uint: Fix overflowing_neg by implementing two's complement (#611)

* uint: Fix overflowing_neg with two's complement The operation `overflowing_neg` on the primitive integer types in the Rust standard library computes the negation of the integer value using two's complement, i.e., it returns `!self + 1`. The previous implementation of the uint library implemented `overflowing_neg` using `!self` for non-zero values which is bit-wise negation (NOT). This lead to behavior where 0 - 1 != -1 for U256 with the `overflowing_neg` and `overflow_sub` operations. This patch adapts the `uint_overflowing_binop` macro to implement the two's complement correctly: Starting from the least significant word we apply `u64::overflowing_neg` until we have seen the first one-bit in the original integer, i.e., until `overflowing_neg` reports an overflow. Then we use bit-wise NOT for the remaining words. * Update uint/src/uint.rs * Update uint/src/uint.rs Co-authored-by: Andronik <[email protected]>
paritytech · Feb 4, 2022 · b37d0b3 · b37d0b3
1 parent 2d7f7e2
commit b37d0b3
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/uint/src/uint.rs b/uint/src/uint.rs
@@ -1157,7 +1157,7 @@ macro_rules! construct_uint {
 				if self.is_zero() {
 					(self, false)
 				} else {
-					(!self, true)
+					(!self + 1, true)
 				}
 			}
 

diff --git a/uint/tests/uint_tests.rs b/uint/tests/uint_tests.rs
@@ -469,6 +469,39 @@ fn uint256_sub_overflow() {
 	);
 }
 
+#[test]
+fn uint256_neg_overflow() {
+	assert_eq!(U256::from_str("0").unwrap().overflowing_neg(), (U256::from_str("0").unwrap(), false));
+	assert_eq!(
+		U256::from_str("1").unwrap().overflowing_neg(),
+		(U256::from_str("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap(), true)
+	);
+	assert_eq!(
+		U256::from_str("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")
+			.unwrap()
+			.overflowing_neg(),
+		(U256::from_str("1").unwrap(), true)
+	);
+	assert_eq!(
+		U256::from_str("8000000000000000000000000000000000000000000000000000000000000000")
+			.unwrap()
+			.overflowing_neg(),
+		(U256::from_str("8000000000000000000000000000000000000000000000000000000000000000").unwrap(), true)
+	);
+	assert_eq!(
+		U256::from_str("ffffffffffffffff0000000000000000ffffffffffffffff0000000000000000")
+			.unwrap()
+			.overflowing_neg(),
+		(U256::from_str("0000000000000000ffffffffffffffff00000000000000010000000000000000").unwrap(), true)
+	);
+	assert_eq!(
+		U256::from_str("0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff")
+			.unwrap()
+			.overflowing_neg(),
+		(U256::from_str("ffffffffffffffff0000000000000000ffffffffffffffff0000000000000001").unwrap(), true)
+	);
+}
+
 #[test]
 #[should_panic]
 #[allow(unused_must_use)]