Mathias Gaunard skrev 2011-09-05 11:30:
On 09/04/2011 09:16 PM, Leif Linderstam wrote:
What I have not found yet though is a library that checks bounds at compile time. Me personally I would like to have the compiler check as much as possible. For instance, the compiler would complain about an assignment if the target's range is not a superset of the source's, unless an explicit conversion is made.
Does anyone know of a library supporting this?
How would addition and multiplication work?
They produce new ranges, e.g. for the addition A + B the range of the result is [ A_low + B_low, A_high + B_high ] where A_low is the lower bound of A's range, and so on. The result of all operators must have a valid range, which indeed has some fundamental implications. First, all bit operators are ruled out because if it is at all possible to compute a new range, the result is probably not that interesting. But the actual bit pattern of an integer is actually just a representation, one of potentially many although in practice it is probably hard to find anything but two-complements representation today. For bit patterns, use a bit pattern type. Second, assignment of a value back to one of the operands, i.e. A = A + B, will invariably require the use of an explicit range conversion. This means that the compound assignments and increment/decrement operators, if at all supported, must do an implicit range conversion. Range conversions, explicit or implicit, must do a dynamic range check so these operations will not be statically checked. Sincerely, Leif Linderstam