Boost logo

Boost :

Subject: Re: [boost] Current Guidance on Compiler Warnings?
From: degski (degski_at_[hidden])
Date: 2018-11-26 13:50:36


On Mon, 26 Nov 2018 at 10:12, Alexander Grund via Boost <
boost_at_[hidden]> wrote:

> IF you know absolutely sure that this signed value is always
> non-negative, then why not:
> a) Change the parameter type to unsigned to communicate this as a
> precondition of the function
>
> b) add a cast to the unsigned parameter type and potentially an assert
> if this helps future readers and catch precondition violations
>
> I don't see where this cast is wrong. It does the same as the implicit
> cast but explicit and hence conveys *intend*.
>

But it [any of those options] will never alert you to a violation of that
precondition. Making std::size_t unsigned is a mistake IMO.

> In conclusion: These warnings are about suspicious code that *needs* to
> be inspected.
>

If you do as Emil proposes, run a debug build with [that type of] asserts
you'll **know** that **your** surrounding code [or **your** input ] is
wrong and you'll **know** something needs fixing (not with a cast, but
**your** [surrounding] logic). To me his [Emil's] argument is convincing,
casting just hides the problem, and since it's hidden, now you'll have to
go try and find it, i.e. more time spent debugging [coz you just shot
yourself in the foot and you don't know where the gun is (carrying a
concealed weapon is a criminal offense in the US AFAIK ;-) )].

We should have a dynamic_assert b.t.w., i.e. the converse of static_assert
(in C++, not the C macro).

degski

-- 
*“If something cannot go on forever, it will stop" - Herbert Stein*

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk