On 02/13/18 18:51, Laszlo Ersek wrote:
> So, my point is, we should be aware of what ISO C says about integer
> overflow, and then pick one:
>
> - we target strict ISO C compliance (wrt. integer arithmetic) with
> SafeIntLib -- in which case a re-evaluation and patches are necessary,
>
> - or else we define additional C language guarantees, and then we
> *ensure* those via compiler flags, universally.
Specifically, see "-fwrapv" for GCC:
-fwrapv
This option instructs the compiler to assume that signed
arithmetic overflow of addition, subtraction and
multiplication wraps around using twos-complement
representation. This flag enables some optimizations and
disables others. This option is enabled by default for the
Java front end, as required by the Java language
specification.
It is used by QEMU, for example. Citing the "configure" script:
> # default flags for all hosts
> # We use -fwrapv to tell the compiler that we require a C dialect where
> # left shift of signed integers is well defined and has the expected
> # 2s-complement style results. (Both clang and gcc agree that it
> # provides these semantics.)
> QEMU_CFLAGS="-fno-strict-aliasing -fno-common -fwrapv $QEMU_CFLAGS"
edk2 doesn't use "-fwrapv" (yet?), and I'm not sure an equivalent flag
exists for VS / MSVC at all.
Thanks!
Laszlo
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
