[haiku-bugs] Re: [Haiku] #6121: PANIC: destroying a slab which isn't empty by 'low resource manager'
- From: "bonefish" <trac@xxxxxxxxxxxx>
- Date: Fri, 04 Jun 2010 20:36:33 -0000
#6121: PANIC: destroying a slab which isn't empty by 'low resource manager'
---------------------------+------------------------------------------------
Reporter: kallisti5 | Owner: axeld
Type: bug | Status: new
Priority: normal | Milestone: R1
Component: System/Kernel | Version: R1/Development
Keywords: slab | Platform: x86
Blockedby: | Patch: 0
Blocking: |
---------------------------+------------------------------------------------
Changes (by bonefish):
* keywords: => slab
Comment:
The slab comes straight out of the cache's empty slab list and the cache
is locked at that point. Looks like a structural corruption. The `size ==
count` predicate which fails here is also used for adding a slab to the
list and `count` is only decremented after removing the slab from the list
(when allocating an object). I don't see locking problems, since slabs are
always handled with the cache locked. A double free could cause such a
problem; `count` would become greater than `size` in this case. A memory
dump of the slab structure would have been interesting (`dw <slab> 16`),
information on the cache maybe, too (`slab_cache <cache>`).
--
Ticket URL: <http://dev.haiku-os.org/ticket/6121#comment:1>
Haiku <http://dev.haiku-os.org>
Haiku - the operating system.
Other related posts:
