C++ Tips
TotW #1:
string_viewTotW #3: String Concatenation and
operator+vs.StrCat()TotW #3: String Concatenation and operator+ vs. StrCat()
TotW #5: Disappearing Act
TotW #5: Disappearing Act
Performance TotW #7: Optimizing for application productivity
Performance TotW #9: Optimizations past their prime
TotW #10: Splitting Strings, not Hairs
TotW #11: Return Policy
TotW #18: String Formatting with Substitute
Performance TotW #21: Improving the efficiency of your regular expressions
TotW #24: Copies, Abbrv.
TotW #36: New Join API
Performance TotW #39: Beware microbenchmarks bearing gifts
TotW #42: Prefer Factory Functions to Initializer Methods
TotW #45: Avoid Flags, Especially in Library Code
TotW #49: Argument-Dependent Lookup
Performance TotW #52: Configuration knobs considered harmful
Performance TotW #53: Precise C++ benchmark measurements with Hardware Performance Counters
TotW #55: Name Counting and unique_ptr
TotW #59: Joining Tuples
Performance TotW #60: In-process profiling: lessons learned
TotW #61: Default Member Initializers
Performance TotW #64: More Moore with better API design
TotW #64: Raw String Literals
TotW #65: Putting Things in their Place
Performance TotW #70: Defining and measuring optimization success
Performance TotW #74: Avoid sweeping street lights under rugs
TotW #74: Delegating and Inheriting Constructors
Performance TotW #75: How to microbenchmark
TotW #76: Use
absl::StatusTotW #77: Temporaries, Moves, and Copies
TotW #86: Enumerating with Class
TotW #88: Initialization: =, (), and {}
TotW #90: Retired Flags
TotW #93: using absl::Span
TotW #94: Callsite Readability and bool Parameters
TotW #99: Nonmember Interface Etiquette
TotW #101: Return Values, References, and Lifetimes
TotW #103: Flags Are Globals
TotW #107: Reference Lifetime Extension
TotW #108: Avoid
std::bindTotW #109: Meaningful `const` in Function Declarations
TotW #112: emplace vs. push_back
TotW #116: Keeping References on Arguments
TotW #117: Copy Elision and Pass-by-value
TotW #119: Using-declarations and namespace aliases
TotW #120: Return Values are Untouchable
TotW #122: Test Fixtures, Clarity, and Dataflow
TotW #123:
absl::optionalandstd::unique_ptrTotW #124:
absl::StrFormat()TotW #126: `make_unique` is the new `new`
TotW #130: Namespace Naming
TotW #131: Special Member Functions and `= default`
TotW #134:
make_uniqueandprivateConstructors.TotW #135: Test the Contract, not the Implementation
TotW #136: Unordered Containers
TotW #140: Constants: Safe Idioms
TotW #141: Beware Implicit Conversions to
boolTotW #142: Multi-parameter Constructors and
explicitTotW #143: C++11 Deleted Functions (
= delete)TotW #144: Heterogeneous Lookup in Associative Containers
TotW #146: Default vs Value Initialization
TotW #147: Use Exhaustive
switchStatements ResponsiblyTotW #148: Overload Sets
TotW #149: Object Lifetimes vs.
= deleteTotW #152:
AbslHashValueand YouTotW #153: Don't Use using-directives
TotW #158: Abseil Associative containers and
contains()TotW #161: Good Locals and Bad Locals
TotW #163: Passing
std::optionalparametersTotW #165:
ifandswitchstatements with initializersTotW #166: When a Copy is not a Copy
TotW #168:
inlineVariablesTotW #171: Avoid Sentinel Values
TotW #172: Designated Initializers
TotW #173: Wrapping Arguments in Option Structs
TotW #175: Changes to Literal Constants in C++14 and C++17.
TotW #176: Prefer Return Values to Output Parameters
TotW #177: Assignability vs. Data Member Types
TotW #180: Avoiding Dangling References
TotW #181: Accessing the value of a StatusOr<T>
TotW #182: Initialize Your Ints!
TotW #186: Prefer to Put Functions in the Unnamed Namespace
TotW #187:
std::unique_ptrMust Be MovedTotW #188: Be Careful With Smart-Pointer Function Parameters
TotW #198: Tag Types
TotW #215: Stringifying Custom Types with
AbslStringify()TotW #218: Designing Extension Points With FTADLE
TotW #224: Avoid
vector.at()TotW #227: Be Careful with Empty Containers and Unsigned Arithmetic
TotW #229: Ranked Overloads for Template Metaprogramming
Tip of the Week #171: Avoid Sentinel Values
Originally posted as TotW #171 on November 8, 2019
By Hyrum Wright
Updated 2020-04-06
Quicklink: abseil.io/tips/171
Sentinel values are values that have special meaning in a specific context. For example, consider the following API:
// Returns the account balance, or -5 if the account has been closed. int AccountBalance();
Every value of int is documented to be a valid return value for
AccountBalance, except for -5. Intuitively, this feels a bit odd: should
callers only check against -5 specifically, or is any negative value a
reliable “account closed” signal? What happens when the system supports negative
balances and the API needs to be adjusted to return negative values?
Using sentinel values increases the complexity of the calling code. If the caller is rigorous, it explicitly checks against the sentinel value:
int balance = AccountBalance();
if (balance == -5) {
LOG(ERROR) << "account closed";
return;
}
// use `balance` here
Some callers may check against a broader range of values than is specified:
int balance = AccountBalance();
if (balance <= 0) {
LOG(ERROR) << "where is my account?";
return;
}
// use `balance` here
And some callers may just ignore the sentinel value altogether, assuming that it doesn’t actually occur in practice:
int balance = AccountBalance(); // use `balance` here
Problems with Sentinel Values
The above example illustrates some of the common problems with using sentinel values. Others include:
- Different systems may use different sentinel values, such as a single negative value, all negative values, an infinite value, or any arbitrary value. The only way to communicate the special value is through documentation.
- The sentinel values are still part of the type’s domain of valid values, so neither the caller nor the callee is forced by the type system to acknowledge that a value may be invalid. When code and comments disagree, both are usually wrong.
- Sentinel values limit interface evolution, as the specific sentinel may someday be a valid value for use in that system.
- One system’s sentinel value is another’s valid value, increasing cognitive overhead and code complexity when interfacing with multiple systems.
Forgetting to check for specified sentinel values is a common bug. In the best case, the use of an unchecked sentinel value will immediately crash the system during runtime. More frequently, an unchecked sentinel value may continue to propagate through the system, producing bad results as it goes.
Use std::optional Instead
Use std::optional to indicate unavailable or invalid information instead of
using special values.
// Returns the account balance, or std::nullopt if the account has been closed. std::optional<int> AccountBalance();
The caller of our new version of AccountBalance() now must explicitly look
inside the returned value for a potential balance, signalling that the result
might be invalid in the process. Barring additional documentation, the caller
can assume that any valid int value can be returned from this function,
without excluding specific sentinel values. This simplification clarifies the
intent of calling code.
std::optional<int> balance = AccountBalance();
if (!balance.has_value()) {
LOG(ERROR) << "Account doesn't exist";
return;
}
// use `*balance` here
Next time you are tempted to use a sentinel value within your system, strongly
consider using an appropriate std::optional instead.
See Also
