gcore
Create core dump of running process
SYNOPSIS
gcore [options] pid
PARAMETERS
-o filename
Specify the output filename for the core dump. Defaults to 'core.pid' if not provided.
-a
Dump all thread stacks (only useful for multi-threaded applications).
DESCRIPTION
The gcore command creates a core dump of a running process. This core dump captures the memory image of the process at a specific point in time, allowing developers to analyze the process's state for debugging purposes. It's an invaluable tool for identifying crashes, deadlocks, memory leaks, or other unexpected behavior in production or testing environments.
gcore uses the ptrace system call to attach to the target process and extract its memory. The resulting core file can then be loaded into a debugger like gdb for detailed inspection. gcore is particularly useful when a process is stuck or misbehaving in a way that doesn't cause an immediate crash, making traditional debugging methods difficult.
CAVEATS
The target process will be briefly paused while the core dump is being created. Creating a core dump can consume significant disk space, especially for large processes. gcore needs permission to ptrace the target process, usually requiring the user to be the owner of the process or to have root privileges. gcore might not work correctly if the target process is actively using specific system calls or has certain security restrictions in place.
USAGE EXAMPLES
To create a core dump of process with PID 1234, simply run: gcore 1234.
To save the core dump to a specific file: gcore -o my_process.core 1234.
For multithreaded applications: gcore -a 1234.
HISTORY
gcore has been a part of coreutils for a while. Early usages centered around debugging server processes to uncover the roots of problems such as memory leaks and deadlocks. Development and enhancements have largely revolved around improved stability and thread support.