library: sub_timespec use arithmetic to avoid overflow

eval-exec · eval-exec · commit 785a624327f1 · 2025-09-06T00:32:17.000+08:00
diff --git a/library/std/src/sys/pal/unix/time.rs b/library/std/src/sys/pal/unix/time.rs
@@ -139,10 +139,20 @@ impl Timespec {
     #[rustc_const_unstable(feature = "const_system_time", issue = "144517")]
     pub const fn sub_timespec(&self, other: &Timespec) -> Result<Duration, Duration> {
         // FIXME: const PartialOrd
-        let mut cmp = self.tv_sec - other.tv_sec;
-        if cmp == 0 {
-            cmp = self.tv_nsec.as_inner() as i64 - other.tv_nsec.as_inner() as i64;
-        }
+        // Use saturating arithmetic to avoid overflow when comparing extreme values
+        let sec_cmp = if self.tv_sec < other.tv_sec {
+            -1
+        } else if self.tv_sec > other.tv_sec {
+            1
+        } else {
+            0
+        };
+        
+        let cmp = if sec_cmp == 0 {
+            self.tv_nsec.as_inner() as i64 - other.tv_nsec.as_inner() as i64
+        } else {
+            sec_cmp
+        };
 
         if cmp >= 0 {
             // NOTE(eddyb) two aspects of this `if`-`else` are required for LLVM
