Range checks do not work when IO_SIZE_BITS==8*sizeof(size_t) #7
Description
When sizeof(io_int_t) is exactly sizeof(size_t), i.e., as large as IO_SIZE_BITS in bytes, range checks and other operations do not work properly anymore, some of them without any warnings or errors. As documented in the common documentation:
If IO_SIZE_BITS is the same size as size_t, the Read/Write functions in dependent libraries do not work properly if the MSB of a size_t variable specifying the size to be read/written is used. For example, if IO_SIZE_BITS is 32 and sizeof(size_t) is 4, the maximum size (parameter value) that the Read/Write function can work with is 2^31 - 1, i.e., the 32nd bit cannot be used. If it is used, the return value of the functions will be interpreted as an error (since it is interpreted as a negative number)
Two solutions are possible:
- Disallow parameters, e.g.,
valuesizeto be as large asIO_SIZE_BITSand issue an error. This may have undesired side effects as the machine word size could not be used for I/O operations on the machine, e.g., 64-bit reads would not be supported on 64-bit machines. - (preferred) Add more sophisticated range checks to issue warnings or errors whenever there are overflows/underflows. This might require a change in architecture (e.g., additional out parameters instead of return values to reserve the latters for errors only).