Hello,
</snip>
> > > +ipsp_delete_acquire_locked(struct ipsec_acquire *ipa)
> > > +{
> > > + if (timeout_del(&ipa->ipa_timeout) == 1)
> > > + refcnt_rele(&ipa->ipa_refcnt);
> > ^^^^^^^^^^^^^^^^^^
> > can we also put ASSERT/check into this branch
> > to verify we are no releasing the last
> > reference to ipa. I suspect we might be doing
> > an extra reference drop here.
>
> Later we call ipsp_unref_acquire_locked() and refcnt_rele() again.
> This will KASSERT(refcnt != ~0) in the case you describe.
>
> > I believe this ASSERT
> > would be hit if we will compile kernel without IPSEC.
> > we grab the extra reference iff are adding a timer.
>
> We release the extra reference only iff we delete the timer
> that was added before.
I see your point. it makes sense. thanks for clarification.
thanks and
regards
sashan
