On Tue, Jun 01, 2021 at 04:44:00PM +0100, Matthew Wilcox wrote: > On Tue, Jun 01, 2021 at 06:36:41PM +0300, Andy Shevchenko wrote: > > On Tue, Jun 1, 2021 at 6:32 PM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > > > On Tue, Jun 01, 2021 at 02:42:15PM +0000, Justin He wrote: > > > > ... > > > > > Just don't put anything > > > in the buffer if the user didn't supply enough space. As long as you > > > get the return value right, they know the string is bad (or they don't > > > care if the string is bad) > > > > It might be that I'm out of context here, but printf() functionality > > in the kernel (vsprintf() if being precise) and its users consider > > that it should fill buffer up to the end of whatever space is > > available. > > Do they though? What use is it to specify a small buffer, print a > large filename into it and then use that buffer, knowing that it wasn't > big enough? That would help decide whether we should print the > start or the end of the filename. > > Remember, we're going for usefulness here, not abiding by the letter of > the standard under all circumstances, no matter the cost. At least > partially because we're far outside the standard here; POSIX does > not specify what %pD does. > > "The argument shall be a pointer to void. The value of the > pointer is converted to a sequence of printable characters, in an > implementation-defined manner." All nice words, but don't forget kasprintf() or other usages like this. For the same input we have to have the same result independently on the room in the buffer. So, if I print "Hello, World" I should always get it, not "Monkey's Paw". I.o.w. snprintf(10) ==> "Hello, Wor" snprintf(5) ==> "Hello" snprintf(2) !=> "Mo" snprintf(1) !=> "M" snprintf(1) ==> "H" Inconsistency here is really not what we want. -- With Best Regards, Andy Shevchenko