Opened 11 years ago

Closed 11 years ago

#2869 closed bug (fixed)

Unmounting partitions causes kernel panic 100% of the time with latest build: free(): address 0x90ec4bc0 already exists in page free list

Reported by: anevilyak Owned by: axeld
Priority: critical Milestone: R1/alpha1
Component: System/Kernel Version: R1/pre-alpha1
Keywords: Cc:
Blocked By: Blocking:
Has a Patch: no Platform: All

Description

stack trace for thread 201 "unmount"
    kernel stack: 0xa131a000 to 0xa131e000
      user stack: 0x7efef000 to 0x7ffef000
frame               caller     <image>:function + offset
 0 a131dad4 (+  48) 8005c8c9   <kernel_x86>:invoke_debugger_command + 0x00f5
 1 a131db04 (+  64) 8005c6b9   <kernel_x86> invoke_pipe_segment(debugger_command_pipe*: 0x80123de0, int32: 0, 0x0 "<NULL>") + 0x0079
 2 a131db44 (+  64) 8005ca40   <kernel_x86>:invoke_debugger_command_pipe + 0x009c
 3 a131db84 (+  48) 8005dfc8   <kernel_x86> ExpressionParser<0xa131dc38>::_ParseCommandPipe(0xa131dc34) + 0x0234
 4 a131dbb4 (+  64) 8005d402   <kernel_x86> ExpressionParser<0xa131dc38>::EvaluateCommand(0x80113a80 "bt", 0xa131dc34) + 0x02ba
 5 a131dbf4 (+ 224) 8005f3f0   <kernel_x86>:evaluate_debug_command + 0x0088
 6 a131dcd4 (+  64) 8005a8da   <kernel_x86> kernel_debugger_loop() + 0x01ae
 7 a131dd14 (+  32) 8005b705   <kernel_x86>:kernel_debugger + 0x004d
 8 a131dd34 (+ 192) 8005b6ad   <kernel_x86>:panic + 0x0029
 9 a131ddf4 (+  80) 80039546   <kernel_x86>:heap_free + 0x0586
10 a131de44 (+ 112) 80039f81   <kernel_x86>:free + 0x0045
11 a131deb4 (+  80) 8009d9cd   <kernel_x86> fs_unmount(0x915ffd60 "/HaikuData", int32: -1, uint32: 0x0 (0), false) + 0x0611
12 a131df04 (+  64) 8009f34a   <kernel_x86>:_user_unmount + 0x007a
13 a131df44 (+ 100) 800d00a1   <kernel_x86>:handle_syscall + 0x00be
user iframe at 0xa131dfa8 (end = 0xa131e000)
 eax 0x58           ebx 0x2b371c        ecx 0x7ffeeed0   edx 0xffff0104
 esi 0x7ffef5bc     edi 0x7ffef544      ebp 0x7ffeeefc   esp 0xa131dfdc
 eip 0xffff0104  eflags 0x203      user esp 0x7ffeeed0
 vector: 0x63, error code: 0x0
14 a131dfa8 (+   0) ffff0104   <commpage>:commpage_syscall + 0x0004
15 7ffeeefc (+ 128) 00200a71   <_APP_>:main + 0x00e1
16 7ffeef7c (+  48) 0020083b   <_APP_>:_start + 0x005b
17 7ffeefac (+  48) 001008ea   </boot/beos/system/runtime_loader@0x00100000>:unknown + 0x08ea
18 7ffeefdc (+   0) 7ffeefec   5521:unmount_main_stack@0x7efef000 + 0xffffec

Michael Lotz is also able to reproduce this one 100%, so this doesn't appear to just be my system. I tried freshly reinitializing that FS also, no difference.

Change History (3)

comment:1 Changed 11 years ago by anevilyak

FYI, This can happen on mount also, I manually tried to mount a DOS CD with mount -t fat and ran into the same panic. Also verified that hrev28215 is not the culprit, panic happens with it also. Trying to track down the regression now.

comment:2 Changed 11 years ago by anevilyak

I stand corrected, hrev28215 is indeed the culprit, my update-image command was incorrect.

comment:3 Changed 11 years ago by mmlr

Resolution: fixed
Status: newclosed

Fixed in hrev28232.

Note: See TracTickets for help on using tickets.