We in fact tested multiple languages. I can even point you to various works done at the ANSSI like <a href="https:&#x2F;&#x2F;github.com&#x2F;ANSSI-FR&#x2F;bootcode_parser" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ANSSI-FR&#x2F;bootcode_parser</a> (python) or <a href="https:&#x2F;&#x2F;github.com&#x2F;ANSSI-FR&#x2F;caradoc" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ANSSI-FR&#x2F;caradoc</a> (OCaml). I tried Haskell for VLC and it was not really suited for it (GC pauses in a synchronized media pipepline, and not meant to be called from C). But this was not a paper about comparing parser implementations.Type-safety and lack of garbage collection are essential properties, could you tell me why you don&#x27;t think that&#x27;s the case?Giving the reason for our language choice felt useful. Otherwise, it would have really looked like Rust developers steamrolling into projects :)

This should be titled more honestly: perhaps something like &quot;Case studies in rapidly replacing dangerous C parser code with Rust using nom&quot;.The examples are interesting and well presented. But the first sections trying to put a veneer of respectability on rust-all-the-things were a bit rough and got my cynic sense tingling.Yes, you believe Rust will produce better results: don&#x27;t try to justify that with facts you don&#x27;t have (&quot;Several languages were tested ..&quot; bullshit, unless you show some data. Likewise the assertions about type-safety and no-GC being essential properties). The data you do have (implementations produced and integrated and tested in a paper-like time frame) are valuable, unfortunately they&#x27;re cheapened&#x2F;buried under this false veneer.

&gt; trying to get helpful error messagesMenhir is a parser generator that tries to do that: <a href="http:&#x2F;&#x2F;gallium.inria.fr&#x2F;~fpottier&#x2F;slides&#x2F;fpottier-2015-11-oups.pdf" rel="nofollow">http:&#x2F;&#x2F;gallium.inria.fr&#x2F;~fpottier&#x2F;slides&#x2F;fpottier-2015-11-ou...</a>
(Don&#x27;t get scared by the first slide; the title is in French, the rest is in English.)&gt; formally verifiedMenhir has been used for a formally verified parser for C: <a href="http:&#x2F;&#x2F;gallium.inria.fr&#x2F;~xleroy&#x2F;publi&#x2F;validated-parser.pdf" rel="nofollow">http:&#x2F;&#x2F;gallium.inria.fr&#x2F;~xleroy&#x2F;publi&#x2F;validated-parser.pdf</a>The result is in CompCert: <a href="https:&#x2F;&#x2F;github.com&#x2F;AbsInt&#x2F;CompCert&#x2F;tree&#x2F;master&#x2F;cparser" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;AbsInt&#x2F;CompCert&#x2F;tree&#x2F;master&#x2F;cparser</a>

<a href="http:&#x2F;&#x2F;github.com&#x2F;meric&#x2F;leftry" rel="nofollow">http:&#x2F;&#x2F;github.com&#x2F;meric&#x2F;leftry</a>It generates recursive descent parsers, it even allows left-recursive grammars - it will rewrite the grammar on its own and wrangle it back into left-recursive form for your convenience, no need to shuffle a right-recursive AST back into left-recursive form by yourself.It&#x27;s a side project so it could use a lot of improvement, especially in the debugging messages side.But it does prove left-recursive descent grammars can be generated automatically without getting into infinite loop and without hassle of manually reversing right-recursive AST&#x27;s.

&gt; Is it possible to have &quot;parser generators&quot; (not necessarily in the formal sense of the term) that produce recursive descent parsers?Isn&#x27;t that basically what PEG parser generators are?

For my parsing pet project(s), the following structure seems to serve me best:- Recursive descent parser for statements- &quot;Canned&quot; configurable expression parser for expressions: <a href="https:&#x2F;&#x2F;github.com&#x2F;stefanhaustein&#x2F;expressionparser" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;stefanhaustein&#x2F;expressionparser</a>- Both use a simple regex based generic tokenizer- In more complex cases, parse the expressions to an unresolved syntax tree first (constructed from the bottom), then resolve the tree in a secondary top-down step (potentially to a linear representation).

Are you just talking about making parser generators for LL(k) grammars?It&#x27;s fairly straightforward to make one. One exercise in Wirth&#x27;s short book Compiler Construction is to make an LL(1) parser generator. You even make it check for ambiguities. (I&#x27;ve even found it useful on a couple occasions.)

Is it possible to have &quot;parser generators&quot; (not necessarily in the formal sense of the term) that produce recursive descent parsers? Even if mathematically they can&#x27;t be perfect, could we have &quot;good enough&quot; ones? Nobody uses parser generators because even though P.G.s &quot;work&quot; on the barest level of ingesting source code and spitting an AST, they don&#x27;t do anything beyond that. For example, trying to get helpful error messages (think: from old GCC to Clang) from a P.G.s output is close So instead everyone writes custom parsers, and that introduces these problems.Can&#x27;t we have smarter parser generators that do make debugging nice, but are still formally verified?

As long as you&#x27;re writing parsers, it is forever 1969. Knuth invented all you need to know just recently. Off you go and parse!

Nice overview of the pitfalls of C-parsers, their hardening, a presentation of Rust advantages, parser combinators, the nom crate, its usage, the application to VLC and an intrusion detector, the integration with those complex existing C codebase, fuzzing and a few ideas to improve rust for more security.And I am happy to see the ANSSI here :)

No mentions to instaparse?
<a href="https:&#x2F;&#x2F;github.com&#x2F;Engelberg&#x2F;instaparse" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;Engelberg&#x2F;instaparse</a>&quot;Parse IS be something easy as regexp&quot;

&gt; In my experience avoiding unlimited recursion&#x2F;stackoverflows is one of the most annoying parts of writing a parserThis, x10.My take is that this is perhaps the main reason why everyone tends to rely on hand-written parsers instead of simply using code churned out by a parser generator. Parser generators are developed with a single use case in mind: pick up a grammar definition, perhaps with pre and post-conditions, and proceed to map it to some programming language. Yet, this fails very basic requirements for real world parser applications.

In my experience avoiding unlimited recursion&#x2F;stackoverflows is one of the most annoying parts of writing a parser, so I find it surprising that the paper doesn&#x27;t even mention that topic.

Monadic parser combinators are context-sensitive, because you can arbitrarily branch your parser based on previously parsed content.

Are there any Context-sensitive algorithms&#x2F;parsers&#x2F;generators?The list at <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Context-sensitive_grammar" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Context-sensitive_grammar</a> only contains two links, where one of them, &quot;LuZc&quot; seems completely dead with &quot;lorem ipsum&quot; under Downloads, and the other &quot;bnf2xml&quot; seems to be misplaced since BNF is not context-sensitive.

I thought most real world compilers tend to be hand written rather than using a generator? By no means an expert but that&#x27;s something I&#x27;ve heard and know to be true for many real world compilers.

&gt; For more complex formats, where you have to carry state around, or binary formats, they&#x27;re extremely cumbersome to use.That&#x27;s not a theoretical issue, but more a practical issue.&gt; you&#x27;ll have to hack around the generator&#x27;s limitationsYou&#x27;re probably thinking of LALR(1) class generators. But we have GLR parser generators for a long time now, and they are very flexible and have little limitations. See e.g. [1].[1] <a href="http:&#x2F;&#x2F;scottmcpeak.com&#x2F;elkhound&#x2F;" rel="nofollow">http:&#x2F;&#x2F;scottmcpeak.com&#x2F;elkhound&#x2F;</a>

(one of the authors here): parser generators are generally good for one thing: parsing programming languages. For more complex formats, where you have to carry state around, or binary formats, they&#x27;re extremely cumbersome to use. I often meet people that tell me they want the parser generator to end all parsers. But for most real world formats, you&#x27;ll have to hack around the generator&#x27;s limitations.
Theoretically, parser combinators are less expressive, but they&#x27;re just functions: you can write whatever you want inside a subparser, and integrate it with the rest. That approach works well, since we wrote a lot of complex parsers with nom.

The nicest thing about parser generators, IMO, is that they can warn you if your grammar is ambiguous.

It may be true that parser generators are superior from a technical point of view (I can&#x27;t comment), but parser combinators sure can be nice to use. I very recently used nom to implement a parser for a structured text format, it feels wonderfully expressive and you can knock together a reasonably sophisticated parser in a matter of hours. Performance-wise, it is zero-copy and chomps through a 100MB file in less than half a second on my crappy laptop, so plenty fast enough for most situations.

&gt; So I&#x27;m not sure what the point is of the title of the article.The rest of the paper elaborates on the title.

And if you really care about error recovery, error messages, incremental processing, and tooling integration, writing a parser by hand via recursive descent is always a sure bet. There are good reasons why many production PLs don&#x27;t even use generators.

That&#x27;s more a proof that the grammar of C++ is absolutely terrible. More modern languages such as rust have been carefully designed to be parsable by non-necronomicon-level code.

Parser combinators let you put a breakpoint on a rule and get a call trace. (Same with plain old recursive descent or anything just involving function calls.)That alone pretty much wipes out any remaining advantages of parser generators, in which the &quot;cow&quot; of your rules has been turned into a &quot;hamburger&quot; state machine that is very difficult to follow, usually having very poor debug support compared to the maturity of the rest of the tooling. (&quot;How come if I add a variant to ths rule, I get a reduce&#x2F;reduce conflict in these five other rules elsewhere? Waaaah ...&quot;)Lest there be any doubt: GCC uses a hand-written recursive descent parser for C++. (Meg and a half of code and increasing.)That&#x27;s virtually a proof that just parsing with functional decomposition is good enough for anything.Another thing is that with functional parsing, you can use the exception handling (or other non-local, dynamic control transfers) of the programming language for recovery and speculative parsing. This parse didn&#x27;t work? Chuck the whole damn branch of the parse with a dynamic return, and try going down another rabbit hole.

Are they? I thought parser combinators made parsing context sensitive grammars easier than when using parser generators.

I think it&#x27;s more a response to the wave of attacks against unsafe parsers, such as those used to read subtitles in media players.

On top of that, we even have some that are formally verified or validating that could be tied into Rust.<a href="https:&#x2F;&#x2F;arxiv.org&#x2F;pdf&#x2F;1105.2576.pdf" rel="nofollow">https:&#x2F;&#x2F;arxiv.org&#x2F;pdf&#x2F;1105.2576.pdf</a><a href="http:&#x2F;&#x2F;gallium.inria.fr&#x2F;~xleroy&#x2F;publi&#x2F;validated-parser.pdf" rel="nofollow">http:&#x2F;&#x2F;gallium.inria.fr&#x2F;~xleroy&#x2F;publi&#x2F;validated-parser.pdf</a><a href="http:&#x2F;&#x2F;users.cecs.anu.edu.au&#x2F;~aditi&#x2F;esop09_submission_16.pdf" rel="nofollow">http:&#x2F;&#x2F;users.cecs.anu.edu.au&#x2F;~aditi&#x2F;esop09_submission_16.pdf</a>One of those handled most of C99 standard.

Well, we gladly trade power and efficiency all the time for more intuitiveness and ease of use in computing...

Parser combinators are less powerful than what parser generators can do, in terms of expressiveness and efficiency. And we&#x27;ve known parser generators since the 70s.So I&#x27;m not sure what the point is of the title of the article.

Thanks, it&#x27;s a pretty cool product too. (yeah I work there)

Sorry for the low effort comment but Clever Cloud is an awesome name

Writing Parsers Like it is 2017 [pdf]