On Tue, 21 Jun 2022 at 11:17, Yair Lenga via Gcc <gcc@gcc.gnu.org> wrote: > > Hi, > > Looking for feedback on the adding new attribute to function calls that will > help create safer vararg functions. > > Consider the case where a vararg function takes list of arguments of the same > type. In my case, there are terminated with a sentinel of null. > > Char *result = delimitedstr(‘:’ “foo”, “bar”, “zoo”, NULL) ; > > The standard prototype > is char * delimitedstr(char delim, char *p1…) ; > > Which will currently allow many incorrect calls: > delimitedstr(‘:’, “foo”, 5, 7.3, ‘a’) ; // bad types + missing sentinel. > > The __attribute__((sentinel)) can force the last arg to be null. > > My proposal is to add new attribute ((va_vector)) that will add a check that > all parameters in a vararg list match the typeof the last parameter. So that:
"va_vector" is a bad name IMHO. It tells me nothing about what it means. Does it have something to do with SIMD vectors? > > __attribute__ ((va_typed)) delimitedstr(char delim, char *p1…) ; "va_typed" at least suggests something to do with types, but it doesn't tell me they have to be the same type. > > Will flag a call where any of the parameter after p1, is not a string. In your example NULL does not have the same type as the earlier arguments. You would have to write (char*)NULL to suppress a diagnostic. I also wonder how a mixture of char* and const char* arguments would be handled in your example. > > This can result in cleaner, safer code, without making the calling sequence > more difficult, or modifying the behavior of the call. > > For Java developers, this is basically the same type checking provided by the > as ‘datatype …’ (without the conversion into array). > > I am Looking for feedback, Pointers on how to implement, as I do not have > experience with extending gcc. > > Yair
