From: Alejandro Colomar <alx@kernel.org>
To: Daniel Thompson <daniel@riscstar.com>
Cc: Martin Uecker <uecker@tugraz.at>,
Christopher Bazley <chris.bazley.wg14@gmail.com>,
Alex Celeste <alexg.nvfp@gmail.com>,
Joseph Myers <josmyers@redhat.com>,
Aaron Ballman <aaron@aaronballman.com>,
Douglas McIlroy <douglas.mcilroy@dartmouth.edu>,
Bruno Haible <bruno@clisp.org>, Paul Eggert <eggert@cs.ucla.edu>,
Florian Weimer <fweimer@redhat.com>,
Jonathan Corbet <corbet@lwn.net>, Kees Cook <kees@kernel.org>,
Eric Biggers <ebiggers@kernel.org>,
Ard Biesheuvel <ardb@kernel.org>,
Daniel Thompson <danielt@kernel.org>,
Daniel Lundin <daniel.lundin.mail@gmail.com>,
"Valentin V. Bartenev" <vbartenev@gmail.com>,
Andrew Clayton <andrew@digital-domain.net>,
"Brian W. Kernighan" <bwk@cs.princeton.edu>,
"G. Branden Robinson" <branden@debian.org>,
"Basil L. Contovounesios" <basil@contovou.net>,
"Jason A. Donenfeld" <jason@zx2c4.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
onf <onf@disroot.org>, Rich Felker <dalias@libc.org>,
linux-hardening@vger.kernel.org
Subject: Re: [RFC v3 5/6] alx-0081r2 - array parameters of 0 elements
Date: Wed, 28 Jan 2026 16:21:03 +0100 [thread overview]
Message-ID: <aXooSDxHbpewFzgQ@devuan> (raw)
In-Reply-To: <aXnhf9uAvyJbQfcn@aspen.lan>
[-- Attachment #1: Type: text/plain, Size: 1757 bytes --]
Hi Daniel,
On 2026-01-28T10:14:23+0000, Daniel Thompson wrote:
> On Mon, Jan 26, 2026 at 01:49:16PM +0100, Alejandro Colomar wrote:
> > Proposed wording
> > Based on N3685.
> >
> > 6.7.7.3 Array declarators
> > @@ Constraints, p1
> > In addition to optional type qualifiers and the keyword static,
> > the [ and ] can delimit an expression or *.
> > If they delimit an expression,
> > called the array length expression,
> > the expression shall have an integer type.
> > If the expression is a constant expression,
> > -it shall have a value greater than zero.
> > +it shall have a nonnegative value.
> > +An array length expression
> > +that is a constant expression with value zero
> > +shall appear only in
> > +a declaration of a function parameter with an array type,
> > +and then only in the outermost array type derivation.
>
> This change did not have any motivating example within the discussion.
> Providing a motivational example showing why it is useful to allow array
> parameters whose constant length is zero would be good.
Makes sense; I'll add that.
Here's a function that I use in shadow-utils:
char *
stpecpy(char dst[], const char end[];
char dst[dst?end-dst:0], const char end[0], const char *restrict src)
{
ssize_t dlen;
if (dst == NULL)
return NULL;
dlen = strtcpy(dst, src, end - dst);
if (dlen == -1)
return NULL;
return dst + dlen;
}
It's essentially the same as Plan9's strecpy(2), except that Plan9's
API has an important bug.
Here's a GCC bug that shows such a use case:
<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108036>
Have a lovely day!
Alex
> Daniel.
--
<https://www.alejandro-colomar.es>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2026-01-28 15:21 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <aXZM5O2mU2e3LJBJ@devuan>
2026-01-26 12:48 ` [RFC v3 0/6] Improve function parameters in ISO C2y Alejandro Colomar
2026-01-26 12:48 ` [RFC v3 1/6] alx-0077r3 - disallow function parameters of function type Alejandro Colomar
2026-01-26 12:48 ` [RFC v3 2/6] alx-0076r3 - incompatible array parameters Alejandro Colomar
2026-01-26 12:48 ` [RFC v3 3/6] alx-0078r2 - [static n] shouldn't access more than n elements Alejandro Colomar
2026-01-28 9:54 ` Daniel Thompson
2026-01-28 15:14 ` Alejandro Colomar
2026-01-26 12:49 ` [RFC v3 4/6] alx-0079r2 - [static n] == non-null [n] Alejandro Colomar
2026-01-26 12:49 ` [RFC v3 5/6] alx-0081r2 - array parameters of 0 elements Alejandro Colomar
2026-01-28 10:14 ` Daniel Thompson
2026-01-28 15:21 ` Alejandro Colomar [this message]
2026-01-26 12:49 ` [RFC v3 6/6] alx-0080r1 - [static] without array length expression Alejandro Colomar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aXooSDxHbpewFzgQ@devuan \
--to=alx@kernel.org \
--cc=aaron@aaronballman.com \
--cc=alexg.nvfp@gmail.com \
--cc=andrew@digital-domain.net \
--cc=ardb@kernel.org \
--cc=basil@contovou.net \
--cc=branden@debian.org \
--cc=bruno@clisp.org \
--cc=bwk@cs.princeton.edu \
--cc=chris.bazley.wg14@gmail.com \
--cc=corbet@lwn.net \
--cc=dalias@libc.org \
--cc=daniel.lundin.mail@gmail.com \
--cc=daniel@riscstar.com \
--cc=danielt@kernel.org \
--cc=douglas.mcilroy@dartmouth.edu \
--cc=ebiggers@kernel.org \
--cc=eggert@cs.ucla.edu \
--cc=fweimer@redhat.com \
--cc=jason@zx2c4.com \
--cc=josmyers@redhat.com \
--cc=kees@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=onf@disroot.org \
--cc=torvalds@linux-foundation.org \
--cc=uecker@tugraz.at \
--cc=vbartenev@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.