Good day, dear maintainers,

We found a bug using a modified version of syzkaller.

Kernel Branch: 7.0-rc1
Kernel Config: 
<https://drive.google.com/open?id=173DLEAEPKPhhR1TcqofdnkLpdoK7PMFl>
Unfortunately, we don't have any reproducer for this bug yet.
Thank you!

Best regards,
Sanan Hasanov

------------[ cut here ]------------
bochs-drm 0000:00:02.0: [drm] vblank wait timed out on crtc 0
WARNING: at drm_crtc_wait_one_vblank+0x33a/0x4f0 
drivers/gpu/drm/drm_vblank.c:1320, CPU#0: kworker/0:1/10
Modules linked in:
CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 7.0.0-rc1 #1 PREEMPT(full) 
Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), 
BIOS 1.16.3-debian-1.16.3-2 04/01/2014
Workqueue: events drm_fb_helper_damage_work
RIP: 0010:drm_crtc_wait_one_vblank+0x4a3/0x4f0 drivers/gpu/drm/drm_vblank.c:1320
Code: 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ef e8 bf ba f8 fc 
4d 8b 7d 00 4c 89 e7 48 8b 74 24 18 4c 89 fa 44 89 f1 <67> 48 0f b9 3a 48 8b 7c 
24 28 44 89 f6 e8 9b f6 ff ff b8 92 ff ff
RSP: 0018:ffffc900000af9a0 EFLAGS: 00010246
RAX: 1ffff110029ee41a RBX: 1ffff92000015f3c RCX: 0000000000000000
RDX: ffff888014b9b220 RSI: ffffffff8c4a0d60 RDI: ffffffff906b4414
RBP: ffffc900000afaa8 R08: ffff88801d533833 R09: 1ffff11003aa6706
R10: dffffc0000000000 R11: ffffed1003aa6707 R12: ffffffff906b4414
R13: ffff888014f720d0 R14: 0000000000000000 R15: ffff888014b9b220
FS:  0000000000000000(0000) GS:ffff8880d98df000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff888012801000 CR3: 000000000e6ff000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 drm_client_modeset_wait_for_vblank+0xc7/0xe0 
drivers/gpu/drm/drm_client_modeset.c:1330
 drm_fb_helper_fb_dirty drivers/gpu/drm/drm_fb_helper.c:236 [inline]
 drm_fb_helper_damage_work+0x116/0x720 drivers/gpu/drm/drm_fb_helper.c:274
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0x811/0xf10 kernel/workqueue.c:3358
 worker_thread+0x9c1/0xeb0 kernel/workqueue.c:3439
 kthread+0x3c1/0x4d0 kernel/kthread.c:467
 ret_from_fork+0x608/0xc40 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:245
 </TASK>
----------------
Code disassembly (best guess):
   0:   48 b9 00 00 00 00 00    movabs $0xdffffc0000000000,%rcx
   7:   fc ff df
   a:   80 3c 08 00             cmpb   $0x0,(%rax,%rcx,1)
   e:   74 08                   je     0x18
  10:   4c 89 ef                mov    %r13,%rdi
  13:   e8 bf ba f8 fc          call   0xfcf8bad7
  18:   4d 8b 7d 00             mov    0x0(%r13),%r15
  1c:   4c 89 e7                mov    %r12,%rdi
  1f:   48 8b 74 24 18          mov    0x18(%rsp),%rsi
  24:   4c 89 fa                mov    %r15,%rdx
  27:   44 89 f1                mov    %r14d,%ecx
* 2a:   67 48 0f b9 3a          ud1    (%edx),%rdi <-- trapping instruction
  2f:   48 8b 7c 24 28          mov    0x28(%rsp),%rdi
  34:   44 89 f6                mov    %r14d,%esi
  37:   e8 9b f6 ff ff          call   0xfffff6d7
  3c:   b8                      .byte 0xb8
  3d:   92                      xchg   %eax,%edx
  3e:   ff                      (bad)
  3f:   ff                      .byte 0xff

<<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>>

Reply via email to