After booting with the new gfx EFI loader, changing the vt font causes a panic: --- trap 0xc, rip = 0xffffffff80b65bfd, rsp = 0xfffffe01a1c02560, rbp = 0xfffffe01a1c02590 --- free() at free+0x4d/frame 0xfffffe01a1c02590 vt_change_font() at vt_change_font+0x19a/frame 0xfffffe01a1c025e0 vtterm_ioctl() at vtterm_ioctl+0xf30/frame 0xfffffe01a1c02630 termtty_ioctl() at termtty_ioctl+0xc5/frame 0xfffffe01a1c02680 tty_ioctl() at tty_ioctl+0x3b/frame 0xfffffe01a1c026c0 #11 0xffffffff809e5f4a in vt_change_font (vw=vw@entry=0xfffff8002888fd80, vf=0xfffff8003a286880) at /usr/src/sys/dev/vt/vt_core.c:1901 1901 vtfont_unref(vw->vw_font); (kgdb) p vw->vw_font $6 = (struct vt_font *) 0xffffffff81c50400 <vt_font_loader> #10 0xffffffff809e73c0 in vtfont_unref (vf=<optimized out>) at /usr/src/sys/dev/vt/vt_font.c:135 135 free(vf, M_VTFONT); FreeBSD 13.0-ALPHA1 #0 main-c256114-g5290493a200-dirty
(In reply to ben from comment #0) tsoome@freebsd:/usr/src % git diff diff --git a/sys/dev/vt/vt_core.c b/sys/dev/vt/vt_core.c index 2352ed823424..ac89d8635e78 100644 --- a/sys/dev/vt/vt_core.c +++ b/sys/dev/vt/vt_core.c @@ -1528,6 +1528,8 @@ parse_font_info(struct font_info *fi) ptr = roundup2(ptr, 8); vfp = &vt_font_loader; + /* This is default font, set refcount 1 to disable removal. */ + vfp->vf_refcount = 1; vfp->vf_height = fi->fi_height; vfp->vf_width = fi->fi_width; for (unsigned i = 0; i < VFNT_MAPS; i++) { tsoome@freebsd:/usr/src % This patch should fix it.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=93ebd6307efeb95a29bc614edd0c67c2af850e98 commit 93ebd6307efeb95a29bc614edd0c67c2af850e98 Author: Toomas Soome <tsoome@FreeBSD.org> AuthorDate: 2021-01-24 18:59:36 +0000 Commit: Toomas Soome <tsoome@FreeBSD.org> CommitDate: 2021-01-26 23:07:03 +0000 vt: panic while changing vt font Set refcount for loader provided font to 1 to prevent this font from being released (so we can reset to default). PR: 252833 sys/dev/vt/vt_core.c | 2 ++ 1 file changed, 2 insertions(+)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=b79f2bc6c5c7431fa1f7c02937ec97a64653ade1 commit b79f2bc6c5c7431fa1f7c02937ec97a64653ade1 Author: Toomas Soome <tsoome@FreeBSD.org> AuthorDate: 2021-01-24 18:59:36 +0000 Commit: Toomas Soome <tsoome@FreeBSD.org> CommitDate: 2021-02-02 10:11:38 +0000 vt: panic while changing vt font Set refcount for loader provided font to 1 to prevent this font from being released (so we can reset to default). As we get started with no memory allocator, we set up static font data for font passed by loader (if there is any). At this time, we also must set refcount 1, and refcount will get incremented in cnprobe() callback. At some point the memory allocator will be available, and we will set up properly allocated font data, but we should not disturb the refcount. PR: 252833 PR: 253147 (cherry picked and squashed 93ebd6307efeb95a29bc614edd0c67c2af850e98 and 1912d2b15e6d6f4a1d8c3886b03ab30d2f21f3fd) sys/dev/vt/vt_core.c | 8 ++++++++ 1 file changed, 8 insertions(+)