C++ considers the overflow of a signed integer to be an undefined behavior (even with the "Signed Integers are Two's Complement" update: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p0907r1.html ).
Instead of relying on tests(1) to discover if a compiler does not handle the signed integer overflow as we expect it to, we should add an explicit check before incrementing.
Lines 33 to 34 in c4e899a
|// test rollover all the time|
Quick check on https://godbolt.org/z/d7W8ds shows that Clang is able to optimize and just do the +1 so modern compilers should be able to keep the same performances where hardware permits.
In addition, some company rules might require code to do just that: