[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #27315 [Core Tor/Tor]: Sandbox regression in 0.3.4.7-rc
#27315: Sandbox regression in 0.3.4.7-rc
--------------------------+------------------------------------
Reporter: toralf | Owner: (none)
Type: defect | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.3.4.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.4.7-rc
Severity: Normal | Resolution:
Keywords: regression? | Actual Points:
Parent ID: | Points:
Reviewer: ahf | Sponsor:
--------------------------+------------------------------------
Comment (by toralf):
Bad news: With 0.3.4.8 at a stable hardened Gentoo Desktop I do run into
this again:
{{{
t44 tmp # cat info.log
Sep 11 19:33:56.000 [notice] Tor 0.3.4.8 (git-da95b91355248ad8) opening
new log file.
Sep 11 19:33:56.000 [warn] Your log may contain sensitive information -
you're logging more than "notice". Don't log unless it serves an important
reason. Overwrite the log afterwards.
Sep 11 19:33:56.000 [info] options_act_reversible(): Recomputed OOS
thresholds: ConnLimit 1000, ConnLimit_ 29968, ConnLimit_high_thresh 29904,
ConnLimit_low_thresh 22476
Sep 11 19:33:56.000 [info] tor_lockfile_lock(): Locking
"/var/lib/tor/data/lock"
Sep 11 19:33:56.000 [info] or_state_load(): Loaded state from
"/var/lib/tor/data/state"
Sep 11 19:33:56.000 [info] sampled_guards_update_from_consensus(): Not
updating the sample guard set; we have no live consensus.
Sep 11 19:33:56.000 [info] sample_reachable_filtered_entry_guards():
Trying to sample a reachable guard: We know of 0 in the USABLE_FILTERED
set.
Sep 11 19:33:56.000 [info] sample_reachable_filtered_entry_guards():
(That isn't enough. Trying to expand the sample.)
Sep 11 19:33:56.000 [info] entry_guards_expand_sample(): Not expanding the
sample guard set; we have no live consensus.
Sep 11 19:33:56.000 [info] sample_reachable_filtered_entry_guards():
(After filters [b], we have 0 guards to consider.)
Sep 11 19:33:56.000 [info] circuit_build_times_parse_state(): Adding 145
timeouts.
Sep 11 19:33:56.000 [info] circuit_build_times_parse_state(): Loaded
1000/1000 values from 122 lines in circuit time histogram
Sep 11 19:33:56.000 [info] circuit_build_times_get_xm(): Xm mode #0: 225
135
Sep 11 19:33:56.000 [info] circuit_build_times_get_xm(): Xm mode #1: 275
113
Sep 11 19:33:56.000 [info] circuit_build_times_get_xm(): Xm mode #2: 225
135
Sep 11 19:33:56.000 [info] circuit_build_times_set_timeout(): Based on
1000 circuit times, it looks like we don't need to wait so long for
circuits to finish. We will now assume a circuit is too slow to use after
waiting 4 seconds.
Sep 11 19:33:56.000 [info] circuit_build_times_set_timeout(): Circuit
timeout data: 4126.277304ms, 60000.000000ms, Xm: 239, a: 0.564979, r:
0.210000
Sep 11 19:33:56.000 [info] read_file_to_str(): Could not open
"/var/lib/tor/data/router-stability": No such file or directory
Sep 11 19:33:56.000 [info] init_cookie_authentication(): Generated auth
cookie file in '"/var/lib/tor/data/control_auth_cookie"'.
Sep 11 19:33:56.000 [info] scheduler_kist_set_full_mode(): Setting KIST
scheduler with kernel support (KIST mode)
Sep 11 19:33:56.000 [info] cmux_ewma_set_options(): Enabled cell_ewma
algorithm because of value in CircuitPriorityHalflifeMsec in consensus;
scale factor is 0.793701 per 10 seconds
Sep 11 19:33:56.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Sep 11 19:33:56.000 [notice] Parsing GEOIP IPv6 file
/usr/share/tor/geoip6.
Sep 11 19:33:56.000 [info] add_predicted_port(): New port prediction
added. Will continue predictive circ building for 2494 more seconds.
Sep 11 19:33:56.000 [info] crypto_global_init(): NOT using OpenSSL engine
support.
Sep 11 19:33:56.000 [info] evaluate_evp_for_aes(): This version of OpenSSL
has a known-good EVP counter-mode implementation. Using it.
Sep 11 19:33:56.000 [notice] We were built to run on a 64-bit CPU, with
OpenSSL 1.0.1 or later, but with a version of OpenSSL that apparently
lacks accelerated support for the NIST P-224 and P-256 groups. Building
openssl with such support (using the enable-ec_nistp_64_gcc_128 option
when configuring it) would make ECDH much faster.
Sep 11 19:33:56.000 [notice] Bootstrapped 0%: Starting
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
certs": Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
consensus": Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/unverified-
consensus": Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
microdesc-consensus": Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/unverified-
microdesc-consensus": Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
microdescs" for mmap(): Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
microdescs.new": Permission denied
Sep 11 19:33:56.000 [info] microdesc_cache_reload(): Reloaded
microdescriptor cache. Found 0 descriptors.
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
descriptors" for mmap(): Permission denied
Sep 11 19:33:56.000 [warn] Could not open "/var/lib/tor/data/cached-
extrainfo" for mmap(): Permission denied
Sep 11 19:33:56.000 [notice] Starting with guard context "default"
Sep 11 19:33:56.000 [info] sampled_guards_update_from_consensus(): Not
updating the sample guard set; we have no live consensus.
Sep 11 19:33:56.000 [info] sample_reachable_filtered_entry_guards():
Trying to sample a reachable guard: We know of 0 in the USABLE_FILTERED
set.
Sep 11 19:33:56.000 [info] sample_reachable_filtered_entry_guards():
(That isn't enough. Trying to expand the sample.)
Sep 11 19:33:56.000 [info] entry_guards_expand_sample(): Not expanding the
sample guard set; we have no live consensus.
Sep 11 19:33:56.000 [info] sample_reachable_filtered_entry_guards():
(After filters [b], we have 0 guards to consider.)
Sep 11 19:33:56.000 [info] I learned some more directory information, but
not enough to build a circuit: We have no usable consensus.
Sep 11 19:33:57.000 [info] update_consensus_bootstrap_attempt_downloads():
Launching microdesc bootstrap mirror networkstatus consensus download.
Sep 11 19:33:57.000 [info] sample_reachable_filtered_entry_guards():
Trying to sample a reachable guard: We know of 0 in the USABLE_FILTERED
set.
Sep 11 19:33:57.000 [info] sample_reachable_filtered_entry_guards():
(That isn't enough. Trying to expand the sample.)
Sep 11 19:33:57.000 [info] entry_guards_expand_sample(): Not expanding the
sample guard set; we have no live consensus.
Sep 11 19:33:57.000 [info] sample_reachable_filtered_entry_guards():
(After filters [7], we have 0 guards to consider.)
Sep 11 19:33:57.000 [info] select_entry_guard_for_circuit(): Absolutely no
sampled guards were available. Marking all guards for retry and starting
from top again.
Sep 11 19:33:57.000 [info] directory_pick_generic_dirserver(): No router
found for consensus network-status fetch; falling back to dirserver list.
Sep 11 19:33:57.000 [info] connection_ap_make_link(): Making internal
direct tunnel to [scrubbed]:22 ...
Sep 11 19:33:57.000 [info] connection_ap_make_link(): ... application
connection created and linked.
Sep 11 19:33:57.000 [info] directory_send_command(): Downloading consensus
from 176.31.180.157:22 using /tor/status-vote/current/consensus-
microdesc/0232AF+14C131+23D15D+27102B+49015F+D586D1+E8A9C4+ED03BB+EFCBE7.z
============================================================ T= 1536687237
(Sandbox) Caught a bad syscall attempt (syscall openat)
/usr/bin/tor(+0x191e3a)[0x55ec09e79e3a]
/lib64/libpthread.so.0(open64+0x5d)[0x7efc590023ad]
/lib64/libpthread.so.0(open64+0x5d)[0x7efc590023ad]
/usr/bin/tor(tor_open_cloexec+0x40)[0x55ec09e606a0]
/usr/bin/tor(start_writing_to_file+0x16a)[0x55ec09e7420a]
/usr/bin/tor(+0x18c2eb)[0x55ec09e742eb]
/usr/bin/tor(+0x18c438)[0x55ec09e74438]
/usr/bin/tor(or_state_save+0x151)[0x55ec09da0401]
/usr/bin/tor(+0x503dd)[0x55ec09d383dd]
/usr/bin/tor(+0x6bc71)[0x55ec09d53c71]
/usr/lib64/libevent-2.1.so.6(+0x226bd)[0x7efc59ecc6bd]
/usr/lib64/libevent-2.1.so.6(event_base_loop+0x4e7)[0x7efc59ecd377]
/usr/bin/tor(do_main_loop+0x17a)[0x55ec09d3c33a]
/usr/bin/tor(tor_run_main+0x11a5)[0x55ec09d3e8b5]
/usr/bin/tor(tor_main+0x3a)[0x55ec09d36bba]
/usr/bin/tor(main+0x19)[0x55ec09d36949]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x7efc58c4005d]
/usr/bin/tor(_start+0x2a)[0x55ec09d3699a]
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27315#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs