reserveSpace: don't assume one doubling is enough

src/asm/rpn.c

@@ -46,7 +46,8 @@ static uint8_t *reserveSpace(struct Expression *expr, uint32_t size)
 		/* If there isn't enough room to reserve the space, realloc */
 		if (!expr->tRPN)
 			expr->nRPNCapacity = 256; /* Initial size */
-		else if (expr->nRPNCapacity >= MAXRPNLEN)
+		while (expr->nRPNCapacity - expr->nRPNLength < size) {
+			if (expr->nRPNCapacity >= MAXRPNLEN)
 				/*
 				 * To avoid generating humongous object files, cap the
 				 * size of RPN expressions
@@ -57,6 +58,7 @@ static uint8_t *reserveSpace(struct Expression *expr, uint32_t size)
 				expr->nRPNCapacity = MAXRPNLEN;
 			else
 				expr->nRPNCapacity *= 2;
+		}
 		expr->tRPN = realloc(expr->tRPN, expr->nRPNCapacity);
 
 		if (!expr->tRPN)

test/asm/long-rpn-expression.asm

@@ -27,3 +27,10 @@ X EQUS "{X7E}"
        X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X+X
 
 x: db 0
+
+; this tests long RPN expressions being used as the RHS, as this once triggered
+; a realloc bug
+    db 1+(x+X)
+
+; likewise, a long symbol could result in an insufficient *initial* allocation
+    db A00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000+0+0