>>>>> "Alexander" == Alexander Korotkov <aekorotkov@gmail.com> writes:
>> Another issue I don't understand yet is that even though this code
>> is largely unchanged since 8.x, the original reporter could not
>> reproduce the crash on any version before 13.0.
Alexander> I think this is related to my commit 911e702077. It has
Alexander> changed the memory allocation for the signatures to support
Alexander> the signatures of variable length. So, it seems that despite
Alexander> the error existing since 8.x, it started causing segfaults
Alexander> only since 911e702077.
Aha. Prior to that change, cache[i].sign was an array rather than a
pointer, so it would not crash even when accessed without
initialization. What would happen instead is that an incorrect signature
would be used, which might lead to problems later in index lookups
(though I haven't tested that).
Alexander> I would rather propose to rip off special handling of the
Alexander> last item completely (see the attached patch).
Yeah. I'll go with that, once I finish testing it.
--
Andrew (irc:RhodiumToad)