Skip to content

Commit 581b306

Browse files
sayantnsayantn
committed
Make ADC/ADX intrinsics safe
1 parent 8b51bf5 commit 581b306

File tree

2 files changed

+120
-131
lines changed

2 files changed

+120
-131
lines changed

crates/core_arch/src/x86/adx.rs

Lines changed: 62 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@ unsafe extern "unadjusted" {
1717
#[inline]
1818
#[cfg_attr(test, assert_instr(adc))]
1919
#[stable(feature = "simd_x86_adx", since = "1.33.0")]
20-
pub unsafe fn _addcarry_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
21-
let (a, b) = llvm_addcarry_u32(c_in, a, b);
20+
pub fn _addcarry_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
21+
let (a, b) = unsafe { llvm_addcarry_u32(c_in, a, b) };
2222
*out = b;
2323
a
2424
}
@@ -32,7 +32,7 @@ pub unsafe fn _addcarry_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
3232
#[target_feature(enable = "adx")]
3333
#[cfg_attr(test, assert_instr(adc))]
3434
#[stable(feature = "simd_x86_adx", since = "1.33.0")]
35-
pub unsafe fn _addcarryx_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
35+
pub fn _addcarryx_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
3636
_addcarry_u32(c_in, a, b, out)
3737
}
3838

@@ -44,8 +44,8 @@ pub unsafe fn _addcarryx_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
4444
#[inline]
4545
#[cfg_attr(test, assert_instr(sbb))]
4646
#[stable(feature = "simd_x86_adx", since = "1.33.0")]
47-
pub unsafe fn _subborrow_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
48-
let (a, b) = llvm_subborrow_u32(c_in, a, b);
47+
pub fn _subborrow_u32(c_in: u8, a: u32, b: u32, out: &mut u32) -> u8 {
48+
let (a, b) = unsafe { llvm_subborrow_u32(c_in, a, b) };
4949
*out = b;
5050
a
5151
}
@@ -58,38 +58,36 @@ mod tests {
5858

5959
#[test]
6060
fn test_addcarry_u32() {
61-
unsafe {
62-
let a = u32::MAX;
63-
let mut out = 0;
64-
65-
let r = _addcarry_u32(0, a, 1, &mut out);
66-
assert_eq!(r, 1);
67-
assert_eq!(out, 0);
68-
69-
let r = _addcarry_u32(0, a, 0, &mut out);
70-
assert_eq!(r, 0);
71-
assert_eq!(out, a);
72-
73-
let r = _addcarry_u32(1, a, 1, &mut out);
74-
assert_eq!(r, 1);
75-
assert_eq!(out, 1);
76-
77-
let r = _addcarry_u32(1, a, 0, &mut out);
78-
assert_eq!(r, 1);
79-
assert_eq!(out, 0);
80-
81-
let r = _addcarry_u32(0, 3, 4, &mut out);
82-
assert_eq!(r, 0);
83-
assert_eq!(out, 7);
84-
85-
let r = _addcarry_u32(1, 3, 4, &mut out);
86-
assert_eq!(r, 0);
87-
assert_eq!(out, 8);
88-
}
61+
let a = u32::MAX;
62+
let mut out = 0;
63+
64+
let r = _addcarry_u32(0, a, 1, &mut out);
65+
assert_eq!(r, 1);
66+
assert_eq!(out, 0);
67+
68+
let r = _addcarry_u32(0, a, 0, &mut out);
69+
assert_eq!(r, 0);
70+
assert_eq!(out, a);
71+
72+
let r = _addcarry_u32(1, a, 1, &mut out);
73+
assert_eq!(r, 1);
74+
assert_eq!(out, 1);
75+
76+
let r = _addcarry_u32(1, a, 0, &mut out);
77+
assert_eq!(r, 1);
78+
assert_eq!(out, 0);
79+
80+
let r = _addcarry_u32(0, 3, 4, &mut out);
81+
assert_eq!(r, 0);
82+
assert_eq!(out, 7);
83+
84+
let r = _addcarry_u32(1, 3, 4, &mut out);
85+
assert_eq!(r, 0);
86+
assert_eq!(out, 8);
8987
}
9088

9189
#[simd_test(enable = "adx")]
92-
unsafe fn test_addcarryx_u32() {
90+
fn test_addcarryx_u32() {
9391
let a = u32::MAX;
9492
let mut out = 0;
9593

@@ -119,44 +117,39 @@ mod tests {
119117
}
120118

121119
#[simd_test(enable = "adx")]
122-
unsafe fn test_addcarryx_u32_2() {
123-
unsafe fn add_1_2_3() -> u32 {
124-
let mut out = 0;
125-
_addcarryx_u32(1, 2, 3, &mut out);
126-
out
127-
}
128-
assert_eq!(6, add_1_2_3());
120+
fn test_addcarryx_u32_2() {
121+
let mut out = 0;
122+
_addcarryx_u32(1, 2, 3, &mut out);
123+
assert_eq!(6, out);
129124
}
130125

131126
#[test]
132127
fn test_subborrow_u32() {
133-
unsafe {
134-
let a = u32::MAX;
135-
let mut out = 0;
136-
137-
let r = _subborrow_u32(0, 0, 1, &mut out);
138-
assert_eq!(r, 1);
139-
assert_eq!(out, a);
140-
141-
let r = _subborrow_u32(0, 0, 0, &mut out);
142-
assert_eq!(r, 0);
143-
assert_eq!(out, 0);
144-
145-
let r = _subborrow_u32(1, 0, 1, &mut out);
146-
assert_eq!(r, 1);
147-
assert_eq!(out, a - 1);
148-
149-
let r = _subborrow_u32(1, 0, 0, &mut out);
150-
assert_eq!(r, 1);
151-
assert_eq!(out, a);
152-
153-
let r = _subborrow_u32(0, 7, 3, &mut out);
154-
assert_eq!(r, 0);
155-
assert_eq!(out, 4);
156-
157-
let r = _subborrow_u32(1, 7, 3, &mut out);
158-
assert_eq!(r, 0);
159-
assert_eq!(out, 3);
160-
}
128+
let a = u32::MAX;
129+
let mut out = 0;
130+
131+
let r = _subborrow_u32(0, 0, 1, &mut out);
132+
assert_eq!(r, 1);
133+
assert_eq!(out, a);
134+
135+
let r = _subborrow_u32(0, 0, 0, &mut out);
136+
assert_eq!(r, 0);
137+
assert_eq!(out, 0);
138+
139+
let r = _subborrow_u32(1, 0, 1, &mut out);
140+
assert_eq!(r, 1);
141+
assert_eq!(out, a - 1);
142+
143+
let r = _subborrow_u32(1, 0, 0, &mut out);
144+
assert_eq!(r, 1);
145+
assert_eq!(out, a);
146+
147+
let r = _subborrow_u32(0, 7, 3, &mut out);
148+
assert_eq!(r, 0);
149+
assert_eq!(out, 4);
150+
151+
let r = _subborrow_u32(1, 7, 3, &mut out);
152+
assert_eq!(r, 0);
153+
assert_eq!(out, 3);
161154
}
162155
}

crates/core_arch/src/x86_64/adx.rs

Lines changed: 58 additions & 62 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@ unsafe extern "unadjusted" {
1717
#[inline]
1818
#[cfg_attr(test, assert_instr(adc))]
1919
#[stable(feature = "simd_x86_adx", since = "1.33.0")]
20-
pub unsafe fn _addcarry_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
21-
let (a, b) = llvm_addcarry_u64(c_in, a, b);
20+
pub fn _addcarry_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
21+
let (a, b) = unsafe { llvm_addcarry_u64(c_in, a, b) };
2222
*out = b;
2323
a
2424
}
@@ -32,7 +32,7 @@ pub unsafe fn _addcarry_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
3232
#[target_feature(enable = "adx")]
3333
#[cfg_attr(test, assert_instr(adc))]
3434
#[stable(feature = "simd_x86_adx", since = "1.33.0")]
35-
pub unsafe fn _addcarryx_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
35+
pub fn _addcarryx_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
3636
_addcarry_u64(c_in, a, b, out)
3737
}
3838

@@ -44,8 +44,8 @@ pub unsafe fn _addcarryx_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
4444
#[inline]
4545
#[cfg_attr(test, assert_instr(sbb))]
4646
#[stable(feature = "simd_x86_adx", since = "1.33.0")]
47-
pub unsafe fn _subborrow_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
48-
let (a, b) = llvm_subborrow_u64(c_in, a, b);
47+
pub fn _subborrow_u64(c_in: u8, a: u64, b: u64, out: &mut u64) -> u8 {
48+
let (a, b) = unsafe { llvm_subborrow_u64(c_in, a, b) };
4949
*out = b;
5050
a
5151
}
@@ -58,38 +58,36 @@ mod tests {
5858

5959
#[test]
6060
fn test_addcarry_u64() {
61-
unsafe {
62-
let a = u64::MAX;
63-
let mut out = 0;
64-
65-
let r = _addcarry_u64(0, a, 1, &mut out);
66-
assert_eq!(r, 1);
67-
assert_eq!(out, 0);
68-
69-
let r = _addcarry_u64(0, a, 0, &mut out);
70-
assert_eq!(r, 0);
71-
assert_eq!(out, a);
72-
73-
let r = _addcarry_u64(1, a, 1, &mut out);
74-
assert_eq!(r, 1);
75-
assert_eq!(out, 1);
76-
77-
let r = _addcarry_u64(1, a, 0, &mut out);
78-
assert_eq!(r, 1);
79-
assert_eq!(out, 0);
80-
81-
let r = _addcarry_u64(0, 3, 4, &mut out);
82-
assert_eq!(r, 0);
83-
assert_eq!(out, 7);
84-
85-
let r = _addcarry_u64(1, 3, 4, &mut out);
86-
assert_eq!(r, 0);
87-
assert_eq!(out, 8);
88-
}
61+
let a = u64::MAX;
62+
let mut out = 0;
63+
64+
let r = _addcarry_u64(0, a, 1, &mut out);
65+
assert_eq!(r, 1);
66+
assert_eq!(out, 0);
67+
68+
let r = _addcarry_u64(0, a, 0, &mut out);
69+
assert_eq!(r, 0);
70+
assert_eq!(out, a);
71+
72+
let r = _addcarry_u64(1, a, 1, &mut out);
73+
assert_eq!(r, 1);
74+
assert_eq!(out, 1);
75+
76+
let r = _addcarry_u64(1, a, 0, &mut out);
77+
assert_eq!(r, 1);
78+
assert_eq!(out, 0);
79+
80+
let r = _addcarry_u64(0, 3, 4, &mut out);
81+
assert_eq!(r, 0);
82+
assert_eq!(out, 7);
83+
84+
let r = _addcarry_u64(1, 3, 4, &mut out);
85+
assert_eq!(r, 0);
86+
assert_eq!(out, 8);
8987
}
9088

9189
#[simd_test(enable = "adx")]
92-
unsafe fn test_addcarryx_u64() {
90+
fn test_addcarryx_u64() {
9391
let a = u64::MAX;
9492
let mut out = 0;
9593

@@ -120,33 +118,31 @@ mod tests {
120118

121119
#[test]
122120
fn test_subborrow_u64() {
123-
unsafe {
124-
let a = u64::MAX;
125-
let mut out = 0;
126-
127-
let r = _subborrow_u64(0, 0, 1, &mut out);
128-
assert_eq!(r, 1);
129-
assert_eq!(out, a);
130-
131-
let r = _subborrow_u64(0, 0, 0, &mut out);
132-
assert_eq!(r, 0);
133-
assert_eq!(out, 0);
134-
135-
let r = _subborrow_u64(1, 0, 1, &mut out);
136-
assert_eq!(r, 1);
137-
assert_eq!(out, a - 1);
138-
139-
let r = _subborrow_u64(1, 0, 0, &mut out);
140-
assert_eq!(r, 1);
141-
assert_eq!(out, a);
142-
143-
let r = _subborrow_u64(0, 7, 3, &mut out);
144-
assert_eq!(r, 0);
145-
assert_eq!(out, 4);
146-
147-
let r = _subborrow_u64(1, 7, 3, &mut out);
148-
assert_eq!(r, 0);
149-
assert_eq!(out, 3);
150-
}
121+
let a = u64::MAX;
122+
let mut out = 0;
123+
124+
let r = _subborrow_u64(0, 0, 1, &mut out);
125+
assert_eq!(r, 1);
126+
assert_eq!(out, a);
127+
128+
let r = _subborrow_u64(0, 0, 0, &mut out);
129+
assert_eq!(r, 0);
130+
assert_eq!(out, 0);
131+
132+
let r = _subborrow_u64(1, 0, 1, &mut out);
133+
assert_eq!(r, 1);
134+
assert_eq!(out, a - 1);
135+
136+
let r = _subborrow_u64(1, 0, 0, &mut out);
137+
assert_eq!(r, 1);
138+
assert_eq!(out, a);
139+
140+
let r = _subborrow_u64(0, 7, 3, &mut out);
141+
assert_eq!(r, 0);
142+
assert_eq!(out, 4);
143+
144+
let r = _subborrow_u64(1, 7, 3, &mut out);
145+
assert_eq!(r, 0);
146+
assert_eq!(out, 3);
151147
}
152148
}

0 commit comments

Comments
 (0)