[Bug 260493] route command can trigger 'integer divide fault'

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260493] route command can trigger 'integer divide fault'"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260493] route command can trigger 'integer divide fault'"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 260493] route command can trigger 'integer divide fault'"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 17 Dec 2021 14:26:14 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260493

            Bug ID: 260493
           Summary: route command can trigger 'integer divide fault'
           Product: Base System
           Version: 13.0-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: sjorge+signup@blackdot.be

I fat fingered a route command while and noticed I killed the entire FreeBSD
host, inspecting the console showed:

---
Fatal trap 18: integer divide fault while in kernel mode
cpuid = 3; apic id = 03
instruction pointer     = 0x20:0xffffffff80d474c3
stack pointer           = 0x28:0xfffffe00ab817c80
frame pointer           = 0x28:0xfffffe00ab817ce0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 52955 (route)
trap number             = 18
panic: integer divide fault
cpuid = 3
time = 1639750662
KDB: stack backtrace:
#0 0xffffffff80c574c5 at kdb_backtrace+0x65
#1 0xffffffff80c09ea1 at vpanic+0x181
#2 0xffffffff80c09d13 at panic+0x43
#3 0xffffffff8108b1b7 at trap_fatal+0x387
#4 0xffffffff8108a67e at trap+0x8e
#5 0xffffffff81061958 at calltrap+0x8
#6 0xffffffff80d47ba3 at nhgrp_get_addition_group+0x173
#7 0xffffffff80d4662c at add_route_mpath+0x3c
#8 0xffffffff80d4a57b at rib_add_route+0x4eb
#9 0xffffffff80d5002c at route_output+0xf3c
#10 0xffffffff80ca91d3 at sosend_generic+0x633
#11 0xffffffff80ca9660 at sosend+0x50
#12 0xffffffff80c7f159 at soo_write+0x49
#13 0xffffffff80c76798 at dofilewrite+0x88
#14 0xffffffff80c7630c at sys_write+0xbc
#15 0xffffffff8108babc at amd64_syscall+0x10c
#16 0xffffffff8106227e at fast_syscall_common+0xf8
---

The command in question was:
root@proteus:/conf/carp.d # route add -inet default 10.23.12.1 -weight 0
client_loop: send disconnect: Broken pipe

Granted `-weight 0` was an error on my part because I fat fingered the number,
but it probably should not bring down the entire host.

-- 
You are receiving this mail because:
You are the assignee for the bug.