Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: Integer overflow



Permlink Replies: 8 - Last Post: Dec 5, 2016 11:43 AM Last Post By: Angus Johnson
Angus Johnson

Posts: 32
Registered: 9/23/99
Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 4, 2016 9:47 PM
var
a,b: Int64;
begin
a := -634494603;
b := -1566836587;

//a := a * a; //OK
//b := b * b; //OK

a := a * b: //integer overflow

Tested using ...
Delphi 10.1 (Berlin)

Can anyone explain this?

Peter Below

Posts: 1,227
Registered: 12/16/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 4, 2016 11:40 PM   in response to: Angus Johnson in response to: Angus Johnson
Angus Johnson wrote:

var
a,b: Int64;
begin
a := -634494603;
b := -1566836587;

//a := a * a; //OK
//b := b * b; //OK

a := a * b: //integer overflow

Tested using ...
Delphi 10.1 (Berlin)

Can anyone explain this?


Can be considered a bug in the routine that emulates int64 * int64
multiplication for a Win32 target. This involves several
multiplications using 32 bit registers, and with your input one of them
overflows. The routine does not reset the overflow flag, and so you get
the exception. If you build for a WIn64 target this does not happen.

--
Peter Below
TeamB
Angus Johnson

Posts: 32
Registered: 9/23/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 2:05 AM   in response to: Peter Below in response to: Peter Below
On 5/12/2016 6:40 PM, Peter Below wrote:
Can be considered a bug in the routine that emulates int64 * int64
multiplication for a Win32 target. This involves several
multiplications using 32 bit registers, and with your input one of them
overflows. The routine does not reset the overflow flag, and so you get
the exception. If you build for a WIn64 target this does not happen.

Thanks Peter. Is it known just how negative these 64bit integers have to
be to be vulnerable to this bug? Also, do you know of an efficient
workaround (while avoiding floating point math)?
Rudy Velthuis (...


Posts: 7,731
Registered: 9/22/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 6:42 AM   in response to: Angus Johnson in response to: Angus Johnson
Angus Johnson wrote:

On 5/12/2016 6:40 PM, Peter Below wrote:
Can be considered a bug in the routine that emulates int64 * int64
multiplication for a Win32 target. This involves several
multiplications using 32 bit registers, and with your input one of
them overflows. The routine does not reset the overflow flag, and
so you get the exception. If you build for a WIn64 target this does
not happen.

Thanks Peter. Is it known just how negative these 64bit integers have
to be to be vulnerable to this bug?

Is there a bug? If so, it must have disappeared in Update 2. I can't
reproduce it. Your code works fine for me and gives the expected
result. ISTM that if there really were a bug in the multiplication of
(negative) Int64s, it would have been found many versions ago.

--
Rudy Velthuis http://www.rvelthuis.de

"The only way to get rid of a temptation is to yield to it."
-- Oscar Wilde (1854-1900)
Peter Below

Posts: 1,227
Registered: 12/16/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 10:10 AM   in response to: Angus Johnson in response to: Angus Johnson
Angus Johnson wrote:

On 5/12/2016 6:40 PM, Peter Below wrote:
Can be considered a bug in the routine that emulates int64 * int64
multiplication for a Win32 target. This involves several
multiplications using 32 bit registers, and with your input one of
them overflows. The routine does not reset the overflow flag, and
so you get the exception. If you build for a WIn64 target this does
not happen.

Thanks Peter. Is it known just how negative these 64bit integers have
to be to be vulnerable to this bug?

I don't know, I just looked at the compiler-generated code in the
disassembly view to figure out what happens. Search
quality.embarcadero.com, if you cannot find an existing report on this
problem, create one.

Also, do you know of an efficient
workaround (while avoiding floating point math)?

Switch off overflow checks for the code in question. The overflow is
harmless in this case, the calculated result is correct.


--
Peter Below
TeamB

Angus Johnson

Posts: 32
Registered: 9/23/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 11:43 AM   in response to: Peter Below in response to: Peter Below
On 6/12/2016 5:10 AM, Peter Below wrote:
Also, do you know of an efficient
workaround (while avoiding floating point math)?

Switch off overflow checks for the code in question. The overflow is
harmless in this case, the calculated result is correct.

OK. Thanks again, and thank you for your tireless efforts here over so
many years.
Rudy Velthuis (...


Posts: 7,731
Registered: 9/22/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 5:38 AM   in response to: Angus Johnson in response to: Angus Johnson
Angus Johnson wrote:

var
a,b: Int64;
begin
a := -634494603;
b := -1566836587;

//a := a * a; //OK
//b := b * b; //OK

a := a * b: //integer overflow

I just tried with Berlin 10.1 Update 2. I can't reproduce the problem:

procedure Test;
var
a, b: Int64;
begin
a := -634494603;
b := -1566836587;

// a := a * a; //OK
// b := b * b; //OK

a := a * b; // NO integer overflow
Writeln(a, ' ', b);
end;

It shows:

994149358234439961 -1566836587

as expected.

--
Rudy Velthuis http://www.rvelthuis.de

"I have seen the future and it is just like the present, only
longer." -- Albran
Lajos Juhasz

Posts: 801
Registered: 3/14/14
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 7:04 AM   in response to: Rudy Velthuis (... in response to: Rudy Velthuis (...
Rudy Velthuis (TeamB) wrote:

Angus Johnson wrote:

var
a,b: Int64;
begin
a := -634494603;
b := -1566836587;

//a := a * a; //OK
//b := b * b; //OK

a := a * b: //integer overflow

I just tried with Berlin 10.1 Update 2. I can't reproduce the problem:

procedure Test;
var
a, b: Int64;
begin
a := -634494603;
b := -1566836587;

// a := a * a; //OK
// b := b * b; //OK

a := a * b; // NO integer overflow
Writeln(a, ' ', b);
end;

It shows:

994149358234439961 -1566836587

as expected.

Maybe in your special version. Did you checked the Overflow chwcking in
Runtime errors (by default it's unchecked)?

With this checked 64 bit application is OK but 32 bit application
raises the exception:

Project Project1.exe raised exception class EIntOverflow with message
'Integer overflow'.
Rudy Velthuis (...


Posts: 7,731
Registered: 9/22/99
Re: Integer overflow
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 5, 2016 8:58 AM   in response to: Lajos Juhasz in response to: Lajos Juhasz
Lajos Juhasz wrote:

Maybe in your special version. Did you checked the Overflow chwcking
in Runtime errors (by default it's unchecked)?

Duh. I hadn't. Generally, I set it as default to be always on, but this
time, after installing the update, I had forgotten.

I do get the integer overflow indeed. Well, then it is clear what a
workaround could be. <g>

Did someone report the error?

--
Rudy Velthuis http://www.rvelthuis.de

"Over the centuries, mankind has tried many ways of combating the forces
of evil... prayer, fasting, good works and so on. Up until Doom, no one
seemed to have thought about the double-barrel shotgun. Eat leaden
death, demon..."
-- Terry Pratchett
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02