{"id":188,"date":"2012-07-03T13:17:00","date_gmt":"2012-07-03T13:17:00","guid":{"rendered":"https:\/\/knielsen-hq.org\/w\/?p=188"},"modified":"2021-09-01T18:48:24","modified_gmt":"2021-09-01T18:48:24","slug":"integer-overflow","status":"publish","type":"post","link":"https:\/\/knielsen-hq.org\/w\/integer-overflow\/","title":{"rendered":"Integer overflow"},"content":{"rendered":"\n

What do you think of this piece of C code?<\/p>\n\n\n\n

  void foo(long v) {\n    unsigned long u;\n    unsigned sign;\n    if (v < 0) {\n      u = -v;\n      sign = 1;\n    } else {\n      u = v;\n      sign = 0;\n    }\n    ...\n<\/pre>\n\n\n\n
Seems pretty simple, right? Then what do you think of this output from MySQL:<\/p>\n\n\n\n
  mysql> create table t1 (a bigint) as select '-9223372036854775807.5' as a;\n  mysql> select * from t1;\n  +----------------------+\n  | a                    |\n  +----------------------+\n  | -'..--).0-*(+,))+(0( | \n  +----------------------+\n<\/pre>\n\n\n\n
Yes, that is authentic output from older versions of MySQL. Not just the wrong number, the output is complete garbage! This is my all-time favorite MySQL bug#31799<\/a>. It was caused by code like the above C snippet.<\/p>\n\n\n\n
So can you spot what is wrong with the code? Looks pretty simple, does it not? But the title of this post may give a hint…<\/p>\n\n\n\n
It is a little known fact that signed integer overflow is undefined<\/em> in C! The code above contains such undefined behaviour. The expression -v<\/code> overflows<\/em> when v<\/code> contains the smallest negative integer of the long type (-263<\/sup> on 64-bit) – the absolute value of this cannot be represented in the type. The correct way to put the absolute value of signed v<\/code> into unsigned u<\/code> is u = (unsigned long)0 - (unsigned long)v<\/code>. Unsigned overflow is<\/em> well-defined in C, in contrast to signed overflow.<\/p>\n\n\n\n
And yes, GCC will<\/em> generate unexpected (but technically valid) assembler for such code, as seen in the Bug#31799. If you do not like this, then use -fno-strict-overflow<\/code> like I believe Postgresql and the Linux kernel do.<\/p>\n\n\n\n
(But better write correct C code from the start).<\/p>\n","protected":false},"excerpt":{"rendered":"
What do you think of this piece of C code? void foo(long v) { unsigned long u; unsigned sign; if (v < 0) { u = -v; sign = 1; } else { u = v; sign = 0; } … Seems pretty simple, right? Then what do you think of this output from MySQL:… Continue reading Integer overflow<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[68,69,67,3,4,6],"_links":{"self":[{"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/posts\/188"}],"collection":[{"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/comments?post=188"}],"version-history":[{"count":1,"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/posts\/188\/revisions"}],"predecessor-version":[{"id":189,"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/posts\/188\/revisions\/189"}],"wp:attachment":[{"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/media?parent=188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/categories?post=188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/knielsen-hq.org\/w\/wp-json\/wp\/v2\/tags?post=188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}