WARNING: at drm_atomic_helper_wait_for_vblanks, CPU: kworker/NUM:NUM/NUM

All of lore.kernel.org
 help / color / mirror / Atom feed

From: sanan.hasanou@gmail.com
To: maarten.lankhorst@linux.intel.com, mripard@kernel.org,
	tzimmermann@suse.de, airlied@gmail.com, simona@ffwll.ch,
	dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org
Cc: syzkaller@googlegroups.com, contact@pgazz.com
Subject: WARNING: at drm_atomic_helper_wait_for_vblanks, CPU: kworker/NUM:NUM/NUM
Date: Thu, 18 Jun 2026 15:26:37 -0700 (PDT)	[thread overview]
Message-ID: <6a34709d.0ca26d91.115e9.fdf4@mx.google.com> (raw)

Good day, dear maintainers,

We found a bug using a modified version of syzkaller.

Kernel Branch: 7.0-rc1
Kernel Config: <https://drive.google.com/open?id=173DLEAEPKPhhR1TcqofdnkLpdoK7PMFl>
Unfortunately, we don't have any reproducer for this bug yet.
Thank you!

Best regards,
Sanan Hasanov

------------[ cut here ]------------
[CRTC:35:crtc-0] vblank wait timed out
WARNING: at drm_atomic_helper_wait_for_vblanks+0x764/0x8f0 drivers/gpu/drm/drm_atomic_helper.c:1921, CPU#1: kworker/1:1/30
Modules linked in:
CPU: 1 UID: 0 PID: 30 Comm: kworker/1:1 Not tainted 7.0.0-rc1 #1 PREEMPT(full) 
Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
Workqueue: events drm_fb_helper_damage_work
RIP: 0010:drm_atomic_helper_wait_for_vblanks+0x7b0/0x8f0 drivers/gpu/drm/drm_atomic_helper.c:1921
Code: 45 8b b6 88 00 00 00 4c 8d 68 20 4c 89 e8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ef e8 9a 83 f4 fc 49 8b 55 00 4c 89 ff 44 89 f6 <67> 48 0f b9 3a 4d 89 e5 e9 34 ff ff ff 44 89 f1 80 e1 07 80 c1 03
RSP: 0018:ffffc900002075a0 EFLAGS: 00010246
RAX: 1ffff11003a891c3 RBX: dffffc0000000000 RCX: ffff88801330e180
RDX: ffff88801c9712c0 RSI: 0000000000000023 RDI: ffffffff906b49a8
RBP: ffffc900002076e0 R08: ffff88801d478833 R09: 1ffff11003a8f106
R10: dffffc0000000000 R11: ffffed1003a8f107 R12: ffff88801ca0ec28
R13: ffff88801d448e18 R14: 0000000000000023 R15: ffffffff906b49a8
FS:  0000000000000000(0000) GS:ffff8880d99df000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000000e6ff000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 drm_atomic_helper_commit_tail+0x2d2/0x4e0 drivers/gpu/drm/drm_atomic_helper.c:1997
 commit_tail+0x298/0x3a0 drivers/gpu/drm/drm_atomic_helper.c:2074
 drm_atomic_helper_commit+0xa2e/0xad0 drivers/gpu/drm/drm_atomic_helper.c:2312
 drm_atomic_commit+0x261/0x2c0 drivers/gpu/drm/drm_atomic.c:1775
 drm_atomic_helper_dirtyfb+0xdc0/0xf10 drivers/gpu/drm/drm_damage_helper.c:183
 drm_fbdev_shmem_helper_fb_dirty+0x161/0x2d0 drivers/gpu/drm/drm_fbdev_shmem.c:117
 drm_fb_helper_fb_dirty drivers/gpu/drm/drm_fb_helper.c:248 [inline]
 drm_fb_helper_damage_work+0x296/0x720 drivers/gpu/drm/drm_fb_helper.c:274
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0x811/0xf10 kernel/workqueue.c:3358
 worker_thread+0x9c1/0xeb0 kernel/workqueue.c:3439
 kthread+0x3c1/0x4d0 kernel/kthread.c:467
 ret_from_fork+0x608/0xc40 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:245
 </TASK>
----------------
Code disassembly (best guess):
   0:	45 8b b6 88 00 00 00 	mov    0x88(%r14),%r14d
   7:	4c 8d 68 20          	lea    0x20(%rax),%r13
   b:	4c 89 e8             	mov    %r13,%rax
   e:	48 c1 e8 03          	shr    $0x3,%rax
  12:	80 3c 18 00          	cmpb   $0x0,(%rax,%rbx,1)
  16:	74 08                	je     0x20
  18:	4c 89 ef             	mov    %r13,%rdi
  1b:	e8 9a 83 f4 fc       	call   0xfcf483ba
  20:	49 8b 55 00          	mov    0x0(%r13),%rdx
  24:	4c 89 ff             	mov    %r15,%rdi
  27:	44 89 f6             	mov    %r14d,%esi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	4d 89 e5             	mov    %r12,%r13
  32:	e9 34 ff ff ff       	jmp    0xffffff6b
  37:	44 89 f1             	mov    %r14d,%ecx
  3a:	80 e1 07             	and    $0x7,%cl
  3d:	80 c1 03             	add    $0x3,%cl

<<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>>

                 reply	other threads:[~2026-06-18 22:26 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6a34709d.0ca26d91.115e9.fdf4@mx.google.com \
    --to=sanan.hasanou@gmail.com \
    --cc=airlied@gmail.com \
    --cc=contact@pgazz.com \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=maarten.lankhorst@linux.intel.com \
    --cc=mripard@kernel.org \
    --cc=simona@ffwll.ch \
    --cc=syzkaller@googlegroups.com \
    --cc=tzimmermann@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.