| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Missing checks when malloc returns NULL... |
| Date: | 2016-06-22 01:41:01 |
| Message-ID: | CAB7nPqRRR8mnM9kbGObV2tzP-BpmLotiKyVBPbY2bxjuAyeCpw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jun 21, 2016 at 10:46 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Michael Paquier <michael(dot)paquier(at)gmail(dot)com> writes:
>> - mcxt.c uses that, which is surprising:
>> @@ -704,7 +704,8 @@ MemoryContextCreate(NodeTag tag, Size size,
>> {
>> /* Special case for startup: use good ol' malloc */
>> node = (MemoryContext) malloc(needed);
>> - Assert(node != NULL);
>> + if (node == NULL)
>> + elog(PANIC, "out of memory");
>> }
>> I think that a PANIC is cleaner here instead of a simple crash.
>
> But the elog mechanism assumes that memory contexts are working.
> If this ever actually did fire, no good would come of it.
OK, there is not much that we can do here then. What about the rest?
Those seem like legit concerns to me.
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| malloc-nulls-v2.patch | invalid/octet-stream | 6.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2016-06-22 01:51:16 | Re: primary_conninfo missing from pg_stat_wal_receiver |
| Previous Message | Andres Freund | 2016-06-22 00:26:07 | signed division in hash_search_with_hash_value(ENTER) has high overhead |