On Sat, Jul 23, 2016 at 2:35 PM, Josh Poimboeuf <jpoim...@redhat.com> wrote: > > While doing the scanning and printing, it does call the frame pointer > unwinder in parallel, but like before, that's *only* used to determine > whether a found address should be printed without a question mark. If > the unwinder goes off the rails, the scanning and printing of text > addresses goes on, undisturbed. > > The frame pointer unwinder code itself is quite careful not to > dereference anything it shouldn't (though of course I welcome any review > comments that find otherwise).
So this was the bug the last time around we did unwinders - the code would dereference the unwind tables, and the tables would be corrupted. End result: recursive oops. And they were corrupted not even because of memory corruption, but simply because they contained incorrect data, due to compiler bugs and other issues. I have really bad memories from that time. Several years after the fact. It took months to finally revert the crap, because the author continued to insist that "this was the last bug" for several passes through that thing. As they say, "Once burned, twice shy". But in this case, it's more like "Four times burned, sixteen times as shy". Linus