Opened 16 years ago
Closed 16 years ago
#2605 closed bug (fixed)
PANIC: remove page 0x91d43ae8 from cache 0x976e5f78: page still has mappings!
Reported by: | emitrax | Owned by: | bonefish |
---|---|---|---|
Priority: | high | Milestone: | R1 |
Component: | System | Version: | R1/pre-alpha1 |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Platform: | All |
Description
runtime_loader: cannot open file pe heap_add_area: area 6468 added to small heap 0x90b62000 - usable range 0x99c07000 - 0x9a000000 PANIC: remove page 0x91d43ae8 from cache 0x976e5f78: page still has mappings! Welcome to Kernel Debugging Land... Thread 463 "execvp" running on CPU 0 kdebug> bt stack trace for thread 463 "execvp" kernel stack: 0x99650000 to 0x99654000 user stack: 0x78186000 to 0x781c6000 frame caller <image>:function + offset 0 99653584 (+ 48) 800556fd <kernel>:invoke_debugger_command + 0x00f5 1 996535b4 (+ 64) 800554ed <kernel>:invoke_pipe_segment__FP21debugger_command_pipelPc + 0x0079 2 996535f4 (+ 64) 80055875 <kernel>:invoke_debugger_command_pipe + 0x009d 3 99653634 (+ 48) 80056750 <kernel>:_ParseCommandPipe__16ExpressionParserRi + 0x0234 4 99653664 (+ 48) 80056106 <kernel>:EvaluateCommand__16ExpressionParserPCcRi + 0x01de 5 99653694 (+ 224) 80057b1c <kernel>:evaluate_debug_command + 0x0088 6 99653774 (+ 64) 80053b3a <kernel>:kernel_debugger_loop__Fv + 0x01ae 7 996537b4 (+ 48) 80054703 <kernel>:kernel_debugger + 0x0117 8 996537e4 (+ 192) 800545e1 <kernel>:panic + 0x0029 9 996538a4 (+ 96) 800aedf3 <kernel>:Delete__7VMCache + 0x0077 10 99653904 (+ 64) 800af278 <kernel>:Unlock__7VMCache + 0x0124 11 99653944 (+ 64) 800b07bf <kernel>:_RemoveConsumer__7VMCacheP7VMCache + 0x008f 12 99653984 (+ 96) 800af0ea <kernel>:Delete__7VMCache + 0x036e 13 996539e4 (+ 64) 800af278 <kernel>:Unlock__7VMCache + 0x0124 14 99653a24 (+ 48) 800af37f <kernel>:ReleaseRef__7VMCache + 0x002b 15 99653a54 (+ 48) 800a8aa6 <kernel>:delete_area__FP16vm_address_spaceP7vm_area + 0x00aa 16 99653a84 (+ 48) 800aaa41 <kernel>:vm_delete_areas + 0x0079 17 99653ab4 (+ 80) 80048f8d <kernel>:exec_team__FPCcRPPcUlll + 0x0129 18 99653b04 (+1088) 8004b5d4 <kernel>:_user_exec + 0x0084 19 99653f44 (+ 100) 800bad72 <kernel>:pre_syscall_debug_done + 0x0002 (nearest) user iframe at 0x99653fa8 (end = 0x99654000) eax 0x22 ebx 0xa1bce0 ecx 0x781c4840 edx 0xffff0104 esi 0x781c6008 edi 0x15 ebp 0x781c498c esp 0x99653fdc eip 0xffff0104 eflags 0x203 user esp 0x781c4840 vector: 0x63, error code: 0x0 20 99653fa8 (+ 0) ffff0104 21 781c498c (+1152) 009fbadb </boot/beos/system/lib/libroot.so@0x0096f000>:unknown + 0x8cadb 22 781c4e0c (+4464) 002eefe3 </boot/apps/pe-2.4.1-x86/pe@0x00200000>:unknown + 0xeefe3 23 781c5f7c (+ 48) 00362dc6 </boot/apps/pe-2.4.1-x86/lib/libhekkel.so@0x00332000>:unknown + 0x30dc6 24 781c5fac (+ 48) 00993bc0 </boot/beos/system/lib/libroot.so@0x0096f000>:unknown + 0x24bc0 25 781c5fdc (+ 0) 781c5fec 6629:execvp_462_stack@0x78186000 + 0x3ffec kdebug> cache 0x976e5f78 CACHE 0x976e5f78: ref_count: 0 source: 0x00000000 type: RAM virtual_base: 0x0 virtual_end: 0x1e8000 temporary: 1 scan_skip: 0 lock: 0x976e5fc0 lock.holder: 463 areas: consumers: pages: 101 in cache kdebug> page 0x91d43a90 PAGE: 0x91d43a90 queue_next,prev: 0x91d43c1c, 0x91d43a38 physical_number: ae6c cache: 0x976e5f78 cache_offset: 292 cache_next: 0x00000000 type: 0 state: modified wired_count: 0 usage_count: 3 busy_writing: 0 area mappings: 0x976b7af0 (0x1912) kdebug> area 0x976b7af0 AREA: 0x80303000 name: 'additional heap' owner: 0x1 id: 0x171f base: 0x97400000 size: 0x400000 protection: 0x30 wiring: 0x2 memory_type: 0x0 cache: 0x80302000 cache_type: RAM cache_offset: 0x0 cache_next: 0x00000000 cache_prev: 0x00000000 page mappings: 0
Change History (4)
comment:1 by , 16 years ago
comment:2 by , 16 years ago
Component: | - General → System |
---|
This appears to be readily reproducible using the pe editor:
- Open the pe editor.
- Press the enter key on the numeric keypad on an empty line. (Or press the "execute" button in the toolbar.)
comment:3 by , 16 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
Unfortunately you printed the wrong area. Somewhat inconsistently the parameter to "area" is not the address of the vm_area structure, but any address in the area. Or an area ID. It would also be interesting what's the parameters of the delete_area() call (particularly the area).