tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 3aa937dd5ebce4764ee908d01fdae1e9bb4ded46
parent 532543e84a96fbc94e9b33b36100ef0046a50429
Author: David Goulet <dgoulet@torproject.org>
Date:   Mon, 28 Aug 2023 14:08:39 -0400

Merge branch 'tor-gitlab/mr/750' into maint-0.4.8

Diffstat:

Achanges/bug40842 | 4++++


Msrc/core/or/conflux.c | 6++++++


Msrc/core/or/conflux_util.c | 25+++++++++++++++++++++++++


Msrc/core/or/relay.c | 2++


4 files changed, 37 insertions(+), 0 deletions(-)

diff --git a/changes/bug40842 b/changes/bug40842
@@ -0,0 +1,4 @@
+  o Minor bugfixes (conflux):
+    - Prevent non-fatal assert stacktrace caused by using conflux
+      sets during their teardown process. Fixes bug 40842;
+      bugfix on 0.4.8.1-alpha.
diff --git a/src/core/or/conflux.c b/src/core/or/conflux.c
@@ -604,6 +604,12 @@ conflux_decide_next_circ(conflux_t *cfx)
   // this once tuning is complete.
   conflux_validate_legs(cfx);
 
+  /* If the conflux set is tearing down and has no current leg,
+   * bail and give up */
+  if (cfx->in_full_teardown) {
+    return NULL;
+  }
+
   /* If we don't have a current leg yet, pick one.
    * (This is the only non-const operation in this function). */
   if (!cfx->curr_leg) {
diff --git a/src/core/or/conflux_util.c b/src/core/or/conflux_util.c
@@ -38,10 +38,31 @@ circuit_get_package_window(circuit_t *circ,
       tor_assert_nonfatal(circ->purpose ==
                           CIRCUIT_PURPOSE_CONFLUX_LINKED);
     }
+    circuit_t *orig_circ = circ;
+
+    /* If conflux is in the process of tearing down the set,
+     * the package window is 0 -- there is no room. */
+    if (circ->conflux->in_full_teardown)
+      return 0;
+
     circ = conflux_decide_next_circ(circ->conflux);
 
     /* If conflux has no circuit to send on, the package window is 0. */
     if (!circ) {
+      /* Bug #40842: Additional diagnostics for other potential cases */
+      if (!orig_circ->conflux->curr_leg) {
+        if (orig_circ->marked_for_close) {
+          log_warn(LD_BUG, "Conflux has no circuit to send on. "
+                           "Circuit %p idx %d marked at line %s:%d",
+                           orig_circ, orig_circ->global_circuitlist_idx,
+                           orig_circ->marked_for_close_file,
+                           orig_circ->marked_for_close);
+        } else {
+          log_warn(LD_BUG, "Conflux has no circuit to send on. "
+                           "Circuit %p idx %d not marked for close.",
+                           orig_circ, orig_circ->global_circuitlist_idx);
+        }
+      }
       return 0;
     }
 
@@ -76,6 +97,10 @@ conflux_can_send(conflux_t *cfx)
   if (send_circ) {
     return true;
   } else {
+    if (BUG(!cfx->in_full_teardown && !cfx->curr_leg)) {
+      log_fn(LOG_WARN,
+             LD_BUG, "Conflux has no current circuit to send on. ");
+    }
     return false;
   }
 }
diff --git a/src/core/or/relay.c b/src/core/or/relay.c
@@ -641,6 +641,8 @@ relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *orig_circ,
     if (BUG(!circ)) {
       log_warn(LD_BUG, "No circuit to send for conflux for relay command %d, "
                "called from %s:%d", relay_command, filename, lineno);
+      conflux_log_set(LOG_WARN, orig_circ->conflux,
+                       CIRCUIT_IS_ORIGIN(orig_circ));
       circ = orig_circ;
     } else {
       /* Conflux circuits always send multiplexed relay commands to