The point of the check was to avoid subtle crashes aligning with defensive programming requirements. If you lean more towards strict contract enforcement Just say the word. On 04/09/2025 09:47, Junio C Hamano wrote:
"ノウラ | Flare via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes:+void alloc_state_free_and_null(struct alloc_state **s_) { + struct alloc_state *s; + + if (!s_ || !*s_) return;I still do not see the point of this check. If the caller passes a NULL pointer, when they are expected to pass the address of a pointer variable so that the struct the pointer points at is cleared and freed, and the pointer variable is NULLed, it is called a programmer error and they deserve a segfault. Why would it be better to sweep such an error under the rug by returning without anything? It would delay discovery of such a bug, but for what gain?
