Implicit conversions change data values

A simple assignment or arithmetic expression will generally convert all the terms to the same type. Sometimes this can silently change values. For example, when a signed data variable contains a negative type, assigning to a unsigned type will be permitted by any C/C++ compiler but will be treated as large unsigned value. Most modern compilers will emit a compile time warning when this conversion is performed. The user may then decide to change some data types or apply a static_cast. This is less than satisfactory for two reasons:

It may be unwieldy to change all the types to signed or unsigned.
Littering one's program with static_castmakes it more difficult to read.
We may believe that our signed type will never contain a negative value. If we use a static_cast to suppress the warning, we'll fail to detect a program error when it is committed. This is aways a risk with casts.

This solution is simple, Just replace instances of the intwith safe<int>.

#include <cassert>
#include <stdexcept>
#include <iostream>

#include "../include/safe_integer.hpp"
#include "../include/safe_compare.hpp"

void detected_msg(bool detected){
    std::cout << (detected ? "error detected!" : "error NOT detected! ") << std::endl;
}

int main(int argc, const char * argv[]){
    std::cout << "example 4:";
    std::cout << "undetected underflow in data type" << std::endl;
    std::cout << "Not using safe numerics" << std::endl;
    try{
        unsigned int x = 0;
        // the following silently produces an incorrect result
        --x;
        // because C/C++ implicitly converts mis-matched arguments to int
        // suggests that the operation is correct
        assert(x == -1);
        // even though it's not !!!

        // however, safe_compare does detect the error
        assert(! boost::numeric::safe_compare::equal(x, -1));
        std::cout << x << " != " << -1;
        detected_msg(false);
    }
    catch(...){
        assert(false); // never arrive here
    }
    // solution: replace unsigned int with safe<unsigned int>
    std::cout << "Using safe numerics" << std::endl;
    try{
        using namespace boost::numeric;
        safe<unsigned int> x = 0;
        // decrement unsigned to less than zero throws exception
        --x;
        assert(false); // never arrive here
    }
    catch(std::range_error & e){
        std::cout << e.what();
        detected_msg(true);
    }
    return 0;
}