1) Get the process ID of the suspect process:
# ps -eaf | grep -i suspect_process, this gives process ID
#pstack core.<proc_id>
pstack proc_id > pstack_core.out : its gives call stack of a process
pmap proc_id > pmap_core.out
pmap lists
Address: start address of map
Kbytes: size of map in kilobytes
RSS: resident set size in kilobytes
Dirty: dirty pages (both shared and private) in kilobytes
Mode: permissions on map: read, write, execute, shared, private (copy on write)
Mapping: '[ anon ]' for allocated memory, or '[ stack ]' for the program stack
Offset: offset into the file
Device: device name (major:minor)
pflags proc_id > pflags_core.out : prints process flags
pldd proc_id > pldd_core.out : lists of the library loaded of the process.
No comments:
Post a Comment