WARNING in drm_atomic_helper_wait_for_vblanks

All of lore.kernel.org
 help / color / mirror / Atom feed

From: sanan.hasanou@gmail.com
To: maarten.lankhorst@linux.intel.com, mripard@kernel.org,
	tzimmermann@suse.de, airlied@gmail.com, simona@ffwll.ch,
	dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org
Cc: syzkaller@googlegroups.com, contact@pgazz.com
Subject: WARNING in drm_atomic_helper_wait_for_vblanks
Date: Fri, 26 Jun 2026 14:27:45 -0700 (PDT)	[thread overview]
Message-ID: <6a3eeed1.ce05d057.35d38.3011@mx.google.com> (raw)

Good day, dear maintainers,

We found a bug using a modified version of syzkaller.

Kernel Branch: 7.0-rc1
Kernel Config: <https://drive.google.com/open?id=1zJHAs5GUroGFBkxAlzfDaWAd_NVPZTfJ>
Unfortunately, we don't have any reproducer for this bug yet.
Thank you!

Best regards,
Sanan Hasanov

------------[ cut here ]------------
[CRTC:35:crtc-0] vblank wait timed out
WARNING: drivers/gpu/drm/drm_atomic_helper.c:1922 at drm_atomic_helper_wait_for_vblanks+0x75f/0x8e0 drivers/gpu/drm/drm_atomic_helper.c:1921, CPU#0: kworker/0:0/9
Modules linked in:
CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted 7.0.0-rc1 #1 PREEMPT(full) 
Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
Workqueue: events drm_fb_helper_damage_work
RIP: 0010:drm_atomic_helper_wait_for_vblanks+0x7ab/0x8e0 drivers/gpu/drm/drm_atomic_helper.c:1921
Code: 45 8b b6 d8 00 00 00 4c 8d 68 20 4c 89 e8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ef e8 0f fc e2 fc 49 8b 55 00 4c 89 ff 44 89 f6 <67> 48 0f b9 3a 4d 89 e5 e9 34 ff ff ff 44 89 f1 80 e1 07 80 c1 03
RSP: 0018:ffffc900001af420 EFLAGS: 00010246
RAX: 1ffff11003d97a68 RBX: dffffc0000000000 RCX: ffff8880196f5700
RDX: ffff88801f06b6a0 RSI: 0000000000000023 RDI: ffffffff8f996300
RBP: ffffc900001af548 R08: ffffffff8f8dfdb7 R09: 1ffffffff1f1bfb6
R10: dffffc0000000000 R11: fffffbfff1f1bfb7 R12: ffff8880220eb528
R13: ffff88801ecbd340 R14: 0000000000000023 R15: ffffffff8f996300
FS:  0000000000000000(0000) GS:ffff88809c136000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000558b4346e5d8 CR3: 000000000dd4a000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 drm_atomic_helper_commit_tail+0x302/0x530 drivers/gpu/drm/drm_atomic_helper.c:1997
 commit_tail+0x2a5/0x390 drivers/gpu/drm/drm_atomic_helper.c:2074
 drm_atomic_helper_commit+0xa50/0xaf0 drivers/gpu/drm/drm_atomic_helper.c:2312
 drm_atomic_commit+0x25c/0x2c0 drivers/gpu/drm/drm_atomic.c:1775
 drm_atomic_helper_dirtyfb+0xd7b/0xed0 drivers/gpu/drm/drm_damage_helper.c:183
 drm_fbdev_shmem_helper_fb_dirty+0x175/0x310 drivers/gpu/drm/drm_fbdev_shmem.c:117
 drm_fb_helper_fb_dirty drivers/gpu/drm/drm_fb_helper.c:248 [inline]
 drm_fb_helper_damage_work+0x2a2/0x730 drivers/gpu/drm/drm_fb_helper.c:274
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xae1/0x1800 kernel/workqueue.c:3358
 worker_thread+0xa0f/0xf70 kernel/workqueue.c:3439
 kthread+0x37d/0x470 kernel/kthread.c:467
 ret_from_fork+0x507/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:245
 </TASK>
----------------
Code disassembly (best guess):
   0:	45 8b b6 d8 00 00 00 	mov    0xd8(%r14),%r14d
   7:	4c 8d 68 20          	lea    0x20(%rax),%r13
   b:	4c 89 e8             	mov    %r13,%rax
   e:	48 c1 e8 03          	shr    $0x3,%rax
  12:	80 3c 18 00          	cmpb   $0x0,(%rax,%rbx,1)
  16:	74 08                	je     0x20
  18:	4c 89 ef             	mov    %r13,%rdi
  1b:	e8 0f fc e2 fc       	call   0xfce2fc2f
  20:	49 8b 55 00          	mov    0x0(%r13),%rdx
  24:	4c 89 ff             	mov    %r15,%rdi
  27:	44 89 f6             	mov    %r14d,%esi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	4d 89 e5             	mov    %r12,%r13
  32:	e9 34 ff ff ff       	jmp    0xffffff6b
  37:	44 89 f1             	mov    %r14d,%ecx
  3a:	80 e1 07             	and    $0x7,%cl
  3d:	80 c1 03             	add    $0x3,%cl

<<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>>

                 reply	other threads:[~2026-06-26 21:27 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6a3eeed1.ce05d057.35d38.3011@mx.google.com \
    --to=sanan.hasanou@gmail.com \
    --cc=airlied@gmail.com \
    --cc=contact@pgazz.com \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=maarten.lankhorst@linux.intel.com \
    --cc=mripard@kernel.org \
    --cc=simona@ffwll.ch \
    --cc=syzkaller@googlegroups.com \
    --cc=tzimmermann@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.