Re: [PATCH libcrypto 1/2] array_size: introduce min_array_size() function decoration

[Jason A. Donenfeld]

On Tue, Nov 18, 2025 at 03:24:35PM -0800, Eric Biggers wrote:
> On Tue, Nov 18, 2025 at 06:02:39PM +0100, Jason A. Donenfeld wrote:
> > diff --git a/include/linux/array_size.h b/include/linux/array_size.h
> > index 06d7d83196ca..8671aee11479 100644
> > --- a/include/linux/array_size.h
> > +++ b/include/linux/array_size.h
> 
> I think compiler.h would be a better place?

That was my initial idea, but then I saw that array_size.h got split
out, and this seemed be on the topic...

> 
> > @@ -10,4 +10,11 @@
> >   */
> >  #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
> >  
> > +/**
> > + * min_array_size - parameter decoration to hint to the compiler that the
> > + *                  passed array should have at least @n elements
> > + * @n: minimum number of elements, after which the compiler may warn
> > + */
> > +#define min_array_size(n) static n
> 
> "after which" => "below which"

Er, thanks.

> 
> Anyway, I actually have a slight preference for just using 'static n'
> directly, without the unnecessary min_array_size() wrapper.  But if
> other people prefer min_array_size(), that's fine with me too.  At least
> this is what Linus asked for
> (https://lore.kernel.org/linux-crypto/CAHk-=wj6J5L5Y+oHc-i9BrDONpSbtt=iEemcyUm3dYnZ3pXxxg@xxxxxxxxxxxxxx/).

There's also this other approach from 2001 that the C committee I guess
shot down: https://www.open-std.org/jtc1/sc22/wg14/www/docs/dr_205.htm
It is basically:

    #define __at_least static

We could attempt to do the same with `at_least`...

It kind of feels like we're just inventing a language at that point
though.

Jason