On 27/11/2018 12:05, Peter Dimov wrote:
Gavin Lambert wrote:
As an index for a vector or array which cannot have a valid index below zero, it's perfectly fine.
It's not perfectly fine, because you can pass a negative index to it and there's no way to check for that (from within the function). If you take a signed type, you can assert.
You cannot pass a negative index to it without a warning at the call site, so you have to fix it there anyway. Besides, in C++20 signed-unsigned integer conversion will be officially required to be 2s complement (and prior to this all major platforms implement it that way anyway). In this case for any non-massive array you're fairly safe (esp. when someone fixes the call site) with a simple: assert(i < size()); (Whereas with a signed index you would have to also check for negative values.)