Fix OOM in SQL Parser ErrorHandler due to infinite loop in ATN traversal (#17023)

* Fix OOM in SQL Parser ErrorHandler due to infinite loop in ATN traversal

- Fix infinite recursion in  by tracking visited states during ATN traversal.
- Add  to verify the fix and prevent regression.
- This resolves the OOM issue caused by invalid SQL queries like .

Author: JackieTien97

.gitignore

@@ -124,3 +124,6 @@ iotdb-core/tsfile/src/main/antlr4/org/apache/tsfile/parser/gen/
 .mvn/.gradle-enterprise/
 .mvn/.develocity/
 .run/
+
+# Relational Grammar ANTLR
+iotdb-core/relational-grammar/src/main/antlr4/org/apache/iotdb/db/relational/grammar/sql/.antlr/

iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/parser/ErrorHandler.java

@@ -84,7 +84,8 @@ public void syntaxError(
 
       Result result = analyze(e, parser);
 
-      // pick the candidate tokens associated largest token index processed (i.e., the path that
+      // pick the candidate tokens associated largest token index processed (i.e., the
+      // path that
       // consumed the most input)
       String expected = result.getExpected().stream().sorted().collect(Collectors.joining(", "));
 
@@ -209,10 +210,13 @@ public Result process(ATNState currentState, int tokenIndex, RuleContext context
       RuleStartState startState = atn.ruleToStartState[currentState.ruleIndex];
 
       if (isReachable(currentState, startState)) {
-        // We've been dropped inside a rule in a state that's reachable via epsilon transitions.
+        // We've been dropped inside a rule in a state that's reachable via epsilon
+        // transitions.
         // This is,
-        // effectively, equivalent to starting at the beginning (or immediately outside) the rule.
-        // In that case, backtrack to the beginning to be able to take advantage of logic that
+        // effectively, equivalent to starting at the beginning (or immediately outside)
+        // the rule.
+        // In that case, backtrack to the beginning to be able to take advantage of
+        // logic that
         // remaps
         // some rules to well-known names for reporting purposes
         currentState = startState;
@@ -238,6 +242,8 @@ public Result process(ATNState currentState, int tokenIndex, RuleContext context
     private boolean isReachable(ATNState target, RuleStartState from) {
       Deque<ATNState> activeStates = new ArrayDeque<>();
       activeStates.add(from);
+      Set<Integer> visited = new HashSet<>();
+      visited.add(from.stateNumber);
 
       while (!activeStates.isEmpty()) {
         ATNState current = activeStates.pop();
@@ -250,7 +256,10 @@ private boolean isReachable(ATNState target, RuleStartState from) {
           Transition transition = current.transition(i);
 
           if (transition.isEpsilon()) {
-            activeStates.push(transition.target);
+            if (!visited.contains(transition.target.stateNumber)) {
+              activeStates.push(transition.target);
+              visited.add(transition.target.stateNumber);
+            }
           }
         }
       }
@@ -336,13 +345,17 @@ private Set<Integer> process(ParsingState start, int precedence) {
                   labels.complement(IntervalSet.of(Token.MIN_USER_TOKEN_TYPE, atn.maxTokenType));
             }
 
-            // Surprisingly, TokenStream (i.e. BufferedTokenStream) may not have loaded all the
+            // Surprisingly, TokenStream (i.e. BufferedTokenStream) may not have loaded all
+            // the
             // tokens from the
-            // underlying stream. TokenStream.get() does not force tokens to be buffered -- it just
+            // underlying stream. TokenStream.get() does not force tokens to be buffered --
+            // it just
             // returns what's
-            // in the current buffer, or fail with an IndexOutOfBoundsError. Since Antlr decided the
+            // in the current buffer, or fail with an IndexOutOfBoundsError. Since Antlr
+            // decided the
             // error occurred
-            // within the current set of buffered tokens, stop when we reach the end of the buffer.
+            // within the current set of buffered tokens, stop when we reach the end of the
+            // buffer.
             if (labels.contains(currentToken) && tokenIndex < stream.size() - 1) {
               activeStates.push(new ParsingState(transition.target, tokenIndex + 1, false, parser));
             } else {

iotdb-core/datanode/src/test/java/org/apache/iotdb/db/queryengine/plan/relational/sql/ast/SqlParserErrorHandlerTest.java

@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.iotdb.db.queryengine.plan.relational.sql.ast;
+
+import org.apache.iotdb.db.queryengine.plan.relational.sql.parser.ParsingException;
+import org.apache.iotdb.db.queryengine.plan.relational.sql.parser.SqlParser;
+
+import org.junit.Test;
+
+import java.time.ZoneId;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+public class SqlParserErrorHandlerTest {
+
+  @Test
+  public void testParseLimitOffsetError() {
+    String sql = "select * from information_schema.queries offset 48 limit1";
+    SqlParser sqlParser = new SqlParser();
+    ExecutorService executor = Executors.newSingleThreadExecutor();
+    Future<?> future =
+        executor.submit(
+            () -> {
+              try {
+                sqlParser.createStatement(sql, ZoneId.systemDefault(), null);
+                fail("Expected ParsingException to be thrown");
+              } catch (ParsingException e) {
+                assertTrue(e.getMessage().contains("mismatched input 'limit1'"));
+              }
+            });
+
+    try {
+      // The parsing should fail quickly. If it hangs (OOM), this timeout will
+      // trigger.
+      future.get(5, TimeUnit.SECONDS);
+    } catch (InterruptedException e) {
+      fail("Interrupted");
+    } catch (ExecutionException e) {
+      // If parsing exception propagates here (which it shouldn't as it's caught in
+      // the task), handle it
+      if (e.getCause() instanceof ParsingException) {
+        assertTrue(e.getCause().getMessage().contains("mismatched input 'limit1'"));
+      } else {
+        fail("Unexpected exception: " + e.getCause());
+      }
+    } catch (TimeoutException e) {
+      fail("Parsing timed out - potential endless loop/OOM detected");
+    } finally {
+      executor.shutdownNow();
+    }
+  }
+}