 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/08/30 11:22 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/04/13 23:50 upstream 26ff969926a0 1a086e7c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/04/11 02:06 upstream 7c6c4ed80b87 38c8e246 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/03/31 19:28 upstream d0c3bcd5b897 ef441708 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.