diff --git a/CODING_STYLE b/CODING_STYLE
index b230a01..f190960 100644
--- a/CODING_STYLE
+++ b/CODING_STYLE
@@ -180,3 +180,13 @@ so instead of e.g. isalnum you should use qemu_isalnum.

 Because of the memory management rules, you must use qemu_strdup/qemu_strndup
 instead of plain strdup/strndup.
+
+9. Printf-style functions
+
+Whenever you add a new printf-style function, i.e., one with a format
+string argument and following "..." in its prototype, be sure to use
+gcc's printf attribute directive in the prototype.
+
+This makes it so gcc's -Wformat and -Wformat-security options can do
+their jobs and cross-check format strings with the number and types
+of arguments.