[tor-bugs] #6341 [Tor Relay]: "if (circ != conn->active_circuits)" in connection_or_flush_from_first_active_circuit() is wrong?

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sat Jul 7 17:18:15 UTC 2012


#6341: "if (circ != conn->active_circuits)" in
connection_or_flush_from_first_active_circuit() is wrong?
-----------------------+----------------------------------------------------
 Reporter:  arma       |          Owner:     
     Type:  defect     |         Status:  new
 Priority:  normal     |      Milestone:     
Component:  Tor Relay  |        Version:     
 Keywords:             |         Parent:     
   Points:             |   Actualpoints:     
-----------------------+----------------------------------------------------

Comment(by arma):

 Replying to [ticket:6341 arma]:
 > "if (circ != conn->active_circuits)"

 Looks like that code went in as git commit 6589ea2a

 > that means random crashes for "connection_write_to_buf(NULL->body" if
 ewma enabled.

 I assume this refers to
 {{{
     connection_write_to_buf(cell->body, CELL_NETWORK_SIZE, TO_CONN(conn));
 }}}

 > just remove that condition block, no need any goto before every stream
 started reads and all circs with empty queue marked as inactive.

 So if conn->active_circuits changed, we should still call
 conn->active_circuits = *next_circ_on_conn_p(circ, conn); ?
 That seems unlikely to be right.

 > "&& queue->head" saves from crashes, but that condition is wrong anyway.
 you can't unblock streams when you need it.
 >
 > why need "re-add the cell_ewma_t" inside for{} ? what purpose for{} if
 you never can flush more than 1 cell for ewma anyway? Why there are no
 consistent logic for just one small func?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6341#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list