Re: [PATCH 03/25] media: venus: Rework error fail recover logic

From: Jonathan Cameron
Date: Wed May 05 2021 - 07:06:49 EST

Next message: Jonathan Cameron: "Re: [PATCH 02/25] staging: media: imx7-mipi-csis: fix pm_runtime_get_sync() usage count"
Previous message: David Laight: "RE: Very slow clang kernel config .."
In reply to: Mauro Carvalho Chehab: "[PATCH 03/25] media: venus: Rework error fail recover logic"
Next in thread: Mauro Carvalho Chehab: "[PATCH 05/25] media: i2c: ccs-core: return the right error code at suspend"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 5 May 2021 11:41:53 +0200
Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx> wrote:

> The Venus code has a sort of watchdog that attempts to recover
> from IP errors, implemented as a delayed work job, which
> calls venus_sys_error_handler().
>
> Right now, it has several issues:
>
> 1. It assumes that PM runtime resume never fails
>
> 2. It internally runs two while() loops that also assume that
> PM runtime will never fail to go idle:
>
> while (pm_runtime_active(core->dev_dec) || pm_runtime_active(core->dev_enc))
> msleep(10);
>
> ...
>
> while (core->pmdomains[0] && pm_runtime_active(core->pmdomains[0]))
> usleep_range(1000, 1500);
>
> 3. It uses an OR to merge all return codes and then report to the user
>
> 4. If the hardware never recovers, it keeps running on every 10ms,
> flooding the syslog with 2 messages (so, up to 200 messages
> per second).
>
> Rework the code, in order to prevent that, by:
>
> 1. check the return code from PM runtime resume;
> 2. don't let the while() loops run forever;
> 3. store the failed event;
> 4. use warn ratelimited when it fails to recover.
>
> Fixes: af2c3834c8ca ("[media] media: venus: adding core part and helper functions")
> Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx>

Trivial comments inline, otherwise based on no knowledge at all of the
actual hardware, the fix looks sane.

Reviewed-by: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx>

> ---
> drivers/media/platform/qcom/venus/core.c | 59 +++++++++++++++++++-----
> 1 file changed, 47 insertions(+), 12 deletions(-)
>
> diff --git a/drivers/media/platform/qcom/venus/core.c b/drivers/media/platform/qcom/venus/core.c
> index 54bac7ec14c5..4d0482743c0a 100644
> --- a/drivers/media/platform/qcom/venus/core.c
> +++ b/drivers/media/platform/qcom/venus/core.c
> @@ -78,22 +78,32 @@ static const struct hfi_core_ops venus_core_ops = {
> .event_notify = venus_event_notify,
> };
>
> +#define RPM_WAIT_FOR_IDLE_MAX_ATTEMPTS 10
> +
> static void venus_sys_error_handler(struct work_struct *work)
> {
> struct venus_core *core =
> container_of(work, struct venus_core, work.work);
> - int ret = 0;
> + int ret, i, max_attempts = RPM_WAIT_FOR_IDLE_MAX_ATTEMPTS;
> + bool failed = false;
> + const char *err_msg = "";
>
> - pm_runtime_get_sync(core->dev);
> + ret = pm_runtime_get_sync(core->dev);
> + if (ret < 0) {
> + err_msg = "resume runtime PM\n";

Will end up with two newlines I think as %s\n" later.

> + max_attempts = 0;
> + failed = true;
> + }
>
> hfi_core_deinit(core, true);
>
> - dev_warn(core->dev, "system error has occurred, starting recovery!\n");
> -
> mutex_lock(&core->lock);
>
> - while (pm_runtime_active(core->dev_dec) || pm_runtime_active(core->dev_enc))
> + for (i = 0; i < max_attempts; i++) {
> + if (!pm_runtime_active(core->dev_dec) && !pm_runtime_active(core->dev_enc))
> + break;
> msleep(10);
> + }
>
> venus_shutdown(core);
>
> @@ -101,31 +111,56 @@ static void venus_sys_error_handler(struct work_struct *work)
>
> pm_runtime_put_sync(core->dev);
>
> - while (core->pmdomains[0] && pm_runtime_active(core->pmdomains[0]))
> + for (i = 0; i < max_attempts; i++) {
> + if (!core->pmdomains[0] || !pm_runtime_active(core->pmdomains[0]))
> + break;
> usleep_range(1000, 1500);
> + }
>
> hfi_reinit(core);
>
> - pm_runtime_get_sync(core->dev);
> + ret = pm_runtime_get_sync(core->dev);
> + if (ret < 0) {
> + err_msg = "resume runtime PM\n";
> + max_attempts = 0;

This is after the last use of max_attempts, so no point in setting it to zero.

> + failed = true;
> + }
>
> - ret |= venus_boot(core);
> - ret |= hfi_core_resume(core, true);
> + ret = venus_boot(core);
> + if (ret && !failed) {
> + err_msg = "boot Venus\n";
> + failed = true;
> + }
> +
> + ret = hfi_core_resume(core, true);
> + if (ret && !failed) {
> + err_msg = "resume HFI\n";
> + failed = true;
> + }
>
> enable_irq(core->irq);
>
> mutex_unlock(&core->lock);
>
> - ret |= hfi_core_init(core);
> + ret = hfi_core_init(core);
> + if (ret && !failed) {
> + err_msg = "init HFI\n";
> + failed = true;
> + }
>
> pm_runtime_put_sync(core->dev);
>
> - if (ret) {
> + if (failed) {
> disable_irq_nosync(core->irq);
> - dev_warn(core->dev, "recovery failed (%d)\n", ret);
> + dev_warn_ratelimited(core->dev,
> + "System error has occurred, recovery failed to %s\n",
> + err_msg);
> schedule_delayed_work(&core->work, msecs_to_jiffies(10));
> return;
> }
>
> + dev_warn(core->dev, "system error has occurred (recovered)\n");
> +
> mutex_lock(&core->lock);
> core->sys_error = false;
> mutex_unlock(&core->lock);

Next message: Jonathan Cameron: "Re: [PATCH 02/25] staging: media: imx7-mipi-csis: fix pm_runtime_get_sync() usage count"
Previous message: David Laight: "RE: Very slow clang kernel config .."
In reply to: Mauro Carvalho Chehab: "[PATCH 03/25] media: venus: Rework error fail recover logic"
Next in thread: Mauro Carvalho Chehab: "[PATCH 05/25] media: i2c: ccs-core: return the right error code at suspend"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]