pfSense

Seems to be fairly rare, but there is a potential crash in pf that has been hit at least once:

panic: pf_hashsrc: unknown address family 0
cpuid = 0
KDB: enter: panic

db:0:kdb.enter.default> show pcpu
cpuid = 0
dynamic pcpu = 0x63a800
curthread = 0xfffff80003468920: pid 5 "pf purge" 
curpcb = 0xfffffe0000246cc0
fpcurthread = none
idlethread = 0xfffff80003211000: tid 100003 "idle: cpu0" 
curpmap = 0xffffffff82181fd8
tssp = 0xffffffff8219cf90
commontssp = 0xffffffff8219cf90
rsp0 = 0xfffffe0000246cc0
gs32p = 0xffffffff8219e9e8
ldt = 0xffffffff8219ea28
tss = 0xffffffff8219ea18
db:0:kdb.enter.default> bt
Tracing pid 5 tid 100043 td 0xfffff80003468920
kdb_enter() at kdb_enter+0x3e/frame 0xfffffe0000246a00
panic() at panic+0x175/frame 0xfffffe0000246a80
pf_src_tree_remove_state() at pf_src_tree_remove_state+0x292/frame 0xfffffe0000246ab0
pf_unlink_state() at pf_unlink_state+0x147/frame 0xfffffe0000246b20
pf_purge_expired_states() at pf_purge_expired_states+0x7d/frame 0xfffffe0000246b80
pf_purge_thread() at pf_purge_thread+0xc6/frame 0xfffffe0000246bb0
fork_exit() at fork_exit+0x9a/frame 0xfffffe0000246bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0000246bf0
--- trap 0, rip = 0, rsp = 0xfffffe0000246cb0, rbp = 0 ---

• A rule with "max-src-conn-rate 150 /3, overload <virusprot> flush global"
• set limit src-nodes 1900000
• set timeout src.track 14400
• relayd running with "sticky-address" set in a redirect
• System is a VM on CentOS with virtio enabled.

Appears to be related to FreeBSD Bug 182401 -- details above also copied there.