Date: Sat, 17 Aug 2019 12:26:07 -0400 From: Anthony Jenkins <Scoobi_doo@yahoo.com> To: freebsd-wireless@freebsd.org Subject: ath10k crash + patch Message-ID: <b7264763-5fba-d970-edf1-9101e497446f@yahoo.com>
next in thread | raw e-mail | index | archive | help
I've been trying to run the ath10k driver port from https://github.com/erikarn/athp/ 's master branch since I got a laptop with a Qualcomm Atheros QCA6174 802.11ac wireless adapter. It would load, but then crash the kernel within a few seconds. Today I figured out what was wrong; no idea why no one else is seeing it.?? Patch pull request is at https://github.com/ScoobiFreeBSD/athp/pull/1 . Problem was with the hash macro SKB_RX_HASH(x): #define SKB_RX_HASH(skb)?????????????? (((skb) >> 6) & ~(ATHP_RX_SKB_HASH_BUCKET_COUNT-1)) It is used to index a hash table with 32 entries (ATHP_RX_SKB_HASH_BUCKET_COUNT = 32), but the bitwise inversion operator shouldn't be there. Patch: diff --git a/otus/freebsd/src/sys/dev/athp/if_athp_htt_rx.c b/otus/freebsd/src/sys/dev/athp/if_athp_htt_rx.c index 4459542..6282902 100644 --- a/otus/freebsd/src/sys/dev/athp/if_athp_htt_rx.c +++ b/otus/freebsd/src/sys/dev/athp/if_athp_htt_rx.c @@ -102,7 +102,7 @@ static int ath10k_htt_rx_get_csum_state(struct athp_buf *skb); ??static void ath10k_htt_txrx_compl_task(void *arg, int npending); ??static void ath10k_htt_rx_ring_refill_retry(void *arg); -#define?????????????? SKB_RX_HASH(skb)?????????????????????????????? (((skb) >> 6) & ~(ATHP_RX_SKB_HASH_BUCKET_COUNT-1)) +#define?????????????? SKB_RX_HASH(skb)?????????????????????????????? (((skb) >> 6) & (ATHP_RX_SKB_HASH_BUCKET_COUNT - 1)) ??static struct athp_buf * ??ath10k_htt_rx_find_skb_paddr(struct ath10k *ar, u32 paddr) Device still doesn't work, but at least it doesn't bring down the whole system.?? I can work on getting it working. Anthony ----- Crash dump ----- athp0: ath10k_wmi_event_service_ready_work: TODO: EEPROM code: 0x00000069 Fatal trap 9: general protection fault while in kernel mode cpuid = 1; apic id = 01 instruction pointer???????? = 0x20:0xffffffff8410055e stack pointer???????????????????? = 0x28:0xfffffe01341fa610 frame pointer???????????????????? = 0x28:0xfffffe01341fa670 code segment?????????????????????? = base 0x0, limit 0xfffff, type 0x1b ?????????????????????????????????????????????? = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags?????????????? = interrupt enabled, resume, IOPL = 0 current process???????????????? = 0 (athp0 ath10k_at_wq) trap number???????????????????????? = 9 panic: general protection fault cpuid = 1 time = 1566052301 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe01341fa320 vpanic() at vpanic+0x19d/frame 0xfffffe01341fa370 panic() at panic+0x43/frame 0xfffffe01341fa3d0 trap_fatal() at trap_fatal+0x39c/frame 0xfffffe01341fa430 trap() at trap+0x6c/frame 0xfffffe01341fa540 calltrap() at calltrap+0x8/frame 0xfffffe01341fa540 --- trap 0x9, rip = 0xffffffff8410055e, rsp = 0xfffffe01341fa610, rbp = 0xfffffe01341fa670 --- __ath10k_htt_rx_ring_fill_n() at __ath10k_htt_rx_ring_fill_n+0x2ae/frame 0xfffffe01341fa670 ath10k_htt_rx_ring_fill_n() at ath10k_htt_rx_ring_fill_n+0x1b/frame 0xfffffe01341fa690 ath10k_htt_rx_ring_refill() at ath10k_htt_rx_ring_refill+0x65/frame 0xfffffe01341fa6d0 ath10k_core_start() at ath10k_core_start+0x5d1/frame 0xfffffe01341fa780 ath10k_core_probe_fw() at ath10k_core_probe_fw+0x2d9/frame 0xfffffe01341fa830 attempt_ath10k_core_probe_fw() at attempt_ath10k_core_probe_fw+0x18/frame 0xfffffe01341fa890 ath10k_core_register_work() at ath10k_core_register_work+0x27/frame 0xfffffe01341fa8e0 taskqueue_run_locked() at taskqueue_run_locked+0x10c/frame 0xfffffe01341fa940 taskqueue_thread_loop() at taskqueue_thread_loop+0x88/frame 0xfffffe01341fa970 fork_exit() at fork_exit+0x84/frame 0xfffffe01341fa9b0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe01341fa9b0 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- KDB: enter: panic __curthread () at /usr/src/sys/amd64/include/pcpu.h:246 246???????????????????????? __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (OFFSETOF_CURTHREAD)); (kgdb) up 15 #15 0xffffffff8410055e in __ath10k_htt_rx_ring_fill_n (htt=0xfffffe00aaccc8f8, num=1023) at ../../dev/athp/if_athp_htt_rx.c:226 warning: Source file is more recent than executable. 226 TAILQ_INSERT_TAIL(&htt->rx_ring.skb_table[SKB_RX_HASH(skb->mb.paddr)], (kgdb) list 221???????????????????????????????????????????????? htt->rx_ring.netbufs_ring[idx]); 222 223???????????????????????????????????????? if (htt->rx_ring.in_ord_rx) { 224 ATH10K_SKB_RXCB(skb)->paddr = skb->mb.paddr; 225???????????????????????????????????????????????????????????????????????? /* hash_add */ 226 TAILQ_INSERT_TAIL(&htt->rx_ring.skb_table[SKB_RX_HASH(skb->mb.paddr)], 227???????????????????????????????????????????????????????????????????????????????? skb, next); 228???????????????????????????????????????? } 229 230???????????????????????????????????????? num--;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b7264763-5fba-d970-edf1-9101e497446f>