[PATCH v2 6.18.y 0/5] drm/vkms: Backport generic vblank timer to fix ABBA deadlock

public inbox for drm-ai-reviews@public-inbox.freedesktop.org
 help / color / mirror / Atom feed

From: w15303746062@163.com
To: stable@vger.kernel.org, gregkh@linuxfoundation.org, sashal@kernel.org
Cc: tzimmermann@suse.de, maarten.lankhorst@linux.intel.com,
	mripard@kernel.org, louis.chauvet@bootlin.com,
	dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org,
	Mingyu Wang <25181214217@stu.xidian.edu.cn>
Subject: [PATCH v2 6.18.y 0/5] drm/vkms: Backport generic vblank timer to fix ABBA deadlock
Date: Tue, 26 May 2026 21:31:18 +0800	[thread overview]
Message-ID: <20260526133123.691465-1-w15303746062@163.com> (raw)

From: Mingyu Wang <25181214217@stu.xidian.edu.cn>

This series backports the generic vblank timer infrastructure and 
converts the vkms driver to use it, fixing an ABBA deadlock.

Bug Context:
During local fuzzing with Syzkaller, an RCU preempt stall (soft lockup) 
was consistently observed in the vkms driver. The issue stems from the 
open-coded hrtimer in vkms attempting to acquire the vblank_time_lock 
(spinlock) from the timer's hardirq context, while the disable path 
holds the same lock and calls hrtimer_cancel(), resulting in a classic 
ABBA deadlock.

This 5-patch series is the complete upstream fix recommended by the DRM 
maintainers. It introduces the safe generic vblank timer to the DRM core 
and transitions vkms to it, cleanly resolving the lockup. 

Additionally, a lock dependency audit was conducted on other DRM drivers 
(i915/gvt, xe, msm) that utilize hrtimer_cancel. They were found to be 
structurally safe from this specific deadlock pattern, confirming this 
is a vkms-specific legacy issue.

Changes in v2:
- Added the missing Signed-off-by trailers from Mingyu Wang to properly 
  establish the chain of custody, as requested by Sasha Levin.
- Included the bug report context in the cover letter as suggested by 
  Maarten Lankhorst.
- The 5 patches remain identical to v1.

Thomas Zimmermann (5):
  drm/vblank: Add vblank timer
  drm/vblank: Add CRTC helpers for simple use cases
  drm/vkms: Convert to DRM's vblank timer
  drm/atomic: Increase timeout in drm_atomic_helper_wait_for_vblanks()
  drm/vblank: Fix kernel docs for vblank timer

 Documentation/gpu/drm-kms-helpers.rst    |  12 ++
 drivers/gpu/drm/Makefile                 |   3 +-
 drivers/gpu/drm/drm_atomic_helper.c      |   2 +-
 drivers/gpu/drm/drm_vblank.c             | 172 +++++++++++++++++++++-
 drivers/gpu/drm/drm_vblank_helper.c      | 176 +++++++++++++++++++++++
 drivers/gpu/drm/vkms/vkms_crtc.c         |  83 +----------
 drivers/gpu/drm/vkms/vkms_drv.h          |   2 -
 include/drm/drm_modeset_helper_vtables.h |  12 ++
 include/drm/drm_vblank.h                 |  32 +++++
 include/drm/drm_vblank_helper.h          |  56 ++++++++
 10 files changed, 468 insertions(+), 82 deletions(-)
 create mode 100644 drivers/gpu/drm/drm_vblank_helper.c
 create mode 100644 include/drm/drm_vblank_helper.h

-- 
2.34.1

next             reply	other threads:[~2026-05-26 13:32 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-26 13:31 w15303746062 [this message]
2026-05-26 13:31 ` [PATCH v2 6.18.y 1/5] drm/vblank: Add vblank timer w15303746062
2026-05-27  4:49   ` Claude review: " Claude Code Review Bot
2026-05-26 13:31 ` [PATCH v2 6.18.y 2/5] drm/vblank: Add CRTC helpers for simple use cases w15303746062
2026-05-27  4:49   ` Claude review: " Claude Code Review Bot
2026-05-26 13:31 ` [PATCH v2 6.18.y 3/5] drm/vkms: Convert to DRM's vblank timer w15303746062
2026-05-27  4:49   ` Claude review: " Claude Code Review Bot
2026-05-26 13:31 ` [PATCH v2 6.18.y 4/5] drm/atomic: Increase timeout in drm_atomic_helper_wait_for_vblanks() w15303746062
2026-05-27  4:49   ` Claude review: " Claude Code Review Bot
2026-05-26 13:31 ` [PATCH v2 6.18.y 5/5] drm/vblank: Fix kernel docs for vblank timer w15303746062
2026-05-27  4:49   ` Claude review: " Claude Code Review Bot
2026-05-27  4:49 ` Claude review: drm/vkms: Backport generic vblank timer to fix ABBA deadlock Claude Code Review Bot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260526133123.691465-1-w15303746062@163.com \
    --to=w15303746062@163.com \
    --cc=25181214217@stu.xidian.edu.cn \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=louis.chauvet@bootlin.com \
    --cc=maarten.lankhorst@linux.intel.com \
    --cc=mripard@kernel.org \
    --cc=sashal@kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=tzimmermann@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox