Hacker News new | ask | show | jobs
by notaplumber1 1157 days ago
Are you asking why doesn't it execv(2) addr2line deep within the libc malloc implementation? Because calling execv(2) within libraries is frowned upon.. ;-)

The leak report is being generated internally by malloc. It is then logged via utrace(2) when a process is traced through ktrace(1).

The kdump utility simply dumps the report, strvis(3) escaping any potentially unsafe characters. As this is untrusted user data, passing it as the input/args to another command is unwise. Also kdump(1) uses pledge(2) and cannot execute commands.
2 comments
saagarjha 1154 days ago
I guess I’m confused what’s printing the output here. On other OSes typically things like this are implemented by malloc recording the addresses and whatever parses the report later doing the symbolication when displaying it. I guess kdump just dumps the report but is there no porcelain that takes the kdump data and cleans it up a bit more for human consumption?
link
charcircuit 1157 days ago
Just link to the code instead of executing it as a separate binary
link
notaplumber1 1157 days ago
I'm pretty sure parsing ELF binaries is out of scope for kdump(1), sorry, but I don't think that's going to happen.

It's not that difficult to run addr2line yourself with the information provided, and that's really for the best.

link
charcircuit 1156 days ago
You are arguing for a worse UX because of an arbitrary reason. Just link against the code in addr2line. Providing a good UX should always be in scope for a project.
link
sigjuice 1156 days ago
How does one "just link against the code in addr2line" ?
link
charcircuit 1156 days ago
You rename them main symbol to something else then you just call it like any other library.
link
sigjuice 1156 days ago
addr2line is unlikely to be a trivial self-contained program without dependencies.
link
tedunangst 1156 days ago
Why would openbsd want to taint kdump with GPL code?
link
yakubin 1156 days ago
LLVM provides llvm-addr2line and llvm-symbolizer. Of course I understand not wanting to link with LLVM code, even when the licence is ok. :)
link
charcircuit 1156 days ago
Then find or write an alternative. Asking people to run a command to see the file and line number is a joke.
link