maint: prefer ckd_add to INT_ADD_WRAPV etc

* bootstrap.conf (gnulib_modules): Add stdckdint.
Also, in C source code, prefer C23 macros like ckd_add
to their Gnulib near-equivalents like INT_ADD_WRAPV.
Include <stdckdint.h> as needed.

bootstrap.conf

@@ -253,6 +253,7 @@ gnulib_modules="
   stat-size
   stat-time
   stdbool
+  stdckdint
   stdlib-safer
   stpcpy
   stpncpy

src/cat.c

@@ -23,6 +23,7 @@
 
 #include <config.h>
 
+#include <stdckdint.h>
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
@@ -766,9 +767,9 @@ main (int argc, char **argv)
              on some paging implementations.  */
 
           idx_t bufsize;
-          if (INT_MULTIPLY_WRAPV (insize, 4, &bufsize)
-              || INT_ADD_WRAPV (bufsize, outsize, &bufsize)
-              || INT_ADD_WRAPV (bufsize, LINE_COUNTER_BUF_LEN - 1, &bufsize))
+          if (ckd_mul (&bufsize, insize, 4)
+              || ckd_add (&bufsize, bufsize, outsize)
+              || ckd_add (&bufsize, bufsize, LINE_COUNTER_BUF_LEN - 1))
             xalloc_die ();
           char *outbuf = xalignalloc (page_size, bufsize);
 

src/copy.c

@@ -17,6 +17,7 @@
 /* Extracted from cp.c and librarified by Jim Meyering.  */
 
 #include <config.h>
+#include <stdckdint.h>
 #include <stdio.h>
 #include <sys/ioctl.h>
 #include <sys/types.h>
@@ -458,7 +459,7 @@ sparse_copy (int src_fd, int dest_fd, char **abuf, size_t buf_size,
             }
           else  /* Coalesce writes/seeks.  */
             {
-              if (INT_ADD_WRAPV (psize, csize, &psize))
+              if (ckd_add (&psize, psize, csize))
                 {
                   error (0, 0, _("overflow reading %s"), quoteaf (src_name));
                   return false;

src/csplit.c

@@ -22,6 +22,7 @@
 #include <getopt.h>
 #include <sys/types.h>
 #include <signal.h>
+#include <stdckdint.h>
 
 #include "system.h"
 
@@ -490,7 +491,7 @@ load_buffer (void)
       free_buffer (b);
       if (have_read_eof)
         return false;
-      if (INT_ADD_WRAPV (bytes_alloc, bytes_alloc >> 1, &bytes_wanted))
+      if (ckd_add (&bytes_wanted, bytes_alloc, bytes_alloc >> 1))
         xalloc_die ();
     }
 }
@@ -1370,7 +1371,7 @@ main (int argc, char **argv)
        ? max_out (suffix)
        : MAX (INT_STRLEN_BOUND (int), digits));
   idx_t filename_size;
-  if (INT_ADD_WRAPV (prefix_len, max_digit_string_len + 1, &filename_size))
+  if (ckd_add (&filename_size, prefix_len, max_digit_string_len + 1))
     xalloc_die ();
   filename_space = ximalloc (filename_size);
 

src/dd.c

@@ -20,6 +20,7 @@
 
 #include <sys/types.h>
 #include <signal.h>
+#include <stdckdint.h>
 
 #include "system.h"
 #include "alignalloc.h"
@@ -1015,7 +1016,7 @@ cache_round (int fd, off_t len)
   if (len)
     {
       intmax_t c_pending;
-      if (INT_ADD_WRAPV (*pending, len, &c_pending))
+      if (ckd_add (&c_pending, *pending, len))
         c_pending = INTMAX_MAX;
       *pending = c_pending % IO_BUFSIZE;
       if (c_pending > *pending)
@@ -1445,7 +1446,7 @@ parse_integer (char const *str, strtol_error *invalid)
           e = f;
           result = indeterminate;
         }
-      else if (INT_MULTIPLY_WRAPV (n, o, &result)
+      else if (ckd_mul (&result, n, o)
                || (result != 0 && ((e | f) & LONGINT_OVERFLOW)))
         {
           e = LONGINT_OVERFLOW;
@@ -1780,7 +1781,7 @@ swab_buffer (char *buf, idx_t *nread, int *saved_byte)
 static void
 advance_input_offset (intmax_t offset)
 {
-  if (0 <= input_offset && INT_ADD_WRAPV (input_offset, offset, &input_offset))
+  if (0 <= input_offset && ckd_add (&input_offset, input_offset, offset))
     input_offset = -1;
 }
 
@@ -1803,8 +1804,8 @@ skip (int fdesc, char const *file, intmax_t records, idx_t blocksize,
 
   errno = 0;
   off_t offset;
-  if (! INT_MULTIPLY_WRAPV (records, blocksize, &offset)
-      && ! INT_ADD_WRAPV (offset, *bytes, &offset)
+  if (! ckd_mul (&offset, records, blocksize)
+      && ! ckd_add (&offset, offset, *bytes)
       && 0 <= lseek (fdesc, offset, SEEK_CUR))
     {
       if (fdesc == STDIN_FILENO)
@@ -2111,8 +2112,8 @@ dd_copy (void)
     {
       intmax_t us_bytes;
       bool us_bytes_overflow =
-        (INT_MULTIPLY_WRAPV (skip_records, input_blocksize, &us_bytes)
-         || INT_ADD_WRAPV (skip_bytes, us_bytes, &us_bytes));
+        (ckd_mul (&us_bytes, skip_records, input_blocksize)
+         || ckd_add (&us_bytes, skip_bytes, us_bytes));
       off_t input_offset0 = input_offset;
       intmax_t us_blocks = skip (STDIN_FILENO, input_file,
                                  skip_records, input_blocksize, &skip_bytes);
@@ -2477,8 +2478,8 @@ main (int argc, char **argv)
            | (seek_records || (conversions_mask & C_NOTRUNC) ? 0 : O_TRUNC));
 
       off_t size;
-      if ((INT_MULTIPLY_WRAPV (seek_records, output_blocksize, &size)
-           || INT_ADD_WRAPV (seek_bytes, size, &size))
+      if ((ckd_mul (&size, seek_records, output_blocksize)
+           || ckd_add (&size, seek_bytes, size))
           && !(conversions_mask & C_NOTRUNC))
         error (EXIT_FAILURE, 0,
                _("offset too large: "

src/kill.c

@@ -17,6 +17,7 @@
 /* Written by Paul Eggert.  */
 
 #include <config.h>
+#include <stdckdint.h>
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
@@ -200,7 +201,7 @@ send_signals (int signum, char *const *argv)
       intmax_t n = (errno = 0, strtoimax (arg, &endp, 10));
       pid_t pid;
 
-      if (errno == ERANGE || INT_ADD_WRAPV (n, 0, &pid)
+      if (errno == ERANGE || ckd_add (&pid, n, 0)
           || arg == endp || *endp)
         {
           error (0, 0, _("%s: invalid process id"), quote (arg));

src/nl.c

@@ -19,6 +19,7 @@
 
 #include <config.h>
 
+#include <stdckdint.h>
 #include <stdio.h>
 #include <sys/types.h>
 #include <getopt.h>
@@ -283,7 +284,7 @@ print_lineno (void)
 
   printf (lineno_format, lineno_width, line_no, separator_str);
 
-  if (INT_ADD_WRAPV (line_no, page_incr, &line_no))
+  if (ckd_add (&line_no, line_no, page_incr))
     line_no_overflow = true;
 }
 

src/pinky.c

@@ -19,6 +19,7 @@
 #include <config.h>
 #include <getopt.h>
 #include <pwd.h>
+#include <stdckdint.h>
 #include <stdio.h>
 
 #include <sys/types.h>
@@ -110,8 +111,8 @@ create_fullname (char const *gecos_name, char const *user_name)
     {
       size_t ulen = strlen (user_name);
       size_t product;
-      if (INT_MULTIPLY_WRAPV (ulen, ampersands - 1, &product)
-          || INT_ADD_WRAPV (rsize, product, &rsize))
+      if (ckd_mul (&product, ulen, ampersands - 1)
+          || ckd_add (&rsize, rsize, product))
         xalloc_die ();
     }
 

src/pr.c

@@ -310,6 +310,7 @@
 #include <config.h>
 
 #include <getopt.h>
+#include <stdckdint.h>
 #include <sys/types.h>
 #include "system.h"
 #include "fadvise.h"
@@ -1284,10 +1285,10 @@ init_parameters (int number_of_files)
     }
 
   int sep_chars, useful_chars;
-  if (INT_MULTIPLY_WRAPV (columns - 1, col_sep_length, &sep_chars))
+  if (ckd_mul (&sep_chars, columns - 1, col_sep_length))
     sep_chars = INT_MAX;
-  if (INT_SUBTRACT_WRAPV (chars_per_line - chars_used_by_number, sep_chars,
-                          &useful_chars))
+  if (ckd_sub (&useful_chars, chars_per_line - chars_used_by_number,
+               sep_chars))
     useful_chars = 0;
   chars_per_column = useful_chars / columns;
 
@@ -1908,11 +1909,10 @@ static void
 init_store_cols (void)
 {
   int total_lines, total_lines_1, chars_per_column_1, chars_if_truncate;
-  if (INT_MULTIPLY_WRAPV (lines_per_body, columns, &total_lines)
-      || INT_ADD_WRAPV (total_lines, 1, &total_lines_1)
-      || INT_ADD_WRAPV (chars_per_column, 1, &chars_per_column_1)
-      || INT_MULTIPLY_WRAPV (total_lines, chars_per_column_1,
-                             &chars_if_truncate))
+  if (ckd_mul (&total_lines, lines_per_body, columns)
+      || ckd_add (&total_lines_1, total_lines, 1)
+      || ckd_add (&chars_per_column_1, chars_per_column, 1)
+      || ckd_mul (&chars_if_truncate, total_lines, chars_per_column_1))
     integer_overflow ();
 
   free (line_vector);

src/split.c

@@ -21,6 +21,7 @@
    * support --suppress-matched as in csplit.  */
 #include <config.h>
 
+#include <stdckdint.h>
 #include <stdio.h>
 #include <getopt.h>
 #include <signal.h>
@@ -188,7 +189,7 @@ set_suffix_length (intmax_t n_units, enum Split_type split_type)
                  incrementing a suffix size arbitrarily,
                  as that would break sort order for files
                  generated from multiple split runs.  */
-              if (INT_ADD_WRAPV (n_units_end, n_start, &n_units_end))
+              if (ckd_add (&n_units_end, n_units_end, n_start))
                 n_units_end = INTMAX_MAX;
             }
 
@@ -288,7 +289,7 @@ copy_to_tmpfile (int fd, char *buf, idx_t bufsize)
     {
       if (fwrite (buf, 1, r, tmp) != r)
         return -1;
-      if (INT_ADD_WRAPV (copied, r, &copied))
+      if (ckd_add (&copied, copied, r))
         {
           errno = EOVERFLOW;
           return -1;
@@ -338,7 +339,7 @@ input_file_size (int fd, struct stat const *st, char *buf, idx_t bufsize)
     }
 
   if (end == OFF_T_MAX /* E.g., /dev/zero on GNU/Hurd.  */
-      || (cur < end && INT_ADD_WRAPV (size, end - cur, &size)))
+      || (cur < end && ckd_add (&size, size, end - cur)))
     {
       errno = EOVERFLOW;
       return -1;
@@ -379,8 +380,8 @@ next_file_name (void)
 
           outbase_length = strlen (outbase);
           addsuf_length = additional_suffix ? strlen (additional_suffix) : 0;
-          overflow = INT_ADD_WRAPV (outbase_length + addsuf_length,
-                                    suffix_length, &outfile_length);
+          overflow = ckd_add (&outfile_length, outbase_length + addsuf_length,
+                              suffix_length);
         }
       else
         {
@@ -389,12 +390,12 @@ next_file_name (void)
              the generated suffix into the prefix (base), and
              reinitializing the now one longer suffix.  */
 
-          overflow = INT_ADD_WRAPV (outfile_length, 2, &outfile_length);
+          overflow = ckd_add (&outfile_length, outfile_length, 2);
           suffix_length++;
         }
 
       idx_t outfile_size;
-      overflow |= INT_ADD_WRAPV (outfile_length, 1, &outfile_size);
+      overflow |= ckd_add (&outfile_size, outfile_length, 1);
       if (overflow)
         xalloc_die ();
       outfile = xirealloc (outfile, outfile_size);
@@ -1500,8 +1501,8 @@ main (int argc, char **argv)
           if (digits_optind != 0 && digits_optind != this_optind)
             n_units = 0;	/* More than one number given; ignore other. */
           digits_optind = this_optind;
-          if (INT_MULTIPLY_WRAPV (n_units, 10, &n_units)
-              || INT_ADD_WRAPV (n_units, c - '0', &n_units))
+          if (ckd_mul (&n_units, n_units, 10)
+              || ckd_add (&n_units, n_units, c - '0'))
             n_units = INTMAX_MAX;
           break;
 

src/truncate.c

@@ -21,6 +21,7 @@
    to better fit the "GNU" environment.  */
 
 #include <config.h>             /* sets _FILE_OFFSET_BITS=64 etc. */
+#include <stdckdint.h>
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
@@ -116,7 +117,7 @@ do_ftruncate (int fd, char const *fname, off_t ssize, off_t rsize,
     {
       ptrdiff_t blksize = ST_BLKSIZE (sb);
       intmax_t ssize0 = ssize;
-      if (INT_MULTIPLY_WRAPV (ssize, blksize, &ssize))
+      if (ckd_mul (&ssize, ssize, blksize))
         {
           error (0, 0,
                  _("overflow in %" PRIdMAX
@@ -172,7 +173,7 @@ do_ftruncate (int fd, char const *fname, off_t ssize, off_t rsize,
               off_t r = fsize % ssize;
               ssize = r == 0 ? 0 : ssize - r;
             }
-          if (INT_ADD_WRAPV (fsize, ssize, &nsize))
+          if (ckd_add (&nsize, fsize, ssize))
             {
               error (0, 0, _("overflow extending size of file %s"),
                      quoteaf (fname));

src/wc.c

@@ -19,6 +19,7 @@
 
 #include <config.h>
 
+#include <stdckdint.h>
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
@@ -666,13 +667,13 @@ wc (int fd, char const *file_x, struct fstatus *fstatus, off_t current_pos)
   if (total_mode != total_only)
     write_counts (lines, words, chars, bytes, linelength, file_x);
 
-  if (INT_ADD_WRAPV (total_lines, lines, &total_lines))
+  if (ckd_add (&total_lines, total_lines, lines))
     total_lines_overflow = true;
-  if (INT_ADD_WRAPV (total_words, words, &total_words))
+  if (ckd_add (&total_words, total_words, words))
     total_words_overflow = true;
-  if (INT_ADD_WRAPV (total_chars, chars, &total_chars))
+  if (ckd_add (&total_chars, total_chars, chars))
     total_chars_overflow = true;
-  if (INT_ADD_WRAPV (total_bytes, bytes, &total_bytes))
+  if (ckd_add (&total_bytes, total_bytes, bytes))
     total_bytes_overflow = true;
 
   if (linelength > max_line_length)

src/who.c

@@ -25,6 +25,7 @@
 
 #include <config.h>
 #include <getopt.h>
+#include <stdckdint.h>
 #include <stdio.h>
 
 #include <sys/types.h>
@@ -191,7 +192,7 @@ idle_string (time_t when, time_t boottime)
 
   int seconds_idle;
   if (boottime < when && when <= now
-      && ! INT_SUBTRACT_WRAPV (now, when, &seconds_idle)
+      && ! ckd_sub (&seconds_idle, now, when)
       && seconds_idle < 24 * 60 * 60)
     {
       if (seconds_idle < 60)