[snip]
I assume you mean "static_cast<long long>" here, as in the subject of
the message. If not, you can probably ignore this message entirely. If
so, 4.9p2 of the standard says:

"A prvalue of a floating point type can be converted to a prvalue of an
integer type. The conversion truncates; that is, the fractional part is
discarded. The behavior is undefined if the truncated value cannot be
represented in the destination type."

Since std::numeric_limits<double>::max() doesn't fit in a long long, the
behavior is undefined, and so anything can happen.
The main problem is that the cast you've specified isn't a narrowing
cast at all! The range of a double is (much!) greater than that of long
long (assuming sizeof(long long) == 8). In an actual narrowing cast,
static_cast<U>(max_value) would be a *widening* cast, and so should be
safe. However, since you're actually calling safe_narrowing_cast to
*widen*, you've caused static_cast<U>(max_value) to be an unsafe
narrowing cast.

To solve this, you could static_assert that you're actually performing a
narrowing cast, i.e.:

std::numeric_limits<T>::max() < std::numeric_limits<U>::max()

You could also select an implementation based on whether the cast is
narrowing or widening by using enable_if.

- Jim

Undefined behavior. C and C++ love making lots of integer operations
undefined behavior, even if you assume 2's complement semantics. In the
case of floating point numbers, both floating point-to-integer and
integer-to-floating point conversions are undefined if they exceed the
range of permissible conversions, and what you're seeing is a
manifestation of that.

In the case of converting integers to floating points, the only possible
conversions that can exceed the floating point range are 64-bit (or
128-bit) integers being converted to half-precision floating point and
128-bit integers being converted to single-precision, but those both
involve non-standard types and are usually safely ignorable.

The conversion of a number to a signed integral type that lies outside
the allowable range invokes undefined behavior. typically it works by
taking the lower bits (similar to the required behavior with unsigned),
which allows the result to be negative.

Your function only really "works" for narrowing casts (where
std::numeric_limits<T>::max < std::numeric_limits<U>::max). Note that
the cases where the conversion of max_vaue may fail, are also the cases
where the conversion of value can't fail. Basically, the problem is that
your safe_narrowing_cast does an unsafe cast if you are doing a widening
cast.

Others already explained that it is outcome of undefined
behavior that you see here.
Your template is too naive for that goal. Lets dump it and
try to get rid of all the ill that unsigned types cause to us
(if you ever use those) and also take minimums of value
ranges into account? That may do it (haven't tested):

template<typename T, typename F>
typename std::enable_if< std::is_signed<T>::value
&& std::is_signed<F>::value
, bool>::type canConvert(const F f)
{
return std::numeric_limits<T>::min() <= f
&& std::numeric_limits<T>::max() >= f;
}

template<typename T, typename F>
typename std::enable_if< std::is_unsigned<T>::value
&& std::is_signed<F>::value
, bool>::type canConvert(const F f)
{
return f >= 0
&& f <= std::numeric_limits<T>::max();
}

template<typename T, typename F>
typename std::enable_if< std::is_unsigned<F>::value
, bool>::type canConvert(const F f)
{
return f <= std::numeric_limits<T>::max();
}

So ... now we can likely 'assert( canConvert<T,U>(value));' in
that 'safe_cast'. For me it looks still too few to call it "safe".
The 'numeric_limits' 'min()' and 'max()' of underlying types
are almost never anywhere close to limits of actual meaningful
values within application. However I trust there are no UB
anymore.