On Thu 2022-02-03 13:49:02, Waiman Long wrote: > On 2/3/22 10:46, Vlastimil Babka wrote: > > On 2/2/22 21:30, Waiman Long wrote: > > > The snprintf() function can return a length greater than the given > > > input size. That will require a check for buffer overrun after each > > > invocation of snprintf(). scnprintf(), on the other hand, will never > > > return a greater length. By using scnprintf() in selected places, we > > > can avoid some buffer overrun checks except after stack_depot_snprint() > > > and after the last snprintf(). > > > > > > Signed-off-by: Waiman Long <longman@xxxxxxxxxx> > > > Acked-by: David Rientjes <rientjes@xxxxxxxxxx> > > > Reviewed-by: Sergey Senozhatsky <senozhatsky@xxxxxxxxxxxx> > > Looks like this will work, but note that if the purpose of patch 1/4 was > > that after the first scnprintf() that overflows the following calls will be > > short-cut thanks to passing the size as 0, AFAICS that won't work. Because > > scnprintf() returns the number without trailing zero, 'ret' will be 'count - > > 1' after the overflow, so 'count - ret' will be 1, never 0. > > Yes, I am aware of that. Patch 1 is just a micro-optimization for the very > rare case. In theory, we might micro-optimize also the case when "size == 1". Well, I am not sure if it is worth it. After all, the primary use-case is to print the message into a big-enough buffer. Lost information is a bigger problem than the speed ;-) Best Regards, Petr
