Integer overflow: Difference between revisions

Content deleted Content added
m Improved article to match Manual of Style, References after punctuation per WP:CITEFOOT and WP:PAIC using AWB (12151)
Line 28:
 
==Flags==
Most computers have two dedicated processor flags to check for overflow conditions.
 
The [[carry flag]] is set when the result of an addition or subtraction, considering the operands and result as unsigned numbers, does not fit in the given number of bits. This indicates an overflow with a [[carry (arithmetic)|''carry''/''borrow'']] from the [[most significant bit]]. An immediately following ''add with carry'' or ''substract with borrow'' operation would use the contents of this flag to modify a register or a memory ___location that contains the higher part of a multi-word value.
Line 89:
== Examples ==
 
Unanticipated arithmetic overflow is a fairly common cause of [[software bug|program errors]]. Such overflow bugs may be hard to discover and diagnose because they may manifest themselves only for very large input data sets, which are less likely to be used in validation tests.
 
Taking the arithmetic mean of two numbers by adding them and dividing by two, as done in many [[search algorithm]]s, causes error if the sum (although not the resulting mean) is too large to be represented, and hence overflows.<ref>[http://googleresearch.blogspot.co.uk/2006/06/extra-extra-read-all-about-it-nearly.html Google Research blog: Nearly All Binary Searches and Mergesorts are Broken, Joshua Bloch, 2 June 2006]</ref>
Line 97:
On 30 April 2015, the [[Federal Aviation Authority]] announced it will order [[Boeing 787]] operators to reset its electrical system periodically, to avoid an integer overflow which could lead to loss of electrical power and [[ram air turbine]] deployment, and Boeing is going to deploy a [[software update]] in the fourth quarter.<ref>{{cite news |title= F.A.A. Orders Fix for Possible Power Loss in Boeing 787 |work= [[New York Times]] |date= 30 April 2015 |url= https://www.nytimes.com/2015/05/01/business/faa-orders-fix-for-possible-power-loss-in-boeing-787.html?_r=0}}</ref> The [[European Aviation Safety Agency]] followed on 4 May 2015.<ref>{{cite web |url= http://ad.easa.europa.eu/ad/US-2015-09-07 |work= Airworthiness Directives |title= US-2015-09-07 : Electrical Power - Deactivation |date= {{date|2015-05-04}} |publisher= [[European Aviation Safety Agency]]}}</ref> The error happens after 2³¹ centiseconds ({{#expr:2^31/100/3600/24}} days), indicating a 32-bit [[Signed number representations|signed]] [[Integer (computer science)|integer]].
 
Overflow bugs are evident in computer games. In the arcade game ''[[Donkey Kong]]'', [[Kill screen|it is impossible to advance past level 22]] due to an integer overflow in its time/bonus. The game takes the level number a user is on, multiplies it by 10 and adds 40. When they reach level 22, the time/bonus number is 260, which is too large for its 8-bit 256 value register, so it resets itself to 0 and gives the remaining 4 as the time/bonus - too short to finish the level. In ''[[Donkey Kong Jr. Math]]'', when trying to calculate a number over 10000, it shows only the first 4 digits. Overflow is the cause of the famous ''[[kill screen|Split Screen]]'' in Pac-Man <ref>{{cite web|url=http://home.comcast.net/~jpittman2/pacman/pacmandossier.html|title=The Pac-Man Dossier|author=Pittman, Jamey}}</ref> and the ''Nuclear Gandhi'' in [[Civilization series]].It also caused the Far Lands in Minecraft which existed from the Infdev development period to Beta 1.7.3, however it was later fixed in Beta 1.8 but still exist in the Pocket Edition and Windows 10 Edition versions of Minecraft. <ref>{{cite web|url=http://minecraft.gamepedia.com/Far_Lands|title=Minecraft Gamepedia Page|author=Minecraft Gamepedia}}</ref>
 
[[File:Error message due to an integer signedness bug in the stack setup code of MASM 1.00.gif|thumb|An integer signedness bug in the stack setup code emitted by the Pascal compiler prevented Microsoft / IBM MACRO Assembler Version 1.00 (MASM), a DOS program from 1981, and many other programs compiled with the same compiler, to run under some configurations with more than 512 KB of memory.]]
Microsoft / IBM MACRO Assembler (MASM) Version 1.00, and likely all other programs build by the same Pascal compiler, had an integer overflow and signedness error in the stack setup code, which prevented them from running on newer DOS machines or emulators under some common configurations with more than 512 KB of memory. The program either hangs or displays an error message and exits to DOS.<ref>{{cite web|url=https://slions.net/threads/debugging-the-ibm-personal-computer-macro-assembler-masm-version-1-00.33/|title=Debugging IBM MACRO Assembler Version 1.00|author=Lenclud, Christophe}}</ref>.
 
==See also==
Line 121:
*[http://www.cs.utah.edu/~regehr/papers/overflow12.pdf Understanding Integer Overflow in C/C++]
*[https://www.allaboutcircuits.com/textbook/digital/chpt-2/binary-overflow/ Binary Overflow - Binary Arithmetic]
 
 
[[Category:Software bugs]]