Re: Style question: comparison between signed and unsigned?

Leslie F. Donaldson (donaldlf@cs.rose-hulman.edu)
Tue, 23 Sep 1997 11:25:31 -0500 (EST)

>>/* check for errors *?
>>if (i == -1)
>>return i;
>>
>>/* check that we got a valid packet */
>>if (i < sizeof(struct pkthdr))
>>return SHORT_PACKET;
>>
>>Now, the PROBLEM is that if gcc warns about signed/unsigned comparisons
>>(which some versions of gcc do), gcc will totally needlessly (and in my
>>opinion incorrectly) warn about the second test (ie "i < sizeof(struct
>>pkthdr)"). Because "i" is signed, but "sizeof" is unsigned.
>>

I must disagree with this statment. because the comparsion of an
signed/unsigned int could be a problem.
Mainly when comparring -1 to anything.

>>
>>"i" _has_ to be signed, because of the magic meaning of a negative return
>>value. This is something very deeply embedded into C - nitpickers can
>>claim that "read()" is not strictly part of the C language, but the point
>>is that this is common practice and is used by quite a large number of C
>>interfaces.
>>
True, This is common with all inband communication systems.

>>
>>So to get rid of that _spurious_ warning, I'd have to change the test into
>>something like:
>>
>>if (i < (int) sizeof(struct pkthdr))
>>return SHORT_PACKET;

Actually this cast is wrong. sice the sizeof could return a value that could
not be held in an int. there better cast would be.

if (((size_t)i)< sizeof(struct pkthdr))

>>
>>Quite frankly, anybody who claims that the extra cast is a good thing
>>should be shot on the spot - the extra cast is an abomination and has _no_
>>redeeming features except to shut up a warning from a compiler that thinks
>>it knows better than the programmer.
>>

Very true, but the problem isn't the compiler, or the programmer , it is the
person that designed the interface to read.

>>Anybody who thinks that their compiler is smarter than they are probably
>>disagrees with me. But type-casts are the _single_ most dangerous thing
>>you can do in C, and a compiler that _encourages_ you to add spurious type
>>casting for no gain is a bad compiler.
>>

I think in this case I agree but also disagree. The compile is right
in warning you to help reduce errors. The cast dosen't (or shouldn't)
affect the running of the code but it does cause the programmer to think
about what they have wrote and to verify the types.

Actually now that I think about it read can return a value up to size_t
because that is how many bytes you can request. If I rember correctly
on my unsigned to signed conversions the -1 represents the max value
for an unsigned number. so read returns a value from 0 to max(unsigned)
with max(unsigned) == error.
therefore the code for it might read

size_t i =read(....);
if((signed)i ==(-1))
error
else
no error

Just My (2 cents (dollars)) worth. hmm that could be a useful typecast.

>>
>>Linus
>>
>>
/----------------------------\ Current Contractor: Oxford International
| Leslie F. Donaldson | Current Customer : Entergy Inc.
| Computer Contractor | Skills: Unix/OS9/VMS/Linux/SUN-OS/C/C++/assembly
| Have Computer will travel. | Curr : http://www.cs.rose-hulman.edu/~donaldlf
\----------------------------/ Current Email : donaldlf@cs.rose-hulman.edu
Goth Code V1.1: GoCS$$ TYg(T6,T9) B11Bk!^1 C6b-- P0(1,7) M+ a24 n--- b++:+
H6'11" g m---- w+ r+++ D--~!% h+ s10 k+++ R-- Ssw LusCA++