syzbot

 sign-in | mailing list | source | docs
🐞 Open [1437]
Subsystems
🐞 Fixed [6893]
🐞 Invalid [17916]
Missing Backports [224]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: ODEBUG bug in __run_timers (3)

Status: upstream: reported on 2025/09/02 17:24
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+7287222a6d88bdb559a7@syzkaller.appspotmail.com
First crash: 152d, last: 12h29m
Discussions (7)
Title Replies (including bot) Last reply
[syzbot] Monthly hams report (Jan 2026) 0 (1) 2026/01/26 07:12
[syzbot] Monthly hams report (Dec 2025) 0 (1) 2025/12/26 07:48
[syzbot] Monthly hams report (Nov 2025) 0 (1) 2025/11/25 08:46
[syzbot] Monthly hams report (Oct 2025) 0 (1) 2025/10/24 18:48
[syzbot] Monthly hams report (Sep 2025) 0 (1) 2025/09/23 13:33
Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base 2 (2) 2025/09/03 10:11
[syzbot] [hams?] WARNING: ODEBUG bug in __run_timers (3) 0 (1) 2025/09/02 17:24
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: ODEBUG bug in __run_timers net -1 1 1957d 1953d 0/29 auto-closed as invalid on 2020/12/19 18:17
upstream WARNING: ODEBUG bug in __run_timers (2) net -1 2 1647d 1672d 0/29 auto-closed as invalid on 2021/10/25 11:37
linux-6.6 WARNING: ODEBUG bug in __run_timers -1 41 2d11h 146d 0/2 upstream: reported on 2025/09/06 01:04
linux-6.1 WARNING: ODEBUG bug in __run_timers origin:upstream -1 syz 83 4d02h 146d 0/3 upstream: reported syz repro on 2025/09/06 07:06

Sample crash report:
------------[ cut here ]------------
ODEBUG: free active (active state 0) object: ffff888055234890 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 include/linux/skbuff.h:2927
WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0 lib/debugobjects.c:612, CPU#1: udevd/12582
Modules linked in:
CPU: 1 UID: 0 PID: 12582 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
RIP: 0010:debug_print_object+0x19b/0x2a0 lib/debugobjects.c:612
Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 0d d2 0b 41 56 48 8b 14 dd 60 47 fa 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 9c f5 c7 0b 01 48 83 c4 18 5b 5d 41 5c 41
RSP: 0018:ffffc90000a08a18 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffffffff8bfa46a0 RSI: ffffffff8bfa42c0 RDI: ffffffff90c194c0
RBP: 0000000000000001 R08: ffff888055234890 R09: ffffffff8b92b900
R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bfa42c0
R13: ffffffff8b92b940 R14: ffffffff8a662a20 R15: ffffc90000a08b18
FS:  00007f061b545880(0000) GS:ffff8881246db000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000018000 CR3: 0000000033c24000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 __debug_check_no_obj_freed lib/debugobjects.c:1099 [inline]
 debug_check_no_obj_freed+0x4da/0x630 lib/debugobjects.c:1129
 slab_free_hook mm/slub.c:2471 [inline]
 slab_free mm/slub.c:6674 [inline]
 kfree+0x34c/0x690 mm/slub.c:6882
 rose_neigh_put include/net/rose.h:166 [inline]
 rose_timer_expiry+0x53f/0x630 net/rose/rose_timer.c:183
 call_timer_fn+0x19a/0x590 kernel/time/timer.c:1748
 expire_timers kernel/time/timer.c:1799 [inline]
 __run_timers+0x757/0xac0 kernel/time/timer.c:2373
 __run_timer_base kernel/time/timer.c:2385 [inline]
 __run_timer_base kernel/time/timer.c:2377 [inline]
 run_timer_base+0x114/0x190 kernel/time/timer.c:2394
 run_timer_softirq+0x1a/0x50 kernel/time/timer.c:2404
 handle_softirqs+0x1ea/0x910 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xef/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa3/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:do_unlinkat+0x5d/0x6e0 fs/namei.c:5407
Code: 04 24 48 89 c1 48 b8 00 00 00 00 00 fc ff df 48 c7 44 24 28 a8 a0 d6 8d 48 01 c8 48 c7 44 24 30 a0 0d 8a 82 c7 00 f1 f1 f1 f1 <c7> 40 04 f1 f1 04 f2 c7 40 08 00 f2 f2 f2 c7 40 0c 00 00 f2 f2 c7
RSP: 0018:ffffc9000c3c7de0 EFLAGS: 00000286
RAX: fffff52001878fc0 RBX: ffff888032594400 RCX: 1ffff92001878fc0
RDX: ffff88802cb3c980 RSI: ffff888032594400 RDI: 00000000ffffff9c
RBP: 00007ffde9909650 R08: 0000000000000001 R09: ffffed10064b2882
R10: ffff888032594413 R11: 0000000000000000 R12: ffff88802cb3c980
R13: ffff888032594400 R14: 0000000000000057 R15: 0000000000000000
 __do_sys_unlink fs/namei.c:5483 [inline]
 __se_sys_unlink fs/namei.c:5481 [inline]
 __x64_sys_unlink+0xc5/0x110 fs/namei.c:5481
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f061af15937
Code: 00 00 e9 a9 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 5f 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 57 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 91 b4 0d 00 f7 d8 64 89 02 b8
RSP: 002b:00007ffde9909638 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f061af15937
RDX: 0000000000000000 RSI: 00000000000003e1 RDI: 00007ffde9909650
RBP: 000055e1dd1c70c0 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffde9909650
R13: 000055e1dd1db4b0 R14: 000055e1bdd96100 R15: 000055e1bdd96140
 </TASK>
----------------
Code disassembly (best guess):
   0:	b8 00 00 00 00       	mov    $0x0,%eax
   5:	00 fc                	add    %bh,%ah
   7:	ff                   	lcall  (bad)
   8:	df 48 89             	fisttps -0x77(%rax)
   b:	fa                   	cli
   c:	48 c1 ea 03          	shr    $0x3,%rdx
  10:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  14:	75 4f                	jne    0x65
  16:	48 8d 3d f2 0d d2 0b 	lea    0xbd20df2(%rip),%rdi        # 0xbd20e0f
  1d:	41 56                	push   %r14
  1f:	48 8b 14 dd 60 47 fa 	mov    -0x7405b8a0(,%rbx,8),%rdx
  26:	8b
  27:	4c 89 e6             	mov    %r12,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	58                   	pop    %rax
  30:	83 05 9c f5 c7 0b 01 	addl   $0x1,0xbc7f59c(%rip)        # 0xbc7f5d3
  37:	48 83 c4 18          	add    $0x18,%rsp
  3b:	5b                   	pop    %rbx
  3c:	5d                   	pop    %rbp
  3d:	41 5c                	pop    %r12
  3f:	41                   	rex.B

Crashes (524):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/01/29 18:44 upstream 8dfce8991b95 aeb6fdd5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/26 05:10 upstream 023777797472 55756628 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/26 03:32 upstream 023777797472 55756628 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/25 14:59 upstream d91a46d6805a 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/25 13:25 upstream d91a46d6805a 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/25 03:36 upstream 12a0094839d0 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/24 15:35 upstream 62085877ae65 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/24 15:17 upstream 62085877ae65 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/24 11:13 upstream 62085877ae65 4f25b9b4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/23 11:27 upstream c072629f05d7 82c9c083 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 21:09 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/21 19:30 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 18:14 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 18:13 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 17:11 upstream 6c790212c588 6f1aa2f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/21 07:17 upstream c03e9c42ae8f 2494e18d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/18 16:34 upstream e84d960149e7 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/16 20:53 upstream 983d014aafb1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/15 11:23 upstream 944aacb68baf d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/15 11:22 upstream 944aacb68baf d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/14 15:41 upstream c537e12daeec d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/13 01:31 upstream b71e635feefc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/12 11:52 upstream 7143203341dc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/12 10:46 upstream 0f61b1860cc3 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2026/01/12 00:08 upstream 755bc1335e3b d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/11 19:08 upstream 755bc1335e3b d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/09 04:33 upstream 79b95d74470d d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/07 10:02 upstream f0b9d8eb98df d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/06 05:58 upstream 7f98ab9da046 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: ODEBUG bug in __run_timers
2025/09/02 12:30 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2025/08/30 11:22 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: ODEBUG bug in __run_timers
2026/01/27 10:59 upstream fcb70a56f4d8 43e1df1d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/26 21:34 upstream fcb70a56f4d8 efb3e894 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/25 02:31 upstream 5dbeeb268b63 40acda8a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/23 17:55 upstream c072629f05d7 1aa92270 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/22 00:36 upstream cf38b2340c0e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/21 23:18 upstream cf38b2340c0e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/21 14:29 upstream 6c790212c588 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/16 02:49 upstream 603c05a1639f d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/12 18:21 upstream 0f61b1860cc3 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/12 04:20 upstream 9c7ef209cd0f d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/11 03:01 upstream 97313d6113ab d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/08 02:19 upstream f0b9d8eb98df d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 21:55 upstream f0b9d8eb98df d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 19:51 upstream f0b9d8eb98df d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 03:22 upstream 7f98ab9da046 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
2026/01/06 03:21 upstream 7f98ab9da046 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: ODEBUG bug in __run_timers
* Struck through repros no longer work on HEAD.