[rust-dev] Appeal for CORRECT, capable, future-proof math, pre-1.0

Tobias Müller troplin at bluewin.ch
Tue Jan 14 12:26:30 PST 2014


comex <comexk at gmail.com> wrote:
> On Mon, Jan 13, 2014 at 4:06 PM, Tobias Müller <troplin at bluewin.ch> wrote:
>> int<l1,u1> + int<l2,u2> = int<l1+l2,u1+u2>
>> ...
>> 
>> If the result does not fit into an int the compiler throws an error.
>> To resolve an error, you can:
>> - annotate the operands with appropriate bounds
>> - use a bigger type for the operation and check the result.
> 
> I remember wondering whether this type of solution would be feasible
> or too much of a hassle in practice.  As I see it, many values which
> might be arithmetic operands are sizes or counts, and really ought to
> be size_t sized, and any mutable variable which is operated on in a
> loop can't be bounded with a lot more complexity, so it might lean
> toward the latter.

You are right, mutations that depend on previous values of the same
variable are a problem. For example it would be impossible to determine
bounds for i in 'i = i + 1'.
But you could shadow i like 'let i = i + 1'. However that is no more
mutation but definition of a new variable.

Tobi



More information about the Rust-dev mailing list