Fix most remaining stack overflows #14624
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ures
nix-instantiate on deeply nested structures with recurseForDerivations
(e.g., `let x = { recurseForDerivations = true; more = x; }; in x`)
caused an uncontrolled OS-level stack overflow with no Nix stack trace.
Fix by adding call depth tracking to getDerivations, integrating with
Nix's existing max-call-depth mechanism. Now produces a controlled
"stack overflow; max-call-depth exceeded" error with a proper stack
trace.
This way it can be handled reliably.
…ures
Non-cyclic structures can be infinitely deep when values are lazily
produced (e.g., `let f = n: { inner = f (n + 1); }; in f 0`). Since f
returns immediately with a thunk, Nix call depth stays at 1, but
Printer::print recurses on the C++ stack when printing.
We check print depth against max-call-depth rather than incrementing
the callDepth counter, because accessing an attribute is not a call.
StackOverflowError is always re-thrown because stack overflow is a
serious condition that expressions should avoid, unlike say `throw`,
which can be part of legitimate expression patterns.
Also fix assertEqValues for consistency.
…ures printAmbiguous (used by nix-instantiate --eval and nix-env) had a depth parameter, but all callers passed INT_MAX, effectively disabling the limit. The function relied on the C++ stack to eventually overflow, which could cause uncontrolled SIGSEGV crashes on deeply nested pre-forced structures. Now printAmbiguous checks depth against max-call-depth (default 10000) and throws StackOverflowError with a proper trace, consistent with other recursive value traversal functions. The function signature is updated to take EvalState& to access the settings and throw proper errors. The depth parameter now counts up from 0 instead of down from INT_MAX.
github-actions
bot
added
new-cli
Ericson2314
approved these changes
Nov 23, 2025
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
I realized #14613 was probably not complete, so I ran an analysis with a script that finds call graphs.
That produced the set of functions, see Result below. Call graph cycles involving virtual method calls were not supported, but probably not a big deal.
Context
deepSeq, json: handle stack overflow, report list index #14613Result
Fixed in Previous PR
Fixed in This PR
Already Protected (no changes needed)
Deferred
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.