JDK-8198918 : jio_snprintf and friends are not checked by -Wformat
  • Type: Enhancement
  • Component: hotspot
  • Sub-Component: runtime
  • Affected Version: 11
  • Priority: P4
  • Status: Open
  • Resolution: Unresolved
  • OS: generic
  • CPU: generic
  • Submitted: 2018-03-01
  • Updated: 2025-06-30
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 26
26Unresolved
Related Reports
Blocks :  
JDK-8360177 - ParallelArguments::initialize has incorrect format string
Blocks :  
JDK-8361086 - JVMCIGlobals::check_jvmci_flags_are_consistent has incorrect format string
Blocks :  
JDK-8360178 - TestArguments.atojulong gtest has incorrect format string
Blocks :  
JDK-8361085 - MemoryReserver log_on_large_pages_failure has incorrect format usage
Blocks :  
JDK-8360281 - VMError::error_string has incorrect format usage
Relates :  
JDK-5097226 - Audit use of OS strings in native code for decoding errors
Relates :  
JDK-8272877 - Java VM warning messages are not printed using the vfprintf hook
Description
jio_snprintf and associated functions take format strings and arguments, but are not annotated as format functions in jvm.h, so the validation performed by gcc's -Wformat are not applied to them.  They have the associated attributes on the definitions in the .cpp file, but that's fairly useless.

HotSpot code can (as of JDK-8196882) instead use os::snprintf and friends, which have the associated attributes declared in os.hpp.  It may be that HotSpot code should prefer the os functions.

However, that doesn't help non-HotSpot code that really does need to use the jio_ functions.  And jvm.h doesn't seem to have the kind of platform-dependency layer that allows HotSpot to conditionally provide those attributes.
Comments
> And jvm.h doesn't seem to have the kind of platform-dependency layer that allows HotSpot to conditionally provide those attributes. Sure it does: jvm_md.h
25-06-2025
/* * optionString may be any option accepted by the JVM, or one of the * following: * * -D<name>=<value> Set a system property. * -verbose[:class|gc|jni] Enable verbose output, comma-separated. E.g. * "-verbose:class" or "-verbose:gc,class" * Standard names include: gc, class, and jni. * All nonstandard (VM-specific) names must begin * with "X". * vfprintf extraInfo is a pointer to the vfprintf hook. * exit extraInfo is a pointer to the exit hook. * abort extraInfo is a pointer to the abort hook. */ typedef struct JavaVMOption { char *optionString; void *extraInfo; } JavaVMOption; TIL There's a vfprintf hook.
10-06-2025
I have an old experimental patch to address at least some of this. Trying it out, it looks like there are about 20 warnings from hotspot and 5 from elsewhere in the JDK. Most look easy to address, and at a quick glance a couple look like they might be actual bugs. So reopening and assigning to me.
27-12-2024
Runtime Triage: This is not on our current list of priorities. We will consider this feature if we receive additional customer requirements.
10-01-2024
There are cases where the jio_xxxprintf is used with 'char *' arguments rather than string literals. Therefore, it is not possible to use compiler warnings in these cases.
07-11-2023
A pull request was submitted for review. URL: https://git.openjdk.org/jdk/pull/15918 Date: 2023-09-26 11:46:19 +0000
26-09-2023
jio_fprintf and friends (the print to a file functions) are not equivalent to os::fprintf and friends. The jio_ functions are affected by the "vfprintf" command line argument from JNI_CreateJavaVM.
02-08-2020