Date: Tue, 12 Jun 2007 11:42:00 +0900 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp> To: "Bruce M. Simpson" <bms@icsi.berkeley.edu> Cc: freebsd-net@FreeBSD.org Subject: Re: kern/108197: [ipv6] IPv6-related crash if if_delmulti Message-ID: <m1myz5vqpz.wl%jinmei@isl.rdc.toshiba.co.jp> In-Reply-To: <46523DDA.30300@icsi.berkeley.edu> References: <200705131837.l4DIbFNw022595@freefall.freebsd.org> <46523DDA.30300@icsi.berkeley.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
At Tue, 22 May 2007 01:48:26 +0100, "Bruce M. Simpson" <bms@icsi.berkeley.edu> wrote: > > Responsible-Changed-From-To: freebsd-net->bms > > Responsible-Changed-By: andre > > Responsible-Changed-When: Sun May 13 18:36:25 UTC 2007 > > Responsible-Changed-Why: > > Send over to BMS. He's active in that area and may have fixed the bug already. > > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=108197 > > Sorry, but I have no time to look at this at the moment. Is someone else > free to look at it? > The fix probably needs to be borrowed from the IPv4 code which adds an > address to an interface. Recent changes to the head and [56] STABLE *may* fix the problem. These just fix memory leak while the symptom rather seems to indicate use-after-free, so I'm not sure if these really solve the problem; however, the fix indeed affects (either good or bad) the same code path that caused the problem shown in the PR, so it may happen to fix this problem via some non trivial side effect. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m1myz5vqpz.wl%jinmei>