使用汽车 watchdog 来帮助调试 VHAL。汽车 watchdog 会监控不健康进程的运行状况并将其终止。要使进程受到汽车 watchdog 的监控,必须先向汽车 watchdog 注册该进程。当汽车 watchdog 终止不健康进程时,汽车 watchdog 会将进程的状态写入 data/anr,就像其他应用无响应 (ANR) 转储一样。这样做有助于简化调试流程。
本文介绍了供应商 HAL 和服务如何向汽车 watchdog 注册进程。
供应商 HAL
通常,供应商 HAL 会将线程池用于 hwbinder。但是,汽车 watchdog 客户端通过 binder 与汽车 watchdog 守护进程通信,这与 hwbinder 不同。因此,还会使用另一个用于 binder 的线程池。
在 makefile 中指定汽车 watchdog aidl
- 在
shared_libs中包含carwatchdog_aidl_interface-ndk_platformAndroid.bp:cc_defaults { name: "vhal_v2_0_defaults", shared_libs: [ "libbinder_ndk", "libhidlbase", "liblog", "libutils", "android.hardware.automotive.vehicle@2.0", "carwatchdog_aidl_interface-ndk_platform", ], cflags: [ "-Wall", "-Wextra", "-Werror", ], }
添加 SELinux 政策
- 允许
system_server终止您的 HAL。如果您没有system_server.te,请创建一个。强烈建议您为每个设备添加 SELinux 政策。 - 允许供应商 HAL 使用 binder(
binder_use宏),并将供应商 HAL 添加到carwatchdog客户端网域(carwatchdog_client_domain宏)。请参阅下面的systemserver.te和vehicle_default.te代码system_server.te
# Allow system_server to kill vehicle HAL allow system_server hal_vehicle_server:process sigkill;
hal_vehicle_default.te
# Configuration for register VHAL to car watchdog carwatchdog_client_domain(hal_vehicle_default) binder_use(hal_vehicle_default)
通过继承 BnCarWatchdogClient 来实现客户端类
- 在
checkIfAlive中,执行运行状况检查。例如,发布到线程循环处理程序。如果运行状况良好,请调用ICarWatchdog::tellClientAlive。请参阅下面的WatchogClient.h和WatchogClient.cpp代码WatchogClient.h
class WatchdogClient : public aidl::android::automotive::watchdog::BnCarWatchdogClient { public: explicit WatchdogClient(const ::android::sp<::android::Looper>& handlerLooper, VehicleHalManager* vhalManager);
ndk::ScopedAStatus checkIfAlive(int32_t sessionId, aidl::android::automotive::watchdog::TimeoutLength timeout) override; ndk::ScopedAStatus prepareProcessTermination() override; };WatchogClient.cpp
ndk::ScopedAStatus WatchdogClient::checkIfAlive(int32_t sessionId, TimeoutLength /*timeout*/) { // Implement or call your health check logic here return ndk::ScopedAStatus::ok(); }
启动 binder 线程并注册客户端
- 为 binder 通信创建一个线程池。如果供应商 HAL 将 hwbinder 用于自身用途,则您必须为汽车 watchdog binder 通信创建另一个线程池。
- 使用名称搜索守护进程,然后调用
ICarWatchdog::registerClient。汽车 watchdog 守护进程接口名称为android.automotive.watchdog.ICarWatchdog/default。 - 根据服务响应速度,选择汽车 watchdog 支持的三种超时类型之一,然后在调用
ICarWatchdog::registerClient时传递超时- 严重 (3 秒)
- 中等 (5 秒)
- 正常 (10 秒)
VehicleService.cpp和WatchogClient.cpp代码VehicleService.cpp
int main(int /* argc */, char* /* argv */ []) { // Set up thread pool for hwbinder configureRpcThreadpool(4, false /* callerWillJoin */); ALOGI("Registering as service..."); status_t status = service->registerAsService(); if (status != OK) { ALOGE("Unable to register vehicle service (%d)", status); return 1; } // Setup a binder thread pool to be a car watchdog client. ABinderProcess_setThreadPoolMaxThreadCount(1); ABinderProcess_startThreadPool(); sp<Looper> looper(Looper::prepare(0 /* opts */)); std::shared_ptr<WatchdogClient> watchdogClient = ndk::SharedRefBase::make<WatchdogClient>(looper, service.get()); // The current health check is done in the main thread, so it falls short of capturing the real // situation. Checking through HAL binder thread should be considered. if (!watchdogClient->initialize()) { ALOGE("Failed to initialize car watchdog client"); return 1; } ALOGI("Ready"); while (true) { looper->pollAll(-1 /* timeoutMillis */); } return 1; }
WatchogClient.cpp
bool WatchdogClient::initialize() { ndk::SpAIBinder binder(AServiceManager_getService("android.automotive.watchdog.ICarWatchdog/default")); if (binder.get() == nullptr) { ALOGE("Failed to get carwatchdog daemon"); return false; } std::shared_ptr<ICarWatchdog> server = ICarWatchdog::fromBinder(binder); if (server == nullptr) { ALOGE("Failed to connect to carwatchdog daemon"); return false; } mWatchdogServer = server; binder = this->asBinder(); if (binder.get() == nullptr) { ALOGE("Failed to get car watchdog client binder object"); return false; } std::shared_ptr<ICarWatchdogClient> client = ICarWatchdogClient::fromBinder(binder); if (client == nullptr) { ALOGE("Failed to get ICarWatchdogClient from binder"); return false; } mTestClient = client; mWatchdogServer->registerClient(client, TimeoutLength::TIMEOUT_NORMAL); ALOGI("Successfully registered the client to car watchdog server"); return true; }
供应商服务(原生)
指定汽车 watchdog aidl makefile
- 在
shared_libs中包含carwatchdog_aidl_interface-ndk_platform。Android.bpcc_binary { name: "sample_native_client", srcs: [ "src/*.cpp" ], shared_libs: [ "carwatchdog_aidl_interface-ndk_platform", "libbinder_ndk", ], vendor: true, }
添加 SELinux 政策
- 要添加 SELinux 政策,请允许供应商服务网域使用 binder(
binder_use宏),并将供应商服务网域添加到carwatchdog客户端网域(carwatchdog_client_domain宏)。请参阅下面的sample_client.te和file_contexts代码sample_client.te
type sample_client, domain; type sample_client_exec, exec_type, file_type, vendor_file_type; carwatchdog_client_domain(sample_client) init_daemon_domain(sample_client) binder_use(sample_client)
file_contexts
/vendor/bin/sample_native_client u:object_r:sample_client_exec:s0
通过继承 BnCarWatchdogClient 来实现客户端类
- 在
checkIfAlive中,执行运行状况检查。一种选择是发布到线程循环处理程序。如果运行状况良好,请调用ICarWatchdog::tellClientAlive。请参阅下面的SampleNativeClient.h和SampleNativeClient.cpp代码SampleNativeClient.h
class SampleNativeClient : public BnCarWatchdogClient { public: ndk::ScopedAStatus checkIfAlive(int32_t sessionId, TimeoutLength timeout) override; ndk::ScopedAStatus prepareProcessTermination() override; void initialize(); private: void respondToDaemon(); private: ::android::sp<::android::Looper> mHandlerLooper; std::shared_ptr<ICarWatchdog> mWatchdogServer; std::shared_ptr<ICarWatchdogClient> mClient; int32_t mSessionId; };
SampleNativeClient.cpp
ndk::ScopedAStatus WatchdogClient::checkIfAlive(int32_t sessionId, TimeoutLength timeout) { mHandlerLooper->removeMessages(mMessageHandler, WHAT_CHECK_ALIVE); mSessionId = sessionId; mHandlerLooper->sendMessage(mMessageHandler, Message(WHAT_CHECK_ALIVE)); return ndk::ScopedAStatus::ok(); } // WHAT_CHECK_ALIVE triggers respondToDaemon from thread handler void WatchdogClient::respondToDaemon() { // your health checking method here ndk::ScopedAStatus status = mWatchdogServer->tellClientAlive(mClient, mSessionId); }
启动 binder 线程并注册客户端
汽车 watchdog 守护进程接口名称为 android.automotive.watchdog.ICarWatchdog/default。
- 使用名称搜索守护进程,然后调用
ICarWatchdog::registerClient。请参阅下面的main.cpp和SampleNativeClient.cpp代码main.cpp
int main(int argc, char** argv) { sp<Looper> looper(Looper::prepare(/*opts=*/0)); ABinderProcess_setThreadPoolMaxThreadCount(1); ABinderProcess_startThreadPool(); std::shared_ptr<SampleNativeClient> client = ndk::SharedRefBase::make<SampleNatvieClient>(looper); // The client is registered in initialize() client->initialize(); ... }
SampleNativeClient.cpp
void SampleNativeClient::initialize() { ndk::SpAIBinder binder(AServiceManager_getService( "android.automotive.watchdog.ICarWatchdog/default")); std::shared_ptr<ICarWatchdog> server = ICarWatchdog::fromBinder(binder); mWatchdogServer = server; ndk::SpAIBinder binder = this->asBinder(); std::shared_ptr<ICarWatchdogClient> client = ICarWatchdogClient::fromBinder(binder) mClient = client; server->registerClient(client, TimeoutLength::TIMEOUT_NORMAL); }
供应商服务 (Android)
通过继承 CarWatchdogClientCallback 来实现客户端
- 按如下所示修改新文件
private final CarWatchdogClientCallback mClientCallback = new CarWatchdogClientCallback() { @Override public boolean onCheckHealthStatus(int sessionId, int timeout) { // Your health check logic here // Returning true implies the client is healthy // If false is returned, the client should call // CarWatchdogManager.tellClientAlive after health check is // completed } @Override public void onPrepareProcessTermination() {} };
注册客户端
- 调用
CarWatchdogManager.registerClient()private void startClient() { CarWatchdogManager manager = (CarWatchdogManager) car.getCarManager( Car.CAR_WATCHDOG_SERVICE); // Choose a proper executor according to your health check method ExecutorService executor = Executors.newFixedThreadPool(1); manager.registerClient(executor, mClientCallback, CarWatchdogManager.TIMEOUT_NORMAL); }
取消注册客户端
- 服务完成后,调用
CarWatchdogManager.unregisterClient()private void finishClient() { CarWatchdogManager manager = (CarWatchdogManager) car.getCarManager( Car.CAR_WATCHDOG_SERVICE); manager.unregisterClient(mClientCallback); }
检测由汽车 watchdog 终止的进程
当注册到汽车 watchdog 的进程(供应商 HAL、供应商原生服务、供应商 Android 服务)卡住且无响应时,汽车 watchdog 会转储/终止这些进程。通过检查 logcat 可以检测到此类转储。当转储或终止有问题的进程时,汽车 watchdog 会输出日志 carwatchdog killed process_name (pid:process_id)。因此
$ adb logcat -s CarServiceHelper | fgrep "carwatchdog killed"
系统会捕获相关日志。例如,如果 KitchenSink 应用(汽车 watchdog 客户端)卡住,则会在日志中写入如下行:
05-01 09:50:19.683 578 5777 W CarServiceHelper: carwatchdog killed com.google.android.car.kitchensink (pid: 5574)
要确定 KitchenSink 应用卡住的原因或位置,请使用存储在 /data/anr 中的进程转储,就像使用 Activity ANR 情况一样。
$ adb root $ adb shell grep -Hn "pid process_pid" /data/anr/*
以下示例输出特定于 KitchenSink 应用
$ adb shell su root grep -Hn "pid 5574" /data/anr/*. /data/anr/anr_2020-05-01-09-50-18-290:3:----- pid 5574 at 2020-05-01 09:50:18 ----- /data/anr/anr_2020-05-01-09-50-18-290:285:----- Waiting Channels: pid 5574 at 2020-05-01 09:50:18 -----
找到转储文件(例如,上面示例中的 /data/anr/anr_2020-05-01-09-50-18-290),然后开始分析。