Skip to content

fix generate_series table function overflows#22250

Open
xiedeyantu wants to merge 2 commits into
apache:mainfrom
xiedeyantu:generate_series
Open

fix generate_series table function overflows#22250
xiedeyantu wants to merge 2 commits into
apache:mainfrom
xiedeyantu:generate_series

Conversation

@xiedeyantu
Copy link
Copy Markdown
Member

@xiedeyantu xiedeyantu commented May 16, 2026

Which issue does this PR close?

Closes #22208.

Rationale for this change

The table-valued generate_series(start, stop, step) function uses an integer iterator that called current += step without overflow checking. When the series approaches i64::MAX and the step would advance past it, Rust's debug build panics and release build silently wraps, producing incorrect results or a crash visible to end users.

What changes are included in this PR?

  • In generate_series.rs, replaced the unchecked *self += step in the SeriesValue for i64 advance method with checked_add, returning a DataFusionError::Execution on overflow instead of panicking.
  • Added a regression test in table_functions.slt that verifies SELECT * FROM generate_series(9223372036854775806, 9223372036854775807, 2) returns an execution error rather than panicking.

Are these changes tested?

Yes. A statement error case is added to table_functions.slt covering the exact query from the bug report. The timestamp-based advance implementation already used Option-returning arithmetic and was not affected.

Are there any user-facing changes?

Previously this query would cause a panic (or silent wrap in release mode); it now returns a clean DataFusion error: Execution error: generate_series: integer overflow while advancing series.

@github-actions github-actions Bot added sqllogictest SQL Logic Tests (.slt) functions Changes to functions implementation labels May 16, 2026
@Dandandan Dandandan enabled auto-merge May 16, 2026 15:36
@Dandandan Dandandan disabled auto-merge May 16, 2026 15:41
Dandandan
Dandandan reviewed May 16, 2026
View reviewed changes
Comment thread datafusion/functions-table/src/generate_series.rs Outdated

fn advance(&mut self, step: &Self::StepType) -> Result<()> {
*self += step;
*self = self.checked_add(*step).ok_or_else(|| {
Copy link
Copy Markdown
Contributor

@Dandandan Dandandan May 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interestingly, this is what PostgreSQL returns:

Output:

119 ms
   generate_series   
---------------------
 9223372036854775806
(1 row)

And DuckDB does the same.

┌─────────────────────┐
│   generate_series   │
│        int64        │
├─────────────────────┤
│ 9223372036854775806 │
│ (9.22 quintillion)  │
└─────────────────────┘

I think it makes sense to implement the same behavior (i.e. find max value during instantiation).

Copy link
Copy Markdown
Member Author

@xiedeyantu xiedeyantu May 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed! I'll align DataFusion's behavior with these database behaviors.

Dandandan
Dandandan requested changes May 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@Dandandan Dandandan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we make it compatible with PostgreSQL / DuckDB?

@xiedeyantu
Copy link
Copy Markdown
Member Author

xiedeyantu commented May 16, 2026

Can we make it compatible with PostgreSQL / DuckDB?

Yes, please wait a moment.

@xiedeyantu
Copy link
Copy Markdown
Member Author

xiedeyantu commented May 16, 2026

@Dandandan Please review again. Thanks!

Dandandan
Dandandan reviewed May 16, 2026
View reviewed changes
Comment thread datafusion/functions-table/src/generate_series.rs Outdated
include_end: bool,
name: &'static str,
/// Set to true when advancing would overflow, so the next call returns None.
finished: bool,
Copy link
Copy Markdown
Contributor

@Dandandan Dandandan May 16, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think instead of adding finished we can just update end and also remove the checked_add (use += again since we don't overflow)

Copy link
Copy Markdown
Member Author

@xiedeyantu xiedeyantu May 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I modified the implementation.

@xiedeyantu
fix generate_series table function overflows
c9f3285 
Co-authored-by: Copilot <copilot@github.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 17, 2026
edited
Loading

Thank you for opening this pull request!

Reviewer note: cargo-semver-checks reported the current version number is not SemVer-compatible with the changes in this pull request (compared against the base branch).

Details 
     Cloning apache/main
    Building datafusion-functions-table v53.1.0 (current)
       Built [  45.814s] (current)
     Parsing datafusion-functions-table v53.1.0 (current)
      Parsed [   0.011s] (current)
    Building datafusion-functions-table v53.1.0 (baseline)
       Built [  41.151s] (baseline)
     Parsing datafusion-functions-table v53.1.0 (baseline)
      Parsed [   0.011s] (baseline)
    Checking datafusion-functions-table v53.1.0 -> v53.1.0 (no change; assume patch)
     Checked [   0.095s] 222 checks: 221 pass, 1 fail, 0 warn, 30 skip

--- failure trait_method_parameter_count_changed: pub trait method parameter count changed ---

Description:
A trait method now takes a different number of parameters.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#trait-item-signature
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.47.0/src/lints/trait_method_parameter_count_changed.ron

Failed in:
  SeriesValue::advance now takes 2 instead of 1 parameters, in file /home/runner/work/datafusion/datafusion/datafusion/functions-table/src/generate_series.rs:80

     Summary semver requires new major version: 1 major and 0 minor checks failed
    Finished [  88.577s] datafusion-functions-table
    Building datafusion-sqllogictest v53.1.0 (current)
       Built [ 158.566s] (current)
     Parsing datafusion-sqllogictest v53.1.0 (current)
      Parsed [   0.021s] (current)
    Building datafusion-sqllogictest v53.1.0 (baseline)
       Built [ 158.390s] (baseline)
     Parsing datafusion-sqllogictest v53.1.0 (baseline)
      Parsed [   0.022s] (baseline)
    Checking datafusion-sqllogictest v53.1.0 -> v53.1.0 (no change; assume patch)
     Checked [   0.100s] 222 checks: 222 pass, 30 skip
     Summary no semver update required
    Finished [ 320.372s] datafusion-sqllogictest

@github-actions github-actions Bot added the auto detected api change Auto detected API change label May 17, 2026
@xiedeyantu
fmt
d27cd10 
Co-authored-by: Copilot <copilot@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Dandandan Dandandan Dandandan requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

auto detected api change Auto detected API change functions Changes to functions implementation sqllogictest SQL Logic Tests (.slt)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

panic: generate_series table function overflows when integer step passes i64::MAX

2 participants

@xiedeyantu @Dandandan