Date: Wed, 15 Feb 2006 17:54:21 -0500 From: Kris Kennaway <kris@obsecurity.org> To: Dan Nelson <dnelson@allantgroup.com> Cc: Ivan Kolosovskiy <agava-develop@yandex.ru>, freebsd-stable@freebsd.org, Kris Kennaway <kris@obsecurity.org> Subject: Re: Strange process Message-ID: <20060215225421.GA56725@xor.obsecurity.org> In-Reply-To: <20060215223432.GH70956@dan.emsphone.com> References: <1140027060.83368.11.camel@r4.agava-guns.domain> <20060215194204.GC70956@dan.emsphone.com> <20060215215608.GA55676@xor.obsecurity.org> <20060215223432.GH70956@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Feb 15, 2006 at 04:34:32PM -0600, Dan Nelson wrote: > In the last episode (Feb 15), Kris Kennaway said: > > On Wed, Feb 15, 2006 at 01:42:04PM -0600, Dan Nelson wrote: > > > In the last episode (Feb 15), Ivan Kolosovskiy said: > > > > top: > > > > PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COM= MAND > > > > 38410 findfile 1 96 0 0K 0K START 0 0:00 0.00% g= rotty > > > >=20 > > > > ps: > > > > host$ ps -waux | grep grotty > > > > findfile 38410 0,0 0,0 0 0 p6 REJ 19:57 0:00,25 [g= rotty] > > >=20 > > > E in the STAT column means the process is trying to exit, but > > > can't. What does "ps lp 38410" print? The MWCHAN column should say > > > where in the kernel the process is stuck. > >=20 > > I often see this too. For example: > >=20 > > PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMA= ND > > 5357 kkenn 1 96 0 0K 0K START 0:00 0.35% xpdf > >=20 > > > ps -waux | grep xpdf > > kkenn 5357 0.3 0.0 0 0 ?? RE Sun08PM 0:00.20 [xpdf] > >=20 > > > ps lp 5357 > > UID PID PPID CPU PRI NI VSZ RSS MWCHAN STAT TT TIME COM= MAND >=20 > That syntax should have worked... Try a plain "px axl | grep xpdf" > instead. You're not mistaken, it's just not there. > ps axl | grep xpdf 1000 5357 78788 2 96 0 0 0 - RE ?? 0:00.20 [xpdf] > ps -p 5357 PID TT STAT TIME COMMAND Kris > I think top's START state corresponds to the ~200-line window of code > in kern_fork.c:fork1() between p_state=3DPRS_NEW and p_state=3DPRS_NORMAL, > but I'm not positive. >=20 > --=20 > Dan Nelson > dnelson@allantgroup.com > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >=20 --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD87EdWry0BWjoQKURAroUAJ9Bl8Qm48qBMJDAPt/WnUgeuFdH7wCgmPIL puMf+fmxMhvNkdoJt6fwgWQ= =ZiuL -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060215225421.GA56725>