bearophile wrote:
Walter, as many good long-time C programmers, knows the abusive
unsigned rule so well he's not hurt by it and consequently has
little incentive to see it as a problem.
I'm not a newbie of programming, but in the last year I have put in
my code two bugs related to this, so I suggest to find ways to avoid
this silly situation. I think the first bug was something like: if
(arr.lenght > x) ...
where x was a signed int with value -5 (this specific bug can also be
solved making array length a signed value. What's the point of making
it unsigned in the first place? I have seen that in D it's safer to
use signed values everywhere you don't strictly need an unsigned
value. And that length doesn't need to be unsigned).
It's worthwhile keeping length an unsigned type if we can convincingly
sell unsigned types as models of natural numbers. With the current
rules, we can't make a convincing argument. But if we do manage to
improve the rules, then we'll all be better off.
Andrei
