5898 - strengthen slice-empty? check

Anytime we create a slice, the first check tends to be whether it's empty.
If we handle ill-formed slices here where start > end, that provides a
measure of safety.

In the Mu translator (mu.subx) we often check for a trailing ':' or ','
and decrement slice->end to ignore it. But that could conceivably yield
ill-formed slices if the slice started out empty. Now we make sure we never
operate on such ill-formed slices.

15 files changed, 36 insertions, 7 deletions

diff --git a/072slice.subx b/072slice.subx
index 65db1c16..f7299074 100644
--- a/072slice.subx
+++ b/072slice.subx
@@ -14,13 +14,13 @@ slice-empty?:  # s : (addr slice) -> eax : boolean
     51/push-ecx
     # ecx = s
     8b/copy                         1/mod/*+disp8   5/rm32/ebp    .           .             .           1/r32/ecx   8/disp8         .                 # copy *(ebp+8) to ecx
-    # if (s->start == s->end) return true
+    # if (s->start >= s->end) return true
     # . eax = s->start
     8b/copy                         0/mod/indirect  1/rm32/ecx    .           .             .           0/r32/eax   .               .                 # copy *ecx to eax
-    # . compare eax and s->end
-    39/compare                      1/mod/*+disp8   1/rm32/ecx    .           .             .           0/r32/eax   4/disp8         .                 # compare eax and *(ecx+4)
+    # . if (eax >= s->end) return true
+    3b/compare                      1/mod/*+disp8   1/rm32/ecx    .           .             .           0/r32/eax   4/disp8         .                 # compare eax with *(ecx+4)
     b8/copy-to-eax  1/imm32/true
-    74/jump-if-=  $slice-empty?:end/disp8
+    73/jump-if-addr>=  $slice-empty?:end/disp8
     b8/copy-to-eax  0/imm32/false
 $slice-empty?:end:
     # . restore registers
@@ -63,9 +63,9 @@ test-slice-empty-false:
     # . prologue
     55/push-ebp
     89/copy                         3/mod/direct    5/rm32/ebp    .           .             .           4/r32/esp   .               .                 # copy esp to ebp
-    # var slice/ecx : slice = {34, 23}
-    68/push  23/imm32/end
-    68/push  34/imm32/start
+    # var slice/ecx : slice = {32, 34}
+    68/push  34/imm32/end
+    68/push  32/imm32/start
     89/copy                         3/mod/direct    1/rm32/ecx    .           .             .           4/r32/esp   .               .                 # copy esp to ecx
     # slice-empty?(slice)
     # . . push args
@@ -88,6 +88,35 @@ test-slice-empty-false:
     5d/pop-to-ebp
     c3/return
 
+test-slice-empty-if-start-greater-than-end:
+    # . prologue
+    55/push-ebp
+    89/copy                         3/mod/direct    5/rm32/ebp    .           .             .           4/r32/esp   .               .                 # copy esp to ebp
+    # var slice/ecx : slice = {34, 32}
+    68/push  32/imm32/end
+    68/push  34/imm32/start
+    89/copy                         3/mod/direct    1/rm32/ecx    .           .             .           4/r32/esp   .               .                 # copy esp to ecx
+    # slice-empty?(slice)
+    # . . push args
+    51/push-ecx
+    # . . call
+    e8/call  slice-empty?/disp32
+    # . . discard args
+    81          0/subop/add         3/mod/direct    4/rm32/esp    .           .             .           .           .               4/imm32           # add to esp
+    # check-ints-equal(eax, 1, msg)
+    # . . push args
+    68/push  "F - test-slice-empty-if-start-greater-than-end"/imm32
+    68/push  1/imm32
+    50/push-eax
+    # . . call
+    e8/call  check-ints-equal/disp32
+    # . . discard args
+    81          0/subop/add         3/mod/direct    4/rm32/esp    .           .             .           .           .               0xc/imm32         # add to esp
+    # . epilogue
+    89/copy                         3/mod/direct    4/rm32/esp    .           .             .           5/r32/ebp   .               .                 # copy ebp to esp
+    5d/pop-to-ebp
+    c3/return
+
 slice-equal?:  # s : (addr slice), p : (addr array byte) -> eax : boolean
     # pseudocode:
     #   if (p == 0) return (s == 0)
diff --git a/apps/assort b/apps/assort
index d01f02bd..76e175d5 100755
--- a/apps/assort
+++ b/apps/assort
Binary files differdiff --git a/apps/braces b/apps/braces
index a096d0c6..144ee6fe 100755
--- a/apps/braces
+++ b/apps/braces
Binary files differdiff --git a/apps/calls b/apps/calls
index 05ba61ef..d8e95bcd 100755
--- a/apps/calls
+++ b/apps/calls
Binary files differdiff --git a/apps/crenshaw2-1 b/apps/crenshaw2-1
index 239d70e0..feef8d4b 100755
--- a/apps/crenshaw2-1
+++ b/apps/crenshaw2-1
Binary files differdiff --git a/apps/crenshaw2-1b b/apps/crenshaw2-1b
index 259bda92..16591ef0 100755
--- a/apps/crenshaw2-1b
+++ b/apps/crenshaw2-1b
Binary files differdiff --git a/apps/dquotes b/apps/dquotes
index db166f7a..9d1dabf3 100755
--- a/apps/dquotes
+++ b/apps/dquotes
Binary files differdiff --git a/apps/factorial b/apps/factorial
index 19772bad..b9e7d7be 100755
--- a/apps/factorial
+++ b/apps/factorial
Binary files differdiff --git a/apps/handle b/apps/handle
index d9fc3aa9..30310ff3 100755
--- a/apps/handle
+++ b/apps/handle
Binary files differdiff --git a/apps/hex b/apps/hex
index 9c91ac4b..71615baa 100755
--- a/apps/hex
+++ b/apps/hex
Binary files differdiff --git a/apps/mu b/apps/mu
index 23497954..a298670a 100755
--- a/apps/mu
+++ b/apps/mu
Binary files differdiff --git a/apps/pack b/apps/pack
index fef9cef2..56575b68 100755
--- a/apps/pack
+++ b/apps/pack
Binary files differdiff --git a/apps/sigils b/apps/sigils
index 402e3af1..7b72e401 100755
--- a/apps/sigils
+++ b/apps/sigils
Binary files differdiff --git a/apps/survey b/apps/survey
index 386a49c7..33669c5b 100755
--- a/apps/survey
+++ b/apps/survey
Binary files differdiff --git a/apps/tests b/apps/tests
index 729a3f9e..7941b9f0 100755
--- a/apps/tests
+++ b/apps/tests
Binary files differ