Opened 16 years ago
Closed 16 years ago
#2605 closed bug (fixed)
PANIC: remove page 0x91d43ae8 from cache 0x976e5f78: page still has mappings!
| Reported by: | emitrax | Owned by: | bonefish |
|---|---|---|---|
| Priority: | high | Milestone: | R1 |
| Component: | System | Version: | R1/pre-alpha1 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
runtime_loader: cannot open file pe
heap_add_area: area 6468 added to small heap 0x90b62000 - usable range 0x99c07000 - 0x9a000000
PANIC: remove page 0x91d43ae8 from cache 0x976e5f78: page still has mappings!
Welcome to Kernel Debugging Land...
Thread 463 "execvp" running on CPU 0
kdebug> bt
stack trace for thread 463 "execvp"
kernel stack: 0x99650000 to 0x99654000
user stack: 0x78186000 to 0x781c6000
frame caller <image>:function + offset
0 99653584 (+ 48) 800556fd <kernel>:invoke_debugger_command + 0x00f5
1 996535b4 (+ 64) 800554ed <kernel>:invoke_pipe_segment__FP21debugger_command_pipelPc + 0x0079
2 996535f4 (+ 64) 80055875 <kernel>:invoke_debugger_command_pipe + 0x009d
3 99653634 (+ 48) 80056750 <kernel>:_ParseCommandPipe__16ExpressionParserRi + 0x0234
4 99653664 (+ 48) 80056106 <kernel>:EvaluateCommand__16ExpressionParserPCcRi + 0x01de
5 99653694 (+ 224) 80057b1c <kernel>:evaluate_debug_command + 0x0088
6 99653774 (+ 64) 80053b3a <kernel>:kernel_debugger_loop__Fv + 0x01ae
7 996537b4 (+ 48) 80054703 <kernel>:kernel_debugger + 0x0117
8 996537e4 (+ 192) 800545e1 <kernel>:panic + 0x0029
9 996538a4 (+ 96) 800aedf3 <kernel>:Delete__7VMCache + 0x0077
10 99653904 (+ 64) 800af278 <kernel>:Unlock__7VMCache + 0x0124
11 99653944 (+ 64) 800b07bf <kernel>:_RemoveConsumer__7VMCacheP7VMCache + 0x008f
12 99653984 (+ 96) 800af0ea <kernel>:Delete__7VMCache + 0x036e
13 996539e4 (+ 64) 800af278 <kernel>:Unlock__7VMCache + 0x0124
14 99653a24 (+ 48) 800af37f <kernel>:ReleaseRef__7VMCache + 0x002b
15 99653a54 (+ 48) 800a8aa6 <kernel>:delete_area__FP16vm_address_spaceP7vm_area + 0x00aa
16 99653a84 (+ 48) 800aaa41 <kernel>:vm_delete_areas + 0x0079
17 99653ab4 (+ 80) 80048f8d <kernel>:exec_team__FPCcRPPcUlll + 0x0129
18 99653b04 (+1088) 8004b5d4 <kernel>:_user_exec + 0x0084
19 99653f44 (+ 100) 800bad72 <kernel>:pre_syscall_debug_done + 0x0002 (nearest)
user iframe at 0x99653fa8 (end = 0x99654000)
eax 0x22 ebx 0xa1bce0 ecx 0x781c4840 edx 0xffff0104
esi 0x781c6008 edi 0x15 ebp 0x781c498c esp 0x99653fdc
eip 0xffff0104 eflags 0x203 user esp 0x781c4840
vector: 0x63, error code: 0x0
20 99653fa8 (+ 0) ffff0104
21 781c498c (+1152) 009fbadb </boot/beos/system/lib/libroot.so@0x0096f000>:unknown + 0x8cadb
22 781c4e0c (+4464) 002eefe3 </boot/apps/pe-2.4.1-x86/pe@0x00200000>:unknown + 0xeefe3
23 781c5f7c (+ 48) 00362dc6 </boot/apps/pe-2.4.1-x86/lib/libhekkel.so@0x00332000>:unknown + 0x30dc6
24 781c5fac (+ 48) 00993bc0 </boot/beos/system/lib/libroot.so@0x0096f000>:unknown + 0x24bc0
25 781c5fdc (+ 0) 781c5fec 6629:execvp_462_stack@0x78186000 + 0x3ffec
kdebug> cache 0x976e5f78
CACHE 0x976e5f78:
ref_count: 0
source: 0x00000000
type: RAM
virtual_base: 0x0
virtual_end: 0x1e8000
temporary: 1
scan_skip: 0
lock: 0x976e5fc0
lock.holder: 463
areas:
consumers:
pages:
101 in cache
kdebug> page 0x91d43a90
PAGE: 0x91d43a90
queue_next,prev: 0x91d43c1c, 0x91d43a38
physical_number: ae6c
cache: 0x976e5f78
cache_offset: 292
cache_next: 0x00000000
type: 0
state: modified
wired_count: 0
usage_count: 3
busy_writing: 0
area mappings:
0x976b7af0 (0x1912)
kdebug> area 0x976b7af0
AREA: 0x80303000
name: 'additional heap'
owner: 0x1
id: 0x171f
base: 0x97400000
size: 0x400000
protection: 0x30
wiring: 0x2
memory_type: 0x0
cache: 0x80302000
cache_type: RAM
cache_offset: 0x0
cache_next: 0x00000000
cache_prev: 0x00000000
page mappings: 0
Change History (4)
comment:1 by , 16 years ago
comment:2 by , 16 years ago
| Component: | - General → System |
|---|
This appears to be readily reproducible using the pe editor:
- Open the pe editor.
- Press the enter key on the numeric keypad on an empty line. (Or press the "execute" button in the toolbar.)
comment:3 by , 16 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
Unfortunately you printed the wrong area. Somewhat inconsistently the parameter to "area" is not the address of the vm_area structure, but any address in the area. Or an area ID. It would also be interesting what's the parameters of the delete_area() call (particularly the area).