What's noteworthy is that the compiler isn't required to generate a warning if the array is too small. That's just GCC being generous with its help. The official stance is that it's simply undefined behaviour to pass a pointer to an object which is too small (yes, only to pass, even if you don't access it).

There are perhaps only 3 numbers: 0, 1, and lots. A fair argument might be made that 2 also exists, but for anything higher, you need to think about your abstraction.

    #include <stddef.h>
    void foo(size_t n, int b[static n]);

It is not limited to compile-time constants. Doesn't work in clang, sadly.

For reference: https://digitalmars.com/articles/C-biggest-mistake.html

You could just declare

    struct Nonce {
        char nonce_data[SIZE_OF_NONCE];
    }

"There was a unanimous vote that the feature is ugly, and a good consensus that its incorporation into the standard at the 11th hour was an unfortunate decision." - Raymond Mak (Canada C Working Group), https://www.open-std.org/jtc1/sc22/wg14/www/docs/dr_205.htm

The problem is that they are attractive for reducing repeated declarations:

  typedef unsigned char thing_t[THING_SIZE];

  struct red_box_with_a_hook {
     thing_t thing1, thing2;
  }

  void shake_hands_with(thing_t *thing);

It looks as if thing_t can be passed by value, but since it is an array, it sneakily isn't passed by value:

  void catch_with_net(thing_t thing);  // thing's type is actually "usnsigned char *"

  // ...
    unsigned char x[42]];
    catch_with_net(x);        // pointer to first element passed; type checks

https://developer.arm.com/community/arm-community-blogs/b/em...

https://clang.llvm.org/docs/AttributeReference.html#counted-...