C/C++ Why to use unsigned char for binary data?
In C the unsigned char
data type is the only data type that has all the following three properties simultaneously
- it has no padding bits, that it where all storage bits contribute to the value of the data
- no bitwise operation starting from a value of that type, when converted back into that type, can produce overflow, trap representations or undefined behavior
- it may alias other data types without violating the "aliasing rules", that is that access to the same data through a pointer that is typed differently will be guaranteed to see all modifications
if these are the properties of a "binary" data type you are looking for, you definitively should use unsigned char
.
For the second property we need a type that is unsigned
. For these all conversion are defined with modulo arihmetic, here modulo UCHAR_MAX+1
, 256
in most 99% of the architectures. All conversion of wider values to unsigned char
thereby just corresponds to truncation to the least significant byte.
The two other character types generally don't work the same. signed char
is signed, anyhow, so conversion of values that don't fit it is not well defined. char
is not fixed to be signed or unsigned, but on a particular platform to which your code is ported it might be signed even it is unsigned on yours.
The plain char
type is problematic and shouldn't be used for anything but strings. The main problem with char
is that you can't know whether it is signed or unsigned: this is implementation-defined behavior. This makes char
different from int
etc, int
is always guaranteed to be signed.
Although VC gave the warning ... truncation of constant value
It is telling you that you are trying to store int literals inside char variables. This might be related to the signedness: if you try to store an integer with value > 0x7F inside a signed character, unexpected things might happen. Formally, this is undefined behavior in C, though practically you'd just get a weird output if attempting to print the result as an integer value stored inside a (signed) char.
In this specific case, the warning shouldn't matter.
EDIT :
In other related questions unsigned char is highlighted because it is the only (byte/smallest) data type which is guaranteed to have no padding by the C-specification.
In theory, all integer types except unsigned char and signed char are allowed to contain "padding bits", as per C11 6.2.6.2:
"For unsigned integer types other than unsigned char, the bits of the object representation shall be divided into two groups: value bits and padding bits (there need not be any of the latter)."
"For signed integer types, the bits of the object representation shall be divided into three groups: value bits, padding bits, and the sign bit. There need not be any padding bits; signed char shall not have any padding bits."
The C standard is intentionally vague and fuzzy, allowing these theoretical padding bits because:
- It allows different symbol tables than the standard 8-bit ones.
- It allows implementation-defined signedness and weird signed integer formats such as one's complement or "sign and magnitude".
- An integer may not necessarily use all bits allocated.
However, in the real world outside the C standard, the following applies:
- Symbol tables are almost certainly 8 bits (UTF8 or ASCII). Some weird exceptions exist, but clean implementations use the standard type wchar_t when implementing symbols tables larger than 8 bits.
- Signedness is always two's complement.
- An integer always uses all bits allocated.
So there is no real reason to use unsigned char or signed char just to dodge some theoretical scenario in the C standard.
You'll get most of your problems when comparing the contents of individual bytes:
char c[5];
c[0] = 0xff;
/*blah blah*/
if (c[0] == 0xff)
{
printf("good\n");
}
else
{
printf("bad\n");
}
can print "bad", because, depending on your compiler, c[0] will be sign extended to -1, which is not any way the same as 0xff