guard: circuit_send_next_onion_skin(): Bug: 3-hop circuit <ptr> with purpose 18 has no guard state

Got 7 of those in rapid succession just after self test was done.

 16:43:58 [WARN] circuit_send_next_onion_skin(): Bug: 3-hop circuit <ptr> with purpose 18 has no guard state (on Tor 0.3.0.0-alpha-dev 4ec9751c144465f6) 

At commit 4ec9751c144465f6

changed milestone to %Tor: 0.3.0.x-final

added actualpoints::0 component::core tor/tor milestone::Tor: 0.3.0.x-final owner::nickm priority::high resolution::fixed review-group-16 reviewer::asn severity::normal status::closed tor-guard type::defect version::tor 0.3.0.3-alpha labels

I think has maybe something to do with the fact that hidden-service-descriptor fetching circuits are cannibalized?

Or maybe it never got a guard. If so, that's bad.

Trac:
Owner: N/A to nickm
Status: new to accepted

Trac:
Priority: Medium to High

Oh. "Just after self test was done." This is on a relay!

bug21007 is a very short fix here.

Trac:
Status: accepted to needs_review

Merged! Still needs review though. The commit is c468df3961739720337baa6cc01da23aa8520712

Fix looks good. Closing the ticket.

The fix slightly adds more complexity to that already complex function, so I opened another follow-up ticket for cleaning it up a bit (#21039 (moved)).

Trac:
Resolution: N/A to fixed
Status: needs_review to closed

This happened immediately after I rebooted into new Gentoo hardened kernel 4.9.10 (was 4.9.9 before) today :

mr-fox ~ # cat /tmp/notice.log 
Feb 18 17:09:11.000 [notice] Tor 0.3.0.3-alpha (git-bb2ea3642d54ff03) opening new log file.
Feb 18 17:09:11.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Feb 18 17:09:12.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Feb 18 17:09:12.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now.
Feb 18 17:09:12.000 [notice] We were built to run on a 64-bit CPU, with OpenSSL 1.0.1 or later, but with a version of OpenSSL that apparently lacks accelerated support for the NIST P-224 and P-256 groups. Building openssl with such support (using the enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH much faster.
Feb 18 17:09:12.000 [notice] Your Tor server's identity key fingerprint is 'zwiebeltoralf 1AF72E8906E6C49481A791A6F8F84F8DFEBBB2BA'
Feb 18 17:09:12.000 [notice] Bootstrapped 0%: Starting
Feb 18 17:09:26.000 [notice] Starting with guard context "default"
Feb 18 17:09:26.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Feb 18 17:09:26.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent.
Feb 18 17:09:27.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Feb 18 17:09:27.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Feb 18 17:09:27.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Feb 18 17:09:27.000 [notice] Bootstrapped 100%: Done
Feb 18 17:10:26.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Publishing server descriptor.
Feb 18 17:10:27.000 [notice] Performing bandwidth self-test...done.
Feb 18 17:10:30.000 [warn] circuit_send_next_onion_skin(): Bug: 3-hop circuit 0x485494c780 with purpose 13 has no guard state (on Tor 0.3.0.3-alpha bb2ea3642d54ff03)
Feb 18 17:39:00.000 [notice] New control connection opened from 127.0.0.1.

Trac:
Status: closed to reopened
Resolution: fixed to N/A

Trac:
Version: N/A to Tor: 0.3.0.3-alpha

Okay, that's different. That says "with purpose 13".

Purpose 13 is CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT.

I've written up a possible fix as bug21007_case2_030. Please review?

Trac:
Actualpoints: N/A to 0
Status: reopened to needs_review

Trac:
Keywords: N/A deleted, review-group-16 added

Trac:
Reviewer: N/A to asn

Patch looks good to me :)

Trac:
Status: needs_review to merge_ready

Merging!

Trac:
Status: merge_ready to closed
Resolution: N/A to fixed

closed

moved to tpo/core/tor#21007 (closed)