Home > Software > Tools > Command-line Tools > ProcDump

ProcDump logo

Details

Package ID
procdump
Version
9.00
Downloads
32235
Website
https://technet.microsoft.com/sysinternals/dd996900

Summary

Command-line utility to capture process dumps

Description

ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps.

Command line usage

procdump [-a] [[-c|-cl CPU usage] [-u] [-s seconds]] [-n exceeds] [-e [1 [-b]] [-f <filter,…>] [-g] [-h] [-l] [-m|-ml commit usage] [-ma | -mp] [-o] [-p|-pl counter threshold] [-r] [-t] [-d <callback DLL>] [-64] <[-w] <process name | service name | PID> [dump file] | -i <dump file> | -u | -x <dump file> <image file> [arguments] >] [-? [ -e]

-a Avoid outage. Requires -r. If the trigger will cause the target to suspend for a prolonged time due to an exceeded concurrent dump limit, the trigger will be skipped

-b Treat debug breakpoints as exceptions (otherwise ignore them)

-c CPU threshold at which to create a dump of the process

-cl CPU threshold below which to create a dump of the process

-d Invoke the minidump callback routine named MiniDumpCallbackRoutine of the specified DLL

-e Write a dump when the process encounters an unhandled exception. Include the 1 to create dump on first chance exceptions

-f Filter the first chance exceptions. Wildcards (*) are supported. To just display the names without dumping, use a blank ("") filter

-g Run as a native debugger in a managed process (no interop)

-h Write dump if process has a hung window (does not respond to window messages for at least 5 seconds)

-i Install ProcDump as the AeDebug postmortem debugger. Only -ma, -mp, -d and -r are supported as additional options

-l Display the debug logging of the process

-m Memory commit threshold in MB at which to create a dump

-ma Write a dump file with all process memory. The default dump format only includes thread and handle information

-ml Trigger when memory commit drops below specified MB value

-mp Write a dump file with thread and handle information, and all read/write process memory. To minimize dump size, memory areas larger than 512MB are searched for, and if found, the largest area is excluded. A memory area is the collection of same sized memory allocation areas. The removal of this (cache) memory reduces Exchange and SQL Server dumps by over 90%

-n Number of dumps to write before exiting

-o Overwrite an existing dump file

-p Trigger on the specified performance counter when the threshold is exceeded. Note: to specify a process counter when there are multiple instances of the process running, use the process ID with the following syntax: "\Process(<name>_<pid>)\counter"`

-pl Trigger when performance counter falls below the specified value

-r Dump using a clone. Concurrent limit is optional (default 1, max 5). CAUTION: a high concurrency value may impact system performance

  • Windows 7, 8 : Uses Reflection. OS doesn’t support -e.
  • Windows 8.1+ : Uses PSS. All trigger types are supported.

-s Consecutive seconds before dump is written (default is 10)

-t Write a dump when the process terminates

-u Treat CPU usage relative to a single core (used with -c). As the only option, Uninstalls ProcDump as the postmortem debugger

-w Wait for the specified process to launch if it's not running

-x Launch the specified image with optional arguments. If it is a Store Application or Package, ProcDump will start on the next activation (only)

-64 By default ProcDump will capture a 32-bit dump of a 32-bit process when running on 64-bit Windows. This option overrides to create a 64-bit dump. Only use for WOW64 subsystem debugging

-? Use -? -e to see example command lines

Comments

Loading comments...