Tags on relay cells can result in certain reason codes.

Close the circuit (it's probably junk anyways), and make sure we don't probe
it/count it as a success.

src/or/circuitbuild.c

@@ -1140,6 +1140,8 @@ pathbias_state_to_string(path_state_t state)
       return "build succeeded";
     case PATH_STATE_USE_SUCCEEDED:
       return "use succeeded";
+    case PATH_STATE_USE_FAILED:
+      return "use failed";
   }
 
   return "unknown";

src/or/or.h

@@ -2779,6 +2779,12 @@ typedef enum {
       * just tag at a later point.
       */
     PATH_STATE_USE_SUCCEEDED = 3,
+
+    /**
+     * This is a special state to indicate that we got a corrupted
+     * relay cell on a circuit and we don't intend to probe it.
+     */
+    PATH_STATE_USE_FAILED = 4,
 } path_state_t;
 
 /** An origin_circuit_t holds data necessary to build and use a circuit.
@@ -2816,7 +2822,7 @@ typedef struct origin_circuit_t {
 
   /** Kludge to help us prevent the warn in bug #6475 and eventually
    * debug why we are not seeing first hops in some cases. */
-  path_state_t path_state : 2;
+  path_state_t path_state : 3;
 
   /** Set iff this is a hidden-service circuit which has timed out
    * according to our current circuit-build timeout, but which has

src/or/relay.c

@@ -694,13 +694,23 @@ connection_ap_process_end_not_open(
   (void) layer_hint; /* unused */
 
   if (rh->length > 0) {
-    /* Path bias: If we get a valid reason code from the exit,
-     * it wasn't due to tagging */
-    // XXX: This relies on recognized+digest being strong enough not
-    // to be spoofable.. Is that a valid assumption?
-    // Or more accurately: is it better than nothing? Can the attack
-    // be done offline?
-    circ->path_state = PATH_STATE_USE_SUCCEEDED;
+    if (reason == END_STREAM_REASON_TORPROTOCOL ||
+        reason == END_STREAM_REASON_INTERNAL ||
+        reason == END_STREAM_REASON_DESTROY) {
+      /* All three of these reasons could mean a failed tag
+       * hit the exit and it shat itself. Do not probe.
+       * Fail the circuit. */
+      circ->path_state = PATH_STATE_USE_FAILED;
+      return -END_CIRC_REASON_TORPROTOCOL;
+    } else {
+      /* Path bias: If we get a valid reason code from the exit,
+       * it wasn't due to tagging */
+      // XXX: This relies on recognized+digest being strong enough not
+      // to be spoofable.. Is that a valid assumption?
+      // Or more accurately: is it better than nothing? Can the attack
+      // be done offline?
+      circ->path_state = PATH_STATE_USE_SUCCEEDED;
+    }
   }
 
   if (rh->length > 0 && edge_reason_is_retriable(reason) &&