Loading ...
Sorry, an error occurred while loading the content.

Patch 7.3.1247 valgrind errors (Was: Patch 7.3.1247)

Expand Messages
  • Simon Ruderich
    ... Since this patch, valgrind reports the following errors (compiled with patch 7.3.1278): Invalid read of size 4 at 0x4EEB40: copy_sub (in src/vim) by
    Message 1 of 6 , Jun 30, 2013
    • 0 Attachment
      On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
      > Patch 7.3.1247
      > Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
      > Solution: When there is a PIM add a duplicate state that starts at another
      > position.
      > Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok

      Since this patch, valgrind reports the following errors (compiled
      with patch 7.3.1278):

      Invalid read of size 4
      at 0x4EEB40: copy_sub (in src/vim)
      by 0x4EF70E: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)
      Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
      at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF9FC: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)

      Invalid read of size 4
      at 0x4EEB44: copy_sub (in src/vim)
      by 0x4EF70E: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)
      Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
      at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF9FC: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)

      Invalid read of size 8
      at 0x4C2B680: memmove (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF70E: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)
      Address 0x7eae260 is 25,200 bytes inside a block of size 25,840 free'd
      at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF9FC: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)

      Invalid read of size 4
      at 0x4EEB40: copy_sub (in src/vim)
      by 0x4EF70E: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)
      Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
      at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF9FC: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)

      Invalid read of size 4
      at 0x4EEB44: copy_sub (in src/vim)
      by 0x4EF70E: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)
      Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
      at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF9FC: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)

      Invalid read of size 8
      at 0x4C2B680: memmove (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF70E: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)
      Address 0x7eae260 is 25,200 bytes inside a block of size 25,840 free'd
      at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      by 0x4EF9FC: addstate (in src/vim)
      by 0x4EF866: addstate (in src/vim)
      by 0x4EFC75: addstate_here (in src/vim)
      by 0x4FC6D9: nfa_regmatch (in src/vim)
      by 0x501402: nfa_regtry (in src/vim)
      by 0x5017E7: nfa_regexec_both (in src/vim)
      by 0x501C00: nfa_regexec_nl (in src/vim)
      by 0x4368F9: find_some_match (in src/vim)
      by 0x4383D4: call_func (in src/vim)
      by 0x43C267: get_func_tv (in src/vim)
      by 0x43AC56: eval7 (in src/vim)
      by 0x43AE63: eval6 (in src/vim)
      by 0x43B0ED: eval5 (in src/vim)
      by 0x43BD24: eval3 (in src/vim)
      by 0x43BEA4: eval1 (in src/vim)
      by 0x43C35B: eval0 (in src/vim)
      by 0x441CA2: ex_let (in src/vim)
      by 0x45E24C: do_cmdline (in src/vim)
      by 0x4BFDFD: nv_colon (in src/vim)
      by 0x4C5DD3: normal_cmd (in src/vim)
      by 0x561D5C: main_loop (in src/vim)
      by 0x408F08: main (in src/vim)

      If I revert the patch, the errors no longer occur.

      Regards
      Simon
      --
      + privacy is necessary
      + using gnupg http://gnupg.org
      + public key id: 0x92FEFDB7E44C32F9
    • Dominique Pellé
      ... Hi Can you describe the steps to reproduce the error? Also, line numbers are missing in the stacks. Make sure you compile Vim with -O0 -g and do not strip
      Message 2 of 6 , Jun 30, 2013
      • 0 Attachment
        Simon Ruderich <simon@...> wrote:

        > On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
        >> Patch 7.3.1247
        >> Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
        >> Solution: When there is a PIM add a duplicate state that starts at another
        >> position.
        >> Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok
        >
        > Since this patch, valgrind reports the following errors (compiled
        > with patch 7.3.1278):
        >
        > Invalid read of size 4
        > at 0x4EEB40: copy_sub (in src/vim)
        > by 0x4EF70E: addstate (in src/vim)
        > by 0x4EF866: addstate (in src/vim)
        > by 0x4EFC75: addstate_here (in src/vim)
        > by 0x4FC6D9: nfa_regmatch (in src/vim)
        > by 0x501402: nfa_regtry (in src/vim)
        > by 0x5017E7: nfa_regexec_both (in src/vim)
        > by 0x501C00: nfa_regexec_nl (in src/vim)
        > by 0x4368F9: find_some_match (in src/vim)
        > by 0x4383D4: call_func (in src/vim)
        > by 0x43C267: get_func_tv (in src/vim)
        > by 0x43AC56: eval7 (in src/vim)
        > by 0x43AE63: eval6 (in src/vim)
        > by 0x43B0ED: eval5 (in src/vim)
        > by 0x43BD24: eval3 (in src/vim)
        > by 0x43BEA4: eval1 (in src/vim)
        > by 0x43C35B: eval0 (in src/vim)
        > by 0x441CA2: ex_let (in src/vim)
        > by 0x45E24C: do_cmdline (in src/vim)
        > by 0x4BFDFD: nv_colon (in src/vim)
        > by 0x4C5DD3: normal_cmd (in src/vim)
        > by 0x561D5C: main_loop (in src/vim)
        > by 0x408F08: main (in src/vim)
        > Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
        > at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
        > by 0x4EF9FC: addstate (in src/vim)
        > by 0x4EF866: addstate (in src/vim)
        > by 0x4EFC75: addstate_here (in src/vim)
        > by 0x4FC6D9: nfa_regmatch (in src/vim)
        > by 0x501402: nfa_regtry (in src/vim)
        > by 0x5017E7: nfa_regexec_both (in src/vim)
        > by 0x501C00: nfa_regexec_nl (in src/vim)
        > by 0x4368F9: find_some_match (in src/vim)
        > by 0x4383D4: call_func (in src/vim)
        > by 0x43C267: get_func_tv (in src/vim)
        > by 0x43AC56: eval7 (in src/vim)
        > by 0x43AE63: eval6 (in src/vim)
        > by 0x43B0ED: eval5 (in src/vim)
        > by 0x43BD24: eval3 (in src/vim)
        > by 0x43BEA4: eval1 (in src/vim)
        > by 0x43C35B: eval0 (in src/vim)
        > by 0x441CA2: ex_let (in src/vim)
        > by 0x45E24C: do_cmdline (in src/vim)
        > by 0x4BFDFD: nv_colon (in src/vim)
        > by 0x4C5DD3: normal_cmd (in src/vim)
        > by 0x561D5C: main_loop (in src/vim)
        > by 0x408F08: main (in src/vim)
        ...snip...
        >
        > If I revert the patch, the errors no longer occur.
        >
        > Regards
        > Simon


        Hi

        Can you describe the steps to reproduce the error?

        Also, line numbers are missing in the stacks. Make sure
        you compile Vim with -O0 -g and do not strip the excutable
        when sending stacks dumps.

        Thanks
        Dominique

        --
        --
        You received this message from the "vim_dev" maillist.
        Do not top-post! Type your reply below the text you are replying to.
        For more information, visit http://www.vim.org/maillist.php

        ---
        You received this message because you are subscribed to the Google Groups "vim_dev" group.
        To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
        For more options, visit https://groups.google.com/groups/opt_out.
      • Dominique Pellé
        ... I see that running make test with valgrind detects the bug in test 64 using vim-7.3.1278: ==9882== Invalid read of size 4 ==9882== at 0x572F9B:
        Message 3 of 6 , Jun 30, 2013
        • 0 Attachment
          Dominique Pellé wrote:

          > Simon Ruderich <simon@...> wrote:
          >
          >> On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
          >>> Patch 7.3.1247
          >>> Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
          >>> Solution: When there is a PIM add a duplicate state that starts at another
          >>> position.
          >>> Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok
          >>
          >> Since this patch, valgrind reports the following errors (compiled
          >> with patch 7.3.1278):
          >>
          >> Invalid read of size 4
          >> at 0x4EEB40: copy_sub (in src/vim)
          >> by 0x4EF70E: addstate (in src/vim)
          >> by 0x4EF866: addstate (in src/vim)
          >> by 0x4EFC75: addstate_here (in src/vim)
          >> by 0x4FC6D9: nfa_regmatch (in src/vim)
          >> by 0x501402: nfa_regtry (in src/vim)
          >> by 0x5017E7: nfa_regexec_both (in src/vim)
          >> by 0x501C00: nfa_regexec_nl (in src/vim)
          >> by 0x4368F9: find_some_match (in src/vim)
          >> by 0x4383D4: call_func (in src/vim)
          >> by 0x43C267: get_func_tv (in src/vim)
          >> by 0x43AC56: eval7 (in src/vim)
          >> by 0x43AE63: eval6 (in src/vim)
          >> by 0x43B0ED: eval5 (in src/vim)
          >> by 0x43BD24: eval3 (in src/vim)
          >> by 0x43BEA4: eval1 (in src/vim)
          >> by 0x43C35B: eval0 (in src/vim)
          >> by 0x441CA2: ex_let (in src/vim)
          >> by 0x45E24C: do_cmdline (in src/vim)
          >> by 0x4BFDFD: nv_colon (in src/vim)
          >> by 0x4C5DD3: normal_cmd (in src/vim)
          >> by 0x561D5C: main_loop (in src/vim)
          >> by 0x408F08: main (in src/vim)
          >> Address 0x7eae250 is 25,184 bytes inside a block of size 25,840 free'd
          >> at 0x4C28CCE: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
          >> by 0x4EF9FC: addstate (in src/vim)
          >> by 0x4EF866: addstate (in src/vim)
          >> by 0x4EFC75: addstate_here (in src/vim)
          >> by 0x4FC6D9: nfa_regmatch (in src/vim)
          >> by 0x501402: nfa_regtry (in src/vim)
          >> by 0x5017E7: nfa_regexec_both (in src/vim)
          >> by 0x501C00: nfa_regexec_nl (in src/vim)
          >> by 0x4368F9: find_some_match (in src/vim)
          >> by 0x4383D4: call_func (in src/vim)
          >> by 0x43C267: get_func_tv (in src/vim)
          >> by 0x43AC56: eval7 (in src/vim)
          >> by 0x43AE63: eval6 (in src/vim)
          >> by 0x43B0ED: eval5 (in src/vim)
          >> by 0x43BD24: eval3 (in src/vim)
          >> by 0x43BEA4: eval1 (in src/vim)
          >> by 0x43C35B: eval0 (in src/vim)
          >> by 0x441CA2: ex_let (in src/vim)
          >> by 0x45E24C: do_cmdline (in src/vim)
          >> by 0x4BFDFD: nv_colon (in src/vim)
          >> by 0x4C5DD3: normal_cmd (in src/vim)
          >> by 0x561D5C: main_loop (in src/vim)
          >> by 0x408F08: main (in src/vim)
          > ...snip...
          >>
          >> If I revert the patch, the errors no longer occur.
          >>
          >> Regards
          >> Simon
          >
          >
          > Hi
          >
          > Can you describe the steps to reproduce the error?
          >
          > Also, line numbers are missing in the stacks. Make sure
          > you compile Vim with -O0 -g and do not strip the excutable
          > when sending stacks dumps.
          >
          > Thanks
          > Dominique


          I see that running "make test" with valgrind
          detects the bug in test 64 using vim-7.3.1278:

          ==9882== Invalid read of size 4
          ==9882== at 0x572F9B: copy_sub (regexp_nfa.c:3583)
          ==9882== by 0x5736CC: addstate (regexp_nfa.c:3971)
          ==9882== by 0x57374A: addstate (regexp_nfa.c:3994)
          ==9882== by 0x573D27: addstate_here (regexp_nfa.c:4214)
          ==9882== by 0x5757B4: nfa_regmatch (regexp_nfa.c:5290)
          ==9882== by 0x577CC1: nfa_regtry (regexp_nfa.c:6242)
          ==9882== by 0x5783A5: nfa_regexec_both (regexp_nfa.c:6426)
          ==9882== by 0x578764: nfa_regexec_nl (regexp_nfa.c:6623)
          ==9882== by 0x5789C2: vim_regexec_nl (regexp.c:8067)
          ==9882== by 0x46E33C: find_some_match (eval.c:13941)
          ==9882== by 0x46E907: f_matchlist (eval.c:14131)
          ==9882== by 0x46641A: call_func (eval.c:8530)
          ==9882== by 0x465E8C: get_func_tv (eval.c:8343)
          ==9882== by 0x461702: eval7 (eval.c:5153)
          ==9882== by 0x460FA9: eval6 (eval.c:4805)
          ==9882== by 0x460AF9: eval5 (eval.c:4621)
          ==9882== by 0x45FE00: eval4 (eval.c:4314)
          ==9882== by 0x45FC44: eval3 (eval.c:4226)
          ==9882== by 0x45FAC3: eval2 (eval.c:4155)
          ==9882== by 0x45F902: eval1 (eval.c:4080)
          ==9882== by 0x45F861: eval0 (eval.c:4037)
          ==9882== by 0x45B5FD: ex_let (eval.c:1890)
          ==9882== by 0x498EB5: do_one_cmd (ex_docmd.c:2689)
          ==9882== by 0x496433: do_cmdline (ex_docmd.c:1127)
          ==9882== by 0x527A77: nv_colon (normal.c:5457)
          ==9882== by 0x52056B: normal_cmd (normal.c:1200)
          ==9882== by 0x63C17C: main_loop (main.c:1329)
          ==9882== by 0x63BA88: main (main.c:1020)
          ==9882== Address 0xe74d370 is 25,184 bytes inside a block of size 25,840 free'd
          ==9882== at 0x4C2B4F0: realloc (in
          /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
          ==9882== by 0x573626: addstate (regexp_nfa.c:3959)
          ==9882== by 0x57374A: addstate (regexp_nfa.c:3994)
          ==9882== by 0x573D27: addstate_here (regexp_nfa.c:4214)
          ==9882== by 0x5757B4: nfa_regmatch (regexp_nfa.c:5290)
          ==9882== by 0x577CC1: nfa_regtry (regexp_nfa.c:6242)
          ==9882== by 0x5783A5: nfa_regexec_both (regexp_nfa.c:6426)
          ==9882== by 0x578764: nfa_regexec_nl (regexp_nfa.c:6623)
          ==9882== by 0x5789C2: vim_regexec_nl (regexp.c:8067)
          ==9882== by 0x46E33C: find_some_match (eval.c:13941)
          ==9882== by 0x46E907: f_matchlist (eval.c:14131)
          ==9882== by 0x46641A: call_func (eval.c:8530)
          ==9882== by 0x465E8C: get_func_tv (eval.c:8343)
          ==9882== by 0x461702: eval7 (eval.c:5153)
          ==9882== by 0x460FA9: eval6 (eval.c:4805)
          ==9882== by 0x460AF9: eval5 (eval.c:4621)
          ==9882== by 0x45FE00: eval4 (eval.c:4314)
          ==9882== by 0x45FC44: eval3 (eval.c:4226)
          ==9882== by 0x45FAC3: eval2 (eval.c:4155)
          ==9882== by 0x45F902: eval1 (eval.c:4080)
          ==9882== by 0x45F861: eval0 (eval.c:4037)
          ==9882== by 0x45B5FD: ex_let (eval.c:1890)
          ==9882== by 0x498EB5: do_one_cmd (ex_docmd.c:2689)
          ==9882== by 0x496433: do_cmdline (ex_docmd.c:1127)
          ==9882== by 0x527A77: nv_colon (normal.c:5457)
          ==9882== by 0x52056B: normal_cmd (normal.c:1200)
          ==9882== by 0x63C17C: main_loop (main.c:1329)
          ==9882== by 0x63BA88: main (main.c:1020)
          (more errors after that)

          Dominique

          --
          --
          You received this message from the "vim_dev" maillist.
          Do not top-post! Type your reply below the text you are replying to.
          For more information, visit http://www.vim.org/maillist.php

          ---
          You received this message because you are subscribed to the Google Groups "vim_dev" group.
          To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
          For more options, visit https://groups.google.com/groups/opt_out.
        • Simon Ruderich
          ... Ah, sorry. Forgot to mention that. It was test64. Regards Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id:
          Message 4 of 6 , Jun 30, 2013
          • 0 Attachment
            On Sun, Jun 30, 2013 at 08:19:05PM +0200, Dominique Pellé wrote:
            > I see that running "make test" with valgrind
            > detects the bug in test 64 using vim-7.3.1278:

            Ah, sorry. Forgot to mention that. It was test64.

            Regards
            Simon
            --
            + privacy is necessary
            + using gnupg http://gnupg.org
            + public key id: 0x92FEFDB7E44C32F9
          • Bram Moolenaar
            ... [...] I can reproduce it with test 64, as Dominique suggested. -- A poem: read aloud: !* # Waka waka bang splat tick tick
            Message 5 of 6 , Jun 30, 2013
            • 0 Attachment
              Simon Ruderich wrote:

              > On Wed, Jun 26, 2013 at 06:17:24PM +0200, Bram Moolenaar wrote:
              > > Patch 7.3.1247
              > > Problem: New regexp engine: '[ ]\@!\p\%([ ]\@!\p\)*:' does not always match.
              > > Solution: When there is a PIM add a duplicate state that starts at another
              > > position.
              > > Files: src/regexp_nfa.c, src/testdir/test64.in, src/testdir/test64.ok
              >
              > Since this patch, valgrind reports the following errors (compiled
              > with patch 7.3.1278):
              >
              > Invalid read of size 4
              > at 0x4EEB40: copy_sub (in src/vim)
              > by 0x4EF70E: addstate (in src/vim)
              > by 0x4EF866: addstate (in src/vim)
              > by 0x4EFC75: addstate_here (in src/vim)
              > by 0x4FC6D9: nfa_regmatch (in src/vim)
              > by 0x501402: nfa_regtry (in src/vim)

              [...]

              I can reproduce it with test 64, as Dominique suggested.

              --
              A poem: read aloud:

              <> !*''# Waka waka bang splat tick tick hash,
              ^"`$$- Caret quote back-tick dollar dollar dash,
              !*=@$_ Bang splat equal at dollar under-score,
              %*<> ~#4 Percent splat waka waka tilde number four,
              &[]../ Ampersand bracket bracket dot dot slash,
              |{,,SYSTEM HALTED Vertical-bar curly-bracket comma comma CRASH.

              Fred Bremmer and Steve Kroese (Calvin College & Seminary of Grand Rapids, MI.)

              /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
              /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
              \\\ an exciting new programming language -- http://www.Zimbu.org ///
              \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

              --
              --
              You received this message from the "vim_dev" maillist.
              Do not top-post! Type your reply below the text you are replying to.
              For more information, visit http://www.vim.org/maillist.php

              ---
              You received this message because you are subscribed to the Google Groups "vim_dev" group.
              To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscribe@....
              For more options, visit https://groups.google.com/groups/opt_out.
            Your message has been successfully submitted and would be delivered to recipients shortly.