[Bug 201879] panic: boot time panic with a scrub rule on "exclusive sleep mutex pf fragments"...

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Jul 26 10:15:30 UTC 2015


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201879

Kristof Provost <kp at freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kp at freebsd.org

--- Comment #1 from Kristof Provost <kp at freebsd.org> ---
The dump suggests something's wrong with the pf_fragqueue.
It looks like an element was freed but not removed from the list (based on the
fault address of 0xdeadc0de, and the PC shows the panic is at the first
dereference of the frag taken from the list).

I don't understand how that can happen though. The list manipulations are
always done with the pf_frag_mtx mutex held so it can't be a race. Any free of
fragments is done through pf_remove_fragment(), which immediately removes it
from the tailq.

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-pf mailing list