Hi Martin, On 11/13/22 14:19, Alejandro Colomar wrote:
But there are not only syntactical problems, because also the type of the parameter might become relevant and then you can get circular dependencies: void foo(char (*a)[sizeof *.b], char (*b)[sizeof *.a]);This seems to be a difficult stone in the road.I am not sure what would the best way to fix it. One could specifiy that parameters referred to by the .identifer syntax must of some integer type and that the sub-expression .identifer is always converted to a 'size_t'.That makes sense, but then overnight some quite useful thing came to my mind that would not be possible with this limitation:<https://software.codidact.com/posts/285946> char * stpecpy(char dst[.end - .dst], char *src, char end[1]) { for (/* void */; dst <= end; dst++) { *dst = *src++; if (*dst == '\0') return dst; } /* Truncation detected */ *end = '\0'; #if !defined(NDEBUG) /* Consume the rest of the input string. */ while (*src++) {}; #endif return end + 1; }
And I forgot to say it: Default promotions rank high (probably the highest) in my list of most hated features^Wbugs in C. I wouldn't convert it to size_t, but rather follow normal promotion rules.
Since you can use anything between INTMAX_MIN and UINTMAX_MAX for accessing an array (which took me some time to understand), I'd also allow the same here. So, the type of the expression between [] could perfectly be signed or unsigned.
So, you could use size_t for very high indices, or e.g. ptrdiff_t if you want to allow negative numbers. In the function above, since dst can be a pointer to one-past-the-end (it represents a previous truncation; that's why the test dst<=end), forcing a size_t conversion would disallow that syntax.
Cheers, Alex -- <http://www.alejandro-colomar.es/>
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature