Hello,
I am trying to use a bunch of the 7922 radios in one of my systems. I am seeing
the kernel crash about half of the time when booting, in the location below.
Maybe release_firmware invalidates the 'features' memory?
Firmware info:
[ 17.800452] mt7921e 0000:06:00.0: ASIC revision: 79220010
[ 17.800886] mt7921e 0000:05:00.0: HW/SW Version: 0x8a108a10, Build Time: 20221227123154a
[ 17.816567] mt7921e 0000:05:00.0: WM Firmware Version: ____000000, Build Time: 20221227123243
[ 17.905902] mt7921e 0000:06:00.0: HW/SW Version: 0x8a108a10, Build Time: 20221227123154a
Hardware name: Default string Default string/SKYBAY, BIOS 5.12 08/04/2020
1;39mMonitoring RIP: 0010:mt7921_check_offload_capability+0x17d/0x1d0 [mt7921_common]
of LVM2�… dmevemt7921e 0000:06:00.0: WM Firmware Version: ____000000, Build Time: 20221227123243
ntd or progress Code: 5f 48 8d 7b 03 48 8d 6b 04 e8 6f 80 2a e0 80 7b 03 04 75 c1 4c 89 f7 e8 81 6f a6 e0 48 85 ed 74 47 48 8d 7b 05 e8 50
polling. Mounting FUSE Control File System...
RSP: 0018:ffff88812a5c7630 EFLAGS: 00010246s in /dev...
RAX: 0000000000000000 RBX: ffffc90001cb0a64 RCX: ffffffffa1283cfd
RDX: 1ffff9200039614d RSI: ffff88810fa80200 RDI: ffffc90001cb0a69
RBP: ffffc90001cb0a68 R08: 0000000000000016 R09: ffffffff84053363
R10: ffff88841c460158 R11: 0000000053ee80c4 R12: ffffc90001cb0a78
R13: 1ffff110254b8ec6 R14: ffff88810fa80200 R15: 000000000000005b
FS: 00007f78120ed940(0000) GS:ffff88841e080000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001cb0a69 CR3: 000000013d21d004 CR4: 00000000003706e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:arting udev Kernel Device Manager...
<TASK>] Started udev Kernel Device Manager.
? mt7921_set_tx_sar_pwr+0x80/0x80 [mt7921_common]ge.
? pci_address_to_pio+0x20/0x20all Devices.
? pcim_iomap_regions+0xcb/0x1a0Complete Device Initialization...
mt7921_pci_probe+0xca/0x4b0 [mt7921e]tch Status /dev/rfkill Watch.
? mt7921_l1_rr+0x90/0x90 [mt7921e]x2dpvscan.slice.
local_pci_probe+0x6f/0xb0scan on device 8:19...
pci_device_probe+0x166/0x3a0n on device 8:3...
? kernfs_add_one+0x19a/0x1f0r event daemon.
? pci_device_remove+0xf0/0xf0lt for address: ffffc90001cb0a69
? kernfs_create_link+0xb2/0x100ernel mode
? kernfs_put+0x13/0x30 - not-present page
? sysfs_do_create_link_sd+0x73/0xd025067 PMD 14fb85067 PTE 0
really_probe+0x130/0x510MP KASAN
__driver_probe_device+0xc5/0x210emd-udevd Not tainted 6.2.2+ #28
driver_probe_device+0x45/0xe0
__driver_attach+0x11e/0x270
? __device_attach_driver+0x140/0x140
bus_for_each_dev+0xdf/0x130
? subsys_dev_iter_exit+0x10/0x10
bus_add_driver+0x290/0x2e0
driver_register+0x108/0x190
? 0xffffffffa1018000
do_one_initcall+0x82/0x2a0
? trace_event_raw_event_initcall_level+0x150/0x150
? kasan_unpoison+0x23/0x50
? __kasan_slab_alloc+0x2f/0x70
? __kmem_cache_alloc_node+0xe6/0x1e0
? do_init_module+0x33/0x2d0
? kasan_unpoison+0x23/0x50
do_init_module+0xda/0x2d0
load_module+0x31fb/0x3390
? module_frob_arch_sections+0x20/0x20
? __fget_light+0x1a7/0x1f0
? __do_sys_finit_module+0x10d/0x1a0
__do_sys_finit_module+0x10d/0x1a0
? __ia32_sys_init_module+0x40/0x40
? fget+0xfb/0x120
? fput+0x13/0xb0
? ksys_mmap_pgoff+0xef/0x280
do_syscall_64+0x34/0xb0
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7f7812954ddd
Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 8
RSP: 002b:00007ffd66d60b48 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
RAX: ffffffffffffffda RBX: 000055beff992a90 RCX: 00007f7812954ddd
RDX: 0000000000000000 RSI: 00007f781285784d RDI: 0000000000000014
RBP: 0000000000020000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000014 R11: 0000000000000246 R12: 00007f781285784d
R13: 0000000000000000 R14: 000055beff98a770 R15: 000055beff992a90
</TASK>
Modules linked in: snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg snd_hda_coe
CR2: ffffc90001cb0a69
---[ end trace 0000000000000000 ]---
RIP: 0010:mt7921_check_offload_capability+0x17d/0x1d0 [mt7921_common]
Code: 5f 48 8d 7b 03 48 8d 6b 04 e8 6f 80 2a e0 80 7b 03 04 75 c1 4c 89 f7 e8 81 6f a6 e0 48 85 ed 74 47 48 8d 7b 05 e8 53 80 2a e0 <0f> 0
RSP: 0018:ffff88812a5c7630 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffffc90001cb0a64 RCX: ffffffffa1283cfd
RDX: 1ffff9200039614d RSI: ffff88810fa80200 RDI: ffffc90001cb0a69
RBP: ffffc90001cb0a68 R08: 0000000000000016 R09: ffffffff84053363
R10: ffff88841c460158 R11: 0000000053ee80c4 R12: ffffc90001cb0a78
R13: 1ffff110254b8ec6 R14: ffff88810fa80200 R15: 000000000000005b
FS: 00007f78120ed940(0000) GS:ffff88841e080000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001cb0a69 CR3: 000000013d21d004 CR4: 00000000003706e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
u8 mt7921_check_offload_capability(struct device *dev, const char *fw_wm)
{
struct mt7921_fw_features *features = NULL;
const struct mt76_connac2_fw_trailer *hdr;
struct mt7921_realease_info *rel_info;
const struct firmware *fw;
int ret, i, offset = 0;
const u8 *data, *end;
ret = request_firmware(&fw, fw_wm, dev);
if (ret)
return ret;
if (!fw || !fw->data || fw->size < sizeof(*hdr)) {
dev_err(dev, "Invalid firmware\n");
return -EINVAL;
}
data = fw->data;
hdr = (const void *)(fw->data + fw->size - sizeof(*hdr));
for (i = 0; i < hdr->n_region; i++) {
const struct mt76_connac2_fw_region *region;
region = (const void *)((const u8 *)hdr -
(hdr->n_region - i) * sizeof(*region));
offset += le32_to_cpu(region->len);
}
data += offset + 16;
rel_info = (struct mt7921_realease_info *)data;
data += sizeof(*rel_info);
end = data + le16_to_cpu(rel_info->len);
while (data < end) {
rel_info = (struct mt7921_realease_info *)data;
data += sizeof(*rel_info);
if (rel_info->tag == MT7921_FW_TAG_FEATURE) {
features = (struct mt7921_fw_features *)data;
break;
}
data += le16_to_cpu(rel_info->len) + rel_info->pad_len;
}
release_firmware(fw);
return features ? features->data : 0;
#### Crashing on line above, evidently. --Ben
}
EXPORT_SYMBOL_GPL(mt7921_check_offload_capability);
Thanks,
Ben
--
Ben Greear <[email protected]>
Candela Technologies Inc http://www.candelatech.com