An old bug that turned out to be exploitable UAF vulnerability

Almost two year ago I reported a bug #76047 for which initially I didn’t understand the root cause until Nikita Popov explained it was a Use after free issue in debug_backtrace() obtained in destructor. Back then I didn’t manage to get a short reproduction case until yesterday when it was reported that there is an…