On 07/05/2010 09:21 AM, Vignatti Tiago (Nokia-MS/Helsinki) wrote: > On Sat, Jul 03, 2010 at 10:25:34PM +0200, ext Eamon Walsh wrote: > >> On 06/21/2010 09:52 AM, Tiago Vignatti wrote: >> >>> Last I remember, we want all possible build options set as on by default >>> just >>> to be sure the code they enable still being able to build after general >>> changes. Is that correct? >>> >>> --- >>> >>> Apart from that, is there a reason to have XACE enabled by default without >>> any >>> hook backend? This is how the server is being compiled now by default. >>> >> As long as the in-tree security extensions are disabled by default I >> think it should be OK to disable XACE by default as well. >> > Thanks for the answer, Eamon. > > So I disabled XACE here in my machine and now my static analyzer is accusing > ~100 pieces of deadcode. That's because we have XaceHook everywhere and, when > disabling the extension, this function will always return Success which makes > the subsequent "if (rc != Success)" useless. > > I took a look on the code and couldn't find a way to put this conditional > inside the XaceHook, when the extension is being used. Do you think there's an > easy way to do so? Do we really need to always check for value or this is just > a safety check? Or do you have an better idea? > > > Thank you, > Tiago > >
When XACE is disabled, XaceHook turns into a macro for Success, not a function call that returns Success. The compiler should optimize out all the dead code. This seems like a pretty common idiom to me. I don't think the static analyzer should warn on stuff like this. -- Eamon Walsh National Security Agency _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
