kern/108197: [ipv6] IPv6-related crash if if_delmulti
JINMEI Tatuya / 神明達哉
jinmei at isl.rdc.toshiba.co.jp
Tue Jun 12 02:43:26 UTC 2007
At Tue, 22 May 2007 01:48:26 +0100,
"Bruce M. Simpson" <bms at icsi.berkeley.edu> wrote:
> > Responsible-Changed-From-To: freebsd-net->bms
> > Responsible-Changed-By: andre
> > Responsible-Changed-When: Sun May 13 18:36:25 UTC 2007
> > Responsible-Changed-Why:
> > Send over to BMS. He's active in that area and may have fixed the bug already.
> >
> > http://www.freebsd.org/cgi/query-pr.cgi?pr=108197
>
> Sorry, but I have no time to look at this at the moment. Is someone else
> free to look at it?
> The fix probably needs to be borrowed from the IPv4 code which adds an
> address to an interface.
Recent changes to the head and [56] STABLE *may* fix the problem.
These just fix memory leak while the symptom rather seems to indicate
use-after-free, so I'm not sure if these really solve the problem;
however, the fix indeed affects (either good or bad) the same code
path that caused the problem shown in the PR, so it may happen to fix
this problem via some non trivial side effect.
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
jinmei at isl.rdc.toshiba.co.jp
More information about the freebsd-net
mailing list