Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1u6w9q-0088IN-UR for pgsql-hackers@arkaria.postgresql.org; Mon, 21 Apr 2025 18:46:19 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1u6w9o-007iOe-It for pgsql-hackers@arkaria.postgresql.org; Mon, 21 Apr 2025 18:46:17 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1u6w9o-007iNP-1d for pgsql-hackers@lists.postgresql.org; Mon, 21 Apr 2025 18:46:16 +0000 Received: from smtp.outgoing.loopia.se ([93.188.3.37]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1u6w9m-001Dtt-12 for pgsql-hackers@lists.postgresql.org; Mon, 21 Apr 2025 18:46:15 +0000 Received: from s807.loopia.se (localhost [127.0.0.1]) by s807.loopia.se (Postfix) with ESMTP id 9A48E3792BB for ; Mon, 21 Apr 2025 20:46:12 +0200 (CEST) Received: from s934.loopia.se (unknown [172.22.191.5]) by s807.loopia.se (Postfix) with ESMTP id 8B48A378966; Mon, 21 Apr 2025 20:46:12 +0200 (CEST) Received: from s470.loopia.se (unknown [172.22.191.6]) by s934.loopia.se (Postfix) with ESMTP id 884507CE913; Mon, 21 Apr 2025 20:46:12 +0200 (CEST) X-Virus-Scanned: amavisd-new at amavis.loopia.se X-Spam-Flag: NO X-Spam-Score: -1.2 X-Spam-Level: X-Spam-Status: No, score=-1.2 tagged_above=-999 required=6.2 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1] autolearn=disabled Authentication-Results: s470.loopia.se (amavisd-new); dkim=pass (2048-bit key) header.d=yesql.se Received: from s981.loopia.se ([172.22.191.6]) by s470.loopia.se (s470.loopia.se [172.22.190.34]) (amavisd-new, port 10024) with LMTP id exFrH49ceIQ0; Mon, 21 Apr 2025 20:46:12 +0200 (CEST) X-Loopia-Auth: user X-Loopia-User: daniel@yesql.se X-Loopia-Originating-IP: 89.255.232.193 Received: from smtpclient.apple (customer-89-255-232-193.stosn.net [89.255.232.193]) (Authenticated sender: daniel@yesql.se) by s981.loopia.se (Postfix) with ESMTPSA id DE60C22B1714; Mon, 21 Apr 2025 20:46:11 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yesql.se; s=loopiadkim1707475645; t=1745261172; bh=2k+D8zA+RZ1xH1AsgbG0OOXcg4ItMtJhDEqzZeFyzmk=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=drPDP2jxo3gXHjN5o4n5fMmTQsxDTwpVlX7wNLVcZ33Dll7Dwo5f5EMrjld+cAmnE T5pUveYftSyUdIAkhgi4/wg6NUiMsYZiIkZ7fp5m1l3O0ddYcwkC1u2knrAv7dKLV2 MoZVPIe6hD4iM8OuLBMoZm4ajk1JJNJfXHbYQxck9EpFsHB1zhCRfMVUxpYEMA7Nd7 KwRZqRHS+IaROwlngB1Y5qR3+66jh1F9lllpkWLsJUvJIh+L+kN8o5tT0lqNy6nGtY yyEdJ2PPgbHRCulUNOjvs3LV1us9m6Kc2y017d13ouLNgOtp2FrMZtCR3eSbY3cnxN OnhnZtRfUDK/A== Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51.11.1\)) Subject: Re: jsonapi: scary new warnings with LTO enabled From: Daniel Gustafsson In-Reply-To: Date: Mon, 21 Apr 2025 20:46:01 +0200 Cc: Tom Lane , PostgreSQL Developers Content-Transfer-Encoding: quoted-printable Message-Id: <102E1997-FB99-4091-926C-9A8BB3EA168E@yesql.se> References: <2074634.1744839761@sss.pgh.pa.us> <0A3CF5C4-9947-42E3-89A9-34FCF7BA95BA@yesql.se> <2078511.1744841564@sss.pgh.pa.us> <2084687.1744844690@sss.pgh.pa.us> <2087556.1744846124@sss.pgh.pa.us> <0A596D8B-24F3-408F-B89B-B42014B00A05@yesql.se> <2202326.1744903233@sss.pgh.pa.us> <25801148-284F-41F9-A279-A4CF92623C77@yesql.se> To: Jacob Champion X-Mailer: Apple Mail (2.3776.700.51.11.1) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk > On 21 Apr 2025, at 20:28, Jacob Champion = wrote: >=20 > On Mon, Apr 21, 2025 at 11:20=E2=80=AFAM Daniel Gustafsson = wrote: >> Sure, but I fear we'll get an endless stream of static analysis = reports for the >> allocation leaking if we don't free it. >=20 > But we do free it, in freeJsonLexContext(). That usage of the API goes > back to 2023, with 1c99cde2f344. Or am I misunderstanding? We do, but with the current coding we call setJsonLexContextOwnsTokens immediately after creation which derefences the pointer without checkinf = for allocation failure. This means we dereference the pointer before we can = check for an OOM return from pg_parse_json which even if safe seems to violate = code readability no? -- Daniel Gustafsson