Hi @mrnuke,
I've been testing your IPQ9574 ath11k support patch on my IPQ9554-based device (Jio AirFiber JIDU6811)
The AHB radio comes up and broadcasts the SSID, but when a client connects to the 2.4 GHz radio, it triggers a kernel panic:
[ 839.243206] ------------[ cut here ]------------
[ 839.243241] WARNING: CPU: 2 PID: 0 at lib/idr.c:41 idr_alloc_u32+0xb0/0xe0
[ 839.246890] Modules linked in: pppoe ppp_async nft_fib_inet nf_flow_table_inet ath11k_pci(O) ath11k_ahb(O) ath11k(O) pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mac80211(O) cfg80211(O) ax88179_178a usbnet slhc r8152 qrtr_smd qrtr_mhi qrtr qmi_helpers(O) qcom_ppe pcs_qcom_ipq9574 nfnetlink nf_reject_ipv6 nf_reject_ipv4 nf_log_syslog nf_defrag_ipv6 nf_defrag_ipv4 mhi libcrc32c crc_ccitt compat(O) nls_utf8 nls_iso8859_1 nls_cp437 sha512_generic sha512_arm64 sha256_arm64 seqiv sha3_generic jitterentropy_rng drbg michael_mic hmac geniv cmac usb_storage leds_gpio xhci_plat_hcd xhci_pci xhci_hcd dwc3 dwc3_qcom gpio_button_hotplug(O) vfat fat ext4 mbcache jbd2 mii crc32c_generic
[ 839.310078] CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Tainted: G O 6.12.71 #0
[ 839.332308] Tainted: [O]=OOT_MODULE
[ 839.340635] Hardware name: Jio AirFiber JIDU6811 (DT)
[ 839.343849] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 839.349059] pc : idr_alloc_u32+0xb0/0xe0
[ 839.355826] lr : idr_alloc+0x30/0x60
[ 839.359993] sp : ffffffc080e4b3e0
[ 839.363552] x29: ffffffc080e4b3e0 x28: ffffff8005d28000 x27: 0000000000000001
[ 839.366768] x26: 0000000000000002 x25: ffffff8006f6a040 x24: 0000000000001818
[ 839.373886] x23: ffffff8012ad21d0 x22: ffffff8009a58a00 x21: ffffffc080e4b44c
[ 839.381003] x20: 0000000000000000 x19: ffffff8005d21818 x18: 000000c32ecad15b
[ 839.388122] x17: 00000000223b0087 x16: ed463a10feeecc00 x15: 0000000800140008
[ 839.395239] x14: 00004dc2e0887212 x13: 00004dc2e0887212 x12: 131040589c2cffff
[ 839.402358] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000
[ 839.409476] x8 : 0000000000001298 x7 : 0000000000001700 x6 : 000000007fffffff
[ 839.416594] x5 : 0000000000007ffe x4 : 0000000000000820 x3 : 0000000000007ffe
[ 839.423713] x2 : 0000000000000820 x1 : 0000000000000000 x0 : 0000000000000000
[ 839.430831] Call trace:
[ 839.437943] idr_alloc_u32+0xb0/0xe0
[ 839.440202] idr_alloc+0x30/0x60
[ 839.444021] ath11k_dp_tx+0x14c/0x858 [ath11k]
[ 839.447234] ath11k_wmi_supports_6ghz_cc_ext+0x1ec0/0x44dc [ath11k]
[ 839.451489] ieee80211_handle_wake_tx_queue+0x84/0xe0 [mac80211]
[ 839.457652] __ieee80211_schedule_txq+0x708/0x980 [mac80211]
[ 839.463901] ieee80211_tx_prepare_skb+0x1d0/0x240 [mac80211]
[ 839.469543] ieee80211_xmit+0xcc/0x120 [mac80211]
[ 839.475185] __ieee80211_subif_start_xmit+0x1b0/0x3a0 [mac80211]
[ 839.479787] ieee80211_subif_start_xmit+0x40/0x420 [mac80211]
[ 839.485864] dev_hard_start_xmit+0x94/0x114
[ 839.491504] __dev_queue_xmit+0x1e4/0xd5c
[ 839.495497] br_dev_queue_push_xmit+0x6c/0x18c
[ 839.499663] br_forward_finish+0x94/0xb4
[ 839.504004] __br_forward+0xcc/0x148
[ 839.508083] maybe_deliver+0x104/0x170
[ 839.511642] br_flood+0xbc/0x254
[ 839.515200] br_handle_frame_finish+0x3dc/0x5e0
[ 839.518587] br_handle_frame+0x2b0/0x480
[ 839.522841] __netif_receive_skb_core.constprop.0+0x384/0xf20
[ 839.527009] __netif_receive_skb_one_core+0x2c/0x60
[ 839.532651] process_backlog+0x9c/0x1e0
[ 839.537337] __napi_poll+0x38/0x180
[ 839.541155] net_rx_action+0x184/0x340
[ 839.544629] handle_softirqs+0xf4/0x224
[ 839.548448] __do_softirq+0x14/0x20
[ 839.552180] ____do_softirq+0x10/0x20
[ 839.555652] call_on_irq_stack+0x30/0x78
[ 839.559473] do_softirq_own_stack+0x1c/0x40
[ 839.563466] irq_exit_rcu+0x88/0xc0
[ 839.567371] el1_interrupt+0x38/0x58
[ 839.570844] el1h_64_irq_handler+0x18/0x24
[ 839.574664] el1h_64_irq+0x68/0x6c
[ 839.578570] default_idle_call+0x28/0x58
[ 839.581955] do_idle+0x1c4/0x1e4
[ 839.586035] cpu_startup_entry+0x34/0x3c
[ 839.589247] arch_register_cpu+0x0/0x5c
[ 839.593152] __secondary_switched+0xb8/0xbc
[ 839.596713] ---[ end trace 0000000000000000 ]---
[ 839.605617] Unable to handle kernel read from unreadable memory at virtual address 0000000000000090
[ 839.605746] Mem abort info:
[ 839.614520] ESR = 0x0000000096000005
[ 839.617285] EC = 0x25: DABT (current EL), IL = 32 bits
[ 839.621105] SET = 0, FnV = 0
[ 839.626579] EA = 0, S1PTW = 0
[ 839.629437] FSC = 0x05: level 1 translation fault
[ 839.632476] Data abort info:
[ 839.637340] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
[ 839.640463] CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ 839.645763] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ 839.650881] user pgtable: 4k pages, 39-bit VAs, pgdp=000000005039f000
[ 839.656267] [0000000000000090] pgd=0800000042c24003, p4d=0800000042c24003, pud=0800000042c24003, pmd=0000000000000000
[ 839.662606] Internal error: Oops: 0000000096000005 [#1] SMP
[ 839.673190] Modules linked in: pppoe ppp_async nft_fib_inet nf_flow_table_inet ath11k_pci(O) ath11k_ahb(O) ath11k(O) pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mac80211(O) cfg80211(O) ax88179_178a usbnet slhc r8152 qrtr_smd qrtr_mhi qrtr qmi_helpers(O) qcom_ppe pcs_qcom_ipq9574 nfnetlink nf_reject_ipv6 nf_reject_ipv4 nf_log_syslog nf_defrag_ipv6 nf_defrag_ipv4 mhi libcrc32c crc_ccitt compat(O) nls_utf8 nls_iso8859_1 nls_cp437 sha512_generic sha512_arm64 sha256_arm64 seqiv sha3_generic jitterentropy_rng drbg michael_mic hmac geniv cmac usb_storage leds_gpio xhci_plat_hcd xhci_pci xhci_hcd dwc3 dwc3_qcom gpio_button_hotplug(O) vfat fat ext4 mbcache jbd2 mii crc32c_generic
[ 839.735165] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.12.71 #0
[ 839.757396] Tainted: [W]=WARN, [O]=OOT_MODULE
[ 839.765723] Hardware name: Jio AirFiber JIDU6811 (DT)
[ 839.769978] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 839.775014] pc : ath11k_dp_process_rx+0x140/0x440 [ath11k]
[ 839.781782] lr : ath11k_dp_process_rx+0xf4/0x440 [ath11k]
[ 839.787338] sp : ffffffc080e3bc70
[ 839.792806] x29: ffffffc080e3bc70 x28: ffffffc080cf2e80 x27: 000000010000d2cb
[ 839.796108] x26: ffffff8005d29c28 x25: 0000000000000002 x24: ffffff8005d20000
[ 839.803226] x23: 000000000000b9b6 x22: 0000000000000000 x21: 0000000000000002
[ 839.810344] x20: ffffff8006f800c0 x19: ffffff8005d28000 x18: 000000c37c2329cd
[ 839.817463] x17: ffffffbf9f229000 x16: ffffffc080e38000 x15: 0000000000000000
[ 839.824580] x14: 0000000000000000 x13: 00000000000000c6 x12: ffffffc080d6b978
[ 839.831697] x11: ffffffc0809f77e8 x10: 1ffffff0005d0d81 x9 : 00000000000000c0
[ 839.838816] x8 : ffffff801fe8f2c0 x7 : 0000000000008000 x6 : ffffff8006f80000
[ 839.845934] x5 : 0000000000000001 x4 : 0000000000000000 x3 : 000000000000003f
[ 839.853053] x2 : 0000000000000040 x1 : 0000000000000500 x0 : 0000000000000090
[ 839.860170] Call trace:
[ 839.867284] ath11k_dp_process_rx+0x140/0x440 [ath11k]
[ 839.869544] ath11k_dp_service_srng+0x320/0x578 [ath11k]
[ 839.874751] 0xffffffc079361714
[ 839.880218] __napi_poll+0x38/0x180
[ 839.883083] net_rx_action+0x184/0x340
[ 839.886555] handle_softirqs+0xf4/0x224
[ 839.890374] __do_softirq+0x14/0x20
[ 839.894108] ____do_softirq+0x10/0x20
[ 839.897579] call_on_irq_stack+0x30/0x78
[ 839.901400] do_softirq_own_stack+0x1c/0x40
[ 839.905392] irq_exit_rcu+0x88/0xc0
[ 839.909299] el1_interrupt+0x38/0x58
[ 839.912771] el1h_64_irq_handler+0x18/0x24
[ 839.916591] el1h_64_irq+0x68/0x6c
[ 839.920495] default_idle_call+0x28/0x58
[ 839.923882] do_idle+0x1c4/0x1e4
[ 839.927962] cpu_startup_entry+0x34/0x3c
[ 839.931173] rest_init+0xb8/0xc0
[ 839.935080] console_on_rootfs+0x0/0x6c
[ 839.938291] __primary_switched+0x80/0x88
[ 839.941855] Code: d2800004 910242c0 52800025 f9800011 (885ffc01)
[ 839.946021] ---[ end trace 0000000000000000 ]---
[ 839.952096] Kernel panic - not syncing: Oops: Fatal exception in interrupt
[ 839.956786] SMP: stopping secondary CPUs
[ 840.163494] Kernel Offset: disabled
[ 840.163503] CPU features: 0x00,00000003,40000000,0200400b
[ 840.165766] Memory Limit: none
[ 840.171321] Rebooting in 3 seconds..
I found that the IPQ9574 hw_params entry in core.c is missing the .max_tx_ring field.
Adding .max_tx_ring = DP_TCL_NUM_RING_MAX, fixes the panic and the radio works normally ( This matches what IPQ6018 uses)
Could you confirm this is the correct fix?
Some additional notes on my setup:
- I'm loading the firmware using the secure PIL remoteproc driver from this series: https://patchwork.kernel.org/project/linux-remoteproc/list/?series=1041678
- I also had to add M3 firmware loading to qcom_q6v5_wcss_sec.c , otherwise the AHB radio comes up but fails to broadcast SSID.
- Kernel 6.12.71, firmware WLAN.HK.2.11.0.1.1-00039-QCAHKSWPL_SILICONZ-1
I'm fairly new to ath11k stuff so please let me know if I'm on the right track. Thanks for the IPQ9574 support work!