From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=p/Pc=KQ=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-17.3 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,NICE_REPLY_A,
	SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 001F7C47078
	for <u-boot@archiver.kernel.org>; Fri, 21 May 2021 14:40:28 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 031F261244
	for <u-boot@archiver.kernel.org>; Fri, 21 May 2021 14:40:27 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 031F261244
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=prevas.dk
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 613CE82E45;
	Fri, 21 May 2021 16:40:25 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=reject dis=none) header.from=prevas.dk
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (1024-bit key; unprotected) header.d=prevas.dk header.i=@prevas.dk header.b="GoXAmXil";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id E9E4682E52; Fri, 21 May 2021 16:40:23 +0200 (CEST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com
 (mail-ve1eur03on0716.outbound.protection.outlook.com
 [IPv6:2a01:111:f400:fe09::716])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id CE48082CFE
 for <u-boot@lists.denx.de>; Fri, 21 May 2021 16:40:20 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=reject dis=none) header.from=prevas.dk
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=rasmus.villemoes@prevas.dk
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=T4zR98TegjkRwgo5YFE7bUj3/90bFktWqC5k20uKzgGgDTh49ZPPgYy/oTaJ7TpnK8XuEb/qouNByRUd+LzugdpSA/hVQwFRI486d8aC/H6u9Yw9EjEYK2isdNUa6RqZvvnO9jC0bpP8GVlak+0Z5uwjTHRuK4oKdSuEe4F1gwk2qZGpM5AViOR1BKcwfCbkTweitvsMLsFkAkkyWVTtulRRHzfMwicsID1Yjp7T4dNYBS96k9CPGnxB4YbSohlh9GJtVsIOP9KYYhwvq7/6FsQj5pCbo+TbJW9b5C+ekv0YfMDkRnknINB2ppvbGX8bEdcUbp+7xohEWGlPuH1MNQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ZZyUcVb//gnE9cwv4MMkMSP+px7Uq8HFO/6A7nFMKEE=;
 b=HKUztKAXP2lDAFbkvlwxIwLdCaLUygUd7tHYuQe2MQtQTC1rBmO8r6qwHH5LO+xgmRHOfrWF7MzYJXYsloDQ22oTmo6A3yTymwtpI6YxBaZPdQje9lFTQXXv2mRq/C3M+htc6jh8lDTI6ziw+BOyt7xO/oEb/0vy4TYRv3bE+xlCxf6mtMC3XO+iv1c5VZVDG0o3SVxNIkL8RR6JRaX9H0CyhiT8X19JTe9C2S8nFij3xukJCkYrgG3slsLCniHYO3WkRz3ROxkFw/hNJiuW60kJYk6h35P/wuws6GoU16Klp8ebBFN9/L/t/xVVPkxHoiTdkwwU3JMV/26hLTfPtA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=prevas.dk; dmarc=pass action=none header.from=prevas.dk;
 dkim=pass header.d=prevas.dk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prevas.dk; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ZZyUcVb//gnE9cwv4MMkMSP+px7Uq8HFO/6A7nFMKEE=;
 b=GoXAmXilV9vPlxri9p+3yFULLw+AM8k7YnJX6IYLorCRyhObGD0ig1MgdABmhE28EDb6sW1GElbqsWerG1eSD1yIIGnSi4PbX5iPR1crHC/+cqrHuTar6RZ03SwP2OvflXURN9UC4Zvb1k64KRI2kboj7sWr/CTAMyHiaeRyO+4=
Authentication-Results: chromium.org; dkim=none (message not signed)
 header.d=none;chromium.org; dmarc=none action=none header.from=prevas.dk;
Received: from AM0PR10MB1874.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:3f::10)
 by AM8PR10MB4097.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:1ec::8)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.26; Fri, 21 May
 2021 14:40:18 +0000
Received: from AM0PR10MB1874.EURPRD10.PROD.OUTLOOK.COM
 ([fe80::888d:190b:b3b5:1ad2]) by AM0PR10MB1874.EURPRD10.PROD.OUTLOOK.COM
 ([fe80::888d:190b:b3b5:1ad2%3]) with mapi id 15.20.4129.028; Fri, 21 May 2021
 14:40:18 +0000
Subject: Re: [PATCH 1/5] lib/vsprintf.c: make sure vsnprintf() never returns a
 negative value
To: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>, Tom Rini
 <trini@konsulko.com>, Simon Glass <sjg@chromium.org>
References: <20210520100528.322846-1-rasmus.villemoes@prevas.dk>
 <20210520100528.322846-2-rasmus.villemoes@prevas.dk>
 <CAPnjgZ2T6XPpBENCLCpsuZaZuFqnrxgWUV_=fnx64Y+4gQK4og@mail.gmail.com>
 <e5b8532c-7d5b-d3cd-ddfa-5da697871ffc@prevas.dk>
 <6d1761b1-5129-d5a1-24ba-a27d15c42198@gmx.de>
From: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Message-ID: <a0f67892-cdc5-3ce7-7f8c-578586dc849c@prevas.dk>
Date: Fri, 21 May 2021 16:40:16 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.8.1
In-Reply-To: <6d1761b1-5129-d5a1-24ba-a27d15c42198@gmx.de>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [80.208.71.248]
X-ClientProxiedBy: AM4PR0701CA0018.eurprd07.prod.outlook.com
 (2603:10a6:200:42::28) To AM0PR10MB1874.EURPRD10.PROD.OUTLOOK.COM
 (2603:10a6:208:3f::10)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [192.168.1.149] (80.208.71.248) by
 AM4PR0701CA0018.eurprd07.prod.outlook.com (2603:10a6:200:42::28) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.12 via Frontend
 Transport; Fri, 21 May 2021 14:40:17 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3cc3928c-69e9-4fa2-c5fe-08d91c665a83
X-MS-TrafficTypeDiagnostic: AM8PR10MB4097:
X-Microsoft-Antispam-PRVS: <AM8PR10MB4097DD6F2B08C947B93A3EFD93299@AM8PR10MB4097.EURPRD10.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: I0Jse3ROChIdwdbyy2AXpxWCjR+M7kXG2QPC9ve13SElfhrrM1zldwNf8/KDk6NHgJHSBpwKdnCJyDQMmRp8ekHDqKIIeuBlwGA7Xv5YQSiyjYZH0Wgb3CLFGpWcHGJmi+s71swzGAQvlxx05cKchRCC37vGDqc+9Bdaj0VDCKpt/TEbok1DqcAvJfOIPFgOOTJmqC93WjRuDspLIGan2rdu/axfyEzPImNBzVjVKa27K4Zipk6zrRGgzNR+onHP5ZLLrqEUz6A8ETSmRWilqYZBCvJEc2On+flZhTBWYaUu+AhLrdIu/YO/pf9E0oC7AvJGWUga71p7Sg7/P6RVx4KIA/IQAP0FeSqdmZuj7kWCK3SfKMYCBiPiX8wDysRtL9xv38an6/JYTZpxa+cZBRA546FumwTuFAp+Otl48dt0amXkSvNh77oXEEByRNLJ42930rsLJNBSO1CPkTZp6YzTzjTmqp64uMtB2XIgGbsDQa24x1h8EmjJrp6tpSwvJqezp+kqztpTtZiSGty+Y+Z14Q4XkaSLPX4pp3pe0wQiLTSVlfpEz2PCtq1W7Ct4pFlovkeofc63qHoHtrWF4Mnl4GqR1R1DDXZVmIxsOyEWnycqIQo7TmX4c9oOLgSeYxMricDbvWPpKnxvy+kkjLxPhopA5k3af/k8sj+whTuo9ygBISh+XCGdCVnMadJ8h+LJ7MpxVcHCyQ3BusF018P75vYDXtULUvbzbUqBQ0E=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:AM0PR10MB1874.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE;
 SFS:(39840400004)(396003)(376002)(346002)(366004)(136003)(316002)(16576012)(66476007)(54906003)(66556008)(31696002)(8936002)(31686004)(52116002)(6486002)(956004)(186003)(8676002)(16526019)(2616005)(44832011)(86362001)(66946007)(8976002)(5660300002)(83380400001)(6916009)(53546011)(2906002)(478600001)(38100700002)(36756003)(38350700002)(26005)(4326008)(45980500001)(43740500002);
 DIR:OUT; SFP:1102; 
X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?bWNIbUNxVmpsMzlsZWp1UDJTZ2g0SnZQOHpqc1pLV0EzZ3FqN1JMOVdpTXkr?=
 =?utf-8?B?VW9DSnlFdDJBKzFmOUZXNjEvQ2dpZXloZmIyRlNBelViZElyVmpyQU9keXZN?=
 =?utf-8?B?dC9oS0lkdzhyM095cHBOb2dLNUovK3MwMDE1UmJVcUVldDIrR1hTa2xVZ1Fu?=
 =?utf-8?B?OVR1UWZLN1BwUzljVi8zb1FKbS9QcDB4SDlWSUlzdnQ3cTliUUIrbHAxZ0tZ?=
 =?utf-8?B?RytHc1IrWENWQSs3ZjZlMGxjZytwRzh5VWJzdDgxVlp2cEJ2NTQ3K0FYN1o1?=
 =?utf-8?B?RTF2eTVDS2ZZcjFQakk1LzdhbmMyK3hGdjNRZ2JHNlBEekdsa2x6dktEcDdU?=
 =?utf-8?B?Mlo3REFjck1rSEUyQXZudWd3S2FuUVBTaVdvVCtQSkgzckR3Y2Y1elRGeStN?=
 =?utf-8?B?WkpIR2t6MERZWnZUOUhJcktQZlJCanZwT1NMOElDaERJTFZSQnNrUmo3KzRY?=
 =?utf-8?B?My8wY05sVGE2aDlxcGE4Q0RxY3JTQ3dTRDV3SmZqcFB2NHV0L3dQQVRLblJ0?=
 =?utf-8?B?cElrZ2p1SW1iNmZsdGZjbk1pdklDeE5nWDJSdFpJTzFHTndiWmQxY3pESGVE?=
 =?utf-8?B?azZaRjUxOFlSQXdvSVBLTGtMUm1pNmNDd2Z4TExpY0VGc25waklUSDBlb2Fz?=
 =?utf-8?B?RzIvaTlxc3ovM2lhYzN1SENpb2d1cnhtVHBOZ2U1SDBNbDFhQTYwRzBBeWxr?=
 =?utf-8?B?cENzWWFRbDR0NjM2OG1GYVl2QmZVZ3pHZ211M1FaeDJlOGZlR0lRRTF2N0l5?=
 =?utf-8?B?OGUwNEpNNWlJR3Y1UG5xUEV1bWcreDVETFdoSVFPdzVtNllNcWhoU0U5QW1y?=
 =?utf-8?B?a0hBdnJtSjBkSldCL21IZVJ2b0xxajdzTWJZc2VhQUVtelAzdkJKeVRtWElp?=
 =?utf-8?B?RGZnb09tcDVUbWw2MGdkOTgyU0E3Z3ZBK2NmT2NCZXB5ZHlqT2RYSEo1WDZC?=
 =?utf-8?B?dUd6WEw3UG9rbnVKTlhmQi82WWJ5SUFpOWdDdGdCemxoL29QZE00YmpsTWdS?=
 =?utf-8?B?QUpFc2hHWDQ2b0ZnZzByTTNXbDF4VDNpT0UxemxicUJoY0NBTTlZTnoxZkdZ?=
 =?utf-8?B?dFdIaWJ2Mk8vbHQzRmo5YkE0L3UzSmRubG9SWGRmSHNPbGZSUnVtUERzeVpP?=
 =?utf-8?B?OE15M0ptRzFSMGRqSkJPTWlKMnUvZDgrSVNLeTZrMURRcVRxNkJnK1BCRlNl?=
 =?utf-8?B?L0krOHBTN3dPM3FhdEVURUVBQndJQ1h6bDFXYzlsaTVybzAzV2cvTjVTa2k0?=
 =?utf-8?B?aWwzU3lkZ09DdWxFUVlmRXdsTFpZb1Zxa0x6MkprUHR1U0lQWXBkRThsQTlq?=
 =?utf-8?B?M0R2N3M3bFRLQVZSZHlOK0pDZThyQ0FpWWFCbm5NTEpzZkhXZlBreWxwSC9B?=
 =?utf-8?B?SmVTcnhVS3lkU2IwR1VBaC8rWXZHNXVmVVVCMEJZOVRiaDFxaWN3WWJNWmdU?=
 =?utf-8?B?T3JlamtGd1cyanoyM2sxVnM5UG9mL25lekNwZ3IybjdFeHV2N0VJMmlMYTFo?=
 =?utf-8?B?bTAxaXVFcVhCZUVyQzA3TDlqdmFTMTdSaU1Sa3RZWGdvZGVWM1k3R3MycldK?=
 =?utf-8?B?eVJ5UWY0TXRBQk1vZW9jOW9nS0hZZkxtY1BpVnBjUGlGRTBXYVc5UFZibzI3?=
 =?utf-8?B?TythbEdrbnBHTmFXZXlyQmYvWVhpd1oyN1dycG1tNUlYbHRzSW9YZW5uejZ3?=
 =?utf-8?B?NXIwUFFuaEMyTjVrM01ETTBReWt5QUxOdkRyZWtUNHc4YnBvWnA4QVBBOTFR?=
 =?utf-8?Q?Uff3pf04jBQaGwbF8bYdAzwzgbQza8MppzeZVpU?=
X-OriginatorOrg: prevas.dk
X-MS-Exchange-CrossTenant-Network-Message-Id: 3cc3928c-69e9-4fa2-c5fe-08d91c665a83
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB1874.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 May 2021 14:40:18.1722 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d350cf71-778d-4780-88f5-071a4cb1ed61
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: nRJ1oASphDrLEwMwfmqdVi0THOqqvdDCe97JvHcVqQWoms0jpT9FGlAXctWw6KAcxNXqhZ5rUmwoaj6uR8Y8DHLdIaT3++ZYNDOqHJahdPU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR10MB4097
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de
X-Virus-Status: Clean

On 21/05/2021 16.15, Heinrich Schuchardt wrote:
> On 21.05.21 14:53, Rasmus Villemoes wrote:
>> On 20/05/2021 19.51, Simon Glass wrote:
>>> Hi Rasmus,
>>>
>>> On Thu, 20 May 2021 at 04:05, Rasmus Villemoes
>>> <rasmus.villemoes@prevas.dk> wrote:
>>>>
>>>> Most callers (or callers of callers, etc.) of vsnprintf() are not
>>>> prepared for it to return a negative value.
>>>>
>>>> The only case where that can currently happen is %pD, and it's IMO
>>>> more user-friendly to produce some output that clearly shows that some
>>>> "impossible" thing happened instead of having the message completely
>>>> ignored - or mishandled as for example log.c would currently do.
>>>>
>>>> Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
>>>> ---
>>>>  lib/vsprintf.c | 10 +---------
>>>>  1 file changed, 1 insertion(+), 9 deletions(-)
>>>
>>> I think that is debatable. If we want the calling code to be fixed,
>>> then it needs to get an error code back. Otherwise the error will be
>>> apparent to the user but (perhaps) not ever debugged.
>>
>> But it is not the calling code that is at fault for the vsnprintf()
>> implementation (1) being able to fail and (2) actually encountering an
>> ENOMEM situation. There's _nothing_ the calling code can do about that.
> 
> include/vsnprintf.h states:
> 
> "This function follows C99 vsnprintf, but has some extensions:".

Happy to update that comment (which is copied from linux BTW, and in the
kernel there's a very simple rule: "This is printk. We want it to work."
- that extends to the workhorse vsnprintf() which is not allowed to take
locks or do allocations) with an amendment "... among which is that it
never returns a negative value."

> It is obvious that the calling code needs to be fixed if it cannot
> handle negative return values.
> 
> So NAK to the patch.

So you'd rather fix the ~200 places that use the return value assuming
it's non-negative, plus the unknown number of places that assume the
output buffer is a valid nul-terminated string after vsnprintf() returns?

And, again taking that %pD example, do you really rather want _nothing_
printed (which is the only thing log.c could sensibly do if vsnprintf()
returned something negative) in the rare case of allocation failure?

I must admit I completely fail to see how this can possibly be better
than improving the guarantees provided by U-Boot's vsnprintf()
implementation.

Rasmus