[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability like "circuit storm".

Subject: Re: [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability like "circuit storm".
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 26 Mar 2015 15:03:57 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 26 Mar 2015 11:04:06 -0400
In-reply-to: <047.35b49959a3774254f52d050d56383f53@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.35b49959a3774254f52d050d56383f53@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15463: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability
like "circuit storm".
--------------------------+-----------------
     Reporter:  alberto   |      Owner:
         Type:  defect    |     Status:  new
     Priority:  critical  |  Milestone:
    Component:  Tor       |    Version:
   Resolution:            |   Keywords:
Actual Points:            |  Parent ID:
       Points:            |
--------------------------+-----------------

Comment (by asn):

 Hello we took a brief look at this.

 Some comments:

 - Our current hypothesis is that you are receiving good amounts of client
 traffic, which makes your already overloaded guard fail your rendezvous
 circuits. When Tor sees its rendezvous circuits failing, it aggressively
 relaunches them which overloads the guard even more. Basically, your guard
 is asking for oxygen and Tor chokes it more.

   We need to look at whether we can make this relaunching logic less
 aggressive or at least more conservative during busy times, to put less
 stress on the guard. We need some time to read the logs more and
 understand them better, but this seems an important issue that needs to be
 solved.

 - If you want to answer: Is this a very busy hidden service? Do you
 already expect big amounts of client activity, or could this be a DoS?

 - The logs you gave us did not contain `warn` or `notice` severities. That
 might be because you are already redirecting these severities somewhere
 else? Could you prepare a log file for us that reproduces this behavior
 but also includes debug/info/notice/warn severities? Thanks!

 - If you feel experimental, and you want a short-term solution try setting
 `CloseHSServiceRendCircuitsImmediatelyOnTimeout 1` on your torrc. This
 might reduce the amount of relaunching you do which might help. But it's
 an experimental option so you might experience reachability issues. Please
 don't send us log files with this option on.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15463#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability circuit storm.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #15471 [Tor]: Tor should prctl(PR_SET_PDEATHSIG, SIGTERM) background processes.
Next by Author: Re: [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability like "circuit storm".
Previous by thread: Re: [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability like "circuit storm".
Next by thread: Re: [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability like "circuit storm".
Index(es):
- Author
- Thread