> This is a C99 feature that helps with static analysis. > > > If the keyword `static` also appears within the `[` and `]` of the array > > type derivation, then for each call to the function, the value of the > > corresponding actual argument shall provide access to the first element of > > an array with at least as many elements as specified by the size expression. > > See _Array declarators_ and _Function declarators_ from the C standard. > > It is not supported by MSVC: [C11: static inside array parameter > square > brackets](https://developercommunity.visualstudio.com/t/C11:-static-inside-array-parameter-squar/1475168). > > Both gcc and clang warn if `NULL` or if an array too small is passed > to the function. Interestingly gcc also warns in the non-static case > if an array too small is passed. cppcheck considers in both cases that > the array has a fixed size and warns for out-of-bounds accesses. > > I'm suggesting adding an AC_C_STATIC_ARRAY_DECLARATOR macro, defined > to static, or empty. I've tentatively written a macro modelled after > AC_C_FLEXARRAY, attached to this mail. > > The name of the macro can, as it should, be bikeshedded. I'm not too > sure how m4 processes the [ and ] in the description.
Gentle ping; this is useful for a trick from Modern C, 3rd edition, from Jens Gustedt. See 5.4-2. https://inria.hal.science/hal-02383654v2/file/modernC.pdf > 2) We use array notation for pointer parameters.: We do so wherever these > assume that the pointer can’t be null. Some examples are as follows: > > /* These emphasize that the arguments cannot be null. */ > size_t strlen(char const string[static 1]); > > /* Compatible declaration for the same function. */ > size_t strlen(const char *string); > > The first example stresses the fact that strlen must receive a valid > (non-null) pointer and will access at least one element of string. Maybe there's not a real need for this in Autoconf, I thought I'd share the neat trick nonetheless. -- Antonin
