Return None for cardinality overflow

[jx2lee]

Which issue does this PR close?

Closes #22232
(cc @Dandandan )

Rationale for this change

Prevent Interval::cardinality() from overflowing on the full i64 range.

What changes are included in this PR?

• use checked_add(1) instead of + 1
• add a regression test for the full i64 range

Are these changes tested?

• cargo fmt --all --check
• cargo test -p datafusion-expr-common test_cardinality_full_i64_range_does_not_overflow --lib
• cargo clippy --all-targets --all-features -- -D warnings could not run locally because cmake is not installed

Are there any user-facing changes?

• No

[kumarUjjawal]

Thank you @jx2lee for working on this. Can you add the original test from the issue to make sure the change is working.

  query I
  SELECT * FROM (VALUES (1)) AS t(x)
  WHERE x BETWEEN -9223372036854775808 AND 9223372036854775807
  ----
  1

[kumarUjjawal]

Looks good!

[kosiew]

@jx2lee
Thanks for the fix here. I verified the core invariant around Interval::cardinality() and the new checked_add at the final inclusive + 1 layer correctly returns None instead of panicking or wrapping when the inclusive cardinality exceeds u64::MAX. This covers the full i64 range while preserving existing max-but-representable ranges.

I just had one small non-blocking suggestion.

[kosiew]

Nice catch on the overflow edge case. One additional regression test that could be helpful would be a sibling case for ScalarValue::UInt64(Some(0))..=ScalarValue::UInt64(Some(u64::MAX)) returning None.

The fix applies more generally to any integer or temporal range where distance == u64::MAX, so adding the unsigned boundary case would help document that broader invariant and guard against future regressions there as well.

[jx2lee]

@kosiew Thanks for reviewing ! I added testcase for u64