```Message-ID: <RRefgIKYIkNjPM9zuJIzVCjZBi0GC5MnqEYNyLq9Pi2ZquzfwVb6CJSEjDZEd2jMgR0nmf_hoJd4Zl-iMQHW-Qc5K3x9vwt3oskinb1MC58=@pm.me>
Date: Mon, 25 Mar 2024 11:52:00 +0000
From: Alexander Weps <exander77@...me>
To: musl@...ts.openwall.com, Rich Felker <dalias@...c.org>
Subject: Re: Broken mktime calculations when crossing DST boundary

This is the simplest and most obvious example how broken the calculation in musl is:

void test10()
{
time_t t = 0;
struct tm tm = {0};
char buf[64];

tm.tm_year = 2011 - 1900;
tm.tm_mon = 12 - 1;
tm.tm_mday = 29;
tm.tm_hour = 0;
tm.tm_min = 0;
tm.tm_sec = 0;
tm.tm_isdst = 0;

strftime(buf, sizeof buf, "%F %T %Z", &tm);
printf("before: %s %ld %ld\n", buf, t, calc(&tm));

t = mktime(&tm);

strftime(buf, sizeof buf, "%F %T %Z", &tm);
printf("after1: %s %ld %ld\n", buf, t, calc(&tm));

tm.tm_mday += 1;
t = mktime(&tm);

strftime(buf, sizeof buf, "%F %T %Z", &tm);
printf("after2: %s %ld %ld\n", buf, t, calc(&tm));
}

TZ=Pacific/Apia
Year is greater than 1970.

Input:
2011-12-29 01:00:00 -10

tm.tm_mday += 1;
t = mktime(&tm);

Output:
2011-12-29 01:00:00 -10

Musl cannot reliably increment date by a day. Incrementing struct tm representing 2011-12-29 01:00:00 -10 by one day leads to the same date.

Causing a program to loop or stack overflow.

AW

On Monday, March 25th, 2024 at 01:36, Alexander Weps <exander77@...me> wrote:

> I have no problem with the POSIX (Issue 8) or ISO C standard.
>
> I agree it doesn't mandate mktime making correct calculations, but I would assume it is expected.
>
> AW
>
>
>
> On Monday, March 25th, 2024 at 00:51, Thorsten Glaser tg@...bsd.de wrote:
>
> > Alexander Weps dixit:
> >
> > > You are describing the musl behavior, more specifically what I see in mktime & __tm_to_secs.
> > > I don't think this is correct behavior.
> >
> > This is what POSIX (Issue 8) and AFAIR also the next ISO C standard
> > mandate, though:
> >
> > 1.–6. struct tm is normalised from seconds or minutes up to year
> > 7. struct tm is converted to time_t (wrongly written down as
> > “the number of seconds since the epoch” as it omits leap
> > seconds)
> > 8. timezone corrections for standard time at the moment in
> > time calculated in step 7 is applied
> > 9. if the timezone has DST:
> > + if tm_isdst is positive, the time is adjusted by the offset
> > + if tm_isdst is negative, the result is either the same as
> > if it were 0 or the same as if it were 1; if the struct tm
> > specifies a gap or repeated segment, which of the two is
> > used is explicitly unspecified, i.e. the caller cannot rely
> > on the libc to guess his intent if he sets tm_isdst to -1.
> > 10. (not numbered) for gaps or repeats, mktime uses either the value
> > from before the gap/repeat or the one after, choice again
> > unspecified
> >
> > Tough luck there.
> >
> > The wording in this part is interesting though:
> >
> > | If tm_isdst is positive, mktime() shall further adjust the seconds
> > | since the Epoch by the DST offset.
> >
> > But I guess that if you call with tm_isdst=1 and a broken-down time
> > that clearly corresponds to nōn-DST, the DST offset for it is just 0
> > and it’ll work out the obvious way.
> >
> > bye,
> > //mirabilos
> > --
> > “It is inappropriate to require that a time represented as
> > seconds since the Epoch precisely represent the number of
> > seconds between the referenced time and the Epoch.”
> > -- IEEE Std 1003.1b-1993 (POSIX) Section B.2.2.2
```

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.