-
Notifications
You must be signed in to change notification settings - Fork 5
Android strace guide
The following is a precompiled strace binary made for arm64 devices without any lib dependencies: strace.bin . This is not a special strace binary and meant as a fallback only if you don't have any included in your OS etc.
Installation:
adb root
adb remount
adb push strace.bin /system/bin/strace
adb shell chmod +x /system/bin/strace
adb shell
ps |grep whateverproc
--> get the pid (FILLINPID
in the next steps)
strace -tt -y -ff -a 120 -s 600 -o /tmp/strace.log <BINARY>
the following allows to filter before:
strace -tt -y -ff -a 120 -s 600 <BINARY> 2>&1 |grep -v ppoll > /tmp/strace.log
strace -tt -y -ff -a 120 -s 600 -p FILLINPID -o /tmp/strace.log
the following allows to filter before:
strace -tt -y -ff -a 120 -s 600 -p FILLINPID 2>&1 |grep -v ppoll > /tmp/strace.log
check "ARGS EXPLAINED" bc usually this is not needed due to -ff
strace -tt -y -a 120 -s 600 -ff -p FILLINPID1 -p FILLINPID2 -o /tmp/strace.log
again here with a filter:
strace -tt -y -a 120 -s 600 -ff -p FILLINPID1 -p FILLINPID2 2>&1 |grep -v ppoll > /tmp/strace.log
<FILL-IN-COMMAND>
is what you see in "ps" output:
strace -y -ff -a 120 -s 600 -tt -p $(ps -A -o pid,command | grep '<FILL-IN-COMMAND>' | grep -E -o '[0-9]+')
or without adb shell before (beware of the quotes! the following cmd expects running on linux):
adb shell "strace -y -ff -a 120 -s 600 -tt -p \$(ps -A -o pid,command | grep '<FILL-IN-COMMAND>' | grep -E -o '[0-9]+')" 2>&1 | grep -E -v "ppoll|nanosl|dbfifo"
strace ... 2>&1 | grep -vE "ppoll|unfinished|resume|clock_gettime|_IOC_READ" | grep -E "faccessat|fstatat64|openat|denied|fail|unlink"
- prepare service, yes even start it!
stop <service-name>
setprop ctl.sigstop_on <service-name>
start <service-name>
- find sigstopped init and attach strace to it
ps -A |grep stop (find the sigstopped init PID : "do_signal_stop")
or if that does not show anything try (WCHAN is the important column here):
ps -A -o PID,CMD,ARGS,COMMAND,WCHAN | grep stop
strace -tt -y -a 120 -s 600 -ff -p <PID>
or if you want to save the output to a file:
strace -tt -y -a 120 -s 600 -ff -p <PID> -o /sdcard/Download/strace_service.log
- continue starting the service by opening a NEW adb shell and:
kill -SIGCONT <pid of the above sigstopped init>
The service will continue as usual but completely strace'd.
- revert the sigstop -> either just reboot or set:
setprop ctl.sigstop_off <service-name>
start <service-name>
-y : print paths associated with file descriptor arguments
-tt : print absolute timestamp with usecs
-ff : follow forks with output into separate files (mainly for "-o" only)
-a : alignment COLUMN for printing syscall results (default 40)
-s : limit length of print strings to STRSIZE chars (default 32)
-p : pid of the process we want to attach to
-o : output everything to a give file instead of stdin (-ff is recommended then, too)