update uses of overflow arithmetic builtins

ziglang · Dec 21, 2022 · d81a68c · d81a68c
1 parent 3e39cd5
commit d81a68c
Show file tree

Hide file tree

Showing 28 changed files with 540 additions and 403 deletions.
diff --git a/lib/compiler_rt/trunctfxf2.zig b/lib/compiler_rt/trunctfxf2.zig
@@ -49,14 +49,16 @@ pub fn __trunctfxf2(a: f128) callconv(.C) f80 {
         const round_bits = a_abs & round_mask;
         if (round_bits > halfway) {
             // Round to nearest
-            const carry = @boolToInt(@addWithOverflow(u64, res.fraction, 1, &res.fraction));
-            res.exp += carry;
-            res.fraction |= @as(u64, carry) << 63; // Restore integer bit after carry
+            const ov = @addWithOverflow(res.fraction, 1);
+            res.fraction = ov[0];
+            res.exp += ov[1];
+            res.fraction |= @as(u64, ov[1]) << 63; // Restore integer bit after carry
         } else if (round_bits == halfway) {
             // Ties to even
-            const carry = @boolToInt(@addWithOverflow(u64, res.fraction, res.fraction & 1, &res.fraction));
-            res.exp += carry;
-            res.fraction |= @as(u64, carry) << 63; // Restore integer bit after carry
+            const ov = @addWithOverflow(res.fraction, res.fraction & 1);
+            res.fraction = ov[0];
+            res.exp += ov[1];
+            res.fraction |= @as(u64, ov[1]) << 63; // Restore integer bit after carry
         }
         if (res.exp == 0) res.fraction &= ~@as(u64, integer_bit); // Remove integer bit for de-normals
     }

diff --git a/lib/std/compress/deflate/compressor_test.zig b/lib/std/compress/deflate/compressor_test.zig
@@ -172,9 +172,7 @@ test "deflate/inflate" {
     defer testing.allocator.free(large_data_chunk);
     // fill with random data
     for (large_data_chunk) |_, i| {
-        var mul: u8 = @truncate(u8, i);
-        _ = @mulWithOverflow(u8, mul, mul, &mul);
-        large_data_chunk[i] = mul;
+        large_data_chunk[i] = @truncate(u8, i) *% @truncate(u8, i);
     }
     try testToFromWithLimit(large_data_chunk, limits);
 }

diff --git a/lib/std/crypto/pcurves/p256/p256_64.zig b/lib/std/crypto/pcurves/p256/p256_64.zig
@@ -75,10 +75,10 @@ pub const NonMontgomeryDomainFieldElement = [4]u64;
 inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @addWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @addWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @addWithOverflow(arg2, arg3);
+    const ov2 = @addWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function subborrowxU64 is a subtraction with borrow.
@@ -97,10 +97,10 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo
 inline fn subborrowxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @subWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @subWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @subWithOverflow(arg2, arg3);
+    const ov2 = @subWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function mulxU64 is a multiplication, returning the full double-width result.

diff --git a/lib/std/crypto/pcurves/p256/p256_scalar_64.zig b/lib/std/crypto/pcurves/p256/p256_scalar_64.zig
@@ -75,10 +75,10 @@ pub const NonMontgomeryDomainFieldElement = [4]u64;
 inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @addWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @addWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @addWithOverflow(arg2, arg3);
+    const ov2 = @addWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function subborrowxU64 is a subtraction with borrow.
@@ -97,10 +97,10 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo
 inline fn subborrowxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @subWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @subWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @subWithOverflow(arg2, arg3);
+    const ov2 = @subWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function mulxU64 is a multiplication, returning the full double-width result.

diff --git a/lib/std/crypto/pcurves/p384/p384_64.zig b/lib/std/crypto/pcurves/p384/p384_64.zig
@@ -44,10 +44,10 @@ pub const NonMontgomeryDomainFieldElement = [6]u64;
 inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @addWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @addWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @addWithOverflow(arg2, arg3);
+    const ov2 = @addWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function subborrowxU64 is a subtraction with borrow.
@@ -66,10 +66,10 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo
 inline fn subborrowxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @subWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @subWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @subWithOverflow(arg2, arg3);
+    const ov2 = @subWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function mulxU64 is a multiplication, returning the full double-width result.

diff --git a/lib/std/crypto/pcurves/p384/p384_scalar_64.zig b/lib/std/crypto/pcurves/p384/p384_scalar_64.zig
@@ -44,10 +44,10 @@ pub const NonMontgomeryDomainFieldElement = [6]u64;
 inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @addWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @addWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @addWithOverflow(arg2, arg3);
+    const ov2 = @addWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function subborrowxU64 is a subtraction with borrow.
@@ -66,10 +66,10 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo
 inline fn subborrowxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @subWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @subWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @subWithOverflow(arg2, arg3);
+    const ov2 = @subWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function mulxU64 is a multiplication, returning the full double-width result.

diff --git a/lib/std/crypto/pcurves/secp256k1/secp256k1_64.zig b/lib/std/crypto/pcurves/secp256k1/secp256k1_64.zig
@@ -44,10 +44,10 @@ pub const NonMontgomeryDomainFieldElement = [4]u64;
 inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @addWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @addWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @addWithOverflow(arg2, arg3);
+    const ov2 = @addWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function subborrowxU64 is a subtraction with borrow.
@@ -66,10 +66,10 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo
 inline fn subborrowxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @subWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @subWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @subWithOverflow(arg2, arg3);
+    const ov2 = @subWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function mulxU64 is a multiplication, returning the full double-width result.

diff --git a/lib/std/crypto/pcurves/secp256k1/secp256k1_scalar_64.zig b/lib/std/crypto/pcurves/secp256k1/secp256k1_scalar_64.zig
@@ -44,10 +44,10 @@ pub const NonMontgomeryDomainFieldElement = [4]u64;
 inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @addWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @addWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @addWithOverflow(arg2, arg3);
+    const ov2 = @addWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function subborrowxU64 is a subtraction with borrow.
@@ -66,10 +66,10 @@ inline fn addcarryxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) vo
 inline fn subborrowxU64(out1: *u64, out2: *u1, arg1: u1, arg2: u64, arg3: u64) void {
     @setRuntimeSafety(mode == .Debug);
 
-    var t: u64 = undefined;
-    const carry1 = @subWithOverflow(u64, arg2, arg3, &t);
-    const carry2 = @subWithOverflow(u64, t, arg1, out1);
-    out2.* = @boolToInt(carry1) | @boolToInt(carry2);
+    const ov1 = @subWithOverflow(arg2, arg3);
+    const ov2 = @subWithOverflow(ov1[0], arg1);
+    out1.* = ov2[0];
+    out2.* = ov1[1] | ov2[1];
 }
 
 /// The function mulxU64 is a multiplication, returning the full double-width result.

diff --git a/lib/std/crypto/salsa20.zig b/lib/std/crypto/salsa20.zig
@@ -263,7 +263,9 @@ fn SalsaNonVecImpl(comptime rounds: comptime_int) type {
                 while (j < 64) : (j += 1) {
                     xout[j] ^= buf[j];
                 }
-                ctx[9] += @boolToInt(@addWithOverflow(u32, ctx[8], 1, &ctx[8]));
+                const ov = @addWithOverflow(ctx[8], 1);
+                ctx[8] = ov[0];
+                ctx[9] += ov[1];
             }
             if (i < in.len) {
                 salsaCore(x[0..], ctx, true);

diff --git a/lib/std/crypto/utils.zig b/lib/std/crypto/utils.zig
@@ -87,15 +87,19 @@ pub fn timingSafeAdd(comptime T: type, a: []const T, b: []const T, result: []T,
     if (endian == .Little) {
         var i: usize = 0;
         while (i < len) : (i += 1) {
-            const tmp = @boolToInt(@addWithOverflow(u8, a[i], b[i], &result[i]));
-            carry = tmp | @boolToInt(@addWithOverflow(u8, result[i], carry, &result[i]));
+            const ov1 = @addWithOverflow(a[i], b[i]);
+            const ov2 = @addWithOverflow(ov1[0], carry);
+            result[i] = ov2[0];
+            carry = ov1[1] | ov2[1];
         }
     } else {
         var i: usize = len;
         while (i != 0) {
             i -= 1;
-            const tmp = @boolToInt(@addWithOverflow(u8, a[i], b[i], &result[i]));
-            carry = tmp | @boolToInt(@addWithOverflow(u8, result[i], carry, &result[i]));
+            const ov1 = @addWithOverflow(a[i], b[i]);
+            const ov2 = @addWithOverflow(ov1[0], carry);
+            result[i] = ov2[0];
+            carry = ov1[1] | ov2[1];
         }
     }
     return @bitCast(bool, carry);
@@ -110,15 +114,19 @@ pub fn timingSafeSub(comptime T: type, a: []const T, b: []const T, result: []T,
     if (endian == .Little) {
         var i: usize = 0;
         while (i < len) : (i += 1) {
-            const tmp = @boolToInt(@subWithOverflow(u8, a[i], b[i], &result[i]));
-            borrow = tmp | @boolToInt(@subWithOverflow(u8, result[i], borrow, &result[i]));
+            const ov1 = @subWithOverflow(a[i], b[i]);
+            const ov2 = @subWithOverflow(ov1[0], borrow);
+            result[i] = ov2[0];
+            borrow = ov1[1] | ov2[1];
         }
     } else {
         var i: usize = len;
         while (i != 0) {
             i -= 1;
-            const tmp = @boolToInt(@subWithOverflow(u8, a[i], b[i], &result[i]));
-            borrow = tmp | @boolToInt(@subWithOverflow(u8, result[i], borrow, &result[i]));
+            const ov1 = @subWithOverflow(a[i], b[i]);
+            const ov2 = @subWithOverflow(ov1[0], borrow);
+            result[i] = ov2[0];
+            borrow = ov1[1] | ov2[1];
         }
     }
     return @bitCast(bool, borrow);

diff --git a/lib/std/heap.zig b/lib/std/heap.zig
@@ -789,7 +789,7 @@ pub fn testAllocatorLargeAlignment(base_allocator: mem.Allocator) !void {
     const large_align: usize = mem.page_size / 2;
 
     var align_mask: usize = undefined;
-    _ = @shlWithOverflow(usize, ~@as(usize, 0), @as(Allocator.Log2Align, @ctz(large_align)), &align_mask);
+    align_mask = @shlWithOverflow(~@as(usize, 0), @as(Allocator.Log2Align, @ctz(large_align)))[0];
 
     var slice = try allocator.alignedAlloc(u8, large_align, 500);
     try testing.expect(@ptrToInt(slice.ptr) & align_mask == @ptrToInt(slice.ptr));

diff --git a/lib/std/leb128.zig b/lib/std/leb128.zig
@@ -15,11 +15,11 @@ pub fn readULEB128(comptime T: type, reader: anytype) !T {
 
     while (group < max_group) : (group += 1) {
         const byte = try reader.readByte();
-        var temp = @as(U, byte & 0x7f);
 
-        if (@shlWithOverflow(U, temp, group * 7, &temp)) return error.Overflow;
+        const ov = @shlWithOverflow(@as(U, byte & 0x7f), group * 7);
+        if (ov[1] != 0) return error.Overflow;
 
-        value |= temp;
+        value |= ov[0];
         if (byte & 0x80 == 0) break;
     } else {
         return error.Overflow;
@@ -65,13 +65,13 @@ pub fn readILEB128(comptime T: type, reader: anytype) !T {
 
     while (group < max_group) : (group += 1) {
         const byte = try reader.readByte();
-        var temp = @as(U, byte & 0x7f);
 
         const shift = group * 7;
-        if (@shlWithOverflow(U, temp, shift, &temp)) {
+        const ov = @shlWithOverflow(@as(U, byte & 0x7f), shift);
+        if (ov[1] != 0) {
             // Overflow is ok so long as the sign bit is set and this is the last byte
             if (byte & 0x80 != 0) return error.Overflow;
-            if (@bitCast(S, temp) >= 0) return error.Overflow;
+            if (@bitCast(S, ov[0]) >= 0) return error.Overflow;
 
             // and all the overflowed bits are 1
             const remaining_shift = @intCast(u3, @typeInfo(U).Int.bits - @as(u16, shift));
@@ -80,14 +80,14 @@ pub fn readILEB128(comptime T: type, reader: anytype) !T {
         } else {
             // If we don't overflow and this is the last byte and the number being decoded
             // is negative, check that the remaining bits are 1
-            if ((byte & 0x80 == 0) and (@bitCast(S, temp) < 0)) {
+            if ((byte & 0x80 == 0) and (@bitCast(S, ov[0]) < 0)) {
                 const remaining_shift = @intCast(u3, @typeInfo(U).Int.bits - @as(u16, shift));
                 const remaining_bits = @bitCast(i8, byte | 0x80) >> remaining_shift;
                 if (remaining_bits != -1) return error.Overflow;
             }
         }
 
-        value |= temp;
+        value |= ov[0];
         if (byte & 0x80 == 0) {
             const needs_sign_ext = group + 1 < max_group;
             if (byte & 0x40 != 0 and needs_sign_ext) {

diff --git a/lib/std/math.zig b/lib/std/math.zig
@@ -468,21 +468,26 @@ test "clamp" {
 
 /// Returns the product of a and b. Returns an error on overflow.
 pub fn mul(comptime T: type, a: T, b: T) (error{Overflow}!T) {
-    var answer: T = undefined;
-    return if (@mulWithOverflow(T, a, b, &answer)) error.Overflow else answer;
+    if (T == comptime_int) return a * b;
+    const ov = @mulWithOverflow(a, b);
+    if (ov[1] != 0) return error.Overflow;
+    return ov[0];
 }
 
 /// Returns the sum of a and b. Returns an error on overflow.
 pub fn add(comptime T: type, a: T, b: T) (error{Overflow}!T) {
     if (T == comptime_int) return a + b;
-    var answer: T = undefined;
-    return if (@addWithOverflow(T, a, b, &answer)) error.Overflow else answer;
+    const ov = @addWithOverflow(a, b);
+    if (ov[1] != 0) return error.Overflow;
+    return ov[0];
 }
 
 /// Returns a - b, or an error on overflow.
 pub fn sub(comptime T: type, a: T, b: T) (error{Overflow}!T) {
-    var answer: T = undefined;
-    return if (@subWithOverflow(T, a, b, &answer)) error.Overflow else answer;
+    if (T == comptime_int) return a - b;
+    const ov = @subWithOverflow(a, b);
+    if (ov[1] != 0) return error.Overflow;
+    return ov[0];
 }
 
 pub fn negate(x: anytype) !@TypeOf(x) {
@@ -492,8 +497,10 @@ pub fn negate(x: anytype) !@TypeOf(x) {
 /// Shifts a left by shift_amt. Returns an error on overflow. shift_amt
 /// is unsigned.
 pub fn shlExact(comptime T: type, a: T, shift_amt: Log2Int(T)) !T {
-    var answer: T = undefined;
-    return if (@shlWithOverflow(T, a, shift_amt, &answer)) error.Overflow else answer;
+    if (T == comptime_int) return a << shift_amt;
+    const ov = @shlWithOverflow(a, shift_amt);
+    if (ov[1] != 0) return error.Overflow;
+    return ov[0];
 }
 
 /// Shifts left. Overflowed bits are truncated.