I need help on stracing Android apps in the SDK emulator.
Here is my setup:
I have an Android SDK emulator running the Android API 4.03 ADB shell connected to emulator.
I am able to install an APK using the ADB install filename.apk
I am able to run the app using the ADB shell am start -a android.intent.action.Main -n com.akproduction.notepad/com.akproduction.notepad.NoteList
I try to strace using (ADB shell) strace am start -a android.intent.action.Main -n com.akproduction.notepad/com.akproduction.notepad.NoteList but I get nothing!
How do you trace the runtime behavior of Android apps and their installation?
(P.S. The test app is located here.
The "am start" command does not directly run your application; it simply tells Android to do whatever is necessary to, in your example, start a specific activity.
The strace command is normally used as in strace commandname command args and it launches commandname -- easy, but in this Android use case, not helpful. However, strace has a -p option which is helpful to you: strace -p <process id> will let you start tracing the process with the specified id.
If you type ps on your Android system you can locate the process with the name com.akproduction.notepad (probably; by default processes are named for their Android package, but it's possible to change that in the manifest). Then you can start stracing it, wherever it happens to be.
If you need to catch things early in the process, you'll need to either modify the code to cause it to delay until you're ready to trace it, or you'll at least need to get the process running before you start the activity. The second option there is often as easy as starting the activity, then using the back button, then getting your trace ready, then starting the activity again -- but this is always code-specific to the application.
Android apps are actually started by forking the zygote process, so you can trace app initialization by tracing the zygote process and following child processes ('-f'):
setenforce 0 # In Android 4.3 and later, if SELinux is enabled, strace will fail with "strace: wait: Permission denied"
set `ps | grep zygote` ; strace -p $2 -f -tt -T -s 500 -o /sdcard/strace.txt
This is an ugly one-liner hack I used today to solve this issue. Assuming the program has some known name, just try attaching to the process as soon as it appears. In this example, I'm interested in all calls to open.
while true; do
while ! ps | grep -q -i MyProgram; do :; done;
ps | grep -i MyProgram | while read a b c; do
strace -e open -f -p $b;
done;
done
Here's a one-liner that grabs the process id and pipes it to strace right after am launches the app. You won't get the first few instructions executed, but it kicks in early enough for my needs.
am start -n com.packagename.here\.ActivityName && set `ps | grep com.packagename.here` && strace -p $2
I would recommend prior to starting your app start strace on zygote process and follow forks. Zygote process is the main process from which every new process forks in Android, including your app. Then you might want to filter the log based on PIDs you are interested in. Example:
ps zygote
get the zygote PID, then
strace -f -p < zygote_PID >
I've found a tricky way to do this and also guarantee that all the syscalls are going to be catch. It can be done even if the app is not debuggable:
- Set the Activity Manager (
am) to put the app in debug mode with a -w option that will halt its execution until it is attached to a debugger
- Start the application manually (you can just click on the screen on its icon or call it with
am start
- With the application halted, obtain its PID
- With its PID obtained, call strace to trace this process
- Finally, attach the debugger so the execution start.
Here are the steps:
adb shell # shell into the device
am set-debug-app -w com.package.name # put app to debug mode
am start com.package.name/com.path.to.MainActivity # start the app
ps -A | grep com.package.name # this will show you the PID
strace -p <PID> > appoutput.txt 2> appstrace.txt
# strace the program and record its output and strace in txt files
Now just attach the debugger and enjoy, you can do it for example in Android Studio or Eclipse. From this point on the execution will begin and you will be able to trace it since the very first line of code.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 放荡不羁爱自由 的文章《Android: How to strace an app using ADB shell am s》','https://www.manongdao.com/article-205544.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}