Opened 17 years ago
Closed 16 years ago
#1982 closed bug (fixed)
unmount bug: PANIC: vm_page_fault: unhandled page fault in kernel
Reported by: | thorn | Owned by: | axeld |
---|---|---|---|
Priority: | high | Milestone: | R1 |
Component: | System/Kernel | Version: | R1/pre-alpha1 |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Platform: | x86 |
Description
Haiku hrev24635
how to repeat:
- mount bfs volume from tracker (for example /work)
- in terminal - cd /work
- in tracker - unmount volume and press 'cancel'
- in tracker - unmount volume again
- in terminal - ls
vm_soft_fault: va 0xdeadbef3 not covered by area in address space vm_page_fault: vm_soft_fault returned error 'Bad address' on fault at 0xdeadbef3, ip 0x80047d37, write 0, user 0, thread 0x86 PANIC: vm_page_fault: unhandled page fault in kernel space at 0xdeadbef3, ip 0x80047d37 Welcome to Kernel Debugging Land... Running on CPU 0 kdebug> bt stack trace for thread 134 "sh" kernel stack: 0x92720000 to 0x92724000 user stack: 0x7efe7000 to 0x7ffe7000 frame caller <image>:function + offset 92723a18 (+ 52) 800843f3 <kernel>:invoke_debugger_command + 0x00cf 92723a4c (+ 64) 80085194 <kernel>:_ParseCommand__16ExpressionParserRi + 0x01f8 92723a8c (+ 48) 80084b86 <kernel>:EvaluateCommand__16ExpressionParserPCcRi + 0x01de 92723abc (+ 228) 800862a8 <kernel>:evaluate_debug_command + 0x0088 92723ba0 (+ 64) 80082f36 <kernel>:kernel_debugger_loop__Fv + 0x017a 92723be0 (+ 48) 80083be1 <kernel>:kernel_debugger + 0x010d 92723c10 (+ 192) 80083ac9 <kernel>:panic + 0x0029 92723cd0 (+ 64) 8005ca63 <kernel>:vm_page_fault + 0x00ab 92723d10 (+ 64) 80090a85 <kernel>:page_fault_exception + 0x00b1 92723d50 (+ 12) 8009418d <kernel>:int_bottom + 0x001d (nearest) iframe at 0x92723d5c (end = 0x92723db4) eax 0xdeadbeef ebx 0x90a24c00 ecx 0x800c7e7b edx 0x2e esi 0x90a24c01 edi 0x90b44880 ebp 0x92723df4 esp 0x92723d90 eip 0x80047d37 eflags 0x10206 vector: 0xe, error code: 0x0 92723d5c (+ 152) 80047d37 <kernel>:vnode_path_to_vnode__FP5vnodePcbiPP5vnodePxPi + 0x0103 92723df4 (+ 64) 800480ee <kernel>:path_to_vnode__FPcbPP5vnodePxT1 + 0x00de 92723e34 (+ 64) 800488c9 <kernel>:fd_and_path_to_vnode__FiPcbPP5vnodePxT2 + 0x0061 92723e74 (+ 64) 8004ccd5 <kernel>:common_path_read_stat__FiPcbP4statT2 + 0x0031 92723eb4 (+ 144) 8005198b <kernel>:_user_read_stat + 0x00eb 92723f44 (+ 100) 80094302 <kernel>:pre_syscall_debug_done + 0x0002 (nearest) iframe at 0x92723fa8 (end = 0x92724000) eax 0x72 ebx 0x33459c ecx 0x7ffe6c10 edx 0xffff0104 esi 0x0 edi 0x1800ce13 ebp 0x7ffe6c4c esp 0x92723fdc eip 0xffff0104 eflags 0x207 vector: 0x63, error code: 0x0 92723fa8 (+ 0) ffff0104 7ffe6c4c (+ 48) 00310499 <libroot.so>:stat + 0x0025 7ffe6c7c (+ 128) 00244f57 <_APP_>:user_command_matches + 0x04cb (nearest) 7ffe6cfc (+ 48) 00244882 <_APP_>:find_path_file + 0x009a (nearest) 7ffe6d2c (+ 48) 002448af <_APP_>:find_path_file + 0x00c7 (nearest) 7ffe6d5c (+ 48) 002447e1 <_APP_>:find_user_command + 0x0021 7ffe6d8c (+ 48) 00244a50 <_APP_>:search_for_command + 0x0138 7ffe6dbc (+ 48) 00227bcc <_APP_>:setup_async_signals + 0x00dc (nearest) 7ffe6dec (+ 112) 002271c1 <_APP_>:execute_command_internal + 0x344d (nearest) 7ffe6e5c (+ 96) 00224232 <_APP_>:execute_command_internal + 0x04be 7ffe6ebc (+ 80) 00223bbd <_APP_>:execute_command + 0x0065 7ffe6f0c (+ 48) 0021f879 <_APP_>:reader_loop + 0x01d1 7ffe6f3c (+ 64) 0021dab6 <_APP_>:main + 0x07b2 7ffe6f7c (+ 48) 00216773 <_APP_>:_start + 0x005b 7ffe6fac (+ 48) 0010078e 1358:runtime_loader_seg0ro@0x00100000 + 0x78e 7ffe6fdc (+ 0) 7ffe6fec 1357:sh_main_stack@0x7efe7000 + 0xffffec kdebug>
Attachments (1)
Change History (5)
comment:1 by , 17 years ago
Priority: | normal → high |
---|
comment:2 by , 17 years ago
Experimentally proved: each time the fs_unmount is called for a busy volume, the volume's refcount is decreased by one. Seems like some excess release call there.
comment:3 by , 17 years ago
/src/system/kernel/fs/vfs.cpp
Line 6607 is not needed. At that point the root node seems like already released in the line 6542.
Note:
See TracTickets
for help on using tickets.
Perfectly reproducible here.