TAKEOWNERSHIP and killZombieProcess

Jul 8, 2014 at 8:21 PM
TL;DR - I filed https://trac.torproject.org/projects/tor/ticket/12572 to ask the Tor folks to put in a time out option that I think can let us get rid of killZombieProcess. Long Winded Version - I'm back from vacation and working again on getting the Tor
OP AAR/JAR ready from the Briar code (see https://github.com/yaronyg/Tor_Onion_Proxy_Library ). It's working in Android but now I'm working on the desktop. I specifically am looking at killZombieProcess. This led me to talk to the Tor community about how they
handle this problem in places like the Tor Browser Bundle. What they said is that they use the TAKEOWNERSHIP command (which Briar uses) along with __OwningControllerProcess (which Briar doesn't use as far as I can tell). I'm going to take a wild guess here
that __OwningControllerProcess doesn't work right on Android but I haven't tested. But even if it does work there is still a race condition where the parent could be created, spawn the Tor OP and then be killed before issuing TAKEOWNERSHIP. Without __OwningControllerProcess
fixing that mess requires killZombieProcess. In my case I'm worried about normal Java, not Android. So now I have to decide if I want to: 1) Just find the parent process ID (which is platform specific but not much code) and use __OwningControllerProcess and
make killZombieProcess a thunk since it (in theory) isn't needed 2) Implement killZombieProcess in the various platform specific ways 3) Do nothing and deal with this later Right now I'm choosing 3 and have filed https://github.com/thaliproject/Tor_Onion_Proxy_Library/issues/1
but I actually think there is a simpler solution that Tor could give us. Which is to provide a time out option on the command line so that if a TAKEOWNERSHIP isn't issued within a certain time window then the Tor OP will automatically exit. I filed that at https://trac.torproject.org/projects/tor/ticket/12572
If we can get that bug fixed then I don't think killZombieProcess should be needed. Yes, there are still some extreme edge cases where the timeout could fail but honestly I think those are less scary than scraping PS and killing stuff based on strings. But
hey, that's just me. :) Thanks, Yaron