From 6367b544b781889abee296d34d2b7d353a6ae0f8 Mon Sep 17 00:00:00 2001
From: Joe Richey <joerichey@google.com>
Date: Tue, 26 May 2020 01:57:49 -0700
Subject: [PATCH] librustc_middle: Add function for computing unsigned abs

This is tricky to get right if we want to avoid panicking or wrapping.

Signed-off-by: Joe Richey <joerichey@google.com>
---
 src/librustc_middle/mir/interpret/mod.rs     |  9 +++++++++
 src/librustc_middle/mir/interpret/pointer.rs | 13 +++++--------
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/src/librustc_middle/mir/interpret/mod.rs b/src/librustc_middle/mir/interpret/mod.rs
index d9e52af89007..061bc9750e1c 100644
--- a/src/librustc_middle/mir/interpret/mod.rs
+++ b/src/librustc_middle/mir/interpret/mod.rs
@@ -598,3 +598,12 @@ pub fn truncate(value: u128, size: Size) -> u128 {
     // Truncate (shift left to drop out leftover values, shift right to fill with zeroes).
     (value << shift) >> shift
 }
+
+/// Computes the unsigned absolute value without wrapping or panicking.
+#[inline]
+pub fn uabs(value: i64) -> u64 {
+    // The only tricky part here is if value == i64::MIN. In that case,
+    // wrapping_abs() returns i64::MIN == -2^63. Casting this value to a u64
+    // gives 2^63, the correct value.
+    value.wrapping_abs() as u64
+}
diff --git a/src/librustc_middle/mir/interpret/pointer.rs b/src/librustc_middle/mir/interpret/pointer.rs
index 70cc546199b7..019c96bc511e 100644
--- a/src/librustc_middle/mir/interpret/pointer.rs
+++ b/src/librustc_middle/mir/interpret/pointer.rs
@@ -1,4 +1,4 @@
-use super::{AllocId, InterpResult};
+use super::{uabs, AllocId, InterpResult};
 
 use rustc_macros::HashStable;
 use rustc_target::abi::{HasDataLayout, Size};
@@ -48,15 +48,12 @@ pub trait PointerArithmetic: HasDataLayout {
 
     #[inline]
     fn overflowing_signed_offset(&self, val: u64, i: i64) -> (u64, bool) {
-        if i < 0 {
-            // Trickery to ensure that `i64::MIN` works fine: compute `n = -i`.
-            // This formula only works for true negative values; it overflows for zero!
-            let n = u64::MAX - (i as u64) + 1;
+        let n = uabs(i);
+        if i >= 0 {
+            self.overflowing_offset(val, n)
+        } else {
             let res = val.overflowing_sub(n);
             self.truncate_to_ptr(res)
-        } else {
-            // `i >= 0`, so the cast is safe.
-            self.overflowing_offset(val, i as u64)
         }
     }