Signed Size

Use Int (i.e. signed) as the return type for *.size().

Mixing signed and unsigned integers is error-prone, and even pure unsigned arithmetic is often unintuitive and dangerous.

Classic C/C++ pitfall:
aUInt - 1 >= 0 is always true (even if aUInt is 0)

When working with sizes, subtraction is common. The moment you compute differences, you need a signed type anyway. So just use Int, then Size, SSize, and PtrDiff are unnecessary. UInt should be reserved for rare cases like hardware registers, bit masks, and flags — not used for sizes.

See also Going Native 2012, Day 2, Interactive Panel: Ask Us Anything

• 42:41 - 45:28
  Bjarne Stroustrup and Herb Sutter recommend using signed integer.
• 1:02:51 - 1:03:14
  Herb Sutter and Chandler Carruth about unsigned size_t in the C++ STL containers: “They are wrong”, “We are sorry”

Anyone who needs more than 2GB of data in a single “byte array”, should please use a 64 bit platform.

For bounds checking, the two comparisons x >= 0 and x < width may very well be reduced to a single UInt(x) < width by the compiler in an optimization step.