Bug ID 554826: TMM may crash with a SIGFPE panic if an AFM DOS profile is configured with Behavioral Analysis enabled

Last Modified: Mar 17, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
12.1.0

Opened: Oct 28, 2015
Severity: 3-Major
Related AskF5 Article:
K47013052

Symptoms

If an AFM DoS profile with Behavioral Analysis enabled is applied to a virtual server configured for state mirroring, TMM may crash on the secondary device with a SIGFPE panic. The system may produce a panic message in /var/log/tmm* similar to the following: panic: ./local/net/packet.h:505: Assertion "l3hdr set" failed.

Impact

TMM crash: Degraded HA. Traffic disrupted while tmm restarts.

Conditions

AFM is provisioned and an AFM profile with 'Behavioral Analysis' enabled is configured on a virtual server, and that virtual server is configured for mirroring.

Workaround

Enabling the 'Behavioral Analysis' feature in an AFM profile is not completely functional at this time. Please do not enable the feature.

Fix Information

AFM is provisioned and an AFM profile with 'Behavioral Analysis' enabled is configured on a virtual server, and that virtual server is configured for mirroring now works as expected, and does not result in a TMM crash.

Behavior Change