[tor-bugs] #16695 [Tor]: Decouple generating controller events from sending them to controllers
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Aug 11 15:24:18 UTC 2015
#16695: Decouple generating controller events from sending them to controllers
------------------------+---------------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_revision
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords: SponsorS TorCoreTeam201508 blob
Actual Points: | Parent ID: #16764
Points: |
------------------------+---------------------------------------------
Changes (by teor):
* status: needs_review => needs_revision
Comment:
''Multithreading''
If this code could be accessed by multiple threads simultaneously, two
threads could both proceed past `if (block_event_queue)`, then both
increment using `++block_event_queue`.
{{{
static int block_event_queue = 0;
}}}
{{{
if (block_event_queue) {
tor_free(msg);
return;
}
/* No queueing an event while queueing an event */
++block_event_queue;
}}}
I don't think that can happen if these statements are swapped around like
this, but this code does allow for two simultaneous events to mutually
block each other (and therefore both would be skipped).
{{{
static int block_event_queue = -1;
}}}
{{{
/* No queueing an event while queueing an event */
++block_event_queue;
if (block_event_queue) {
tor_free(msg);
goto done;
}
}}}
I think we need atomics or locks to write code that avoids both these
issues.
Similarly, what happens if we are in the middle of queueing an event, then
get a call to flush events?
I can imagine that, depending on the exact order of
connection_write_to_buf in queued_events_flush_all, and smartlist_add in
queue_control_event_string, we might miss Also, does SMARTLIST_FOREACH_*
cope with its list size changing (from another thread) while
iterating/deleting?
''Error Handling''
If `struct event_base *b = tor_libevent_get_base();` returns NULL in
queue_control_event_string, we will continue to add events to the queue,
and never clear them.
Should we clear the queue if we can't register a callback?
Do we need to check the return values of tor_event_new and event_active?
(That said, if Libevent is failing, we probably have bigger issues.)
Can we keep `tor_assert(event >= EVENT_MIN_ && event <= EVENT_MAX_);` in
send_control_event_string?
Typos:
queue_control_event_string:
"attempt to avoid queueing something we shouldn't have tot queue"
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16695#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list