[tor-bugs] #19926 [Core Tor/Tor]: BUG warning in connection_ap_attach_pending: waiting for rendezvous desc :*

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 10 07:48:49 UTC 2016 

#19926: BUG warning in connection_ap_attach_pending: waiting for rendezvous desc :*
------------------------------+------------------------------------
 Reporter:  cypherpunks       |          Owner:
     Type:  defect            |         Status:  new
 Priority:  Medium            |      Milestone:  Tor: 0.2.9.x-final
Component:  Core Tor/Tor      |        Version:  Tor: 0.2.9.1-alpha
 Severity:  Normal            |     Resolution:
 Keywords:  bug, regression?  |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+------------------------------------

Comment (by arma):

 Replying to [comment:10 arma]:
 > have we audited all the cases where we add a stream to
 pending_entry_connections, to make sure we aren't in state
 AP_CONN_STATE_RENDDESC_WAIT when we do it?

 There are two places where a stream can get added onto
 pending_entry_connections:

 1) In connection_ap_mark_as_pending_circuit(), which does a tor_assert to
 make sure that the state is AP_CONN_STATE_CIRCUIT_WAIT.

 2) In connection_ap_attach_pending(), which only does it if the state is
 AP_CONN_STATE_CIRCUIT_WAIT.

 So I don't think that can be it either.

 (I should clarify that the above analysis is looking at git branch
 f6c7e131a, like in the original report.)

 I am now out of places to look.

 Git commit 0a701e53 looks like it fixed a few bugs like this, but as far
 as I can tell, that went into 0.2.8.1-alpha, so way before 0.2.9.1-alpha.

 I wonder if there are any cases where we call
 connection_ap_mark_as_non_pending_circuit() with the wrong pointer, e.g.
 that we mis-cast it because we're confused about our OO tricks? Then that
 function silently doesn't remove anything, leaving us in the situation
 where the stream is still on pending_entry_connections?

 Maybe Nick has other guesses, based on debugging past bugs on this
 pending_entry_connections thing?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19926#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list