Home > Articles > Programming > C/C++

  • Print
  • + Share This
Like this article? We recommend

Using ptrdiff_t

std::ptrdiff_t is used for both pointer arithmetic and array indexing. Code that uses other data types, such as integer, may fail on 64-bit processors when the underlying array is very large and the index exceeds INT_MAX. Let's look at some of these important numbers:

printf(“Maximum value for int is %d\n”, std::numeric_limits<int>::max()); 
printf(“Maximum value for unsigned short is %d\n”, std::numeric_limits<unsigned short>::max());
printf(“Value of 2 to the power of 30 is 1GByte, i.e.,%f\n”, pow(2.0, 30));
printf(“Maximum value for unsigned int is %u\n”, std::numeric_limits<unsigned int>::max());
printf(“Value of PTRDIFF_MAX is %ld\n”, std::numeric_limits<std::ptrdiff_t>::max());

Here's the output from this code:

Maximum value for int is                        2147483647
Maximum value for unsigned short is             65535
Value of 2 to the power of 30 is 1GByte, i.e.,  1073741824
Maximum value for unsigned int is               4294967295
Value of PTRDIFF_MAX is                         9223372036854775807

Notice the very restricted range of an unsigned short (maximum value 65535). This is unlikely to cut it in the wide-open 64-bit spaces of big arrays! The danger with a legacy array indexed by an unsigned short is that it may be all too easy to overrun the array boundary. This can happen in a quite subtle way, where an attempt to access the 64-bit array exceeds 65535. Why is it subtle? Well, once the range exceeds 65535, the unsigned short index value can loop back to zero. This is quite easy to see in an example:

unsigned short a[std::numeric_limits<unsigned short>::max()];
printf(“Number of array elements %u\n”,
sizeof(a)/sizeof(unsigned short));
// We now deliberately exceed the array boundary
for (unsigned int i = 0; i < std::numeric_limits<unsigned short>::max() + 3; i++) {
   if (i >= std::numeric_limits<unsigned short>::max()) {
      printf(“Exceeding range at i = %u\n”, i);
   }
   a[i] = i;
   if (i >= std::numeric_limits<unsigned short>::max()) {
     printf(“Value of array at i = %u\n”, a[i]);
   }
}

This code produces the following output:

Number of array elements 65535
Exceeding range at i = 65535
Value of array at i = 65535
Exceeding range at i = 65536  -------> Here, we get wraparound back to zero
Value of array at i = 0
Exceeding range at i = 65537
Value of array at i = 1

Imagine if we were looping through this array using an integer index. When the index value exceeds the range of unsigned short, we are then exceeding the array boundary. In the above case, the index wraps around to zero, after which we might inadvertently start overwriting the existing values.

Neither of these situations is desirable, although when you exceed an array boundary, the code may cause a segmentation fault. The latter may possibly be more helpful in trying to find the source of the problem, but there's no guarantee it will happen in a useful way.

This issue of index-value range is one reason why 64-bit arrays should be indexed using the data type std::ptrdiff_t. Remember, this type has a maximum limit:

Value of PTRDIFF_MAX is                         9223372036854775807

Plenty of headroom there, with no risk of wraparound.

  • + Share This
  • 🔖 Save To Your Account