-
-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SIGSEGV when adding a %
to user-commands with preview
and compete = "file"
options.
#28851
Comments
I did some debugging against the commit 0f4f7d3. When a Full Backtrace
The Line 4025 in 0f4f7d3
It seems that
In the function
The field Lines 1471 to 1490 in 0f4f7d3
Maybe there is something I'm missing, but the address stored in I put a breakpoint in
The value in
After returning from
Possible FixIf I reinitialize the diff --git a/src/nvim/ex_getln.c b/src/nvim/ex_getln.c
index 8c9e6e45..a88e9651 100644
--- a/src/nvim/ex_getln.c
+++ b/src/nvim/ex_getln.c
@@ -2525,6 +2525,8 @@ static bool cmdpreview_may_show(CommandLineState *s)
}
emsg_off--;
+ ea.cmdlinep = &cmdline;
+
// Check if command is previewable, if not, don't attempt to show preview
if (!(ea.argt & EX_PREVIEW)) {
undo_cmdmod(&cmdinfo.cmdmod);
I didn't sent a pull-request because I'm not sure if this is a valid solution. Address SanitizerAfter finding the issue, I realized that this problem should be visible by ASAN. I recompiled Neovim with ASAN Report
With the possible fix, ASAN does not report any problem. |
Problem
When the character
%
is added to the Ex command-line, and the command in the prompt is defined with the optionspreview
andcomplete = "file"
(vianvim_create_user_command
), Neovim crashes with a memory error.The crash happens only if the current buffer has a file. If
expand("%")
is empty it seems to work.Sometimes it crashes with a
SIGSEGV
(with no error messages), and some other times it printsE41: Out of memory!
and dies.I found the issue with
complete = "file"
, but it also fails with"dir"
. Other completions (like,"help"
,"syntax"
, or"file_in_path"
) have no problems.I tested multiple Neovim versions (Linux x86_64, from Nix and from the prebuilt packages in https://github.com/neovim/neovim/releases), and it seems that it is broken since 0.8 (when
preview
was added).Steps to reproduce
Create a user-command with
complete = "file"
andpreview
. The function forpreview
can be empty.Ensure that the current buffer has a file (so
expand("%")
is not empty).Open the command-line and type the command with any argument without a
%
.The completion will work as expected.
Now, write a
%
in the command-line. Neovim crashes immediately.The steps can be automated:
A Lua script to create the user-command, open a file, and simulate the
:TestCommand %
input:Then, open Neovim with it:
$ nvim --clean -c 'so test-sigsegv.lua'
Expected behavior
No crashes.
Neovim version (nvim -v)
0.10.0
Vim (not Nvim) behaves the same?
This is exclusive to Neovim
Operating system/version
Debian 12
Terminal name/version
Alacritty
$TERM environment variable
alacritty
Installation
Prebuilt packages and nixpkgs
The text was updated successfully, but these errors were encountered: