On 13 December 2016 at 14:44, Valo, Kalle <[email protected]> wrote: > Erik Stromdahl <[email protected]> writes: > >> Code refactorization: >> >> Moved the code for ep 0 in ath10k_htc_rx_completion_handler >> to ath10k_htc_control_rx_complete. >> >> This eases the implementation of SDIO/mbox significantly since >> the ep_rx_complete cb is invoked directly from the SDIO/mbox >> hif layer. >> >> Since the ath10k_htc_control_rx_complete already is present >> (only containing a warning message) there is no reason for not >> using it (instead of having a special case for ep 0 in >> ath10k_htc_rx_completion_handler). >> >> Signed-off-by: Erik Stromdahl <[email protected]> > > I tested this on QCA988X PCI board just to see if there are any > regressions. It crashes immediately during module load, every time, and > bisected that the crashing starts on this patch: > > [ 1239.715325] ath10k_pci 0000:02:00.0: pci irq msi oper_irq_mode 2 irq_mode > 0 reset_mode 0 > [ 1239.885125] ath10k_pci 0000:02:00.0: Direct firmware load for > ath10k/pre-cal-pci-0000:02:00.0.bin failed with error -2 > [ 1239.885260] ath10k_pci 0000:02:00.0: Direct firmware load for > ath10k/cal-pci-0000:02:00.0.bin failed with error -2 > [ 1239.885687] ath10k_pci 0000:02:00.0: qca988x hw2.0 target 0x4100016c > chip_id 0x043202ff sub 0000:0000 > [ 1239.885699] ath10k_pci 0000:02:00.0: kconfig debug 1 debugfs 1 tracing 1 > dfs 1 testmode 1 > [ 1239.885899] ath10k_pci 0000:02:00.0: firmware ver 10.2.4.70.59-2 api 5 > features no-p2p,raw-mode,mfp,allows-mesh-bcast crc32 4159f498 > [ 1239.941836] ath10k_pci 0000:02:00.0: Direct firmware load for > ath10k/QCA988X/hw2.0/board-2.bin failed with error -2 > [ 1239.941993] ath10k_pci 0000:02:00.0: board_file api 1 bmi_id N/A crc32 > bebc7c08 > [ 1241.136693] BUG: unable to handle kernel NULL pointer dereference at > (null) > [ 1241.136738] IP: [< (null)>] (null) > [ 1241.136759] *pdpt = 0000000000000000 *pde = f0002a55f0002a55 [ 1241.136781] > [ 1241.136793] Oops: 0010 [#1] SMP > > What's odd is that when I added some printks on my own and enabled both > boot and htc debug levels it doesn't crash anymore. After everything > works normally after that, I can start AP mode and connect to it. Is it > a race somewhere?
Yes. htc_wait_target() is called after hif_start(). The ep_rx_complete is set in htc_wait_target() [changed patch 4, but still too late]. ep_rx_complete must be set prior to calling hif_start(). You probably crash on end of ath10k_htc_rx_completion_handler() when trying to call ep->ep_ops.ep_rx_complete(ar, skb). MichaĆ
