search

mherkender / lua.js

An ECMAscript framework to compile and run Lua code, allowing Lua to run in a browser or in Flash
http://blog.brokenfunction.com/
600 stars 73 forks source link

while loop + break compilation bug #39

Open elisee opened 10 years ago

elisee commented 10 years ago

I encountered this bug while compiling to JS real-life Lua. This minimal code triggers it:

function a() end
while true do
    break
end

This gets compiled to:

G.str['a'] = (function () {
  var tmp;

  return [];
})
while (true) (function() {
  return;
})();

Notice the immediately-invoked function expression (IIFE) inside the while loop in the generated JS code. The Lua break statement is compiled into a return call but all it does is leave the function body, not the loop. So the loop, which should exit immediately, runs forever (and locks up the browser).

The Lua function declaration function a() end at the top is required to trigger the insertion of the IIFE and thus the bug.

elisee commented 10 years ago

Looks like the bug comes from here: https://github.com/mherkender/lua.js/blob/master/src/lua.jison#L298

I'm not familiar with Jison so I'd rather not try and fix it myself as I'm likely to botch something else accidentally.

The while statement should probably be generated inside the generated IIFE. There are questions about how that might interact with the condition scoping though? Not sure.