Add a section to HACKING describing the bits of implementation
defined C compiler behaviour which C code in QEMU is allowed
to rely on.
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
---
Since the issue just came up. Have I missed anything off the list?
HACKING | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/HACKING b/HACKING
index 89a6b3a..1e17ac7 100644
--- a/HACKING
+++ b/HACKING
@@ -123,3 +123,19 @@ gcc's printf attribute directive in the prototype.
This makes it so gcc's -Wformat and -Wformat-security options can do
their jobs and cross-check format strings with the number and types
of arguments.
+
+6. Implementation defined and undefined behaviours
+
+The C language specification defines regions of undefined behaviour and
+implementation defined behaviour (to give compiler authors enough
+leeway to produce better code). In general, code in QEMU should
+follow the language specification and avoid both undefined and
+implementation defined constructs. ("It works fine on the gcc
+I tested it with" is not a valid argument...) However there are
+a few areas where we allow ourselves to assume certain behaviours
+because in practice all the platforms we care about behave in the
+same way and writing strictly conformant code would be painful.
+These are:
+ * you may assume that integers are 2s complement representation
+ * you may assume that right shift of a signed integer duplicates
+ the sign bit (ie it is an arithmetic shift, not a logical shift)
--
1.7.11.4
