Re: bug#25390: Segfault with sed 4.3

[Norihiro Tanaka]

On Sun, 8 Jan 2017 12:49:42 -0800
Paul Eggert <address@hidden> wrote:

> Assaf Gordon wrote:
> > The immediate cause is somewhere in gnulib's DFA module.
> 
> The bug was introduced in Gnulib, in commit 
> 403adf1b40897ba108075008c10bd38d937e1539
> dated 2016-11-25 and labeled "dfa: addition of new state on demand".
> It's not a bug that grep runs into, since grep doesn't use the
> newline transition that sed does. I installed the attached patch to
> fix the Gnulib bug. I'll leave Bug#25390 open, as I assume you'll
> want to check it for 'sed' and add a test case for 'sed'.

Thanks for fixing quickly.

I wrote two additional patches for dfa.  First, derive number of
allocation from not argument but number of state in transition table
allocation.  Second, melt down dfastate() into build_state().  Now, I
think that there do not have to be separated.

I also wrote a simple test, but the issue are not always caused, as it
depends on state of memory.  Should we rely to complate the test on
valgrind?

0001-dfa-simplify-transition-table-allocation.patch
Description: Text document

0002-dfa-melt-down-dfastate-into-build_state.patch
Description: Text document

0001-tests-new-test-for-dfa-crash-bug.patch
Description: Text document