[Bug 237758] Loading and subsequent unloading of the dcons kernel module causes panic

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun May 5 21:18:11 UTC 2019 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237758

            Bug ID: 237758
           Summary: Loading and subsequent unloading of the dcons kernel
                    module causes panic
           Product: Base System
           Version: 12.0-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs at FreeBSD.org
          Reporter: admin at support.od.ua

Created attachment 204230
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=204230&action=edit
kldstat -v

I have FreeBSD system:
# uname -a
FreeBSD core.domain.com 12.0-STABLE FreeBSD 12.0-STABLE r347079 SUPPORT-12-0-1 
amd64


root at core:~ # kldload dcons.ko
root at core:~ #
root at core:~ # kldunload dcons.ko

And the system crashes...


root at core:~ # /usr/libexec/kgdb /boot/kernel/kernel /var/crash/vmcore.2
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:
dcons: unload
panic: Terminal device freed without a free-handler
cpuid = 0
time = 1557100854
KDB: stack backtrace:
#0 0xffffffff80cc3707 at kdb_backtrace+0x67
#1 0xffffffff80c775dd at vpanic+0x19d
#2 0xffffffff80c77433 at panic+0x43
#3 0xffffffff80cf81a2 at ttydevsw_deffree+0x12
#4 0xffffffff80cfa15d at tty_dealloc+0xad
#5 0xffffffff80c14c5c at destroy_dev_tq+0xac
#6 0xffffffff80cd5de4 at taskqueue_run_locked+0x154
#7 0xffffffff80cd5bd1 at taskqueue_run+0x71
#8 0xffffffff80c3a654 at ithread_loop+0x1d4
#9 0xffffffff80c374c3 at fork_exit+0x83
#10 0xffffffff81248a8e at fork_trampoline+0xe
Uptime: 1m52s
Dumping 268 out of 979 MB:..6%..12%..24%..36%..42%..54%..66%..72%..84%..96%

Reading symbols from /boot/kernel/zfs.ko...Reading symbols from
/usr/lib/debug//boot/kernel/zfs.ko.debug...done.
done.
Loaded symbols for /boot/kernel/zfs.ko
Reading symbols from /boot/kernel/opensolaris.ko...Reading symbols from
/usr/lib/debug//boot/kernel/opensolaris.ko.debug...done.
done.
Loaded symbols for /boot/kernel/opensolaris.ko
Reading symbols from /boot/kernel/dcons.ko...Reading symbols from
/usr/lib/debug//boot/kernel/dcons.ko.debug...done.
done.
Loaded symbols for /boot/kernel/dcons.ko
#0  doadump () at src/sys/amd64/include/pcpu.h:230
230             __asm("movq %%gs:%P1,%0" : "=r" (td) : "n"
(OFFSETOF_CURTHREAD));

(kgdb) bt
#0  doadump () at src/sys/amd64/include/pcpu.h:230
#1  0xffffffff80c771d8 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:451
#2  0xffffffff80c77639 in vpanic (fmt=<value optimized out>, ap=<value
optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:877
#3  0xffffffff80c77433 in panic (fmt=<value optimized out>) at
/usr/src/sys/kern/kern_shutdown.c:804
#4  0xffffffff80cf81a2 in ttydevsw_deffree (softc=<value optimized out>) at
/usr/src/sys/kern/tty.c:1007
#5  0xffffffff80cfa15d in tty_dealloc (arg=0xfffff800254ea000) at
src/sys/sys/ttydevsw.h:198
#6  0xffffffff80c14c5c in destroy_dev_tq (ctx=<value optimized out>,
pending=<value optimized out>)
    at /usr/src/sys/kern/kern_conf.c:1438
#7  0xffffffff80cd5de4 in taskqueue_run_locked (queue=0xfffff8000305db00)
    at /usr/src/sys/kern/subr_taskqueue.c:467
#8  0xffffffff80cd5bd1 in taskqueue_run (queue=0xfffff8000305db00) at
/usr/src/sys/kern/subr_taskqueue.c:486
#9  0xffffffff80c3a654 in ithread_loop (arg=<value optimized out>) at
/usr/src/sys/kern/kern_intr.c:1129
#10 0xffffffff80c374c3 in fork_exit (callout=0xffffffff80c3a480 <ithread_loop>,
arg=0xfffff80003111540,
    frame=0xfffffe0000434ac0) at /usr/src/sys/kern/kern_fork.c:1060
#11 0xffffffff81248a8e in fork_trampoline () at
/usr/src/sys/amd64/amd64/exception.S:995
#12 0x0000000000000000 in ?? ()
Current language:  auto; currently minimal

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list