Problem: Searching for a character matches an illegal byte and causes
invalid memory access. (Dominique Pelle)
Solution: Do not match an invalid byte when search for a character in a
string. Fix equivalence classes using negative numbers, which
result in illegal bytes.
d82a2a990b
Problem: When there are illegal utf-8 characters the old regexp engine may
go past the end of a string.
Solution: Only advance to the end of the string. (Dominique Pelle)
0e462411ca
We already use wrappers for allocation, the new `xfree` function is the
equivalent for deallocation and provides a way to fully replace the malloc
implementation used by Neovim.
Regarding dict_lookup() in eval.c: both definitions are the same, the
only difference being the spacing between the indirection operator and
the indentation level.
Problem : getdigits() currently returns a long, but at most places,
return value is casted (unsafely) into an int. Making casts
safe would introduce a lot of fuss in the form of assertions
checking for limits.
Note : We cannot just change return type to int, because, at some
places, legitimate long values are used. For example, in
diff.c, for line numbers.
Solution : Introduce new functions:
- get_digits() : Gets an intmax_t from a string.
- get_int_digits() : Wrapper for ints.
- get_long_digits() : Wrapper for longs.
And replace getdigits() invocations by the appropiate
wrapper invocations.
A similar macro is defined in the Linux kernel [1].
To refactor the code I used a slightly modified Coccinelle script I found in
[2].
```diff
// Use the macro ARRAY_SIZE when possible
//
// Confidence: High
// Copyright: (C) Gilles Muller, Julia Lawall, EMN, DIKU. GPLv2.
// URL: http://www.emn.fr/x-info/coccinelle/rules/array.html
// Options: -I ... -all_includes can give more complete results
@@
type T;
T[] E;
@@
- (sizeof(E)/sizeof(*E))
+ ARRAY_SIZE(E)
@@
type T;
T[] E;
@@
- (sizeof(E)/sizeof(E[...]))
+ ARRAY_SIZE(E)
@@
type T;
T[] E;
@@
- (sizeof(E)/sizeof(T))
+ ARRAY_SIZE(E)
@n@
identifier AS,E;
@@
- #define AS(E) ARRAY_SIZE(E)
@@
expression E;
identifier n.AS;
@@
- AS(E)
+ ARRAY_SIZE(E)
```
`spatch --in-place --sp-file array_size.cocci -I src/ -I build/include/ -I build/src/nvim/auto/ src/nvim/*.c`
[1] http://lxr.free-electrons.com/source/include/linux/kernel.h#L54
[2] http://www.emn.fr/z-info/coccinelle/rules/#macros
Problem: Argument with 'nonnull' attribute passed null @ 5632.
http://neovim.org/doc/reports/clang/report-041a0e.html#EndPath.
Diagnostic: False positive.
Rationale : `p = reg_getline(clnum)` above should not be null, because
`clnum` starts at `start_lnum` and only increments after
that.
Resolution: Assert p not null.
Problem: Dereference of null pointer @ 1312.
http://neovim.org/doc/reports/clang/report-b1d09a.html#EndPath
Diagnostic: Multithreading issue.
Rationale : Suggested error path contains two succesive calls to
`regnext(scan)`, first of which returning nonnull, the
second one returning null. This can only occur if global
`reg_toolong` accesed in `regnext()` changes between the
calls.
Resolution: Use local variable to cache first `regnext(scan)` result.
Note that this change alters function semantics, as now
function only issues one call instead of two, reusing the
result for the second time.
This shouldn't be a problem, though, as new semantics should
be in fact be better.
Problem: Derefence of null pointer @ 1208.
http://neovim.org/doc/reports/clang/report-24b5ca.html#Path10
Diagnostic: False positive.
Rationale : Error is reported to happen if after `if (*newp == NULL) {`
body, `*newp` continues being NULL, and false branch of
following `if (*newp != NULL)` is taken. Now, `vim_strsave`
cannot return NULL, so error cannot happen.
Resolution: Remove dead code (leftover since OOM refactors).
Should be better than gettimeofday() since libuv uses higher resolution
clocks on most UNIX platforms. Libuv also tries to use monotonic clocks,
kernel bugs notwithstanding, which is another win over gettimeofday().
Necessary for Windows, which doesn't have gettimeofday(). In vanilla vim,
Windows uses QueryPerformanceCounter, which is the correct primitive for
this sort of things, but that was removed when slimming up the codebase.
Libuv uses QueryPerformanceCounter to implement uv_hrtime() on Windows so
the behaviour of vim profiling on Windows should now be the same.
The behaviour on Linux should be different (better) though, libuv uses more
accurate primitives than gettimeofday().
Other misc. changes:
- Added function attributes where relevant (const, pure, ...)
- Convert functions to receive scalars: Now that proftime_T is always a
(uint64_t) scalar (and not a struct), it's clearer to convert the
functions to receive it as such instead of a pointer to a scalar.
- Extract profiling funcs to profile.c: make everything clearer and reduces
the size of the "catch-all" ex_cmds2.c
- Add profile.{c,h} to clint and -Wconv:
- Don't use sprintf, use snprintf
- Don't use long, use int16_t/int32_t/...
`-Wstrict-prototypes` warn if a function is declared or defined without
specifying the argument types.
This warning disallow function prototypes with empty parameter list.
In C, a function declared with an empty parameter list accepts an
arbitrary number of arguments when being called. This is for historic
reasons; originally, C functions didn't have prototypes, as C evolved
from B, a typeless language. When prototypes were added, the original
typeless declarations were left in the language for backwards
compatibility.
Instead we should provide `void` in argument list to state
that function doesn't have arguments.
Also this warning disallow declaring type of the parameters after the
parentheses because Neovim header generator produce no declarations for
old-stlyle prototypes: it expects to find `{` after prototype.
I know it could be 0 sometimes. Running the tests with
`assert(gap->ga_growsize > 0)` in ga_grow() crashes nvim while running the
tests.
- Add a setter for ga_growsize that checks whether the value passed is >=1 (log
in case it's not)
- log when ga_grow() tries to use a ga_growsize that's not >=1
- use GA_EMPTY_INIT_VALUE is many places
Problem: Searching for "a" does not match accented "a" with new regexp
engine, does match with old engine. (David Bürgin)
"ca" does not match "ca" with accented "a" with either engine.
Solution: Change the old engine, check for following composing character
also for single-byte patterns.
https://code.google.com/p/vim/source/detail?r=60cdaa05a6ad31cef55eb6b3dc1f57ecac6fcf79
- The 'stripdecls.py' script replaces declarations in all headers by includes to
generated headers.
`ag '#\s*if(?!ndef NEOVIM_).*((?!#\s*endif).*\n)*#ifdef INCLUDE_GENERATED'`
was used for this.
- Add and integrate gendeclarations.lua into the build system to generate the
required includes.
- Add -Wno-unused-function
- Made a bunch of old-style definitions ANSI
This adds a requirement: all type and structure definitions must be present
before INCLUDE_GENERATED_DECLARATIONS-protected include.
Warning: mch_expandpath (path.h.generated.h) was moved manually. So far it is
the only exception.
Problem: Now that nvim/strings.h is correctly namespaced, an issue
that had been masked until now arises:
When compiling, we get a lot of errors because of everywhere
the functions in nvim/strings.h are used, there's no include
to import them.
But, how could this compile and work previously, then? It
turns out that:
- In every such case, we are also including vim.h, which in
turn includes os_unix_defs.h.
- os_unix_defs.h includes <string.h> and also <strings.h> in
some systems (e.g. OSX).
- Build had been modified previously to (even when importing
system headers), prefer equally-named local ones. That was
in fact done as a previous attempt to solve the same issue
we are trying to solve another way now.
So, we were including our "strings.h" as a side-effect of
including <strings.h> through "vim.h" --> "os_unix_defs.h".
Solution: Correctly include "nvim/strings.h" in every file needing it.
