oss-fuzz: timout in parser #675

CAD97 · 2022-07-29T18:48:14Z

Describe the bug

Fuzzing found a timeout. Detailed report: https://oss-fuzz.com/testcase?key=6048143472459776

Upstream tracker: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49513

To Reproduce

https://google.github.io/oss-fuzz/advanced-topics/reproducing/

Expected behavior

Completing within the timeout window (60s).

Additional context

crash revision: e30f63e

🙃 I'm getting cc'd at my primary email and can access the oss-fuzz.com details but not the bugs.chromium.org tracker. (google/oss-fuzz#8096)

The text was updated successfully, but these errors were encountered:

tomtau · 2022-08-02T10:20:25Z

not sure if this is the same issue as #402
There was also this issue: #383 but that may be a different one.

The minimised sample:


/*//j/*/*;'//*//*/*/*;'/*//*/*;**//*//*/*/*;'/*//*//*/*/*;+/*//*/*;*B/*//*/*/*/*;'/*//*/*;**//*//*/*/*;'/*//*//*/*/*;+/*//*/*;*B/*//*//*/*;**N//*//*/*/*;'/*//*//*/

*//*/*;**N//*//*/*/*;'/*//*//*/

*/*;+/*//**/*/*;'/*//*//*;*/*///*/*;

a part of the stack trace:

...


#8 0x55f9c95148fc in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::h8e5b33ba8dc22a22 pest/meta/src/grammar.rs:2:28408
--
  | #9 0x55f9c95148fc in pest::parser_state::ParserState$LT$R$GT$::lookahead::hebf6e2792f2a3cb2 pest/pest/src/parser_state.rs:749:22
  | #10 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::h92476d24fb517d7c pest/meta/src/grammar.rs:2:28369
  | #11 0x55f9c9628b47 in pest::parser_state::ParserState$LT$R$GT$::sequence::h48ef28785bd1f818 pest/pest/src/parser_state.rs:369:22
  | #12 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::he2c62ff4eb2668eb pest/meta/src/grammar.rs:2:28339
  | #13 0x55f9c9628b47 in core::result::Result$LT$T$C$E$GT$::or_else::hbd4ee8631a517039 /rustc/2643b16468fda787470340890212591d8bc832b7/library/core/src/result.rs:1435:23
  | #14 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::h3e9f01b1f416e418 pest/meta/src/grammar.rs:2:28286
  | #15 0x55f9c9628b47 in core::result::Result$LT$T$C$E$GT$::and_then::hafbe6ccb0c0a8bc3 /rustc/2643b16468fda787470340890212591d8bc832b7/library/core/src/result.rs:1361:22
  | #16 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::h2092a572b5504f1c pest/meta/src/grammar.rs:2:28230
  | #17 0x55f9c9624433 in pest::parser_state::ParserState$LT$R$GT$::sequence::hae3c3606764ec7f3 pest/pest/src/parser_state.rs:369:22
  | #18 0x55f9c9624433 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::h39cfaf3b11591e9b pest/meta/src/grammar.rs:2:28200
  | #19 0x55f9c9624433 in pest::parser_state::ParserState$LT$R$GT$::repeat::h4c6bbed057993655 pest/pest/src/parser_state.rs:415:26
  | #20 0x55f9c9624433 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$GT$::parse::rules::visible::block_comment::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::_$u7b$u7b$closure$u7d$u7d$::h27acc5663c220076 pest/meta/src/grammar.rs:2:28172

#8 0x55f9c95148fc in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h8e5b33ba8dc22a22 [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28408
	    #9 0x55f9c95148fc in pest::parser_state::ParserState$LT$R$GT$::lookahead::hebf6e2792f2a3cb2 [pest/pest/src/parser_state.rs:749](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/pest/src/parser_state.rs#L749):22
	    #10 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h92476d24fb517d7c [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28369
	    #11 0x55f9c9628b47 in pest::parser_state::ParserState$LT$R$GT$::sequence::h48ef28785bd1f818 [pest/pest/src/parser_state.rs:369](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/pest/src/parser_state.rs#L369):22
	    #12 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::he2c62ff4eb2668eb [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28339
	    #13 0x55f9c9628b47 in core::result::Result$LT$T$C$E$GT$::or_else::hbd4ee8631a517039 /rustc/2643b16468fda787470340890212591d8bc832b7/library/core/src/result.rs:1435:23
	    #14 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h3e9f01b1f416e418 [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28286
	    #15 0x55f9c9628b47 in core::result::Result$LT$T$C$E$GT$::and_then::hafbe6ccb0c0a8bc3 /rustc/2643b16468fda787470340890212591d8bc832b7/library/core/src/result.rs:1361:22
	    #16 0x55f9c9628b47 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h2092a572b5504f1c [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28230
	    #17 0x55f9c9624433 in pest::parser_state::ParserState$LT$R$GT$::sequence::hae3c3606764ec7f3 [pest/pest/src/parser_state.rs:369](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/pest/src/parser_state.rs#L369):22
	    #18 0x55f9c9624433 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h39cfaf3b11591e9b [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28200
	    #19 0x55f9c9624433 in pest::parser_state::ParserState$LT$R$GT$::repeat::h4c6bbed057993655 [pest/pest/src/parser_state.rs:415](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/pest/src/parser_state.rs#L415):26
	    #20 0x55f9c9624433 in _$LT$pest_meta..parser..grammar..PestParser$u20$as$u20$pest..parser..Parser$LT$pest_meta..parser..grammar..Rule$GT$$GT$::parse::rules::visible::block_comment::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h27acc5663c220076 [pest/meta/src/grammar.rs:2](https://github.com/pest-parser/pest/blob/e30f63e9a5b0967a2d5a2f6ef7b7d8edfc526d3f/meta/src/grammar.rs#L2):28172
...

tomtau · 2022-08-05T16:20:40Z

@CAD97 reproduced it on 2.1.x, but that sample terminates fine on 2.0.x

closes pest-parser#674, closes pest-parser#675

closes #674, closes #675

CAD97 added the bug label Jul 29, 2022

tomtau added help-wanted runtime-performance needs-reproduction labels Aug 2, 2022

tomtau removed the needs-reproduction label Aug 5, 2022

tomtau pushed a commit to tomtau/pest that referenced this issue Aug 9, 2022

fix: added a call limit setting to prevent crashes or timeouts

461df3a

closes pest-parser#674, closes pest-parser#675

tomtau mentioned this issue Aug 9, 2022

fix: added a call limit setting to prevent crashes or timeouts #684

Merged

tomtau pushed a commit to tomtau/pest that referenced this issue Aug 9, 2022

fix: added a call limit setting to prevent crashes or timeouts

70178ff

closes pest-parser#674, closes pest-parser#675

tomtau closed this as completed in #684 Aug 10, 2022

tomtau added a commit that referenced this issue Aug 10, 2022

fix: added a call limit setting to prevent crashes or timeouts (#684)

9c42f12

closes #674, closes #675

tomtau mentioned this issue Aug 10, 2022

Performance issues/timeouts on some grammars #685

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

oss-fuzz: timout in parser #675

oss-fuzz: timout in parser #675

CAD97 commented Jul 29, 2022 •

edited

Loading

tomtau commented Aug 2, 2022

tomtau commented Aug 5, 2022

oss-fuzz: timout in parser #675

oss-fuzz: timout in parser #675

Comments

CAD97 commented Jul 29, 2022 • edited Loading

tomtau commented Aug 2, 2022

tomtau commented Aug 5, 2022

CAD97 commented Jul 29, 2022 •

edited

Loading