From 4324bb1b213613b9fc304054ea31aecf50773ba3 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Wed, 29 Sep 2010 10:06:31 -0700 Subject: [PATCH] Cap the circuit build timeout to the max time we've seen. Also, cap the measurement timeout to 2X the max we've seen. --- src/or/circuitbuild.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 234765bcaf..7a0a215768 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1204,6 +1204,7 @@ circuit_build_times_count_timeout(circuit_build_times_t *cbt, static int circuit_build_times_set_timeout_worker(circuit_build_times_t *cbt) { + build_time_t max_time; if (cbt->total_build_times < circuit_build_times_min_circs_to_observe()) { return 0; } @@ -1217,11 +1218,29 @@ circuit_build_times_set_timeout_worker(circuit_build_times_t *cbt) cbt->close_ms = circuit_build_times_calculate_timeout(cbt, circuit_build_times_close_quantile()); + max_time = circuit_build_times_max(cbt); + /* Sometimes really fast guard nodes give us such a steep curve * that this ends up being not that much greater than timeout_ms. * Make it be at least 1 min to handle this case. */ cbt->close_ms = MAX(cbt->close_ms, circuit_build_times_initial_timeout()); + if (cbt->timeout_ms > max_time) { + log_notice(LD_CIRC, + "Circuit build timeout of %dms is beyond the maximum build " + "time we have ever observed. Capping it to %dms.", + (int)cbt->timeout_ms, max_time); + cbt->timeout_ms = max_time; + } + + if (max_time < INT32_MAX/2 && cbt->close_ms > 2*max_time) { + log_notice(LD_CIRC, + "Circuit build measurement period of %dms is more than twice " + "the maximum build time we have ever observed. Capping it to " + "%dms.", (int)cbt->close_ms, 2*max_time); + cbt->close_ms = 2*max_time; + } + cbt->have_computed_timeout = 1; return 1; }