Torsten Bögershausen <tboegi@xxxxxx> writes: > On Wed, Aug 27, 2025 at 11:28:32PM +0000, ノウラ | Flare via GitGitGadget wrote: >> From: =?UTF-8?q?=E3=83=8E=E3=82=A6=E3=83=A9=20=7C=20Flare?= >> <nouraellm@xxxxxxxxx> >> >> clear_alloc_state() freed all slabs and nulled the slabs pointer but >> left slab_alloc, nr, and p unchanged. If the alloc_state is reused, >> ALLOC_GROW() can wrongly assume that the slab array is already >> allocated because slab_alloc still holds a stale nonzero capacity. >> In that case s->slabs remains NULL and the next dereference writes >> through a NULL pointer, causing undefined behavior. > This is good. > >> >> To fix this, this patch: > Style nit, we tend to use the "imperative form" here in Git, > like this: > > - Rename allocate_alloc_state() → alloc_state_alloc(). > - Replace ... > - Update ... Thanks. We also tend to avoid bulleted list.
