From c8006f46376e7f666ef1a8945c3198a06c1310c1 Mon Sep 17 00:00:00 2001
From: Akim Demaille <akim.demaille@gmail.com>
Date: Sat, 12 Dec 2020 17:32:01 +0100
Subject: [PATCH] glr2.cc: fix yycompressStack

Currently, yycompressStack expects the free items to be states only.
That's not the case.

Fixes 712 and 730 pass.  748 still fails, but later and
differently (heap-use-after-free).

* data/skeletons/glr2.cc (glr_stack_item::setState): New.
(glr_stack_item::yycompressStack): Use it.
* tests/glr-regression.at: Adjust.
---
 data/skeletons/glr2.cc  | 17 +++++++++++++++--
 tests/glr-regression.at |  2 --
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/data/skeletons/glr2.cc b/data/skeletons/glr2.cc
index 0bd51fe0..c37a02dc 100644
--- a/data/skeletons/glr2.cc
+++ b/data/skeletons/glr2.cc
@@ -800,7 +800,7 @@ public:
     , magic_ (MAGIC)]])[
   {}
 
-  void copyFrom(const glr_state& other)
+  void copyFrom (const glr_state& other)
   {]b4_parse_assert_if([[
     other.check_ ();]])[
     *this = other;
@@ -1225,6 +1225,18 @@ public:
       getOption().~semantic_option();
   }
 
+  void setState (const glr_state &state)
+  {]b4_parse_assert_if([[
+    check_ ();]])[
+    // FIXME: What about the previous content?  Shouldn't it be freed?
+    // It might be useful to have an explicit "void" state when this item
+    // is in unused state (in the list of free items), when parse.assert
+    // is set.
+    is_state_ = true;
+    void *yyp = raw_;
+    static_cast<glr_state*> (yyp)->copyFrom (state);
+  }
+
   glr_state& getState ()
   {]b4_parse_assert_if([[
     check_ ();]])[
@@ -1232,6 +1244,7 @@ public:
     void *yyp = raw_;
     return *static_cast<glr_state*> (yyp);
   }
+
   const glr_state& getState () const
   {]b4_parse_assert_if([[
     check_ ();]])[
@@ -1496,8 +1509,8 @@ class state_stack {
 
     while (yyr != YY_NULLPTR)
       {
+        nextFreeItem->setState(*yyr);
         glr_state& nextFreeState = nextFreeItem->getState();
-        nextFreeState.copyFrom(*yyr);
         yyr = yyr->pred();
         nextFreeState.setPred(&(nextFreeItem - 1)->getState());
         setFirstTop(&nextFreeState);
diff --git a/tests/glr-regression.at b/tests/glr-regression.at
index 55075f80..6d1bc397 100644
--- a/tests/glr-regression.at
+++ b/tests/glr-regression.at
@@ -142,7 +142,6 @@ m4_pushdef([AT_TEST],
 [AT_SETUP([Improper handling of embedded actions and dollar(-N) in GLR parsers: $1])
 
 AT_BISON_OPTION_PUSHDEFS([%glr-parser $1])
-AT_GLR2_CC_IF([AT_XFAIL_IF([true])])
 
 AT_DATA_GRAMMAR([glr-regr2a.y],
 [[/* Regression Test: Improper handling of embedded actions and $-N  */
@@ -744,7 +743,6 @@ m4_pushdef([AT_TEST],
 [AT_SETUP([Incorrectly initialized location for empty right-hand side in GLR: $1])
 
 AT_BISON_OPTION_PUSHDEFS([%glr-parser %locations $1])
-AT_GLR2_CC_IF([AT_XFAIL_IF([true])])
 
 AT_DATA_GRAMMAR([glr-regr8.y],
 [[