While looking into bug 92666 I noticed the following false positive in C (it can be reproduced in C++ making the pointer non-const so it doesn't get folded). By being implemented fully in the front-end the warning doesn't see that the nullptr variable is, in fact, a null pointer. $ cat t.c && cat t.c && gcc -S -Wall t.c void f (void) { const char* const null = 0; __builtin_execl ("foo", "bar", null); } void f (void) { const char* const null = 0; __builtin_execl ("foo", "bar", null); } t.c: In function ‘f’: t.c:5:3: warning: missing sentinel in function call [-Wformat=] 5 | __builtin_execl ("foo", "bar", null); | ^~~~~~~~~~~~~~~
possibly related: bug 38481