ProcDump is a very simple yet powerful command-line utility that monitors an application in Windows and writes a process dump file during a spike. You can use ProcDump to detect applications that block the UI thread and don't respond to window messages for at least five seconds.A few days ago, Mark Russinovich, a well-known member of Windows Sysinternals team, made the new version v3.02 of ProcDump available for download.

This command-line utility runs on most modern Windows versions and includes a very simple hung window monitoring. If you want to create responsive applications, you cannot accept a hung window that doesn't respond to messages because there is synchronous code running in the UI thread. Modern applications must provide a responsive UI and they must pass the hung window monitoring test. ProcDump uses the same definition of a window hang that Windows and its Task Manager use. Thus, if Windows Task Manager adds "Not Responding" to the application's window title and ProcDump is running the hung window monitoring for the application, ProcDump will write a process dump file.

You don't need to run an installer. You can unzip the procdump.exe executable file and run it from the command-line. You just have to specify either the process name or the PID (short for Process ID) as one of the parameters, -h, and the dump file name. ProcDump will start monitoring the specified process and it will write a process dump file if the window hangs. For example, the following line monitors the WindowHung.exe process:

procdump -h WindowHung.exe wh.dmp

Because the application runs a compute-intensive algorithm with a synchronous execution in the UI thread, the windows doesn't respond to window messages for eight seconds. ProcDump shows the hung window detected and writes the dump file:

C:\Sysinternals>procdump -h WindowHung.exe wh.dmp

ProcDump v3.02 - Writes process dump files Copyright (C) 2009-2011 Mark Russinovich Sysinternals - www.sysinternals.com

Process: WindowHung.exe (4904) CPU threshold: n/a Performance counter: n/a Commit threshold: n/a Threshold seconds: n/a Number of dumps: 1 Hung window check: Enabled Exception monitor: Disabled Terminate monitor: Disabled Dump file: C:\Sysinternals\wh.dmp

[20:03.47] Hung window detected.

Writing dump file C:\Sysinternals\wh_110215_200347.dmp … Dump written.

Dump count reached.

Because there were no additional parameters, ProcDump exits when it reaches the default dump count of one. Then, you can open the dump file with Visual Studio to analyze it. You can specify the desired number of dumps to write before exiting with the -n option followed by the number of dumps.

ProcDump is also useful to write dumps of a process when it exceeds certain CPU usage for a specified number of seconds. You just have to specify either the process name or the PID (short for Process ID) as one of the parameters, -c, the CPU threshold, -s, the consecutive seconds, and the dump file name. ProcDump will start monitoring the specified process and it will write a process dump file if the CPU usage is equal or higher than the CPU threshold for the specified consecutive seconds. For example, the following line monitors the ParallelTasks.exe process:

procdump -c 85 -s 8 ParallelTasks.exe CPU_usage.dmp

Because the application runs a compute-intensive algorithm in as many threads as available cores, the CPU usage is more than 85% for many seconds. ProcDump shows the CPU usage threshold reached for eight seconds and writes the dump file:

C:\Sysinternals>procdump -c 85 -s 8 ParallelTasks.exe CPU_usage.dmp

ProcDump v3.02 - Writes process dump files Copyright (C) 2009-2011 Mark Russinovich Sysinternals - www.sysinternals.com

Process: ParallelTasks.exe (6840) CPU threshold: 85% of system Performance counter: n/a Commit threshold: n/a Threshold seconds: 8 Number of dumps: 1 Hung window check: Disabled Exception monitor: Disabled Terminate monitor: Disabled Dump file: C:\Sysinternals\CPU_usage.dmp

[23:46.59] CPU: 87% 1s [23:47.00] CPU: 92% 2s [23:47.01] CPU: 95% 3s [23:47.02] CPU: 96% 4s [23:47.03] CPU: 95% 5s [23:47.04] CPU: 96% 6s [23:47.05] CPU: 98% 7s [23:47.06] CPU: 95% 8s

Process has hit CPU spike threshold. Writing dump file C:\Sysinternals\CPU_usage_110215_234706.dmp ... Dump written.

Dump count reached.

ProcDump has many other options and it can generate dumps based on the value of system performance counters. You can find other examples on the ProcDump page at Windows Sysinternals.