On Mon, 26 Nov 2018 at 10:12, Alexander Grund via Boost < boost@lists.boost.org> wrote:
IF you know absolutely sure that this signed value is always non-negative, then why not: a) Change the parameter type to unsigned to communicate this as a precondition of the function
b) add a cast to the unsigned parameter type and potentially an assert if this helps future readers and catch precondition violations
I don't see where this cast is wrong. It does the same as the implicit cast but explicit and hence conveys *intend*.
But it [any of those options] will never alert you to a violation of that precondition. Making std::size_t unsigned is a mistake IMO.
In conclusion: These warnings are about suspicious code that *needs* to be inspected.
If you do as Emil proposes, run a debug build with [that type of] asserts you'll **know** that **your** surrounding code [or **your** input ] is wrong and you'll **know** something needs fixing (not with a cast, but **your** [surrounding] logic). To me his [Emil's] argument is convincing, casting just hides the problem, and since it's hidden, now you'll have to go try and find it, i.e. more time spent debugging [coz you just shot yourself in the foot and you don't know where the gun is (carrying a concealed weapon is a criminal offense in the US AFAIK ;-) )]. We should have a dynamic_assert b.t.w., i.e. the converse of static_assert (in C++, not the C macro). degski -- *“If something cannot go on forever, it will stop" - Herbert Stein*