Half-baked ideas: strace visualizer

For more half-baked ideas, see the ideas tag

When you strace -f a collection of processes you end up with pretty frustrating output that looks like this. It’s almost impossible to keep track without pen and paper and plenty of time.

The half-baked idea is a visualization tool that takes the log file and constructs a picture — changing over time — of what processes are related to what other processes, what binaries they correspond to, what sockets are connected to each process (and connected between processes), what each program wrote to stderr, and so on.

There would be some sort of timeline slider that lets you watch this picture evolving over time, or lets you jump to, say, the place where program X exited with an error.

Make it happen, lazyweb!



Filed under Uncategorized

6 responses to “Half-baked ideas: strace visualizer

  1. I always wanted to implement this kind of thing in replay – http://alexmurray.github.io/replay – but never had the time – the visualisations are all there, all that would be needed would be a plugin to parse the strace output and create corresponding events for the visualisations to use…

    • rich

      Yes, this would be great!

      • FWIW, I’m currently working on a tool to replay strace traces (for a paper to appear in SOSP13), which includes a fairly robust parser for (a decent subset of) strace’s output syntax. It’s currently geared toward multithreaded applications and doesn’t handle handle multiple processes, but it might be a good starting point for something to extended/adapted to output information usable by the above-mentioned replay or similar. It’s already got some graphviz-dumping capability, but it’s oriented toward inter-thread ordering dependencies rather than process/FD relationships.

        And on a perhaps-related note, I’ve got a simple little python script up on github (https://github.com/zevweiss/fdgraph) that digs through /proc and dumps a graphviz graph more like what you’re talking about (file descriptors, process parentage, etc), but is currently limited to a single point-in-time snapshot of a live PID, rather than parsing a trace or somesuch.

  2. For tracing, there is Control Flow view in TMF (http://lttng.org/eclipse) Perhaps ideas from this can be used to design such a UI?

  3. I needed backtraces from the system calls. I ended up hacking it myself – maybe adding it to strace would also be cool.
    However, I found my bug and fixed it 😉

  4. this would be a good case for a graph database …. google badwolf is light and free .. then something to easily viz it … perhaps d3.js …

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.