There is an opaque structure that I want to rewrite a function for:
// Set.h
typedef struct Set Set;
void Set_Function(Set* self);
I would like to modify the function to indicate to the developer that a pointer equal to (void*) 0 is not permitted:
void Set_Function(Set self[static 1]);
However, Clang complains that I have an incomplete array type.
Is this functionality possible, or do I have to keep the original function declaration and manually check for (void*) 0 pointers?
Edit for the people in the comments:
Modern C by Jens Gustedt suggests the following on page 204:
Functions that receive pointers should use array syntax and distinguish different cases:
- A pointer to a single object of the type – These functions should use the static 1 notation and thus indicate that they expect a pointer that is non-null:
void func ( double a[ static 1]) ;
- A pointer to a collection of objects of known number – These functions should use the static N notation and thus indicate that they expect a pointer that points to at least that number of elements:
void func ( double a[ static 7]) ;
- A pointer to a collection of objects of unknown number – These functions should use the VLA notation:
void func ( size_t n, double a[n]) ;
- A pointer to a single object of the type or a null pointer – Such a function must guarantee that even when it receives a null pointer, the execution remains in a defined state:
void func ( double * a) ;
Compiler builders only start to implement checks for these cases, so your compiler probably will not yet detect such errors. Nevertheless, writing these down and make them clear for yourself will help you to avoid out-of-bounds errors.
There are few points to considers:
void Set_Delete(Set self[]);. But this will have some limit in usage in future.