Login/Register
Is it legal to pass va_list as a reference to a function in C++?
Asked Answered
c++pass-by-referencevariadic-functions
D

1

15

Upon code review/clang-tidy runs, I came across a function with a signature like this:

void appendFoo(const char * fmt, va_list& rVaList);

I have never seen this before. Afaik, you can pass va_list by value (and maybe by pointer?).

This brings me to my first question: Is passing va_list by reference legal and does it work as expected?

Anyway, appendFoo() calls vsprintf() in its definition and clang-tidy gave the following warning: Function 'vsprintf' is called with an uninitialized va_list argument [clang-analyzer-valist.Uninitialized]. The definition of appendFoo() look basically like this:

void appendFoo(const char * fmt, va_list& rVaList) {
  // retracted: allocate buffer

  vsprintf(buffer, fmt, rVaList);

  // errorhandling
  // de-allocate buffer
}

(Yes, the return value of vsprintf is ignored and errors are "handled" another way. I'm fixing it ...)

In particular, no va_copy, va_start, etc. are called.

Removing the reference and passing va_list by value, i.e. changing the signature to void appendFoo(const char * fmt, va_list rVaList);, eliminates the clang-tidy warning.

This brings me to my second question: Is the warning produced by clang-tidy if va_list is passed by reference a false-positive or is there is actually a problem in passing va_list as reference?

PS: This question is not a duplicate of varargs(va_list va_start) doesn't work with pass-by-reference parameter. The OP of that question passes an argument by reference to a function taking a va_list. I'm asking about va_list itself being passed as a reference. Oh, well.

Donkey answered 13/2, 2023 at 14:1 Comment(13)
In my opinion va_list should not be used in C++ at all (it is a "C" relic that is not typesafe, prone to errors/safety issues etc.). You should use templates with parameter packs : en.cppreference.com/w/cpp/language/parameter_pack, and forget all about va_listFlareup
I think this is illegal. Because va_list definition is unspecified : en.cppreference.com/w/c/variadic/va_list I guess an implementation is free to use something incompatible with references (although I cannot find an example).Inapplicable
Unlike @PepijnKramer, I don't think we should avoid va_list at C++. But use them very carefully. On our C++ code base, string formatting functions are variadic template functions building up a type string, that is passed by to a private variadic C function. Inspired from here (but heavily enhanced afterwards): gist.github.com/deplinenoise/6297411Inapplicable
Nice question! Also take a look at the tour and the How to Ask page.Weeping
@Inapplicable are there types that are incompatible with references?Gemstone
That seems like either a false positive (since passing a pointer is valid, I would expect the same from a reference) or a problem with how you're calling appendFoo.Termless
@GiovanniCerretani: if va_list is implemented as a macro, chances are that using it with a reference could lead to unexpected results...Vulnerable
va_list cannot be implemented as a macro, it must be a complete object type. Anyway, I asked a similar question, you may find some details in the comments of this answer: https://mcmap.net/q/826473/-va_list-passed-to-a-function-using-va_arg-is-not-working In short: since it is unclear if it is legal to use references to va_list, use pointers to va_list that are allowed as per C standard.Gemstone
The question is not a duplicate. It is about passing va_list itself as reference, the other question talks about the second argument passed to va_start.Gemstone
@GiovanniCerretani I have re-opened itCyndie
There is no gain in passing va_list by reference. It's just a pointer.Stuartstub
I see no reason to believe that it wouldn't work. As was mentioned above, va_list must be a complete object type, so references to it can't behave strangely. It can't be something like void (where forming a reference would be ill-formed).Fault
"In particular, no va_copy, va_start, etc. are called" - Not calling va_start and va_end is certainly a bug - it's UB to not do so.Beggarly
S
2

Yes, it is allowed. Firstly, [cstdarg.syn] states:

The contents of the header are the same as the C standard library header <stdarg.h>, with the following changes:

  • [...]

None of the restrictions here disallow forming a reference to a std::va_list.

Relevant wording in the C standard

The answer lies in the C17 standard, 7.16 Variable arguments <stdarg.h>, p3:

The type declared is

va_list

which is a complete object type suitable for holding information needed by the macros va_start, va_arg, va_end, and va_copy. If access to the varying arguments is desired, the called function shall declare an object (generally referred to as ap in this subclause) having type va_list. The object ap may be passed as an argument to another function; if that function invokes the va_arg macro with parameter ap, the value of ap in the calling function is indeterminate and shall be passed to the va_end macro prior to any further reference to ap.257)

257) It is permitted to create a pointer to a va_list and pass that pointer to another function, in which case the original function may make further use of the original list after the other function returns.

Essentially, passing a std::va_list by pointer allows the callee to use the std::va_list as if we had used it in our own function. Since std::va_list is a complete object type, binding a reference to it is possible.

It's also worth noting that pointers and references are identical in the ABI, so both result in passing a memory address to a function and behave more or less the same.

See also: Pass va_list or pointer to va_list?

Passing va_list by reference is pointless in your case

However, the use of a reference to std::va_list is pointless in your example:

void appendFoo(const char * fmt, va_list& rVaList) {
    vsprintf(buffer, fmt, rVaList);
}

The issue is that std::vsprintf accepts a std::va_list by value, so when it calls va_arg internally, the std::va_list in the caller of appendFoo becomes indeterminate.

You could have just as well passed std::va_list by value, which would have been no worse.

About clang-tidy

The rule you're presumably talking about is cppcoreguidelines-pro-type-vararg which flags all uses of C variadics.

You're not directly calling va_arg, so it's not entirely clear if your use should be flagged. Overall, it's not surprising though, and you probably want to disable this check if you're working with C variadics.

When does it make sense to pass va_list by reference or pointer?

It makes sense if you want to keep using the list in the caller of the function:

std::array<int, 3> get_triple(std::va_list& args_ref) {
    return {
        va_arg(args_ref, double), va_arg(args_ref, double), va_arg(args_ref, double)
    };
}

// ...
std::va_list args;
va_start(args, /* ... */);
auto [x, y, z] = get_triple(args);
auto [u, v, w] = get_triple(args); // OK, would be UB if we passed by value
// ...

If we hadn't passed args_ref by reference, then the use of va_arg in get_triple would have made args indeterminate.

Stratfordonavon answered 1/9, 2023 at 9:59 Comment(0)

© 2022 - 2025 — McMap. All rights reserved.