Infinite loop during taint analysis

vimeo / psalm

A static analysis tool for finding errors in PHP applications

https://psalm.dev

MIT License

5.55k stars 661 forks source link

Infinite loop during taint analysis #8184

Open mmcev106 opened 2 years ago

mmcev106 commented 2 years ago

I've been able to strip the example required to exercise the problem down to about 20 very basic lines in this ZIP file. To reproduce...

Unzip the linked file
Run composer install
Run vendor/bin/psalm --taint-analysis --debug
Notice that checking B.php is displayed repeatedly
Kill the process before you run out of memory.

psalm-github-bot[bot] commented 2 years ago

Hey @mmcev106, can you reproduce the issue on https://psalm.dev ?

mmcev106 commented 2 years ago

I cannot reproduce this on https://psalm.dev, or from a single file on my local. Don't hesitate to ask if there are any other troubleshooting steps you'd recommend. I started digging through the psalm code to try to track it down, but would likely need some direction to make further process with the time I have available.

orklah commented 2 years ago

Just for curiosity, is this a legit construct in your code or is this something weird that happen to make Psalm crash?

It seems weird to have a parent class that requires a child

mmcev106 commented 2 years ago

I did distill this example down from actual code where two classes require each other. If there's anything I can do to help psalm function or gracefully fail in this case, please let me know. Can anyone point me to the place where psalm normally prevents scanning the same file multiple times if it is required from multiple locations?

mmcev106 commented 2 years ago

I don't control the code in question, but I did just realize a way to refactor it that would likely prevent this. I'll submit a PR to the author. I would still be willing to help prevent the infinite loop if anyone has any ideas.