From patchwork Tue Oct 30 15:09:26 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: HACKING: List areas where we may rely on impdef C behaviour Date: Tue, 30 Oct 2012 05:09:26 -0000 From: Peter Maydell X-Patchwork-Id: 195513 Message-Id: <1351609766-21335-1-git-send-email-peter.maydell@linaro.org> To: qemu-devel@nongnu.org Cc: Blue Swirl , Paolo Bonzini , Anthony Liguori , patches@linaro.org Add a section to HACKING describing the bits of implementation defined C compiler behaviour which C code in QEMU is allowed to rely on. Signed-off-by: Peter Maydell --- Since the issue just came up. Have I missed anything off the list? HACKING | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/HACKING b/HACKING index 89a6b3a..1e17ac7 100644 --- a/HACKING +++ b/HACKING @@ -123,3 +123,19 @@ gcc's printf attribute directive in the prototype. This makes it so gcc's -Wformat and -Wformat-security options can do their jobs and cross-check format strings with the number and types of arguments. + +6. Implementation defined and undefined behaviours + +The C language specification defines regions of undefined behaviour and +implementation defined behaviour (to give compiler authors enough +leeway to produce better code). In general, code in QEMU should +follow the language specification and avoid both undefined and +implementation defined constructs. ("It works fine on the gcc +I tested it with" is not a valid argument...) However there are +a few areas where we allow ourselves to assume certain behaviours +because in practice all the platforms we care about behave in the +same way and writing strictly conformant code would be painful. +These are: + * you may assume that integers are 2s complement representation + * you may assume that right shift of a signed integer duplicates + the sign bit (ie it is an arithmetic shift, not a logical shift)