Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756677AbdIHS3H (ORCPT ); Fri, 8 Sep 2017 14:29:07 -0400 Received: from mout.gmx.net ([212.227.17.20]:54510 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756210AbdIHS3G (ORCPT ); Fri, 8 Sep 2017 14:29:06 -0400 Subject: Re: [PATCH 00/14] Fix wrong %pF and %pS printk format specifier usages To: "Luck, Tony" , Sergey Senozhatsky Cc: "linux-kernel@vger.kernel.org" , Sergey Senozhatsky , Petr Mladek , Andrew Morton , "Yu, Fenghua" , Benjamin Herrenschmidt , Paul Mackerras , Michael Ellerman References: <20170907004522.GA3885@jagdpanzerIV.localdomain> <8b93f9ca-95f6-4e40-1cc8-d1a65833abff@gmx.de> <20170907075653.GA533@jagdpanzerIV.localdomain> <20170907083207.GC533@jagdpanzerIV.localdomain> <667b8849-fb60-a312-2483-505252ff737e@gmx.de> <20170907093631.GD533@jagdpanzerIV.localdomain> <20170907095119.GE533@jagdpanzerIV.localdomain> <0604f27e-24ab-625b-9013-c6c0f4f6acc1@gmx.de> <3908561D78D1C84285E8C5FCA982C28F6136C2ED@ORSMSX114.amr.corp.intel.com> <20170908061830.GA496@jagdpanzerIV.localdomain> <20170908172528.qc2vdtxzqh777k6o@intel.com> From: Helge Deller Message-ID: <67a0aad8-5412-60f8-6481-562d37995eb2@gmx.de> Date: Fri, 8 Sep 2017 20:28:13 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170908172528.qc2vdtxzqh777k6o@intel.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:aoE7iDUlUzc7KD9anyItyiPGbS8u+5vOwt9y8oScdQMw6B/KP3M o4UNM6E7JrPhsciug/XIjq5hZJIl94m4iMpfMQvtVZcmz0PcZHOWb46bfb4srKn4gvWmZi5 FhRtkRta7GIdwn45AB1+BS5qDZxBelp8PFQnVCca3OFjDS7c6oZ15pF9qKJl2A27UkT2WFC R0dM8WbatB13zjFUR1Fdg== X-UI-Out-Filterresults: notjunk:1;V01:K0:vYGK4pZbTW0=:pFO1ghIR6fCNADx1z0PMNJ rPHF/+yyLfFEeFJriwnZBI0I5cYkR3PS7sy4I38lJUUG5mAU8bHw8bkf3sH5eiHInejodyzzp mMKbVysQXMOAA/aOFJAEZ5lKUuTkPu6REudqrOttEbOnDqC++6dyNrE3bTq+YsKJrz5YTyEUw ABf7P9DqOFdZ8PG3HJIzsBtpFwR97n3eqzBu2iLOqyvr81G71wd5LkaamX9XdAmqB4ZDfJTp7 hZuc7PtsRc9A8MgGz28C1UmImIUJdB1CLu/mzM5H+V68ShUwbtnI2gNIHpaQJJKfeeOtMh8V2 C7/CpGqsdrcjBHK7iujv3UVhmNIDDggLMJUVb8dO1f54TwsJa9l+a/RYxNe8dI6jU1PTLZI+O 0D9+L+UGb8yMLIoOZP4mI939SrS6T7UcWIeoFCjxb1VE9bG4GE67D8hf9t94Cvyeh632ch7Se 0iuvUe49t4ZDeF1869P+iPwhYf1xqLC0sz56CKY91tuN0aoAS7RpJNRWpaGN8pPby2K4Lf19/ S1X29zn2d7KH9uAmGMBAmz/N4xHgqPiaZG5trOnGACCL1a1lyEGOBB6w9s3ajs3suOfLCwCvR eyJA4XRmi1+FsfB1L/UasjgjzvHShwh+G3ZkQU2+EVqaPNZIsj66HbhINN+lS1622cp3rMPbx mNp9KcnIVd+CopMfaYOUSmw6UJUb8aD0Fvr1XpZl38mXljCPSUqgoaf4W40eC+DtUtTfbaGrW W6dB1J6VTaLlj8jlED4GSaELB4f7Ro+DCvV9gM6kLeXi4V2mCPkM2mV3vtFJlsg+YlA6ykkbW jg0qbS1ZKuEA68ohDzGMT95a6fRRmGzTWNlN/UdEwRDCNxj8JI= Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1920 Lines: 44 On 08.09.2017 19:25, Luck, Tony wrote: > On Fri, Sep 08, 2017 at 03:18:30PM +0900, Sergey Senozhatsky wrote: >> if the addr is not in kernel .text, then try dereferencing it and check >> if the dereferenced addr is in kernel .text. > > If it really is a function pointer, then we know that it is safe > to dereference. But if it isn't, then maybe not? > > If it is a function pointer then dereferening will indeed give > us a .text address. But if it isn't, it might still give us a > .text address (we could reduce the probability of a false hit > by checking that the .text address was exactly on a symbol with > no offset ... but data values that happen to be the addresses of > function entry points are possible). I don't like this kind of trying to figure out at runtime at all. It's too much guessing in here IMHO. What about this idea: For %pF we always have pointers to functions, e.g.: printk("Going to call: %pF\n", gettimeofday); printk("Going to call: %pF\n", p->func); and for %pS most (if not all) usages use some kind of casting from "unsigned long" to "void *", e.g.: printk("%s: called from %pS\n", __func__, (void *)_RET_IP_); printk("%s: called from %pS\n", __func__, (void *)__builtin_return_address(0)); printk("Faulted at %pS\n", (void *)regs->ip); So, what if we for the %pS case simply take the type as it is (unsigned long) and introduce a new printk-format, e.g. "%luS" ? The %pS examples above then become: printk("%s: called from %luS\n", __func__, _RET_IP_); printk("%s: called from %luS\n", __func__, __builtin_return_address(0)); printk("Faulted at %luS\n", regs->ip); That way we don't need type-casting, gain compile-time type checks from the compiler, and we could add a checkpatch (or occinelle) check which checks for the combination of %pF/%pS and "void*" keyword and suggest to use %luS. Opinions? Helge