Re: Page fault in amd64 pmap_qremove from vm_thread_new()

From: Kris Kennaway <kris_at_obsecurity.org> Date: Wed, 14 Feb 2007 02:22:59 -0500 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:05 UTC

On Tue, Feb 13, 2007 at 02:10:30PM -0500, Kris Kennaway wrote:

> > > db> wh
> > > Tracing pid 18747 tid 142909 td 0xffffff0095710cd0
> > > pmap_qremove() at pmap_qremove+0x2d
> > > vm_thread_new() at vm_thread_new+0x8d
> > > thread_init() at thread_init+0x16
> > > slab_zalloc() at slab_zalloc+0x282
> > > uma_zone_slab() at uma_zone_slab+0x1ae
> > > uma_zalloc_bucket() at uma_zalloc_bucket+0x19d
> > > uma_zalloc_arg() at uma_zalloc_arg+0x3a3
> > > thread_alloc() at thread_alloc+0x1f
> > > create_thread() at create_thread+0xc5
> > > kern_thr_new() at kern_thr_new+0x75
> > > thr_new() at thr_new+0x62
> > > syscall() at syscall+0x310
> > > Xfast_syscall() at Xfast_syscall+0xab
> > > --- syscall (455, FreeBSD ELF64, thr_new), rip = 0x8007a1cac, rsp = 0x7fffffffdef8, rbp = 0 ---

I think this is the same as this i386 panic

panic: vm_thread_new: kstack allocation failed
cpuid = 2
KDB: enter: panic
[thread pid 15585 tid 100749 ]
Stopped at      kdb_enter+0x2b: nop
db> wh
Tracing pid 15585 tid 100749 td 0xc5a0cae0
kdb_enter(c06c5686) at kdb_enter+0x2b
panic(c06dcb57,0,c0630aee,c5a0cae0,c4ca2c80,...) at panic+0x11c
vm_thread_new(d0d3bae0,0,6,e815cb40,c062f9e2,...) at vm_thread_new+0x6b
thread_init(d0d3bae0,1c8,102) at thread_init+0xf
slab_zalloc(c10661e0,102,c10661e0,c10661e0,c1074d00,...) at slab_zalloc+0x21a
uma_zone_slab(c10661e0,2,c1074d08,0,c06dc0b3,893) at uma_zone_slab+0x138
uma_zalloc_internal(c10661e0,0,2,c1074d08,0,...) at uma_zalloc_internal+0x29
uma_zalloc_arg(c10661e0,0,2) at uma_zalloc_arg+0x303
thread_alloc(0,c5a11b40,c5a11b40,c5a0cae0,c5a0cae0,...) at thread_alloc+0x17
create_thread(c5a0cae0,0,28083554,8057900,ba0a7000,...) at create_thread+0x91
kern_thr_new(c5a0cae0,e815cc44,28083554,8057900,ba0a7000,...) at kern_thr_new+0x4e
thr_new(c5a0cae0,e815cd00) at thr_new+0x41
syscall(e815cd38) at syscall+0x242
Xint0x80_syscall() at Xint0x80_syscall+0x20
--- syscall (0, FreeBSD ELF32, nosys), eip = 0x2, esp = 0x292, ebp = 0x8057900 ---

but I wonder why it didn't fail in the same way?

Kris