mktime: prefer C23 style overflow checking

Prefer stdckdint.h macros to intprops.h macros where either will do,
as this is the C23 standard.  Also, it ports around a pcc bug.
* config/srclist.txt: Comment out mktime.c.
* lib/mktime.c: Include stdckdint.h, not intprops.h.
(__mktime_internal): Prefer stdckdint.h to intprops.h macros.
* modules/mktime (Depends-on): Add stdckdint.

4 files changed, 16 insertions, 7 deletions

diff --git a/ChangeLog b/ChangeLog
index 8f03557265..0b8e61c123 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,13 @@
 2023-05-01  Paul Eggert  <eggert@cs.ucla.edu>
 
+	mktime: prefer C23 style overflow checking
+	Prefer stdckdint.h macros to intprops.h macros where either will do,
+	as this is the C23 standard.  Also, it ports around a pcc bug.
+	* config/srclist.txt: Comment out mktime.c.
+	* lib/mktime.c: Include stdckdint.h, not intprops.h.
+	(__mktime_internal): Prefer stdckdint.h to intprops.h macros.
+	* modules/mktime (Depends-on): Add stdckdint.
+
 	limits-h: port to pcc
 	* doc/posix-headers/limits.texi: Document the issue.
 	* lib/limits.in.h (MB_LEN_MAX): New macro, if not already defined.
diff --git a/config/srclist.txt b/config/srclist.txt
index 1ff4e6ec8d..7003128058 100644
--- a/config/srclist.txt
+++ b/config/srclist.txt
@@ -73,7 +73,7 @@ $LIBCSRC posix/regex.h			lib
 #$LIBCSRC stdlib/canonicalize           lib/canonicalize-lgpl.c
 #$LIBCSRC sysdeps/generic/eloop-threshold.h	lib
 $LIBCSRC time/timegm.c			lib
-$LIBCSRC time/mktime.c			lib
+#$LIBCSRC time/mktime.c			lib
 $LIBCSRC time/mktime-internal.h		lib
 
 # 
diff --git a/lib/mktime.c b/lib/mktime.c
index 94a4320e6c..9a37bb72f4 100644
--- a/lib/mktime.c
+++ b/lib/mktime.c
@@ -46,10 +46,10 @@
 #include <errno.h>
 #include <limits.h>
 #include <stdbool.h>
+#include <stdckdint.h>
 #include <stdlib.h>
 #include <string.h>
 
-#include <intprops.h>
 #include <verify.h>
 
 #ifndef NEED_MKTIME_INTERNAL
@@ -379,7 +379,7 @@ __mktime_internal (struct tm *tp,
   /* Invert CONVERT by probing.  First assume the same offset as last
      time.  */
 
-  INT_SUBTRACT_WRAPV (0, off, &negative_offset_guess);
+  ckd_sub (&negative_offset_guess, 0, off);
   long_int t0 = ydhms_diff (year, yday, hour, min, sec,
 			    EPOCH_YEAR - TM_YEAR_BASE, 0, 0, 0,
 			    negative_offset_guess);
@@ -465,7 +465,7 @@ __mktime_internal (struct tm *tp,
 	for (direction = -1; direction <= 1; direction += 2)
 	  {
 	    long_int ot;
-	    if (! INT_ADD_WRAPV (t, delta * direction, &ot))
+	    if (! ckd_add (&ot, t, delta * direction))
 	      {
 		struct tm otm;
 		if (! ranged_convert (convert, &ot, &otm))
@@ -503,8 +503,8 @@ __mktime_internal (struct tm *tp,
   /* Set *OFFSET to the low-order bits of T - T0 - NEGATIVE_OFFSET_GUESS.
      This is just a heuristic to speed up the next mktime call, and
      correctness is unaffected if integer overflow occurs here.  */
-  INT_SUBTRACT_WRAPV (t, t0, offset);
-  INT_SUBTRACT_WRAPV (*offset, negative_offset_guess, offset);
+  ckd_sub (offset, t, t0);
+  ckd_sub (offset, *offset, negative_offset_guess);
 
   if (LEAP_SECONDS_POSSIBLE && sec_requested != tm.tm_sec)
     {
@@ -513,7 +513,7 @@ __mktime_internal (struct tm *tp,
       long_int sec_adjustment = sec == 0 && tm.tm_sec == 60;
       sec_adjustment -= sec;
       sec_adjustment += sec_requested;
-      if (INT_ADD_WRAPV (t, sec_adjustment, &t)
+      if (ckd_add (&t, t, sec_adjustment)
 	  || ! (mktime_min <= t && t <= mktime_max))
 	{
 	  __set_errno (EOVERFLOW);
diff --git a/modules/mktime b/modules/mktime
index b3ba650a93..e5c4c05687 100644
--- a/modules/mktime
+++ b/modules/mktime
@@ -13,6 +13,7 @@ multiarch
 intprops        [test $REPLACE_MKTIME = 1]
 libc-config     [test $REPLACE_MKTIME = 1]
 stdbool         [test $REPLACE_MKTIME = 1]
+stdckdint       [test $REPLACE_MKTIME = 1]
 time_r          [test $REPLACE_MKTIME = 1]
 verify          [test $REPLACE_MKTIME = 1]