Integer overflow

From NetHackWiki
(Redirected from Overflow)
Jump to navigation Jump to search

Integer overflow occurs when an integer value exceeds the range of its data type.

For a signed variable, the exact behavior is undefined behavior by the C standard. Often what happens, due to two's complement arithmetic, is that the variable wraps to the opposite end of the range: a negative value just beyond the range would become a large positive value, and vice versa. For an unsigned variable, the C standard does define the exact behavior: an unsigned variable that exceeds its capacity becomes a small positive value, or zero, and subtracting too much from a small unsigned variable produces a large value.

NetHack protects most variables against integer overflow, both signed and unsigned - however, it is possible to find ways to avoid these limits in wizard mode. For example, in wizard mode, the character might wish for one billion dwarf corpses, producing an object stack whose total weight may appear to be negative (depending on details of the C implementation used to run NetHack).

Any case where an ordinary game (not in wizard mode) can produce an integer overflow is likely to be a software bug.

Current overflows

Wrapping the turn counter

In NetHack 3.6.7 and earlier versions, the turn counter has no protection against overflow.[1]

NAO reports one game that ended with less than 0 turns played.[2]. There are no ascended games with 1 turn or any number of turns less than 2000.

Since that time, NAO switched from 32-bit binaries to 64-bit binaries, as evidenced by several games recorded with scores higher than 2,147,483,647. Nowadays, wrapping the turn counter on an NAO game would take 4 billion times as long as previously.

The following information pertains to an upcoming version (NetHack 3.7.0). If this version is now released, please verify that the information below is still accurate, then update the page to incorporate it.

For games running over 100000 turns, prayer timeout increases by 1 every 100 turns - this is implemented to prevent denial-of-service attacks against public servers. If a game runs over one billion turns, it ends immediately in an escape:

The dungeon capitulates.

History

In NetHack 3.4.3 and previous versions, including some variants based on those versions, cases of integer overflow that are fixed in NetHack 3.6.0 include:

Wrapping the score[3][4] is supposed to be fixed, but the fix relies on signed integer overflow, which is undefined behaviour.[5]

References

  1. src/allmain.c in NetHack 3.6.7, line 172
  2. https://s3.amazonaws.com/altorg/dumplog/Khaos/1291644901.nh343.txt
  3. NAO game by ctaboir on 2006-10-03 with score -2,147,474,899; dumplog not available
  4. NAO game by pug on 2007-11-12 with score -2,145,868,906; dumplog not available
  5. src/end.c in NetHack 3.6.7, line 19: macro nowrap_add