On Mon, May 20, 2013 at 5:28 PM, Charles <[email protected]> wrote:
> Hi,
>
> In my gvim, the new regexp engine crash gvim for this regexp
>
> 0x02a60c72 "htmlSpecialChar "&#\=[0-9A-Za-z]\{1,8};""
>
> The crash happens here
>
> /*
> * Allocate and initialize nfa_state_T.
> */
> static nfa_state_T *
> new_state(c, out, out1)
> int c;
> nfa_state_T *out;
> nfa_state_T *out1;
> {
> nfa_state_T *s;
>
> if (istate >= nstate)
> return NULL;
>
> s = &state_ptr[istate++];
>
> s->c = c;
> s->out = out;
> s->out1 = out1; // <----- Access violation here, probably because
> s points to foreign memory
>
> s->id = istate;
> s->lastlist = 0;
> s->lastthread = NULL;
> s->visits = 0;
> s->negated = FALSE;
>
> return s;
> }
>
It seems to be that the cause is insufficient initial size here
line 232:
/* A reasonable estimation for size */
nstate_max = (STRLEN(expr) + 1) * NFA_POSTFIX_MULTIPLIER;
When it crashed, it's trying to access member no. 714 while the
currently allocated array is only 631.
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
