The following program has undefined behavior:
#include <stdio.h>
int main(void)
{
unsigned int x = -100; // This is fine, becomes UINT_MAX - 100
printf("%d\n", x); // This is undefined behavior.
return 0;
}
C99 7.19.6.1p8 states %d expects an int argument.
C99 7.19.6.1p9 states "If any argument is not the correct type for the corresponding conversion specification, the behavior is undefined."
However, gcc -Wformat
(which is included with -Wall
) will not complain about the above program, why? Is this a bug, or a deliberate omission?
From the gcc manpage:
-Wformat
Check calls to "printf"
and "scanf"
, etc., to make sure that the arguments supplied have types appropriate to the format string specified, and that the conversions specified in the format string make sense
My best guess is that the warning is skipped because the UB is arguably invoked by the value and not merely by the type.
va_arg
allows the signedness to mismatch as long as the value is representable in both the signed and unsigned type. However,printf
and friends are not specified in terms ofva_arg
and the standard states that any type mismatch results in UB, but this is probably a bug in the standard. Otherwise,printf("%x",1);
would invoke UB. See my question on the topic:Does printf("%x",1) invoke undefined behavior?