Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP PEM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.0 HF6
Opened: May 20, 2015 Severity: 2-Critical
TMM may crash under race condition, that if there is PEM flow reporting with format script that contains iRules accessing info from/to different TMMs gets executed when there is already an iRule executed and access different iRules on top of a connection/flow, and the connection/flow is reset. The fix will not execute the format script if it sees an irule is already parked for that flow. As a result, no log message will be sent in this case. In the versions before the fix, the user may have seen a log with stale info, or might see duplicate logs. After the fix, no log will be sent out in the situation described above.
Traffic disrupted while tmm restarts.
1. PEM flow reporting is enabled with format script that contains iRules access info from/to different TMMs 2. an iRule script that will access info from/to different TMM (that is, it will be parked on the connection/flow) is being executed and parked on the connection/flow 3. the connect/flow is reset 4. the PEM flow reporting with format script in #1 gets executed.
A patch will be needed for such tmm crash under race condition, when PEM flow reporting with format script are required along with iRules.
The issue is fixed by making sure that PEM flow reporting with format script will not be executed if it detects another iRule script is already parked on the flow. However, given this is quite rare race condition, the PEM flow reporting with format script will be triggered again when reporting condition (volume or time based) is met and there is no concurrent iRule scripted parked.