Hello,
> The problem is that setting the inp pointer in the statekey to NULL
> is delayed until the statekey refcounter reaches 0. So the inp
> could get linked to another statekey while the mbuf in the socket
> buffer was keeping the refcounter at 1.
>
> The sk->inp should be set to NULL
On Wed, Jun 21, 2017 at 01:21:50AM +0200, Alexander Bluhm wrote:
> Hi,
>
> I saw a crash on an OpenBSD 6.1 based system when a kassert in
> pf_state_key_unref() was triggert.
>
> kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk ==
> NULL)"
> failed: file
Hi,
I saw a crash on an OpenBSD 6.1 based system when a kassert in
pf_state_key_unref() was triggert.
kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk == NULL)"
failed: file "../../../../../net/pf.c", line 7155
panic() at panic+0xfe
