Date: Sun, 26 Jul 2015 10:15:30 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 201879] panic: boot time panic with a scrub rule on "exclusive sleep mutex pf fragments"... Message-ID: <bug-201879-17777-jXXRG8PhgF@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-201879-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-201879-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201879 Kristof Provost <kp@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kp@freebsd.org --- Comment #1 from Kristof Provost <kp@freebsd.org> --- The dump suggests something's wrong with the pf_fragqueue. It looks like an element was freed but not removed from the list (based on the fault address of 0xdeadc0de, and the PC shows the panic is at the first dereference of the frag taken from the list). I don't understand how that can happen though. The list manipulations are always done with the pf_frag_mtx mutex held so it can't be a race. Any free of fragments is done through pf_remove_fragment(), which immediately removes it from the tailq. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201879-17777-jXXRG8PhgF>