Fix [b5777d3d32]: Crash corner-case in TIP #502 implementation

5 files changed, 62 insertions, 18 deletions

diff --git a/generic/tclExecute.c b/generic/tclExecute.c
index 47c0618..09fda64 100644
--- a/generic/tclExecute.c
+++ b/generic/tclExecute.c
@@ -4863,13 +4863,19 @@ TEBCresume(
 	 */
 
 	if ((TclListObjGetElements(interp, valuePtr, &objc, &objv) == TCL_OK)
-		&& !TclHasIntRep(value2Ptr, &tclListType)
-		&& (TclGetIntForIndexM(NULL, value2Ptr, objc-1,
-			&index) == TCL_OK)) {
-	    TclDecrRefCount(value2Ptr);
-	    tosPtr--;
-	    pcAdjustment = 1;
-	    goto lindexFastPath;
+		&& !TclHasIntRep(value2Ptr, &tclListType)) {
+	    int code;
+
+	    DECACHE_STACK_INFO();
+	    code = TclGetIntForIndexM(interp, value2Ptr, objc-1, &index);
+	    CACHE_STACK_INFO();
+	    if (code == TCL_OK) {
+		TclDecrRefCount(value2Ptr);
+		tosPtr--;
+		pcAdjustment = 1;
+		goto lindexFastPath;
+	    }
+	    Tcl_ResetResult(interp);
 	}
 
 	objResultPtr = TclLindexList(interp, valuePtr, value2Ptr);
@@ -5304,10 +5310,13 @@ TEBCresume(
 	 */
 
 	length = Tcl_GetCharLength(valuePtr);
+	DECACHE_STACK_INFO();
 	if (TclGetIntForIndexM(interp, value2Ptr, length-1, &index)!=TCL_OK) {
+	    CACHE_STACK_INFO();
 	    TRACE_ERROR(interp);
 	    goto gotError;
 	}
+	CACHE_STACK_INFO();
 
 	if ((index < 0) || (index >= length)) {
 	    TclNewObj(objResultPtr);
@@ -5344,13 +5353,21 @@ TEBCresume(
 	TRACE(("\"%.20s\" %.20s %.20s =>",
 		O2S(OBJ_AT_DEPTH(2)), O2S(OBJ_UNDER_TOS), O2S(OBJ_AT_TOS)));
 	length = Tcl_GetCharLength(OBJ_AT_DEPTH(2)) - 1;
+
+	DECACHE_STACK_INFO();
 	if (TclGetIntForIndexM(interp, OBJ_UNDER_TOS, length,
-		    &fromIdx) != TCL_OK
-	    || TclGetIntForIndexM(interp, OBJ_AT_TOS, length,
+		    &fromIdx) != TCL_OK) {
+	    CACHE_STACK_INFO();
+	    TRACE_ERROR(interp);
+	    goto gotError;
+	}
+	if (TclGetIntForIndexM(interp, OBJ_AT_TOS, length,
 		    &toIdx) != TCL_OK) {
+	    CACHE_STACK_INFO();
 	    TRACE_ERROR(interp);
 	    goto gotError;
 	}
+	CACHE_STACK_INFO();
 
 	if (fromIdx < 0) {
 	    fromIdx = 0;
@@ -5433,14 +5450,17 @@ TEBCresume(
 	endIdx = Tcl_GetCharLength(valuePtr) - 1;
 	TRACE(("\"%.20s\" %s %s \"%.20s\" => ", O2S(valuePtr),
 		O2S(OBJ_UNDER_TOS), O2S(OBJ_AT_TOS), O2S(value3Ptr)));
+	DECACHE_STACK_INFO();
 	if (TclGetIntForIndexM(interp, OBJ_UNDER_TOS, endIdx,
 		    &fromIdx) != TCL_OK
 	    || TclGetIntForIndexM(interp, OBJ_AT_TOS, endIdx,
 		    &toIdx) != TCL_OK) {
+	    CACHE_STACK_INFO();
 	    TclDecrRefCount(value3Ptr);
 	    TRACE_ERROR(interp);
 	    goto gotError;
 	}
+	CACHE_STACK_INFO();
 	TclDecrRefCount(OBJ_AT_TOS);
 	(void) POP_OBJECT();
 	TclDecrRefCount(OBJ_AT_TOS);
diff --git a/generic/tclUtil.c b/generic/tclUtil.c
index 5b296f0..8db6606 100644
--- a/generic/tclUtil.c
+++ b/generic/tclUtil.c
@@ -3817,7 +3817,7 @@ GetEndOffsetFromObj(
 		    if ((t1 == TCL_NUMBER_INT) && (t2 == TCL_NUMBER_INT)) {
 			/* Both are wide, do wide-integer math */
 			if (*opPtr == '-') {
-			    if ((w2 == WIDE_MIN) && (interp != NULL)) {
+			    if (w2 == WIDE_MIN) {
 				goto extreme;
 			    }
 			    w2 = -w2;
@@ -3839,13 +3839,6 @@ GetEndOffsetFromObj(
 				offset = WIDE_MIN;
 			    }
 			}
-		    } else if (interp == NULL) {
-			/*
-			 * We use an interp to do bignum index calculations.
-			 * If we don't get one, call all indices with bignums errors,
-			 * and rely on callers to handle it.
-			 */
-			goto parseError;
 		    } else {
 			/*
 			 * At least one is big, do bignum math. Little reason to
@@ -3856,7 +3849,13 @@ GetEndOffsetFromObj(
 			Tcl_Obj *sum;
 
 		    extreme:
-			Tcl_ExprObj(interp, objPtr, &sum);
+			if (interp) {
+			    Tcl_ExprObj(interp, objPtr, &sum);
+			} else {
+			    Tcl_Interp *compute = Tcl_CreateInterp();
+			    Tcl_ExprObj(compute, objPtr, &sum);
+			    Tcl_DeleteInterp(compute);
+			}
 			TclGetNumberFromObj(NULL, sum, &cd, &numType);
 
 			if (numType == TCL_NUMBER_INT) {
diff --git a/tests/lindex.test b/tests/lindex.test
index 85129b4..f9397d2 100644
--- a/tests/lindex.test
+++ b/tests/lindex.test
@@ -449,6 +449,14 @@ test lindex-17.1 {Bug 1718580} -body {
     lindex a end foo
 } -match glob -result {bad index "foo"*} -returnCodes 1
 
+test lindex-18.0 {nested bytecode execution} -setup {
+    proc demo {i} {lindex {a b c} $i}
+} -body {
+    demo 0+0x10000000000000000
+} -cleanup {
+    rename demo {}
+}
+
 catch { unset minus }
 
 # cleanup
diff --git a/tests/string.test b/tests/string.test
index ae78bed..f853397 100644
--- a/tests/string.test
+++ b/tests/string.test
@@ -1506,6 +1506,20 @@ test string-12.22.$noComp {string range, shimmering binary/index} {
 test string-12.23.$noComp {string range, surrogates, bug [11ae2be95dac9417]} utf16 {
     run {list [string range a\U100000b 1 1] [string range a\U100000b 2 2] [string range a\U100000b 3 3]}
 } [list \U100000 {} b]
+test string-12.24.$noComp {bignum index arithmetic} -setup {
+    proc demo {i j} {string range fubar $i $j}
+} -cleanup {
+    rename demo {}
+} -body {
+    demo 2 0+0x10000000000000000
+} -result bar
+test string-12.25.$noComp {bignum index arithmetic} -setup {
+    proc demo {i j} {string range fubar $i $j}
+} -cleanup {
+    rename demo {}
+} -body {
+    demo 0x10000000000000000-0xffffffffffffffff 3
+} -result uba
 
 test string-13.1.$noComp {string repeat} {
     list [catch {run {string repeat}} msg] $msg
diff --git a/tests/util.test b/tests/util.test
index f609e96..e1bd247 100644
--- a/tests/util.test
+++ b/tests/util.test
@@ -818,6 +818,9 @@ test util-9.57 {Tcl_GetIntForIndex} {
 test util-9.58 {Tcl_GetIntForIndex} -body {
     string index abcd end--0x8000000000000000
 } -result {}
+test util-9.59 {Tcl_GetIntForIndex} {
+    string index abcd 0-0x10000000000000000
+} {}
 
 test util-10.1 {Tcl_PrintDouble - rounding} {ieeeFloatingPoint} {
     convertDouble 0x0000000000000000