From owner-freebsd-stable@freebsd.org Mon May 14 12:35:11 2018 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BDAC7D91523 for ; Mon, 14 May 2018 12:35:10 +0000 (UTC) (envelope-from eugene@zhegan.in) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 508586E18E for ; Mon, 14 May 2018 12:35:10 +0000 (UTC) (envelope-from eugene@zhegan.in) Received: by mailman.ysv.freebsd.org (Postfix) id 0D7DDD91520; Mon, 14 May 2018 12:35:10 +0000 (UTC) Delivered-To: stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DA54BD9151F for ; Mon, 14 May 2018 12:35:09 +0000 (UTC) (envelope-from eugene@zhegan.in) Received: from elf.hq.norma.perm.ru (mail.norma.perm.ru [IPv6:2a00:7540:1::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.norma.perm.ru", Issuer "Vivat-Trade UNIX Root CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 35A436E18C for ; Mon, 14 May 2018 12:35:09 +0000 (UTC) (envelope-from eugene@zhegan.in) Received: from bsdrookie.norma.com. (asterisk.enaza.ru [91.237.76.254]) by elf.hq.norma.perm.ru (8.15.2/8.15.2) with ESMTPS id w4ECZ61R055289 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Mon, 14 May 2018 17:35:06 +0500 (YEKT) (envelope-from eugene@zhegan.in) Subject: Re: extract the process arguments from the crashdump To: stable@FreeBSD.org References: <42c36979-9857-65fb-89e8-997eac1c2d61@zhegan.in> <20180514111551.GG6887@kib.kiev.ua> From: "Eugene M. Zheganin" Message-ID: Date: Mon, 14 May 2018 17:35:06 +0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <20180514111551.GG6887@kib.kiev.ua> Content-Type: text/plain; charset=koi8-r; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Spamd-Result: default: False [-998.10 / 25.00] WHITELISTED_IPS(-999.00)[91.237.76.254] AUTH_NA(1.00)[] ARC_NA(0.00)[] IP_SCORE(0.00)[ip: (-9.89), ipnet: 91.237.76.0/24(-7.85), asn: 57973(-4.91), country: RU(0.14)] RCVD_COUNT_TWO(0.00)[2] ASN(0.00)[asn:57973, ipnet:91.237.76.0/24, country:RU] TO_DN_NONE(0.00)[] R_DKIM_NA(0.00)[] TO_MATCH_ENVRCPT_ALL(0.00)[] FROM_EQ_ENVFROM(0.00)[] R_SPF_NA(0.00)[] RCPT_COUNT_ONE(0.00)[1] DMARC_NA(0.00)[zhegan.in] MIME_GOOD(-0.10)[text/plain] MID_RHS_MATCH_FROM(0.00)[] FROM_HAS_DN(0.00)[] RCVD_TLS_ALL(0.00)[] X-Rspamd-Server: localhost X-Rspamd-Scan-Time: 0.68 X-Rspamd-Queue-ID: w4ECZ61R055289 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 May 2018 12:35:11 -0000 Hello, On 14.05.2018 16:15, Konstantin Belousov wrote: > On Mon, May 14, 2018 at 01:02:28PM +0500, Eugene M. Zheganin wrote: >> Hello, >> >> >> Is there any way to extract the process arguments from the system >> crashdump ? If yes, could anyone please explain to me how do I do it. > ps -M vmcore.file -N /boot/mykernel/kernel -auxww Even if I ask ps explicitely to give me args, for some reason it ignores the format and 'args' keyword seems to be an alias for 'comm', but with square brackets: [root@san1:esx/r332096M]# ps -M vmcore.4 -N /boot/kernel/kernel -axo 'pid,ppid,comm,args' PID PPID COMMAND COMMAND 0 0 kernel [kernel] 1 0 init [init] 2 0 crypto [crypto] 3 0 crypto returns [crypto returns] 4 0 cam [cam] 5 0 soaiod1 [soaiod1] 6 0 soaiod2 [soaiod2] 7 0 soaiod3 [soaiod3] 8 0 soaiod4 [soaiod4] 9 0 zfskern [zfskern] 10 0 audit [audit] 11 0 idle [idle] 12 0 intr [intr] 13 0 geom [geom] 14 0 usb [usb] 15 0 sctp_iterator [sctp_iterator] 16 0 pf purge [pf purge] 17 0 rand_harvestq [rand_harvestq] 18 0 enc_daemon0 [enc_daemon0] 19 0 enc_daemon1 [enc_daemon1] 20 0 enc_daemon2 [enc_daemon2] 21 0 g_mirror swap [g_mirror swap] 22 0 pagedaemon [pagedaemon] 23 0 vmdaemon [vmdaemon] 24 0 pagezero [pagezero] 25 0 bufdaemon [bufdaemon] 26 0 bufspacedaemon [bufspacedaemon] 27 0 syncer [syncer] 28 0 vnlru [vnlru] 114 1 adjkerntz [adjkerntz] 593 1 moused [moused] 606 1 devd [devd] 701 1 syslogd [syslogd] 784 1 watchdogd [watchdogd] 866 0 ctl [ctl] 868 1 ctld [ctld] 894 1 zabbix_agentd [zabbix_agentd] 898 894 zabbix_agentd [zabbix_agentd] 901 894 zabbix_agentd [zabbix_agentd] 905 894 zabbix_agentd [zabbix_agentd] 907 894 zabbix_agentd [zabbix_agentd] 949 1 ntpd [ntpd] 968 1 nginx [nginx] 978 0 ng_queue [ng_queue] 1069 1 sshd [sshd] 1151 1 sendmail [sendmail] 1154 1 sendmail [sendmail] 1158 1 cron [cron] 1197 1 bsnmpd [bsnmpd] 1200 1 blacklistd [blacklistd] 1210 1 getty [getty] 1211 1 getty [getty] 1212 1 getty [getty] 1213 1 getty [getty] 1214 1 getty [getty] 1215 1 getty [getty] 1216 1 getty [getty] 1217 1 getty [getty] 1218 1 getty [getty] 12970 968 nginx [nginx] 12971 968 nginx [nginx] 12972 968 nginx [nginx] 12973 968 nginx [nginx] 12974 968 nginx [nginx] 12975 968 nginx [nginx] 12976 968 nginx [nginx] 12977 968 nginx [nginx] 12978 968 nginx [nginx] 12979 968 nginx [nginx] 12980 968 nginx [nginx] 12981 968 nginx [nginx] 12982 968 nginx [nginx] 12983 968 nginx [nginx] 12984 968 nginx [nginx] 12985 968 nginx [nginx] 12986 968 nginx [nginx] 32835 1069 sshd [sshd] 32884 32835 sshd [sshd] 32885 32884 zsh [zsh] 32929 32885 su [su] 32948 32929 csh [csh] 32964 32948 sh [sh] 32965 32964 mc [mc] 32966 32965 csh [csh] 48747 67993 sudo [sudo] 48750 67988 sudo [sudo] 48757 48750 zfs [zfs] 48758 48747 zfs [zfs] 48759 67990 sudo [sudo] 48762 48759 zfs [zfs] 48765 67997 sudo [sudo] 48766 48765 zfs [zfs] 48769 67984 sudo [sudo] 48770 48769 zfs [zfs] 48771 67996 sudo [sudo] 48772 48771 zfs [zfs] 48785 67991 sudo [sudo] 48786 48785 ctladm [ctladm] 48787 67983 sudo [sudo] 48788 48787 ctladm [ctladm] 48789 67986 sudo [sudo] 48790 48789 ctladm [ctladm] 48791 67985 sudo [sudo] 48792 48791 ctladm [ctladm] 48796 67987 sudo [sudo] 48797 48796 zfs [zfs] 67980 1 uwsgi [uwsgi] 67981 67980 uwsgi [uwsgi] 67982 67980 uwsgi [uwsgi] 67983 67980 uwsgi [uwsgi] 67984 67980 uwsgi [uwsgi] 67985 67980 uwsgi [uwsgi] 67986 67980 uwsgi [uwsgi] 67987 67980 uwsgi [uwsgi] 67988 67980 uwsgi [uwsgi] 67989 67980 uwsgi [uwsgi] 67990 67980 uwsgi [uwsgi] 67991 67980 uwsgi [uwsgi] 67992 67980 uwsgi [uwsgi] 67993 67980 uwsgi [uwsgi] 67994 67980 uwsgi [uwsgi] 67995 67980 uwsgi [uwsgi] 67996 67980 uwsgi [uwsgi] 67997 67980 uwsgi [uwsgi] Thanks. Eugene.