autoconf: Integer Overflow Basics

1 
1 13.2.1 Basics of Integer Overflow
1 ---------------------------------
1 
1 In languages like C, unsigned integer overflow reliably wraps around;
1 e.g., `UINT_MAX + 1' yields zero.  This is guaranteed by the C standard
1 and is portable in practice, unless you specify aggressive, nonstandard
1 optimization options suitable only for special applications.
1 
1    In contrast, the C standard says that signed integer overflow leads
1 to undefined behavior where a program can do anything, including dumping
1 core or overrunning a buffer.  The misbehavior can even precede the
1 overflow.  Such an overflow can occur during addition, subtraction,
1 multiplication, division, and left shift.
1 
1    Despite this requirement of the standard, many C programs and
1 Autoconf tests assume that signed integer overflow silently wraps
1 around modulo a power of two, using two's complement arithmetic, so
1 long as you cast the resulting value to a signed integer type or store
1 it into a signed integer variable.  If you use conservative
1 optimization flags, such programs are generally portable to the vast
1 majority of modern platforms, with a few exceptions discussed later.
1 
1    For historical reasons the C standard also allows implementations
1 with ones' complement or signed magnitude arithmetic, but it is safe to
1 assume two's complement nowadays.
1 
1    Also, overflow can occur when converting an out-of-range value to a
1 signed integer type.  Here a standard implementation must define what
1 happens, but this might include raising an exception.  In practice all
1 known implementations support silent wraparound in this case, so you
1 need not worry about other possibilities.
1