Opened 11 years ago

Closed 11 years ago

#2605 closed bug (fixed)

PANIC: remove page 0x91d43ae8 from cache 0x976e5f78: page still has mappings!

Reported by: emitrax Owned by: bonefish
Priority: high Milestone: R1
Component: System Version: R1/pre-alpha1
Keywords: Cc:
Blocked By: Blocking:
Has a Patch: no Platform: All

Description

runtime_loader: cannot open file pe
heap_add_area: area 6468 added to small heap 0x90b62000 - usable range 0x99c07000 - 0x9a000000
PANIC: remove page 0x91d43ae8 from cache 0x976e5f78: page still has mappings!

Welcome to Kernel Debugging Land...
Thread 463 "execvp" running on CPU 0
kdebug> bt
stack trace for thread 463 "execvp"
    kernel stack: 0x99650000 to 0x99654000
      user stack: 0x78186000 to 0x781c6000
frame            caller     <image>:function + offset
 0 99653584 (+  48) 800556fd   <kernel>:invoke_debugger_command + 0x00f5
 1 996535b4 (+  64) 800554ed   <kernel>:invoke_pipe_segment__FP21debugger_command_pipelPc + 0x0079
 2 996535f4 (+  64) 80055875   <kernel>:invoke_debugger_command_pipe + 0x009d
 3 99653634 (+  48) 80056750   <kernel>:_ParseCommandPipe__16ExpressionParserRi + 0x0234
 4 99653664 (+  48) 80056106   <kernel>:EvaluateCommand__16ExpressionParserPCcRi + 0x01de
 5 99653694 (+ 224) 80057b1c   <kernel>:evaluate_debug_command + 0x0088
 6 99653774 (+  64) 80053b3a   <kernel>:kernel_debugger_loop__Fv + 0x01ae
 7 996537b4 (+  48) 80054703   <kernel>:kernel_debugger + 0x0117
 8 996537e4 (+ 192) 800545e1   <kernel>:panic + 0x0029
 9 996538a4 (+  96) 800aedf3   <kernel>:Delete__7VMCache + 0x0077
10 99653904 (+  64) 800af278   <kernel>:Unlock__7VMCache + 0x0124
11 99653944 (+  64) 800b07bf   <kernel>:_RemoveConsumer__7VMCacheP7VMCache + 0x008f
12 99653984 (+  96) 800af0ea   <kernel>:Delete__7VMCache + 0x036e
13 996539e4 (+  64) 800af278   <kernel>:Unlock__7VMCache + 0x0124
14 99653a24 (+  48) 800af37f   <kernel>:ReleaseRef__7VMCache + 0x002b
15 99653a54 (+  48) 800a8aa6   <kernel>:delete_area__FP16vm_address_spaceP7vm_area + 0x00aa
16 99653a84 (+  48) 800aaa41   <kernel>:vm_delete_areas + 0x0079
17 99653ab4 (+  80) 80048f8d   <kernel>:exec_team__FPCcRPPcUlll + 0x0129
18 99653b04 (+1088) 8004b5d4   <kernel>:_user_exec + 0x0084
19 99653f44 (+ 100) 800bad72   <kernel>:pre_syscall_debug_done + 0x0002 (nearest)
user iframe at 0x99653fa8 (end = 0x99654000)
 eax 0x22           ebx 0xa1bce0        ecx 0x781c4840   edx 0xffff0104
 esi 0x781c6008     edi 0x15            ebp 0x781c498c   esp 0x99653fdc
 eip 0xffff0104  eflags 0x203      user esp 0x781c4840
 vector: 0x63, error code: 0x0
20 99653fa8 (+   0) ffff0104
21 781c498c (+1152) 009fbadb   </boot/beos/system/lib/libroot.so@0x0096f000>:unknown + 0x8cadb
22 781c4e0c (+4464) 002eefe3   </boot/apps/pe-2.4.1-x86/pe@0x00200000>:unknown + 0xeefe3
23 781c5f7c (+  48) 00362dc6   </boot/apps/pe-2.4.1-x86/lib/libhekkel.so@0x00332000>:unknown + 0x30dc6
24 781c5fac (+  48) 00993bc0   </boot/beos/system/lib/libroot.so@0x0096f000>:unknown + 0x24bc0
25 781c5fdc (+   0) 781c5fec   6629:execvp_462_stack@0x78186000 + 0x3ffec

kdebug> cache 0x976e5f78
CACHE 0x976e5f78:
  ref_count:    0
  source:       0x00000000
  type:         RAM
  virtual_base: 0x0
  virtual_end:  0x1e8000
  temporary:    1
  scan_skip:    0
  lock:         0x976e5fc0
  lock.holder:  463
  areas:
  consumers:
  pages:
    101 in cache
kdebug> page 0x91d43a90
PAGE: 0x91d43a90
queue_next,prev: 0x91d43c1c, 0x91d43a38
physical_number: ae6c
cache:           0x976e5f78
cache_offset:    292
cache_next:      0x00000000
type:            0
state:           modified
wired_count:     0
usage_count:     3
busy_writing:    0
area mappings:
  0x976b7af0 (0x1912)

kdebug> area 0x976b7af0
AREA: 0x80303000
name:       'additional heap'
owner:      0x1
id:     0x171f
base:       0x97400000
size:       0x400000
protection: 0x30
wiring:     0x2
memory_type:    0x0
cache:      0x80302000
cache_type: RAM
cache_offset:   0x0
cache_next: 0x00000000
cache_prev: 0x00000000
page mappings:  0

Change History (4)

comment:1 Changed 11 years ago by bonefish

Unfortunately you printed the wrong area. Somewhat inconsistently the parameter to "area" is not the address of the vm_area structure, but any address in the area. Or an area ID. It would also be interesting what's the parameters of the delete_area() call (particularly the area).

comment:2 Changed 11 years ago by kfiresun

Component: - GeneralSystem

This appears to be readily reproducible using the pe editor:

  • Open the pe editor.
  • Press the enter key on the numeric keypad on an empty line. (Or press the "execute" button in the toolbar.)

comment:3 Changed 11 years ago by bonefish

Owner: changed from axeld to bonefish
Status: newassigned

comment:4 Changed 11 years ago by bonefish

Resolution: fixed
Status: assignedclosed

Fixed in hrev28296.

Note: See TracTickets for help on using tickets.