How to detect integer overflow in C [duplicate] Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Data science time! April 2019 and salary with experience The Ask Question Wizard is Live!How do I detect unsigned integer multiply overflow?Detecting signed overflow in C/C++How do I check if A+B exceed long long? (both A and B is long long)Test for overflow in integer additionHow do you set, clear, and toggle a single bit?How do I detect unsigned integer multiply overflow?Improve INSERT-per-second performance of SQLite?Catch and compute overflow during multiplication of two large integersWhen to address integer overflow in CDetecting signed overflow in C/C++How to find (all) integer overflows in a C program?Speed comparison with Project Euler: C vs Python vs Erlang vs HaskellHow to check if overflow occured?automatic overflow detection in C++?
2001: A Space Odyssey's use of the song "Daisy Bell" (Bicycle Built for Two); life imitates art or vice-versa?
What would be the ideal power source for a cybernetic eye?
Selecting user stories during sprint planning
Why are the trig functions versine, haversine, exsecant, etc, rarely used in modern mathematics?
Maximum summed subsequences with non-adjacent items
How fail-safe is nr as stop bytes?
How to react to hostile behavior from a senior developer?
Where are Serre’s lectures at Collège de France to be found?
What does できなさすぎる mean?
Using audio cues to encourage good posture
Is grep documentation wrong?
What do you call the main part of a joke?
For a new assistant professor in CS, how to build/manage a publication pipeline
Is there a kind of relay only consumes power when switching?
Fundamental Solution of the Pell Equation
What is the effect of altitude on true airspeed?
How often does castling occur in grandmaster games?
NumericArray versus PackedArray in MMA12
hookrightarrow with ebgaramond-math
Amount of permutations on an NxNxN Rubik's Cube
QGIS: how to apply Line Pattern Fill to LineStrings?
When a candle burns, why does the top of wick glow if bottom of flame is hottest?
Catmull-Clark and Doo-Sabin Subdivision Codes
How does the math work when buying airline miles?
How to detect integer overflow in C [duplicate]
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Data science time! April 2019 and salary with experience
The Ask Question Wizard is Live!How do I detect unsigned integer multiply overflow?Detecting signed overflow in C/C++How do I check if A+B exceed long long? (both A and B is long long)Test for overflow in integer additionHow do you set, clear, and toggle a single bit?How do I detect unsigned integer multiply overflow?Improve INSERT-per-second performance of SQLite?Catch and compute overflow during multiplication of two large integersWhen to address integer overflow in CDetecting signed overflow in C/C++How to find (all) integer overflows in a C program?Speed comparison with Project Euler: C vs Python vs Erlang vs HaskellHow to check if overflow occured?automatic overflow detection in C++?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
This question already has an answer here:
Detecting signed overflow in C/C++
12 answers
How do I detect unsigned integer multiply overflow?
31 answers
We know CPython promotes integers to long integers (which allow arbitrary-precision arithmetic) silently when the number gets bigger.
How can we detect overflow of int and long long in pure C?
c overflow
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
asked Apr 2 at 7:07
DeanDean
11215
marked as duplicate by sleske, ead, phuclv, Cody Gray♦ Apr 2 at 16:38
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |
This question already has an answer here:
Detecting signed overflow in C/C++
12 answers
How do I detect unsigned integer multiply overflow?
31 answers
We know CPython promotes integers to long integers (which allow arbitrary-precision arithmetic) silently when the number gets bigger.
How can we detect overflow of int and long long in pure C?
c overflow
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
asked Apr 2 at 7:07
DeanDean
11215
marked as duplicate by sleske, ead, phuclv, Cody Gray♦ Apr 2 at 16:38
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
3
It's very tricky since you just can't add two numbers and check if the value is above some threshold (because signed integer arithmetic overflow and such). A simple solution might be to check ifx(the value you want to check) is above a specific threshold, or if adding one goes above a threshold. If it does and the other number you want to add is larger than one, then you have an overflow situation.
– Some programmer dude
Apr 2 at 7:11
1
Nitpick, but, it was CPython 2.7 that did this. CPython 3 doesn't "promote" anything, even internally there is just one type.
– Antti Haapala
Apr 2 at 12:49
1
there are a lot of duplicates depending on what you want to do with the values (add/sub/mul/div/...?) How to check if A+B exceed long long? (both A and B is long long), Detecting signed overflow in C/C++, Test for overflow in integer addition
– phuclv
Apr 2 at 14:00
and add 1 more codereview.stackexchange.com/questions/37177/…
– NoChance
Apr 2 at 14:36
add a comment |
This question already has an answer here:
Detecting signed overflow in C/C++
12 answers
How do I detect unsigned integer multiply overflow?
31 answers
We know CPython promotes integers to long integers (which allow arbitrary-precision arithmetic) silently when the number gets bigger.
How can we detect overflow of int and long long in pure C?
c overflow
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
asked Apr 2 at 7:07
DeanDean
11215
This question already has an answer here:
Detecting signed overflow in C/C++
12 answers
How do I detect unsigned integer multiply overflow?
31 answers
We know CPython promotes integers to long integers (which allow arbitrary-precision arithmetic) silently when the number gets bigger.
How can we detect overflow of int and long long in pure C?
This question already has an answer here:
Detecting signed overflow in C/C++
12 answers
How do I detect unsigned integer multiply overflow?
31 answers
c overflow
c overflow
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
asked Apr 2 at 7:07
DeanDean
11215
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
asked Apr 2 at 7:07
DeanDean
11215
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
edited Apr 2 at 22:45
Peter Mortensen
13.9k1987114
13.9k1987114
asked Apr 2 at 7:07
DeanDean
11215
asked Apr 2 at 7:07
DeanDean
11215
asked Apr 2 at 7:07
DeanDean
11215
11215
marked as duplicate by sleske, ead, phuclv, Cody Gray♦ Apr 2 at 16:38
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by sleske, ead, phuclv, Cody Gray♦ Apr 2 at 16:38
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
3
It's very tricky since you just can't add two numbers and check if the value is above some threshold (because signed integer arithmetic overflow and such). A simple solution might be to check ifx(the value you want to check) is above a specific threshold, or if adding one goes above a threshold. If it does and the other number you want to add is larger than one, then you have an overflow situation.
– Some programmer dude
Apr 2 at 7:11
1
Nitpick, but, it was CPython 2.7 that did this. CPython 3 doesn't "promote" anything, even internally there is just one type.
– Antti Haapala
Apr 2 at 12:49
1
there are a lot of duplicates depending on what you want to do with the values (add/sub/mul/div/...?) How to check if A+B exceed long long? (both A and B is long long), Detecting signed overflow in C/C++, Test for overflow in integer addition
– phuclv
Apr 2 at 14:00
and add 1 more codereview.stackexchange.com/questions/37177/…
– NoChance
Apr 2 at 14:36
add a comment |
3
It's very tricky since you just can't add two numbers and check if the value is above some threshold (because signed integer arithmetic overflow and such). A simple solution might be to check ifx(the value you want to check) is above a specific threshold, or if adding one goes above a threshold. If it does and the other number you want to add is larger than one, then you have an overflow situation.
– Some programmer dude
Apr 2 at 7:11
1
Nitpick, but, it was CPython 2.7 that did this. CPython 3 doesn't "promote" anything, even internally there is just one type.
– Antti Haapala
Apr 2 at 12:49
1
there are a lot of duplicates depending on what you want to do with the values (add/sub/mul/div/...?) How to check if A+B exceed long long? (both A and B is long long), Detecting signed overflow in C/C++, Test for overflow in integer addition
– phuclv
Apr 2 at 14:00
and add 1 more codereview.stackexchange.com/questions/37177/…
– NoChance
Apr 2 at 14:36
3
3
It's very tricky since you just can't add two numbers and check if the value is above some threshold (because signed integer arithmetic overflow and such). A simple solution might be to check if
x (the value you want to check) is above a specific threshold, or if adding one goes above a threshold. If it does and the other number you want to add is larger than one, then you have an overflow situation.– Some programmer dude
Apr 2 at 7:11
It's very tricky since you just can't add two numbers and check if the value is above some threshold (because signed integer arithmetic overflow and such). A simple solution might be to check if
x (the value you want to check) is above a specific threshold, or if adding one goes above a threshold. If it does and the other number you want to add is larger than one, then you have an overflow situation.– Some programmer dude
Apr 2 at 7:11
1
1
Nitpick, but, it was CPython 2.7 that did this. CPython 3 doesn't "promote" anything, even internally there is just one type.
– Antti Haapala
Apr 2 at 12:49
Nitpick, but, it was CPython 2.7 that did this. CPython 3 doesn't "promote" anything, even internally there is just one type.
– Antti Haapala
Apr 2 at 12:49
1
1
there are a lot of duplicates depending on what you want to do with the values (add/sub/mul/div/...?) How to check if A+B exceed long long? (both A and B is long long), Detecting signed overflow in C/C++, Test for overflow in integer addition
– phuclv
Apr 2 at 14:00
there are a lot of duplicates depending on what you want to do with the values (add/sub/mul/div/...?) How to check if A+B exceed long long? (both A and B is long long), Detecting signed overflow in C/C++, Test for overflow in integer addition
– phuclv
Apr 2 at 14:00
and add 1 more codereview.stackexchange.com/questions/37177/…
– NoChance
Apr 2 at 14:36
and add 1 more codereview.stackexchange.com/questions/37177/…
– NoChance
Apr 2 at 14:36
add a comment |
3 Answers
3
active
oldest
votes
You can predict signed int overflow but attempting to detect it after the summation is too late. You have to test for possible overflow before you do a signed addition.
It's not possible to avoid undefined behaviour by testing for it after the summation. If the addition overflows then there is already undefined behaviour.
If it were me, I'd do something like this:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > (INT_MAX - a))
/* handle overflow */
else
if (b < (INT_MIN - a))
/* handle underflow */
return a + b;
Refer this paper for more information. You can also find why unsigned integer overflow is not undefined behaviour and what could be portability issues in the same paper.
EDIT:
GCC and other compilers have some provisions to detect the overflow. For example, GCC has following built-in functions allow performing simple arithmetic operations together with checking whether the operations overflowed.
bool __builtin_add_overflow (type1 a, type2 b, type3 *res)
bool __builtin_sadd_overflow (int a, int b, int *res)
bool __builtin_saddl_overflow (long int a, long int b, long int *res)
bool __builtin_saddll_overflow (long long int a, long long int b, long long int *res)
bool __builtin_uadd_overflow (unsigned int a, unsigned int b, unsigned int *res)
bool __builtin_uaddl_overflow (unsigned long int a, unsigned long int b, unsigned long int *res)
bool __builtin_uaddll_overflow (unsigned long long int a, unsigned long long int b, unsigned long long int *res)
Visit this link.
EDIT:
Regarding the question asked by someone
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
The answer depends upon the implementation of the compiler. Most C implementations (compilers) just used whatever overflow behaviour was easiest to implement with the integer representation it used.
In practice, the representations for signed values may differ (according to the implementation): one's complement, two's complement, sign-magnitude. For an unsigned type there is no reason for the standard to allow variation because there is only one obvious binary representation (the standard only allows binary representation).
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
Why extra parentheses? Also you could save one test on average withif (a >= 0) test overflow else test underflow return a + b;
– chqrlie
Apr 2 at 7:28
@chqrlie that is not sufficient because there is no possibility of overflow whena == 0.
– Antti Haapala
Apr 2 at 7:30
It is not necessary to test overflow ifa == 0but testingajust once saves one comparison ifa < 0, which is half the cases.
– chqrlie
Apr 2 at 7:32
8
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
3
@AnttiHaapala it does not ignore the casea == 0where there is no possible overflow, it just handles it differently.
– chqrlie
Apr 2 at 7:37
|
show 3 more comments
You cannot detect signed int overflow. You have to write your code to avoid it.
Signed int overflow is Undefined Behaviour and if it is present in your program, the program is invalid and the compiler is not required to generate any specific behaviour.
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
3
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
7
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
6
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
6
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
5
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
|
show 3 more comments
Signed operands must be tested before the addition is performed. Here is a safe addition function with 2 comparisons in all cases:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > INT_MAX - a)
/* handle overflow */
else
return a + b;
else
if (b < INT_MIN - a)
/* handle negative overflow */
else
return a + b;
If the type long long is known to have a larger range than type int, you could use this approach, which might prove faster:
#include <limits.h>
int safe_add(int a, int b)
long long res = (long long)a + b;
if (res > INT_MAX
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
add a comment |
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can predict signed int overflow but attempting to detect it after the summation is too late. You have to test for possible overflow before you do a signed addition.
It's not possible to avoid undefined behaviour by testing for it after the summation. If the addition overflows then there is already undefined behaviour.
If it were me, I'd do something like this:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > (INT_MAX - a))
/* handle overflow */
else
if (b < (INT_MIN - a))
/* handle underflow */
return a + b;
Refer this paper for more information. You can also find why unsigned integer overflow is not undefined behaviour and what could be portability issues in the same paper.
EDIT:
GCC and other compilers have some provisions to detect the overflow. For example, GCC has following built-in functions allow performing simple arithmetic operations together with checking whether the operations overflowed.
bool __builtin_add_overflow (type1 a, type2 b, type3 *res)
bool __builtin_sadd_overflow (int a, int b, int *res)
bool __builtin_saddl_overflow (long int a, long int b, long int *res)
bool __builtin_saddll_overflow (long long int a, long long int b, long long int *res)
bool __builtin_uadd_overflow (unsigned int a, unsigned int b, unsigned int *res)
bool __builtin_uaddl_overflow (unsigned long int a, unsigned long int b, unsigned long int *res)
bool __builtin_uaddll_overflow (unsigned long long int a, unsigned long long int b, unsigned long long int *res)
Visit this link.
EDIT:
Regarding the question asked by someone
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
The answer depends upon the implementation of the compiler. Most C implementations (compilers) just used whatever overflow behaviour was easiest to implement with the integer representation it used.
In practice, the representations for signed values may differ (according to the implementation): one's complement, two's complement, sign-magnitude. For an unsigned type there is no reason for the standard to allow variation because there is only one obvious binary representation (the standard only allows binary representation).
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
Why extra parentheses? Also you could save one test on average withif (a >= 0) test overflow else test underflow return a + b;
– chqrlie
Apr 2 at 7:28
@chqrlie that is not sufficient because there is no possibility of overflow whena == 0.
– Antti Haapala
Apr 2 at 7:30
It is not necessary to test overflow ifa == 0but testingajust once saves one comparison ifa < 0, which is half the cases.
– chqrlie
Apr 2 at 7:32
8
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
3
@AnttiHaapala it does not ignore the casea == 0where there is no possible overflow, it just handles it differently.
– chqrlie
Apr 2 at 7:37
|
show 3 more comments
You can predict signed int overflow but attempting to detect it after the summation is too late. You have to test for possible overflow before you do a signed addition.
It's not possible to avoid undefined behaviour by testing for it after the summation. If the addition overflows then there is already undefined behaviour.
If it were me, I'd do something like this:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > (INT_MAX - a))
/* handle overflow */
else
if (b < (INT_MIN - a))
/* handle underflow */
return a + b;
Refer this paper for more information. You can also find why unsigned integer overflow is not undefined behaviour and what could be portability issues in the same paper.
EDIT:
GCC and other compilers have some provisions to detect the overflow. For example, GCC has following built-in functions allow performing simple arithmetic operations together with checking whether the operations overflowed.
bool __builtin_add_overflow (type1 a, type2 b, type3 *res)
bool __builtin_sadd_overflow (int a, int b, int *res)
bool __builtin_saddl_overflow (long int a, long int b, long int *res)
bool __builtin_saddll_overflow (long long int a, long long int b, long long int *res)
bool __builtin_uadd_overflow (unsigned int a, unsigned int b, unsigned int *res)
bool __builtin_uaddl_overflow (unsigned long int a, unsigned long int b, unsigned long int *res)
bool __builtin_uaddll_overflow (unsigned long long int a, unsigned long long int b, unsigned long long int *res)
Visit this link.
EDIT:
Regarding the question asked by someone
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
The answer depends upon the implementation of the compiler. Most C implementations (compilers) just used whatever overflow behaviour was easiest to implement with the integer representation it used.
In practice, the representations for signed values may differ (according to the implementation): one's complement, two's complement, sign-magnitude. For an unsigned type there is no reason for the standard to allow variation because there is only one obvious binary representation (the standard only allows binary representation).
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
Why extra parentheses? Also you could save one test on average withif (a >= 0) test overflow else test underflow return a + b;
– chqrlie
Apr 2 at 7:28
@chqrlie that is not sufficient because there is no possibility of overflow whena == 0.
– Antti Haapala
Apr 2 at 7:30
It is not necessary to test overflow ifa == 0but testingajust once saves one comparison ifa < 0, which is half the cases.
– chqrlie
Apr 2 at 7:32
8
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
3
@AnttiHaapala it does not ignore the casea == 0where there is no possible overflow, it just handles it differently.
– chqrlie
Apr 2 at 7:37
|
show 3 more comments
You can predict signed int overflow but attempting to detect it after the summation is too late. You have to test for possible overflow before you do a signed addition.
It's not possible to avoid undefined behaviour by testing for it after the summation. If the addition overflows then there is already undefined behaviour.
If it were me, I'd do something like this:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > (INT_MAX - a))
/* handle overflow */
else
if (b < (INT_MIN - a))
/* handle underflow */
return a + b;
Refer this paper for more information. You can also find why unsigned integer overflow is not undefined behaviour and what could be portability issues in the same paper.
EDIT:
GCC and other compilers have some provisions to detect the overflow. For example, GCC has following built-in functions allow performing simple arithmetic operations together with checking whether the operations overflowed.
bool __builtin_add_overflow (type1 a, type2 b, type3 *res)
bool __builtin_sadd_overflow (int a, int b, int *res)
bool __builtin_saddl_overflow (long int a, long int b, long int *res)
bool __builtin_saddll_overflow (long long int a, long long int b, long long int *res)
bool __builtin_uadd_overflow (unsigned int a, unsigned int b, unsigned int *res)
bool __builtin_uaddl_overflow (unsigned long int a, unsigned long int b, unsigned long int *res)
bool __builtin_uaddll_overflow (unsigned long long int a, unsigned long long int b, unsigned long long int *res)
Visit this link.
EDIT:
Regarding the question asked by someone
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
The answer depends upon the implementation of the compiler. Most C implementations (compilers) just used whatever overflow behaviour was easiest to implement with the integer representation it used.
In practice, the representations for signed values may differ (according to the implementation): one's complement, two's complement, sign-magnitude. For an unsigned type there is no reason for the standard to allow variation because there is only one obvious binary representation (the standard only allows binary representation).
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
You can predict signed int overflow but attempting to detect it after the summation is too late. You have to test for possible overflow before you do a signed addition.
It's not possible to avoid undefined behaviour by testing for it after the summation. If the addition overflows then there is already undefined behaviour.
If it were me, I'd do something like this:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > (INT_MAX - a))
/* handle overflow */
else
if (b < (INT_MIN - a))
/* handle underflow */
return a + b;
Refer this paper for more information. You can also find why unsigned integer overflow is not undefined behaviour and what could be portability issues in the same paper.
EDIT:
GCC and other compilers have some provisions to detect the overflow. For example, GCC has following built-in functions allow performing simple arithmetic operations together with checking whether the operations overflowed.
bool __builtin_add_overflow (type1 a, type2 b, type3 *res)
bool __builtin_sadd_overflow (int a, int b, int *res)
bool __builtin_saddl_overflow (long int a, long int b, long int *res)
bool __builtin_saddll_overflow (long long int a, long long int b, long long int *res)
bool __builtin_uadd_overflow (unsigned int a, unsigned int b, unsigned int *res)
bool __builtin_uaddl_overflow (unsigned long int a, unsigned long int b, unsigned long int *res)
bool __builtin_uaddll_overflow (unsigned long long int a, unsigned long long int b, unsigned long long int *res)
Visit this link.
EDIT:
Regarding the question asked by someone
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
The answer depends upon the implementation of the compiler. Most C implementations (compilers) just used whatever overflow behaviour was easiest to implement with the integer representation it used.
In practice, the representations for signed values may differ (according to the implementation): one's complement, two's complement, sign-magnitude. For an unsigned type there is no reason for the standard to allow variation because there is only one obvious binary representation (the standard only allows binary representation).
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
edited Apr 3 at 8:31
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
answered Apr 2 at 7:17
abhiaroraabhiarora
2,54431533
2,54431533
Why extra parentheses? Also you could save one test on average withif (a >= 0) test overflow else test underflow return a + b;
– chqrlie
Apr 2 at 7:28
@chqrlie that is not sufficient because there is no possibility of overflow whena == 0.
– Antti Haapala
Apr 2 at 7:30
It is not necessary to test overflow ifa == 0but testingajust once saves one comparison ifa < 0, which is half the cases.
– chqrlie
Apr 2 at 7:32
8
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
3
@AnttiHaapala it does not ignore the casea == 0where there is no possible overflow, it just handles it differently.
– chqrlie
Apr 2 at 7:37
|
show 3 more comments
Why extra parentheses? Also you could save one test on average withif (a >= 0) test overflow else test underflow return a + b;
– chqrlie
Apr 2 at 7:28
@chqrlie that is not sufficient because there is no possibility of overflow whena == 0.
– Antti Haapala
Apr 2 at 7:30
It is not necessary to test overflow ifa == 0but testingajust once saves one comparison ifa < 0, which is half the cases.
– chqrlie
Apr 2 at 7:32
8
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
3
@AnttiHaapala it does not ignore the casea == 0where there is no possible overflow, it just handles it differently.
– chqrlie
Apr 2 at 7:37
Why extra parentheses? Also you could save one test on average with
if (a >= 0) test overflow else test underflow return a + b;– chqrlie
Apr 2 at 7:28
Why extra parentheses? Also you could save one test on average with
if (a >= 0) test overflow else test underflow return a + b;– chqrlie
Apr 2 at 7:28
@chqrlie that is not sufficient because there is no possibility of overflow when
a == 0.– Antti Haapala
Apr 2 at 7:30
@chqrlie that is not sufficient because there is no possibility of overflow when
a == 0.– Antti Haapala
Apr 2 at 7:30
It is not necessary to test overflow if
a == 0 but testing a just once saves one comparison if a < 0, which is half the cases.– chqrlie
Apr 2 at 7:32
It is not necessary to test overflow if
a == 0 but testing a just once saves one comparison if a < 0, which is half the cases.– chqrlie
Apr 2 at 7:32
8
8
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
Also, both are technically called overflow. Underflow means that the value is too small in magnitude to be representable in a floating point variable.
– Antti Haapala
Apr 2 at 7:32
3
3
@AnttiHaapala it does not ignore the case
a == 0 where there is no possible overflow, it just handles it differently.– chqrlie
Apr 2 at 7:37
@AnttiHaapala it does not ignore the case
a == 0 where there is no possible overflow, it just handles it differently.– chqrlie
Apr 2 at 7:37
|
show 3 more comments
You cannot detect signed int overflow. You have to write your code to avoid it.
Signed int overflow is Undefined Behaviour and if it is present in your program, the program is invalid and the compiler is not required to generate any specific behaviour.
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
3
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
7
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
6
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
6
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
5
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
|
show 3 more comments
You cannot detect signed int overflow. You have to write your code to avoid it.
Signed int overflow is Undefined Behaviour and if it is present in your program, the program is invalid and the compiler is not required to generate any specific behaviour.
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
3
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
7
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
6
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
6
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
5
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
|
show 3 more comments
You cannot detect signed int overflow. You have to write your code to avoid it.
Signed int overflow is Undefined Behaviour and if it is present in your program, the program is invalid and the compiler is not required to generate any specific behaviour.
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
You cannot detect signed int overflow. You have to write your code to avoid it.
Signed int overflow is Undefined Behaviour and if it is present in your program, the program is invalid and the compiler is not required to generate any specific behaviour.
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
answered Apr 2 at 7:10
Jesper JuhlJesper Juhl
17.8k32647
17.8k32647
3
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
7
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
6
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
6
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
5
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
|
show 3 more comments
3
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
7
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
6
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
6
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
5
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
3
3
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
You can check you input values before doing a calculation to prevent overflow.
– A.R.C.
Apr 2 at 7:12
7
7
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
I think, it would be nice and informative to explain why signed int overflow undefined, whereas unsigned apperantly isn't..
– hetepeperfan
Apr 2 at 7:17
6
6
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
@hetepeperfan It's because that's what the language standard says.
– Sneftel
Apr 2 at 8:40
6
6
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
@sneftel thats an authoritative argument lacking an authoritative source, despise it is probably correct. On top of that, standards make more sense to people, once they start to understand the language, which is perhaps a reason they visit stackoverflow in the first place.
– hetepeperfan
Apr 2 at 9:07
5
5
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
@hetepeperfan the reason for why the standard is written as it is, is for the most part outside the scope of Stack Overflow.
– Antti Haapala
Apr 2 at 12:51
|
show 3 more comments
Signed operands must be tested before the addition is performed. Here is a safe addition function with 2 comparisons in all cases:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > INT_MAX - a)
/* handle overflow */
else
return a + b;
else
if (b < INT_MIN - a)
/* handle negative overflow */
else
return a + b;
If the type long long is known to have a larger range than type int, you could use this approach, which might prove faster:
#include <limits.h>
int safe_add(int a, int b)
long long res = (long long)a + b;
if (res > INT_MAX
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
add a comment |
Signed operands must be tested before the addition is performed. Here is a safe addition function with 2 comparisons in all cases:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > INT_MAX - a)
/* handle overflow */
else
return a + b;
else
if (b < INT_MIN - a)
/* handle negative overflow */
else
return a + b;
If the type long long is known to have a larger range than type int, you could use this approach, which might prove faster:
#include <limits.h>
int safe_add(int a, int b)
long long res = (long long)a + b;
if (res > INT_MAX
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
add a comment |
Signed operands must be tested before the addition is performed. Here is a safe addition function with 2 comparisons in all cases:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > INT_MAX - a)
/* handle overflow */
else
return a + b;
else
if (b < INT_MIN - a)
/* handle negative overflow */
else
return a + b;
If the type long long is known to have a larger range than type int, you could use this approach, which might prove faster:
#include <limits.h>
int safe_add(int a, int b)
long long res = (long long)a + b;
if (res > INT_MAX
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
Signed operands must be tested before the addition is performed. Here is a safe addition function with 2 comparisons in all cases:
#include <limits.h>
int safe_add(int a, int b)
if (a >= 0)
if (b > INT_MAX - a)
/* handle overflow */
else
return a + b;
else
if (b < INT_MIN - a)
/* handle negative overflow */
else
return a + b;
If the type long long is known to have a larger range than type int, you could use this approach, which might prove faster:
#include <limits.h>
int safe_add(int a, int b)
long long res = (long long)a + b;
if (res > INT_MAX
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
edited Apr 2 at 7:55
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
answered Apr 2 at 7:40
chqrliechqrlie
63.9k851108
63.9k851108
add a comment |
add a comment |
3
It's very tricky since you just can't add two numbers and check if the value is above some threshold (because signed integer arithmetic overflow and such). A simple solution might be to check if
x(the value you want to check) is above a specific threshold, or if adding one goes above a threshold. If it does and the other number you want to add is larger than one, then you have an overflow situation.– Some programmer dude
Apr 2 at 7:11
1
Nitpick, but, it was CPython 2.7 that did this. CPython 3 doesn't "promote" anything, even internally there is just one type.
– Antti Haapala
Apr 2 at 12:49
1
there are a lot of duplicates depending on what you want to do with the values (add/sub/mul/div/...?) How to check if A+B exceed long long? (both A and B is long long), Detecting signed overflow in C/C++, Test for overflow in integer addition
– phuclv
Apr 2 at 14:00
and add 1 more codereview.stackexchange.com/questions/37177/…
– NoChance
Apr 2 at 14:36