抓哪个进程干坏事前要先停掉syslog
/etc/init.d/rsyslog stop
echo 1 > /proc/sys/vm/block_dump
dmesg | egrep “READ|WRITE|dirtied” | egrep -o ‘([a-zA-Z]*)’ | sort | uniq -c | sort -rn | head
#类似如下数据
#1423 kjournald
#1075 pdflush
#209 indexer
#3 cronolog
#1 rnald
#1 mysqld
#不要忘记在抓完之后关掉block_dump和启动syslog
echo 0 > /proc/sys/vm/block_dump
/etc/init.d/rsyslog start
或者dmesg | awk '/(READ|WRITE|dirtied)/ {process[$1]++} END {for (x in process) print process[x],x}'|sort -nr|awk '{print $2 " "$1}'|head -n 10
查看进程状态
ps -eo pid,user,wchan=WIDE-WCHAN-COLUMN -o s,cmd|awk ‘ $4 ~ /D/ {print $0}’
lsof -p $pid
