On Wed, Feb 22, 2023 at 08:43:35AM -1000, Richard Henderson wrote:
> On 2/22/23 06:28, Michael S. Tsirkin wrote:
> > On Wed, Feb 22, 2023 at 05:11:36PM +0100, Philippe Mathieu-Daudé wrote:
> > > On 22/2/23 13:05, Michael S. Tsirkin wrote:
> > > > On Wed, Feb 22, 2023 at 12:25:20AM +0100, Philippe Mathieu-Daudé wrote:
> > > > > Since commit 262a69f428 ("osdep.h: Prohibit disabling
> > > > > assert() in supported builds") 'NDEBUG' can not be defined.
> > > > >
> > > > > Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
> > > >
> > > > this exactly says NDEBUG is not allowed. why are you removing this?
> > >
> > > The project can not be built with NDEBUG. There is no point in
> > > mentioning it in each individual function.
> >
> > the reason we mention it is because there are security implications
> > if we don't.
>
> Yes. However that's not what the text being removed suggests:
>
> > > > > - * This is just one thing (there are probably more) that must be
> > > > > - * fixed before we can allow NDEBUG compilation.
>
> This suggests that we *will* allow NDEBUG, once a few things are fixed.
>
> I strongly approve of this text being removed.
>
>
> r~
OK I think it's a good idea to replace it with something like
/* Note: Do not remove this assertion, doing so will break qemu security! */
--
MST
