Some observations: * Does -fprintf-return-value allow for the possibility of snprintf failing because of a memory allocation failure and so returning -1 when GCC computed bounds on what it could return if successful?
* It looks like you convert to (signed/unsigned) char for %hh formats, etc. Now, there is the possibility that the value passed was actually of type int, and out of range for those types. And there is the possibility that the implementation might not itself convert those values to char / short (glibc didn't until 2006) - passing a value outside the range of the relevant type seems likely undefined behavior, so implementations may not actually need to convert, and there's an open question about whether the value actually needs to have been promoted from char/short in the caller (see my <https://www.polyomino.org.uk/computer/c/pre-dr-6a.txt>). I don't know if you wish to allow at all for this issue. -- Joseph S. Myers jos...@codesourcery.com
