ProcDump Sysinternals Tool for Linux

2018-11-21T01:02:16
ID N0WHERE:173030
Type n0where
Reporter N0where
Modified 2018-11-21T01:02:16

Description

ProcDump is a Linux reimagining of the classic ProcDump tool from the Sysinternals suite of tools for Windows. ProcDump provides a convenient way for Linux developers to create core dumps of their application based on performance triggers.

Requirements

  • Minimum OS:
    • Red Hat Enterprise Linux / CentOS 7
    • Fedora 26
    • Mageia 6
    • Ubuntu 14.04 LTS
  • gdb >= 7.6.1
  • zlib (build-time only)

Usage

Usage: procdump [OPTIONS...] TARGET
   OPTIONS
      -C          CPU threshold at which to create a dump of the process from 0 to 100 * nCPU
      -c          CPU threshold below which to create a dump of the process from 0 to 100 * nCPU
      -M          Memory commit threshold in MB at which to create a dump
      -m          Trigger when memory commit drops below specified MB value.
      -n          Number of dumps to write before exiting
      -s          Consecutive seconds before dump is written (default is 10)
   TARGET must be exactly one of these:
      -p          pid of the process
      -w          Name of the process executable

Examples

The following examples all target a process with pid == 1234
The following will create a core dump immediately.

sudo procdump -p 1234

The following will create 3 core dumps 10 seconds apart.

sudo procdump -n 3 -p 1234

The following will create 3 core dumps 5 seconds apart.

sudo procdump -n 3 -s 5 -p 1234

The following will create a core dump each time the process has CPU usage >= 65%, up to 3 times, with at least 10 seconds between each dump.

sudo procdump -C 65 -n 3 -p 1234

The following will create a core dump each time the process has CPU usage >= 65%, up to 3 times, with at least 5 seconds between each dump.

sudo procdump -C 65 -n 3 -s 5 -p 1234

The following will create a core dump when CPU usage is outside the range [10,65].

sudo procdump -c 10 -C 65 -p 1234

The following will create a core dump when CPU usage is >= 65% or memory usage is >= 100 MB.

sudo procdump -C 65 -M 100 -p 1234

> All options can also be used with -w instead of -p. -w will wait for a process with the given name.

The following waits for a process named my_application and creates a core dump immediately when it is found.

sudo procdump -w my_application

Current Limitations

  • Currently will only run on Linux Kernels version 3.5+
  • Does not have full feature parity with Windows version of ProcDump, specifically, stay alive functionality, and custom performance counters

ProcDump Sysinternals Tool for Linux download