[Bug 1006398] Re: Bypassing ptrace restrictions for errors from hanging applications

Evan Dandrea evan.dandrea at canonical.com
Thu Jun 14 11:10:20 UTC 2012 

Yes, compiz sends -KILL to the process.

After talking with Matthew about this some more, I think you're right,
Marc. We should implement this as follows for the first iteration:

- The application hangs for X seconds.
- Compiz launches apport with the pid as an argument.
- A dialog pops up explaining the application has hung: https://wiki.ubuntu.com/ErrorTracker#app-hang
- The user presses either the Force Close or Relaunch button.
- The process gets a -SEGV from apport, which then waits for the core dump through the regular core pipe mechanism. It does this while continuing to run so that it can remember that the specified pid is a hang not a regular SEGV.

This means that we cannot do something fancy like Wait Chain Traversal:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms681622(v=vs.85).aspx

But we can always re-evaluate our approach if we find we need a living,
ptrace-able process at the point of generating the report file.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to whoopsie-daisy in Ubuntu.
https://bugs.launchpad.net/bugs/1006398

Title:
  Bypassing ptrace restrictions for errors from hanging applications

Status in “whoopsie-daisy” package in Ubuntu:
  New

Bug description:
  As part of the error reporting features in 12.10, we're adding the
  ability to generate reports from hanging applications. This requires
  that we can gdb attach and backtrace to an arbitrary PID running as
  the same user, which requires working around the restrictions set by
  the ptrace scope:

  https://wiki.ubuntu.com/Security/Features#ptrace

  A new plugin for compiz will be written to notify a new dbus service
  on the system bus that it should write a gdb backtrace for the pid
  (provided by the _NET_WM_PID xprop. This service will only accept
  connections from the compiz process. It will only accept the request
  if the PID was running with a valid session cookie (unless this is
  overkill?).

  How does that sound?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/whoopsie-daisy/+bug/1006398/+subscriptions

More information about the foundations-bugs mailing list