https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111219
Bug ID: 111219
Summary: -Wformat-truncation false negative with %p modifier
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: ndesaulniers at google dot com
Target Milestone: ---
I noticed that -Wformat-truncation was disabled in the linux kernel.
commit bd664f6b3e37 ("disable new gcc-7.1.1 warnings for now")
I was curious since I was unfamiliar with that flag. I filed a bug against
clang to look into implementing something similar.
https://github.com/llvm/llvm-project/issues/64871
They extended their existing -Wfortify-source flag instead (*sigh*), but we
noticed now in the Linux kernel that `-Wfortify-source` is flagging a few cases
where kernel devs have added custom format flags for pretty printing oft-used
data structures, which is tripping up this warning, since these format
specifiers are not part of the language standard.
A recent kernel patch looks to re-enable -Wformat-truncation for W=1 kernel
builds. Nathan noticed that GCC is not warning for the %p related flags,
whereas clang is (with -Wfortify-source).
I don't think GCC's current behavior is intentional?
For example, consider the following code:
```
void foo (void *x) {
char dst [1];
__builtin_snprintf(dst, sizeof(dst), "%p", x);
}
```
Clang-18 (trunk, not yet released, after
https://github.com/llvm/llvm-project/commit/0c9c9dd9a24f9d715d950fef0ac7aae01437af96)
with -Wfortify-source will warn:
```
tmp.c:3:5: warning: 'snprintf' will always be truncated; specified size is 1,
but format string expands to at least 4 [-Wfortify-source]
3 | __builtin_snprintf(dst, sizeof(dst), "%p", x);
| ^
```
GCC with -Wformat-truncation does not warn, but I think it should.
