syzbot

 sign-in | mailing list | source | docs
🐞 Open [901]
🐞 Fixed [143]
🐞 Invalid [1086]
Missing Backports [73]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers

Status: upstream: reported syz repro on 2025/09/06 07:06
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+a791d08891fe8f853b68@syzkaller.appspotmail.com
First crash: 237d, last: 7d11h
Bug presence (3)
Date Name Commit Repro Result
2026/04/13 linux-6.1.y (ToT) 8e8fc038cad5 syz [report] KASAN: use-after-free Read in ax25_find_cb
2025/11/11 upstream (ToT) 24172e0d7990 syz [report] WARNING: ODEBUG bug in handle_softirqs
2026/04/13 upstream (ToT) 028ef9c96e96 syz Didn't crash
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 2049d 2045d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (3) hams -1 C 803 7d17h 241d 0/29 upstream: reported C repro on 2025/09/02 17:24
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1739d 1764d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 98 2d21h 237d 0/2 upstream: reported on 2025/09/06 01:04
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2026/04/13 21:41 1m fix candidate upstream error job log

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: timer_list hint: rose_transmit_restart_request net/rose/rose_link.c:-1 [inline]
ODEBUG: free active (active state 0) object type: timer_list hint: rose_t0timer_expiry+0x0/0x350 net/rose/rose_link.c:284
WARNING: CPU: 0 PID: 6707 at lib/debugobjects.c:518 debug_print_object lib/debugobjects.c:515 [inline]
WARNING: CPU: 0 PID: 6707 at lib/debugobjects.c:518 __debug_check_no_obj_freed lib/debugobjects.c:979 [inline]
WARNING: CPU: 0 PID: 6707 at lib/debugobjects.c:518 debug_check_no_obj_freed+0x43c/0x530 lib/debugobjects.c:1009
Modules linked in:

CPU: 0 PID: 6707 Comm: kworker/0:2H Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Workqueue: events_highpri snd_vmidi_output_work
RIP: 0010:debug_print_object lib/debugobjects.c:515 [inline]
RIP: 0010:__debug_check_no_obj_freed lib/debugobjects.c:979 [inline]
RIP: 0010:debug_check_no_obj_freed+0x43c/0x530 lib/debugobjects.c:1009
Code: ef e8 a8 6a c5 fd 4c 8b 45 00 48 c7 c7 c0 00 df 8a 48 c7 c6 80 fd de 8a 48 c7 c2 20 02 df 8a 8b 0c 24 4d 89 e9 e8 64 60 41 fd <0f> 0b 4c 8b 6c 24 18 48 b9 00 00 00 00 00 fc ff df ff 05 95 04 14
RSP: 0018:ffffc90000007a10 EFLAGS: 00010246
RAX: 9fd1dbea65218f00 RBX: ffffffff96e7ca78 RCX: ffff888026013b80
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
RBP: ffffffff8a8de2a0 R08: dffffc0000000000 R09: fffff52000000ed1
R10: fffff52000000ed1 R11: 1ffff92000000ed0 R12: ffff88805c4db600
R13: ffffffff891958b0 R14: ffff88805c4db000 R15: ffff88805c4db490
FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000020000000b000 CR3: 000000005b54b000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 slab_free_hook mm/slub.c:1704 [inline]
 slab_free_freelist_hook+0xd2/0x1a0 mm/slub.c:1755
 slab_free mm/slub.c:3687 [inline]
 __kmem_cache_free+0xb6/0x1f0 mm/slub.c:3700
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x4a7/0x5d0 net/rose/rose_timer.c:183
 call_timer_fn+0x1a0/0x670 kernel/time/timer.c:1700
 expire_timers kernel/time/timer.c:1751 [inline]
 __run_timers+0x529/0x7d0 kernel/time/timer.c:2022
 run_timer_softirq+0x63/0xf0 kernel/time/timer.c:2035
 handle_softirqs+0x2a1/0x920 kernel/softirq.c:596
 __do_softirq kernel/softirq.c:630 [inline]
 invoke_softirq kernel/softirq.c:470 [inline]
 __irq_exit_rcu+0x12f/0x220 kernel/softirq.c:679
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:691
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1118 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1118
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:691
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100 kernel/locking/spinlock.c:194
Code: 74 05 e8 ce 48 65 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f6 cd 35 f7 65 8b 05 77 85 e0 75 85 c0 74 3c 48 c7 04 24 0e 36
RSP: 0018:ffffc9000596fa80 EFLAGS: 00000206
RAX: 9fd1dbea65218f00 RBX: 0000000000000a06 RCX: 9fd1dbea65218f00
RDX: dffffc0000000000 RSI: ffffffff8a8c0580 RDI: 0000000000000001
RBP: ffffc9000596fb18 R08: dffffc0000000000 R09: fffffbfff215c46b
R10: fffffbfff215c46b R11: 1ffffffff215c46a R12: dffffc0000000000
R13: ffff88802e663518 R14: ffff88802e663530 R15: 1ffff92000b2df50
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 snd_rawmidi_transmit+0x98/0xc0 sound/core/rawmidi.c:1478
 snd_vmidi_output_work+0x1a0/0x400 sound/core/seq/seq_virmidi.c:151
 process_one_work+0x898/0x1160 kernel/workqueue.c:2292
 worker_thread+0xaa2/0x1250 kernel/workqueue.c:2439
 kthread+0x29d/0x330 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
----------------
Code disassembly (best guess):
   0:	74 05                	je     0x7
   2:	e8 ce 48 65 f7       	call   0xf76548d5
   7:	48 c7 44 24 20 00 00 	movq   $0x0,0x20(%rsp)
   e:	00 00
  10:	9c                   	pushf
  11:	8f 44 24 20          	pop    0x20(%rsp)
  15:	f6 44 24 21 02       	testb  $0x2,0x21(%rsp)
  1a:	75 4b                	jne    0x67
  1c:	f7 c3 00 02 00 00    	test   $0x200,%ebx
  22:	74 01                	je     0x25
  24:	fb                   	sti
  25:	bf 01 00 00 00       	mov    $0x1,%edi
* 2a:	e8 f6 cd 35 f7       	call   0xf735ce25 <-- trapping instruction
  2f:	65 8b 05 77 85 e0 75 	mov    %gs:0x75e08577(%rip),%eax        # 0x75e085ad
  36:	85 c0                	test   %eax,%eax
  38:	74 3c                	je     0x76
  3a:	48                   	rex.W
  3b:	c7                   	.byte 0xc7
  3c:	04 24                	add    $0x24,%al
  3e:	0e                   	(bad)
  3f:	36                   	ss

Crashes (147):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/11/09 05:03 linux-6.1.y f6e38ae624cf 4e1406b4 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/24 11:10 linux-6.1.y 7c87defbd336 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/23 09:29 linux-6.1.y 7c87defbd336 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/21 20:52 linux-6.1.y 7c87defbd336 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/17 05:54 linux-6.1.y 8e8fc038cad5 de0a551d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/17 04:02 linux-6.1.y 8e8fc038cad5 de0a551d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/16 22:13 linux-6.1.y 8e8fc038cad5 4743f87d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/13 20:59 linux-6.1.y 8e8fc038cad5 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/07 17:27 linux-6.1.y 1989cd3d56e2 628666c6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/02 02:27 linux-6.1.y 1989cd3d56e2 0cb124d5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/01 09:19 linux-6.1.y 1989cd3d56e2 fb8b2c26 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/28 22:58 linux-6.1.y 1989cd3d56e2 b5ceaad2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/28 10:52 linux-6.1.y 1989cd3d56e2 356bdfc9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/26 21:52 linux-6.1.y 1989cd3d56e2 766b6434 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/26 17:26 linux-6.1.y 1989cd3d56e2 766b6434 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/26 07:18 linux-6.1.y 1989cd3d56e2 c6143aac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/25 18:34 linux-6.1.y 1989cd3d56e2 8ee77f7d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/24 21:32 linux-6.1.y f2ddafa93a25 74e70d19 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/24 04:37 linux-6.1.y f2ddafa93a25 baf8bf12 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/22 19:20 linux-6.1.y f2ddafa93a25 5b92003d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/17 14:44 linux-6.1.y f2ddafa93a25 c01bca74 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/11 22:03 linux-6.1.y f2ddafa93a25 2d88ab01 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/11 09:46 linux-6.1.y f2ddafa93a25 86914af9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/10 12:01 linux-6.1.y f2ddafa93a25 6972f302 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/06 22:02 linux-6.1.y f2ddafa93a25 41d8037d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/03/06 22:02 linux-6.1.y f2ddafa93a25 41d8037d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/02/28 01:24 linux-6.1.y 779f9571ac3e 2cf092b8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/02/23 20:01 linux-6.1.y 779f9571ac3e 6beca497 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/02/16 19:35 linux-6.1.y 8ce36b2849ef 5d52cba5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/02/07 12:19 linux-6.1.y 0182cb5b74ee f20fc9f9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/02/06 21:30 linux-6.1.y 0182cb5b74ee 97745f52 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2025/09/06 07:06 linux-6.1.y 28c695c365e1 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan WARNING: ODEBUG bug in __run_timers
2026/04/23 04:25 linux-6.1.y 7c87defbd336 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/04/08 07:46 linux-6.1.y 1989cd3d56e2 2c961e87 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/04/07 18:40 linux-6.1.y 1989cd3d56e2 628666c6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/04/01 03:55 linux-6.1.y 1989cd3d56e2 fb8b2c26 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/03/30 13:43 linux-6.1.y 1989cd3d56e2 dcaebc52 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/03/27 19:04 linux-6.1.y 1989cd3d56e2 74a13a23 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/03/26 03:07 linux-6.1.y 1989cd3d56e2 c6143aac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/03/25 04:34 linux-6.1.y f2ddafa93a25 74e70d19 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/03/10 08:02 linux-6.1.y f2ddafa93a25 6972f302 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/03/10 00:00 linux-6.1.y f2ddafa93a25 176bead5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/02/28 09:34 linux-6.1.y 779f9571ac3e 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/02/24 07:32 linux-6.1.y 779f9571ac3e 41d2fa6a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/02/13 11:22 linux-6.1.y 8ce36b2849ef 6a673c50 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/02/13 09:16 linux-6.1.y 8ce36b2849ef 6a673c50 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/02/09 16:50 linux-6.1.y 0182cb5b74ee df949cd9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
2026/02/07 08:51 linux-6.1.y 0182cb5b74ee f20fc9f9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.