//@ The reason for this is that many serious security vulnerabilities have been caused by integer overflows, so just assuming
//@ "per default" that they are intended is dangerous. <br/>
//@ If you explicitly *do* want an overflow to happen, you can call the `wrapping_add`
- //@ function (see [the documentation](http://doc.rust-lang.org/stable/std/primitive.u64.html#method.wrapping_add),
+ //@ function (see [the documentation](https://doc.rust-lang.org/stable/std/primitive.u64.html#method.wrapping_add),
//@ there are similar functions for other arithmetic operations). There are also similar functions
//@ `checked_add` etc. to enforce the overflow check.
- let sum = u64::wrapping_add(a, b);
+ let sum = a.wrapping_add(b);
// If an overflow happened, then the sum will be smaller than *both* summands. Without an overflow, of course, it will be
// at least as large as both of them. So, let's just pick one and check.
if sum >= a {
// The addition did not overflow. <br/>
// **Exercise 08.1**: Write the code to handle adding the carry in this case.
- unimplemented!()
+ let sum_total = sum.wrapping_add(if carry { 1 } else { 0 });/*@@*/
+ let had_overflow = sum_total < sum; /*@@*/
+ (sum_total, had_overflow) /*@@*/
} else {
- // The addition *did* overflow. It is impossible for the addition of the carry
+ // Otherwise, the addition *did* overflow. It is impossible for the addition of the carry
// to overflow again, as we are just adding 0 or 1.
(sum + if carry { 1 } else { 0 }, true) /*@*/
}
impl ops::Add<BigInt> for BigInt {
//@ Besides static functions and methods, traits can contain *associated types*: This is a type chosen by every particular implementation
//@ of the trait. The methods of the trait can then refer to that type. In the case of addition, it is used to give the type of the result.
- //@ (Also see the [documentation of `Add`](http://doc.rust-lang.org/stable/std/ops/trait.Add.html).)
+ //@ (Also see the [documentation of `Add`](https://doc.rust-lang.org/stable/std/ops/trait.Add.html).)
//@
//@ In general, you can consider the two `BigInt` given above (in the `impl` line) *input* types of trait search: When
//@ `a + b` is invoked with `a` having type `T` and `b` having type `U`, Rust tries to find an implementation of `Add` for
carry = new_carry; /*@*/
}
// **Exercise 08.2**: Handle the final `carry`, and return the sum.
- unimplemented!()
+ if carry { /*@@*/
+ result_vec.push(1); /*@@*/
+ } /*@@*/
+ BigInt { data: result_vec } /*@@*/
}
}
//@ Rust would not bother compiling them when you just build your program for normal use. Other than that, tests work as usually.
#[cfg(test)]
mod tests {
- #[test]
+ use part05::BigInt;
+
+ /*#[test]*/
fn test_add() {
let b1 = BigInt::new(1 << 32);
let b2 = BigInt::from_vec(vec![0, 1]);
// **Exercise 08.6**: Write a subtraction function, and testcases for it. Decide for yourself how you want to handle negative results.
// For example, you may want to return an `Option`, to panic, or to return `0`.
-//@ [index](main.html) | [previous](part07.html) | [next](part09.html)
+//@ [index](main.html) | [previous](part07.html) | [raw source](https://www.ralfj.de/git/rust-101.git/blob_plain/HEAD:/workspace/src/part08.rs) | [next](part09.html)