Re: [RFC PATCH 0/2] rust: bounded integer types and use in register macro

[Alexandre Courbot]

On Thu Oct 2, 2025 at 7:07 AM JST, Joel Fernandes wrote:
> Hi Alex,
>
> Nice!
>
> On 10/1/2025 11:03 AM, Alexandre Courbot wrote:
>> For convenience, this PoC is based on drm-rust-next. If we decide to
>> proceed with it, we would do it after the patchset extracting and moving
>> the bitfield logic [3] lands, as the two would conflict heavily.
>
> I would strongly prefer this as well, to avoid conflicts. On initial look, this
> seems to be in the right direction and solves the pain points we were seeing.
>
> -            .set_sec(if sec { 1 } else { 0 });
> +            .set_sec_bounded(BoundedInt::new(if sec { 1 } else { 0 }));
>
> Here, I would prefer if we did not add _bounded, since the idea is to solve the
> problems in the macro's setters itself (make it infallible, not panicking etc).
> So we can just modify those?

Oh absolutely, the and goal is to replace the existing accessors. For
this RFC I went the lazy way and added new ones, otherwise I would have
had to update more call sites in nova-core.

>
> Also, BoundedInt sounds like a good name to me IMO.
>
> Also, since TryFrom trait is implemented in the first patch, then in nova we can
> just do the following?
>   .set_foo(value.try_into()?);

Yes! That does work indeed and is more concise. And we can also make
things less verbose on the caller side by adding a new generic setter in
the form of:

    fn try_set_field<T: TryInto<BoundedInt<..>>(self, value:T) -> Result

This setter could try to perform the conversion itself and return an
error as needed, and the caller would just need to call e.g.

    .try_set_foo(value)?;

instead of building the BoundedInt themselves.

There are also many other improvements that can be done, like having
fields with a round number of bits be represented by the relevant
primitive directly instead of a BoundedInt, but that will requires some
more macro magic.