From a5b1b83a2693ffa7a5a0a22b3693d36ea60051be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9E=97=E7=8E=AE=20=28Jade=20Lin=29?=
 <linw1995@icloud.com>
Date: Sat, 18 Jan 2025 16:40:40 +0800
Subject: [PATCH] fix(lua): prevent SIGSEGV when lua error is NULL in
 libuv_worker
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Problem:
Calling `xstrdup` with a NULL pointer causes a SIGSEGV if `lua_tostring` returns
NULL in `nlua_luv_thread_common_cfpcall`.

Crash stack trace:
- `_platform_strlen` → `xstrdup` (memory.c:469)
- `nlua_luv_thread_common_cfpcall` (executor.c:281)

Solution:
Check if `lua_tostring` returns NULL and pass NULL to `event_create` to avoid the crash.
---
 src/nvim/lua/executor.c             |  3 +--
 test/functional/lua/thread_spec.lua | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/src/nvim/lua/executor.c b/src/nvim/lua/executor.c
index 68d3af6074..a5b48a5d5e 100644
--- a/src/nvim/lua/executor.c
+++ b/src/nvim/lua/executor.c
@@ -276,10 +276,9 @@ static int nlua_luv_thread_common_cfpcall(lua_State *lstate, int nargs, int nres
 #endif
     }
     const char *error = lua_tostring(lstate, -1);
-
     loop_schedule_deferred(&main_loop,
                            event_create(nlua_luv_error_event,
-                                        xstrdup(error),
+                                        error != NULL ? xstrdup(error) : NULL,
                                         (void *)(intptr_t)(is_callback
                                                            ? kThreadCallback
                                                            : kThread)));
diff --git a/test/functional/lua/thread_spec.lua b/test/functional/lua/thread_spec.lua
index 310705fd97..8ca4bdc4f5 100644
--- a/test/functional/lua/thread_spec.lua
+++ b/test/functional/lua/thread_spec.lua
@@ -19,6 +19,26 @@ describe('thread', function()
     screen = Screen.new(50, 10)
   end)
 
+  it('handle non-string error', function()
+    exec_lua [[
+      local thread = vim.uv.new_thread(function()
+        error()
+      end)
+      vim.uv.thread_join(thread)
+    ]]
+
+    screen:expect([[
+                                                        |
+      {1:~                                                 }|*5
+      {3:                                                  }|
+      {9:Error in luv thread:}                              |
+      {9:[NULL]}                                            |
+      {6:Press ENTER or type command to continue}^           |
+    ]])
+    feed('<cr>')
+    assert_alive()
+  end)
+
   it('entry func is executed in protected mode', function()
     exec_lua [[
       local thread = vim.uv.new_thread(function()