Re: [External] : pf_state_key_unref: panic: kernel diagnostic assertion "refcnt != ~0" failed: file "/usr/src/sys/kern/kern_synch.c", line 826

[Alexandr Nedvedicky]

Hello,

thank you very much for doing the test for me.
patch below should kill the bug.

patch applies to current.

thanks and
regards
sashan

--------8<---------------8<---------------8<------------------8<--------
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 23eebf4a274..275ef8a6157 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -7376,11 +7376,15 @@ pf_state_key_link_reverse(struct pf_state_key *sk, 
struct pf_state_key *skrev)
        else
                pf_state_key_ref(skrev);
 
+       /*
+        * NOTE: if sk == skrev, then KASSERT() below holds true. We still
+        * want to grab a reference in such case.
+        */
        old_reverse = atomic_cas_ptr(&skrev->reverse, NULL, sk);
        if (old_reverse != NULL)
                KASSERT(old_reverse == sk);
-       else
-               pf_state_key_ref(sk);
+
+       pf_state_key_ref(sk);
 }
 
 #if NPFLOG > 0