Signed integer overflow is undefined. That is, in C++, overflowing a signed integer is considered to be equally bad as dividing by zero. Combined with modern compilers, this is resulting in exploitable security bugs in many programs.
Programmers have been taught for decades about two's-complement integer arithmetic and how it overflows. As a result, many of us who don't know about signed integer overflowing being undefined are making "mistakes" like assuming that it wraps as we were taught.
The reason that C++ considers signed integer overflow to be undefined is because of non-two's-complement machines. Such machines pretty much don't exist anymore. Why does C++ insist upon keeping such requirements around, when it is wreaking security havoc on everyone else?