I’m excited to announce the publication of the journal version of “Understanding Integer Overflow in C/C++” , appearing in TOSEM Volume 25 Issue 1 . This is an updated and expanded version of our ICSE12 paper  of the same name. The longer journal format enabled a more thorough treatment of the subject, and we did our best to take advantage of that opportunity.
Thanks to my co-authors for all their efforts, and especially for seeing this work through to the end. It’s been a long run and you guys are great.
- Automated large-scale study of overflows in top 10,000 Debian packages (§6)
- More thorough discussion and explanation of integer behavior, including implementation-defined behavior and usual arithmetic conversions (§§ 2, 3.1, 3.2)
- Implementing recoverable checks efficiently: experience and two new optimizations (§4.4)
- Deployment experiences and resulting improvements useful for anyone making compiler-based tools for the real world (§5).
The Debian experiment was particularly fun and had many interesting results. Full results are available on request, and we provide a complete version of selected results presented in Table VI  online.
Paper is available online  (via the ACM digital library) for your reading pleasure.
Let me know if you’d like to discuss our findings or any part of the paper. Enjoy!