syzbot

 sign-in | mailing list | source | docs
🐞 Open [818]
🐞 Fixed [136]
🐞 Invalid [937]
Missing Backports [79]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers

Status: upstream: reported syz repro on 2025/09/06 07:06
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+a791d08891fe8f853b68@syzkaller.appspotmail.com
First crash: 76d, last: 4h31m
Bug presence (1)
Date Name Commit Repro Result
2025/11/11 upstream (ToT) 24172e0d7990 syz [report] WARNING: ODEBUG bug in handle_softirqs
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 1887d 1883d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (3) hams -1 346 1h41m 80d 0/29 upstream: reported on 2025/09/02 17:24
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1578d 1603d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 33 1d15h 76d 0/2 upstream: reported on 2025/09/06 01:04

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: timer_list hint: rose_transmit_restart_request net/rose/rose_link.c:-1 [inline]
ODEBUG: free active (active state 0) object type: timer_list hint: rose_t0timer_expiry+0x0/0x350 net/rose/rose_link.c:284
WARNING: CPU: 0 PID: 6707 at lib/debugobjects.c:518 debug_print_object lib/debugobjects.c:515 [inline]
WARNING: CPU: 0 PID: 6707 at lib/debugobjects.c:518 __debug_check_no_obj_freed lib/debugobjects.c:979 [inline]
WARNING: CPU: 0 PID: 6707 at lib/debugobjects.c:518 debug_check_no_obj_freed+0x43c/0x530 lib/debugobjects.c:1009
Modules linked in:

CPU: 0 PID: 6707 Comm: kworker/0:2H Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Workqueue: events_highpri snd_vmidi_output_work
RIP: 0010:debug_print_object lib/debugobjects.c:515 [inline]
RIP: 0010:__debug_check_no_obj_freed lib/debugobjects.c:979 [inline]
RIP: 0010:debug_check_no_obj_freed+0x43c/0x530 lib/debugobjects.c:1009
Code: ef e8 a8 6a c5 fd 4c 8b 45 00 48 c7 c7 c0 00 df 8a 48 c7 c6 80 fd de 8a 48 c7 c2 20 02 df 8a 8b 0c 24 4d 89 e9 e8 64 60 41 fd <0f> 0b 4c 8b 6c 24 18 48 b9 00 00 00 00 00 fc ff df ff 05 95 04 14
RSP: 0018:ffffc90000007a10 EFLAGS: 00010246
RAX: 9fd1dbea65218f00 RBX: ffffffff96e7ca78 RCX: ffff888026013b80
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
RBP: ffffffff8a8de2a0 R08: dffffc0000000000 R09: fffff52000000ed1
R10: fffff52000000ed1 R11: 1ffff92000000ed0 R12: ffff88805c4db600
R13: ffffffff891958b0 R14: ffff88805c4db000 R15: ffff88805c4db490
FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000020000000b000 CR3: 000000005b54b000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 slab_free_hook mm/slub.c:1704 [inline]
 slab_free_freelist_hook+0xd2/0x1a0 mm/slub.c:1755
 slab_free mm/slub.c:3687 [inline]
 __kmem_cache_free+0xb6/0x1f0 mm/slub.c:3700
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x4a7/0x5d0 net/rose/rose_timer.c:183
 call_timer_fn+0x1a0/0x670 kernel/time/timer.c:1700
 expire_timers kernel/time/timer.c:1751 [inline]
 __run_timers+0x529/0x7d0 kernel/time/timer.c:2022
 run_timer_softirq+0x63/0xf0 kernel/time/timer.c:2035
 handle_softirqs+0x2a1/0x920 kernel/softirq.c:596
 __do_softirq kernel/softirq.c:630 [inline]
 invoke_softirq kernel/softirq.c:470 [inline]
 __irq_exit_rcu+0x12f/0x220 kernel/softirq.c:679
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:691
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1118 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1118
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:691
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100 kernel/locking/spinlock.c:194
Code: 74 05 e8 ce 48 65 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f6 cd 35 f7 65 8b 05 77 85 e0 75 85 c0 74 3c 48 c7 04 24 0e 36
RSP: 0018:ffffc9000596fa80 EFLAGS: 00000206
RAX: 9fd1dbea65218f00 RBX: 0000000000000a06 RCX: 9fd1dbea65218f00
RDX: dffffc0000000000 RSI: ffffffff8a8c0580 RDI: 0000000000000001
RBP: ffffc9000596fb18 R08: dffffc0000000000 R09: fffffbfff215c46b
R10: fffffbfff215c46b R11: 1ffffffff215c46a R12: dffffc0000000000
R13: ffff88802e663518 R14: ffff88802e663530 R15: 1ffff92000b2df50
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 snd_rawmidi_transmit+0x98/0xc0 sound/core/rawmidi.c:1478
 snd_vmidi_output_work+0x1a0/0x400 sound/core/seq/seq_virmidi.c:151
 process_one_work+0x898/0x1160 kernel/workqueue.c:2292
 worker_thread+0xaa2/0x1250 kernel/workqueue.c:2439
 kthread+0x29d/0x330 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
----------------
Code disassembly (best guess):
   0:	74 05                	je     0x7
   2:	e8 ce 48 65 f7       	call   0xf76548d5
   7:	48 c7 44 24 20 00 00 	movq   $0x0,0x20(%rsp)
   e:	00 00
  10:	9c                   	pushf
  11:	8f 44 24 20          	pop    0x20(%rsp)
  15:	f6 44 24 21 02       	testb  $0x2,0x21(%rsp)
  1a:	75 4b                	jne    0x67
  1c:	f7 c3 00 02 00 00    	test   $0x200,%ebx
  22:	74 01                	je     0x25
  24:	fb                   	sti
  25:	bf 01 00 00 00       	mov    $0x1,%edi
* 2a:	e8 f6 cd 35 f7       	call   0xf735ce25 <-- trapping instruction
  2f:	65 8b 05 77 85 e0 75 	mov    %gs:0x75e08577(%rip),%eax        # 0x75e085ad
  36:	85 c0                	test   %eax,%eax
  38:	74 3c                	je     0x76
  3a:	48                   	rex.W
  3b:	c7                   	.byte 0xc7
  3c:	04 24                	add    $0x24,%al
  3e:	0e                   	(bad)
  3f:	36                   	ss

Crashes (62):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/11/09 05:03 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/11/21 13:10 linux-6.1.y f6e38ae624cf 280ea308 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/11/20 22:18 linux-6.1.y f6e38ae624cf 2cc4c24a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/11/20 22:11 linux-6.1.y f6e38ae624cf 2cc4c24a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/29 00:59 linux-6.1.y 8e6e2188d949 fd2207e7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/22 15:08 linux-6.1.y 8e6e2188d949 252fbbad .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/18 07:01 linux-6.1.y c2fda4b3f577 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:49 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:41 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:37 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:36 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:33 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:31 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 14:31 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 02:21 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 02:21 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 02:12 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/14 02:11 linux-6.1.y 882efbdd9d34 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/12 23:22 linux-6.1.y 882efbdd9d34 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/12 23:16 linux-6.1.y 882efbdd9d34 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/12 23:10 linux-6.1.y 882efbdd9d34 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/12 23:10 linux-6.1.y 882efbdd9d34 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/05 19:27 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/05 17:03 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/05 17:00 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/05 16:52 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/05 16:51 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/03 15:13 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/03 15:13 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/03 14:55 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/03 14:55 linux-6.1.y 882efbdd9d34 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/02 07:59 linux-6.1.y 7b34dc04e4ff 267f56c6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/10/02 07:59 linux-6.1.y 7b34dc04e4ff 267f56c6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/20 08:24 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/20 05:46 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/20 02:05 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/20 02:04 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/20 00:01 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/19 23:54 linux-6.1.y 363a599da6d9 67c37560 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/13 00:20 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/13 00:19 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/13 00:19 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/12 07:05 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/06 07:06 linux-6.1.y 28c695c365e1 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/11/20 08:49 linux-6.1.y f6e38ae624cf 26ee5237 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/11/04 08:04 linux-6.1.y f6e38ae624cf 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/10/31 10:37 linux-6.1.y f6e38ae624cf 2c50b6a9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/10/31 04:47 linux-6.1.y f6e38ae624cf 2c50b6a9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/10/01 04:04 linux-6.1.y 7b34dc04e4ff 65a0eece .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/09/22 20:08 linux-6.1.y 363a599da6d9 0ac7291c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/09/22 18:30 linux-6.1.y 363a599da6d9 0ac7291c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2025/09/13 17:22 linux-6.1.y 3db754f56897 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.