SBCL

(nth-value n form) with n greater ~4000 lets sbcl crash

Bug #1511419 reported by christoph amort on 2015-10-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	SBCL	Fix Released	Undecided	Unassigned

Bug Description

on windows x86 64 the evaluation of:

(nth-value n form) with n greater 4000 lets sbcl crash immediately.

Nobody would need a value with a n so big. But a bug in my code showed me this error.

sbcl version: 1.2.7

(:SWANK :CL-FAD :BORDEAUX-THREADS CFFI-FEATURES:FLAT-NAMESPACE
CFFI-FEATURES:X86-64 CFFI-FEATURES:WINDOWS :CFFI CFFI-SYS::FLAT-NAMESPACE
:WINDOWS :SPLIT-SEQUENCE CHIPZ-SYSTEM:GRAY-STREAMS :THREAD-SUPPORT :QUICKLISP
:ASDF-PACKAGE-SYSTEM :ASDF3.1 :ASDF3 :ASDF2 :ASDF :OS-WINDOWS
:NON-BASE-CHARS-EXIST-P :ASDF-UNICODE :ALIEN-CALLBACKS :ANSI-CL
:ASH-RIGHT-VOPS :C-STACK-IS-CONTROL-STACK :COMMON-LISP :COMPARE-AND-SWAP-VOPS
:COMPLEX-FLOAT-VOPS :CYCLE-COUNTER :FLOAT-EQL-VOPS :GENCGC
:IEEE-FLOATING-POINT :INLINE-CONSTANTS :INTERLEAVED-RAW-SLOTS :LINKAGE-TABLE
:LITTLE-ENDIAN :MEMORY-BARRIER-VOPS :MULTIPLY-HIGH-VOPS :OS-PROVIDES-DLOPEN
:OS-PROVIDES-PUTWC :PACKAGE-LOCAL-NICKNAMES :RAW-INSTANCE-INIT-VOPS :SB-DOC
:SB-DYNAMIC-CORE :SB-EVAL :SB-FUTEX :SB-LDB :SB-PACKAGE-LOCKS :SB-QSHOW
:SB-SAFEPOINT :SB-SAFEPOINT-STRICTLY :SB-SIMD-PACK :SB-SOURCE-LOCATIONS
:SB-TEST :SB-THREAD :SB-THRUPTION :SB-UNICODE :SB-WTIMER :SBCL
:STACK-ALLOCATABLE-CLOSURES :STACK-ALLOCATABLE-FIXED-OBJECTS
:STACK-ALLOCATABLE-LISTS :STACK-ALLOCATABLE-VECTORS
:STACK-GROWS-DOWNWARD-NOT-UPWARD :SYMBOL-INFO-VOPS
:UNWIND-TO-FRAME-AND-CALL-VOP :WIN32 :X86-64)

Revision history for this message

Attila Lendvai (attila-lendvai) wrote on 2015-10-29:

tested it on x64 linux.

the stack gets exhausted by a mutual recursion in the compiler, but here the stack guard keeps things alive.

it's basically an inefficient implementation, and a resource hungry error handler at stack exhaustion can finish off the vm.

  4: (SB-C::IR1-CONVERT-HAIRY-ARGS #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE #<SB-KER..
  5: (SB-C::GENERATE-OPTIONAL-DEFAULT-ENTRY #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE..
  6: (SB-C::IR1-CONVERT-HAIRY-ARGS #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE #<SB-KER..
  7: (SB-C::GENERATE-OPTIONAL-DEFAULT-ENTRY #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE..

Douglas Katzman (dougk) on 2015-11-07

Changed in sbcl:
assignee:	nobody → Douglas Katzman (dougk)
status:	New → Fix Committed

Stas Boukarev (stassats) on 2015-12-19

Changed in sbcl:
status:	Fix Committed → Fix Released
assignee:	Douglas Katzman (dougk) → nobody

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.