Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider:
New issues: - [High] Initial connection and replug events are incorrectly bypassed if accompanied by an IRQ_HPD status, leaving the display disconnected. Pre-existing issues: - [High] `msm_dp_irq_hpd_handle` modifies shared state without acquiring `dp->plugged_lock`, leading to unprotected concurrent modification of DPCD and link state. -- commit 48a78358ae98020ff3993aab3250dd8c32cc6835 Author: Dmitry Baryshkov <[email protected]> drm/msm: dp: handle the IRQ_HPD events reported by USB-C This patch adds support for tracking and handling IRQ_HPD events delivered over out-of-band events (such as USB-C AltMode handlers) in the MSM DisplayPort driver. > diff --git a/drivers/gpu/drm/msm/dp/dp_display.c > b/drivers/gpu/drm/msm/dp/dp_display.c > index c0f6a8ff9b99d..743d8fa40dc68 100644 > --- a/drivers/gpu/drm/msm/dp/dp_display.c > +++ b/drivers/gpu/drm/msm/dp/dp_display.c > @@ -1533,11 +1533,12 @@ void msm_dp_bridge_hpd_notify(struct drm_bridge > *bridge, > msm_dp_display->connector_type, hpd_link_status, status); > > if (status == connector_status_connected) { > - if (hpd_link_status == ISR_HPD_REPLUG_COUNT) { > + if (hpd_link_status == ISR_IRQ_HPD_PULSE_COUNT || > + extra_status == DRM_CONNECTOR_DP_IRQ_HPD) { > + msm_dp_irq_hpd_handle(dp); [Severity: High] This is a pre-existing issue, but does msm_dp_irq_hpd_handle() need to acquire the dp->plugged_lock? Since msm_dp_irq_hpd_handle() can call msm_dp_display_process_hpd_high(), which reads from DPCD and modifies shared driver state (like dp->link->lttpr_count, dp->panel->dpcd, and dp->audio_supported), it seems like it could race. Other HPD handlers like msm_dp_hpd_plug_handle() use guard(mutex)(&dp->plugged_lock) to safely synchronize access. With out-of-band events processed via workqueues, can this function run concurrently with other HPD handlers or msm_dp_bridge_detect() and corrupt the internal representation of the hardware configuration? [Severity: High] If an out-of-band handler reports an initial connection with both hpd_state=1 and hpd_irq=1 simultaneously, does this new ordering bypass the required plug sequence? By placing the IRQ_HPD check at the top of the if/else chain, if extra_status == DRM_CONNECTOR_DP_IRQ_HPD, the code will execute msm_dp_irq_hpd_handle() and skip msm_dp_hpd_plug_handle(). If msm_dp_hpd_plug_handle() is skipped, dp->plugged remains false, PHY initialization (msm_dp_display_host_phy_init) never occurs, and msm_dp_aux_enable_xfers() is never called. Won't the subsequent AUX reads within msm_dp_irq_hpd_handle() fail with -ENXIO, aborting the initialization and leaving the display disconnected? > + } else if (hpd_link_status == ISR_HPD_REPLUG_COUNT) { > msm_dp_hpd_unplug_handle(dp); > msm_dp_hpd_plug_handle(dp); > - } else if (hpd_link_status == ISR_IRQ_HPD_PULSE_COUNT) { > - msm_dp_irq_hpd_handle(dp); > } else { > msm_dp_hpd_plug_handle(dp); > } -- Sashiko AI review ยท https://sashiko.dev/#/patchset/[email protected]?part=6
