Skip to content

fix: reject non-finite floating-point default values#810

Open
huan233usc wants to merge 1 commit into
apache:mainfrom
huan233usc:fix/reject-nan-inf-default
Open

fix: reject non-finite floating-point default values#810
huan233usc wants to merge 1 commit into
apache:mainfrom
huan233usc:fix/reject-nan-inf-default

Conversation

@huan233usc

@huan233usc huan233usc commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

What

A float / double column default of NaN or ±Infinity passes SchemaField::Validate but cannot survive a metadata round-trip: the JSON serializer emits a non-finite number as null, which reads back as an absent default. The declared default is silently lost (and, because the key is present but null, the reader then errors on it).

How

ValidateDefault now rejects a non-finite floating default with a clear "value must be finite" error, so an unrepresentable default is caught up front rather than silently dropped on serialization.

The check uses std::isfinite, which is false for both NaN and ±Infinity — so a single condition covers all three cases (there is no separate IsNaN branch because isfinite already rejects NaN).

Testing

SchemaFieldTest.ValidateRejectsNonFiniteFloatingDefault explicitly covers NaN, +Inf and -Inf, and ValidateAcceptsFiniteFloatingDefault covers a normal value; verified fail-without / pass-with. Full schema_test passes (551 tests).

@evindj evindj left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me. For my own understanding how is the caller supposed to handle this error?

// it as `null`, which reads back as an absent default. Reject it so the default is not
// silently lost when the metadata round-trips.
const auto& literal_value = value.value();
const bool non_finite = (std::holds_alternative<float>(literal_value) &&

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You mentioned NaN in the PR description but doesn't seem to handle that, is that intentional?

@huan233usc huan233usc Jul 5, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is handled by following std::isfinite returns false for both NaN and infinity, so a NaN default hits the same non_finite branch and is rejected. The test ValidateRejectsNonFiniteFloatingDefault covers NaN, +Inf and -Inf explicitly.

@zhjwpku

zhjwpku commented Jul 5, 2026

Copy link
Copy Markdown
Collaborator

I think java impl has the same issue, created a PR to strict the validation apache/iceberg#17106

@huan233usc

Copy link
Copy Markdown
Contributor Author

@evindj thanks for the review! Validate() returns a Status, so the error propagates up through the schema / UpdateSchema construction path the same way other invalid-schema errors do — the caller gets a failed Result and never builds a schema carrying a default that could not be round-tripped through metadata.

@huan233usc huan233usc requested a review from zhjwpku July 5, 2026 16:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants