From 9343ae8ef7fc5c5e64d5b42e17a7eff2ba7b9f6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C5=8Dan?= <koan.bot@atoomic.org>
Date: Tue, 28 Apr 2026 04:36:30 -0600
Subject: [PATCH] fix: restore AvMAX empty-array guard in DEFGV macro
 (regression from ithreads refactoring)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The AvMAX >= 0 guard was added in 3005451 (fixes #66) to prevent
negative pointer arithmetic when an empty SVt_PVAV is on the stack.
The ithreads refactoring (d220633/01967e6) rewrote the macro from
global variables to MY_CXT and lost the guard.

Without this check, `arg + AvMAX(arg)` produces `arg + (-1)` on
empty arrays — undefined behavior in C that can cause memory
corruption or segfaults in rare stack configurations.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 FileCheck.xs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/FileCheck.xs b/FileCheck.xs
index 8d893fc..f789339 100644
--- a/FileCheck.xs
+++ b/FileCheck.xs
@@ -52,7 +52,8 @@ START_MY_CXT
 #define RETURN_CALL_REAL_OP_IF_CALL_WITH_DEFGV() STMT_START { \
     if (gl_overload_ft->op[OP_STAT].is_mocked) { \
       SV *arg = *PL_stack_sp; GV *gv; \
-      if ( SvTYPE(arg) == SVt_PVAV ) arg = arg + AvMAX( arg ); \
+      if ( SvTYPE(arg) == SVt_PVAV && AvMAX((AV*)arg) >= 0 ) \
+        arg = arg + AvMAX( arg ); \
       if ( PL_op->op_flags & OPf_REF ) \
         gv = cGVOP_gv; \
       else { \