Hi Paul, On Sun, Dec 14, 2025 at 11:52:08AM -0800, Paul Eggert wrote: > On 2025-12-14 11:17, Alejandro Colomar wrote: > > > What wanted Thien-Thi exactly? If they wanted the non-null implications > > of [static n], it can use [n] combined with [[gnu::nonnull()]]. I see > > no reasons to use [static n] ever. > > Unfortunately I don't know what Thien-Thi wanted exactly and it's too late > to ask now. > > Suppose it was Gustedt's trick, though. In that case, combining [n] with > [[gnu::nonnull()] does not mean the same thing as [static n], because the > latter means you can access the first n elements but the former does not.
It depends which dialect you're talking. In GNU C, [n] means you can access the first n elements. > Presumably you mean to change this in the next C standard, but Thien-Thi was > working with what he had. Indeed, I'm working on standardizing this. But GNU C is already here. At least, I'd suggest that gnulib uses [n] in GCC, and leaves [static n] for those crappy dialects where [n] means nothing. > > If you use -fno-delete-null-pointer-checks, the dangers of > > [[gnu::nonnull()]] vanish, and you only get the good parts of it. > > Oh, but I like those dangers! For functions like execl I want static > checking to let the compiler optimize, and I don't want code to depend on > poor optimization to do unnecessary runtime checking. The problem is that static checking of null pointers is incomplete, or so I remember. It's been a long time since I last checked that. > I can't see a reason > to use -fno-delete-null-pointer-checks, except to implement poorly-designed > legacy APIs like execl for callers that insist on runtime checking even > though the static checking is better. You still get static checking with [[gnu::nonnull()]] and -fno-delete-null-pointer-checks. I don't use -fno-delete-null-pointer-checks to remove dynamic checks, but to not allow the compiler to abuse UB in the few cases where the compiler is unable to diagnose. Have a lovely night! Alex -- <https://www.alejandro-colomar.es>
signature.asc
Description: PGP signature
