syzbot

 sign-in | mailing list | source | docs
🐞 Open [1440]
Subsystems
🐞 Fixed [6924]
🐞 Invalid [18025]
Missing Backports [223]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers (3)

Status: upstream: reported C repro on 2025/09/02 17:24
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+7287222a6d88bdb559a7@syzkaller.appspotmail.com
First crash: 171d, last: 2d21h
Discussions (7)
Title Replies (including bot) Last reply
[syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) 0 (2) 2026/02/13 22:17
[syzbot] Monthly hams report (Jan 2026) 0 (1) 2026/01/26 07:12
[syzbot] Monthly hams report (Dec 2025) 0 (1) 2025/12/26 07:48
[syzbot] Monthly hams report (Nov 2025) 0 (1) 2025/11/25 08:46
[syzbot] Monthly hams report (Oct 2025) 0 (1) 2025/10/24 18:48
[syzbot] Monthly hams report (Sep 2025) 0 (1) 2025/09/23 13:33
Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base 2 (2) 2025/09/03 10:11
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 1975d 1971d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1666d 1690d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 50 3d23h 164d 0/2 upstream: reported on 2025/09/06 01:04
linux-6.1 WARNING: ODEBUG bug in __run_timers origin:upstream -1 syz 94 16h18m 164d 0/3 upstream: reported syz repro on 2025/09/06 07:06

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object: ffff8880375c4c90 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 include/linux/skbuff.h:2928
WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0 lib/debugobjects.c:612, CPU#3: swapper/3/0
Modules linked in:
CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:debug_print_object+0x19b/0x2a0 lib/debugobjects.c:612
Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 72 78 ee 0b 41 56 48 8b 14 dd 60 ec 1a 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 9c 48 e4 0b 01 48 83 c4 18 5b 5d 41 5c 41
RSP: 0018:ffffc900006f8a38 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffffffff8c1aeba0 RSI: ffffffff8c1ae7c0 RDI: ffffffff90e333c0
RBP: 0000000000000001 R08: ffff8880375c4c90 R09: ffffffff8bb2c880
R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1ae7c0
R13: ffffffff8bb2c8c0 R14: ffffffff8a6eed50 R15: ffffc900006f8b38
FS:  0000000000000000(0000) GS:ffff8880d668b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f4962e00ff8 CR3: 000000003801e000 CR4: 0000000000352ef0
Call Trace:
 <IRQ>
 __debug_check_no_obj_freed lib/debugobjects.c:1099 [inline]
 debug_check_no_obj_freed+0x4da/0x630 lib/debugobjects.c:1129
 slab_free_hook mm/slub.c:2601 [inline]
 slab_free mm/slub.c:6082 [inline]
 kfree+0x343/0x670 mm/slub.c:6399
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x53f/0x630 net/rose/rose_timer.c:183
 call_timer_fn+0x19a/0x590 kernel/time/timer.c:1748
 expire_timers kernel/time/timer.c:1799 [inline]
 __run_timers+0x757/0xac0 kernel/time/timer.c:2373
 __run_timer_base kernel/time/timer.c:2385 [inline]
 __run_timer_base kernel/time/timer.c:2377 [inline]
 run_timer_base+0x114/0x190 kernel/time/timer.c:2394
 run_timer_softirq+0x1a/0x50 kernel/time/timer.c:2404
 handle_softirqs+0x1ea/0x910 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xef/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa3/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:63
Code: 0e 91 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 ed 2a 00 fb f4 <e9> 3c 34 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
RSP: 0018:ffffc90000197df0 EFLAGS: 00000202
RAX: 0000000000128aa1 RBX: ffff88801ee8a480 RCX: ffffffff8b80ac75
RDX: 0000000000000000 RSI: ffffffff8de6b9c0 RDI: ffffffff8c1adaa0
RBP: 0000000000000003 R08: 0000000000000001 R09: ffffed100d4e6755
R10: ffff88806a733aab R11: 0000000000000000 R12: ffffed1003dd1490
R13: 0000000000000003 R14: ffffffff90d8d0d0 R15: 0000000000000000
 arch_safe_halt arch/x86/include/asm/paravirt.h:73 [inline]
 default_idle+0x9/0x10 arch/x86/kernel/process.c:767
 default_idle_call+0x6c/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:191 [inline]
 do_idle+0x35b/0x4b0 kernel/sched/idle.c:332
 cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:430
 start_secondary+0x21d/0x2d0 arch/x86/kernel/smpboot.c:312
 common_startup_64+0x13e/0x148
 </TASK>
----------------
Code disassembly (best guess):
   0:	b8 00 00 00 00       	mov    $0x0,%eax
   5:	00 fc                	add    %bh,%ah
   7:	ff                   	lcall  (bad)
   8:	df 48 89             	fisttps -0x77(%rax)
   b:	fa                   	cli
   c:	48 c1 ea 03          	shr    $0x3,%rdx
  10:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  14:	75 4f                	jne    0x65
  16:	48 8d 3d 72 78 ee 0b 	lea    0xbee7872(%rip),%rdi        # 0xbee788f
  1d:	41 56                	push   %r14
  1f:	48 8b 14 dd 60 ec 1a 	mov    -0x73e513a0(,%rbx,8),%rdx
  26:	8c
  27:	4c 89 e6             	mov    %r12,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	58                   	pop    %rax
  30:	83 05 9c 48 e4 0b 01 	addl   $0x1,0xbe4489c(%rip)        # 0xbe448d3
  37:	48 83 c4 18          	add    $0x18,%rsp
  3b:	5b                   	pop    %rbx
  3c:	5d                   	pop    %rbp
  3d:	41 5c                	pop    %r12
  3f:	41                   	rex.B

Crashes (571):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/13 22:16 upstream cee73b1e840c 1e62d198 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/14 13:54 upstream 770aaedb461a 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/14 04:33 upstream cd7a5651db26 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/13 11:58 upstream cee73b1e840c 6a673c50 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/12 08:43 upstream c22e26bd0906 76a109e2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/09 03:53 upstream e98f34af6116 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/02/08 14:38 upstream e7aa57247700 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/08 04:14 upstream e7aa57247700 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/07 23:11 upstream e7aa57247700 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/02/06 20:41 upstream b7ff7151e653 97745f52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/04 17:31 upstream 5fd0a1df5d05 ea10c935 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/02/01 22:00 upstream 162b42445b58 6b8752f2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/29 18:44 upstream 8dfce8991b95 aeb6fdd5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/26 05:10 upstream 023777797472 55756628 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/26 03:32 upstream 023777797472 55756628 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/25 14:59 upstream d91a46d6805a 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/25 13:25 upstream d91a46d6805a 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/25 03:36 upstream 12a0094839d0 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/24 15:35 upstream 62085877ae65 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/24 15:17 upstream 62085877ae65 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/24 11:13 upstream 62085877ae65 4f25b9b4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/23 11:27 upstream c072629f05d7 82c9c083 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 21:09 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/21 19:30 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 18:14 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 18:13 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 17:11 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 07:17 upstream c03e9c42ae8f 2494e18d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/18 16:34 upstream e84d960149e7 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/16 20:53 upstream 983d014aafb1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/09/02 12:30 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/08/30 11:22 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/02/14 03:22 upstream cee73b1e840c 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/14 01:52 upstream cee73b1e840c 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/14 00:30 upstream cee73b1e840c 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/13 23:25 upstream cee73b1e840c 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/13 20:12 upstream cee73b1e840c 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/13 18:42 upstream cee73b1e840c 1e62d198 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/10 07:19 upstream 8a5203c630c6 4ab09a02 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/07 20:49 upstream e7aa57247700 4c131dc4 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/06 13:49 upstream b7ff7151e653 97745f52 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/02/05 01:12 upstream 5fd0a1df5d05 ea10c935 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/27 10:59 upstream fcb70a56f4d8 43e1df1d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/26 21:34 upstream fcb70a56f4d8 efb3e894 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/25 02:31 upstream 5dbeeb268b63 40acda8a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/23 17:55 upstream c072629f05d7 1aa92270 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/22 00:36 upstream cf38b2340c0e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/21 23:18 upstream cf38b2340c0e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/21 14:29 upstream 6c790212c588 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/16 02:49 upstream 603c05a1639f d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.