c and cpp pitfalls, mixing signed and unsigned integer, implicit conversion

copyright (C) 2011-2017 iesensor.com

1. mixing unsigned and sign int is a bad idea

  • first of all, remember: signed int types will be implicitly converted to unsigned if sizeof(signed int types) == sizeof(unsigned int types)
  • Google C++ coding standard, say “do not use unsigned integer”
  • C++ STL using size_t which is unsigned int to represent size of containters like std::vector, std::string
  • do not assume sizeof(int types), always #include <stdint.h> and use int64_t
  • compiler can warn warning: comparison between signed and unsigned integer expressions [-Wsign-compare] . However, mixed unsigned and signed int algorithm is not warned
  • JAVA before Java 8 SE does not support unsigned int, even in Java 8 SE you can not declare unsigned int types, but only using static methods, unsigned comparison.
    There are good reason not to supported it.
  • python built-in integer/long is unsigned, but ctypes module defined c++ unsigned types; python 3 integer will not overflow
  • see also

http://blog.robertelder.org/signed-or-unsigned-part-2/

example and explanation from stackoverflow

2. Relevant quote from the Standard: Expressions

10 Many binary operators that expect operands of arithmetic or enumeration type cause conversions and yield result types in a similar way. The purpose is to yield a common type, which is also the type of the result. This pattern is called the usual arithmetic conversions, which are de?ned as follows:

2 clauses about equal types or types of equal sign omitted

  • Otherwise, if the operand that has unsigned integer type has rank greater than or equal to the rank of the type of the other operand, the operand with signed integer type shall be converted to the type of the operand with unsigned integer type.
  • Otherwise, if the type of the operand with signed integer type can represent all of the values of the type of the operand with unsigned integer type, the operand with unsigned integer type shall be converted to the type of the operand with signed integer type.
  • Otherwise, both operands shall be converted to the unsigned integer type corresponding to the type of the operand with signed integer type.

3. pitfall of overflow and underflow

  • overflow detection can not been done by compiler but user
  • float overflow could be captured and hook to abort routine
  • avoiding infinite looping for underflow by compiler warning

    comparison of unsigned expression >= 0 is always true [-Wtype-limits]

  • assigned minus int to unsigned int should be prohibited, try hex instead or UINT_MAX – 1, since compiler will not warn you for implicit conversion into unsigned int types

4. pitfall of implicit conversion

see more c and c++ pitfalls

Guru of the Week (GotW)

Guru of the Week (GotW) is a series of C++ programming problems created and written by Herb Sutter.

 

BSD documentation licensed Free for non-commercial usage only
Author: Qingfeng XIA
copyright (C) 2011-2017
http://www.iesensor.com
please keep the original link in your reference.
http://www.iesensor.com/blog/2016/12/21/c-and-cpp-pitfalls-mixing-signed-and-unsigned-integer-implicit-conversion/
This entry was posted in Programming. Bookmark the permalink.