Android: How to strace an app using ADB shell am start

Question

I need help on stracing Android apps in the SDK emulator.

Here is my setup:

I have an Android SDK emulator running the Android API 4.03 ADB shell connected t

Answer 1

This is an ugly one-liner hack I used today to solve this issue. Assuming the program has some known name, just try attaching to the process as soon as it appears. In this example, I'm interested in all calls to open.

while true; do
  while ! ps  | grep -q -i MyProgram; do :; done;
  ps | grep -i MyProgram | while read a b c; do
   strace -e open -f -p $b;
  done;
done

Answer 2

Android apps are actually started by forking the zygote process, so you can trace app initialization by tracing the zygote process and following child processes ('-f'):

setenforce 0  # In Android 4.3 and later, if SELinux is enabled, strace will fail with "strace: wait: Permission denied"

set `ps | grep zygote` ; strace -p $2 -f -tt -T -s 500 -o /sdcard/strace.txt

Answer 3

I've found a tricky way to do this and also guarantee that all the syscalls are going to be catch. It can be done even if the app is not debuggable:

• Set the Activity Manager (am) to put the app in debug mode with a -w option that will halt its execution until it is attached to a debugger
• Start the application manually (you can just click on the screen on its icon or call it with am start
• With the application halted, obtain its PID
• With its PID obtained, call strace to trace this process
• Finally, attach the debugger so the execution start.

Here are the steps:

adb shell # shell into the device
am set-debug-app -w com.package.name # put app to debug mode
am start com.package.name/com.path.to.MainActivity # start the app
ps -A | grep com.package.name # this will show you the PID
strace -p <PID> > appoutput.txt 2> appstrace.txt 
# strace the program and record its output and strace in txt files

Now just attach the debugger and enjoy, you can do it for example in Android Studio or Eclipse. From this point on the execution will begin and you will be able to trace it since the very first line of code.

Answer 4

If you have root access or the device is running without SELinux enabled, then you can follow the way from Android site:

Set up the device so that you can run strace. You need to be root, disable SELinux, and restart the runtime to remove the seccomp filter that will otherwise prevent strace from running: adb root adb shell setenforce 0 adb shell stop adb shell start

Set up a world-writable directory for strace logs, because strace will be running under the app's uid: adb shell mkdir -m 777 /data/local/tmp/strace

Choose the process to trace and launch it: adb shell setprop wrap.com.android.calendar '"logwrapper strace -f -o /data/local/tmp/strace/strace.com.android.calendar.txt"'

Launch the process normally.

https://source.android.com/devices/tech/debug/strace#app-strace

Answer 5

Here's a one-liner that grabs the process id and pipes it to strace right after am launches the app. You won't get the first few instructions executed, but it kicks in early enough for my needs.

am start -n com.packagename.here\.ActivityName && set `ps | grep com.packagename.here` && strace -p $2

Answer 6

I would recommend prior to starting your app start strace on zygote process and follow forks. Zygote process is the main process from which every new process forks in Android, including your app. Then you might want to filter the log based on PIDs you are interested in. Example:

ps zygote

get the zygote PID, then

strace -f -p < zygote_PID >