From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-il1-x130.google.com (mail-il1-x130.google.com [IPv6:2607:f8b0:4864:20::130]) by sourceware.org (Postfix) with ESMTPS id 111853857B91 for ; Tue, 21 Jun 2022 10:16:34 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 111853857B91 Received: by mail-il1-x130.google.com with SMTP id m16so7559925ilf.6 for ; Tue, 21 Jun 2022 03:16:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:content-transfer-encoding:from:mime-version:date :subject:message-id:to; bh=rA6HC04N3MUgFd8zn34+opBQqVk/PXWYyuqo1wIiXdo=; b=YzniDLiNBqG/S0A/85ZYQtKwOR/mQXwU0rWpLpG3An1Dn1awooFLvmfgSsCCpFDh1m vNNG1xqqP/bFLP5M4iBQcsvIk1K5uD5E8JfiJNR5jabWD0LRHjvhGIsiNH3NMqwQbMfE S2LrF1883dJDrwppZAPqU1CzVHjO9VJzkCMPW009AgOMQgsEEGwEpg9iODm4my7GHtj/ 7az6Cu+T4gPvyxIH20qqlO0mkTQ90Pes5ylqzb/esFAHPtmBZeDNLbqbzS3OWkU3/y8D 6lxRmjOxkdmCylBB0ycVygzsyHwaJJC6r2jOLKLArgVKo2T6zEb7xsVfnPggMrop8/HM Xy8w== X-Gm-Message-State: AJIora9wvW1LY1gImPJCG7b7cZ6DFL87782ym3YDJDxdBFUQ6ijbafy0 XeTzdxKAFZbd9NBOEPZt75gHm1IPv+rcLbFi X-Google-Smtp-Source: AGRyM1uD+8mhlm23A2QnRG8odypaK2ByIjGadJ7swPTOx1xKr672FAEgG4GVJRW8EWWUdKJEWKIRIw== X-Received: by 2002:a05:6e02:20c5:b0:2d9:3368:3db1 with SMTP id 5-20020a056e0220c500b002d933683db1mr380846ilq.112.1655806592822; Tue, 21 Jun 2022 03:16:32 -0700 (PDT) Received: from smtpclient.apple ([172.58.139.168]) by smtp.gmail.com with ESMTPSA id f39-20020a022427000000b00331743a983asm6913991jaa.179.2022.06.21.03.16.32 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 21 Jun 2022 03:16:32 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Yair Lenga Mime-Version: 1.0 (1.0) Date: Tue, 21 Jun 2022 06:16:31 -0400 Subject: Safer vararg calls Message-Id: <17F275A7-BDEC-46F3-A6E3-4EBE354771A9@gmail.com> To: gcc@gcc.gnu.org X-Mailer: iPad Mail (19F77) X-Spam-Status: No, score=0.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2022 10:16:36 -0000 Hi, Looking for feedback on the adding new attribute to function calls that will= help create safer vararg functions. Consider the case where a vararg function takes list of arguments of the sam= e type. In my case, there are terminated with a sentinel of null. Char *result =3D delimitedstr(=E2=80=98:=E2=80=99 =E2=80=9Cfoo=E2=80=9D, =E2= =80=9Cbar=E2=80=9D, =E2=80=9Czoo=E2=80=9D, NULL) ; The standard prototype is char * delimitedstr(char delim, char *p1=E2=80=A6) ; Which will currently allow many incorrect calls: delimitedstr(=E2=80=98:=E2=80=99, =E2=80=9Cfoo=E2=80=9D, 5, 7.3, =E2=80=98a= =E2=80=99) ; // bad types + missing sentinel. The __attribute__((sentinel)) can force the last arg to be null. My proposal is to add new attribute ((va_vector)) that will add a check that= all parameters in a vararg list match the typeof the last parameter. So tha= t: __attribute__ ((va_typed)) delimitedstr(char delim, char *p1=E2=80=A6) ; Will flag a call where any of the parameter after p1, is not a string. This can result in cleaner, safer code, without making the calling sequence m= ore difficult, or modifying the behavior of the call. For Java developers, this is basically the same type checking provided by th= e as =E2=80=98datatype =E2=80=A6=E2=80=99 (without the conversion into array= ). I am Looking for feedback, Pointers on how to implement, as I do not have ex= perience with extending gcc. Yair=