Opened 8 years ago

Closed 7 years ago

Last modified 7 years ago

#3543 closed defect (fixed)

Too many absent v2 networkstatuses means caches can't purge their routerlist

Reported by: nickm Owned by:
Priority: High Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Reported by frosty_un.

In routerlist_remove_old_routers, we don't actually purge old unlisted routers unless (have_enough_v2 && consensus). But if enough v2 authorities are down, have_enough_v2 might never be true on systems where !directory_caches_dir_info(). This could lead to OOM conditions on directory caches.

One easy but hackish way to fix this is to remove the "have_enough_v2" precondition and instead change the cutoff so that it remains at ROUTER_MAX_AGE when have_enough_v2 is true, but becomes (say) ROUTER_MAX_AGE*3 when !have_enough_v2.

A less easy way would be to change the requirement from "we have more than half of the v2 networkstatuses" to "for at least half of the v2 networkstatuses, we have it, or we have tried but failed to download it for at least N hours."

Child Tickets

Change History (6)

comment:1 Changed 7 years ago by nickm

Milestone: Tor: 0.2.2.x-finalTor: 0.2.3.x-final
Priority: normalmajor

comment:2 Changed 7 years ago by nickm

Status: newneeds_information

Could this be a duplicate of #4838? I think it might be. If so, we fixed it in f7e87f41f719f4251582acf16f13921f350095a0.

comment:3 Changed 7 years ago by arma

Looks like the same issue. (I haven't looked at the patch long enough to be convinced the fix is right. But if we think the fix is right, then it likely fixes this ticket too.)

comment:4 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_informationclosed
Well, we *did* mark the other one as fixed. And the fix was pretty straightforward: it was just, "When not fetching v2 networkstatus docs, don't require that we have it before cleaning router descriptors." The "fetching v2 networkstatus docs" part got implemented as "authdir_mode_any_main(options)
options->FetchV2Networkstatus", and the "don't require it" got implemented by setting have_enough_v2, which is checked in exactly one place.

So I'm marking this one as solved too. :)

comment:5 Changed 7 years ago by nickm

Keywords: tor-relay added

comment:6 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.