* lib/full-read.h, lib/full-write.h, lib/safe-read.h, lib/safe-write.h:
Include idx.h.
* lib/full-write.c (full_read, full_write):
Now accept and returns idx_t.
* lib/safe-read.c (bufptr): New type, since apps are not
supposed to #define keywords like ‘const’.
(safe_read, safe_write): Now accept idx_t and return ptrdiff_t.
* lib/safe-read.h (SAFE_READ_ERROR):
* lib/safe-write.h (SAFE_WRITE_ERROR):
Now ptrdiff_t, not size_t.
* modules/full-read, modules/full-write, modules/safe-read:
* modules/safe-write (Depends-on): Add idx.
---
ChangeLog | 16 ++++++++++++++++
NEWS | 6 ++++++
lib/full-read.h | 4 +++-
lib/full-write.c | 10 +++++-----
lib/full-write.h | 3 ++-
lib/safe-read.c | 14 +++++++-------
lib/safe-read.h | 11 +++++++----
lib/safe-write.h | 11 +++++++----
modules/full-read | 1 +
modules/full-write | 1 +
modules/safe-read | 1 +
modules/safe-write | 1 +
12 files changed, 57 insertions(+), 22 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 7c9f9bce76..ff3704336b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,19 @@
+2024-08-09 Paul Eggert <egg...@cs.ucla.edu>
+
+ full-read, etc.: prefer signed types
+ * lib/full-read.h, lib/full-write.h, lib/safe-read.h, lib/safe-write.h:
+ Include idx.h.
+ * lib/full-write.c (full_read, full_write):
+ Now accept and returns idx_t.
+ * lib/safe-read.c (bufptr): New type, since apps are not
+ supposed to #define keywords like ‘const’.
+ (safe_read, safe_write): Now accept idx_t and return ptrdiff_t.
+ * lib/safe-read.h (SAFE_READ_ERROR):
+ * lib/safe-write.h (SAFE_WRITE_ERROR):
+ Now ptrdiff_t, not size_t.
+ * modules/full-read, modules/full-write, modules/safe-read:
+ * modules/safe-write (Depends-on): Add idx.
+
2024-08-09 Bruno Haible <br...@clisp.org>
sig2str: Align with POSIX:2024.
diff --git a/NEWS b/NEWS
index 4c5d9fc5de..865b86ba3c 100644
--- a/NEWS
+++ b/NEWS
@@ -74,6 +74,12 @@ User visible incompatible changes
Date Modules Changes
+2024-08-09 full-read These modules now prefer signed types to size_t.
+ full-write The preferred types are idx_t for object sizes and
+ safe-read ptrdiff_t for values that are either a size or -1.
+ safe-write SAFE_READ_ERROR and SAFE_WRITE_ERROR are now
+ obsolescent; callers can just check for < 0.
+
2024-06-22 xvasprintf It is now the programmer's responsibility to pass
c-xvasprintf a valid format string without %ls, %lc directives
and that all widths are >= -INT_MAX and <= INT_MAX.
diff --git a/lib/full-read.h b/lib/full-read.h
index 617702a60b..9d44e4fbc9 100644
--- a/lib/full-read.h
+++ b/lib/full-read.h
@@ -17,6 +17,8 @@
#include <stddef.h>
+#include "idx.h"
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -25,7 +27,7 @@ extern "C" {
/* Read COUNT bytes at BUF to descriptor FD, retrying if interrupted
or if partial reads occur. Return the number of bytes successfully
read, setting errno if that is less than COUNT. errno = 0 means EOF. */
-extern size_t full_read (int fd, void *buf, size_t count);
+extern idx_t full_read (int fd, void *buf, idx_t count);
#ifdef __cplusplus
diff --git a/lib/full-write.c b/lib/full-write.c
index 8e27b9c134..0559a0a128 100644
--- a/lib/full-write.c
+++ b/lib/full-write.c
@@ -54,16 +54,16 @@
When writing, set errno if fewer than COUNT bytes are written.
When reading, if fewer than COUNT bytes are read, you must examine
errno to distinguish failure from EOF (errno == 0). */
-size_t
-full_rw (int fd, const void *buf, size_t count)
+idx_t
+full_rw (int fd, const void *buf, idx_t count)
{
- size_t total = 0;
+ idx_t total = 0;
const char *ptr = (const char *) buf;
while (count > 0)
{
- size_t n_rw = safe_rw (fd, ptr, count);
- if (n_rw == (size_t) -1)
+ ptrdiff_t n_rw = safe_rw (fd, ptr, count);
+ if (n_rw < 0)
break;
if (n_rw == 0)
{
diff --git a/lib/full-write.h b/lib/full-write.h
index 87f9b928b9..7265499618 100644
--- a/lib/full-write.h
+++ b/lib/full-write.h
@@ -17,6 +17,7 @@
#include <stddef.h>
+#include "idx.h"
#ifdef __cplusplus
extern "C" {
@@ -26,7 +27,7 @@ extern "C" {
/* Write COUNT bytes at BUF to descriptor FD, retrying if interrupted
or if partial writes occur. Return the number of bytes successfully
written, setting errno if that is less than COUNT. */
-extern size_t full_write (int fd, const void *buf, size_t count);
+extern idx_t full_write (int fd, const void *buf, idx_t count);
#ifdef __cplusplus
diff --git a/lib/safe-read.c b/lib/safe-read.c
index a389b57bfb..c7d31d535d 100644
--- a/lib/safe-read.c
+++ b/lib/safe-read.c
@@ -42,22 +42,22 @@
#ifdef SAFE_WRITE
# define safe_rw safe_write
# define rw write
+typedef void const *bufptr;
#else
# define safe_rw safe_read
# define rw read
-# undef const
-# define const /* empty */
+typedef void *bufptr;
#endif
/* Read(write) up to COUNT bytes at BUF from(to) descriptor FD, retrying if
- interrupted. Return the actual number of bytes read(written), zero for EOF,
- or SAFE_READ_ERROR(SAFE_WRITE_ERROR) upon error. */
-size_t
-safe_rw (int fd, void const *buf, size_t count)
+ interrupted. Return the number of bytes read(written), zero for EOF,
+ or -1 upon error. */
+ptrdiff_t
+safe_rw (int fd, bufptr buf, idx_t count)
{
for (;;)
{
- ssize_t result = rw (fd, buf, count);
+ ssize_t result = rw (fd, buf, count <= (size_t) -1 ? count : (size_t)
-1);
if (0 <= result)
return result;
diff --git a/lib/safe-read.h b/lib/safe-read.h
index df7acfd479..6843092948 100644
--- a/lib/safe-read.h
+++ b/lib/safe-read.h
@@ -29,17 +29,20 @@
#include <stddef.h>
+#include "idx.h"
+
#ifdef __cplusplus
extern "C" {
#endif
-#define SAFE_READ_ERROR ((size_t) -1)
+/* This is present for backward compatibility with older versions of this code
+ where safe_read returned size_t, so SAFE_READ_ERROR was SIZE_MAX. */
+#define SAFE_READ_ERROR ((ptrdiff_t) -1)
/* Read up to COUNT bytes at BUF from descriptor FD, retrying if interrupted.
- Return the actual number of bytes read, zero for EOF, or SAFE_READ_ERROR
- upon error. */
-extern size_t safe_read (int fd, void *buf, size_t count);
+ Return the number of bytes read, zero for EOF, or -1 upon error. */
+extern ptrdiff_t safe_read (int fd, void *buf, idx_t count);
#ifdef __cplusplus
diff --git a/lib/safe-write.h b/lib/safe-write.h
index 4415dd0513..0f77156293 100644
--- a/lib/safe-write.h
+++ b/lib/safe-write.h
@@ -29,17 +29,20 @@
#include <stddef.h>
+#include "idx.h"
+
#ifdef __cplusplus
extern "C" {
#endif
-#define SAFE_WRITE_ERROR ((size_t) -1)
+/* This is present for backward compatibility with older versions of this code
+ where safe_read returned size_t, so SAFE_WRITE_ERROR was SIZE_MAX. */
+#define SAFE_WRITE_ERROR ((ptrdiff_t) -1)
/* Write up to COUNT bytes at BUF to descriptor FD, retrying if interrupted.
- Return the actual number of bytes written, zero for EOF, or SAFE_WRITE_ERROR
- upon error. */
-extern size_t safe_write (int fd, const void *buf, size_t count);
+ Return the number of bytes written, zero for EOF, or -1 upon error. */
+extern ptrdiff_t safe_write (int fd, const void *buf, idx_t count);
#ifdef __cplusplus
diff --git a/modules/full-read b/modules/full-read
index e05728f235..ce77f9e5c0 100644
--- a/modules/full-read
+++ b/modules/full-read
@@ -7,6 +7,7 @@ lib/full-read.c
lib/full-write.c
Depends-on:
+idx
safe-read
configure.ac:
diff --git a/modules/full-write b/modules/full-write
index 2ef42bb866..42b660167c 100644
--- a/modules/full-write
+++ b/modules/full-write
@@ -6,6 +6,7 @@ lib/full-write.h
lib/full-write.c
Depends-on:
+idx
safe-write
configure.ac:
diff --git a/modules/safe-read b/modules/safe-read
index f19e14b8c7..3960a3a431 100644
--- a/modules/safe-read
+++ b/modules/safe-read
@@ -8,6 +8,7 @@ lib/sys-limits.h
m4/safe-read.m4
Depends-on:
+idx
read
ssize_t
diff --git a/modules/safe-write b/modules/safe-write
index f09c0abddd..7796a9e09b 100644
--- a/modules/safe-write
+++ b/modules/safe-write
@@ -10,6 +10,7 @@ m4/safe-write.m4
m4/safe-read.m4
Depends-on:
+idx
ssize_t
write
--
2.43.0
