On Wed, Jun 21, 2017 at 09:29:23AM -0600, Alexander Bluhm wrote: > CVSROOT: /cvs > Module name: src > Changes by: bl...@cvs.openbsd.org 2017/06/21 09:29:23 > > Modified files: > sys/net : pf.c > > Log message: > Fix kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk > == NULL)". The problem was that setting the inp pointer in the > statekey to NULL was delayed until the statekey refcounter reached > 0. So the inp could get linked to another statekey while an mbuf > in the socket buffer was keeping the refcounter at 1. Set the > statekey inp pointer to NULL in pf_state_key_detach() immediately, > then the kassert can be even stricter. > OK sashan@
and OK dhill@
