[tor-commits] [tor/maint-0.4.3] Use more memory poisoning and better asserts around ewma code

nickm at torproject.org nickm at torproject.org
Thu Feb 13 15:47:53 UTC 2020


commit 80e3dc47272c9ba423d40ce367fb99d39c3150ec
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Feb 12 14:17:19 2020 -0500

    Use more memory poisoning and better asserts around ewma code
    
    Attempt to diagnose 32464; fixes 33290.
---
 changes/ticket33290           |  4 ++++
 src/core/or/circuitmux.c      |  8 ++++++--
 src/core/or/circuitmux_ewma.c | 11 ++++++++---
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/changes/ticket33290 b/changes/ticket33290
new file mode 100644
index 000000000..882764020
--- /dev/null
+++ b/changes/ticket33290
@@ -0,0 +1,4 @@
+  o Minor features (diagnostic):
+    - Improve assertions and add some memory-poisoning code to try to track
+      down possible causes of a rare crash (32564) in the EWMA code.
+      Closes ticket 33290.
diff --git a/src/core/or/circuitmux.c b/src/core/or/circuitmux.c
index b2628bec3..72f6ba662 100644
--- a/src/core/or/circuitmux.c
+++ b/src/core/or/circuitmux.c
@@ -79,6 +79,8 @@
 #include "core/or/destroy_cell_queue_st.h"
 #include "core/or/or_circuit_st.h"
 
+#include "lib/crypt_ops/crypto_util.h"
+
 /*
  * Private typedefs for circuitmux.c
  */
@@ -973,7 +975,10 @@ circuitmux_detach_circuit,(circuitmux_t *cmux, circuit_t *circ))
     /* Now remove it from the map */
     HT_REMOVE(chanid_circid_muxinfo_map, cmux->chanid_circid_map, hashent);
 
-    /* Free the hash entry */
+    /* Wipe and free the hash entry */
+    // This isn't sensitive, but we want to be sure to know if we're accessing
+    // this accidentally.
+    memwipe(hashent, 0xef, sizeof(hashent));
     tor_free(hashent);
   }
 }
@@ -1334,4 +1339,3 @@ circuitmux_compare_muxes, (circuitmux_t *cmux_1, circuitmux_t *cmux_2))
     return 0;
   }
 }
-
diff --git a/src/core/or/circuitmux_ewma.c b/src/core/or/circuitmux_ewma.c
index 3f83c3fd5..606b755e2 100644
--- a/src/core/or/circuitmux_ewma.c
+++ b/src/core/or/circuitmux_ewma.c
@@ -147,7 +147,9 @@ TO_EWMA_POL_DATA(circuitmux_policy_data_t *pol)
 {
   if (!pol) return NULL;
   else {
-    tor_assert(pol->magic == EWMA_POL_DATA_MAGIC);
+    tor_assertf(pol->magic == EWMA_POL_DATA_MAGIC,
+                "Mismatch: %"PRIu32" != %"PRIu32,
+                pol->magic, EWMA_POL_DATA_MAGIC);
     return DOWNCAST(ewma_policy_data_t, pol);
   }
 }
@@ -162,7 +164,9 @@ TO_EWMA_POL_CIRC_DATA(circuitmux_policy_circ_data_t *pol)
 {
   if (!pol) return NULL;
   else {
-    tor_assert(pol->magic == EWMA_POL_CIRC_DATA_MAGIC);
+    tor_assertf(pol->magic == EWMA_POL_CIRC_DATA_MAGIC,
+                "Mismatch: %"PRIu32" != %"PRIu32,
+                pol->magic, EWMA_POL_CIRC_DATA_MAGIC);
     return DOWNCAST(ewma_policy_circ_data_t, pol);
   }
 }
@@ -295,6 +299,7 @@ ewma_free_cmux_data(circuitmux_t *cmux,
   pol = TO_EWMA_POL_DATA(pol_data);
 
   smartlist_free(pol->active_circuit_pqueue);
+  pol->base_.magic = 0xDEAD901C;
   tor_free(pol);
 }
 
@@ -361,7 +366,7 @@ ewma_free_circ_data(circuitmux_t *cmux,
   if (!pol_circ_data) return;
 
   cdata = TO_EWMA_POL_CIRC_DATA(pol_circ_data);
-
+  cdata->base_.magic = 0xDEADC14C;
   tor_free(cdata);
 }
 





More information about the tor-commits mailing list