Hello,

Cross-posting to the mailing lists of a few relevant projects.

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF
objects, so that it can be included automatically in generated coredump
files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of
time to make incompatible changes to the format and implementation, if required.

A proposal to use this by default for all packages built in Fedora 35
has been submitted [1].

The Fedora Wiki and the systemd.io document have more details, but to
make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package-
build-time information like distro name&version, package name&version,
etc.

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the
containers. The information about build-ids needs to be stored
externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

2) handling of a core from a container, where the container and host
have different distros

3) self-built and external packages: unless a lot of care is taken to
keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost.
Users can easily provide equivalent information in a format that makes
sense in their own environment. It should work even when rpms and debs
and other formats are mixed, e.g. during container image creation.

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

--
Kind regards,
Luca Boccassi

[0] https://github.com/systemd/systemd/issues/18433
[1] https://systemd.io/COREDUMP_PACKAGE_METADATA/
[2] https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects [3] https://github.com/systemd/package-notes

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmBxmhwACgkQKGv37813 JB6n5A/6AqLI1pNA9ay6ZLBb9p2E3Ne7J5I28m5MTVEBtAa3+iaa/DNXXKB/HENm lxk6nInFV0SPaXqztlCPdyLFM5M5S68V9ynVStLm5DMy8adPp2nHq8tFlpg3Wt5p qJgXyS17qPNLxtXx7KPZOVBuyPdQr6vhkRJnzMMHLAv0vCv4DjxtQQhKn6aVLYYT UMUn52BN+DaLaB8voWV1jkcVBipef6g5umWmG2/3/YbvEZ3flNr5vtEduneDhL6M AwTusNn7L9WoTspCKiXIaetj8SxWhKyWkDw7lofle6LaRYp5wxiFUKzuxuAYnSPb 7yW+/h6AJKiGCjqim74JLIyoZbzB7ca2AwRWw6XdbbQnDxMODfLnrOoI2732whFc U0sGI9q52mHf+EioxkAZwQd2gz+leiAXTPiqKKzbivNbTkfi5PxiBqsPLP5Mc+bj BFXIl2cbwB8zbXnRASa1Kr/C/WGiycv3tR0/ca4rx9czAQRFX5ET0S1HsCdKUAyq ZUdOBWdtO0NUdUlCIGqSaPOlyjbteFXkaLQfu0rDMQN7G+O3KX5pnUE7FkR6pc0V ZXdCm+Qpahp3xnVN6XHVB2+jyRqdTMfBKvJYo/DK2bJ84Rowv6k/X2uWm0CXjtI

On Sat, 2021-04-10 at 13:29 +0100, Luca Boccassi wrote:

Hello,

Cross-posting to the mailing lists of a few relevant projects.

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF
objects, so that it can be included automatically in generated coredump files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of
time to make incompatible changes to the format and implementation, if required.

A proposal to use this by default for all packages built in Fedora 35
has been submitted [1].

The Fedora Wiki and the systemd.io document have more details, but to
make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package-
build-time information like distro name&version, package name&version,
etc.

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the
containers. The information about build-ids needs to be stored
externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

2) handling of a core from a container, where the container and host
have different distros

3) self-built and external packages: unless a lot of care is taken to
keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost.
Users can easily provide equivalent information in a format that makes
sense in their own environment. It should work even when rpms and debs
and other formats are mixed, e.g. during container image creation.

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

Wrong Fedora list address - off to a great start already :-)
(fixed now)

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmBxnEcACgkQKGv37813 JB5ZPw/+LpphKQfyxXx9MX4/pZaUAI16+fD7vEVgRUrf0U3iYTLYqApixiO9gSa0 kix48f8XSixkJbePEjeFCcqAPyK8E9wvn4CIB8OsHChamqp5LvnZa5oWuuB7rTEZ TumSLtyy/sR/r/Oc4EW44REhY5UQgWfWhbQqzBowxjy2IA94cqpdmXlHeN1dzatg nb1+gCwEf2URmpghIi176C7efONA/cxdvmIeiqpez3sw5+62cNrtN6Y2E4U2UdaP 7pPiDHW8jFlwtdyOp9Luu8NyvAC8fiyRARFdapp72hOZH+fmhZneb0iDRIPflspR o5bOcghRqnR+1hThPyBstR9mrCE/TYv7+EY/WKM6tFXmbRWlFxosX+bl9YGiw5bW 6e/XZ7iBd5AeeoVDdPbNrtQKohfdmyta3QJkZredk359+2zH1ovMV3r+ZifNkUyj JJ6v5isLzrN3dBHwb4rKxgodLkXb7THeNxaAAocvpYVTKS9Mqgmdi0oDaSCnV8qC 5HN3Yg2VXNsCIuglKkOSpO+jrhTmblfxq++wmf+a/pJKJQovHqQwkRGaVrYWzsWs Y3wyaWQawliOyk+Dc7TOQa721kAeXhsfWgUdzKUnSmEi5cDuXOsxcBjl4Sm7uvuR QWrwNzmgoqgKaZaX2SuZMyNE5P1khJOGvjfN/qDBuOgQskxD68A=
=DIZN
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

[I'm forwarding the mail from Luca who is not subscribed to fedora-devel]

On Sat, Apr 10, 2021 at 01:38:31PM +0100, Luca Boccassi wrote:

Hello,

Cross-posting to the mailing lists of a few relevant projects.

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF
objects, so that it can be included automatically in generated coredump
files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of
time to make incompatible changes to the format and implementation, if required.

A proposal to use this by default for all packages built in Fedora 35
has been submitted [1].

The Fedora Wiki and the systemd.io document have more details, but to
make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package-
build-time information like distro name&version, package name&version,
etc.

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the
containers. The information about build-ids needs to be stored
externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

2) handling of a core from a container, where the container and host
have different distros

3) self-built and external packages: unless a lot of care is taken to
keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost.
Users can easily provide equivalent information in a format that makes
sense in their own environment. It should work even when rpms and debs
and other formats are mixed, e.g. during container image creation.

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

--
Kind regards,
Luca Boccassi

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

On Sat, 2021-04-10 at 18:44 +0000, Zbigniew Jędrzejewski-Szmek wrote:

[I'm forwarding the mail from Luca who is not subscribed to fedora-
devel]
On Sat, Apr 10, 2021 at 01:38:31PM +0100, Luca Boccassi wrote:
Cross-posting to the mailing lists of a few relevant projects.

Note that in this version of the email the [N] references in your email
don't seem to point anywhere. I found an older variant of the same
email which contained:

[0] https://github.com/systemd/systemd/issues/18433
[1] https://systemd.io/COREDUMP_PACKAGE_METADATA/
[2] https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects [3] https://github.com/systemd/package-notes

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF
objects, so that it can be included automatically in generated coredump files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of
time to make incompatible changes to the format and implementation, if required.

A proposal to use this by default for all packages built in Fedora 35
has been submitted [1].

The Fedora Wiki and the systemd.io document have more details, but to
make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package-
build-time information like distro name&version, package
name&version,
etc.

Is there a list of default keys (and their canonical spelling, upper- lower-Camel_Case, etc.)? If there is, could we have a "debuginfod" key
with as value an URL pointing to the debuginfod server URL where the
embedded build-id executable, debuginfo and sources can be found? https://sourceware.org/elfutils/Debuginfod.html

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the
containers. The information about build-ids needs to be stored
externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

2) handling of a core from a container, where the container and host
have different distros

3) self-built and external packages: unless a lot of care is taken to
keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost.
Users can easily provide equivalent information in a format that makes
sense in their own environment. It should work even when rpms and debs
and other formats are mixed, e.g. during container image creation.

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

--
Kind regards,
Luca Boccassi

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 2021-04-30 at 19:57 +0200, Mark Wielaard wrote:

Hi,

On Sat, 2021-04-10 at 18:44 +0000, Zbigniew Jędrzejewski-Szmek wrote:

[I'm forwarding the mail from Luca who is not subscribed to fedora-
devel]
On Sat, Apr 10, 2021 at 01:38:31PM +0100, Luca Boccassi wrote: Cross-posting to the mailing lists of a few relevant projects.

Note that in this version of the email the [N] references in your email
don't seem to point anywhere. I found an older variant of the same
email which contained:

[0] https://github.com/systemd/systemd/issues/18433
[1] https://systemd.io/COREDUMP_PACKAGE_METADATA/
[2] https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects [3] https://github.com/systemd/package-notes

Sorry about that! Must have messed up the copy&paste.

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF
objects, so that it can be included automatically in generated coredump files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of time to make incompatible changes to the format and implementation, if required.

A proposal to use this by default for all packages built in Fedora 35
has been submitted [1].

The Fedora Wiki and the systemd.io document have more details, but to
make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package- build-time information like distro name&version, package
name&version,
etc.

Is there a list of default keys (and their canonical spelling, upper- lower-Camel_Case, etc.)? If there is, could we have a "debuginfod" key
with as value an URL pointing to the debuginfod server URL where the
embedded build-id executable, debuginfo and sources can be found? https://sourceware.org/elfutils/Debuginfod.html

The "Implementation" section of the spec lists the "main" fields:

https://systemd.io/COREDUMP_PACKAGE_METADATA/

(source for that is https://github.com/systemd/systemd/blob/main/docs/COREDUMP_PACKAGE_METADATA.md )

Would you like to send a PR to update it and add that field?

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the
containers. The information about build-ids needs to be stored
externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

2) handling of a core from a container, where the container and host
have different distros

3) self-built and external packages: unless a lot of care is taken to
keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost.
Users can easily provide equivalent information in a format that makes sense in their own environment. It should work even when rpms and debs
and other formats are mixed, e.g. during container image creation.

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

--
Kind regards,
Luca Boccassi

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmCRT4QACgkQKGv37813 JB48XQ//b1rbj33tNAXXzGKxvCmRDT+PEw2r9PtOo7+TROH5G9JvSw+k3WiVy+PA uUfHNVRyZS+8rC3Rojh3qJjx5ym0QOpphqWYuAFqHcMbRwAq4QV12zgABuVrfevq dlVALLaIkZxISia5OiHEDYxtBWzrNOUROQRMxk2pM6vZohvEKE2egUfsISyKyhuf BVeIowyZBJ+DMTha2vUgpzmr6eu2iLY7IHPNSCNhbQTo5rAOUSn0xjwm+Aa8dGcW 0usQrLgZ6CZ5sq/28jYwU5veuiURoeKxksKYyuaP4/zl5BhdFRdJO8zmQTVn1YAT tCSRb6z7WJEAMoGpVjwVyKzEto2jMHOKMRxN7T6kaAuiC0ZcXueRd4a6NMxt64JF zrblWl3ksgxIlOAXus6uQQdOpti690PDDnu8gP8VbFdoBQAqI7t9xtm1e0sDoVCR YcRKdPcHG0k1gV6pVWOV7rz1qr3O7qgeMUVxLie3+04pcK/gwf2YjmwrTSe3pLuD 5+U3j1zjJ6qmhR+a94hmu4zJGwMY2CEHKMx1UsfKj4j2wQvopaJprRPZCUlXezt7 YrO9aB9tT5oGqssZM4G7ANNsjFaJbNte5EQnfr7WBmE4Pn8cjV6UCfubGBWeX8Bn u9NjqQCzKmgmHgKCb9V1RwIFHzGF69b0HO3ccVN/KGUJ2Zj1UwM=
=0OcC
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Luca,

On Tue, 2021-05-04 at 14:43 +0100, Luca Boccassi wrote:

On Fri, 2021-04-30 at 19:57 +0200, Mark Wielaard wrote:

Is there a list of default keys (and their canonical spelling, upper- lower-Camel_Case, etc.)? If there is, could we have a "debuginfod" key
with as value an URL pointing to the debuginfod server URL where the embedded build-id executable, debuginfo and sources can be found? https://sourceware.org/elfutils/Debuginfod.html

The "Implementation" section of the spec lists the "main" fields:

https://systemd.io/COREDUMP_PACKAGE_METADATA/

(source for that is https://github.com/systemd/systemd/blob/main/docs/COREDUMP_PACKAGE_METADATA.md )

Would you like to send a PR to update it and add that field?

Sorry, I don't have a github account. But attached is a patch for to
document it and one for the package-notes generator to add an --
debuginfod argument (maybe the distro should set a default value for
that?) Hopefully those patches could be applied somehow.

Thanks,

Mark

RnJvbSAxNzZkZGUwOWZjZmVmZjliZmY5N2ZiZjY1ZDQ3YTY0MWRiZDJmYTNhIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBNYXJrIFdpZWxhYXJkIDxtYXJrQGtsb21wLm9yZz4KRGF0ZTog VGh1LCA2IE1heSAyMDIxIDAzOjA1OjAyICswMjAwClN1YmplY3Q6IFtQQVRDSF0gZG9jcy9DT1JF RFVNUF9QQUNLQUdFX01FVEFEQVRBLm1kOiBBZGQgZGVidWdpbmZvZCBrZXkKClNpZ25lZC1vZmYt Ynk6IE1hcmsgV2llbGFhcmQgPG1hcmtAa2xvbXAub3JnPgotLS0KIGRvY3MvQ09SRURVTVBfUEFD S0FHRV9NRVRBREFUQS5tZCB8IDUgKysrKysKIDEgZmlsZSBjaGFuZ2VkLCA1IGluc2VydGlvbnMo KykKCmRpZmYgLS1naXQgYS9kb2NzL0NPUkVEVU1QX1BBQ0tBR0VfTUVUQURBVEEubWQgYi9kb2Nz L0NPUkVEVU1QX1BBQ0tBR0VfTUVUQURBVEEubWQKaW5kZXggYWI3YzQ1OTZkZS4uYjdiZTljYTc5 NyAxMDA2NDQKLS0tIGEvZG9jcy9DT1JFRFVNUF9QQUNLQUdFX01FVEFEQVRBLm1kCisrKyBiL2Rv Y3MvQ09SRURVTVBfUEFDS0FHRV9NRVRBREFUQS5tZApAQCAtMjYsNiArMjYsMTAgQEAgVGh1cyBp dCBiZWNvbWVzIGRlc2lyYWJsZSB0byBhZGQgYWRkaXRpb25hbCBtZXRhZGF0YSB0byBhIGJpbmFy eSBhdCBidWlsZCB0aW1lLAogYHN5c3RlbWQtY29yZWR1bXBgIGFuZCBvdGhlciBzZXJ2aWNlcyBh bmFseXppbmcgY29yZSBmaWxlcyBhcmUgYWJsZSB0byBleHRyYWN0IHNhaWQKIG1ldGFkYXRhIHNp bXBseSBmcm9tIHRoZSBjb3JlIGZpbGUgaXRzZWxmLCB3aXRob3V0IGV4dGVybmFsIGRlcGVuZGVu Y2llcy4KIAorQW5kIGluIGNhc2UgZXh0ZXJuYWwgZGVwZW5kZW5jaWVzIGFuZCBuZXR3b3JrIGFy ZSBhdmFpbGFibGUgdGhlIGNvcmUgZmlsZQorc2hvdWxkIGFsc28gaW5jbHVkZSB0aGUgZGVidWdp bmZvZCBzZXJ2ZXIgVVJMIHRoYXQgY2FuIHByb3ZpZGUgdGhlIG9yaWdpbmFsCitleGVjdXRhYmxl LCBkZWJ1Z2luZm8gYW5kIHNvdXJjZXMgdG8gZmFjaWxpdGF0ZSBkZWJ1Z2dpbmcuCisKICMjIElt cGxlbWVudGF0aW9uCiAKIFRoaXMgZG9jdW1lbnQgd2lsbCBhdHRlbXB0IHRvIGRlZmluZSBhIGNv bW1vbiBtZXRhZGF0YSBmb3JtYXQgc3BlY2lmaWNhdGlvbiwgc28gdGhhdApAQCAtNTgsNiArNjIs NyBAQCBWYWx1ZTogYSBKU09OIHN0cmluZyB3aXRoIHRoZSBzdHJ1Y3R1cmUgZGVzY3JpYmVkIGJl bG93CiAgICAgICJuYW1lIjoiY29yZXV0aWxzIiwKICAgICAgInZlcnNpb24iOiAiNDcxMS4wODE1 LmZjMTMuYXJtMzIiLAogICAgICAib3NDcGUiOiAgICAgICAgICAgICAgICMgQSBDUEUgbmFtZSBm b3IgdGhlIG9wZXJhdGluZyBzeXN0ZW0sIGBDUEVfTkFNRWAgZnJvbSBvcy1yZWxlYXNlIGlzIGEg Z29vZCBkZWZhdWx0CisgICAgICJkZWJ1Z2luZm9kIjogImh0dHBzOi8vZGVidWdpbmZvZC5mZWRv cmFwcm9qZWN0Lm9yZyIKIH0KIGBgYAogCi0tIAoyLjE4LjQKCg==


RnJvbSA2MjY0NjA1Njk5Y2JhYzAyZWQzMDYwY2MxZmY2NDk3YjMyZTkwMzgyIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBNYXJrIFdpZWxhYXJkIDxtYXJrQGtsb21wLm9yZz4KRGF0ZTog VGh1LCA2IE1heSAyMDIxIDAzOjEzOjU3ICswMjAwClN1YmplY3Q6IFtQQVRDSF0gZ2VuZXJhdGUt cGFja2FnZS1ub3Rlcy5weTogQWRkIC0tZGVidWdpbmZvZCBhcmd1bWVudAoKU2lnbmVkLW9mZi1i eTogTWFyayBXaWVsYWFyZCA8bWFya0BrbG9tcC5vcmc+Ci0tLQogZ2VuZXJhdGUtcGFja2FnZS1u b3Rlcy5weSB8IDMgKysrCiAxIGZpbGUgY2hhbmdlZCwgMyBpbnNlcnRpb25zKCspCgpkaWZmIC0t Z2l0IGEvZ2VuZXJhdGUtcGFja2FnZS1ub3Rlcy5weSBiL2dlbmVyYXRlLXBhY2thZ2Utbm90ZXMu cHkKaW5kZXggYzBiNWQ5OC4uOTIxMjZmNyAxMDA3NTUKLS0tIGEvZ2VuZXJhdGUtcGFja2FnZS1u b3Rlcy5weQorKysgYi9nZW5lcmF0ZS1wYWNrYWdlLW5vdGVzLnB5CkBAIC03MSw2ICs3MSw3IEBA IGRlZiBwYXJzZV9hcmdzKCk6CiAgICAgcC5hZGRfYXJndW1lbnQoJy0tcGFja2FnZS12ZXJzaW9u JykKICAgICBwLmFkZF9hcmd1bWVudCgnLS1jcGUnKQogICAgIHAuYWRkX2FyZ3VtZW50KCctLXJw bScsIG1ldGF2YXI9J05FVlJBJykKKyAgICBwLmFkZF9hcmd1bWVudCgnLS1kZWJ1Z2luZm9kJykK IAogICAgIG9wdHMgPSBwLnBhcnNlX2FyZ3MoKQogCkBAIC0xNDMsNiArMTQ0LDggQEAgZGVmIGdl bmVyYXRlX3NlY3Rpb24ob3B0cyk6CiAgICAgZWxzZToKICAgICAgICAgZGF0YVsnb3MnXSA9IHJl YWRfb3NfcmVsZWFzZSgnSUQnKQogICAgICAgICBkYXRhWydvc1ZlcnNpb24nXSA9IHJlYWRfb3Nf cmVsZWFzZSgnVkVSU0lPTl9JRCcpCisgICAgaWYgb3B0cy5kZWJ1Z2luZm9kOgorICAgICAgICBk YXRhWydkZWJ1Z2luZm9kJ10gPSBvcHRzLmRlYnVnaW5mb2QKIAogICAgIGpzb24gPSBqc29uX3Nl cmlhbGl6ZShkYXRhKQogCi0tIAoyLjE4LjQKCg==

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 2021-05-06 at 03:17 +0200, Mark Wielaard wrote:

Hi Luca,

On Tue, 2021-05-04 at 14:43 +0100, Luca Boccassi wrote:

On Fri, 2021-04-30 at 19:57 +0200, Mark Wielaard wrote:

Is there a list of default keys (and their canonical spelling, upper- lower-Camel_Case, etc.)? If there is, could we have a "debuginfod" key with as value an URL pointing to the debuginfod server URL where the embedded build-id executable, debuginfo and sources can be found? https://sourceware.org/elfutils/Debuginfod.html

The "Implementation" section of the spec lists the "main" fields:

https://systemd.io/COREDUMP_PACKAGE_METADATA/

(source for that is https://github.com/systemd/systemd/blob/main/docs/COREDUMP_PACKAGE_METADATA.md )

Would you like to send a PR to update it and add that field?

Sorry, I don't have a github account. But attached is a patch for to
document it and one for the package-notes generator to add an --
debuginfod argument (maybe the distro should set a default value for
that?) Hopefully those patches could be applied somehow.

Hi,

Thanks, opened PRs with your commits:

https://github.com/systemd/systemd/pull/19523 https://github.com/systemd/package-notes/pull/8

Yes, if the distro has a debuginfod server, it should definitely be
included.

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmCT1lEACgkQKGv37813 JB6NxA/7BthsLCpEbxnAWM11a16BCxgDoeEXT2A/G8jNRCUEtzWuOlSymxPq0EoD 1gGT0hsG90rlkxYpgAfKNYoCStQlaVFnr7NgWVWWjH79+zrPgwBwCZ2d1TBalnva WACe+5ITVFP3utgLBnl5fySnaMSaIc3bKL/9KuLxSnaU10WPv0yk1yG8Bf5RjRGK abFTjZUkA5yHROXdM6L57s+S1sr8QcRz2kz9bgrn/KkwrK9+i4Ri/qIUDCgQrqdH mebbwpT41m8A7i/TJVy7TnfIza2+p23j6Rd0UvY8s8UxYxPjQnshkpphUKWVeRej KRZhFSthuwFlkvk4yt0iW8y4pAdYypiqihbU3mSX3NWWj3oeuKLI2CHfMWkIAz4M p7VNBEJvywwh0al4ZljIwUgfvGfapOzt4g6IgsypAOLKMtoGvaTtGmW+ObaUxnrP BbPafs/5KW7dkoZtaLFDqfVkAnwxGgBxRBkr5O6af/Ho4j8cYJiVnlAAaegtL5UX eXxuWxSn15Wtu/InNRKB/pTtqws7ZyZ8VZSheqXHg4IdMT2tMGVoHgu7CKxzHGzf ZCe0ET68p9GOjzxF4JQHi9hKkHrPSQFhr9XiFejuU7JzLwkvY/zueSHOrV+qmJ2+ KGShK22F+1OxmXwZDk9A5xxQCL2QJweUCbKQQjBifJeIjtOYVQ8=
=JbMV
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 2021-04-10 at 13:38:31 +0100, Luca Boccassi wrote:

On Sat, 2021-04-10 at 13:29 +0100, Luca Boccassi wrote:

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF
objects, so that it can be included automatically in generated coredump files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of time to make incompatible changes to the format and implementation, if required.

I've skimmed over the discussion at [0], and while having this data
seems like it might be "nice", I've to agree with the comments there
voicing that there does not really seem to be an actual need and the
overhead and additional work do not seem worth it, TBH, at least
in the Debian context.

The Fedora Wiki and the systemd.io document have more details, but to
make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package- build-time information like distro name&version, package name&version,
etc.

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the
containers. The information about build-ids needs to be stored
externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

In the Debian context, the build-ids data is going to be available
in the affected executables, and in debug symbols packages and the
Packages metaindices listing them, so there's no need for access to
any local dpkg database. Given that someone needing to install debug
packages will need access to those indices (either with outgoing network
access or with a repository mirror), these can be queried at that time.
Not to mention that AFAIR the Debian debug symbol servers make it
possible to query for specific build-ids.

2) handling of a core from a container, where the container and host
have different distros

How each distribution handles debug packages and debug symbols is
going to be different, so it seems there will be a need for explicit
handling of these, at which point the above mentioned querying can be implemented as well, w/o the need to encode the packaging data inside
the executable.

3) self-built and external packages: unless a lot of care is taken to
keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost.
Users can easily provide equivalent information in a format that makes sense in their own environment. It should work even when rpms and debs
and other formats are mixed, e.g. during container image creation.

I'm not sure I see the problem here. Either these self-built 3rd-party
packages are kept in repos that also provide the debug symbols
somewhere for all historically released versions or these will not be accessible anyway. If they are, they can as well be located as per
above from the Packages metaindices, and even if the repository
metadata gets lost, as long as the debug symbol packages are present
(if they are not what's the point anyway) the build-ids can always be re-scanned from them as they are part of the Build-Ids field in the
.deb control file.

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

So, to conclude, I don't really see the point of this in the Debian
context. (Not to mention the problems with encoding binary versions
that might be wrong, and the busy work involved.)

[0] https://github.com/systemd/systemd/issues/18433
[1] https://systemd.io/COREDUMP_PACKAGE_METADATA/
[2] https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects
[3] https://github.com/systemd/package-notes

Thanks,
Guillem

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 2021-05-14 at 12:41 +0200, Guillem Jover wrote:

On Sat, 2021-04-10 at 13:38:31 +0100, Luca Boccassi wrote:

On Sat, 2021-04-10 at 13:29 +0100, Luca Boccassi wrote:

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF objects, so that it can be included automatically in generated coredump files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged
upstream. We are now seeking further comments/opinions/suggestions, as
we have a few months before the next release and thus there's plenty of time to make incompatible changes to the format and implementation, if required.

I've skimmed over the discussion at [0], and while having this data
seems like it might be "nice", I've to agree with the comments there
voicing that there does not really seem to be an actual need and the
overhead and additional work do not seem worth it, TBH, at least
in the Debian context.

Hi Guillem, thanks for having a look, much appreciated!

Just to clarify, the need is there - this is not an experimental
exercise, but it is borne out of an actual need&requirement, and it is undergoing testing right now before deployment in a large scale
production infrastructure.
Not _everybody_ will need it, and not everywhere - that's absolutely
fair, and discussions on whether the ovearhead is worth it for
something that is not universally needed, but only in certain use
cases, is perfectly reasonable and welcome. I know Zbigniew is going to
try and get some raw numbers on the kind of overhead we are talking
about, that will hopefully help frame the discussion with more
precision.

The Fedora Wiki and the systemd.io document have more details, but to make a long story short, a new .notes.package section with a JSON
payload will be included in ELF objects, encoding various package- build-time information like distro name&version, package name&version, etc.

To summarize from the discussion, the main reasons why we believe this
is useful are as following:

1) minimal containers: the rpm database is not installed in the containers. The information about build-ids needs to be stored externally, so package name information is not available immediately,
but only after offline processing. The new note doesn't depend on the
rpm db in any way.

In the Debian context, the build-ids data is going to be available
in the affected executables, and in debug symbols packages and the
Packages metaindices listing them, so there's no need for access to
any local dpkg database. Given that someone needing to install debug
packages will need access to those indices (either with outgoing network access or with a repository mirror), these can be queried at that time.
Not to mention that AFAIR the Debian debug symbol servers make it
possible to query for specific build-ids.

This is not strictly related to debug packages, though? In fact, on
systems where this could be of most use you explicitly do _not_ install
debug packages (or anything at all). Or even if you wanted to, you
could not - corefiles are not handled inside the container, but
outside. Even if you wanted to and were allowed to (which for many
environments it's not the case), you can't install a Debian debug
package on a CoreOS host or Mariner host or a Flatcar host.

2) handling of a core from a container, where the container and host
have different distros

How each distribution handles debug packages and debug symbols is
going to be different, so it seems there will be a need for explicit
handling of these, at which point the above mentioned querying can be implemented as well, w/o the need to encode the packaging data inside
the executable.

Again, matching to debug symbols is not the main goal here, build-id
works for that. The main goal is to have useful metadata immediately
available in all occasions, regardless of where the core was generated
on the host, without reaching out to external services, so that it is
directly included and collated in the system journal when the core file
is handled.

With a common metadata definition, there's no need to query or
explicitly handle anything - this already works if you use systemd-
coredump built from the main branch, and handle a core file from
different containers running different distros with binaries having
this metadata in the ELF file, and it just works. This is tested, not theoretical.

3) self-built and external packages: unless a lot of care is taken to keep access to the debuginfo packages, this information may be lost.
The new note is available even if the repository metadata gets lost. Users can easily provide equivalent information in a format that makes sense in their own environment. It should work even when rpms and debs and other formats are mixed, e.g. during container image creation.

I'm not sure I see the problem here. Either these self-built 3rd-party packages are kept in repos that also provide the debug symbols
somewhere for all historically released versions or these will not be accessible anyway. If they are, they can as well be located as per
above from the Packages metaindices, and even if the repository
metadata gets lost, as long as the debug symbol packages are present
(if they are not what's the point anyway) the build-ids can always be re-scanned from them as they are part of the Build-Ids field in the
.deb control file.

I think you are thinking about being confined to single distro here - I
am talking about mixed environments. Maybe the build-id can be used to
trace it back - maybe it is available on some federated server. Most
likely it is not, in these cases - it would require customers to go and
upload their sources and symbols and information to random third party services, a bit unlikely. You have no reference that indicates where to
go look for. Just a filename, which can be anything, and a random id
which might never be published anywhere. What do you do with it?

Other than in Fedora, we are already making the required code changes
at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

So, to conclude, I don't really see the point of this in the Debian
context. (Not to mention the problems with encoding binary versions
that might be wrong, and the busy work involved.)

Sorry, what do you mean here by encoding binary versions?

[0] https://github.com/systemd/systemd/issues/18433
[1] https://systemd.io/COREDUMP_PACKAGE_METADATA/
[2] https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects
[3] https://github.com/systemd/package-notes

Thanks,
Guillem

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmCefg0ACgkQKGv37813 JB4G/A//Sn74VAq+XixKzde/9McO0/9cwAL2CnJTC9lhwoxo2BXI0IKyWmS1T4ZW FdBAdjvkULFZRXRn6fPr2maGsH/uo0rN/lNocinrYTk2EU6B0jsrSXq08ixHlD1k VRliqRGCR7A4c8ZP6HZxWMlr0XDmfqI8+fgcaPZlecYhYSp8KQJs2quWoMbhi0Xb aA610jSiVs3iCbCAGbMZJ8cENnKAj94FSijTGZLxNBfeFoMduIrzxqBvje1LE2zN Dn7L8kN6Feg7iwyJ22BHNGxhflW+E5H53BOcddi/6gguIMhqnWYyDyW61WDPWQeQ fbv1bVLIXzdjQ/PZDr0VNS8Iskq+2XMGUI1USXHuyxgLTtqdcPrOMUyLf28PuNEi Ey1yIYt2fj+OJenhaGQky/D7rXX3tlSX+3lNeTDoFV8B1ZJpcmxUSDm47a/RNvLm +G0xP8XKf+Ho3FBgDvW1GFrKP4xuNk2HiOk4+jeplxx/oYUBZRvyZrpDTvFKI4TS JQUJhQLcABXqb2Qd/TW5GoxWea6RbGIBPBfRcQoLA4XqWd4L7z7fJ/mdpSX7akgB jnu5Pe05tf33UjpobF1ppqiTh6UV4GBUQoHjvzJtVONAJQP34f5NPfD+weAMAE4S BPn2jLzxETKghycrJkSxo/+nnK1siFSdOqWiLo0K9/dGufqFvlc=
=88t2
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 2021-05-14 at 14:41:32 +0100, Luca Boccassi wrote:

On Fri, 2021-05-14 at 12:41 +0200, Guillem Jover wrote:

On Sat, 2021-04-10 at 13:38:31 +0100, Luca Boccassi wrote:

On Sat, 2021-04-10 at 13:29 +0100, Luca Boccassi wrote:

After an initial discussion [0], recently we have been working on a new specification [0] to encode rich package-level metadata inside ELF objects, so that it can be included automatically in generated coredump files. The prototype to parse this in systemd-coredump and store the information in systemd-journal is ready for testing and merged upstream. We are now seeking further comments/opinions/suggestions, as we have a few months before the next release and thus there's plenty of time to make incompatible changes to the format and implementation, if required.

I've skimmed over the discussion at [0], and while having this data
seems like it might be "nice", I've to agree with the comments there voicing that there does not really seem to be an actual need and the overhead and additional work do not seem worth it, TBH, at least
in the Debian context.

Hi Guillem, thanks for having a look, much appreciated!

Just to clarify, the need is there - this is not an experimental
exercise, but it is borne out of an actual need&requirement, and it is undergoing testing right now before deployment in a large scale
production infrastructure.
Not _everybody_ will need it, and not everywhere - that's absolutely
fair, and discussions on whether the ovearhead is worth it for
something that is not universally needed, but only in certain use
cases, is perfectly reasonable and welcome. I know Zbigniew is going to
try and get some raw numbers on the kind of overhead we are talking
about, that will hopefully help frame the discussion with more
precision.

Sorry, I think I expressed myself sloppily. My impression is not
that there's no need behind this, but that there's no need for this
specific implementation at least in the Debian context, as I think
the information should be already available by other means.

Also when I mentioned overhead here, it was more about packaging and integration work than say actual size increase, even though that might
have an adverse effect on .udeb's for example, and perhaps a
non-insignificant one on .deb's depending on the amount of objects
included.

The Fedora Wiki and the systemd.io document have more details, but to make a long story short, a new .notes.package section with a JSON payload will be included in ELF objects, encoding various package- build-time information like distro name&version, package name&version, etc.

To summarize from the discussion, the main reasons why we believe this is useful are as following:

1) minimal containers: the rpm database is not installed in the containers. The information about build-ids needs to be stored externally, so package name information is not available immediately, but only after offline processing. The new note doesn't depend on the rpm db in any way.

In the Debian context, the build-ids data is going to be available
in the affected executables, and in debug symbols packages and the
Packages metaindices listing them, so there's no need for access to
any local dpkg database. Given that someone needing to install debug packages will need access to those indices (either with outgoing network access or with a repository mirror), these can be queried at that time.
Not to mention that AFAIR the Debian debug symbol servers make it
possible to query for specific build-ids.

This is not strictly related to debug packages, though?

That was actually the impression I was getting from reading the refs
though. :) But I'll expand below.

In fact, on
systems where this could be of most use you explicitly do _not_ install
debug packages (or anything at all). Or even if you wanted to, you
could not - corefiles are not handled inside the container, but
outside. Even if you wanted to and were allowed to (which for many environments it's not the case), you can't install a Debian debug
package on a CoreOS host or Mariner host or a Flatcar host.

Sure, but precisely dbgsym .deb's are the things that are trivial to
unpack with dpkg-deb (or ar+tar) w/o needing to actually install them.

2) handling of a core from a container, where the container and host have different distros

How each distribution handles debug packages and debug symbols is
going to be different, so it seems there will be a need for explicit handling of these, at which point the above mentioned querying can be implemented as well, w/o the need to encode the packaging data inside
the executable.

Again, matching to debug symbols is not the main goal here, build-id
works for that. The main goal is to have useful metadata immediately available in all occasions, regardless of where the core was generated
on the host, without reaching out to external services, so that it is directly included and collated in the system journal when the core file
is handled.

With a common metadata definition, there's no need to query or
explicitly handle anything - this already works if you use systemd-
coredump built from the main branch, and handle a core file from
different containers running different distros with binaries having
this metadata in the ELF file, and it just works. This is tested, not theoretical.

So this is where I guess I'm missing something. To be able to make
sense of the coredumps there are two things that might end up being
relevant, backtraces and source code. systemd-coredump might already
emit a backtrace, and depending on the information provided it might
be more or less useful. If one needs the actual debug symbols there's
already some external querying/fetching required, and if distribution
specific source code is required because many distributions patch
upstream source, then even more querying/fetching will be required.

Which is why I'm not seeing why this standalone and isolated metadata
would be of much help by itself. As in, the way I see it, either the information from systemd (w/o the extra metadata) is sufficient to
track down bugs, or that querying/fetching would be needed anyway, at
which point the metadata can be inferred too then?

3) self-built and external packages: unless a lot of care is taken to keep access to the debuginfo packages, this information may be lost. The new note is available even if the repository metadata gets lost. Users can easily provide equivalent information in a format that makes sense in their own environment. It should work even when rpms and debs and other formats are mixed, e.g. during container image creation.

I'm not sure I see the problem here. Either these self-built 3rd-party packages are kept in repos that also provide the debug symbols
somewhere for all historically released versions or these will not be accessible anyway. If they are, they can as well be located as per
above from the Packages metaindices, and even if the repository
metadata gets lost, as long as the debug symbol packages are present
(if they are not what's the point anyway) the build-ids can always be re-scanned from them as they are part of the Build-Ids field in the
.deb control file.

I think you are thinking about being confined to single distro here - I
am talking about mixed environments. Maybe the build-id can be used to
trace it back - maybe it is available on some federated server. Most
likely it is not, in these cases - it would require customers to go and upload their sources and symbols and information to random third party services, a bit unlikely. You have no reference that indicates where to
go look for. Just a filename, which can be anything, and a random id
which might never be published anywhere. What do you do with it?

Oh, I was thinking about those mixed environments, full chroots or
stripped down containers, from different vendors, but affecting Debian installations. What I'm also probably missing here is how does the
metadata help for a third-party that is not expected to track/keep/upload
debug symbols nor source packages into some repository, because otherwise
I'm not seeing how they'd make use of the cores (if they are insufficient
by themselves) to debug issues? I guess my question back would be what
would they do with the metadata if they do not have the debug symbols
nor the sources readily available? Also assuming of course they exercise
good practices such as never reusing the same package-version-arch tuple
for different builds, and similar. :)

Other than in Fedora, we are already making the required code changes at Microsoft to use the same format&specification for internally-built binaries, and for tools that parse core files and logs.

Tools for RPM and DEB (debhelper) integration are also available [3].

So, to conclude, I don't really see the point of this in the Debian context. (Not to mention the problems with encoding binary versions
that might be wrong, and the busy work involved.)

Sorry, what do you mean here by encoding binary versions?

(Expanding, although I assume most of this you already know, but just
for context's sake.)

As was mentioned on the systemd issue (AFAIR), the binary version for
a .deb is decided by the packaging and can (and does) vary from the
source version, and that information is generated after the programs
have been compiled.

For a source version 2.0-1, there are two types of diverging binary
versions, one is for binary-only non-maintainer-uploads (binNMU), such
as 2.0-1+b3 (this would be known at compile-time), and the other would
be for a different binary version-space such as 3:4.5-1 (which is
unknown at compile-time). Both can end up being combined too, as in
3:4.5-1+b5.

Thanks,
Guillem

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Guillem,

On Wed, 2021-05-19 at 02:19 +0200, Guillem Jover wrote:

So this is where I guess I'm missing something. To be able to make
sense of the coredumps there are two things that might end up being
relevant, backtraces and source code. systemd-coredump might already
emit a backtrace, and depending on the information provided it might
be more or less useful. If one needs the actual debug symbols there's
already some external querying/fetching required, and if distribution specific source code is required because many distributions patch
upstream source, then even more querying/fetching will be required.

Which is why I'm not seeing why this standalone and isolated metadata
would be of much help by itself. As in, the way I see it, either the information from systemd (w/o the extra metadata) is sufficient to
track down bugs, or that querying/fetching would be needed anyway, at
which point the metadata can be inferred too then?

Because without that metadata you cannot easily figure out where/how to
get the files needed to properly track down the bugs. But using that
metadata you can figure out where the debuginfod server is that can
provide all that information for the binaries/core files (or a distro
specific method if the distributor doesn't have a debuginfod server
yet).

Oh, I was thinking about those mixed environments, full chroots or
stripped down containers, from different vendors, but affecting Debian installations. What I'm also probably missing here is how does the
metadata help for a third-party that is not expected to track/keep/upload debug symbols nor source packages into some repository, because otherwise
I'm not seeing how they'd make use of the cores (if they are insufficient
by themselves) to debug issues? I guess my question back would be what
would they do with the metadata if they do not have the debug symbols
nor the sources readily available? Also assuming of course they exercise
good practices such as never reusing the same package-version-arch tuple
for different builds, and similar. :)

Different builds will have different build-ids, so they can be kept
apart. But even if without the distributor having added debuginfod
meta-data and providing a server to fetch the extra symbols, debuginfo, sources, the extra meta-data is useful to administrators. Just seeing
that crashes are associated with specific distro/version/packages helps
narrow down instabilities.

Cheers,

Mark

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 2021-05-19 at 16:58 +0200, Mark Wielaard wrote:

Hi Guillem,

On Wed, 2021-05-19 at 02:19 +0200, Guillem Jover wrote:

So this is where I guess I'm missing something. To be able to make
sense of the coredumps there are two things that might end up being relevant, backtraces and source code. systemd-coredump might already
emit a backtrace, and depending on the information provided it might
be more or less useful. If one needs the actual debug symbols there's already some external querying/fetching required, and if distribution specific source code is required because many distributions patch
upstream source, then even more querying/fetching will be required.

Which is why I'm not seeing why this standalone and isolated metadata
would be of much help by itself. As in, the way I see it, either the information from systemd (w/o the extra metadata) is sufficient to
track down bugs, or that querying/fetching would be needed anyway, at
which point the metadata can be inferred too then?

Because without that metadata you cannot easily figure out where/how to
get the files needed to properly track down the bugs. But using that
metadata you can figure out where the debuginfod server is that can
provide all that information for the binaries/core files (or a distro specific method if the distributor doesn't have a debuginfod server
yet).

Yes, that is a good use case. Another use case is that the person (or
bot) who first looks at the journal with the crash notification and the metadata might not necessarily be the one that does the full in-depth debugging. First level support will look at things and go "oh this is
from package X at version Y, therefore team Z needs to chime in".
Or it can see that it's version A.B.C, which is listed as known buggy,
and ignore the issue. Or a myriad of other combinations.

Then there are automated systems, parsing logs and creating tickets.
Having the structured metadata available in the journal in the crash
message means much more complex and useful querying and ticket creation
systems can be set up. You _cannot_ just go and query random remote
internet servers from these systems, they need to be network-isolated,
as logs can have confidential data from customers.

The main point is, there are many many things that happen between a
crash and the team owning the component looking up debugging symbols
and loading core files. This feature is very very useful for a whole
lot of those things.

Oh, I was thinking about those mixed environments, full chroots or
stripped down containers, from different vendors, but affecting Debian installations. What I'm also probably missing here is how does the
metadata help for a third-party that is not expected to track/keep/upload debug symbols nor source packages into some repository, because otherwise I'm not seeing how they'd make use of the cores (if they are insufficient by themselves) to debug issues? I guess my question back would be what would they do with the metadata if they do not have the debug symbols
nor the sources readily available? Also assuming of course they exercise good practices such as never reusing the same package-version-arch tuple for different builds, and similar. :)

Different builds will have different build-ids, so they can be kept
apart. But even if without the distributor having added debuginfod
meta-data and providing a server to fetch the extra symbols, debuginfo, sources, the extra meta-data is useful to administrators. Just seeing
that crashes are associated with specific distro/version/packages helps narrow down instabilities.

Precisely - again this is a very much real use case. In my case, the
engineers doing support and looking at the logs (and only at the logs -
no access to the running systems is permitted) _want_ this, because it
helps them. Being able to know at a glance to the journal exactly what
is borken, with version info, is extremely valuable to them.

Yes the version info might not be precise for a minority of use cases
that override the binary version with something different than the
source version, but that's fine as it's far and few, mostly affects metapackages, and even then it can be documented clearly that the
reference is to the source version, not the binary one.

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmCrfU0ACgkQKGv37813 JB4+QxAAhNhZsPpFiFu/bUA4mFvRYKohsnL6QSG/T4p9FkFmpKnR4FayskEKNAN7 zbVZHQvNIl/CdKetDpku4SxxznNB8+TYKOlUKRyFQPanbLPAfM9acoOC2nMKpNz7 uESZNzxw4rpFWZFkxY0xxF3FXTw3ufGVcCukpDbO5B893bQhbAPxmmoAl71sPzaZ nmP0EQL6mpRYUN+VHkEduMw28h861V+SOhH2By/+s8wOOEH4xAdHmGIlFJ4rcC+K KKdd/P+hl35JoenGV8OBgU9TMPOskfZb7J5qh7Xr/5bXwlefurLov48PKGI5LAly kK/dnQ+pI62n45v8oYJOUetfzz4PV7DmLeoEa5UNr+4Yp9+l6Ds4mA2CHlUUGSsv usJQYEHgpuCjbck1Tr93YZO2CDA2GzYTztUdMymbbZGfYBq2l7hIiI0jdGnvhHAg gPLwhAzXaAYdNIdcpA1zCOfe4J8VjCmIJD/ZQy+1KMTp706xbIMNywJE940B6S2S z+4Q6S35ZTTUZU3AwvCaMC2i9+lnTHJJeL+GH5EqJ2c3FwdX613aJg45bms32kd6 6EJT6ZmtCSdEygtVwJe/TFudAifQZwRHfkLPcc2Xks7jb7NhqbI9mH0EolDKpIac 7fIrD419uDVvo8DiXEly4+eu2Dau/ImsIkMI2sZp+Z4Wy1Q4PtQ=
=3nst
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)