| Title | Replies (including bot) | Last reply |
|---|---|---|
| Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base | 2 (2) | 2025/09/03 10:11 |
| [syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) | 0 (1) | 2025/09/02 17:24 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base | 2 (2) | 2025/09/03 10:11 |
| [syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) | 0 (1) | 2025/09/02 17:24 |
| Kernel | Title | Rank 🛈 | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| upstream | WARNING: ODEBUG bug in __run_timers net | -1 | 1 | 1815d | 1811d | 0/29 | auto-closed as invalid on 2020/12/19 18:17 | |||
| upstream | WARNING: ODEBUG bug in __run_timers (2) net | -1 | 2 | 1505d | 1530d | 0/29 | auto-closed as invalid on 2021/10/25 11:37 | |||
| linux-6.6 | WARNING: ODEBUG bug in __run_timers | -1 | 2 | 2d14h | 4d02h | 0/2 | upstream: reported on 2025/09/06 01:04 | |||
| linux-6.1 | WARNING: ODEBUG bug in __run_timers | -1 | 1 | 3d20h | 3d20h | 0/3 | upstream: reported on 2025/09/06 07:06 |
------------[ cut here ]------------ ODEBUG: free active (active state 0) object: ffff888052ce4c90 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 include/linux/skbuff.h:2880 WARNING: CPU: 0 PID: 19282 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 lib/debugobjects.c:612 Modules linked in: CPU: 0 UID: 0 PID: 19282 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 RIP: 0010:debug_print_object+0x1a2/0x2b0 lib/debugobjects.c:612 Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 44 16 8c 4c 89 e6 48 c7 c7 60 39 16 8c e8 9f 17 91 fc 90 <0f> 0b 90 90 58 83 05 e6 ba c2 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d RSP: 0018:ffffc90000007a28 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a3388 RDX: ffff8880599a3c00 RSI: ffffffff817a3395 RDI: 0000000000000001 RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8c164000 R13: ffffffff8bafedc0 R14: ffffffff8a7fee10 R15: ffffc90000007b28 FS: 00005555874c5500(0000) GS:ffff8881246b7000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f4c1a0f56c0 CR3: 00000000600dd000 CR4: 0000000000350ef0 Call Trace: <IRQ> __debug_check_no_obj_freed lib/debugobjects.c:1099 [inline] debug_check_no_obj_freed+0x4b7/0x600 lib/debugobjects.c:1129 slab_free_hook mm/slub.c:2353 [inline] slab_free mm/slub.c:4695 [inline] kfree+0x28f/0x4d0 mm/slub.c:4894 rose_neigh_put include/net/rose.h:166 [inline] rose_timer_expiry+0x53f/0x630 net/rose/rose_timer.c:183 call_timer_fn+0x19a/0x620 kernel/time/timer.c:1747 expire_timers kernel/time/timer.c:1798 [inline] __run_timers+0x6ef/0x960 kernel/time/timer.c:2372 __run_timer_base kernel/time/timer.c:2384 [inline] __run_timer_base kernel/time/timer.c:2376 [inline] run_timer_base+0x114/0x190 kernel/time/timer.c:2393 run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2403 handle_softirqs+0x219/0x8e0 kernel/softirq.c:579 __do_softirq kernel/softirq.c:613 [inline] invoke_softirq kernel/softirq.c:453 [inline] __irq_exit_rcu+0x109/0x170 kernel/softirq.c:680 irq_exit_rcu+0x9/0x30 kernel/softirq.c:696 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline] sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1050 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:debug_lockdep_rcu_enabled+0x2e/0x40 kernel/rcu/update.c:322 Code: 8b 05 16 33 19 05 85 c0 74 20 8b 05 c0 63 19 05 85 c0 74 16 65 48 8b 05 98 1e 44 08 8b 80 ec 0a 00 00 85 c0 0f 94 c0 0f b6 c0 <e9> 78 cf 7d f5 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 RSP: 0018:ffffc90003fbee20 EFLAGS: 00000246 RAX: 0000000000000001 RBX: ffffc90003fbf1e8 RCX: ffffc90003fc0001 RDX: ffffc90003fbf1f0 RSI: ffffc90003fbf1b8 RDI: ffffc90003fbeea8 RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000003 R11: 0000000000011367 R12: ffffc90003fbeee8 R13: ffffc90003fbee98 R14: ffffc90003fbf1e8 R15: ffffc90003fbeecc rcu_read_unlock include/linux/rcupdate.h:869 [inline] class_rcu_destructor include/linux/rcupdate.h:1155 [inline] unwind_next_frame+0x3de/0x20a0 arch/x86/kernel/unwind_orc.c:479 arch_stack_walk+0x94/0x100 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122 save_stack+0x160/0x1f0 mm/page_owner.c:156 __set_page_owner+0x91/0x550 mm/page_owner.c:329 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1c0/0x230 mm/page_alloc.c:1851 prep_new_page mm/page_alloc.c:1859 [inline] get_page_from_freelist+0x132b/0x38e0 mm/page_alloc.c:3858 __alloc_frozen_pages_noprof+0x261/0x23f0 mm/page_alloc.c:5148 alloc_pages_mpol+0x1fb/0x550 mm/mempolicy.c:2416 alloc_frozen_pages_noprof mm/mempolicy.c:2487 [inline] alloc_pages_noprof+0x131/0x390 mm/mempolicy.c:2507 pagetable_alloc_noprof include/linux/mm.h:2881 [inline] __pte_alloc_one_noprof include/asm-generic/pgalloc.h:75 [inline] pte_alloc_one+0x1c/0x3a0 arch/x86/mm/pgtable.c:18 __pte_alloc+0x6d/0x3c0 mm/memory.c:452 copy_pte_range mm/memory.c:1107 [inline] copy_pmd_range mm/memory.c:1261 [inline] copy_pud_range mm/memory.c:1298 [inline] copy_p4d_range mm/memory.c:1322 [inline] copy_page_range+0x3b83/0x5c80 mm/memory.c:1410 dup_mmap+0xe88/0x21d0 mm/mmap.c:1834 dup_mm kernel/fork.c:1485 [inline] copy_mm kernel/fork.c:1537 [inline] copy_process+0x4081/0x7690 kernel/fork.c:2175 kernel_clone+0xfc/0x930 kernel/fork.c:2605 __do_sys_clone+0xce/0x120 kernel/fork.c:2748 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f4c19385453 Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 RSP: 002b:00007fff8538a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4c19385453 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 R10: 00005555874c57d0 R11: 0000000000000246 R12: 0000000000000000 R13: 00000000000927c0 R14: 0000000000235f66 R15: 00007fff8538a1d0 </TASK> ---------------- Code disassembly (best guess): 0: 8b 05 16 33 19 05 mov 0x5193316(%rip),%eax # 0x519331c 6: 85 c0 test %eax,%eax 8: 74 20 je 0x2a a: 8b 05 c0 63 19 05 mov 0x51963c0(%rip),%eax # 0x51963d0 10: 85 c0 test %eax,%eax 12: 74 16 je 0x2a 14: 65 48 8b 05 98 1e 44 mov %gs:0x8441e98(%rip),%rax # 0x8441eb4 1b: 08 1c: 8b 80 ec 0a 00 00 mov 0xaec(%rax),%eax 22: 85 c0 test %eax,%eax 24: 0f 94 c0 sete %al 27: 0f b6 c0 movzbl %al,%eax * 2a: e9 78 cf 7d f5 jmp 0xf57dcfa7 <-- trapping instruction 2f: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) 36: 00 00 00 39: 0f 1f 00 nopl (%rax) 3c: 90 nop 3d: 90 nop 3e: 90 nop 3f: 90 nop
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/09/07 13:33 | upstream | b236920731dd | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/06 03:50 | upstream | c8ed9b5c02a5 | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/04 23:50 | upstream | d69eb204c255 | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/04 23:50 | upstream | d69eb204c255 | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/04 23:49 | upstream | d69eb204c255 | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/04 23:48 | upstream | d69eb204c255 | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/04 19:19 | upstream | b9a10f876409 | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/03 18:43 | upstream | e6b9dce0aeeb | 96a211bc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/03 18:37 | upstream | e6b9dce0aeeb | 96a211bc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/03 18:26 | upstream | e6b9dce0aeeb | 96a211bc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/03 18:23 | upstream | e6b9dce0aeeb | 96a211bc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/02 12:30 | upstream | b320789d6883 | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/02 12:26 | upstream | b320789d6883 | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/02 12:25 | upstream | b320789d6883 | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/02 12:15 | upstream | b320789d6883 | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/02 12:14 | upstream | b320789d6883 | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 14:07 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 14:03 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 14:01 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 13:58 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:33 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:33 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:31 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:31 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:31 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:30 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:30 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 12:30 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 00:57 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/30 11:22 | upstream | 11e7861d680c | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/08 23:55 | upstream | f777d1112ee5 | d291dd2d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/08 00:24 | upstream | 6ab41fca2e80 | d291dd2d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/07 17:18 | upstream | 6ab41fca2e80 | d291dd2d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/05 09:12 | upstream | d69eb204c255 | d291dd2d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | WARNING: ODEBUG bug in __run_timers | ||
| 2025/09/04 05:07 | upstream | b9a10f876409 | d291dd2d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | WARNING: ODEBUG bug in __run_timers | ||
| 2025/08/31 11:44 | upstream | c8bc81a52d5a | 807a3b61 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | WARNING: ODEBUG bug in __run_timers |