On Mon, Nov 26, 2018 at 3:44 PM Gavin Lambert via Boost < boost@lists.boost.org> wrote:
On 27/11/2018 12:05, Peter Dimov wrote:
Gavin Lambert wrote:
As an index for a vector or array which cannot have a valid index below zero, it's perfectly fine.
It's not perfectly fine, because you can pass a negative index to it and there's no way to check for that (from within the function). If you take a signed type, you can assert.
You cannot pass a negative index to it without a warning at the call site, so you have to fix it there anyway.
If you have: void f( unsigned ); void g( int x ) { f(x); } I don't think you'll get a warning. But I might be wrong, so let's say you do get a warning, so you do: void g( int x ) { f( static_cast<unsigned>(x) ); } How does this help in detecting the logic error of passing a negative x to g? Can you quantify the exact mechanics by which this cast makes your code safer? By what measure is the code less safe without the cast?