On Mon, May 20, 2013 at 5:37 PM, Charles <[email protected]> wrote: > On Mon, May 20, 2013 at 5:28 PM, Charles <[email protected]> wrote: >> Hi, >> >> In my gvim, the new regexp engine crash gvim for this regexp >> >> 0x02a60c72 "htmlSpecialChar "&#\=[0-9A-Za-z]\{1,8};"" >> >> The crash happens here >> >> /* >> * Allocate and initialize nfa_state_T. >> */ >> static nfa_state_T * >> new_state(c, out, out1) >> int c; >> nfa_state_T *out; >> nfa_state_T *out1; >> { >> nfa_state_T *s; >> >> if (istate >= nstate) >> return NULL; >> >> s = &state_ptr[istate++]; >> >> s->c = c; >> s->out = out; >> s->out1 = out1; // <----- Access violation here, probably because >> s points to foreign memory >> >> s->id = istate; >> s->lastlist = 0; >> s->lastthread = NULL; >> s->visits = 0; >> s->negated = FALSE; >> >> return s; >> } >> > > It seems to be that the cause is insufficient initial size here > > line 232: > /* A reasonable estimation for size */ > nstate_max = (STRLEN(expr) + 1) * NFA_POSTFIX_MULTIPLIER; > > When it crashed, it's trying to access member no. 714 while the > currently allocated array is only 631.
Works fine with nstate_max = (STRLEN(expr) * 2) * NFA_POSTFIX_MULTIPLIER; -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
