From 9772a8997bfddbb96308401fbab90ab4f5e84676 Mon Sep 17 00:00:00 2001
From: Oliver Gould <ver@buoyant.io>
Date: Mon, 31 Jan 2022 21:42:44 +0000
Subject: [PATCH] Ban uses of `Instant` operations that can panic

When comparing instances, we should use saturating varieties to help
ensure that we can't hit panics.

This change bans uses of `std::time::Instant::{duration_since, elapsed,
sub}` via clippy. Uses are ported to using
`Instant::saturating_duration_since`.

Related to linkerd/linkerd2#7748

Signed-off-by: Oliver Gould <ver@buoyant.io>
---
 .clippy.toml                           | 7 ++++++-
 linkerd/app/integration/src/lib.rs     | 2 +-
 linkerd/app/integration/src/metrics.rs | 2 +-
 linkerd/detect/src/lib.rs              | 2 +-
 linkerd/http-access-log/src/lib.rs     | 2 +-
 5 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/.clippy.toml b/.clippy.toml
index 9d20eb1dea..5124c4548f 100644
--- a/.clippy.toml
+++ b/.clippy.toml
@@ -5,4 +5,9 @@ disallowed-methods = [
     # see https://github.com/rust-lang/rust/issues/90308 for details.
     "std::env::set_var",
     "std::env::remove_var",
-]
\ No newline at end of file
+
+    # Avoid instances of https://github.com/rust-lang/rust/issues/86470
+    "std::time::Instant::duration_since",
+    "std::time::Instant::elapsed",
+    "std::time::Instant::sub",
+]
diff --git a/linkerd/app/integration/src/lib.rs b/linkerd/app/integration/src/lib.rs
index 8bb7972124..a16f255284 100644
--- a/linkerd/app/integration/src/lib.rs
+++ b/linkerd/app/integration/src/lib.rs
@@ -89,7 +89,7 @@ macro_rules! assert_eventually {
                     } else if i == $retries {
                         panic!(
                             "assertion failed after {} (retried {} times): {}",
-                            crate::HumanDuration(start_t.elapsed()),
+                            crate::HumanDuration(Instant::now().saturating_duration_since(start_t)),
                             i,
                             format_args!($($arg)+)
                         )
diff --git a/linkerd/app/integration/src/metrics.rs b/linkerd/app/integration/src/metrics.rs
index c8f9a952c9..c2bfe52a17 100644
--- a/linkerd/app/integration/src/metrics.rs
+++ b/linkerd/app/integration/src/metrics.rs
@@ -221,7 +221,7 @@ impl MetricMatch {
                         "{}\n  retried {} times ({:?})",
                         e,
                         MAX_RETRIES,
-                        start_t.elapsed()
+                        Instant::now().saturating_duration_since(start_t)
                     ),
                     Err(_) => {
                         tracing::trace!("waiting...");
diff --git a/linkerd/detect/src/lib.rs b/linkerd/detect/src/lib.rs
index bd125a9647..79991d13ec 100644
--- a/linkerd/detect/src/lib.rs
+++ b/linkerd/detect/src/lib.rs
@@ -147,7 +147,7 @@ where
             let mut buf = BytesMut::with_capacity(capacity);
             let detected = match time::timeout(timeout, detect.detect(&mut io, &mut buf)).await {
                 Ok(Ok(protocol)) => {
-                    debug!(?protocol, elapsed = ?t0.elapsed(), "DetectResult");
+                    debug!(?protocol, elapsed = ?time::Instant::now().saturating_duration_since(t0), "DetectResult");
                     Ok(protocol)
                 }
                 Err(_) => Err(DetectTimeoutError(timeout, std::marker::PhantomData)),
diff --git a/linkerd/http-access-log/src/lib.rs b/linkerd/http-access-log/src/lib.rs
index a01a5677bb..2706184165 100644
--- a/linkerd/http-access-log/src/lib.rs
+++ b/linkerd/http-access-log/src/lib.rs
@@ -174,7 +174,7 @@ where
 
         let response: http::Response<B2> = match this.inner.try_poll(cx) {
             Poll::Pending => {
-                data.processing += Instant::now().duration_since(poll_start);
+                data.processing += Instant::now().saturating_duration_since(poll_start);
                 return Poll::Pending;
             }
             Poll::Ready(Err(e)) => return Poll::Ready(Err(e)),