Sometimes the scheduled :qall can arrive too late, so that EOF isn't
received in the same uv_run() call as the response.
(cherry picked from commit a9454f8511)
Problem: nvim_parse_expression null pointer dereference with unmatched ]
followed by a node.
Solution: if ast_stack was empty, set new_top_node_p to top of the stack after
pushing the list literal node; similar to what's done for curlies.
This bug was originally found by a Matrix user, but I couldn't remember how to
trigger it... Ran into the other crash while finding a repro. :P
(cherry picked from commit a5e5ec8910)
Problem: nvim_parse_expression null pointer dereference when parsing an
identifier followed by { with "highlight" parameter set to false.
Solution: only set opening_hl_idx if pstate->colors is not NULL.
Not added to parser_tests.lua as that uses highlight = true.
(cherry picked from commit 5226801be2)
Problem: nvim_get_option_value with "filetype" set can crash if autocommands
open the dummy buffer in more windows, or if &bufhidden == "wipe".
Solution: Attempt to close all dummy buffer windows before wiping. Promote the
dummy buffer to a normal buffer if that fails.
(cherry picked from commit 7e2e116343)
Problem: When the "filetype" key is set for nvim_get_option_value, autocommands
can crash Nvim by prematurely wiping the dummy buffer, or cause options intended
for it to instead be set for unrelated buffers if switched during OptionSet.
Solution: Don't crash. Also quash side-effects from setting the buffer options.
(cherry picked from commit 3cb462a960)
This fixes a regression from cf6f60ce4d
(possibly), as before that commit a frame is popped from the call stack
immediately after its response is received.
Also fix leaking the allocated error messages.
(cherry picked from commit 39d8aa0a1a)
Problem: error set by win_set_buf may leak if autocommands immediately close the
new window.
Solution: free the error set by win_set_buf. (prefer nvim_open_win's error as
it's more important and will cause 0 to be returned)
Problem: split_disallowed seemingly exists to prevent issues from changing
frames to accomodate a split window, which doesn't apply to floats.
Solution: remove the restriction for nvim_open_win, but only for floats.
(continue to check b_locked_split though)
NOTE: like before, the buffer we check b_locked_split for may not actually be
the target buffer "buf", as the later call to win_set_buf can fail to switch to
"buf" due to autocommands. (among other things)
Maybe we could attempt to close the new window in that case (or switch to a
different buffer if that also fails), but this is safer. (and simpler)
Fixes#36857 (and possibly some spurious E242s I've observed from extui)
Problem: nvim_win_set_config may crash when attempting to move curwin to a
different tabpage if there is no other non-float available to switch to.
Solution: fix the crash. Fix ONE_WINDOW checks in winframe_find_altwin and
win_altframe to consider floating windows by instead using one_window. Allow
one_window to consider non-current tabpages. We can use one_window in
win_close_othertab now to also better reflect its use in win_close.
Co-authored-by: Sean Dewar <6256228+seandewar@users.noreply.github.com>
Problem: no check for nvim_open_win opening a new floating window into a closing
buffer, which can lead to crashes.
Solution: call check_split_disallowed; opening a new float semantically splits
from a window, so the same problems as regular splits apply. Also restore the
error if switch_win_noblock in win_set_buf fails (may not be possible to hit
this, but win_set_buf can silently succeed there since #31595).
As the lock check applies to curbuf (not the target buffer) this may feel a bit
restrictive, though this isn't different to how things like ":split" or
nvim_open_win with "split = true" works when targeting a different buffer. Only
checking the target buffer's lock will cause issues if win_set_buf doesn't end
up in the target buffer for whatever reason.
Maybe we could consider checking the lock of the buffer after win_set_buf and
close the window if it's locked (maybe a bit fiddly, especially as closing a
window can fail...), or make the open + switch operation more atomic, like how
Vim does for its popup windows..?
It also used to be the case that win_set_buf would set an error if autocommands
sent us to a different buffer than what was requested, but #31595 appears to
have also changed that... I haven't touched that here.
Problem: can't accurately know if close_buffer directly (e.g: not via autocmds)
decremented b_nwindows. This can cause crashes if win_close_othertab decides to
keep the window after calling close_buffer (if it did not free the buffer), as
b_nwindows may remain out-of-sync.
Solution: change the return value of close_buffer to accurately depict whether
it decremented b_nwindows. Check it in win_close_othertab to avoid a crash.
Similar issues may exist in other places that call close_buffer, but I've not
addressed those here (not to mention only one other place even checks its return
value...)
Problem: No check for closing the only non-floating window in a non-current
tabpage that contains floats. This can lead to a tabpage that contains only
floats, causing crashes.
Solution: Copy the relevant check from win_close to win_close_othertab. Fix some
uncovered issues.
Closes#34943Fixes#31236
Co-authored-by: glepnir <glephunter@gmail.com>
With `overlap=true`, more extmarks than the requested limit may be
collected in `extmark_get`. This then leads to an out of bounds write of
`rv` in `nvim_buf_get_extmarks`.
(cherry picked from commit 612cd99a00)
Problem: Closing socket with pending writes leaks memory.
Analysis: When calling rstream_may_close() on an RStream with pending
writes, it waits for write_cb() to call stream_close_handle(),
which closes it as if it's a WStream and doesn't free the
RStream's buffer.
Solution: Ensure that an RStream's buffer is freed when it's closed.
Problem: after #35601, nvim_open_win incorrectly attempts to set the size of a
split window to 0 if it wasn't specified.
Solution: only attempt to set the size again if it was actually specified. This has the effect of defaulting to half the size of the parent window (or it may be equalized with other windows to make room), like before.
Fix#36080
(cherry picked from commit d7472c0617)
Problem: requested window size passed to nvim_open_win for splits may be ignored
by win_split_ins if it decides to forcefully equalize window sizes instead (e.g:
in an attempt to make room for the new window).
Solution: try to set the size again if it differs from what was requested.
Co-authored-by: Sean Dewar <6256228+seandewar@users.noreply.github.com>
Problem: after #34287 nvim_win_set_config no longer errors when attempting to
split from a floating window only if "win" is 0.
Solution: fix the regression, reduce the scope of "parent" and similar checks to
only where it's currently used and add test coverage for the errors.
(cherry picked from commit da39966a3a)
Problem: Using `addr` without `range` in nvim_create_user_command gives
"No range allowed" error, inconsistent with `:command -addr` behavior.
Solution: Set EX_RANGE flag when `addr` option is specified to match
`:command` behavior.
(cherry picked from commit 22df649210)
Problem: Since 48e2a736, prompt messages are handled by an actual
active cmdline, resulting in `State` no longer being equal
to `MODE_CONFIRM` which is used in some places. E.g. to
specify the current `mode()` or to re-emit a confirm message.
Solution: Replace `MODE_CONFIRM` with a new `MODE_CMDLINE` sub-mode when
`ccline.one_key/mouse_used` is set. Use it to avoid clearing
mouse_used prompt messages, and to re-emit one_key messages
(when ext_messages is inactive, for which this is unnecessary).
(cherry picked from commit e876a739ee)
Problem: When closing a floating window, the next window to be entered
may be unfocusable or hidden.
Solution: Don't enter prevwin when it is unfocusable or hidden. Enter
firstwin instead (like for when prevwin is no longer valid).
(cherry picked from commit 0d658660c2)
Problem: nvim__redraw may update the screen with an invalid topline.
Solution: Update the topline before calling `update_screen()` (as
:redraw does).
(cherry picked from commit af82f36108)
Problem: nvim_create_user_command() Lua callbacks were missing the documented nargs field in the options table passed to the callback function.
Solution: Add nargs field derivation from command argument type flags in nlua_do_ucmd(), using the same logic as nvim_parse_cmd().
(cherry picked from commit 5cfbc35aa8)
Problem: [security]: Possible to open more windows into a closing
buffer without splitting, bypassing existing "b_locked_split"
checks and triggering use-after-free
Solution: Disallow switching to a closing buffer. Editing a closing
buffer (via ":edit", etc.) was fixed in v9.1.0764, but add an
error message and check just "b_locked_split", as "b_locked"
is necessary only when the buffer shouldn't be wiped, and may
be set for buffers that are in-use but not actually closing.
(Sean Dewar)
closes: vim/vim#172466cb1c82840
(cherry picked from commit 627c648252)
Problem: When iterating in reverse with {start} > {end} in
`nvim_buf_get_extmarks()`, marks that overlap {start} and are
greater than {end} are included in the return value twice.
Marks that overlap {end} and do not overlap {start} are not
not included in the return value at all. Marks are not
actually returned in a meaningful "traversal order".
Solution: Rather than actually iterating in reverse, (also possible but
requires convoluted conditions and would require fetching
overlapping marks for both the {start} and {end} position,
while still ending up with non-traversal ordered marks),
iterate normally and reverse the return value.
(cherry picked from commit 65170e8dad)
Problem: When `nvim_set_keymap` tries to overwrite a `<unique>` mapping,
it throws an error even when called in `pcall`.
Solution: src/nvim/mapping.c:buf_do_map no longer calls `semsg`. Its
callers now decide whether to ignore the error, or use
`semsg` (not caught)/`api_set_error` (caught by `pcall`).
(cherry picked from commit ec18ebcb41)
When setting a keymap with "unique" that already exists the error
message contains the LHS of the keymap with termcodes replaced. In
particular this means that keys like <Tab> show as an actual tab
character, meaning the error message displays as "Mapping already exists
for ", which is hard to debug for users.
Instead, display the original LHS (without any simplification or parsed
termcodes). This rperesents exactly what the user passed to the `lhs`
argument of `nvim_set_keymap`, which makes it easier to find where the
offending keymap is.
(cherry picked from commit 0d73ec5834)
Problem
Pasting a big string ("streamed paste" with multiple chunks) sets the '[
mark to the edit from the last chunk, instead of the start of the paste.
Solution:
Set the '[ mark where the paste started, not where the last chunk was
inserted.
Note: `startpos == nil` is not equal to `phase == 1` because there may
be some empty chunks pasted which won't arrive here (returned at code
before).
Problem: Reconfiguring a float window applies the global 'winborder'.
Solution:
- Ignore 'winborder' when reconfiguring a float window.
- Still apply 'winborder' when converting a split to a float window.
Problem: Sourcing buffer lines is too complicated.
Solution: Simplify the code. Make it possible to source Vim9 script lines.
(Yegappan Lakshmanan, closesvim/vim#9974)
85b43c6cb7
This commit changes the behavior of sourcing buffer lines to always have
a script ID, although sourcing the same buffer always produces the same
script ID.
vim-patch:9.1.0372: Calling CLEAR_FIELD() on the same struct twice
Problem: Calling CLEAR_FIELD() on the same struct twice.
Solution: Remove the second CLEAR_FIELD(). Move the assignment of
cookie.sourceing_lnum (zeertzjq).
closes: vim/vim#14627f68517c167
Co-authored-by: Yegappan Lakshmanan <yegappan@yahoo.com>
Problem: `get_option_value` returns caller owned `Object`s but the
corresponding C apis do not marked `FUNC_API_RET_ALLOC` properly.
Solution: add `FUNC_API_RET_ALLOC` to the C apis.
Problem: Combined highlighting was not applied to nvim_eval_statusline(),
and 'statuscolumn' sign segment/numhl highlights.
Solution: Add an additional `groups` element to the return value of
`nvim_eval_statusline()->highlights`. This is an array of stacked
highlight groups (highest priority last). Also resolve combined
highlights for the 'statuscolumn' sign segment/numhl highlights.
Expose/synchronize some drawline.c logic that is now mimicked in
three different places.
