Physic memory cannot be wrriten after paging

In my toy kernel, I active paging and assigned a memory chunk to the variable, but it seems that the memory can not be written. The CPU can access the memory, and interrupt is active. No page fault and any error. The memory can be successfully read but any assignment can not change the content.

// testing code
    int* arr = (int*) ((uint32_t)physic_alloc(45*sizeof(int)) + PAGE_OFFSET);// get the virtual addr
    for(int i = 0; i<12; ++i) {
        arr[i] = i; // cannot change the memory content
    }

    for(int i = 0; i<12; ++i) {
        printf("%d\n", arr[i]);
    }
// output is always 0 in qemu, always 0xFFFFFFFF in bochs

What I have tried:

1. Dump the assembly code I'm sure the instructions totally reflect what I mean. Assignment instructions are tranlated to mov
2. See the page directory value and page entry

Physic addr:           0x200d9000
Virtual addr:          0xe00d9000
page table entry:      0x0018e003
page entry:            0x200d9003  

So paging is correct and RW bit is true. 3. I use the following code to active paging

    uint32_t cr0;
    asm volatile ("mov %%cr0, %0" : "=r" (cr0));
    cr0 |= 0x80000000;
    asm volatile ("mov %0, %%cr0" : : "r" (cr0));

4. The memory pre-allocated in kernel's .data can be changed, but the free space after kernel can't be modifiered.

5. Further test

    int* arr = (int*) 0xc80cd000;
    printf("%#08x\n", arr);
    printf("%d\n", *arr);
    *arr = 23333;
    printf("%d\n", *arr);
    printf("%d\n", *arr);

Output is

0xc80cd000
0
23333
0

The last two prints are going to achive same value but output differently. Actually the memory content never changed to 23333, it is always 0.

So I want to fix this problem.