Re: [PATCH][gnulib] Add the Sframe package

[Bruno Haible]

Weimin Pan wrote:
> > I read the same thing in 
> > <https://www.phoronix.com/news/GNU-Binutils-SFrame>:
> > "callee-saved registers other than FP are not needed for stack unwinding,
> >   and hence are not included in the .sframe section."
> > but I don't understand it: If you don't have the contents of the
> > callee-saved registers, you can perfectly well produce a textual stack trace
> > but how would you "jump back", in the sense of transferring control,
> > like longjmp() does?
> 
> Sorry, "jumping" back is in the sense of regenerating the stack frame chain,
> not transferring of program execution.

OK, it's clear now. Thanks for clarifying.

> > Finally, can you propose a reviewer for this code? Someone who will
> > try to find mistakes or bugs and who is not a co-author. I am reviewing
> > most of the Gnulib contributions, but this large contribution is more
> > than I can easily take on.
> 
> Sorry, not familiar with the protocol. You meant someone from Oracle? or 
> from anywhere else will do?

Since Gnulib code gets copied into several packages, we try to ensure that it
does not have bugs that could turn into CVEs. One of our preferred measures to
ensure that is code review (because it is comparatively cheap, compared to
e.g. 100% test coverage combined with valgrind execution of these tests).
By that I mean a review where the reviewer goes through the code line by line
and tries to formulate recommendations that avoid or are likely to avoid bugs
in the future. It is comparatively cheap, but for 2000 lines of code, it will
take a day of work, or more. I don't have time for that, nor does Paul. Do you
know someone who would be willing to do that (and communicate the results with
you, not keep them secret for zero-day exploits)?

Bruno