Fixed code that caused a seg-fault after parsing a (deferred) post-count argument followed by a (nested) function-call argument.

The old broken code defers the count until the end of the (parent function's) argument list. But, a nested function call clears the pointer to the deferred type. That leads to an access violation. The new code defers only until the end of each argument. Fixes #1320.
2024-06-07 07:29:33 +00:00 · 2020-11-20 17:29:26 -05:00 · 2020-11-20 17:29:26 -05:00 · 8b42f570e9
commit 8b42f570e9
parent 79bdc2d51f
3 changed files with 34 additions and 37 deletions
--- a/src/cc65/expr.c
+++ b/src/cc65/expr.c
@ -1,7 +1,7 @@
 /* expr.c
 **
 ** 1998-06-21, Ullrich von Bassewitz
-** 2020-01-25, Greg King
+** 2020-11-20, Greg King
 */


@ -608,6 +608,8 @@ static unsigned FunctionParamList (FuncDesc* Func, int IsFastcall, ExprDesc* ED)
 ** The function returns the size of the arguments pushed in bytes.
 */
 {
+    ExprDesc  Expr;
+
    /* Initialize variables */
    SymEntry* Param       = 0;  /* Keep gcc silent */
    unsigned  PushedSize  = 0;  /* Size of arguments pushed */
@ -634,7 +636,6 @@ static unsigned FunctionParamList (FuncDesc* Func, int IsFastcall, ExprDesc* ED)
    **
    */
    if (ParamComplete && IS_Get (&CodeSizeFactor) >= 200) {
-
        /* Calculate the number and size of the parameters */
        FrameParams = Func->ParamCount;
        FrameSize   = Func->ParamSize;
@ -656,18 +657,13 @@ static unsigned FunctionParamList (FuncDesc* Func, int IsFastcall, ExprDesc* ED)
        }
    }

-    /* The info of the last argument could be needed out of the loop */
-    ExprDesc Expr;
-    ED_Init (&Expr);
-    Expr.Flags |= ED->Flags & E_MASK_KEEP_SUBEXPR;
-
    /* Parse the actual argument list */
    while (CurTok.Tok != TOK_RPAREN) {
-
        unsigned Flags;     /* Code generator flags, not expression flags */

-        /* This way the info of the last parameter won't be cleared */
        ED_Init (&Expr);
+
+        /* This way, the info of the last parameter won't be cleared */
        Expr.Flags |= ED->Flags & E_MASK_KEEP_SUBEXPR;

        /* Count arguments */
@ -781,18 +777,20 @@ static unsigned FunctionParamList (FuncDesc* Func, int IsFastcall, ExprDesc* ED)
            Error ("Argument expected after comma");
            break;
        }
+
+        DoDeferred (SQP_KEEP_NONE, &Expr);
    }

+    /* Append last deferred inc/dec before the function is called.
+    ** The last parameter needs to be preserved if it is passed in AX/EAX Regs.
+    */
+    DoDeferred (IsFastcall ? SQP_KEEP_EAX : SQP_KEEP_NONE, &Expr);
+
    /* Check if we had enough arguments */
    if (PushedCount < Func->ParamCount) {
        Error ("Too few arguments in function call");
    }

-    /* Append deferred inc/dec before the function is called.
-    ** The last parameter needs to be restored if it is passed with AX/EAX Regs.
-    */
-    DoDeferred (IsFastcall ? SQP_KEEP_EAX : SQP_KEEP_NONE, &Expr);
-
    /* The function returns the size of all arguments pushed onto the stack.
    ** However, if there are parameters missed (which is an error, and was
    ** flagged by the compiler), AND a stack frame was preallocated above,
@ -2025,8 +2023,8 @@ static void PostInc (ExprDesc* Expr)
    /* Get the data type */
    Flags = TypeOf (Expr->Type);

-    /* We are allowed by the C standard to defer the inc operation until 
-    ** the this expression is used, so that we don't need to save and reload
+    /* We are allowed by the C standard to defer the inc operation until after
+    ** the expression is used, so that we don't need to save and reload
    ** the original value.
    */

@ -2065,7 +2063,7 @@ static void PostInc (ExprDesc* Expr)
            /* Fetch the value and use it (since it's the result of the expression) */
            LoadExpr (CF_NONE, Expr);

-            /* Defer the increment until the value of this expression is used */;
+            /* Defer the increment until after the value of this expression is used */
            DeferInc (Expr);
        }
    }
@ -2132,7 +2130,7 @@ static void PostDec (ExprDesc* Expr)
            /* Fetch the value and save it (since it's the result of the expression) */
            LoadExpr (CF_NONE, Expr);

-            /* Defer the decrement until the value of this expression is used */;
+            /* Defer the decrement until after the value of this expression is used */
            DeferDec (Expr);
        }
    }
--- a/test/misc/Makefile
+++ b/test/misc/Makefile
@ -100,12 +100,6 @@ $(WORKDIR)/bug1263.$1.$2.prg: bug1263.c | $(WORKDIR)
 	$(if $(QUIET),echo misc/bug1263.$1.$2.prg)
 	$(NOT) $(CC65) -t sim$2 -$1 -o $$@ $$< $(NULLERR)

-# should compile, but gives an error (segfault)
-$(WORKDIR)/bug1320.$1.$2.prg: bug1320.c | $(WORKDIR)
-	@echo "FIXME: " $$@ "currently does not compile."
-	$(if $(QUIET),echo misc/bug1320.$1.$2.prg)
-	$(NOT) $(CC65) -t sim$2 -$1 -o $$@ $$< $(NULLERR)
-
 # this one requires --std=c89, it fails with --std=c99
 # it fails currently at runtime
 $(WORKDIR)/bug1265.$1.$2.prg: bug1265.c | $(WORKDIR)
--- a/test/misc/bug1320.c
+++ b/test/misc/bug1320.c
@ -1,5 +1,5 @@
 /*
-  Copyright 2020 The cc65 Authors
+  Copyright 2020, The cc65 Authors

  This software is provided "as-is", without any express or implied
  warranty. In no event will the authors be held liable for any damages
@ -21,18 +21,23 @@
 /*
  Test of a post-counted pointer argument,
  followed by a (nested) function-call argument.
+  Test that compiling it doesn't cause a seg-fault.

  https://github.com/cc65/cc65/issues/1320
-
-  After the bug is fixed, this file should be moved to "test/val/".
 */

 static char *var;

-void foo (char *, char);
-char bar (void);
+static void foo (char *, char)
+{
+}

-void main (void)
+static char bar (void)
+{
+    return 'b';
+}
+
+int main (void)
 {
    foo (var++, bar ());
    return 0;