[PATCH] wifi: ath12k: fix CMA error and MHI state mismatch during resume
Jayasaikiran Banigallapati
bjsaikiran at gmail.com
Mon Feb 2 21:02:06 PST 2026
On 2/3/26 08:21, Baochen Qiang wrote:
>
> On 2/2/2026 11:17 PM, Saikiran wrote:
>> Commit 8d5f4da8d70b ("wifi: ath12k: support suspend/resume") introduced
>> system suspend/resume support but caused a critical regression where
>> CMA pages are corrupted during resume.
>>
>> 1. CMA page corruption:
>> Calling mhi_unprepare_after_power_down() during suspend (via
>> ATH12K_MHI_DEINIT) prematurely frees the fbc_image and rddm_image
>> DMA buffers. When these pages are accessed during resume, the kernel
>> detects corruption (Bad page state).
> How, FBC image and RDDM image get re-allocated at resume, no?
>
> To clarify, the BUG: Bad page state crash actually occurs during the
> suspend phase, specifically when ath12k_mhi_stop() calls
> mhi_unprepare_after_power_down().
>
> The stack trace shows the panic happens inside mhi_free_bhie_table()
> while trying to free the pages:
>
> mhi_free_bhie_table+0x50/0xa0 [mhi]
> mhi_unprepare_after_power_down+0x30/0x70 [mhi]
> ath12k_mhi_stop+0xf8/0x210 [ath12k]
> ath12k_core_suspend_late+0x94/0xc0 [ath12k]
>
> The kernel reports nonzero _refcount when attempting to free the CMA
> pages (fbc_image/rddm_image). This suggests that something is still
> holding a reference to these pages when DEINIT attempts to free them,
> causing the kernel to panic before we reach the resume stage.
>
> Since the pages cannot be safely freed during suspend, skipping DEINIT
> (and using MHI_POWER_OFF_KEEP_DEV) avoids this invalid free operation.
> This also aligns with the existing comment in ath12k_mhi_stop which
> suggests using mhi_power_down_keep_dev() for suspend.
>
> Thanks & Regards,
> Saikiran
More information about the ath12k
mailing list