WG14 accepted https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3322.pdf at this week's meeting in Minneapolis, allowing various zero-length language and library operations on null pointers in C2Y (in support of the idiom where an empty array may be represented by a null pointer with zero length rather than allocated memory).
As far as I know the language pieces should already work in GCC (NULL + 0, NULL - NULL, NULL <= NULL). So the main implementation question relates to the library pieces, which have both compiler and library implications. nonnull attributes on the affected library functions are no longer correct (either in library headers or on built-in functions), because GCC uses such attributes for optimization and valid code may pass null pointers to these functions when the length passed is zero. So we need to remove the nonnull attributes on those functions (in both GCC and glibc) - and I think that's naturally a language-version-independent change rather than keeping the attributes for pre-C2Y standards. (N3322 was voted onto the list of papers to consider for previous revisions of the standard. I think WG14 is putting too much on that list - I'd like it to be only for things that are unambiguously defects. But while I don't think this is a defect and don't think it belongs on the list, it does nevertheless seem reasonable to support this usage with older language versions in GCC and glibc.) The real question is how to achieve optimal warnings in the absence of the attribute. Should we have a variant of the nonnull attribute that warns for NULL arguments but without optimizing based on them? Or one that warns and potentially optimizes but only optimizes when the size is known to be nonzero? Or do we already have any suitable attribute? (I think warning when the size might be zero is fine, given that actually explicitly passing a null pointer with a zero size is not the intended use of this feature - the feature is only of use when the array might or might not have zero size and you want to avoid the code needing to check for that case.) -- Joseph S. Myers josmy...@redhat.com
