1 files changed, 27 insertions, 21 deletions

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 753eaf8c16..45da6b02a5 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1223,7 +1223,7 @@ pathbias_get_min_use(const or_options_t *options)
 static double
 pathbias_get_notice_use_rate(const or_options_t *options)
 {
-#define DFLT_PATH_BIAS_NOTICE_USE_PCT 90
+#define DFLT_PATH_BIAS_NOTICE_USE_PCT 80
   if (options->PathBiasNoticeUseRate >= 0.0)
     return options->PathBiasNoticeUseRate;
   else
@@ -1239,7 +1239,7 @@ pathbias_get_notice_use_rate(const or_options_t *options)
 double
 pathbias_get_extreme_use_rate(const or_options_t *options)
 {
-#define DFLT_PATH_BIAS_EXTREME_USE_PCT 70
+#define DFLT_PATH_BIAS_EXTREME_USE_PCT 60
   if (options->PathBiasExtremeUseRate >= 0.0)
     return options->PathBiasExtremeUseRate;
   else
@@ -1308,7 +1308,8 @@ pathbias_is_new_circ_attempt(origin_circuit_t *circ)
   /* cpath is a circular list. We want circs with more than one hop,
    * and the second hop must be waiting for keys still (it's just
    * about to get them). */
-  return circ->cpath->next != circ->cpath &&
+  return circ->cpath &&
+         circ->cpath->next != circ->cpath &&
          circ->cpath->next->state == CPATH_STATE_AWAITING_KEYS;
 #else
   /* If tagging attacks are no longer possible, we probably want to
@@ -1316,7 +1317,8 @@ pathbias_is_new_circ_attempt(origin_circuit_t *circ)
    * timing-based tagging is still more useful than per-hop failure.
    * In which case, we'd never want to use this.
    */
-  return circ->cpath->state == CPATH_STATE_AWAITING_KEYS;
+  return circ->cpath &&
+         circ->cpath->state == CPATH_STATE_AWAITING_KEYS;
 #endif
 }
 
@@ -2165,11 +2167,11 @@ pathbias_count_circs_in_states(entry_guard_t *guard,
                               path_state_t from,
                               path_state_t to)
 {
-  circuit_t *circ = global_circuitlist;
+  circuit_t *circ;
   int open_circuits = 0;
 
-  /* Count currently open circuits. Give them the benefit of the doubt */
-  for ( ; circ; circ = circ->next) {
+  /* Count currently open circuits. Give them the benefit of the doubt. */
+  for (circ = global_circuitlist; circ; circ = circ->next) {
     origin_circuit_t *ocirc = NULL;
     if (!CIRCUIT_IS_ORIGIN(circ) || /* didn't originate here */
         circ->marked_for_close) /* already counted */
@@ -2184,8 +2186,8 @@ pathbias_count_circs_in_states(entry_guard_t *guard,
         ocirc->path_state <= to &&
         pathbias_should_count(ocirc) &&
         fast_memeq(guard->identity,
-                ocirc->cpath->extend_info->identity_digest,
-                DIGEST_LEN)) {
+                   ocirc->cpath->extend_info->identity_digest,
+                   DIGEST_LEN)) {
       log_debug(LD_CIRC, "Found opened circuit %d in path_state %s",
                 ocirc->global_identifier,
                 pathbias_state_to_string(ocirc->path_state));
@@ -2253,7 +2255,7 @@ pathbias_measure_use_rate(entry_guard_t *guard)
           log_warn(LD_CIRC,
                  "Your Guard %s=%s is failing to carry an extremely large "
                  "amount of stream on its circuits. "
-                 "To avoid potential route manipluation attacks, Tor has "
+                 "To avoid potential route manipulation attacks, Tor has "
                  "disabled use of this guard. "
                  "Use counts are %ld/%ld. Success counts are %ld/%ld. "
                  "%ld circuits completed, %ld were unusable, %ld collapsed, "
@@ -2274,8 +2276,8 @@ pathbias_measure_use_rate(entry_guard_t *guard)
           entry_guards_changed();
           return;
         }
-      } else if (!guard->path_bias_extreme) {
-        guard->path_bias_extreme = 1;
+      } else if (!guard->path_bias_use_extreme) {
+        guard->path_bias_use_extreme = 1;
         log_warn(LD_CIRC,
                  "Your Guard %s=%s is failing to carry an extremely large "
                  "amount of streams on its circuits. "
@@ -2298,8 +2300,8 @@ pathbias_measure_use_rate(entry_guard_t *guard)
       }
     } else if (pathbias_get_use_success_count(guard)/guard->use_attempts
                < pathbias_get_notice_use_rate(options)) {
-      if (!guard->path_bias_noticed) {
-        guard->path_bias_noticed = 1;
+      if (!guard->path_bias_use_noticed) {
+        guard->path_bias_use_noticed = 1;
         log_notice(LD_CIRC,
                  "Your Guard %s=%s is failing to carry more streams on its "
                  "circuits than usual. "
@@ -2337,7 +2339,10 @@ pathbias_measure_use_rate(entry_guard_t *guard)
  * pathbias_measure_use_rate(). It may be possible to combine them
  * eventually, especially if we can ever remove the need for 3
  * levels of closure warns (if the overall circuit failure rate
- * goes down with ntor).
+ * goes down with ntor). One way to do so would be to multiply
+ * the build rate with the use rate to get an idea of the total
+ * fraction of the total network paths the user is able to use.
+ * See ticket #8159.
  */
 static void
 pathbias_measure_close_rate(entry_guard_t *guard)
@@ -2356,7 +2361,7 @@ pathbias_measure_close_rate(entry_guard_t *guard)
           log_warn(LD_CIRC,
                  "Your Guard %s=%s is failing an extremely large "
                  "amount of circuits. "
-                 "To avoid potential route manipluation attacks, Tor has "
+                 "To avoid potential route manipulation attacks, Tor has "
                  "disabled use of this guard. "
                  "Success counts are %ld/%ld. Use counts are %ld/%ld. "
                  "%ld circuits completed, %ld were unusable, %ld collapsed, "
@@ -2458,7 +2463,7 @@ pathbias_measure_close_rate(entry_guard_t *guard)
  *
  * XXX: The attempt count transfer stuff here might be done
  * better by keeping separate pending counters that get
- * transfered at circuit close.
+ * transfered at circuit close. See ticket #8160.
  */
 static void
 pathbias_scale_close_rates(entry_guard_t *guard)
@@ -2504,7 +2509,7 @@ pathbias_scale_close_rates(entry_guard_t *guard)
  *
  * XXX: The attempt count transfer stuff here might be done
  * better by keeping separate pending counters that get
- * transfered at circuit close.
+ * transfered at circuit close. See ticket #8160.
  */
 void
 pathbias_scale_use_rates(entry_guard_t *guard)
@@ -2532,9 +2537,10 @@ pathbias_scale_use_rates(entry_guard_t *guard)
 }
 
 /** Increment the number of times we successfully extended a circuit to
- * 'guard', first checking if the failure rate is high enough that we should
- * eliminate the guard.  Return -1 if the guard looks no good; return 0 if the
- * guard looks fine. */
+ * <b>guard</b>, first checking if the failure rate is high enough that
+ * we should eliminate the guard. Return -1 if the guard looks no good;
+ * return 0 if the guard looks fine.
+ */
 static int
 entry_guard_inc_circ_attempt_count(entry_guard_t *guard)
 {