Hello, </snip> > > > +ipsp_delete_acquire_locked(struct ipsec_acquire *ipa) > > > +{ > > > + if (timeout_del(&ipa->ipa_timeout) == 1) > > > + refcnt_rele(&ipa->ipa_refcnt); > > ^^^^^^^^^^^^^^^^^^ > > can we also put ASSERT/check into this branch > > to verify we are no releasing the last > > reference to ipa. I suspect we might be doing > > an extra reference drop here. > > Later we call ipsp_unref_acquire_locked() and refcnt_rele() again. > This will KASSERT(refcnt != ~0) in the case you describe. > > > I believe this ASSERT > > would be hit if we will compile kernel without IPSEC. > > we grab the extra reference iff are adding a timer. > > We release the extra reference only iff we delete the timer > that was added before.
I see your point. it makes sense. thanks for clarification. thanks and regards sashan