kern/88725: /usr/sbin/ppp panic with 2005.10.21 netinet6 changes

Mark Tinguely tinguely at
Thu Nov 10 07:00:25 PST 2005

The following reply was made to PR kern/88725; it has been noted by GNATS.

From: Mark Tinguely <tinguely at>
To: bug-followup at, snezhko at
Cc: freebsd-current at, Max at, max at
Subject: Re: kern/88725: /usr/sbin/ppp panic with 2005.10.21 netinet6 changes
Date: Thu, 10 Nov 2005 08:50:37 -0600 (CST)

 As a postscript:
  The problem was a dynamic timer was freed without being stopped first.
  Obviously, the printf() should be removed from the final fix.
  After this discovery, I went through all of the callout_init() calls
  in the kernel and looked at those that may be freed before possibly
  being stopped. Beside the one in netinet6/mld6.c, I have 5 more
  that initially look like the memory for the callout struction could
  also be freed and still not have been stopped. These paths are problably
  not traveled much (detaches for less mainstream components), but stopping
  the callout is cheap and not at all risky.
  I will look at the 5 cases again and suggest all of these callout at
  risk be stopped under the same fix.
 --Mark Tinguely

More information about the freebsd-bugs mailing list