http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50154
Bug #: 50154 Summary: attribute printf and scanf should imply attribute nonnull Classification: Unclassified Product: gcc Version: 4.6.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c AssignedTo: unassig...@gcc.gnu.org ReportedBy: br...@clisp.org Created attachment 25076 --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=25076 test case When a function is declared as taking a printf or scanf format string, gcc gives a warning when a format string with invalid syntax is passed. It should also give a warning when a NULL format string is passed. How to reproduce: Save the test case file as foo.c. $ gcc -Wformat=2 -c foo.c [no warning] $ gcc -Wformat=2 -c foo.c -DDECLARE_NONNULL foo.c: In function 'foo': foo.c:10:3: warning: null argument where non-null required (argument 3) [-Wnonnull] Rationale: 1) ISO C 99 specifies that the printf and scanf format strings must be "multibyte character sequences"; that excludes NULL. See ISO C 99 sections 7.19.6.1 paragraph 3 and 7.19.6.2 paragraph 3. 2) Passing NULL as first argument to printf crashes the program on FreeBSD, Solaris, and other platforms.