public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jacob Champion <[email protected]>
To: Andres Freund <[email protected]>
Cc: Andreas Karlsson <[email protected]>
Cc: Галкин Сергей <[email protected]>
Cc: [email protected] <[email protected]>
Subject: Re: DEREF_AFTER_NULL: src/common/jsonapi.c:2529
Date: Mon, 6 Apr 2026 15:01:14 -0700
Message-ID: <CAOYmi+k__DbMjOxfySjVjCQB=-7Pd+qHb-1Vn9kuN1XOgbOsGg@mail.gmail.com> (raw)
In-Reply-To: <mazv3o3ua5pbvy5xwrz6n6zu6gyxkqtohbdohu3o73xyhtwa26@xcbb7ro2o42k>
References: <[email protected]>
<[email protected]>
<CAOYmi+muy=Wtk0dv6J5HmcFTMvrPMe2MGN2X+hjZL7DKSUEXLQ@mail.gmail.com>
<leyiwkml7kyrdxwjzhcmmi6rtyxxwofokfxhlkpbagfprmbqw2@jxdckvomcmug>
<CAOYmi+mneT-m52GhWdA=XqH5SE6f5jJbAmjwL+wp+xk4j9VVpg@mail.gmail.com>
<mazv3o3ua5pbvy5xwrz6n6zu6gyxkqtohbdohu3o73xyhtwa26@xcbb7ro2o42k>
On Mon, Apr 6, 2026 at 2:40 PM Andres Freund <[email protected]> wrote:
> > Maybe I didn't parse this question correctly, but I don't want to
> > avoid freeing NULLs. It's entirely reasonable and normal to write code
> > that frees NULLs.
>
> I think it's a bad idea ever call free(), realloc() etc with a NULL. It's imo
> quite the code smell indicating that code lost of track of whether something
> was allocated or not.
I could not disagree more strongly:
- the alternative for many developers in practice is going to be a
unilateral `if (ptr) free(ptr);` anyway, losing any potential
"benefit", and
- I'm not even convinced that "lose track of whether something was
allocated" is a thing. If it was NULL, it was not allocated. If it is
not NULL, it is either allocated, or you're about to double-free
something, which has nothing to do with free(NULL). What's to "lose
track" of?
> The whole point of having pfree() in FE code is to make it possible to write
> common code that doesn't need ifdef around every allocation.
Which didn't work out for us, in my humble opinion, as soon as libpq
entered the equation. We don't have to name the abstraction layer the
same thing as only one of the branches of the abstraction.
> > Or else make pfree() behave like free() [2] so that we don't
> > have to have that particular papercut at all anymore?
>
> -many
>
> It's also not a path I want to add any unnecessary instructions to.
Okay, but I'd be curious to know how widespread this position is.
> > It still doesn't help the OOM abstraction leak between libpq and the
> > backend, as far as I can tell.
>
> If the code were to use a JsonLexContext field to decide whether to pass
> MCXT_ALLOC_NO_OOM to the allocation functions etc it'd at least would make the
> code more similar between FE/BE due to both having to deal with NULLs.
I'm talking about libpq here; we don't link fe_memutils.c at all.
--Jacob
view thread (10+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: DEREF_AFTER_NULL: src/common/jsonapi.c:2529
In-Reply-To: <CAOYmi+k__DbMjOxfySjVjCQB=-7Pd+qHb-1Vn9kuN1XOgbOsGg@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox