From nobody Sat Jul 10 08:23:04 2021 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6FE75CFAE87 for ; Sat, 10 Jul 2021 08:23:08 +0000 (UTC) (envelope-from se@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GMNMJ2YHkz3rhR; Sat, 10 Jul 2021 08:23:08 +0000 (UTC) (envelope-from se@freebsd.org) Received: from Stefans-MBP-449.fritz.box (p200300cd5f098700843d0a051b030d69.dip0.t-ipconnect.de [IPv6:2003:cd:5f09:8700:843d:a05:1b03:d69]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: se/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id C12C52490B; Sat, 10 Jul 2021 08:23:07 +0000 (UTC) (envelope-from se@freebsd.org) To: Karl Denninger , stable@freebsd.org References: <2e3dcd4d-c8e6-8381-0010-d0844c99901e@denninger.net> <20210708221134.GA32658@belenus.iks-jena.de> <7bfda38b-cf81-d8be-7691-e18946e6b56e@denninger.net> From: Stefan Esser Subject: Re: 12.2 Splay Tree ipfw potential panic source Message-ID: Date: Sat, 10 Jul 2021 10:23:04 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 In-Reply-To: <7bfda38b-cf81-d8be-7691-e18946e6b56e@denninger.net> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="W1eXtNstIDZ7j46JgX9A1af8FiCTdxjuL" X-ThisMailContainsUnwantedMimeParts: N This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --W1eXtNstIDZ7j46JgX9A1af8FiCTdxjuL Content-Type: multipart/mixed; boundary="AfG0Ry9dlrnkfcr2T0uWIqA9mHH9XwLIE"; protected-headers="v1" From: Stefan Esser To: Karl Denninger , stable@freebsd.org Message-ID: Subject: Re: 12.2 Splay Tree ipfw potential panic source References: <2e3dcd4d-c8e6-8381-0010-d0844c99901e@denninger.net> <20210708221134.GA32658@belenus.iks-jena.de> <7bfda38b-cf81-d8be-7691-e18946e6b56e@denninger.net> In-Reply-To: <7bfda38b-cf81-d8be-7691-e18946e6b56e@denninger.net> --AfG0Ry9dlrnkfcr2T0uWIqA9mHH9XwLIE Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Am 10.07.21 um 04:41 schrieb Karl Denninger: > Ok, so I have good news and bad news. >=20 > I have the trap and it is definitely in libalias which appears to come = about as > a result of a NAT translation attempt. >=20 > Fatal trap 18: integer divide fault while in kernel mode [...] > HouseKeeping() at HouseKeeping+0x1c/frame 0xfffffe0017b6b320 The divide by zero at one of the first instructions of HouseKeeping() seems to be caused by this line: /sys/netinet/libalias/alias_db.c:1753: if (packets % packet_limit =3D=3D 0) { Seems that packet_limit can become zero, there ... At line 1780 within that function: if (now !=3D LibAliasTime) { /* retry three times a second */ packet_limit =3D packets / 3; packets =3D 0; LibAliasTime =3D now; } The static variable packet limit is divided by 3 without any protection against going down to 0. A packet_limit of zero makes no sense (besides causing a divide by zero abort), therefore this value should probably have a lower limit of 1. Maybe that packet_limit =3D packets / 3 + 1; would give an acceptably close result in all cases. Else enforce a minimum value of 1 after the division: packet_limit =3D packets / 3; if (packet_limit =3D=3D 0) packet_limit =3D 1; Or just: packet_limit =3D packets >=3D 3 ? packets / 3 : 1= ; Regards, STefan --AfG0Ry9dlrnkfcr2T0uWIqA9mHH9XwLIE-- --W1eXtNstIDZ7j46JgX9A1af8FiCTdxjuL Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEo3HqZZwL7MgrcVMTR+u171r99UQFAmDpWOgFAwAAAAAACgkQR+u171r99UTn dwf/eBtEoBpv7yvsRGzHt6RL61JMIwlqxXOKltE6oaTGKSezGeWRga3IT2KS6g0ghuivvX4XR78I 3tPKWG+n1ylC+tkEkKbC0Aijilg2gy7rr1bM3GINbNL2U9cKTEIDVWqQWCUs+H44aA+jw9nqKhWe UtKBO0GyoCFcSC22I0T27JmTT41icIeWSO34aQgRcoLeB8k+gk9Fz0ngGnqUuBuF40UuMOoRxAwr 8u539r6y1FvtnJ+s0vEZNXVvBYL61OPdDatEo1hh+956lAmCno993TSYJ2CXqlX/q199wXzmA8tn p7Sgf/ejqCibbt4ML3cs1USvP8USHrW6ZYhRHTM+wQ== =sO1Z -----END PGP SIGNATURE----- --W1eXtNstIDZ7j46JgX9A1af8FiCTdxjuL--