Loading ...
Sorry, an error occurred while loading the content.

Patch 7.3.1247

Expand Messages
  • Bram Moolenaar
    Patch 7.3.1247 Problem: New regexp engine: [ ] @! p %([ ] @! p )*: does not always match. Solution: When there is a PIM add a duplicate state that
    Message 1 of 6 , Jun 26, 2013
    • 0 Attachment
      Patch 7.3.1247
      Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
      Solution: When there is a PIM add a duplicate state that starts at another
      position.
      Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok


      *** ../vim-7.3.1246/src/regexp_nfa.c 2013-06-26 12:42:38.000000000 +0200
      --- src/regexp_nfa.c 2013-06-26 17:54:31.000000000 +0200
      ***************
      *** 3642,3655 ****
      if (i < sub1->in_use)
      s1 = sub1->list.multi[i].start.lnum;
      else
      ! s1 = 0;
      if (i < sub2->in_use)
      s2 = sub2->list.multi[i].start.lnum;
      else
      ! s2 = 0;
      if (s1 != s2)
      return FALSE;
      ! if (s1 != 0 && sub1->list.multi[i].start.col
      != sub2->list.multi[i].start.col)
      return FALSE;
      }
      --- 3642,3655 ----
      if (i < sub1->in_use)
      s1 = sub1->list.multi[i].start.lnum;
      else
      ! s1 = -1;
      if (i < sub2->in_use)
      s2 = sub2->list.multi[i].start.lnum;
      else
      ! s2 = -1;
      if (s1 != s2)
      return FALSE;
      ! if (s1 != -1 && sub1->list.multi[i].start.col
      != sub2->list.multi[i].start.col)
      return FALSE;
      }
      ***************
      *** 3931,3938 ****
      if (state->lastlist[nfa_ll_index] == l->id)
      {
      /* This state is already in the list, don't add it again,
      ! * unless it is an MOPEN that is used for a backreference. */
      ! if (!nfa_has_backref)
      {
      skip_add:
      #ifdef ENABLE_LOG
      --- 3931,3939 ----
      if (state->lastlist[nfa_ll_index] == l->id)
      {
      /* This state is already in the list, don't add it again,
      ! * unless it is an MOPEN that is used for a backreference or
      ! * when there is a PIM. */
      ! if (!nfa_has_backref && pim == NULL)
      {
      skip_add:
      #ifdef ENABLE_LOG
      ***************
      *** 3949,3957 ****
      goto skip_add;
      }

      ! /* When there are backreferences the number of states may be (a
      ! * lot) bigger than anticipated. */
      ! if (nfa_has_backref && l->n == l->len)
      {
      int newlen = l->len * 3 / 2 + 50;

      --- 3950,3958 ----
      goto skip_add;
      }

      ! /* When there are backreferences or PIMs the number of states may
      ! * be (a lot) bigger than anticipated. */
      ! if (l->n == l->len)
      {
      int newlen = l->len * 3 / 2 + 50;

      *** ../vim-7.3.1246/src/testdir/test64.in 2013-06-26 12:42:38.000000000 +0200
      --- src/testdir/test64.in 2013-06-26 16:43:19.000000000 +0200
      ***************
      *** 338,343 ****
      --- 338,344 ----
      :call add(tl, [2, '^\%(.*bar\)\@!.*\zsfoo', ' bar foo '])
      :call add(tl, [2, '^\%(.*bar\)\@!.*\zsfoo', ' foo bar '])
      :call add(tl, [2, '^\%(.*bar\)\@!.*\zsfoo', ' foo xxx ', 'foo'])
      + :call add(tl, [2, '[ ]\@!\p\%([ ]\@!\p\)*:', 'implicit mappings:', 'mappings:'])
      :"
      :"""" Combining different tests and features
      :call add(tl, [2, '[[:alpha:]]\{-2,6}', '787abcdiuhsasiuhb4', 'ab'])
      *** ../vim-7.3.1246/src/testdir/test64.ok 2013-06-26 12:42:38.000000000 +0200
      --- src/testdir/test64.ok 2013-06-26 17:33:11.000000000 +0200
      ***************
      *** 770,775 ****
      --- 770,778 ----
      OK 0 - ^\%(.*bar\)\@!.*\zsfoo
      OK 1 - ^\%(.*bar\)\@!.*\zsfoo
      OK 2 - ^\%(.*bar\)\@!.*\zsfoo
      + OK 0 - [ ]\@!\p\%([ ]\@!\p\)*:
      + OK 1 - [ ]\@!\p\%([ ]\@!\p\)*:
      + OK 2 - [ ]\@!\p\%([ ]\@!\p\)*:
      OK 0 - [[:alpha:]]\{-2,6}
      OK 1 - [[:alpha:]]\{-2,6}
      OK 2 - [[:alpha:]]\{-2,6}
      *** ../vim-7.3.1246/src/version.c 2013-06-26 14:04:37.000000000 +0200
      --- src/version.c 2013-06-26 17:30:26.000000000 +0200
      ***************
      *** 730,731 ****
      --- 730,733 ----
      { /* Add new patch number below this line */
      + /**/
      + 1247,
      /**/

      --
      FATHER: One day, lad, all this will be yours ...
      PRINCE: What - the curtains?
      "Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD

      /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
      /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
      \\\ an exciting new programming language -- http://www.Zimbu.org ///
      \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

      --
      --
      You received this message from the "vim_dev" maillist.
      Do not top-post! Type your reply below the text you are replying to.
      For more information, visit http://www.vim.org/maillist.php

      ---
      You received this message because you are subscribed to the Google Groups "vim_dev" group.
      To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
      For more options, visit https://groups.google.com/groups/opt_out.
    • Simon Ruderich
      ... Since this patch, valgrind reports the following errors (compiled with patch 7.3.1278): Invalid read of size 4 at 0x4EEB40: copy_sub (in src/vim) by
      Message 2 of 6 , Jun 30, 2013
      • 0 Attachment
        On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
        > Patch 7.3.1247
        > Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
        > Solution: When there is a PIM add a duplicate state that starts at another
        > position.
        > Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok

        Since this patch, valgrind reports the following errors (compiled
        with patch 7.3.1278):

        Invalid read of size 4
        at 0x4EEB40: copy_sub (in src/vim)
        by 0x4EF70E: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)
        Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
        at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF9FC: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)

        Invalid read of size 4
        at 0x4EEB44: copy_sub (in src/vim)
        by 0x4EF70E: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)
        Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
        at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF9FC: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)

        Invalid read of size 8
        at 0x4C2B680: memmove (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF70E: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)
        Address 0x7eae260 is 25,200 bytes inside a block of size 25,840 free'd
        at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF9FC: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)

        Invalid read of size 4
        at 0x4EEB40: copy_sub (in src/vim)
        by 0x4EF70E: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)
        Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
        at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF9FC: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)

        Invalid read of size 4
        at 0x4EEB44: copy_sub (in src/vim)
        by 0x4EF70E: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)
        Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
        at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF9FC: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)

        Invalid read of size 8
        at 0x4C2B680: memmove (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF70E: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)
        Address 0x7eae260 is 25,200 bytes inside a block of size 25,840 free'd
        at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        by 0x4EF9FC: addstate (in src/vim)
        by 0x4EF866: addstate (in src/vim)
        by 0x4EFC75: addstate_here (in src/vim)
        by 0x4FC6D9: nfa_regmatch (in src/vim)
        by 0x501402: nfa_regtry (in src/vim)
        by 0x5017E7: nfa_regexec_both (in src/vim)
        by 0x501C00: nfa_regexec_nl (in src/vim)
        by 0x4368F9: find_some_match (in src/vim)
        by 0x4383D4: call_func (in src/vim)
        by 0x43C267: get_func_tv (in src/vim)
        by 0x43AC56: eval7 (in src/vim)
        by 0x43AE63: eval6 (in src/vim)
        by 0x43B0ED: eval5 (in src/vim)
        by 0x43BD24: eval3 (in src/vim)
        by 0x43BEA4: eval1 (in src/vim)
        by 0x43C35B: eval0 (in src/vim)
        by 0x441CA2: ex_let (in src/vim)
        by 0x45E24C: do_cmdline (in src/vim)
        by 0x4BFDFD: nv_colon (in src/vim)
        by 0x4C5DD3: normal_cmd (in src/vim)
        by 0x561D5C: main_loop (in src/vim)
        by 0x408F08: main (in src/vim)

        If I revert the patch, the errors no longer occur.

        Regards
        Simon
        --
        + privacy is necessary
        + using gnupg http://gnupg.org
        + public key id: 0x92FEFDB7E44C32F9
      • Dominique Pellé
        ... Hi Can you describe the steps to reproduce the error? Also, line numbers are missing in the stacks. Make sure you compile Vim with -O0 -g and do not strip
        Message 3 of 6 , Jun 30, 2013
        • 0 Attachment
          Simon Ruderich <simon@...> wrote:

          > On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
          >> Patch 7.3.1247
          >> Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
          >> Solution: When there is a PIM add a duplicate state that starts at another
          >> position.
          >> Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok
          >
          > Since this patch, valgrind reports the following errors (compiled
          > with patch 7.3.1278):
          >
          > Invalid read of size 4
          > at 0x4EEB40: copy_sub (in src/vim)
          > by 0x4EF70E: addstate (in src/vim)
          > by 0x4EF866: addstate (in src/vim)
          > by 0x4EFC75: addstate_here (in src/vim)
          > by 0x4FC6D9: nfa_regmatch (in src/vim)
          > by 0x501402: nfa_regtry (in src/vim)
          > by 0x5017E7: nfa_regexec_both (in src/vim)
          > by 0x501C00: nfa_regexec_nl (in src/vim)
          > by 0x4368F9: find_some_match (in src/vim)
          > by 0x4383D4: call_func (in src/vim)
          > by 0x43C267: get_func_tv (in src/vim)
          > by 0x43AC56: eval7 (in src/vim)
          > by 0x43AE63: eval6 (in src/vim)
          > by 0x43B0ED: eval5 (in src/vim)
          > by 0x43BD24: eval3 (in src/vim)
          > by 0x43BEA4: eval1 (in src/vim)
          > by 0x43C35B: eval0 (in src/vim)
          > by 0x441CA2: ex_let (in src/vim)
          > by 0x45E24C: do_cmdline (in src/vim)
          > by 0x4BFDFD: nv_colon (in src/vim)
          > by 0x4C5DD3: normal_cmd (in src/vim)
          > by 0x561D5C: main_loop (in src/vim)
          > by 0x408F08: main (in src/vim)
          > Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
          > at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
          > by 0x4EF9FC: addstate (in src/vim)
          > by 0x4EF866: addstate (in src/vim)
          > by 0x4EFC75: addstate_here (in src/vim)
          > by 0x4FC6D9: nfa_regmatch (in src/vim)
          > by 0x501402: nfa_regtry (in src/vim)
          > by 0x5017E7: nfa_regexec_both (in src/vim)
          > by 0x501C00: nfa_regexec_nl (in src/vim)
          > by 0x4368F9: find_some_match (in src/vim)
          > by 0x4383D4: call_func (in src/vim)
          > by 0x43C267: get_func_tv (in src/vim)
          > by 0x43AC56: eval7 (in src/vim)
          > by 0x43AE63: eval6 (in src/vim)
          > by 0x43B0ED: eval5 (in src/vim)
          > by 0x43BD24: eval3 (in src/vim)
          > by 0x43BEA4: eval1 (in src/vim)
          > by 0x43C35B: eval0 (in src/vim)
          > by 0x441CA2: ex_let (in src/vim)
          > by 0x45E24C: do_cmdline (in src/vim)
          > by 0x4BFDFD: nv_colon (in src/vim)
          > by 0x4C5DD3: normal_cmd (in src/vim)
          > by 0x561D5C: main_loop (in src/vim)
          > by 0x408F08: main (in src/vim)
          ...snip...
          >
          > If I revert the patch, the errors no longer occur.
          >
          > Regards
          > Simon


          Hi

          Can you describe the steps to reproduce the error?

          Also, line numbers are missing in the stacks. Make sure
          you compile Vim with -O0 -g and do not strip the excutable
          when sending stacks dumps.

          Thanks
          Dominique

          --
          --
          You received this message from the "vim_dev" maillist.
          Do not top-post! Type your reply below the text you are replying to.
          For more information, visit http://www.vim.org/maillist.php

          ---
          You received this message because you are subscribed to the Google Groups "vim_dev" group.
          To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
          For more options, visit https://groups.google.com/groups/opt_out.
        • Dominique Pellé
          ... I see that running make test with valgrind detects the bug in test 64 using vim-7.3.1278: ==9882== Invalid read of size 4 ==9882== at 0x572F9B:
          Message 4 of 6 , Jun 30, 2013
          • 0 Attachment
            Dominique Pellé wrote:

            > Simon Ruderich <simon@...> wrote:
            >
            >> On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
            >>> Patch 7.3.1247
            >>> Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
            >>> Solution: When there is a PIM add a duplicate state that starts at another
            >>> position.
            >>> Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok
            >>
            >> Since this patch, valgrind reports the following errors (compiled
            >> with patch 7.3.1278):
            >>
            >> Invalid read of size 4
            >> at 0x4EEB40: copy_sub (in src/vim)
            >> by 0x4EF70E: addstate (in src/vim)
            >> by 0x4EF866: addstate (in src/vim)
            >> by 0x4EFC75: addstate_here (in src/vim)
            >> by 0x4FC6D9: nfa_regmatch (in src/vim)
            >> by 0x501402: nfa_regtry (in src/vim)
            >> by 0x5017E7: nfa_regexec_both (in src/vim)
            >> by 0x501C00: nfa_regexec_nl (in src/vim)
            >> by 0x4368F9: find_some_match (in src/vim)
            >> by 0x4383D4: call_func (in src/vim)
            >> by 0x43C267: get_func_tv (in src/vim)
            >> by 0x43AC56: eval7 (in src/vim)
            >> by 0x43AE63: eval6 (in src/vim)
            >> by 0x43B0ED: eval5 (in src/vim)
            >> by 0x43BD24: eval3 (in src/vim)
            >> by 0x43BEA4: eval1 (in src/vim)
            >> by 0x43C35B: eval0 (in src/vim)
            >> by 0x441CA2: ex_let (in src/vim)
            >> by 0x45E24C: do_cmdline (in src/vim)
            >> by 0x4BFDFD: nv_colon (in src/vim)
            >> by 0x4C5DD3: normal_cmd (in src/vim)
            >> by 0x561D5C: main_loop (in src/vim)
            >> by 0x408F08: main (in src/vim)
            >> Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
            >> at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
            >> by 0x4EF9FC: addstate (in src/vim)
            >> by 0x4EF866: addstate (in src/vim)
            >> by 0x4EFC75: addstate_here (in src/vim)
            >> by 0x4FC6D9: nfa_regmatch (in src/vim)
            >> by 0x501402: nfa_regtry (in src/vim)
            >> by 0x5017E7: nfa_regexec_both (in src/vim)
            >> by 0x501C00: nfa_regexec_nl (in src/vim)
            >> by 0x4368F9: find_some_match (in src/vim)
            >> by 0x4383D4: call_func (in src/vim)
            >> by 0x43C267: get_func_tv (in src/vim)
            >> by 0x43AC56: eval7 (in src/vim)
            >> by 0x43AE63: eval6 (in src/vim)
            >> by 0x43B0ED: eval5 (in src/vim)
            >> by 0x43BD24: eval3 (in src/vim)
            >> by 0x43BEA4: eval1 (in src/vim)
            >> by 0x43C35B: eval0 (in src/vim)
            >> by 0x441CA2: ex_let (in src/vim)
            >> by 0x45E24C: do_cmdline (in src/vim)
            >> by 0x4BFDFD: nv_colon (in src/vim)
            >> by 0x4C5DD3: normal_cmd (in src/vim)
            >> by 0x561D5C: main_loop (in src/vim)
            >> by 0x408F08: main (in src/vim)
            > ...snip...
            >>
            >> If I revert the patch, the errors no longer occur.
            >>
            >> Regards
            >> Simon
            >
            >
            > Hi
            >
            > Can you describe the steps to reproduce the error?
            >
            > Also, line numbers are missing in the stacks. Make sure
            > you compile Vim with -O0 -g and do not strip the excutable
            > when sending stacks dumps.
            >
            > Thanks
            > Dominique


            I see that running "make test" with valgrind
            detects the bug in test 64 using vim-7.3.1278:

            ==9882== Invalid read of size 4
            ==9882== at 0x572F9B: copy_sub (regexp_nfa.c:3583)
            ==9882== by 0x5736CC: addstate (regexp_nfa.c:3971)
            ==9882== by 0x57374A: addstate (regexp_nfa.c:3994)
            ==9882== by 0x573D27: addstate_here (regexp_nfa.c:4214)
            ==9882== by 0x5757B4: nfa_regmatch (regexp_nfa.c:5290)
            ==9882== by 0x577CC1: nfa_regtry (regexp_nfa.c:6242)
            ==9882== by 0x5783A5: nfa_regexec_both (regexp_nfa.c:6426)
            ==9882== by 0x578764: nfa_regexec_nl (regexp_nfa.c:6623)
            ==9882== by 0x5789C2: vim_regexec_nl (regexp.c:8067)
            ==9882== by 0x46E33C: find_some_match (eval.c:13941)
            ==9882== by 0x46E907: f_matchlist (eval.c:14131)
            ==9882== by 0x46641A: call_func (eval.c:8530)
            ==9882== by 0x465E8C: get_func_tv (eval.c:8343)
            ==9882== by 0x461702: eval7 (eval.c:5153)
            ==9882== by 0x460FA9: eval6 (eval.c:4805)
            ==9882== by 0x460AF9: eval5 (eval.c:4621)
            ==9882== by 0x45FE00: eval4 (eval.c:4314)
            ==9882== by 0x45FC44: eval3 (eval.c:4226)
            ==9882== by 0x45FAC3: eval2 (eval.c:4155)
            ==9882== by 0x45F902: eval1 (eval.c:4080)
            ==9882== by 0x45F861: eval0 (eval.c:4037)
            ==9882== by 0x45B5FD: ex_let (eval.c:1890)
            ==9882== by 0x498EB5: do_one_cmd (ex_docmd.c:2689)
            ==9882== by 0x496433: do_cmdline (ex_docmd.c:1127)
            ==9882== by 0x527A77: nv_colon (normal.c:5457)
            ==9882== by 0x52056B: normal_cmd (normal.c:1200)
            ==9882== by 0x63C17C: main_loop (main.c:1329)
            ==9882== by 0x63BA88: main (main.c:1020)
            ==9882== Address 0xe74d370 is 25,184 bytes inside a block of size 25,840 free'd
            ==9882== at 0x4C2B4F0: realloc (in
            /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
            ==9882== by 0x573626: addstate (regexp_nfa.c:3959)
            ==9882== by 0x57374A: addstate (regexp_nfa.c:3994)
            ==9882== by 0x573D27: addstate_here (regexp_nfa.c:4214)
            ==9882== by 0x5757B4: nfa_regmatch (regexp_nfa.c:5290)
            ==9882== by 0x577CC1: nfa_regtry (regexp_nfa.c:6242)
            ==9882== by 0x5783A5: nfa_regexec_both (regexp_nfa.c:6426)
            ==9882== by 0x578764: nfa_regexec_nl (regexp_nfa.c:6623)
            ==9882== by 0x5789C2: vim_regexec_nl (regexp.c:8067)
            ==9882== by 0x46E33C: find_some_match (eval.c:13941)
            ==9882== by 0x46E907: f_matchlist (eval.c:14131)
            ==9882== by 0x46641A: call_func (eval.c:8530)
            ==9882== by 0x465E8C: get_func_tv (eval.c:8343)
            ==9882== by 0x461702: eval7 (eval.c:5153)
            ==9882== by 0x460FA9: eval6 (eval.c:4805)
            ==9882== by 0x460AF9: eval5 (eval.c:4621)
            ==9882== by 0x45FE00: eval4 (eval.c:4314)
            ==9882== by 0x45FC44: eval3 (eval.c:4226)
            ==9882== by 0x45FAC3: eval2 (eval.c:4155)
            ==9882== by 0x45F902: eval1 (eval.c:4080)
            ==9882== by 0x45F861: eval0 (eval.c:4037)
            ==9882== by 0x45B5FD: ex_let (eval.c:1890)
            ==9882== by 0x498EB5: do_one_cmd (ex_docmd.c:2689)
            ==9882== by 0x496433: do_cmdline (ex_docmd.c:1127)
            ==9882== by 0x527A77: nv_colon (normal.c:5457)
            ==9882== by 0x52056B: normal_cmd (normal.c:1200)
            ==9882== by 0x63C17C: main_loop (main.c:1329)
            ==9882== by 0x63BA88: main (main.c:1020)
            (more errors after that)

            Dominique

            --
            --
            You received this message from the "vim_dev" maillist.
            Do not top-post! Type your reply below the text you are replying to.
            For more information, visit http://www.vim.org/maillist.php

            ---
            You received this message because you are subscribed to the Google Groups "vim_dev" group.
            To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
            For more options, visit https://groups.google.com/groups/opt_out.
          • Simon Ruderich
            ... Ah, sorry. Forgot to mention that. It was test64. Regards Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id:
            Message 5 of 6 , Jun 30, 2013
            • 0 Attachment
              On Sun, Jun 30, 2013 at 08:19:05PM +0200, Dominique Pellé wrote:
              > I see that running "make test" with valgrind
              > detects the bug in test 64 using vim-7.3.1278:

              Ah, sorry. Forgot to mention that. It was test64.

              Regards
              Simon
              --
              + privacy is necessary
              + using gnupg http://gnupg.org
              + public key id: 0x92FEFDB7E44C32F9
            • Bram Moolenaar
              ... [...] I can reproduce it with test 64, as Dominique suggested. -- A poem: read aloud: !* # Waka waka bang splat tick tick
              Message 6 of 6 , Jun 30, 2013
              • 0 Attachment
                Simon Ruderich wrote:

                > On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
                > > Patch 7.3.1247
                > > Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
                > > Solution: When there is a PIM add a duplicate state that starts at another
                > > position.
                > > Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok
                >
                > Since this patch, valgrind reports the following errors (compiled
                > with patch 7.3.1278):
                >
                > Invalid read of size 4
                > at 0x4EEB40: copy_sub (in src/vim)
                > by 0x4EF70E: addstate (in src/vim)
                > by 0x4EF866: addstate (in src/vim)
                > by 0x4EFC75: addstate_here (in src/vim)
                > by 0x4FC6D9: nfa_regmatch (in src/vim)
                > by 0x501402: nfa_regtry (in src/vim)

                [...]

                I can reproduce it with test 64, as Dominique suggested.

                --
                A poem: read aloud:

                <> !*''# Waka waka bang splat tick tick hash,
                ^"`$$- Caret quote back-tick dollar dollar dash,
                !*=@$_ Bang splat equal at dollar under-score,
                %*<> ~#4 Percent splat waka waka tilde number four,
                &[]../ Ampersand bracket bracket dot dot slash,
                |{,,SYSTEM HALTED Vertical-bar curly-bracket comma comma CRASH.

                Fred Bremmer and Steve Kroese (Calvin College & Seminary of Grand Rapids, MI.)

                /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
                /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
                \\\ an exciting new programming language -- http://www.Zimbu.org ///
                \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

                --
                --
                You received this message from the "vim_dev" maillist.
                Do not top-post! Type your reply below the text you are replying to.
                For more information, visit http://www.vim.org/maillist.php

                ---
                You received this message because you are subscribed to the Google Groups "vim_dev" group.
                To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
                For more options, visit https://groups.google.com/groups/opt_out.
              Your message has been successfully submitted and would be delivered to recipients shortly.