Fix segfault with ATMega16m1 UART simulation

[jack-greenberg]

Previously, when accessing the p->fe.reg in avr_uart.c (in avr_uart_init()) for ATmega16m1, the system segfaulted.

In avr_register_io_read, we see the following lines:

	avr_io_addr_t a = AVR_DATA_TO_IO(addr);
	if (avr->io[a].r.param || avr->io[a].r.c) {

AVR_DATA_TO_IO just subtracts 0x20 from addr. addr is passed in from avr_uart_init as p->fe.reg. But in ATmega16m1, p->fe is not initialized, so it is set to zero. When we subtract 0x20 from 0, and then do avr->io[a], we have an array-out-of-bounds error.

The following previously segfaulted, but no longer does:

./simavr/run_avr -m atmega16m1 -f 4000000 ~/path/to/binary.elf

[jack-greenberg]

Possibly addresses #335?

[edgar-bonet]

the system segfaulted because p->fe is NULL

I don't understand this sentence. p->fe is not a pointer (it's a struct), so it cannot be NULL.

[edgar-bonet]

As this test evaluates p->fe.reg, it implicitly assumes this expression is well defined. But if p->fe.reg is well defined, then what is the purpose of the test?

[jack-greenberg]

Ah whoops, I mis-wrote this (I actually found this a few months ago but forgot to submit it).

In avr_register_io_read, we see the following lines:

	avr_io_addr_t a = AVR_DATA_TO_IO(addr);
	if (avr->io[a].r.param || avr->io[a].r.c) {

AVR_DATA_TO_IO just subtracts 0x20 from addr. addr is passed in from avr_uart_init as p->fe.reg. But in ATmega16m1, p->fe is not initialized, so it is set to zero. When we subtract 0x20 from 0, and then do avr->io[a], we have an array-out-of-bounds error.

Does that make sense? I will update the PR body.

[edgar-bonet]

Oh, I see. Now it makes sense to me.

[edgar-bonet]

I am not sure I am qualified to review this. Nitpicking: the new code uses spaces for indentation, while the rest of the file uses tabs. Otherwise, looks good to me.