[tor-dev] Is it safe for second_elapsed_callback() to be called less often?

Nick Mathewson nickm at alum.mit.edu
Fri Dec 2 16:56:33 UTC 2016

On Thu, Dec 1, 2016 at 9:54 AM, Michael Rogers <michael at briarproject.org> wrote:
> Hi,
> When running hidden services on Android I've found it's necessary to
> hold a wake lock to keep the CPU awake. Otherwise Tor's
> second_elapsed_callback() doesn't get called once per second. When the
> CPU eventually wakes and the callback is called, if 100 seconds or more
> have passed since the last call, second_elapsed_callback() calls
> circuit_note_clock_jumped(), which marks any dirty circuits as unusable.
> If I understand right, this will have the effect of breaking any
> existing connections to the hidden service and making the service
> unreachable until it's built new intro circuits and published a new
> descriptor.
> #8239, #16387 and #19522 might help to reduce the downtime by improving
> our chances of reusing the same intro points, but we'd still lose the
> existing circuits.
> It would be nice if we could avoid this downtime without holding a
> permanent wake lock, which has a big impact on battery life.
> A possible workaround would be to use Android's alarm API to wake the
> controller process once per minute. The controller process can acquire a
> wake lock for a couple of seconds to allow second_elapsed_callback() to
> be called, then release the lock until the next alarm.
> However, it's pretty clear that Tor wants the callback to be called once
> per second and gets nervous if that doesn't happen, so I wanted to ask
> about the implications of calling the callback once or twice per minute
> before pursuing this idea further. Is it in any way sane?

That's a hard question!  We'd need to audit everything in
second_elapsed_callback() to see what would actually happen if it
weren't called so often.  In many cases, it might be that we could
make it happen only as needed, or more infrequently, without bad
consequences... but I can't be too sure without going through all the

It's not crazy to try it and find out what breaks; let us know if you try?

> Another possibility would be to look into how Libevent's timers work.
> Perhaps we can ensure that the timers wake the CPU on Android, so
> second_elapsed_callback() and any other timer-based functions get called
> without keeping the CPU permanently awake?

Interesting; I'd like to pursue that one too, but I don't know much
about timed cpu waking on android; could you link to some good

best wishes,

More information about the tor-dev mailing list