(nth-value n form) with n greater ~4000 lets sbcl crash

Bug #1511419 reported by christoph amort on 2015-10-29
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
SBCL
Undecided
Unassigned

Bug Description

on windows x86 64 the evaluation of:

(nth-value n form) with n greater 4000 lets sbcl crash immediately.

Nobody would need a value with a n so big. But a bug in my code showed me this error.

c.

sbcl version: 1.2.7

(:SWANK :CL-FAD :BORDEAUX-THREADS CFFI-FEATURES:FLAT-NAMESPACE
 CFFI-FEATURES:X86-64 CFFI-FEATURES:WINDOWS :CFFI CFFI-SYS::FLAT-NAMESPACE
 :WINDOWS :SPLIT-SEQUENCE CHIPZ-SYSTEM:GRAY-STREAMS :THREAD-SUPPORT :QUICKLISP
 :ASDF-PACKAGE-SYSTEM :ASDF3.1 :ASDF3 :ASDF2 :ASDF :OS-WINDOWS
 :NON-BASE-CHARS-EXIST-P :ASDF-UNICODE :ALIEN-CALLBACKS :ANSI-CL
 :ASH-RIGHT-VOPS :C-STACK-IS-CONTROL-STACK :COMMON-LISP :COMPARE-AND-SWAP-VOPS
 :COMPLEX-FLOAT-VOPS :CYCLE-COUNTER :FLOAT-EQL-VOPS :GENCGC
 :IEEE-FLOATING-POINT :INLINE-CONSTANTS :INTERLEAVED-RAW-SLOTS :LINKAGE-TABLE
 :LITTLE-ENDIAN :MEMORY-BARRIER-VOPS :MULTIPLY-HIGH-VOPS :OS-PROVIDES-DLOPEN
 :OS-PROVIDES-PUTWC :PACKAGE-LOCAL-NICKNAMES :RAW-INSTANCE-INIT-VOPS :SB-DOC
 :SB-DYNAMIC-CORE :SB-EVAL :SB-FUTEX :SB-LDB :SB-PACKAGE-LOCKS :SB-QSHOW
 :SB-SAFEPOINT :SB-SAFEPOINT-STRICTLY :SB-SIMD-PACK :SB-SOURCE-LOCATIONS
 :SB-TEST :SB-THREAD :SB-THRUPTION :SB-UNICODE :SB-WTIMER :SBCL
 :STACK-ALLOCATABLE-CLOSURES :STACK-ALLOCATABLE-FIXED-OBJECTS
 :STACK-ALLOCATABLE-LISTS :STACK-ALLOCATABLE-VECTORS
 :STACK-GROWS-DOWNWARD-NOT-UPWARD :SYMBOL-INFO-VOPS
 :UNWIND-TO-FRAME-AND-CALL-VOP :WIN32 :X86-64)

Attila Lendvai (attila-lendvai) wrote :

tested it on x64 linux.

the stack gets exhausted by a mutual recursion in the compiler, but here the stack guard keeps things alive.

it's basically an inefficient implementation, and a resource hungry error handler at stack exhaustion can finish off the vm.

  4: (SB-C::IR1-CONVERT-HAIRY-ARGS #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE #<SB-KER..
  5: (SB-C::GENERATE-OPTIONAL-DEFAULT-ENTRY #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE..
  6: (SB-C::IR1-CONVERT-HAIRY-ARGS #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE #<SB-KER..
  7: (SB-C::GENERATE-OPTIONAL-DEFAULT-ENTRY #<SB-C::OPTIONAL-DISPATCH :%SOURCE-NAME SB-C::.ANONYMOUS. :%DEBUG-NAME (LAMBDA (&OPTIONAL #1=#:G13138 #2=#:G13139 #3=#:G13140 #4=#:G13141 #5=#:G13142 ...)) :TYPE..

Douglas Katzman (dougk) on 2015-11-07
Changed in sbcl:
assignee: nobody → Douglas Katzman (dougk)
status: New → Fix Committed
Stas Boukarev (stassats) on 2015-12-19
Changed in sbcl:
status: Fix Committed → Fix Released
assignee: Douglas Katzman (dougk) → nobody
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers