Merge pull request libp2p#1153 from imApoorva36/fix/listener-exception-handling

fix(swarm): prevent listener crash on inbound upgrade failure

Author: seetadev

libp2p/network/swarm.py

@@ -653,10 +653,26 @@ async def conn_handler(
                     return
 
                 raw_conn = RawConnection(read_write_closer, False)
-                await self.upgrade_inbound_raw_conn(raw_conn, maddr)
-                # NOTE: This is a intentional barrier to prevent from the handler
-                # exiting and closing the connection.
-                await self.manager.wait_finished()
+                try:
+                    await self.upgrade_inbound_raw_conn(raw_conn, maddr)
+                    # NOTE: This is an intentional barrier to prevent the handler from
+                    # exiting and closing the connection.
+                    await self.manager.wait_finished()
+                except SwarmException as error:
+                    # Log the error but don't propagate - this prevents listener crash
+                    logger.debug(
+                        "connection handler failed to upgrade connection from %s: %s",
+                        maddr,
+                        error,
+                    )
+                    await read_write_closer.close()
+                except Exception:
+                    # Catch any other unexpected errors to prevent listener crash
+                    logger.exception(
+                        "unexpected error in connection handler for %s",
+                        maddr,
+                    )
+                    await read_write_closer.close()
 
             try:
                 # Success
@@ -776,8 +792,13 @@ async def upgrade_inbound_raw_conn(
                 # Let add_conn perform final guard if needed
                 pass
 
-        await self.add_conn(muxed_conn)
-        logger.debug("successfully opened connection to peer %s", peer_id)
+        try:
+            await self.add_conn(muxed_conn)
+            logger.debug("successfully opened connection to peer %s", peer_id)
+        except Exception:
+            logger.exception("failed to add connection for peer %s", peer_id)
+            await muxed_conn.close()
+            return None  # type: ignore[return-value]
 
         return muxed_conn
 

newsfragments/417.bugfix.rst

@@ -0,0 +1 @@
+Fixed swarm listener crash on inbound peer negotiation failures by handling security and muxer upgrade exceptions gracefully, allowing the listener to continue accepting new connections.

tests/core/network/test_swarm.py

@@ -417,6 +417,83 @@ async def test_swarm_listen_multiple_addresses_connectivity(security_protocol):
                         )
 
 
+@pytest.mark.trio
+async def test_swarm_listener_resilience_on_upgrade_failure(security_protocol):
+    """Test that the swarm listener continues to accept connections even when individual peer negotiations fail."""  # noqa: E501
+    from unittest.mock import patch
+
+    from libp2p.transport.exceptions import SecurityUpgradeFailure
+
+    async with SwarmFactory.create_batch_and_listen(
+        2, security_protocol=security_protocol
+    ) as swarms:
+        listener_swarm = swarms[0]
+        client_swarm = swarms[1]
+
+        # Get listener address
+        listener_addr = tuple(
+            addr
+            for transport in listener_swarm.listeners.values()
+            for addr in transport.get_addrs()
+        )[0]
+
+        # Add the listener's address to client's peerstore
+        client_swarm.peerstore.add_addrs(
+            listener_swarm.get_peer_id(), [listener_addr], 10000
+        )
+
+        # First, establish a successful connection to verify setup
+        await client_swarm.dial_peer(listener_swarm.get_peer_id())
+        assert listener_swarm.get_peer_id() in client_swarm.connections
+
+        # Close the first connection
+        await client_swarm.close_peer(listener_swarm.get_peer_id())
+        await trio.sleep(0.1)
+
+        # Now simulate a failure during upgrade by patching upgrade_security
+        # We'll make one call fail, then let subsequent calls succeed
+        original_upgrade_security = listener_swarm.upgrader.upgrade_security
+        call_count = [0]
+
+        async def failing_upgrade_security(*args, **kwargs):
+            call_count[0] += 1
+            if call_count[0] == 1:
+                # First call after patch fails
+                raise SecurityUpgradeFailure("Simulated security upgrade failure")
+            # Subsequent calls succeed
+            return await original_upgrade_security(*args, **kwargs)
+
+        with patch.object(
+            listener_swarm.upgrader,
+            "upgrade_security",
+            side_effect=failing_upgrade_security,
+        ):
+            # This connection attempt should fail on the listener side
+            # The client will see a connection error, but the listener should NOT crash
+            try:
+                await client_swarm.dial_peer(listener_swarm.get_peer_id())
+            except Exception:
+                # Connection failure expected - client can't complete the dial
+                pass
+
+            # Give time for any potential listener crash to occur
+            await trio.sleep(0.2)
+
+            # Verify listener is still active by checking it has listeners
+            assert len(listener_swarm.listeners) > 0, (
+                "Listener crashed after upgrade failure!"
+            )
+
+        # Now verify the listener can still accept new connections
+        # (upgrade_security is no longer patched, so this should succeed)
+        await trio.sleep(0.1)
+        await client_swarm.dial_peer(listener_swarm.get_peer_id())
+
+        # Verify connection was established successfully
+        assert listener_swarm.get_peer_id() in client_swarm.connections
+        assert client_swarm.get_peer_id() in listener_swarm.connections
+
+
 @pytest.mark.trio
 async def test_swarm_peer_id_validation(security_protocol):
     """Test that the swarm correctly validates peer IDs during connection."""