From c8db89aa82573b89481fde598da6e54371f266cb Mon Sep 17 00:00:00 2001 From: "Felix S. Klock II" Date: Thu, 19 Feb 2015 15:14:48 +0100 Subject: [PATCH] Accommodate arith-overflow in `core::num`, `std::num`, `coretest::num`. * `core::num`: adjust `UnsignedInt::is_power_of_two`, `UnsignedInt::next_power_of_two`, `Int::pow`. In particular for `Int::pow`: (1.) do not panic when `base` overflows if `acc` never observes the overflowed `base`, and (2.) if `acc` does observe the overflowed `base`, make sure we only panic if we would have otherwise (e.g. during a computation of `base * base`). * also in `core::num`: avoid underflow during computation of `uint::MAX`. * `std::num`: adjust tests `uint::test_uint_from_str_overflow`, `uint::test_uint_to_str_overflow`, `strconv` * `coretest::num`: adjust `test::test_int_from_str_overflow`. --- src/libcore/num/mod.rs | 26 +++++++++++++++++++++----- src/libcore/num/uint_macros.rs | 2 +- src/libcoretest/num/mod.rs | 8 ++++---- src/libstd/num/mod.rs | 16 ++++++++-------- src/libstd/num/strconv.rs | 9 +++++---- 5 files changed, 39 insertions(+), 22 deletions(-) diff --git a/src/libcore/num/mod.rs b/src/libcore/num/mod.rs index 3ed059520b1..92cdd84160b 100644 --- a/src/libcore/num/mod.rs +++ b/src/libcore/num/mod.rs @@ -15,6 +15,8 @@ #![stable(feature = "rust1", since = "1.0.0")] #![allow(missing_docs)] +use self::wrapping::{OverflowingOps, WrappingOps}; + use char::CharExt; use clone::Clone; use cmp::{PartialEq, Eq, PartialOrd, Ord}; @@ -51,6 +53,8 @@ pub trait Int + BitXor + Shl + Shr + + WrappingOps + + OverflowingOps { /// Returns the `0` value of this integer type. // FIXME (#5527): Should be an associated constant @@ -379,11 +383,23 @@ pub trait Int let mut base = self; let mut acc: Self = Int::one(); + let mut prev_base = self; + let mut base_oflo = false; while exp > 0 { if (exp & 1) == 1 { - acc = acc * base; + if base_oflo { + // ensure overflow occurs in the same manner it + // would have otherwise (i.e. signal any exception + // it would have otherwise). + acc = acc * (prev_base * prev_base); + } else { + acc = acc * base; + } } - base = base * base; + prev_base = base; + let (new_base, new_base_oflo) = base.overflowing_mul(base); + base = new_base; + base_oflo = new_base_oflo; exp /= 2; } acc @@ -694,12 +710,12 @@ signed_int_impl! { int } /// A built-in unsigned integer. #[stable(feature = "rust1", since = "1.0.0")] -pub trait UnsignedInt: Int { +pub trait UnsignedInt: Int + WrappingOps { /// Returns `true` iff `self == 2^k` for some `k`. #[stable(feature = "rust1", since = "1.0.0")] #[inline] fn is_power_of_two(self) -> bool { - (self - Int::one()) & self == Int::zero() && !(self == Int::zero()) + (self.wrapping_sub(Int::one())) & self == Int::zero() && !(self == Int::zero()) } /// Returns the smallest power of two greater than or equal to `self`. @@ -709,7 +725,7 @@ pub trait UnsignedInt: Int { fn next_power_of_two(self) -> Self { let bits = size_of::() * 8; let one: Self = Int::one(); - one << ((bits - (self - one).leading_zeros() as usize) % bits) + one << ((bits - self.wrapping_sub(one).leading_zeros() as usize) % bits) } /// Returns the smallest power of two greater than or equal to `n`. If the diff --git a/src/libcore/num/uint_macros.rs b/src/libcore/num/uint_macros.rs index 330f0b91bf1..d0c4885ad00 100644 --- a/src/libcore/num/uint_macros.rs +++ b/src/libcore/num/uint_macros.rs @@ -20,6 +20,6 @@ pub const BYTES : u32 = ($bits / 8); #[stable(feature = "rust1", since = "1.0.0")] pub const MIN: $T = 0 as $T; #[stable(feature = "rust1", since = "1.0.0")] -pub const MAX: $T = 0 as $T - 1 as $T; +pub const MAX: $T = !0 as $T; ) } diff --git a/src/libcoretest/num/mod.rs b/src/libcoretest/num/mod.rs index 1cd1989c11d..721354b6a44 100644 --- a/src/libcoretest/num/mod.rs +++ b/src/libcoretest/num/mod.rs @@ -92,7 +92,7 @@ mod test { assert_eq!("127".parse::().ok(), Some(i8_val)); assert_eq!("128".parse::().ok(), None); - i8_val += 1 as i8; + i8_val = i8_val.wrapping_add(1); assert_eq!("-128".parse::().ok(), Some(i8_val)); assert_eq!("-129".parse::().ok(), None); @@ -100,7 +100,7 @@ mod test { assert_eq!("32767".parse::().ok(), Some(i16_val)); assert_eq!("32768".parse::().ok(), None); - i16_val += 1 as i16; + i16_val = i16_val.wrapping_add(1); assert_eq!("-32768".parse::().ok(), Some(i16_val)); assert_eq!("-32769".parse::().ok(), None); @@ -108,7 +108,7 @@ mod test { assert_eq!("2147483647".parse::().ok(), Some(i32_val)); assert_eq!("2147483648".parse::().ok(), None); - i32_val += 1 as i32; + i32_val = i32_val.wrapping_add(1); assert_eq!("-2147483648".parse::().ok(), Some(i32_val)); assert_eq!("-2147483649".parse::().ok(), None); @@ -116,7 +116,7 @@ mod test { assert_eq!("9223372036854775807".parse::().ok(), Some(i64_val)); assert_eq!("9223372036854775808".parse::().ok(), None); - i64_val += 1 as i64; + i64_val = i64_val.wrapping_add(1); assert_eq!("-9223372036854775808".parse::().ok(), Some(i64_val)); assert_eq!("-9223372036854775809".parse::().ok(), None); } diff --git a/src/libstd/num/mod.rs b/src/libstd/num/mod.rs index d4428282b14..0bca60ed1a0 100644 --- a/src/libstd/num/mod.rs +++ b/src/libstd/num/mod.rs @@ -1758,25 +1758,25 @@ mod tests { let mut u8_val: u8 = 255_u8; assert_eq!(u8_val.to_string(), "255"); - u8_val += 1 as u8; + u8_val = u8_val.wrapping_add(1); assert_eq!(u8_val.to_string(), "0"); let mut u16_val: u16 = 65_535_u16; assert_eq!(u16_val.to_string(), "65535"); - u16_val += 1 as u16; + u16_val = u16_val.wrapping_add(1); assert_eq!(u16_val.to_string(), "0"); let mut u32_val: u32 = 4_294_967_295_u32; assert_eq!(u32_val.to_string(), "4294967295"); - u32_val += 1 as u32; + u32_val = u32_val.wrapping_add(1); assert_eq!(u32_val.to_string(), "0"); let mut u64_val: u64 = 18_446_744_073_709_551_615_u64; assert_eq!(u64_val.to_string(), "18446744073709551615"); - u64_val += 1 as u64; + u64_val = u64_val.wrapping_add(1); assert_eq!(u64_val.to_string(), "0"); } @@ -1790,7 +1790,7 @@ mod tests { assert_eq!(from_str::("255"), Some(u8_val)); assert_eq!(from_str::("256"), None); - u8_val += 1 as u8; + u8_val = u8_val.wrapping_add(1); assert_eq!(from_str::("0"), Some(u8_val)); assert_eq!(from_str::("-1"), None); @@ -1798,7 +1798,7 @@ mod tests { assert_eq!(from_str::("65535"), Some(u16_val)); assert_eq!(from_str::("65536"), None); - u16_val += 1 as u16; + u16_val = u16_val.wrapping_add(1); assert_eq!(from_str::("0"), Some(u16_val)); assert_eq!(from_str::("-1"), None); @@ -1806,7 +1806,7 @@ mod tests { assert_eq!(from_str::("4294967295"), Some(u32_val)); assert_eq!(from_str::("4294967296"), None); - u32_val += 1 as u32; + u32_val = u32_val.wrapping_add(1); assert_eq!(from_str::("0"), Some(u32_val)); assert_eq!(from_str::("-1"), None); @@ -1814,7 +1814,7 @@ mod tests { assert_eq!(from_str::("18446744073709551615"), Some(u64_val)); assert_eq!(from_str::("18446744073709551616"), None); - u64_val += 1 as u64; + u64_val = u64_val.wrapping_add(1); assert_eq!(from_str::("0"), Some(u64_val)); assert_eq!(from_str::("-1"), None); } diff --git a/src/libstd/num/strconv.rs b/src/libstd/num/strconv.rs index ca2e6ba5d5d..8ec19c01098 100644 --- a/src/libstd/num/strconv.rs +++ b/src/libstd/num/strconv.rs @@ -427,6 +427,7 @@ static DIGIT_E_RADIX: u32 = ('e' as u32) - ('a' as u32) + 11; #[cfg(test)] mod tests { + use core::num::wrapping::WrappingOps; use string::ToString; #[test] @@ -434,25 +435,25 @@ mod tests { let mut i8_val: i8 = 127_i8; assert_eq!(i8_val.to_string(), "127"); - i8_val += 1 as i8; + i8_val = i8_val.wrapping_add(1); assert_eq!(i8_val.to_string(), "-128"); let mut i16_val: i16 = 32_767_i16; assert_eq!(i16_val.to_string(), "32767"); - i16_val += 1 as i16; + i16_val = i16_val.wrapping_add(1); assert_eq!(i16_val.to_string(), "-32768"); let mut i32_val: i32 = 2_147_483_647_i32; assert_eq!(i32_val.to_string(), "2147483647"); - i32_val += 1 as i32; + i32_val = i32_val.wrapping_add(1); assert_eq!(i32_val.to_string(), "-2147483648"); let mut i64_val: i64 = 9_223_372_036_854_775_807_i64; assert_eq!(i64_val.to_string(), "9223372036854775807"); - i64_val += 1 as i64; + i64_val = i64_val.wrapping_add(1); assert_eq!(i64_val.to_string(), "-9223372036854775808"); } }