A Linux version of the ProcDump Sysinternals tool
License: MIT License
This is the source repository for https://docs.microsoft.com/sysinternals/
Please see CONTRIBUTING.md if you wish to contribute fixes or updates.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
Using the -w (--wait) flag, you can specify a process name, and Procdump will wait for that process start. Upon finding the process started, Procdump will then start watching the process as usual.
sudo procdump -C 65 -w my-application
Looping through /proc/ and reading /proc/[pid]/stat or /proc/[pid]/cmdline to find the provided name.
Should multiple processes match the given name, Procdump should error out (mimicking the Windows version).
Installed the Ubuntu x64 deb on a Debian instance [4.18.0-kali1-amd64 #1 SMP Debian 4.18.6-1kali1 (2018-09-10) x86_64 GNU/Linux] and everything seems to work fine. Is it possible to have an option to create a core dump depending on a return signal ? e.g. SIGBUS, SIGSEGV, SIGTRAP e.t.c
We tried installing ProcDump on Amazon linux AMI with CentOS, however, we could not install the procDump. It's failing at step 2: sudo apt-get update.
Error:
apt-get update
Ign:1 http://deb.debian.org/debian stretch InRelease
Get:2 http://deb.debian.org/debian stretch-updates InRelease [91.0 kB]
Hit:3 http://deb.debian.org/debian stretch Release
Hit:4 http://security.debian.org/debian-security stretch/updates InRelease
Fetched 91.0 kB in 0s (308 kB/s)
Reading package lists... Done
E: The method driver /usr/lib/apt/methods/https could not be found.
N: Is the package apt-transport-https installed?
E: Failed to fetch https://packages.microsoft.com/repos/microsoft-ubuntu-trusty-prod/dists/trusty/InRelease
E: Some index files failed to download. They have been ignored, or old ones used instead.
Latest Amazon Linux AMI with dotnet core 2.0
any idea on this error?
I am sure you have probably done this already but figured I'd post here as well for anyone wondering
Fedora seemed to work out of the box but I could have other utilities installed already from dev work...however, CentOS 7 I had to add -std=gnu99 to CFLAGS in the makefile
Works on Fedora 27 & CentOS 7.4
Work on both
[18:01:03]ckozler@bastion:~/code/ProcDump-for-Linux > sudo bin/procdump -n 3 -s 3 -C 50 -p 19025
ProcDump v1.0 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under ther MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Process: cat (19025)
CPU Threshold: >=50
Commit Threshold: n/a
Threshold Seconds: 3
Number of Dumps: 3
Press Ctrl-C to end monitoring without terminating the process.
[18:01:18 - INFO]: CPU: 96%
[18:01:18 - INFO]: Core dump 1 generated: cat_cpu_2017-12-06_18:01:18.19025
[18:01:22 - INFO]: CPU: 96%
[18:01:22 - INFO]: Core dump 2 generated: cat_cpu_2017-12-06_18:01:22.19025
[18:01:26 - INFO]: CPU: 96%
[18:01:26 - INFO]: Core dump 3 generated: cat_cpu_2017-12-06_18:01:26.19025
[18:01:26]ckozler@bastion:~/code/ProcDump-for-Linux > lsb_release -r
Release: 27
[root@ckozler ProcDump-for-Linux]# bin/procdump -n 3 -s 3 -C 50 -p 16354
ProcDump v1.0 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under ther MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Process: cat (16354)
CPU Threshold: >=50
Commit Threshold: n/a
Threshold Seconds: 3
Number of Dumps: 3
Press Ctrl-C to end monitoring without terminating the process.
[23:25:02 - INFO]: CPU: 96%
[23:25:03 - INFO]: Core dump 1 generated: cat_cpu_2017-12-06_23:25:02.16354
[23:25:07 - INFO]: CPU: 96%
[23:25:07 - INFO]: Core dump 2 generated: cat_cpu_2017-12-06_23:25:07.16354
[23:25:11 - INFO]: CPU: 96%
[23:25:11 - INFO]: Core dump 3 generated: cat_cpu_2017-12-06_23:25:11.16354
[root@ckozler ProcDump-for-Linux]# cat Makefile | grep ^CFLAGS
CFLAGS=-I ./include -pthread -std=gnu99
Issue reproduced on WSL2
``Install the GPG key:
wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add -
Ensure apt is set up to work with https sources:
sudo apt-get install apt-transport-https
Select the channel to use:
Stableecho "deb https://download.sublimetext.com/ apt/stable/" | sudo tee /etc/apt/sources.list.d/sublime-text.list Devecho "deb https://download.sublimetext.com/ apt/dev/" | sudo tee /etc/apt/sources.list.d/sublime-text.list
Update apt sources and install Sublime Text
sudo apt-get update sudo apt-get install sublime-text
pacman
Install the GPG key:
curl -O https://download.sublimetext.com/sublimehq-pub.gpg && sudo pacman-key --add sublimehq-pub.gpg && sudo pacman-key --lsign-key 8A8F901A && rm sublimehq-pub.gpg
Select the channel to use:
Stableecho -e "\n[sublime-text]\nServer = https://download.sublimetext.com/arch/stable/x86_64" | sudo tee -a /etc/pacman.conf Devecho -e "\n[sublime-text]\nServer = https://download.sublimetext.com/arch/dev/x86_64" | sudo tee -a /etc/pacman.conf
Update pacman and install Sublime Text
sudo pacman -Syu sublime-text
yum
Install the GPG key:
sudo rpm -v --import https://download.sublimetext.com/sublimehq-rpm-pub.gpg
Select the channel to use:
Stablesudo yum-config-manager --add-repo https://download.sublimetext.com/rpm/stable/x86_64/sublime-text.repo Devsudo yum-config-manager --add-repo https://download.sublimetext.com/rpm/dev/x86_64/sublime-text.repo
Update yum and install Sublime Text
sudo yum install sublime-text
dnf
Install the GPG key:
sudo rpm -v --import https://download.sublimetext.com/sublimehq-rpm-pub.gpg
Select the channel to use:
Stablesudo dnf config-manager --add-repo https://download.sublimetext.com/rpm/stable/x86_64/sublime-text.repo Devsudo dnf config-manager --add-repo https://download.sublimetext.com/rpm/dev/x86_64/sublime-text.repo
Update dnf and install Sublime Text
sudo dnf install sublime-text
zypper
Install the GPG key:
sudo rpm -v --import https://download.sublimetext.com/sublimehq-rpm-pub.gpg
Select the channel to use:
Stablesudo zypper addrepo -g -f https://download.sublimetext.com/rpm/stable/x86_64/sublime-text.repo Devsudo zypper addrepo -g -f https://download.sublimetext.com/rpm/dev/x86_64/sublime-text.repo
Update zypper and install Sublime Text
sudo zypper install sublime-text ยฉย Sublime HQ Pty Ltd
Woollahra, Sydney.
I'm attempting to build and run procdump (v 1.1.1) on a Debian sid container, and run a simple test to capture up to 3 core dumps when 'cat'ing /dev/urandom to /dev/null in the background with a CPU threshold of 80%.
It doesn't seem to capture core dumps despite hitting the CPU thresholds:
# ./test.sh
PID = 3696
ProcDump v1.1.1 - Sysinternals process dump utility
Copyright (C) 2020 Microsoft Corporation. All rights reserved. Licensed under the MIT
license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Process: cat (3696)
CPU Threshold: >=80
Commit Threshold: n/a
Polling interval (ms): 1000
Threshold (s): 3
Number of Dumps: 3
Press Ctrl-C to end monitoring without terminating the process.
[00:11:03 - INFO]: CPU: 80%
[00:11:08 - INFO]: CPU: 93%
[00:11:13 - INFO]: CPU: 95%
[00:11:18 - INFO]: CPU: 96%
[00:11:23 - INFO]: CPU: 96%
^C[00:11:24 - INFO]: Quit
This same test works fine on a non-containerized environment (Debian unstable), with the following output:
$ ./test.sh
PID = 1000606
ProcDump v1.1.1 - Sysinternals process dump utility
Copyright (C) 2019 Microsoft Corporation. All rights reserved. Licensed under the MIT
license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Process: cat (1000606)
CPU Threshold: >=80
Commit Threshold: n/a
Polling interval (ms): 1000
Threshold (s): 3
Number of Dumps: 3
Press Ctrl-C to end monitoring without terminating the process.
[20:18:14 - INFO]: CPU: 80%
[20:18:15 - INFO]: Core dump 0 generated: cat_cpu_2020-07-18_20:18:14.1000606
[20:18:19 - INFO]: CPU: 90%
[20:18:20 - INFO]: Core dump 1 generated: cat_cpu_2020-07-18_20:18:19.1000606
[20:18:24 - INFO]: CPU: 93%
[20:18:25 - INFO]: Core dump 2 generated: cat_cpu_2020-07-18_20:18:24.1000606
#!/bin/sh
cat /dev/urandom > /dev/null &
PID=$!
echo "PID = $PID"
sudo procdump -p $PID -C 80 -n 3 -s 3
kill -9 $PID
Host system: Debian unstable
Kernel: 5.7.8 #1 SMP Fri Jul 10 22:31:47 EDT 2020 x86_64 GNU/Linux
I used ProcDump for Linux to generate a crash dump of an ASP.NET core 2.2 application running on CentOS 7.7. When I try to open that crash dump using WinDbg then I get "Win32 error 0n87" "The parameter is incorrect.
[root@localhost ProcDump-for-Linux]# make
rm -rf obj
rm -rf bin
rm -rf /root/wayne/ProcDump-for-Linux/pkgbuild
gcc -c -g -o obj/CoreDumpWriter.o src/CoreDumpWriter.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Events.o src/Events.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Handle.o src/Handle.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Logging.o src/Logging.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Procdump.o src/Procdump.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/ProcDumpConfiguration.o src/ProcDumpConfiguration.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Process.o src/Process.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/TriggerThreadProcs.o src/TriggerThreadProcs.c -Wall -I ./include -pthread -std=gnu99
gcc -o bin/procdump obj/CoreDumpWriter.o obj/Events.o obj/Handle.o obj/Logging.o obj/Procdump.o obj/ProcDumpConfiguration.o obj/Process.o obj/TriggerThreadProcs.o -Wall -I ./include -pthread -std=gnu99
/usr/bin/ld: obj/Events.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/Handle.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here
/usr/bin/ld: obj/Logging.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/Logging.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: multiple definition of g_config'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: first defined here
/usr/bin/ld: obj/Logging.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: multiple definition of HZ'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: first defined here /usr/bin/ld: obj/Logging.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: multiple definition of MAXIMUM_CPU'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: first defined here
/usr/bin/ld: obj/Procdump.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/Procdump.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: multiple definition of g_config'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: first defined here
/usr/bin/ld: obj/Procdump.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: multiple definition of HZ'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: first defined here /usr/bin/ld: obj/Procdump.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: multiple definition of MAXIMUM_CPU'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: first defined here
/usr/bin/ld: obj/ProcDumpConfiguration.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/ProcDumpConfiguration.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: multiple definition of g_config'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: first defined here
/usr/bin/ld: obj/ProcDumpConfiguration.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: multiple definition of HZ'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: first defined here /usr/bin/ld: obj/ProcDumpConfiguration.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: multiple definition of MAXIMUM_CPU'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: first defined here
/usr/bin/ld: obj/Process.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/TriggerThreadProcs.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/Logging.h:42: first defined here
/usr/bin/ld: obj/TriggerThreadProcs.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: multiple definition of g_config'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:47: first defined here /usr/bin/ld: obj/TriggerThreadProcs.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: multiple definition of HZ'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:49: first defined here
/usr/bin/ld: obj/TriggerThreadProcs.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: multiple definition of `MAXIMUM_CPU'; obj/CoreDumpWriter.o:/root/wayne/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:50: first defined here
collect2: error: ld returned 1 exit status
make: *** [Makefile:57: bin/procdump] Error 1
[root@localhost ProcDump-for-Linux]#
The entered number of dumbs have no effect.
Tested on Lubuntu 20.04 in VirtualBox.
I have used your example in the animated gif on the frontpage and have done it to an script:
#!/bin/bash
cat /dev/urandom > /dev/null &
sudo ./procdump -p $! -C 80 -n 3 -s 3
kill $!
It dumps infinitely time stamps. But at the header stands "Number of Dumps: 3".
Also interesting is, that was not at the beginning. Version 1.0 and 1.0.1 working ok and stopping after 3 dumps, but version 1.1 and 1.1.1 don't stop dumping.
I have looked, after which commit the bug comes. The Commit of Dec 3, 2019 creates the problem with the infinity dumps
aff9caf
It was a big commit, which added a .NET core dump generator, fixed a lot of bugs and created the mentioned bug.
Program is compiled when running make
Compilation fails:
LANG=C_ALL make
rm -rf obj
rm -rf bin
rm -rf release
gcc -c -g -o obj/CoreDumpWriter.o src/CoreDumpWriter.c -I ./include -pthread
src/CoreDumpWriter.c: In function 'WriteCoreDumpInternal':
src/CoreDumpWriter.c:186:9: error: 'for' loop initial declarations are only allowed in C99 mode
for(int j = 0; j < i; j++){
^
src/CoreDumpWriter.c:186:9: note: use option -std=c99 or -std=gnu99 to compile your code
make: *** [obj/CoreDumpWriter.o] Error 1
gcc --version
gcc (Ubuntu 4.8.4-2ubuntu1~14.04.3) 4.8.4
make --version
GNU Make 3.81
Is Ubuntu 18.04 (Bionic) supported? It's not mentioned in the readme and it's not in the bionic feed. If not, what's the best way to start testing with it?
Ubuntu14.04, Ubuntu19.04
I had tried to install ProcDump v1.0.1 via package manager and .deb. However, in both ways, there is no -w option.
Process dump is created
root@8562a605f1fb# procdump -p 1
ProcDump v1.0.1 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Process: dotnet (1)
CPU Threshold: n/a
Commit Threshold: n/a
Threshold Seconds: 10
Number of Dumps: 1
Press Ctrl-C to end monitoring without terminating the process.
[12:46:16 - INFO]: Timed:
[12:46:16 - ERROR]: An error occured while generating the core dump
[12:46:16 - ERROR]: GCORE - ptrace: Operation not permitted.
[12:46:16 - ERROR]: GCORE - You can't do that without a process to debug.
[12:46:16 - ERROR]: GCORE - The program is not being run.
[12:46:16 - ERROR]: GCORE - gcore: failed to create dotnet_time_2018-10-12_12:46:16.1
procdump -p 1docker image microsoft/dotnet:2.1.4-runtime-stretch-slim
In container I am logged in as root user.
This is a request for ProcDump to be built and included in the microsoft-debian-stretch-prod apt repository at packages.microsoft.com.
The Xenial version works fine for now on Debian Stable but would prefer a build for Stable.
Thank you.
Remove dependence on gcore.
I would like to ask, is there any plan to support ARM version ProcDump on Raspbian OS? And what alternative command can I use to gather .Net memory dump inside a docker container?
When following the installation instructions for 1. Add the Microsoft Product feed, the trusted key is securely placed into the system's keyring.
The microsoft.gpg key is left user owned.
Ubuntu GNU/Linux 16.4.3 LTS.
With patch https://github.com/microsoft/ProcDump-for-Linux//pull/79.patch
gcc -c -g -o obj/CoreDumpWriter.o src/CoreDumpWriter.c -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -flto=auto -flto-partition=none -I ./include -pthread -std=gnu99
src/CoreDumpWriter.c: In function 'IsCoreClrProcess':
src/CoreDumpWriter.c:124:9: warning: ignoring return value of 'fgets' declared with attribute 'warn_unused_result' [-Wunused-result]
124 | fgets(lineBuf, sizeof(lineBuf), procFile); // Skip first line with column headers.
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcc -o bin/ProcDumpTestApplication obj/ProcDumpTestApplication.o -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -flto=auto -flto-partition=none -I ./include -pthread -std=gnu99
gcc -o bin/procdump obj/Logging.o obj/Events.o obj/ProcDumpConfiguration.o obj/Handle.o obj/Process.o obj/Procdump.o obj/TriggerThreadProcs.o obj/CoreDumpWriter.o -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -flto=auto -flto-partition=none -I ./include -pthread -std=gnu99
In function 'strncpy',
inlined from 'WriteCoreDumpInternal' at src/CoreDumpWriter.c:494:17:
/usr/include/bits/string_fortified.h:106:10: warning: '__builtin_strncpy' specified bound depends on the length of the source argument [-Wstringop-overflow=]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^
src/CoreDumpWriter.c: In function 'WriteCoreDumpInternal':
src/CoreDumpWriter.c:490:26: note: length computed here
490 | lineLength = strlen(lineBuffer); // get # of characters read
| ^
In function 'strncpy',
inlined from 'IsCoreClrProcess.constprop.isra' at src/CoreDumpWriter.c:138:28:
/usr/include/bits/string_fortified.h:106:10: warning: '__builtin_strncpy' specified bound depends on the length of the source argument [-Wstringop-overflow=]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^
src/CoreDumpWriter.c: In function 'IsCoreClrProcess.constprop.isra':
src/CoreDumpWriter.c:138:67: note: length computed here
138 | if(strncpy(*socketName, ptr, sizeof(char)*strlen(ptr)+1)!=NULL)
| ^
Problem : ProcDump binary itself dumps core when invoved with '--version' or '---' etc
Setup Information
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.2 (Ootpa)
$
$ uname -r
4.18.0-193.el8.x86_64
$
I was trying to find version information of the procdump binary itself that I just build hence provided the --version options and the program core dumped
$ ./procdump --version
ProcDump v1.1.1 - Sysinternals process dump utility
Copyright (C) 2020 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Segmentation fault (core dumped)
$
Core file generated below
$ ls -l
total 428
-rw-------. 1 root root 425984 Jun 24 06:03 core.procdump.354928
-rwxr-xr-x. 1 root root 125608 Jun 24 05:58 procdump
-rwxr-xr-x. 1 root root 15552 Jun 24 05:58 ProcDumpTestApplication
$
$ file core.procdump.354928
core.procdump.354928: ELF 64-bit LSB core file, x86-64, version 1 (SYSV), SVR4-style, from './procdump --version', real uid: 0, effective uid: 0, real gid: 0, effective gid: 0, execfn: './procdump', platform: 'x86_64'
$
Backtrace information
$ gdb -q ./procdump ./core.procdump.354928
Reading symbols from ./procdump...done.
[New LWP 354928]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `./procdump --version'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007fbaeb7f1fb1 in __strncmp_avx2 () from /lib64/libc.so.6
Missing separate debuginfos, use: yum debuginfo-install glibc-2.28-101.el8.x86_64
(gdb) bt
#0 0x00007fbaeb7f1fb1 in __strncmp_avx2 () from /lib64/libc.so.6
#1 0x00007fbaeb77ade1 in process_long_option () from /lib64/libc.so.6
#2 0x00007fbaeb77b75f in _getopt_internal_r () from /lib64/libc.so.6
#3 0x00007fbaeb77b9c5 in _getopt_internal () from /lib64/libc.so.6
#4 0x00007fbaeb77ba52 in getopt_long () from /lib64/libc.so.6
#5 0x0000000000403458 in GetOptions (self=0x60d5a0 <g_config>, argc=2, argv=0x7fff9a14bef8) at src/ProcDumpConfiguration.c:201
#6 0x0000000000406369 in main (argc=2, argv=0x7fff9a14bef8) at src/Procdump.c:19
(gdb)
I tried a few variations however it seems if length is 3 or more and the 3rd character is - the program core dumps
$ ./procdump ---
ProcDump v1.1.1 - Sysinternals process dump utility
Copyright (C) 2020 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Segmentation fault (core dumped)
$
There was no way of providing which version of the program I am using, hence did a git log to provide info
on the latest commit to help understand which exact code base I am using
$ git log -1
commit 2ec3090bddcc084d07cb4f8266815545050ddeab (HEAD -> master, origin/master, origin/check_gcore, origin/HEAD)
Author: jahabibi <[email protected]>
Date: Wed May 6 23:19:16 2020 -0700
Ubuntu 20.04 Documentation Update (#88)
* adding ubuntu 20.04 installation candidate
* updating dev environment
$
Successful installation of Procdump on Fedora/CentOS/RHEL/openSUSE/SLES
Package not found.
During the release of Procdump 1.1 we found an issue in our release pipeline that resulted in unsigned rpm packages being published. We have removed them and are working actively to resolve this issue and republish our rpm packages.
Only a minor thing.
But version 1.1.1 comes now out on April 2020 and if you start the program, it mentioned a "Copyright (C) 2019" ๐
ProcDump v1.1.1 - Sysinternals process dump utility
Copyright (C) 2019 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Would you like to add more error handling for return values from functions like the following?
We need to update the documentation to have the GitHub URL.
Ok
Apart from conditional core dump, e.g monitoring the CPU usage of target process
What's the difference between this and the traditional gcore tool?
Download of DEB package
Empty/0-byte file created (no error).
wget -q https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb -O packages-microsoft-prod.deblsb_release -rs returns "20" instead of "20.04"Linux 5.4.0-39-generic #43-Ubuntu SMP Fri Jun 19 10:28:31 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
DISTRIB_ID=LinuxMint
DISTRIB_RELEASE=20
DISTRIB_CODENAME=ulyana
DISTRIB_DESCRIPTION="Linux Mint 20 Ulyana"
It's probably a Linux Mint quirk of lsb-release, but thought I should mention it.
I can set dump generation action(program).
Dump generation program is hardcoded.
I can trigger debugger, profiler or other tool.
Design.
The Makefile hardcodes the CC variable as CC=gcc, forcing users to comment it out in case they want to use clang/a different version of gcc.
It would be wiser IMHO to just leave the CC variable alone, given that in GNU Make it defaults to cc when not set (which is almost always a symlink to gcc).
https://github.com/Microsoft/ProcDump-for-Linux/blob/master/src/Process.c#L51
seems somewhat dubious given that the process name can contain spaces e.g.
perl -e '$0="string parsing in C is hard"; say $$; sleep 9999'
which I believe will result in a proc->comm of "strin" and then who knows what for the subsequent tokens.
References & Related Readings
build success
molly@sickvpn:~/ProcDump-for-Linux$ make
rm -rf obj
rm -rf bin
rm -rf /home/molly/ProcDump-for-Linux/pkgbuild
gcc -c -g -o obj/CoreDumpWriter.o src/CoreDumpWriter.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Events.o src/Events.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Handle.o src/Handle.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Logging.o src/Logging.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Procdump.o src/Procdump.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/ProcDumpConfiguration.o src/ProcDumpConfiguration.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/Process.o src/Process.c -Wall -I ./include -pthread -std=gnu99
gcc -c -g -o obj/TriggerThreadProcs.o src/TriggerThreadProcs.c -Wall -I ./include -pthread -std=gnu99
gcc -o bin/procdump obj/CoreDumpWriter.o obj/Events.o obj/Handle.o obj/Logging.o obj/Procdump.o obj/ProcDumpConfiguration.o obj/Process.o obj/TriggerThreadProcs.o -Wall -I ./include -pthread -std=gnu99
/usr/bin/ld: obj/Events.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/Handle.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here
/usr/bin/ld: obj/Logging.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/Logging.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: multiple definition of g_config'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: first defined here
/usr/bin/ld: obj/Logging.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: multiple definition of HZ'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: first defined here /usr/bin/ld: obj/Logging.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: multiple definition of MAXIMUM_CPU'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: first defined here
/usr/bin/ld: obj/Procdump.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/Procdump.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: multiple definition of g_config'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: first defined here
/usr/bin/ld: obj/Procdump.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: multiple definition of HZ'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: first defined here /usr/bin/ld: obj/Procdump.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: multiple definition of MAXIMUM_CPU'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: first defined here
/usr/bin/ld: obj/ProcDumpConfiguration.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/ProcDumpConfiguration.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: multiple definition of g_config'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: first defined here
/usr/bin/ld: obj/ProcDumpConfiguration.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: multiple definition of HZ'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: first defined here /usr/bin/ld: obj/ProcDumpConfiguration.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: multiple definition of MAXIMUM_CPU'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: first defined here
/usr/bin/ld: obj/Process.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here /usr/bin/ld: obj/TriggerThreadProcs.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: multiple definition of LoggerLock'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/Logging.h:42: first defined here
/usr/bin/ld: obj/TriggerThreadProcs.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: multiple definition of g_config'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:43: first defined here /usr/bin/ld: obj/TriggerThreadProcs.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: multiple definition of HZ'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:45: first defined here
/usr/bin/ld: obj/TriggerThreadProcs.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: multiple definition of `MAXIMUM_CPU'; obj/CoreDumpWriter.o:/home/molly/ProcDump-for-Linux/./include/ProcDumpConfiguration.h:46: first defined here
collect2: error: ld returned 1 exit status
make: *** [Makefile:57: bin/procdump] Error 1
github.com/ind3p3nd3nt/MollyEskam-Linux (custom Kali ISO with KDE, full-upgrade system) amd64
Linux sickvpn 5.8.0-kali2-amd64 #1 SMP Debian 5.8.10-1kali1 (2020-09-22) x86_64 GNU/Linux
Spelling error in readme.md
Install ProcDump
Checkout our install instructions for distribution-specific steps to install Procdump
Install ProcDump
Checkout our install instructions for ditribution specific steps to install Procdump
Get the proc dump snapshot
gnuhpc@gnuhpc-pc:~/app/ProcDump-for-Linux/bin$ sudo ./procdump -p 3151
ProcDump v1.0.1 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
[13:58:02 - ERROR]: Error getting process name.
Process: (null) (3151)
CPU Threshold: n/a
Commit Threshold: n/a
Threshold Seconds: 10
Number of Dumps: 1
Press Ctrl-C to end monitoring without terminating the process.
Segmentation fault
gnuhpc@gnuhpc-pc:~/app/redis-5.0.4/src$ ps -ef |grep redis
gnuhpc 2947 2839 0 13:54 pts/11 00:00:00 redis-cli
gnuhpc 3151 2714 0 13:57 pts/10 00:00:00 ./redis-server 127.0.0.1:6379
gnuhpc@gnuhpc-pc:~/app/ProcDump-for-Linux/bin$ sudo ./procdump -p 3151
ProcDump v1.0.1 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.[13:58:02 - ERROR]: Error getting process name.
Process: (null) (3151)
CPU Threshold: n/a
Commit Threshold: n/a
Threshold Seconds: 10
Number of Dumps: 1Press Ctrl-C to end monitoring without terminating the process.
Segmentation fault
gnuhpc@gnuhpc-pc:~/app/ProcDump-for-Linux/bin$ sudo ./procdump -p 2947ProcDump v1.0.1 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.Process: redis-cli (2947)
CPU Threshold: n/a
Commit Threshold: n/a
Threshold Seconds: 10
Number of Dumps: 1Press Ctrl-C to end monitoring without terminating the process.
14:01:12 - INFO: Core dump 1 generated: redis_cli_time_2019-04-25_14:01:12.2947
Linux distro:
gnuhpc@gnuhpc-pc:~/app/ProcDump-for-Linux/bin$ cat /etc/release
DISTRIB_ID=LinuxMint
DISTRIB_RELEASE=19
DISTRIB_CODENAME=tara
DISTRIB_DESCRIPTION="Linux Mint 19 Tara"
NAME="Linux Mint"
VERSION="19 (Tara)"
ID=linuxmint
ID_LIKE=ubuntu
PRETTY_NAME="Linux Mint 19"
VERSION_ID="19"
HOME_URL="https://www.linuxmint.com/"
SUPPORT_URL="https://forums.ubuntu.com/"
BUG_REPORT_URL="http://linuxmint-troubleshooting-guide.readthedocs.io/en/latest/"
PRIVACY_POLICY_URL="https://www.linuxmint.com/"
VERSION_CODENAME=tara
UBUNTU_CODENAME=bionic
ProcDump for Linux:
using the master branch from the github and make the source code by myself
Kernel version:
gnuhpc@gnuhpc-pc:~/app/ProcDump-for-Linux/bin$ uname -a
Linux gnuhpc-pc 4.15.0-47-generic #50-Ubuntu SMP Wed Mar 13 10:44:52 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
I have successfully generated files on debian, but what analysis tool should I use?
I've tried windbg, and it doesn't seem to work.
I'm trying out release 1.1.1 and looking to run the integration tests successfully after building from source.
Getting "Invalid switch specified" errors during test execution.
Starting high_cpu_notdump.sh
PID: 1297892
ChildrenPID:
ChildPID:
/home/anuradha/ninsei/projects/debian/procdump/upstream/release/ProcDump-for-Linux-1.1.1/bin/procdump -C 80 -p
ProcDump v1.1.1 - Sysinternals process dump utility
Copyright (C) 2019 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
[18:15:10 - ERROR]: Invalid switch specified
Usage: procdump [OPTIONS...] TARGET
OPTIONS
-h Prints this help screen
-C Trigger core dump generation when CPU exceeds or equals specified value (0 to 100 * nCPU)
-c Trigger core dump generation when CPU is less than specified value (0 to 100 * nCPU)
-M Trigger core dump generation when memory commit exceeds or equals specified value (MB)
-m Trigger core dump generation when when memory commit is less than specified value (MB)
-T Trigger when thread count exceeds or equals specified value.
-F Trigger when filedescriptor count exceeds or equals specified value.
-I Polling frequency in milliseconds (default is 1000)
-n Number of core dumps to write before exiting (default is 1)
-s Consecutive seconds before dump is written (default is 10)
-d Writes diagnostic logs to syslog
TARGET must be exactly one of these:
-p pid of the process
-w Name of the process executable
high_cpu_notdump.sh passed
All the test failures that I see:
Failed tests:
high_cpu.sh
high_cpu_trigger_cpu_memory.sh
high_mem.sh
high_mem_trigger_cpu_memory.sh
low_cpu.sh
low_cpu_trigger_cpu_memory.sh
low_mem.sh
low_mem_trigger_cpu_memory.sh
ondemand.sh
I have attached the full test log.
test.log
Distro: Debian unstable
5.7.8 #1 SMP Fri Jul 10 22:31:47 EDT 2020 x86_64 GNU/Linux
During the building of procdump packages for openSUSE, the package failed the post build checks due to the following errors:
[ 20s] I: Program returns random data in a function
[ 20s] E: procdump no-return-in-nonvoid-function src/CoreDumpWriter.c:283
[ 20s] E: procdump no-return-in-nonvoid-function src/ProcDumpConfiguration.c:467
openSUSE Leap 42.3, openSUSE Tumbleweed (20171211)
If you install procdump via package manager dependencies ensure that gdb is installed. However if you build procdump and gdb is not installed it will loop forever with the below output:
Press Ctrl-C to end monitoring without terminating the process.
[18:16:32 - INFO]: Timed:
[18:16:42 - INFO]: Timed:
[18:16:52 - INFO]: Timed:
[18:17:02 - INFO]: Timed:
[18:17:12 - INFO]: Timed:
[18:17:22 - INFO]: Timed:
[18:17:32 - INFO]: Timed:
Need to add check and exit gracefully if gdb is not installed (for non .net core 3 processes).
Provide a install source for CentOS 7, I also tried to clone the source code and make it, the make process is OK, and I got the procdump file in the "bin" folder, but when I run the procdump, there is no file to create, I only got these on the console window.
root@bogon:/home/code/procdump/ProcDump-for-Linux/bin> ./procdump -p 5063 -n 3 -s 3 -C 80 18-08-21 11:40
ProcDump v1.0.1 - Sysinternals process dump utility
Copyright (C) 2017 Microsoft Corporation. All rights reserved. Licensed under the MIT license.
Mark Russinovich, Mario Hewardt, John Salem, Javid Habibi
Monitors a process and writes a dump file when the process exceeds the
specified criteria.
Process: cat (5063)
CPU Threshold: >=80
Commit Threshold: n/a
Threshold Seconds: 3
Number of Dumps: 3
Press Ctrl-C to end monitoring without terminating the process.
[11:40:29 - INFO]: CPU: 97%
[11:40:33 - INFO]: CPU: 97%
[11:40:37 - INFO]: CPU: 97%
[09:53:42 - INFO]: Timed:
The only binary format of ProcDump-for-Linux currently is a .deb package.
It would be nice if you could provide an AppImage as well. This project has a set of tools (AppImageKit) which can help to generate AppImages automatically from source code.
AppImages work on many different Linux distros out of the box. They are one single file (which internally is a squashfs-compressed file system, that, for running its payload app, uses a thin builtin helper runtime to temporarily mount the AppImage and execute the payload) only, which makes it super-easy for users to take advantage of it: No installation, no package manager, no root privileges required. Can run different versions of the same thing concurrently. Does not mess with system libraries either. Also easy to dispose of -- just delete the one file.
Your colleagues from the PowerShell department provide the v6.0.0.0-Alpha9 and v6.0.0.0-rc as AppImages too. And it works rather nice:
In AppImageKit there is a also tool, pkg2appimage which can convert the .deb to an AppImage.
But maybe you want to integrate the AppImage (and .deb) creation into an automatic package generation using Travis CI?
pthread_setcancelstate() only takes either PTHREAD_CANCEL_ENABLE or PTHREAD_CANCEL_DISABLE whereas pthread_setcanceltype() takes either PTHREAD_CANCEL_DEFERRED or PTHREAD_CANCEL_ASYNCHRONOUS.
In CoreDumpWriter.c, pthread_setcancelstate() is passed PTHREAD_CANCEL_ASYNCHRONOUS which is only valid as an argument to pthread_setcanceltype(). The reason this doesn't cause a run-time failure is that, on Linux, PTHREAD_CANCEL_ASYNCHRONOUS and PTHREAD_CANCEL_DISABLE are both defined in enums and both happen to have the same integer value. On other UNIX-like systems they can be (and are) defined differently. I believe that this means that the call is actually setting the cancel state to PTHREAD_CANCEL_DISABLE but given the context that doesn't seem like the intended behaviour.
enum
{
PTHREAD_CANCEL_ENABLE,
#define PTHREAD_CANCEL_ENABLE PTHREAD_CANCEL_ENABLE
PTHREAD_CANCEL_DISABLE
#define PTHREAD_CANCEL_DISABLE PTHREAD_CANCEL_DISABLE
};
enum
{
PTHREAD_CANCEL_DEFERRED,
#define PTHREAD_CANCEL_DEFERRED PTHREAD_CANCEL_DEFERRED
PTHREAD_CANCEL_ASYNCHRONOUS
#define PTHREAD_CANCEL_ASYNCHRONOUS PTHREAD_CANCEL_ASYNCHRONOUS
};The erroneous use of pthread_setcancelstate() appears in CoreDumpWriter.c on line 88.
if(pthread_setcancelstate(PTHREAD_CANCEL_ASYNCHRONOUS, NULL) != 0){
Log(error, INTERNAL_ERROR);
Trace("WriteCoreDump: failed pthread_setcancelstate.");
exit(-1);
}Given the context, I think the correct call would be to pthread_setprocesstype() to "go back" from the DEFERRED setting on line 64.
Arch Linux
Linux 4.18.16
Have looked at the different options of the Linux ProcDump with the Windows documentation at
https://docs.microsoft.com/en-us/sysinternals/downloads/procdump
It isn't the problem, that one ProcDump have additional options then the other. But they have same option names with different funtions.
-m, -n and -s have same functions.
But -h, -c, -d, -p and -w have different functions.
-? (only for Windows)
exists only on Window. Seems to be the same as on Linux the -h
Windows: "Use -? -e to see example command lines."
-h (different)
Linux: "Prints this help screen"
Windows: "Write dump if process has a hung window (does not respond to window messages for at least 5 seconds)."
-c (different)
Linux: "Trigger core dump generation when CPU is less than specified value (0 to 100 * nCPU)"
Windows: "CPU threshold at which to create a dump of the process."
-m (same)
Linux: "Trigger core dump generation when when memory commit is less than specified value (MB)"
Windows: "Memory commit threshold in MB at which to create a dump."
-n (same)
Linux: "Number of core dumps to write before exiting (default is 1)"
Windows: "Number of dumps to write before exiting."
-s (same)
Linux: "Consecutive seconds before dump is written (default is 10)"
Windows: "Consecutive seconds before dump is written (default is 10)."
-d (different)
Linux: "Writes diagnostic logs to syslog"
Windows: "Invoke the minidump callback routine named MiniDumpCallbackRoutine of the specified DLL."
-p (different)
Linux: "pid of the process"
Windows: "Trigger on the specified performance counter when the threshold is exceeded. Note: to specify a process counter when there are multiple instances of the process running, use the process ID with the following syntax: "\Process(_)\counter""
-w (different)
Linux: "Name of the process executable"
Windows: "Wait for the specified process to launch if it's not running."
I use procdump to create a asp.net core process dump on centos 7, but the file size is too large, almost 25g. How to reduce the file size?
I think you need pthread_mutex_unlock(&LoggerLock); in LogFormatter if malloc failed
CentOS 7.7
kvm vm
mysqld running in docker
I'd love it if one had an option to specify a custom file path (including filename) to write the dump to.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.