library: sub_timespec use arithmetic to avoid overflow

Signed-off-by: Eval EXEC <[email protected]>

Author: eval-exec

library/std/src/sys/pal/unix/time.rs

@@ -139,10 +139,13 @@ impl Timespec {
     #[rustc_const_unstable(feature = "const_system_time", issue = "144517")]
     pub const fn sub_timespec(&self, other: &Timespec) -> Result<Duration, Duration> {
         // FIXME: const PartialOrd
-        let mut cmp = self.tv_sec - other.tv_sec;
-        if cmp == 0 {
-            cmp = self.tv_nsec.as_inner() as i64 - other.tv_nsec.as_inner() as i64;
-        }
+        // Use saturating arithmetic to avoid overflow when comparing extreme values
+        let mut cmp = self.tv_sec.saturating_sub(other.tv_sec);
+        cmp = if cmp == 0 {
+            self.tv_nsec.as_inner() as i64 - other.tv_nsec.as_inner() as i64
+        } else {
+            cmp
+        };
 
         if cmp >= 0 {
             // NOTE(eddyb) two aspects of this `if`-`else` are required for LLVM