commit 02f05f2de2654de3ab24e26ca9f1745389487d32
parent c74a817e837774a5e488d6c544ea2b45d3e4ddcf
Author: Nick Mathewson <nickm@torproject.org>
Date: Wed, 8 Nov 2017 10:56:33 -0500
Merge remote-tracking branch 'dgoulet/bug23751_032_01' into maint-0.3.2
Diffstat:
2 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/changes/bug23751 b/changes/bug23751
@@ -0,0 +1,6 @@
+ o Minor bugfixes (scheduler, channel):
+ - Ignore channels that have been closed while flushing cells. This can
+ happen if the write on the connection fails leading to the channel being
+ closed while in the scheduler loop. This is not a complete fix, it is a
+ bandaid until we are able to refactor those interactions. Fixes bug
+ 23751; bugfix on 0.3.2.1-alpha.
diff --git a/src/or/scheduler_kist.c b/src/or/scheduler_kist.c
@@ -598,6 +598,15 @@ kist_scheduler_run(void)
if (socket_can_write(&socket_table, chan)) {
/* flush to channel queue/outbuf */
flush_result = (int)channel_flush_some_cells(chan, 1); // 1 for num cells
+ /* XXX: While flushing cells, it is possible that the connection write
+ * fails leading to the channel to be closed which triggers a release
+ * and free its entry in the socket table. And because of a engineering
+ * design issue, the error is not propagated back so we don't get an
+ * error at this poin. So before we continue, make sure the channel is
+ * open and if not just ignore it. See #23751. */
+ if (!CHANNEL_IS_OPEN(chan)) {
+ continue;
+ }
/* flush_result has the # cells flushed */
if (flush_result > 0) {
update_socket_written(&socket_table, chan, flush_result *
