Propagate allocation failures through parser and DOM paths

[yangzhg]

Propagate allocation failures through parser and DOM paths

• make allocator, stack, and write buffer report allocation failures instead of silently dropping writes
• thread SonicError/ParseResult through parser, SAX/schema handlers, serialization, JsonPath, tuple extraction, and on-demand skip paths
• make DOM copy/mutation/schema update paths preserve existing state on failure and add checked mutation APIs for callers that need diagnostics
• tighten skipped-branch validation for ParseOnDemand/JSONPath while preserving the fast default behavior
• add regression coverage for OOM, malformed skipped JSON, schema transactions, DOM mutation, and buffer handling
• add AGENTS.md with repository guidance for future coding agents

This makes low-memory failures observable end-to-end, reduces partial-update corruption risk, and documents the expected workflow for future changes.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 56.85307% with 787 lines in your changes missing coverage. Please review.
✅ Project coverage is 65.40%. Comparing base (4250a05) to head (02a9674).
⚠️ Report is 25 commits behind head on master.

Files with missing lines	Patch %	Lines
include/sonic/internal/arch/simd_skip.h	56.52%	70 Missing and 140 partials ⚠️
include/sonic/dom/dynamicnode.h	71.32%	49 Missing and 66 partials ⚠️
include/sonic/allocator.h	60.83%	23 Missing and 33 partials ⚠️
include/sonic/jsonpath/ondemand.h	32.85%	23 Missing and 24 partials ⚠️
include/sonic/dom/parser.h	44.15%	8 Missing and 35 partials ⚠️
include/sonic/dom/generic_document.h	43.24%	22 Missing and 20 partials ⚠️
include/sonic/dom/schema_handler.h	59.00%	15 Missing and 26 partials ⚠️
include/sonic/dom/handler.h	70.22%	15 Missing and 24 partials ⚠️
include/sonic/internal/stack.h	48.48%	8 Missing and 26 partials ⚠️
include/sonic/jsonpath/dom.h	17.50%	8 Missing and 25 partials ⚠️
... and 6 more

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #136      +/-   ##
==========================================
- Coverage   74.79%   65.40%   -9.40%     
==========================================
  Files          21       27       +6     
  Lines        2436     4769    +2333     
  Branches      667     1620     +953     
==========================================
+ Hits         1822     3119    +1297     
- Misses        297      425     +128     
- Partials      317     1225     +908     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Propagates allocation failures and parsing/validation errors through the JSON parser, DOM, on-demand (JSON pointer), JSONPath, tuple extraction, and serialization paths, with added regression coverage and repo guidance for future agents.

Changes:

• Make internal::Stack / WriteBuffer / allocator paths report OOM and avoid silent partial writes.
• Thread SonicError/ParseResult through parser + handlers, add kParseValidateOnDemandFull, and tighten skipped-branch validation for on-demand/JSONPath.
• Add extensive tests for OOM, malformed skipped JSON, schema transactions, DOM mutation/copy preservation, and buffer handling; add AGENTS.md.

Reviewed changes

Copilot reviewed 35 out of 35 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
tests/writebuffer_test.cpp	Adds regression for ToStringView() not requiring a trailing \0.
tests/skip_test.cpp	Expands ParseOnDemand/GetOnDemand validation and edge-case coverage (overflow indices, suffix validation).
tests/parser_oom_test.cpp	Adds many OOM + parser correctness regressions (SAX errors, schema updates, lazy SAX invariants).
tests/parse_schema_test.cpp	Verifies schema update preserves original doc on failure and validates skipped-field errors/transactions.
tests/node_test.cpp	Adds regressions for pointer edge cases, iterator key immutability, erase behavior, and self-copy.
tests/jsonpath_test.cpp	Adds JSONPath on-demand strictness/error propagation and generator-write-failure coverage.
tests/json_tuple_test.cpp	Adds WithError API coverage and stricter malformed/trailing/skipped validation tests.
tests/json_pointer_test.cpp	Extends JSON pointer node validity semantics and large-index behavior tests.
tests/exp_update_test.cpp	Adds UpdateLazyWithError coverage and stricter validation of raw merges.
tests/document_test.cpp	Adds self-move-assignment test and ParseOnDemand parse-flag/validation coverage.
tests/CMakeLists.txt	Adds optional UBSAN support for unit tests.
tests/allocator_test.cpp	Adds allocator/stack/writebuffer overflow + OOM regressions and alignment tests.
scripts/unittest.sh	Adds arm64 arch option and maps aarch64/arm64 to Bazel’s arm.
include/sonic/writebuffer.h	Makes buffer ops report failure; adds ToStringView() that doesn’t require null-termination.
include/sonic/jsonpath/ondemand.h	Converts generator/buffer failures into surfaced errors; adds trailing-space consumption + bad_alloc handling.
include/sonic/jsonpath/jsonpath.h	Removes noexcept to allow allocation failures to propagate/catch upstream.
include/sonic/jsonpath/dump.h	Makes JSONPath dump serialization OOM-aware and bad_alloc-safe.
include/sonic/jsonpath/dom.h	Aligns DOM JSONPath parsing flags with on-demand and adds bad_alloc handling.
include/sonic/internal/stack.h	Adds OOM state + overflow checks + typed alignment support, and returns success/failure from pushes/reserves.
include/sonic/internal/arch/common/x86_common/skip.inc.h	Tightens bounds handling in space-skipping fast paths.
include/sonic/internal/arch/common/arm_common/skip.inc.h	Tightens bounds handling in space-skipping fast paths.
include/sonic/internal/arch/avx2/base.h	Fixes mask type usage to avoid UB/overflow in AVX2 helpers.
include/sonic/experiment/lazy_update.h	Adds UpdateLazyWithError, copies borrowed values before merging, and preserves state on OOM.
include/sonic/dom/serialize.h	Refactors serializer to propagate allocation failures and handle overflow safely.
include/sonic/dom/schema_handler.h	Makes schema handler OOM-aware, preserves state on failure, and removes unsafe byte-copy of members.
include/sonic/dom/parser.h	Adds ParseOnDemand full-validation mode, propagates handler errors, and tightens lazy-parse suffix handling.
include/sonic/dom/json_pointer.h	Changes numeric pointer storage to avoid wraparound and introduces validity checks.
include/sonic/dom/handler.h	Makes DOM SAX handlers propagate OOM reliably and avoid unsafe member relocation.
include/sonic/dom/genericnode.h	Adds checked mutation APIs, preserves state on failure, and hardens length handling.
include/sonic/dom/generic_document.h	Preserves state on parse/schema failure and prevents self-move assignment hazards.
include/sonic/dom/flags.h	Introduces kParseValidateOnDemandFull parse flag (plus deprecated alias).
include/sonic/allocator.h	Makes allocator construction/overflow/OOM handling explicit and safer across shared copies.
AGENTS.md	Adds repository guidance, build/test commands, and allocation-failure rules for agents/contributors.

Comments suppressed due to low confidence (1)

include/sonic/internal/stack.h:208

• GrowTyped() inserts alignment padding before typed pushes, but Pop<T>() always subtracts n * sizeof(T) and never removes any padding that may have been added for alignment. This means sequences like Push<char>, Push<uint64_t>, Pop<uint64_t> do not restore the previous top and can leave the stack in an inconsistent state for subsequent operations. Consider either (a) making the stack strictly byte-oriented (no implicit padding), or (b) tracking per-push padding so Pop<T>() can rewind correctly.

  /**
   * @brief Pop the top-N value in the buffer.
   */
  template <typename T>
  sonic_force_inline void Pop(size_t n) {
    top_ -= n * sizeof(T);
    return;
  }

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.