#### 13.2.1 Basics of Integer Overflow

In languages like C, unsigned integer overflow reliably wraps around;
e.g., `UINT_MAX + 1`

yields zero.
This is guaranteed by the C standard and is
portable in practice, unless you specify aggressive,
nonstandard optimization options
suitable only for special applications.

In contrast, the C standard says that signed integer overflow leads to
undefined behavior where a program can do anything, including dumping
core or overrunning a buffer. The misbehavior can even precede the
overflow. Such an overflow can occur during addition, subtraction,
multiplication, division, and left shift.

Despite this requirement of the standard, many C programs and Autoconf
tests assume that signed integer overflow silently wraps around modulo a
power of two, using two's complement arithmetic, so long as you cast the
resulting value to a signed integer type or store it into a signed
integer variable. If you use conservative optimization flags, such
programs are generally portable to the vast majority of modern
platforms, with a few exceptions discussed later.

For historical reasons the C standard also allows implementations with
ones' complement or signed magnitude arithmetic, but it is safe to
assume two's complement nowadays.

Also, overflow can occur when converting an out-of-range value to a
signed integer type. Here a standard implementation must define what
happens, but this might include raising an exception. In practice all
known implementations support silent wraparound in this case, so you need
not worry about other possibilities.