Fix segfault or stack overflow caused by large derivation fields

This removes a dynamic stack allocation, making the derivation unparsing logic robust against overflows when large strings are added to a derivation. Overflow behavior depends on the platform and stack configuration. For instance, x86_64-linux/glibc behaves as (somewhat) expected: $ (ulimit -s 20000; nix-instantiate tests/lang/eval-okay-big-derivation-attr.nix) error: stack overflow (possible infinite recursion) $ (ulimit -s 40000; nix-instantiate tests/lang/eval-okay-big-derivation-attr.nix) error: expression does not evaluate to a derivation (or a set or list of those) However, on aarch64-darwin: $ nix-instantiate big-attr.nix ~ zsh: segmentation fault nix-instantiate big-attr.nix This indicates a slight flaw in the single stack protection page approach that is not encountered with normal stack frames.
2025-07-10 04:43:53 +02:00 · 2022-01-06 01:20:12 +01:00 · 2022-01-06 01:20:12 +01:00 · d038a67bd3
commit d038a67bd3
parent bc443511eb
3 changed files with 28 additions and 1 deletions
--- a/tests/big-derivation-attr.nix
+++ b/tests/big-derivation-attr.nix
@ -0,0 +1,13 @@
+let
+  sixteenBytes = "0123456789abcdef";
+  times16 = s: builtins.concatStringsSep "" [s s s s s s s s s s s s s s s s];
+  exp = n: x: if n == 1 then x else times16 (exp (n - 1) x);
+  sixteenMegabyte = exp 6 sixteenBytes;
+in
+assert builtins.stringLength sixteenMegabyte == 16777216;
+derivation {
+  name = "big-derivation-attr";
+  builder = "/x";
+  system = "y";
+  bigAttr = sixteenMegabyte;
+}