svn commit: r304221 - head/sys/boot/efi/boot1

[Bruce Evans]

On Tue, 16 Aug 2016, Ed Schouten wrote:

> Hi Emmanuel,
>>
>> Log:
>>   Use %ju modifier for u_int64_t and %jd modifier for off_t.
>>   off_t is long long on arm32 and long on amd64
>
> I think both of these should be solved differently:
>
> - For uint64_t, you can use <inttypes.h>'s PRIu64 in the formatting
> string. In kernel space, I suspect you need to use something like
> <machine/inttypes.h>.

Ugh.

> - For off_t, it's all right to print it with %jd, but then be sure to
> also add a cast to the argument itself. It may not necessarily be
> equal to an intmax_t.

This shows how stupid the PRI* macros are.  They might be available for
0.1% of typedefed types in a medium-sized source tree.  But to use them,
you have to know their exact type, and change all printfs using them
whenever the typedef is changed.  If it is changed to a non-fixed width
type, then the printfs need lots of editing to change to a cast.  Their
only advantage is that they are more space and time efficient, especially
on 16-bit systems.

Extensive use of fixed-width type is another bug.  It asks for a fixed
ABI at any cost to efficiency or space.  FreeBSD almost never uses
"fast" or "least" integer types.  However, if you use these types, there
are PRI* mistakes for them too.

The SCN* macros are not quite as stupid as PRI*, but they should never
be used.  scanf() is already unusable since it gives undefined
behaviour on overflow.  These macros are not quite as stupid as PRI*
since casts don't work so well for input.  The corrsponding thing is
to scan input into variables of type [u]intmax_t and convert to the
corresponding type, of course without any bounds checking so that
you get similar undefined behaviour on overflow as when using SCN*.

Bruce