#10498: KDL : "got an in use page" (+ later page fault) in heap_allocate_from_bin() -----------------------------+---------------------------- Reporter: ttcoder | Owner: axeld Type: bug | Status: new Priority: normal | Milestone: R1 Component: System/Kernel | Version: R1/Development Resolution: | Keywords: Blocked By: | Blocking: Has a Patch: 0 | Platform: All -----------------------------+---------------------------- Comment (by ttcoder): I'm filing this as 1) the paging code has seemingly not changed much in the 6 months since that old hrev. And 2) there is something interesting about the sequence of events: I tried to `continue` out of this panic, and immediately went to a more familiar "vm_page_fault" KDL. Asking the kernel to continue working with an obviously corrupt paging subsystem was asking for an immediate re-crash so I'm not surprised it KDL'ed again.. However the fact that the second KDL was a NULL pointer dereference gave me an idea: I'm curious if the other KDLs people are tracking down these days could be related ? I seem to remember Ingo commenting on one of the kernel crash tickets recently and mentionning "maybe a page was used twice" as a possible scenario.. That's it for the grist of it.. Following up with my (probably aimless) toying/hacking..: ==== The first KDL ("in use page") occurs in an app_server thread. The second KDL (in a SoundPlay thread) is a page fault on `mov 0x8(ebx), eax`. Where ebx is pulled by dereferencing relative to `ecx`, which is set to `0x82203000`. That value is quite higher than the frame address..? Maybe it's normal because it's not referring to the frame but to something else like the heap I guess.... At any rate, the association between both KDLs is visible in the involved pointers: the in-use page from the free page list is `0x82203040` in the first panic; and in the second (vm_page_fault) the dereferencing of 0x8 occurs because a NULL pointer was used from a similar location,`0x82203000`. P.S. I have a couple even more "exotic" KDLs if you guys are game.. They are from a fairly old hrev46004 but refer to things like `VAnonymousCache.. merge with incompatible cache requested` ..etc. -- Ticket URL: <https://dev.haiku-os.org/ticket/10498#comment:1> Haiku <https://dev.haiku-os.org> Haiku - the operating system.