On 3/2/17 4:49 PM, Steven Watanabe via Boost wrote:
AMDG
.... I guess this illustrates the impossibility for normal people to actually write demonstrably correct code. ... without the help of something like this.
Tell me about it: https://github.com/boostorg/random/blob/develop/include/boost/random/uniform...
I took a look at this, and it looks good to me.
Ahhh - finally I see your point. assignment using d as an accumuator loses the range calculated at compile time so subsequent operations can't be guaranteed to not overflow.
Yeah. This makes it a bit inconvenient to use trap_exception with anything other than a strict functional style.
Actually this turns out to be a very quite interesting point. I started an example of taking a small micro computer program for controlling a stepper motor and using the compile time trapping facility to tweak the program so that it would guaranteed to not produce an invalid result without invoking any runtime overhead. Things went pretty well until I had to actually update the to position. At this point I had to more than "tweak" the program or give up on my goal of avoiding runtime overhead to guarantee no incorrect behavior. At that point I suspended work on the example because it failed to illustrate my hope that I could take a legacy program for an foreign processor and make minimal changes to guarantee correctness w/o runtime overhead. But the experiment was very interesting and useful and I hope to get back to it when I understand the science of computer programming better. Robert Ramey
In Christ, Steven Watanabe
_______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost