Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Android: How to strace an app using ADB shell am start

I need help on stracing Android apps in the SDK emulator.

Here is my setup:

I have an Android SDK emulator running the Android API 4.03 ADB shell connected to emulator.

I am able to install an APK using the ADB install filename.apk

I am able to run the app using the ADB shell am start -a android.intent.action.Main -n com.akproduction.notepad/com.akproduction.notepad.NoteList

I try to strace using (ADB shell) strace am start -a android.intent.action.Main -n com.akproduction.notepad/com.akproduction.notepad.NoteList but I get nothing!

How do you trace the runtime behavior of Android apps and their installation?

(P.S. The test app is located here.

like image 320
user1631295 Avatar asked Aug 28 '12 20:08

user1631295


4 Answers

The "am start" command does not directly run your application; it simply tells Android to do whatever is necessary to, in your example, start a specific activity.

The strace command is normally used as in strace commandname command args and it launches commandname -- easy, but in this Android use case, not helpful. However, strace has a -p option which is helpful to you: strace -p <process id> will let you start tracing the process with the specified id.

If you type ps on your Android system you can locate the process with the name com.akproduction.notepad (probably; by default processes are named for their Android package, but it's possible to change that in the manifest). Then you can start stracing it, wherever it happens to be.

If you need to catch things early in the process, you'll need to either modify the code to cause it to delay until you're ready to trace it, or you'll at least need to get the process running before you start the activity. The second option there is often as easy as starting the activity, then using the back button, then getting your trace ready, then starting the activity again -- but this is always code-specific to the application.

like image 163
mah Avatar answered Oct 14 '22 22:10

mah


Android apps are actually started by forking the zygote process, so you can trace app initialization by tracing the zygote process and following child processes ('-f'):

setenforce 0  # In Android 4.3 and later, if SELinux is enabled, strace will fail with "strace: wait: Permission denied"

set `ps | grep zygote` ; strace -p $2 -f -tt -T -s 500 -o /sdcard/strace.txt
like image 23
Paul Donohue Avatar answered Oct 14 '22 21:10

Paul Donohue


This is an ugly one-liner hack I used today to solve this issue. Assuming the program has some known name, just try attaching to the process as soon as it appears. In this example, I'm interested in all calls to open.

while true; do
  while ! ps  | grep -q -i MyProgram; do :; done;
  ps | grep -i MyProgram | while read a b c; do
   strace -e open -f -p $b;
  done;
done
like image 22
user239558 Avatar answered Oct 14 '22 22:10

user239558


Here's a one-liner that grabs the process id and pipes it to strace right after am launches the app. You won't get the first few instructions executed, but it kicks in early enough for my needs.

am start -n com.packagename.here\.ActivityName && set `ps | grep com.packagename.here` && strace -p $2

like image 29
James Avatar answered Oct 14 '22 20:10

James