When populating the module list on Linux we extract the GNU build ID from each executable. To do so we first mmap() the entire file in the process writing the minidump and then extract the data from there. This has a couple of important drawbacks:

• If the file on disk has been deleted we'll get an empty ID, something that we see often in Firefox crashes.
• If the file on disk has been altered we'll get the wrong ID.
• If the file is extremely large mmap() may fail on 32-bit hosts, we've also seen this happen in 32-bit builds of Firefox.

We could avoid all these issues by reading the ELF headers directly from the process we're dumping. goblin supports parsing an ELF file lazily, though one has to do it manually (see this example).