Bug: Compiler stack overflow crash on deeply nested expressions (~2900 levels) #408
Description
Summary
The Circom compiler crashes with a stack overflow when processing expressions nested approximately 2900+ levels deep. Instead of producing a clean error message, the compiler aborts with thread 'main' has overflowed its stack. The compiler should either handle the input or produce a clean error.
Environment
- Circom: 2.2.3 (latest master)
- OS: Ubuntu
Reproducer
The following Python script generates a test circuit with configurable nesting depth:
depth = 3000
expr = "a"
for _ in range(depth):
expr = f"({expr} + 1)"
code = f"""pragma circom 2.0.0;
template T() {{
signal input a;
signal output out;
var v = {expr};
out <== a;
}}
component main = T();
"""
with open("test.circom", "w") as f:
f.write(code)python3 generate.py
circom test.circom --r1cs --wasm --output .
# CRASH: thread 'main' has overflowed its stack
# fatal runtime error: stack overflow, abortingResults
| Nesting depth | Circom | Noir | Cairo | Leo |
|---|---|---|---|---|
| 1000 | ✅ OK | OK | CRASH (~450) | OK |
| 2000 | ✅ OK | OK | CRASH | OK |
| 2900 | ✅ OK | OK | CRASH | OK |
| 3000 | ❌ CRASH | OK | CRASH | OK |
| 5000 | ❌ CRASH | OK | CRASH | OK |
The crash also occurs with very wide expressions (~5000 terms in a + a + a + ...).
Expected Behavior
The compiler should produce a clean error:
error: expression nesting depth exceeds maximum supported depth
A compiler should never crash on any input, regardless of how pathological it is.
Discovery Method
Found via differential testing tool that tests 4 ZK compilers with pathological circuit patterns.