Signed word lengths and indexes

div0 div0 at users.sourceforge.net
Mon Jun 14 15:43:32 PDT 2010 

On 14/06/2010 21:52, bearophile wrote:
> I have found a Reddit discussion few days old:
> http://www.reddit.com/r/programming/comments/cdwz5/the_perils_of_unsigned_iteration_in_cc/
>
>  It contains this, that I quote (I have no idea if it's true), plus
> follow-ups:
>
>> At Google using uints of all kinds for anything other than bitmasks
>> or other inherently bit-y, non computable things is strongly
>> discouraged. This includes things like array sizes, and the
>> warnings for conversion of size_t to int are disabled. I think it's
>> a good call.<
>
> I have expressed similar ideas here:
> http://d.puremagic.com/issues/show_bug.cgi?id=3843
>
> Unless someone explains me why I am wrong, I will keep thinking that
> using unsigned words to represent lengths and indexes, as D does, is
> wrong and unsafe, and using signed words (I think C# uses ints for
> that purpose) in D is a better design choice.

Well for a start, you lose half your addressable memory.

unsigned numbers are only a problem if you don't understand how they 
work, but that goes for just about everything else as well.

Personally I hate the use of signed numbers as array indices; it's 
moronic and demonstrates the writers lack of understanding. It's very 
rare to actually want to index an array with a negative number.
Last time I did that was years ago when writing in assembler; and that
was an optimisation hack to squeeze maximum performance out of my code.

c.f.

Item getItem(int indx) {
   if(indx >= 0 && indx < _arr.length)
     return _arr[indx];
   throw new Error(...)
}

vs.

// cleaner no?
Item getItem(uint indx) {
   if(indx < _arr.length)
     return _arr[indx];
   throw new Error(...)
}

and backwards iteration:

for(int i = end - 1; i >= 0; --i)
   ...

vs

for(uint i = end - 1; i < length; --i)
   ...

Ok about the same, but I find the second more clear, the
i < length clearly indicates iteration over the whole array.

And that second wrong bit of code on the blog is wrong
with signed numbers as well:

int len = strlen(some_c_str);
// say some_c_str is empty so len = 0
int i;
for (i = 0; i < len - 1; ++i) {
   // so len - 1 == -1
   // iterate until i wraps round and becomes -1
}

Using 'int's doesn't magically fix it. Wrong code is just wrong.

I do think that allowing un-casted assignments between signed/unsigned 
is a problem though; that's where most of the bugs creep up I've come 
across crop up. I think D should simply disallow implicit mixing of 
signd-ness.

Hasn't that been discussed before? (I'm not referring to the recent post 
in d.learn) It seems familiar.

-- 
My enormous talent is exceeded only by my outrageous laziness.
http://www.ssTk.co.uk

More information about the Digitalmars-d mailing list