PF appears to lock up a machine with a large number of jails

[Felix Gallo]

FreeBSD ip-172-31-63-223 10.2-RELEASE FreeBSD 10.2-RELEASE #0 r286666: Wed
Aug 12 15:26:37 UTC 2015
root at releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC
 amd64

I am using the github dev version of 'iocage' (an ezjail-like shell script)
to generate a large number of jails.

SITUATION 1.

When I am creating the jails, which all use a shared ipv6 interface to the
hosts' loopback, in a loop, after a certain number of jails (sometimes ~70,
sometimes ~100), the machine appears to hang.  Upon reboot, the machine has
nothing interesting in the logs.

SITUATION 2.

I then realized that I had TSO enabled on the interface, which seems to
interact very badly with pf.  So I disabled it and started creating the
jails again.  Again, it hung the box, but this time seemed to take a lot
longer to do so (over 100 jails created).

SITUATION 3.

I rebooted.  I then disabled pf and created the jails.  This went fine and
I was able to create and run 750 jails without issue.

SITUATION 4.

I rebooted.  I disabled TSO.  I then attempted to re-enable pf with pfctl
-e.  This immediately killed the box.

SITUATION 5.

I rebooted.  I then deleted all my jails, recreated a smaller number (150)
with PF disabled and TSO disabled, and then re-enabled PF.  This appeared
to work for a time, but after some period of time, the machine again hung.

Not sure how else to help debug this one; happy to help if given direction.

F.