Content deleted Content added
Referenced the C language standard which defines the term overflow as never applying to unsigned operations. Added MATLAB and Simulink to the table of language examples. |
Added a section on Definition Variations and Ambiguity |
||
Line 35:
The [[overflow flag]] is set when the result of an operation on signed numbers does not have the sign that one would predict from the signs of the operands, e.g. a negative result when adding two positive numbers. This indicates that an overflow has occurred and the signed result represented in [[two's complement]] form would not fit in the given number of bits.
==Definition Variations and Ambiguity==
For an unsigned type, when the ideal result of an operation is outside the types representable range and the returned result is obtained by wrapping,
then this event is commonly defined as an overflow.
In contrast, the C11 standard defines that this event is not an overflow and states "a computation involving unsigned operands can never overflow."
<ref>[https://webstore.ansi.org/RecordDetail.aspx?sku=ISO%2FIEC%209899:2011&msclkid=2f0af3a2b5ca143c9285a9f8e8f6b3e1&utm_source=bing&utm_medium=cpc&utm_campaign=Campaign%20%231&utm_term=ISO%2FIEC%209899%3A2011&utm_content=iso-iec ISO C11 Standard]</ref>
When the ideal result of an integer operation is outside the types representable range and the returned result is obtained by clamping,
then this event is commonly defined as a saturation.
Usage varies as to whether a saturation is or is not an overflow.
To eliminate ambiguity, the terms wrap on overflow <ref>https://www.mathworks.com/help/simulink/gui/wrap-on-overflow.html?searchHighlight=overflow&s_tid=doc_srchtitle</ref>
and saturate on overflow<ref>https://www.mathworks.com/help/simulink/gui/saturate-on-overflow.html?searchHighlight=overflow&s_tid=doc_srchtitle</ref>
can be used.
The term underflow is most commonly used for floating-point math and not for integer math<ref>[[Arithmetic underflow]]</ref>.
But, many references can be found to integer underflow
<ref>https://cwe.mitre.org/data/definitions/191.html</ref>
<ref>https://dzone.com/articles/overflow-and-underflow-data</ref>
<ref>https://medium.com/@taabishm2/integer-overflow-underflow-and-floating-point-imprecision-6ba869a99033</ref>
<ref>https://www.mozilla.org/en-US/security/advisories/mfsa2015-147/</ref>
<ref>https://developer.apple.com/library/content/documentation/Security/Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/doc/uid/TP40002577-SW7</ref>.
When the term integer underflow is used,
it means the ideal result was closer to minus infinity
than the output type's representable value closest to minus infinity.
When the term integer underflow is used,
the definition of overflow may include all types of overflows
or it may only include cases where the ideal result was closer to positive infinity
than the output type's representable value closest to positive infinity.
When the ideal result of an operation is not an exact integer, the meaning of overflow can be ambiguous in edge cases.
Consider the case where the ideal result has value 127.25 and the output type's maximum representable value is 127.
If overflow is defined as the ideal value being outside the representable range of the output type, then this case would be classified as an overflow.
For operations that have well defined rounding behavior, overflow classification may need to be postponed until after rounding is applied.
The C11 standard
<ref>[https://webstore.ansi.org/RecordDetail.aspx?sku=ISO%2FIEC%209899:2011&msclkid=2f0af3a2b5ca143c9285a9f8e8f6b3e1&utm_source=bing&utm_medium=cpc&utm_campaign=Campaign%20%231&utm_term=ISO%2FIEC%209899%3A2011&utm_content=iso-iec ISO C11 Standard]</ref>
defines that conversions from floating point to integer must round toward zero.
If C is used to convert the floating point value 127.25 to integer, then rounding should be applied first to given an ideal integer output of 127.
Since the rounded integer is in the outputs range, the C standard would not classify this conversion as an overflow.
==Methods to mitigate integer overflow problems==
| |||