procview

A tool to determine what a Linux process is doing

This utility reads an strace file and analyzes it. It uses lsof to determine which file handles are open prior to attaching strace.

It determines what disk and network activity is taking place within the process.

It is a linux-only GEM as it requires the following Linux programs:

• lsof at version 4.82 or higher
• strace at version 4.5.19

Installation

This tool is published as a binary GEM on https://rubygems.org so you can simply do:

gem install procview

Usage

This tool can be used in one of three ways:

• To post-process a trace file produced by https://github.com/townsen/perl-Apache2-Instrument
• To analyze a currently running process in realtime (using the -p option)
• To run a command while performing the analysis (by supplying a command)

To get a summary of the options type procview -?

Summarization Options

The summary options all create 'buckets' for the accumulation of statistics. Each bucket has a patternset that is used to match against the name associated with each I/O. The statistics are accumulated in the first bucket found. The sequence of buckets is as they appear on the command line.

• -F: Summarize all disk file activity in one line.
• -s: Summarize all activity to the LSB 'system' directories
• --sum: Create a bucket using a regular expression. The bucket can optionally be named by included name= prior to the regular expression. The RE syntax is that of Ruby.

Dregs

There are certain calls which cannot be allocated against any IO handles. Examples would be stat() or close() calls for non-existant handles. These are accumulated into a special bucket called 'dregs' and displayed as Unassigned in the output. This time is accounted for in the call level summary, but cannot be placed into an I/O bucket.

Issues

There are many potential calls produced by strace and I may not have handled them all. In such cases the utility will print an error message to stderr and continue.