Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

V8 crashes when trying to parse a list #357

Closed
tornikeshavishvili opened this issue Feb 25, 2023 · 5 comments · Fixed by #367
Closed

V8 crashes when trying to parse a list #357

tornikeshavishvili opened this issue Feb 25, 2023 · 5 comments · Fixed by #367
Labels
blocks-release Blocks an imminent release. High Priorty.

Comments

@tornikeshavishvili
Copy link

Hello

V8 crashes when trying to use following grammar:

test 'test'
 = ss:'aa'|1..8,((_+'.'_+)/(_+','_+))|{
 return ss
}

_ "whitespace"
  = [ \t\n\r]* {
    return ''
  }

my node: v18.7.0
chrome: Version 110.0.5481.177 (Official Build) (64-bit)

I suspect that crash happens upon successful mach.

image

@Mingun
@Mingun
Copy link
Member

Mingun commented Feb 26, 2023

The reason in that _+ creates an infinity parse loop, because _ is always matched (because it could match empty input). You should change the _ definition:

 _ "whitespace"
-  = [ \t\n\r]* {
+  = [ \t\n\r] {
     return ''
   }

It seems an oversight from my side. We should run check(node.delimiter) somewhere here:

peggy/lib/compiler/passes/report-infinite-repetition.js

Lines 28 to 53 in 00855f6

repeated(node) {
if (asts.alwaysConsumesOnSuccess(ast, node.expression)
|| node.delimiter && asts.alwaysConsumesOnSuccess(ast, node.delimiter)
) {
return;
}
if (node.max.value === null) {
session.error(
"Possible infinite loop when parsing (unbounded range repetition used with an expression that may not consume any input)",
node.location
);
} else {
// If minimum is `null` it is equals to maximum (parsed from `|exact|` syntax)
const min = node.min ? node.min : node.max;
// Because the high boundary is defined, infinity repetition is not possible
// but the grammar will waste of CPU
session.warning(
min.type === "constant" && node.max.type === "constant"
? `An expression may not consume any input and may always match ${node.max.value} times`
: "An expression may not consume any input and may always match with a maximum repetition count",
node.location
);
}
},
});

@hildjj
Copy link
Contributor

hildjj commented Mar 1, 2023

Can we get this into a 3.0.1 release in the next day or two, or should I go ahead without it?

@hildjj hildjj mentioned this issue Mar 1, 2023
Closed
22 tasks
@tornikeshavishvili
Copy link
Author

tornikeshavishvili commented Mar 1, 2023
edited
Loading

I want to have a look as soon as possible on provided code, but . . . i have difficulties to understand what is written and why :(((

@hildjj hildjj added the blocks-release Blocks an imminent release. High Priorty. label Mar 2, 2023
@hildjj
Copy link
Contributor

hildjj commented Mar 2, 2023

@Mingun I'd like to get this fixed before the release, if you have the time.

@hildjj hildjj mentioned this issue Mar 4, 2023
Closed
@hildjj
Copy link
Contributor

hildjj commented Mar 4, 2023

I've got it. When I tried it the first time, I put the check in the wrong place. Adding tests now.

@hildjj hildjj mentioned this issue Mar 4, 2023
Merged
@hildjj hildjj closed this as completed in 3b6f0d9 Mar 5, 2023
hildjj added a commit to hildjj/peggy that referenced this issue Mar 5, 2023
@hildjj
Merge branch 'main' into stable
d049e34 
* main: (21 commits)
  Update CHANGELOG.md
  Update version number & rebuild
  Update dependencies
  Update test/unit/compiler/passes/report-infinite-repetition.spec.js
  Fixes peggyjs#357.  Do not allow infinite recursion in repetition delimiter.
  Update changelog
  Allow extra semicolons between rules.
  Fix an error in the code generator for "repeated" node
  Update changelog
  Fixes peggyjs#329
  Update changelog
  Fixes peggyjs#359.  Clarifies documentation about reserved words.
  Fix more HTML indentation.
  Test that the generated parser also works without errors
  Remove use of expect.to.not.throw()
  Add Rene Saarsoo to AUTHORS
  Typo in test description
  Add test to ensure special non-reserved keywords are allowed
  Comment out unnecessary reserved words
  Fixes peggyjs#347.  Makes $ invalid as an identifier start character.
  ...
@zp-zpanda zp-zpanda mentioned this issue May 9, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocks-release Blocks an imminent release. High Priorty.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Do not allow infinite recursion in repetition delimiter. hildjj/peggy
3 participants
@hildjj @Mingun @tornikeshavishvili