This issue can be reproduced by running passt with TCP forwarding and connecting to that TCP port before the first client (e.g. QEMU) connects to the passt socket. Example: (sleep 0.1; ssh -p 22000 127.0.0.1) & passt -f -t 22000:22 Although this commit likely doesn't fix the root cause of this issue, it does reliably fix the segfault. --- tcp_buf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tcp_buf.c b/tcp_buf.c index bc898de..1a06f15 100644 --- a/tcp_buf.c +++ b/tcp_buf.c @@ -120,6 +120,9 @@ static void tcp_revert_seq(const struct ctx *c, struct tcp_tap_conn **conns, uint32_t seq = ntohl(th->seq); uint32_t peek_offset; + if (conn == NULL) + continue; + if (SEQ_LE(conn->seq_to_tap, seq)) continue; -- 2.47.3