/[pcre]/code/trunk/pcre_exec.c

Diff of /code/trunk/pcre_exec.c

Parent Directory | Revision Log | View Patch Patch

-revision 137 by ph10,
Thu Mar 29 13:56:00 2007 UTC
+revision 742 by zherczeg,
Sun Nov  6 08:05:33 2011 UTC
 Line 6
  and semantics are as close as possible to those of the Perl 5 language.
                         Written by Philip Hazel
-            Copyright (c) 1997-2007 University of Cambridge
+            Copyright (c) 1997-2011 University of Cambridge
  -----------------------------------------------------------------------------
  Redistribution and use in source and binary forms, with or without
 Line 42 
 POSSIBILITY OF SUCH DAMAGE.
  pattern matching using an NFA algorithm, trying to mimic Perl as closely as
  possible. There are also some static supporting functions. */
+ #ifdef HAVE_CONFIG_H
+ #include "config.h"
+ #endif
  #define NLBLOCK md             /* Block containing newline information */
  #define PSSTART start_subject  /* Field containing processed string start */
  #define PSEND   end_subject    /* Field containing processed string end */
-Line 53 
 possible. There are also some static sup
+Line 57 
 possible. There are also some static sup
  #undef min
  #undef max
- /* The chain of eptrblocks for tail recursions uses memory in stack workspace,
+ /* Values for setting in md->match_function_type to indicate two special types
- obtained at top level, the size of which is defined by EPTR_WORK_SIZE. */
+ of call to match(). We do it this way to save on using another stack variable,
+ as stack usage is to be discouraged. */
- #define EPTR_WORK_SIZE (1000)
- /* Flag bits for the match() function */
- #define match_condassert     0x01  /* Called to check a condition assertion */
+ #define MATCH_CONDASSERT     1  /* Called to check a condition assertion */
- #define match_cbegroup       0x02  /* Could-be-empty unlimited repeat group */
+ #define MATCH_CBEGROUP       2  /* Could-be-empty unlimited repeat group */
- #define match_tail_recursed  0x04  /* Tail recursive call */
  /* Non-error returns from the match() function. Error returns are externally
  defined PCRE_ERROR_xxx codes, which are all negative. */
 Line 70 
 defined PCRE_ERROR_xxx codes, which are
  #define MATCH_MATCH        1
  #define MATCH_NOMATCH      0
+ /* Special internal returns from the match() function. Make them sufficiently
+ negative to avoid the external error codes. */
+ #define MATCH_ACCEPT       (-999)
+ #define MATCH_COMMIT       (-998)
+ #define MATCH_KETRPOS      (-997)
+ #define MATCH_ONCE         (-996)
+ #define MATCH_PRUNE        (-995)
+ #define MATCH_SKIP         (-994)
+ #define MATCH_SKIP_ARG     (-993)
+ #define MATCH_THEN         (-992)
+ /* This is a convenience macro for code that occurs many times. */
+ #define MRRETURN(ra) \
+   { \
+   md->mark = markptr; \
+   RRETURN(ra); \
+   }
  /* Maximum number of ints of offset to save on the stack for recursive calls.
  If the offset vector is bigger, malloc is used. This should be a multiple of 3,
  because the offset vector is always a multiple of 3 long. */
-Line 83 
 static const char rep_max[] = { 0, 0, 0,
+Line 103 
 static const char rep_max[] = { 0, 0, 0,
- #ifdef DEBUG
+ #ifdef PCRE_DEBUG
  /*************************************************
  *        Debugging function to print chars       *
  *************************************************/
-Line 116 
 while (length-- > 0)
+Line 136 
 while (length-- > 0)
  *          Match a back-reference                *
  *************************************************/
- /* If a back reference hasn't been set, the length that is passed is greater
+ /* Normally, if a back reference hasn't been set, the length that is passed is
- than the number of characters left in the string, so the match fails.
+ negative, so the match always fails. However, in JavaScript compatibility mode,
+ the length passed is zero. Note that in caseless UTF-8 mode, the number of
+ subject bytes matched may be different to the number of reference bytes.
  Arguments:
    offset      index into the offset vector
-   eptr        points into the subject
+   eptr        pointer into the subject
-   length      length to be matched
+   length      length of reference to be matched (number of bytes)
    md          points to match data block
-   ims         the ims flags
+   caseless    TRUE if caseless
- Returns:      TRUE if matched
+ Returns:      < 0 if not matched, otherwise the number of subject bytes matched
  */
- static BOOL
+ static int
  match_ref(int offset, register USPTR eptr, int length, match_data *md,
-   unsigned long int ims)
+   BOOL caseless)
  {
- USPTR p = md->start_subject + md->offset_vector[offset];
+ USPTR eptr_start = eptr;
+ register USPTR p = md->start_subject + md->offset_vector[offset];
- #ifdef DEBUG
+ #ifdef PCRE_DEBUG
  if (eptr >= md->end_subject)
    printf("matching subject <null>");
  else
-Line 148 
 pchars(p, length, FALSE, md);
+Line 171 
 pchars(p, length, FALSE, md);
  printf("\n");
  #endif
- /* Always fail if not enough characters left */
+ /* Always fail if reference not set (and not JavaScript compatible). */
- if (length > md->end_subject - eptr) return FALSE;
+ if (length < 0) return -1;
- /* Separate the caselesss case for speed */
+ /* Separate the caseless case for speed. In UTF-8 mode we can only do this
+ properly if Unicode properties are supported. Otherwise, we can check only
+ ASCII characters. */
- if ((ims & PCRE_CASELESS) != 0)
+ if (caseless)
    {
-   while (length-- > 0)
+ #ifdef SUPPORT_UTF8
-     if (md->lcc[*p++] != md->lcc[*eptr++]) return FALSE;
+ #ifdef SUPPORT_UCP
+   if (md->utf8)
+     {
+     /* Match characters up to the end of the reference. NOTE: the number of
+     bytes matched may differ, because there are some characters whose upper and
+     lower case versions code as different numbers of bytes. For example, U+023A
+     (2 bytes in UTF-8) is the upper case version of U+2C65 (3 bytes in UTF-8);
+     a sequence of 3 of the former uses 6 bytes, as does a sequence of two of
+     the latter. It is important, therefore, to check the length along the
+     reference, not along the subject (earlier code did this wrong). */
+     USPTR endptr = p + length;
+     while (p < endptr)
+       {
+       int c, d;
+       if (eptr >= md->end_subject) return -1;
+       GETCHARINC(c, eptr);
+       GETCHARINC(d, p);
+       if (c != d && c != UCD_OTHERCASE(d)) return -1;
+       }
+     }
+   else
+ #endif
+ #endif
+   /* The same code works when not in UTF-8 mode and in UTF-8 mode when there
+   is no UCP support. */
+     {
+     if (eptr + length > md->end_subject) return -1;
+     while (length-- > 0)
+       { if (md->lcc[*p++] != md->lcc[*eptr++]) return -1; }
+     }
    }
+ /* In the caseful case, we can just compare the bytes, whether or not we
+ are in UTF-8 mode. */
  else
-   { while (length-- > 0) if (*p++ != *eptr++) return FALSE; }
+   {
+   if (eptr + length > md->end_subject) return -1;
+   while (length-- > 0) if (*p++ != *eptr++) return -1;
+   }
- return TRUE;
+ return eptr - eptr_start;
  }
-Line 188 
 calls by keeping local variables that ne
+Line 251 
 calls by keeping local variables that ne
  obtained from malloc() instead instead of on the stack. Macros are used to
  achieve this so that the actual code doesn't look very different to what it
  always used to.
+ The original heap-recursive code used longjmp(). However, it seems that this
+ can be very slow on some operating systems. Following a suggestion from Stan
+ Switzer, the use of longjmp() has been abolished, at the cost of having to
+ provide a unique number for each call to RMATCH. There is no way of generating
+ a sequence of numbers at compile time in C. I have given them names, to make
+ them stand out more clearly.
+ Crude tests on x86 Linux show a small speedup of around 5-8%. However, on
+ FreeBSD, avoiding longjmp() more than halves the time taken to run the standard
+ tests. Furthermore, not using longjmp() means that local dynamic variables
+ don't have indeterminate values; this has meant that the frame size can be
+ reduced because the result can be "passed back" by straight setting of the
+ variable instead of being passed in the frame.
  ****************************************************************************
  ***************************************************************************/
+ /* Numbers for RMATCH calls. When this list is changed, the code at HEAP_RETURN
+ below must be updated in sync.  */
+ enum { RM1=1, RM2,  RM3,  RM4,  RM5,  RM6,  RM7,  RM8,  RM9,  RM10,
+        RM11,  RM12, RM13, RM14, RM15, RM16, RM17, RM18, RM19, RM20,
+        RM21,  RM22, RM23, RM24, RM25, RM26, RM27, RM28, RM29, RM30,
+        RM31,  RM32, RM33, RM34, RM35, RM36, RM37, RM38, RM39, RM40,
+        RM41,  RM42, RM43, RM44, RM45, RM46, RM47, RM48, RM49, RM50,
+        RM51,  RM52, RM53, RM54, RM55, RM56, RM57, RM58, RM59, RM60,
+        RM61,  RM62, RM63, RM64, RM65, RM66 };
  /* These versions of the macros use the stack, as normal. There are debugging
- versions and production versions. */
+ versions and production versions. Note that the "rw" argument of RMATCH isn't
+ actually used in this definition. */
  #ifndef NO_RECURSE
  #define REGISTER register
- #ifdef DEBUG
- #define RMATCH(rx,ra,rb,rc,rd,re,rf,rg) \
+ #ifdef PCRE_DEBUG
+ #define RMATCH(ra,rb,rc,rd,re,rw) \
    { \
    printf("match() called in line %d\n", __LINE__); \
-   rx = match(ra,rb,rc,rd,re,rf,rg,rdepth+1); \
+   rrc = match(ra,rb,mstart,markptr,rc,rd,re,rdepth+1); \
    printf("to line %d\n", __LINE__); \
    }
  #define RRETURN(ra) \
-Line 210 
 versions and production versions. */
+Line 299 
 versions and production versions. */
    return ra; \
    }
  #else
- #define RMATCH(rx,ra,rb,rc,rd,re,rf,rg) \
+ #define RMATCH(ra,rb,rc,rd,re,rw) \
-   rx = match(ra,rb,rc,rd,re,rf,rg,rdepth+1)
+   rrc = match(ra,rb,mstart,markptr,rc,rd,re,rdepth+1)
  #define RRETURN(ra) return ra
  #endif
  #else
- /* These versions of the macros manage a private stack on the heap. Note
+ /* These versions of the macros manage a private stack on the heap. Note that
- that the rd argument of RMATCH isn't actually used. It's the md argument of
+ the "rd" argument of RMATCH isn't actually used in this definition. It's the md
- match(), which never changes. */
+ argument of match(), which never changes. */
  #define REGISTER
- #define RMATCH(rx,ra,rb,rc,rd,re,rf,rg)\
+ #define RMATCH(ra,rb,rc,rd,re,rw)\
    {\
-   heapframe *newframe = (pcre_stack_malloc)(sizeof(heapframe));\
+   heapframe *newframe = (heapframe *)(pcre_stack_malloc)(sizeof(heapframe));\
-   if (setjmp(frame->Xwhere) == 0)\
+   if (newframe == NULL) RRETURN(PCRE_ERROR_NOMEMORY);\
-     {\
+   frame->Xwhere = rw; \
-     newframe->Xeptr = ra;\
+   newframe->Xeptr = ra;\
-     newframe->Xecode = rb;\
+   newframe->Xecode = rb;\
-     newframe->Xoffset_top = rc;\
+   newframe->Xmstart = mstart;\
-     newframe->Xims = re;\
+   newframe->Xmarkptr = markptr;\
-     newframe->Xeptrb = rf;\
+   newframe->Xoffset_top = rc;\
-     newframe->Xflags = rg;\
+   newframe->Xeptrb = re;\
-     newframe->Xrdepth = frame->Xrdepth + 1;\
+   newframe->Xrdepth = frame->Xrdepth + 1;\
-     newframe->Xprevframe = frame;\
+   newframe->Xprevframe = frame;\
-     frame = newframe;\
+   frame = newframe;\
-     DPRINTF(("restarting from line %d\n", __LINE__));\
+   DPRINTF(("restarting from line %d\n", __LINE__));\
-     goto HEAP_RECURSE;\
+   goto HEAP_RECURSE;\
-     }\
+   L_##rw:\
-   else\
+   DPRINTF(("jumped back to line %d\n", __LINE__));\
-     {\
-     DPRINTF(("longjumped back to line %d\n", __LINE__));\
-     frame = md->thisframe;\
-     rx = frame->Xresult;\
-     }\
    }
  #define RRETURN(ra)\
    {\
-   heapframe *newframe = frame;\
+   heapframe *oldframe = frame;\
-   frame = newframe->Xprevframe;\
+   frame = oldframe->Xprevframe;\
-   (pcre_stack_free)(newframe);\
+   (pcre_stack_free)(oldframe);\
    if (frame != NULL)\
      {\
-     frame->Xresult = ra;\
+     rrc = ra;\
-     md->thisframe = frame;\
+     goto HEAP_RETURN;\
-     longjmp(frame->Xwhere, 1);\
      }\
    return ra;\
    }
-Line 271 
 typedef struct heapframe {
+Line 354 
 typedef struct heapframe {
    /* Function arguments that may change */
-   const uschar *Xeptr;
+   USPTR Xeptr;
    const uschar *Xecode;
+   USPTR Xmstart;
+   USPTR Xmarkptr;
    int Xoffset_top;
-   long int Xims;
    eptrblock *Xeptrb;
-   int Xflags;
    unsigned int Xrdepth;
    /* Function local variables */
-   const uschar *Xcallpat;
+   USPTR Xcallpat;
-   const uschar *Xcharptr;
+ #ifdef SUPPORT_UTF8
-   const uschar *Xdata;
+   USPTR Xcharptr;
-   const uschar *Xnext;
+ #endif
-   const uschar *Xpp;
+   USPTR Xdata;
-   const uschar *Xprev;
+   USPTR Xnext;
-   const uschar *Xsaved_eptr;
+   USPTR Xpp;
+   USPTR Xprev;
+   USPTR Xsaved_eptr;
    recursion_info Xnew_recursive;
-Line 295 
 typedef struct heapframe {
+Line 380 
 typedef struct heapframe {
    BOOL Xcondition;
    BOOL Xprev_is_word;
-   unsigned long int Xoriginal_ims;
  #ifdef SUPPORT_UCP
    int Xprop_type;
    int Xprop_value;
    int Xprop_fail_result;
-   int Xprop_category;
-   int Xprop_chartype;
-   int Xprop_script;
    int Xoclength;
    uschar Xocchars[8];
  #endif
+   int Xcodelink;
    int Xctype;
    unsigned int Xfc;
    int Xfi;
-Line 323 
 typedef struct heapframe {
+Line 404 
 typedef struct heapframe {
    eptrblock Xnewptrb;
-   /* Place to pass back result, and where to jump back to */
+   /* Where to jump back to */
-   int  Xresult;
+   int Xwhere;
-   jmp_buf Xwhere;
  } heapframe;
-Line 344 
 typedef struct heapframe {
+Line 424 
 typedef struct heapframe {
  /* This function is called recursively in many circumstances. Whenever it
  returns a negative (error) response, the outer incarnation must also return the
- same response.
+ same response. */
+ /* These macros pack up tests that are used for partial matching, and which
+ appears several times in the code. We set the "hit end" flag if the pointer is
+ at the end of the subject and also past the start of the subject (i.e.
+ something has been matched). For hard partial matching, we then return
+ immediately. The second one is used when we already know we are past the end of
+ the subject. */
+ #define CHECK_PARTIAL()\
+   if (md->partial != 0 && eptr >= md->end_subject && \
+       eptr > md->start_used_ptr) \
+     { \
+     md->hitend = TRUE; \
+     if (md->partial > 1) MRRETURN(PCRE_ERROR_PARTIAL); \
+     }
+ #define SCHECK_PARTIAL()\
+   if (md->partial != 0 && eptr > md->start_used_ptr) \
+     { \
+     md->hitend = TRUE; \
+     if (md->partial > 1) MRRETURN(PCRE_ERROR_PARTIAL); \
+     }
- Performance note: It might be tempting to extract commonly used fields from the
- md structure (e.g. utf8, end_subject) into individual variables to improve
+ /* Performance note: It might be tempting to extract commonly used fields from
+ the md structure (e.g. utf8, end_subject) into individual variables to improve
  performance. Tests using gcc on a SPARC disproved this; in the first case, it
  made performance worse.
  Arguments:
     eptr        pointer to current character in subject
     ecode       pointer to current position in compiled code
+    mstart      pointer to the current match start position (can be modified
+                  by encountering \K)
+    markptr     pointer to the most recent MARK name, or NULL
     offset_top  current top pointer
     md          pointer to "static" info for the match
-    ims         current /i, /m, and /s options
     eptrb       pointer to chain of blocks containing eptr at start of
                   brackets - for testing for empty matches
-    flags       can contain
-                  match_condassert - this is an assertion condition
-                  match_cbegroup - this is the start of an unlimited repeat
-                    group that can match an empty string
-                  match_tail_recursed - this is a tail_recursed group
     rdepth      the recursion depth
  Returns:       MATCH_MATCH if matched            )  these values are >= 0
                 MATCH_NOMATCH if failed to match  )
+                a negative MATCH_xxx value for PRUNE, SKIP, etc
                 a negative PCRE_ERROR_xxx value if aborted by an error condition
                   (e.g. stopped by repeated call or recursion limit)
  */
  static int
- match(REGISTER USPTR eptr, REGISTER const uschar *ecode,
+ match(REGISTER USPTR eptr, REGISTER const uschar *ecode, USPTR mstart,
-   int offset_top, match_data *md, unsigned long int ims, eptrblock *eptrb,
+   const uschar *markptr, int offset_top, match_data *md, eptrblock *eptrb,
-   int flags, unsigned int rdepth)
+   unsigned int rdepth)
  {
  /* These variables do not need to be preserved over recursion in this function,
  so they can be ordinary variables in all cases. Mark some of them with
-Line 387 
 register unsigned int c;   /* Character
+Line 488 
 register unsigned int c;   /* Character
  register BOOL utf8;        /* Local copy of UTF-8 flag for speed */
  BOOL minimize, possessive; /* Quantifier options */
+ BOOL caseless;
+ int condcode;
  /* When recursion is not being used, all "local" variables that have to be
  preserved over calls to RMATCH() are part of a "frame" which is obtained from
-Line 394 
 heap storage. Set up the top-level frame
+Line 497 
 heap storage. Set up the top-level frame
  heap whenever RMATCH() does a "recursion". See the macro definitions above. */
  #ifdef NO_RECURSE
- heapframe *frame = (pcre_stack_malloc)(sizeof(heapframe));
+ heapframe *frame = (heapframe *)(pcre_stack_malloc)(sizeof(heapframe));
+ if (frame == NULL) RRETURN(PCRE_ERROR_NOMEMORY);
  frame->Xprevframe = NULL;            /* Marks the top level */
  /* Copy in the original argument variables */
  frame->Xeptr = eptr;
  frame->Xecode = ecode;
+ frame->Xmstart = mstart;
+ frame->Xmarkptr = markptr;
  frame->Xoffset_top = offset_top;
- frame->Xims = ims;
  frame->Xeptrb = eptrb;
- frame->Xflags = flags;
  frame->Xrdepth = rdepth;
  /* This is where control jumps back to to effect "recursion" */
-Line 415 
 HEAP_RECURSE:
+Line 519 
 HEAP_RECURSE:
  #define eptr               frame->Xeptr
  #define ecode              frame->Xecode
+ #define mstart             frame->Xmstart
+ #define markptr            frame->Xmarkptr
  #define offset_top         frame->Xoffset_top
- #define ims                frame->Xims
  #define eptrb              frame->Xeptrb
- #define flags              frame->Xflags
  #define rdepth             frame->Xrdepth
  /* Ditto for the local variables */
-Line 427 
 HEAP_RECURSE:
+Line 531 
 HEAP_RECURSE:
  #define charptr            frame->Xcharptr
  #endif
  #define callpat            frame->Xcallpat
+ #define codelink           frame->Xcodelink
  #define data               frame->Xdata
  #define next               frame->Xnext
  #define pp                 frame->Xpp
-Line 439 
 HEAP_RECURSE:
+Line 544 
 HEAP_RECURSE:
  #define condition          frame->Xcondition
  #define prev_is_word       frame->Xprev_is_word
- #define original_ims       frame->Xoriginal_ims
  #ifdef SUPPORT_UCP
  #define prop_type          frame->Xprop_type
  #define prop_value         frame->Xprop_value
  #define prop_fail_result   frame->Xprop_fail_result
- #define prop_category      frame->Xprop_category
- #define prop_chartype      frame->Xprop_chartype
- #define prop_script        frame->Xprop_script
  #define oclength           frame->Xoclength
  #define occhars            frame->Xocchars
  #endif
-Line 477 
 i, and fc and c, can be the same variabl
+Line 577 
 i, and fc and c, can be the same variabl
  #define fi i
  #define fc c
+ /* Many of the following variables are used only in small blocks of the code.
+ My normal style of coding would have declared them within each of those blocks.
+ However, in order to accommodate the version of this code that uses an external
+ "stack" implemented on the heap, it is easier to declare them all here, so the
+ declarations can be cut out in a block. The only declarations within blocks
+ below are for variables that do not have to be preserved over a recursive call
+ to RMATCH(). */
+ #ifdef SUPPORT_UTF8
+ const uschar *charptr;
+ #endif
+ const uschar *callpat;
+ const uschar *data;
+ const uschar *next;
+ USPTR         pp;
+ const uschar *prev;
+ USPTR         saved_eptr;
+ recursion_info new_recursive;
- #ifdef SUPPORT_UTF8                /* Many of these variables are used only  */
+ BOOL cur_is_word;
- const uschar *charptr;             /* in small blocks of the code. My normal */
- #endif                             /* style of coding would have declared    */
- const uschar *callpat;             /* them within each of those blocks.      */
- const uschar *data;                /* However, in order to accommodate the   */
- const uschar *next;                /* version of this code that uses an      */
- USPTR         pp;                  /* external "stack" implemented on the    */
- const uschar *prev;                /* heap, it is easier to declare them all */
- USPTR         saved_eptr;          /* here, so the declarations can be cut   */
-                                    /* out in a block. The only declarations  */
- recursion_info new_recursive;      /* within blocks below are for variables  */
-                                    /* that do not have to be preserved over  */
- BOOL cur_is_word;                  /* a recursive call to RMATCH().          */
  BOOL condition;
  BOOL prev_is_word;
- unsigned long int original_ims;
  #ifdef SUPPORT_UCP
  int prop_type;
  int prop_value;
  int prop_fail_result;
- int prop_category;
- int prop_chartype;
- int prop_script;
  int oclength;
  uschar occhars[8];
  #endif
+ int codelink;
  int ctype;
  int length;
  int max;
-Line 521 
 int stacksave[REC_STACK_SAVE_MAX];
+Line 624 
 int stacksave[REC_STACK_SAVE_MAX];
  eptrblock newptrb;
  #endif     /* NO_RECURSE */
+ /* To save space on the stack and in the heap frame, I have doubled up on some
+ of the local variables that are used only in localised parts of the code, but
+ still need to be preserved over recursive calls of match(). These macros define
+ the alternative names that are used. */
+ #define allow_zero    cur_is_word
+ #define cbegroup      condition
+ #define code_offset   codelink
+ #define condassert    condition
+ #define matched_once  prev_is_word
  /* These statements are here to stop the compiler complaining about unitialized
  variables. */
-Line 540 
 TAIL_RECURSE:
+Line 654 
 TAIL_RECURSE:
  /* OK, now we can get on with the real code of the function. Recursive calls
  are specified by the macro RMATCH and RRETURN is used to return. When
  NO_RECURSE is *not* defined, these just turn into a recursive call to match()
- and a "return", respectively (possibly with some debugging if DEBUG is
+ and a "return", respectively (possibly with some debugging if PCRE_DEBUG is
  defined). However, RMATCH isn't like a function call because it's quite a
  complicated macro. It has to be used in one particular way. This shouldn't,
  however, impact performance when true recursion is being used. */
- /* First check that we haven't called match() too many times, or that we
- haven't exceeded the recursive call limit. */
- if (md->match_call_count++ >= md->match_limit) RRETURN(PCRE_ERROR_MATCHLIMIT);
- if (rdepth >= md->match_limit_recursion) RRETURN(PCRE_ERROR_RECURSIONLIMIT);
- original_ims = ims;    /* Save for resetting on ')' */
  #ifdef SUPPORT_UTF8
  utf8 = md->utf8;       /* Local copy of the flag */
  #else
  utf8 = FALSE;
  #endif
+ /* First check that we haven't called match() too many times, or that we
+ haven't exceeded the recursive call limit. */
+ if (md->match_call_count++ >= md->match_limit) RRETURN(PCRE_ERROR_MATCHLIMIT);
+ if (rdepth >= md->match_limit_recursion) RRETURN(PCRE_ERROR_RECURSIONLIMIT);
  /* At the start of a group with an unlimited repeat that may match an empty
- string, the match_cbegroup flag is set. When this is the case, add the current
+ string, the variable md->match_function_type is set to MATCH_CBEGROUP. It is
- subject pointer to the chain of such remembered pointers, to be checked when we
+ done this way to save having to use another function argument, which would take
- hit the closing ket, in order to break infinite loops that match no characters.
+ up space on the stack. See also MATCH_CONDASSERT below.
- When match() is called in other circumstances, don't add to the chain. If this
- is a tail recursion, use a block from the workspace, as the one on the stack is
+ When MATCH_CBEGROUP is set, add the current subject pointer to the chain of
- already used. */
+ such remembered pointers, to be checked when we hit the closing ket, in order
+ to break infinite loops that match no characters. When match() is called in
+ other circumstances, don't add to the chain. The MATCH_CBEGROUP feature must
+ NOT be used with tail recursion, because the memory block that is used is on
+ the stack, so a new one may be required for each match(). */
- if ((flags & match_cbegroup) != 0)
+ if (md->match_function_type == MATCH_CBEGROUP)
    {
-   eptrblock *p;
+   newptrb.epb_saved_eptr = eptr;
-   if ((flags & match_tail_recursed) != 0)
+   newptrb.epb_prev = eptrb;
-     {
+   eptrb = &newptrb;
-     if (md->eptrn >= EPTR_WORK_SIZE) RRETURN(PCRE_ERROR_NULLWSLIMIT);
+   md->match_function_type = 0;
-     p = md->eptrchain + md->eptrn++;
-     }
-   else p = &newptrb;
-   p->epb_saved_eptr = eptr;
-   p->epb_prev = eptrb;
-   eptrb = p;
    }
  /* Now start processing the opcodes. */
-Line 588 
 for (;;)
+Line 698 
 for (;;)
    minimize = possessive = FALSE;
    op = *ecode;
-   /* For partial matching, remember if we ever hit the end of the subject after
-   matching at least one subject character. */
-   if (md->partial &&
-       eptr >= md->end_subject &&
-       eptr > md->start_match)
-     md->hitend = TRUE;
    switch(op)
      {
-     /* Handle a capturing bracket. If there is space in the offset vector, save
+     case OP_MARK:
-     the current subject position in the working slot at the top of the vector.
+     markptr = ecode + 2;
-     We mustn't change the current values of the data slot, because they may be
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode] + ecode[1], offset_top, md,
-     set from a previous iteration of this group, and be referred to by a
+       eptrb, RM55);
-     reference inside the group.
+     /* A return of MATCH_SKIP_ARG means that matching failed at SKIP with an
-     If the bracket fails to match, we need to restore this value and also the
+     argument, and we must check whether that argument matches this MARK's
-     values of the final offsets, in case they were set by a previous iteration
+     argument. It is passed back in md->start_match_ptr (an overloading of that
-     of the same bracket.
+     variable). If it does match, we reset that variable to the current subject
+     position and return MATCH_SKIP. Otherwise, pass back the return code
+     unaltered. */
+     if (rrc == MATCH_SKIP_ARG &&
+         strcmp((char *)markptr, (char *)(md->start_match_ptr)) == 0)
+       {
+       md->start_match_ptr = eptr;
+       RRETURN(MATCH_SKIP);
+       }
+     if (md->mark == NULL) md->mark = markptr;
+     RRETURN(rrc);
+     case OP_FAIL:
+     MRRETURN(MATCH_NOMATCH);
+     /* COMMIT overrides PRUNE, SKIP, and THEN */
+     case OP_COMMIT:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+       eptrb, RM52);
+     if (rrc != MATCH_NOMATCH && rrc != MATCH_PRUNE &&
+         rrc != MATCH_SKIP && rrc != MATCH_SKIP_ARG &&
+         rrc != MATCH_THEN)
+       RRETURN(rrc);
+     MRRETURN(MATCH_COMMIT);
+     /* PRUNE overrides THEN */
+     case OP_PRUNE:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+       eptrb, RM51);
+     if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN) RRETURN(rrc);
+     MRRETURN(MATCH_PRUNE);
+     case OP_PRUNE_ARG:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode] + ecode[1], offset_top, md,
+       eptrb, RM56);
+     if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN) RRETURN(rrc);
+     md->mark = ecode + 2;
+     RRETURN(MATCH_PRUNE);
+     /* SKIP overrides PRUNE and THEN */
+     case OP_SKIP:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+       eptrb, RM53);
+     if (rrc != MATCH_NOMATCH && rrc != MATCH_PRUNE && rrc != MATCH_THEN)
+       RRETURN(rrc);
+     md->start_match_ptr = eptr;   /* Pass back current position */
+     MRRETURN(MATCH_SKIP);
+     case OP_SKIP_ARG:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode] + ecode[1], offset_top, md,
+       eptrb, RM57);
+     if (rrc != MATCH_NOMATCH && rrc != MATCH_PRUNE && rrc != MATCH_THEN)
+       RRETURN(rrc);
+     /* Pass back the current skip name by overloading md->start_match_ptr and
+     returning the special MATCH_SKIP_ARG return code. This will either be
+     caught by a matching MARK, or get to the top, where it is treated the same
+     as PRUNE. */
+     md->start_match_ptr = ecode + 2;
+     RRETURN(MATCH_SKIP_ARG);
+     /* For THEN (and THEN_ARG) we pass back the address of the opcode, so that
+     the branch in which it occurs can be determined. Overload the start of
+     match pointer to do this. */
+     case OP_THEN:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+       eptrb, RM54);
+     if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+     md->start_match_ptr = ecode;
+     MRRETURN(MATCH_THEN);
+     case OP_THEN_ARG:
+     RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode] + ecode[1], offset_top,
+       md, eptrb, RM58);
+     if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+     md->start_match_ptr = ecode;
+     md->mark = ecode + 2;
+     RRETURN(MATCH_THEN);
+     /* Handle an atomic group that does not contain any capturing parentheses.
+     This can be handled like an assertion. Prior to 8.13, all atomic groups
+     were handled this way. In 8.13, the code was changed as below for ONCE, so
+     that backups pass through the group and thereby reset captured values.
+     However, this uses a lot more stack, so in 8.20, atomic groups that do not
+     contain any captures generate OP_ONCE_NC, which can be handled in the old,
+     less stack intensive way.
+     Check the alternative branches in turn - the matching won't pass the KET
+     for this kind of subpattern. If any one branch matches, we carry on as at
+     the end of a normal bracket, leaving the subject pointer, but resetting
+     the start-of-match value in case it was changed by \K. */
+     case OP_ONCE_NC:
+     prev = ecode;
+     saved_eptr = eptr;
+     do
+       {
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, eptrb, RM64);
+       if (rrc == MATCH_MATCH)  /* Note: _not_ MATCH_ACCEPT */
+         {
+         mstart = md->start_match_ptr;
+         break;
+         }
+       if (rrc == MATCH_THEN)
+         {
+         next = ecode + GET(ecode,1);
+         if (md->start_match_ptr < next &&
+             (*ecode == OP_ALT || *next == OP_ALT))
+           rrc = MATCH_NOMATCH;
+         }
+       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+       ecode += GET(ecode,1);
+       }
+     while (*ecode == OP_ALT);
+     /* If hit the end of the group (which could be repeated), fail */
+     if (*ecode != OP_ONCE_NC && *ecode != OP_ALT) RRETURN(MATCH_NOMATCH);
+     /* Continue as from after the group, updating the offsets high water
+     mark, since extracts may have been taken. */
+     do ecode += GET(ecode, 1); while (*ecode == OP_ALT);
+     offset_top = md->end_offset_top;
+     eptr = md->end_match_ptr;
+     /* For a non-repeating ket, just continue at this level. This also
+     happens for a repeating ket if no characters were matched in the group.
+     This is the forcible breaking of infinite loops as implemented in Perl
+.005. */
+     if (*ecode == OP_KET || eptr == saved_eptr)
+       {
+       ecode += 1+LINK_SIZE;
+       break;
+       }
+     /* The repeating kets try the rest of the pattern or restart from the
+     preceding bracket, in the appropriate order. The second "call" of match()
+     uses tail recursion, to avoid using another stack frame. */
+     if (*ecode == OP_KETRMIN)
+       {
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, eptrb, RM65);
+       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+       ecode = prev;
+       goto TAIL_RECURSE;
+       }
+     else  /* OP_KETRMAX */
+       {
+       md->match_function_type = MATCH_CBEGROUP;
+       RMATCH(eptr, prev, offset_top, md, eptrb, RM66);
+       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+       ecode += 1 + LINK_SIZE;
+       goto TAIL_RECURSE;
+       }
+     /* Control never gets here */
+     /* Handle a capturing bracket, other than those that are possessive with an
+     unlimited repeat. If there is space in the offset vector, save the current
+     subject position in the working slot at the top of the vector. We mustn't
+     change the current values of the data slot, because they may be set from a
+     previous iteration of this group, and be referred to by a reference inside
+     the group. A failure to match might occur after the group has succeeded,
+     if something later on doesn't match. For this reason, we need to restore
+     the working value and also the values of the final offsets, in case they
+     were set by a previous iteration of the same bracket.
      If there isn't enough space in the offset vector, treat this as if it were
      a non-capturing bracket. Don't worry about setting the flag for the error
-Line 617 
 for (;;)
+Line 894 
 for (;;)
      number = GET2(ecode, 1+LINK_SIZE);
      offset = number << 1;
- #ifdef DEBUG
+ #ifdef PCRE_DEBUG
      printf("start bracket %d\n", number);
      printf("subject=");
      pchars(eptr, 16, TRUE, md);
-Line 632 
 for (;;)
+Line 909 
 for (;;)
        save_capture_last = md->capture_last;
        DPRINTF(("saving %d %d %d\n", save_offset1, save_offset2, save_offset3));
-       md->offset_vector[md->offset_end - number] = eptr - md->start_subject;
+       md->offset_vector[md->offset_end - number] =
+         (int)(eptr - md->start_subject);
-       flags = (op == OP_SCBRA)? match_cbegroup : 0;
+       for (;;)
-       do
          {
-         RMATCH(rrc, eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+         if (op >= OP_SBRA) md->match_function_type = MATCH_CBEGROUP;
-           ims, eptrb, flags);
+         RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+           eptrb, RM1);
+         if (rrc == MATCH_ONCE) break;  /* Backing up through an atomic group */
+         /* If we backed up to a THEN, check whether it is within the current
+         branch by comparing the address of the THEN that is passed back with
+         the end of the branch. If it is within the current branch, and the
+         branch is one of two or more alternatives (it either starts or ends
+         with OP_ALT), we have reached the limit of THEN's action, so convert
+         the return code to NOMATCH, which will cause normal backtracking to
+         happen from now on. Otherwise, THEN is passed back to an outer
+         alternative. This implements Perl's treatment of parenthesized groups,
+         where a group not containing | does not affect the current alternative,
+         that is, (X) is NOT the same as (X|(*F)). */
+         if (rrc == MATCH_THEN)
+           {
+           next = ecode + GET(ecode,1);
+           if (md->start_match_ptr < next &&
+               (*ecode == OP_ALT || *next == OP_ALT))
+             rrc = MATCH_NOMATCH;
+           }
+         /* Anything other than NOMATCH is passed back. */
          if (rrc != MATCH_NOMATCH) RRETURN(rrc);
          md->capture_last = save_capture_last;
          ecode += GET(ecode, 1);
+         if (*ecode != OP_ALT) break;
          }
-       while (*ecode == OP_ALT);
        DPRINTF(("bracket %d failed\n", number));
        md->offset_vector[offset] = save_offset1;
        md->offset_vector[offset+1] = save_offset2;
        md->offset_vector[md->offset_end - number] = save_offset3;
-       RRETURN(MATCH_NOMATCH);
+       /* At this point, rrc will be one of MATCH_ONCE or MATCH_NOMATCH. */
+       if (md->mark == NULL) md->mark = markptr;
+       RRETURN(rrc);
        }
-     /* Insufficient room for saving captured contents. Treat as a non-capturing
+     /* FALL THROUGH ... Insufficient room for saving captured contents. Treat
-     bracket. */
+     as a non-capturing bracket. */
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
      DPRINTF(("insufficient capture room: treat as non-capturing\n"));
-     /* Non-capturing bracket. Loop for all the alternatives. When we get to the
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
-     final alternative within the brackets, we would return the result of a
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
-     recursive call to match() whatever happened. We can reduce stack usage by
-     turning this into a tail recursion. */
+     /* Non-capturing or atomic group, except for possessive with unlimited
+     repeat and ONCE group with no captures. Loop for all the alternatives.
+     When we get to the final alternative within the brackets, we used to return
+     the result of a recursive call to match() whatever happened so it was
+     possible to reduce stack usage by turning this into a tail recursion,
+     except in the case of a possibly empty group. However, now that there is
+     the possiblity of (*THEN) occurring in the final alternative, this
+     optimization is no longer always possible.
+     We can optimize if we know there are no (*THEN)s in the pattern; at present
+     this is the best that can be done.
+     MATCH_ONCE is returned when the end of an atomic group is successfully
+     reached, but subsequent matching fails. It passes back up the tree (causing
+     captured values to be reset) until the original atomic group level is
+     reached. This is tested by comparing md->once_target with the start of the
+     group. At this point, the return is converted into MATCH_NOMATCH so that
+     previous backup points can be taken. */
+     case OP_ONCE:
      case OP_BRA:
      case OP_SBRA:
      DPRINTF(("start non-capturing bracket\n"));
-     flags = (op >= OP_SBRA)? match_cbegroup : 0;
      for (;;)
        {
-       if (ecode[GET(ecode, 1)] != OP_ALT)
+       if (op >= OP_SBRA || op == OP_ONCE) md->match_function_type = MATCH_CBEGROUP;
+       /* If this is not a possibly empty group, and there are no (*THEN)s in
+       the pattern, and this is the final alternative, optimize as described
+       above. */
+       else if (!md->hasthen && ecode[GET(ecode, 1)] != OP_ALT)
          {
          ecode += _pcre_OP_lengths[*ecode];
-         flags |= match_tail_recursed;
-         DPRINTF(("bracket 0 tail recursion\n"));
          goto TAIL_RECURSE;
          }
-       /* For non-final alternatives, continue the loop for a NOMATCH result;
+       /* In all other cases, we have to make another call to match(). */
-       otherwise return. */
-       RMATCH(rrc, eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md, ims,
+       RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md, eptrb,
-         eptrb, flags);
+         RM2);
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+       /* See comment in the code for capturing groups above about handling
+       THEN. */
+       if (rrc == MATCH_THEN)
+         {
+         next = ecode + GET(ecode,1);
+         if (md->start_match_ptr < next &&
+             (*ecode == OP_ALT || *next == OP_ALT))
+           rrc = MATCH_NOMATCH;
+         }
+       if (rrc != MATCH_NOMATCH)
+         {
+         if (rrc == MATCH_ONCE)
+           {
+           const uschar *scode = ecode;
+           if (*scode != OP_ONCE)           /* If not at start, find it */
+             {
+             while (*scode == OP_ALT) scode += GET(scode, 1);
+             scode -= GET(scode, 1);
+             }
+           if (md->once_target == scode) rrc = MATCH_NOMATCH;
+           }
+         RRETURN(rrc);
+         }
        ecode += GET(ecode, 1);
+       if (*ecode != OP_ALT) break;
        }
-     /* Control never reaches here. */
-     /* Conditional group: compilation checked that there are no more than
+     if (md->mark == NULL) md->mark = markptr;
-     two branches. If the condition is false, skipping the first branch takes us
+     RRETURN(MATCH_NOMATCH);
-     past the end if there is only one branch, but that's OK because that is
-     exactly what going to the ket would do. As there is only one branch to be
-     obeyed, we can use tail recursion to avoid using another stack frame. */
-     case OP_COND:
+     /* Handle possessive capturing brackets with an unlimited repeat. We come
-     case OP_SCOND:
+     here from BRAZERO with allow_zero set TRUE. The offset_vector values are
-     if (ecode[LINK_SIZE+1] == OP_RREF)         /* Recursion test */
+     handled similarly to the normal case above. However, the matching is
-       {
+     different. The end of these brackets will always be OP_KETRPOS, which
-       offset = GET2(ecode, LINK_SIZE + 2);     /* Recursion group number*/
+     returns MATCH_KETRPOS without going further in the pattern. By this means
-       condition = md->recursive != NULL &&
+     we can handle the group by iteration rather than recursion, thereby
-         (offset == RREF_ANY || offset == md->recursive->group_num);
+     reducing the amount of stack needed. */
-       ecode += condition? 3 : GET(ecode, 1);
-       }
-     else if (ecode[LINK_SIZE+1] == OP_CREF)    /* Group used test */
+     case OP_CBRAPOS:
-       {
+     case OP_SCBRAPOS:
-       offset = GET2(ecode, LINK_SIZE+2) << 1;  /* Doubled ref number */
+     allow_zero = FALSE;
-       condition = offset < offset_top && md->offset_vector[offset] >= 0;
-       ecode += condition? 3 : GET(ecode, 1);
-       }
-     else if (ecode[LINK_SIZE+1] == OP_DEF)     /* DEFINE - always false */
+     POSSESSIVE_CAPTURE:
-       {
+     number = GET2(ecode, 1+LINK_SIZE);
-       condition = FALSE;
+     offset = number << 1;
-       ecode += GET(ecode, 1);
-       }
-     /* The condition is an assertion. Call match() to evaluate it - setting
+ #ifdef PCRE_DEBUG
-     the final argument match_condassert causes it to stop at the end of an
+     printf("start possessive bracket %d\n", number);
-     assertion. */
+     printf("subject=");
+     pchars(eptr, 16, TRUE, md);
+     printf("\n");
+ #endif
-     else
+     if (offset < md->offset_max)
        {
-       RMATCH(rrc, eptr, ecode + 1 + LINK_SIZE, offset_top, md, ims, NULL,
+       matched_once = FALSE;
-           match_condassert);
+       code_offset = ecode - md->start_code;
-       if (rrc == MATCH_MATCH)
-         {
+       save_offset1 = md->offset_vector[offset];
-         condition = TRUE;
+       save_offset2 = md->offset_vector[offset+1];
-         ecode += 1 + LINK_SIZE + GET(ecode, LINK_SIZE + 2);
+       save_offset3 = md->offset_vector[md->offset_end - number];
-         while (*ecode == OP_ALT) ecode += GET(ecode, 1);
+       save_capture_last = md->capture_last;
+       DPRINTF(("saving %d %d %d\n", save_offset1, save_offset2, save_offset3));
+       /* Each time round the loop, save the current subject position for use
+       when the group matches. For MATCH_MATCH, the group has matched, so we
+       restart it with a new subject starting position, remembering that we had
+       at least one match. For MATCH_NOMATCH, carry on with the alternatives, as
+       usual. If we haven't matched any alternatives in any iteration, check to
+       see if a previous iteration matched. If so, the group has matched;
+       continue from afterwards. Otherwise it has failed; restore the previous
+       capture values before returning NOMATCH. */
+       for (;;)
+         {
+         md->offset_vector[md->offset_end - number] =
+           (int)(eptr - md->start_subject);
+         if (op >= OP_SBRA) md->match_function_type = MATCH_CBEGROUP;
+         RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+           eptrb, RM63);
+         if (rrc == MATCH_KETRPOS)
+           {
+           offset_top = md->end_offset_top;
+           eptr = md->end_match_ptr;
+           ecode = md->start_code + code_offset;
+           save_capture_last = md->capture_last;
+           matched_once = TRUE;
+           continue;
+           }
+         /* See comment in the code for capturing groups above about handling
+         THEN. */
+         if (rrc == MATCH_THEN)
+           {
+           next = ecode + GET(ecode,1);
+           if (md->start_match_ptr < next &&
+               (*ecode == OP_ALT || *next == OP_ALT))
+             rrc = MATCH_NOMATCH;
+           }
+         if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+         md->capture_last = save_capture_last;
+         ecode += GET(ecode, 1);
+         if (*ecode != OP_ALT) break;
          }
-       else if (rrc != MATCH_NOMATCH)
+       if (!matched_once)
          {
-         RRETURN(rrc);         /* Need braces because of following else */
+         md->offset_vector[offset] = save_offset1;
+         md->offset_vector[offset+1] = save_offset2;
+         md->offset_vector[md->offset_end - number] = save_offset3;
          }
-       else
+       if (md->mark == NULL) md->mark = markptr;
+       if (allow_zero || matched_once)
          {
-         condition = FALSE;
+         ecode += 1 + LINK_SIZE;
-         ecode += GET(ecode, 1);
+         break;
          }
-       }
-     /* We are now at the branch that is to be obeyed. As there is only one,
+       RRETURN(MATCH_NOMATCH);
-     we can use tail recursion to avoid using another stack frame. If the second
-     alternative doesn't exist, we can just plough on. */
-     if (condition || *ecode == OP_ALT)
-       {
-       ecode += 1 + LINK_SIZE;
-       flags = match_tail_recursed | ((op == OP_SCOND)? match_cbegroup : 0);
-       goto TAIL_RECURSE;
-       }
-     else
-       {
-       ecode += 1 + LINK_SIZE;
        }
-     break;
-     /* End of the pattern. If we are in a top-level recursion, we should
+     /* FALL THROUGH ... Insufficient room for saving captured contents. Treat
-     restore the offsets appropriately and continue from after the call. */
+     as a non-capturing bracket. */
-     case OP_END:
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
-     if (md->recursive != NULL && md->recursive->group_num == 0)
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
-       {
-       recursion_info *rec = md->recursive;
-       DPRINTF(("End of pattern in a (?0) recursion\n"));
-       md->recursive = rec->prevrec;
-       memmove(md->offset_vector, rec->offset_save,
-         rec->saved_max * sizeof(int));
-       md->start_match = rec->save_start;
-       ims = original_ims;
-       ecode = rec->after_call;
-       break;
-       }
-     /* Otherwise, if PCRE_NOTEMPTY is set, fail if we have matched an empty
+     DPRINTF(("insufficient capture room: treat as non-capturing\n"));
-     string - backtracking will then try other alternatives, if any. */
-     if (md->notempty && eptr == md->start_match) RRETURN(MATCH_NOMATCH);
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
-     md->end_match_ptr = eptr;          /* Record where we ended */
+     /* VVVVVVVVVVVVVVVVVVVVVVVVV */
-     md->end_offset_top = offset_top;   /* and how many extracts were taken */
-     RRETURN(MATCH_MATCH);
-     /* Change option settings */
-     case OP_OPT:
-     ims = ecode[1];
-     ecode += 2;
-     DPRINTF(("ims set to %02lx\n", ims));
-     break;
-     /* Assertion brackets. Check the alternative branches in turn - the
+     /* Non-capturing possessive bracket with unlimited repeat. We come here
-     matching won't pass the KET for an assertion. If any one branch matches,
+     from BRAZERO with allow_zero = TRUE. The code is similar to the above,
-     the assertion is true. Lookbehind assertions have an OP_REVERSE item at the
+     without the capturing complication. It is written out separately for speed
-     start of each branch to move the current point backwards, so the code at
+     and cleanliness. */
-     this level is identical to the lookahead case. */
+     case OP_BRAPOS:
+     case OP_SBRAPOS:
+     allow_zero = FALSE;
+     POSSESSIVE_NON_CAPTURE:
+     matched_once = FALSE;
+     code_offset = ecode - md->start_code;
-     case OP_ASSERT:
+     for (;;)
-     case OP_ASSERTBACK:
-     do
        {
-       RMATCH(rrc, eptr, ecode + 1 + LINK_SIZE, offset_top, md, ims, NULL, 0);
+       if (op >= OP_SBRA) md->match_function_type = MATCH_CBEGROUP;
-       if (rrc == MATCH_MATCH) break;
+       RMATCH(eptr, ecode + _pcre_OP_lengths[*ecode], offset_top, md,
+         eptrb, RM48);
+       if (rrc == MATCH_KETRPOS)
+         {
+         offset_top = md->end_offset_top;
+         eptr = md->end_match_ptr;
+         ecode = md->start_code + code_offset;
+         matched_once = TRUE;
+         continue;
+         }
+       /* See comment in the code for capturing groups above about handling
+       THEN. */
+       if (rrc == MATCH_THEN)
+         {
+         next = ecode + GET(ecode,1);
+         if (md->start_match_ptr < next &&
+             (*ecode == OP_ALT || *next == OP_ALT))
+           rrc = MATCH_NOMATCH;
+         }
        if (rrc != MATCH_NOMATCH) RRETURN(rrc);
        ecode += GET(ecode, 1);
+       if (*ecode != OP_ALT) break;
        }
-     while (*ecode == OP_ALT);
-     if (*ecode == OP_KET) RRETURN(MATCH_NOMATCH);
-     /* If checking an assertion for a condition, return MATCH_MATCH. */
+     if (matched_once || allow_zero)
+       {
+       ecode += 1 + LINK_SIZE;
+       break;
+       }
+     RRETURN(MATCH_NOMATCH);
-     if ((flags & match_condassert) != 0) RRETURN(MATCH_MATCH);
+     /* Control never reaches here. */
-     /* Continue from after the assertion, updating the offsets high water
+     /* Conditional group: compilation checked that there are no more than
-     mark, since extracts may have been taken during the assertion. */
+     two branches. If the condition is false, skipping the first branch takes us
+     past the end if there is only one branch, but that's OK because that is
+     exactly what going to the ket would do. */
-     do ecode += GET(ecode,1); while (*ecode == OP_ALT);
+     case OP_COND:
-     ecode += 1 + LINK_SIZE;
+     case OP_SCOND:
-     offset_top = md->end_offset_top;
+     codelink = GET(ecode, 1);
-     continue;
-     /* Negative assertion: all branches must fail to match */
+     /* Because of the way auto-callout works during compile, a callout item is
+     inserted between OP_COND and an assertion condition. */
-     case OP_ASSERT_NOT:
+     if (ecode[LINK_SIZE+1] == OP_CALLOUT)
-     case OP_ASSERTBACK_NOT:
-     do
        {
-       RMATCH(rrc, eptr, ecode + 1 + LINK_SIZE, offset_top, md, ims, NULL, 0);
+       if (pcre_callout != NULL)
-       if (rrc == MATCH_MATCH) RRETURN(MATCH_NOMATCH);
+         {
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+         pcre_callout_block cb;
-       ecode += GET(ecode,1);
+         cb.version          = 2;   /* Version 1 of the callout block */
+         cb.callout_number   = ecode[LINK_SIZE+2];
+         cb.offset_vector    = md->offset_vector;
+         cb.subject          = (PCRE_SPTR)md->start_subject;
+         cb.subject_length   = (int)(md->end_subject - md->start_subject);
+         cb.start_match      = (int)(mstart - md->start_subject);
+         cb.current_position = (int)(eptr - md->start_subject);
+         cb.pattern_position = GET(ecode, LINK_SIZE + 3);
+         cb.next_item_length = GET(ecode, 3 + 2*LINK_SIZE);
+         cb.capture_top      = offset_top/2;
+         cb.capture_last     = md->capture_last;
+         cb.callout_data     = md->callout_data;
+         cb.mark             = markptr;
+         if ((rrc = (*pcre_callout)(&cb)) > 0) MRRETURN(MATCH_NOMATCH);
+         if (rrc < 0) RRETURN(rrc);
+         }
+       ecode += _pcre_OP_lengths[OP_CALLOUT];
        }
-     while (*ecode == OP_ALT);
-     if ((flags & match_condassert) != 0) RRETURN(MATCH_MATCH);
+     condcode = ecode[LINK_SIZE+1];
-     ecode += 1 + LINK_SIZE;
+     /* Now see what the actual condition is */
-     continue;
+     if (condcode == OP_RREF || condcode == OP_NRREF)    /* Recursion test */
+       {
+       if (md->recursive == NULL)                /* Not recursing => FALSE */
+         {
+         condition = FALSE;
+         ecode += GET(ecode, 1);
+         }
+       else
+         {
+         int recno = GET2(ecode, LINK_SIZE + 2);   /* Recursion group number*/
+         condition =  (recno == RREF_ANY || recno == md->recursive->group_num);
+         /* If the test is for recursion into a specific subpattern, and it is
+         false, but the test was set up by name, scan the table to see if the
+         name refers to any other numbers, and test them. The condition is true
+         if any one is set. */
+         if (!condition && condcode == OP_NRREF && recno != RREF_ANY)
+           {
+           uschar *slotA = md->name_table;
+           for (i = 0; i < md->name_count; i++)
+             {
+             if (GET2(slotA, 0) == recno) break;
+             slotA += md->name_entry_size;
+             }
+           /* Found a name for the number - there can be only one; duplicate
+           names for different numbers are allowed, but not vice versa. First
+           scan down for duplicates. */
+           if (i < md->name_count)
+             {
+             uschar *slotB = slotA;
+             while (slotB > md->name_table)
+               {
+               slotB -= md->name_entry_size;
+               if (strcmp((char *)slotA + 2, (char *)slotB + 2) == 0)
+                 {
+                 condition = GET2(slotB, 0) == md->recursive->group_num;
+                 if (condition) break;
+                 }
+               else break;
+               }
+             /* Scan up for duplicates */
+             if (!condition)
+               {
+               slotB = slotA;
+               for (i++; i < md->name_count; i++)
+                 {
+                 slotB += md->name_entry_size;
+                 if (strcmp((char *)slotA + 2, (char *)slotB + 2) == 0)
+                   {
+                   condition = GET2(slotB, 0) == md->recursive->group_num;
+                   if (condition) break;
+                   }
+                 else break;
+                 }
+               }
+             }
+           }
+         /* Chose branch according to the condition */
+         ecode += condition? 3 : GET(ecode, 1);
+         }
+       }
+     else if (condcode == OP_CREF || condcode == OP_NCREF)  /* Group used test */
+       {
+       offset = GET2(ecode, LINK_SIZE+2) << 1;  /* Doubled ref number */
+       condition = offset < offset_top && md->offset_vector[offset] >= 0;
+       /* If the numbered capture is unset, but the reference was by name,
+       scan the table to see if the name refers to any other numbers, and test
+       them. The condition is true if any one is set. This is tediously similar
+       to the code above, but not close enough to try to amalgamate. */
+       if (!condition && condcode == OP_NCREF)
+         {
+         int refno = offset >> 1;
+         uschar *slotA = md->name_table;
+         for (i = 0; i < md->name_count; i++)
+           {
+           if (GET2(slotA, 0) == refno) break;
+           slotA += md->name_entry_size;
+           }
+         /* Found a name for the number - there can be only one; duplicate names
+         for different numbers are allowed, but not vice versa. First scan down
+         for duplicates. */
+         if (i < md->name_count)
+           {
+           uschar *slotB = slotA;
+           while (slotB > md->name_table)
+             {
+             slotB -= md->name_entry_size;
+             if (strcmp((char *)slotA + 2, (char *)slotB + 2) == 0)
+               {
+               offset = GET2(slotB, 0) << 1;
+               condition = offset < offset_top &&
+                 md->offset_vector[offset] >= 0;
+               if (condition) break;
+               }
+             else break;
+             }
+           /* Scan up for duplicates */
+           if (!condition)
+             {
+             slotB = slotA;
+             for (i++; i < md->name_count; i++)
+               {
+               slotB += md->name_entry_size;
+               if (strcmp((char *)slotA + 2, (char *)slotB + 2) == 0)
+                 {
+                 offset = GET2(slotB, 0) << 1;
+                 condition = offset < offset_top &&
+                   md->offset_vector[offset] >= 0;
+                 if (condition) break;
+                 }
+               else break;
+               }
+             }
+           }
+         }
+       /* Chose branch according to the condition */
+       ecode += condition? 3 : GET(ecode, 1);
+       }
+     else if (condcode == OP_DEF)     /* DEFINE - always false */
+       {
+       condition = FALSE;
+       ecode += GET(ecode, 1);
+       }
+     /* The condition is an assertion. Call match() to evaluate it - setting
+     md->match_function_type to MATCH_CONDASSERT causes it to stop at the end of
+     an assertion. */
+     else
+       {
+       md->match_function_type = MATCH_CONDASSERT;
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, NULL, RM3);
+       if (rrc == MATCH_MATCH)
+         {
+         if (md->end_offset_top > offset_top)
+           offset_top = md->end_offset_top;  /* Captures may have happened */
+         condition = TRUE;
+         ecode += 1 + LINK_SIZE + GET(ecode, LINK_SIZE + 2);
+         while (*ecode == OP_ALT) ecode += GET(ecode, 1);
+         }
+       /* PCRE doesn't allow the effect of (*THEN) to escape beyond an
+       assertion; it is therefore treated as NOMATCH. */
+       else if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN)
+         {
+         RRETURN(rrc);         /* Need braces because of following else */
+         }
+       else
+         {
+         condition = FALSE;
+         ecode += codelink;
+         }
+       }
+     /* We are now at the branch that is to be obeyed. As there is only one, can
+     use tail recursion to avoid using another stack frame, except when there is
+     unlimited repeat of a possibly empty group. In the latter case, a recursive
+     call to match() is always required, unless the second alternative doesn't
+     exist, in which case we can just plough on. Note that, for compatibility
+     with Perl, the | in a conditional group is NOT treated as creating two
+     alternatives. If a THEN is encountered in the branch, it propagates out to
+     the enclosing alternative (unless nested in a deeper set of alternatives,
+     of course). */
+     if (condition || *ecode == OP_ALT)
+       {
+       if (op != OP_SCOND)
+         {
+         ecode += 1 + LINK_SIZE;
+         goto TAIL_RECURSE;
+         }
+       md->match_function_type = MATCH_CBEGROUP;
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, eptrb, RM49);
+       RRETURN(rrc);
+       }
+      /* Condition false & no alternative; continue after the group. */
+     else
+       {
+       ecode += 1 + LINK_SIZE;
+       }
+     break;
+     /* Before OP_ACCEPT there may be any number of OP_CLOSE opcodes,
+     to close any currently open capturing brackets. */
+     case OP_CLOSE:
+     number = GET2(ecode, 1);
+     offset = number << 1;
+ #ifdef PCRE_DEBUG
+       printf("end bracket %d at *ACCEPT", number);
+       printf("\n");
+ #endif
+     md->capture_last = number;
+     if (offset >= md->offset_max) md->offset_overflow = TRUE; else
+       {
+       md->offset_vector[offset] =
+         md->offset_vector[md->offset_end - number];
+       md->offset_vector[offset+1] = (int)(eptr - md->start_subject);
+       if (offset_top <= offset) offset_top = offset + 2;
+       }
+     ecode += 3;
+     break;
+     /* End of the pattern, either real or forced. */
+     case OP_END:
+     case OP_ACCEPT:
+     case OP_ASSERT_ACCEPT:
+     /* If we have matched an empty string, fail if not in an assertion and not
+     in a recursion if either PCRE_NOTEMPTY is set, or if PCRE_NOTEMPTY_ATSTART
+     is set and we have matched at the start of the subject. In both cases,
+     backtracking will then try other alternatives, if any. */
+     if (eptr == mstart && op != OP_ASSERT_ACCEPT &&
+          md->recursive == NULL &&
+          (md->notempty ||
+            (md->notempty_atstart &&
+              mstart == md->start_subject + md->start_offset)))
+       MRRETURN(MATCH_NOMATCH);
+     /* Otherwise, we have a match. */
+     md->end_match_ptr = eptr;           /* Record where we ended */
+     md->end_offset_top = offset_top;    /* and how many extracts were taken */
+     md->start_match_ptr = mstart;       /* and the start (\K can modify) */
+     /* For some reason, the macros don't work properly if an expression is
+     given as the argument to MRRETURN when the heap is in use. */
+     rrc = (op == OP_END)? MATCH_MATCH : MATCH_ACCEPT;
+     MRRETURN(rrc);
+     /* Assertion brackets. Check the alternative branches in turn - the
+     matching won't pass the KET for an assertion. If any one branch matches,
+     the assertion is true. Lookbehind assertions have an OP_REVERSE item at the
+     start of each branch to move the current point backwards, so the code at
+     this level is identical to the lookahead case. When the assertion is part
+     of a condition, we want to return immediately afterwards. The caller of
+     this incarnation of the match() function will have set MATCH_CONDASSERT in
+     md->match_function type, and one of these opcodes will be the first opcode
+     that is processed. We use a local variable that is preserved over calls to
+     match() to remember this case. */
+     case OP_ASSERT:
+     case OP_ASSERTBACK:
+     if (md->match_function_type == MATCH_CONDASSERT)
+       {
+       condassert = TRUE;
+       md->match_function_type = 0;
+       }
+     else condassert = FALSE;
+     do
+       {
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, NULL, RM4);
+       if (rrc == MATCH_MATCH || rrc == MATCH_ACCEPT)
+         {
+         mstart = md->start_match_ptr;   /* In case \K reset it */
+         markptr = md->mark;
+         break;
+         }
+       /* PCRE does not allow THEN to escape beyond an assertion; it is treated
+       as NOMATCH. */
+       if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN) RRETURN(rrc);
+       ecode += GET(ecode, 1);
+       }
+     while (*ecode == OP_ALT);
+     if (*ecode == OP_KET) MRRETURN(MATCH_NOMATCH);
+     /* If checking an assertion for a condition, return MATCH_MATCH. */
+     if (condassert) RRETURN(MATCH_MATCH);
+     /* Continue from after the assertion, updating the offsets high water
+     mark, since extracts may have been taken during the assertion. */
+     do ecode += GET(ecode,1); while (*ecode == OP_ALT);
+     ecode += 1 + LINK_SIZE;
+     offset_top = md->end_offset_top;
+     continue;
+     /* Negative assertion: all branches must fail to match. Encountering SKIP,
+     PRUNE, or COMMIT means we must assume failure without checking subsequent
+     branches. */
+     case OP_ASSERT_NOT:
+     case OP_ASSERTBACK_NOT:
+     if (md->match_function_type == MATCH_CONDASSERT)
+       {
+       condassert = TRUE;
+       md->match_function_type = 0;
+       }
+     else condassert = FALSE;
+     do
+       {
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, NULL, RM5);
+       if (rrc == MATCH_MATCH || rrc == MATCH_ACCEPT) MRRETURN(MATCH_NOMATCH);
+       if (rrc == MATCH_SKIP || rrc == MATCH_PRUNE || rrc == MATCH_COMMIT)
+         {
+         do ecode += GET(ecode,1); while (*ecode == OP_ALT);
+         break;
+         }
+       /* PCRE does not allow THEN to escape beyond an assertion; it is treated
+       as NOMATCH. */
+       if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN) RRETURN(rrc);
+       ecode += GET(ecode,1);
+       }
+     while (*ecode == OP_ALT);
+     if (condassert) RRETURN(MATCH_MATCH);  /* Condition assertion */
+     ecode += 1 + LINK_SIZE;
+     continue;
      /* Move the subject pointer back. This occurs only at the start of
      each branch of a lookbehind assertion. If we are too close to the start to
-Line 853 
 for (;;)
+Line 1602 
 for (;;)
        while (i-- > 0)
          {
          eptr--;
-         if (eptr < md->start_subject) RRETURN(MATCH_NOMATCH);
+         if (eptr < md->start_subject) MRRETURN(MATCH_NOMATCH);
-         BACKCHAR(eptr)
+         BACKCHAR(eptr);
          }
        }
      else
-Line 864 
 for (;;)
+Line 1613 
 for (;;)
        {
        eptr -= GET(ecode, 1);
-       if (eptr < md->start_subject) RRETURN(MATCH_NOMATCH);
+       if (eptr < md->start_subject) MRRETURN(MATCH_NOMATCH);
        }
-     /* Skip to next op code */
+     /* Save the earliest consulted character, then skip to next op code */
+     if (eptr < md->start_used_ptr) md->start_used_ptr = eptr;
      ecode += 1 + LINK_SIZE;
      break;
-Line 880 
 for (;;)
+Line 1630 
 for (;;)
      if (pcre_callout != NULL)
        {
        pcre_callout_block cb;
-       cb.version          = 1;   /* Version 1 of the callout block */
+       cb.version          = 2;   /* Version 1 of the callout block */
        cb.callout_number   = ecode[1];
        cb.offset_vector    = md->offset_vector;
        cb.subject          = (PCRE_SPTR)md->start_subject;
-       cb.subject_length   = md->end_subject - md->start_subject;
+       cb.subject_length   = (int)(md->end_subject - md->start_subject);
-       cb.start_match      = md->start_match - md->start_subject;
+       cb.start_match      = (int)(mstart - md->start_subject);
-       cb.current_position = eptr - md->start_subject;
+       cb.current_position = (int)(eptr - md->start_subject);
        cb.pattern_position = GET(ecode, 2);
        cb.next_item_length = GET(ecode, 2 + LINK_SIZE);
        cb.capture_top      = offset_top/2;
        cb.capture_last     = md->capture_last;
        cb.callout_data     = md->callout_data;
-       if ((rrc = (*pcre_callout)(&cb)) > 0) RRETURN(MATCH_NOMATCH);
+       cb.mark             = markptr;
+       if ((rrc = (*pcre_callout)(&cb)) > 0) MRRETURN(MATCH_NOMATCH);
        if (rrc < 0) RRETURN(rrc);
        }
      ecode += 2 + 2*LINK_SIZE;
-Line 902 
 for (;;)
+Line 1653 
 for (;;)
      offset data is the offset to the starting bracket from the start of the
      whole pattern. (This is so that it works from duplicated subpatterns.)
-     If there are any capturing brackets started but not finished, we have to
+     The state of the capturing groups is preserved over recursion, and
-     save their starting points and reinstate them after the recursion. However,
+     re-instated afterwards. We don't know how many are started and not yet
-     we don't know how many such there are (offset_top records the completed
+     finished (offset_top records the completed total) so we just have to save
-     total) so we just have to save all the potential data. There may be up to
+     all the potential data. There may be up to 65535 such values, which is too
-such values, which is too large to put on the stack, but using malloc
+     large to put on the stack, but using malloc for small numbers seems
-     for small numbers seems expensive. As a compromise, the stack is used when
+     expensive. As a compromise, the stack is used when there are no more than
-     there are no more than REC_STACK_SAVE_MAX values to store; otherwise malloc
+     REC_STACK_SAVE_MAX values to store; otherwise malloc is used.
-     is used. A problem is what to do if the malloc fails ... there is no way of
-     returning to the top level with an error. Save the top REC_STACK_SAVE_MAX
-     values on the stack, and accept that the rest may be wrong.
      There are also other values that have to be saved. We use a chained
      sequence of blocks that actually live on the stack. Thanks to Robin Houston
-     for the original version of this logic. */
+     for the original version of this logic. It has, however, been hacked around
+     a lot, so he is not to blame for the current way it works. */
      case OP_RECURSE:
        {
+       recursion_info *ri;
+       int recno;
        callpat = md->start_code + GET(ecode, 1);
-       new_recursive.group_num = (callpat == md->start_code)? 0 :
+       recno = (callpat == md->start_code)? 0 :
          GET2(callpat, 1 + LINK_SIZE);
+       /* Check for repeating a recursion without advancing the subject pointer.
+       This should catch convoluted mutual recursions. (Some simple cases are
+       caught at compile time.) */
+       for (ri = md->recursive; ri != NULL; ri = ri->prevrec)
+         if (recno == ri->group_num && eptr == ri->subject_position)
+           RRETURN(PCRE_ERROR_RECURSELOOP);
        /* Add to "recursing stack" */
+       new_recursive.group_num = recno;
+       new_recursive.subject_position = eptr;
        new_recursive.prevrec = md->recursive;
        md->recursive = &new_recursive;
-       /* Find where to continue from afterwards */
+       /* Where to continue from afterwards */
        ecode += 1 + LINK_SIZE;
-       new_recursive.after_call = ecode;
-       /* Now save the offset data. */
+       /* Now save the offset data */
        new_recursive.saved_max = md->offset_end;
        if (new_recursive.saved_max <= REC_STACK_SAVE_MAX)
-Line 944 
 for (;;)
+Line 1705 
 for (;;)
            (int *)(pcre_malloc)(new_recursive.saved_max * sizeof(int));
          if (new_recursive.offset_save == NULL) RRETURN(PCRE_ERROR_NOMEMORY);
          }
        memcpy(new_recursive.offset_save, md->offset_vector,
              new_recursive.saved_max * sizeof(int));
-       new_recursive.save_start = md->start_match;
-       md->start_match = eptr;
-       /* OK, now we can do the recursion. For each top-level alternative we
+       /* OK, now we can do the recursion. After processing each alternative,
-       restore the offset and recursion data. */
+       restore the offset data. If there were nested recursions, md->recursive
+       might be changed, so reset it before looping. */
        DPRINTF(("Recursing into group %d\n", new_recursive.group_num));
-       flags = (*callpat >= OP_SBRA)? match_cbegroup : 0;
+       cbegroup = (*callpat >= OP_SBRA);
        do
          {
-         RMATCH(rrc, eptr, callpat + _pcre_OP_lengths[*callpat], offset_top,
+         if (cbegroup) md->match_function_type = MATCH_CBEGROUP;
-           md, ims, eptrb, flags);
+         RMATCH(eptr, callpat + _pcre_OP_lengths[*callpat], offset_top,
-         if (rrc == MATCH_MATCH)
+           md, eptrb, RM6);
+         memcpy(md->offset_vector, new_recursive.offset_save,
+             new_recursive.saved_max * sizeof(int));
+         md->recursive = new_recursive.prevrec;
+         if (rrc == MATCH_MATCH || rrc == MATCH_ACCEPT)
            {
            DPRINTF(("Recursion matched\n"));
-           md->recursive = new_recursive.prevrec;
            if (new_recursive.offset_save != stacksave)
              (pcre_free)(new_recursive.offset_save);
-           RRETURN(MATCH_MATCH);
+           /* Set where we got to in the subject, and reset the start in case
+           it was changed by \K. This *is* propagated back out of a recursion,
+           for Perl compatibility. */
+           eptr = md->end_match_ptr;
+           mstart = md->start_match_ptr;
+           goto RECURSION_MATCHED;        /* Exit loop; end processing */
            }
-         else if (rrc != MATCH_NOMATCH)
+         /* PCRE does not allow THEN to escape beyond a recursion; it is treated
+         as NOMATCH. */
+         else if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN)
            {
            DPRINTF(("Recursion gave error %d\n", rrc));
+           if (new_recursive.offset_save != stacksave)
+             (pcre_free)(new_recursive.offset_save);
            RRETURN(rrc);
            }
          md->recursive = &new_recursive;
-         memcpy(md->offset_vector, new_recursive.offset_save,
-             new_recursive.saved_max * sizeof(int));
          callpat += GET(callpat, 1);
          }
        while (*callpat == OP_ALT);
-Line 984 
 for (;;)
+Line 1757 
 for (;;)
        md->recursive = new_recursive.prevrec;
        if (new_recursive.offset_save != stacksave)
          (pcre_free)(new_recursive.offset_save);
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
-       }
-     /* Control never reaches here */
-     /* "Once" brackets are like assertion brackets except that after a match,
-     the point in the subject string is not moved back. Thus there can never be
-     a move back into the brackets. Friedl calls these "atomic" subpatterns.
-     Check the alternative branches in turn - the matching won't pass the KET
-     for this kind of subpattern. If any one branch matches, we carry on as at
-     the end of a normal bracket, leaving the subject pointer. */
-     case OP_ONCE:
-     prev = ecode;
-     saved_eptr = eptr;
-     do
-       {
-       RMATCH(rrc, eptr, ecode + 1 + LINK_SIZE, offset_top, md, ims,
-         eptrb, 0);
-       if (rrc == MATCH_MATCH) break;
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-       ecode += GET(ecode,1);
-       }
-     while (*ecode == OP_ALT);
-     /* If hit the end of the group (which could be repeated), fail */
-     if (*ecode != OP_ONCE && *ecode != OP_ALT) RRETURN(MATCH_NOMATCH);
-     /* Continue as from after the assertion, updating the offsets high water
-     mark, since extracts may have been taken. */
-     do ecode += GET(ecode, 1); while (*ecode == OP_ALT);
-     offset_top = md->end_offset_top;
-     eptr = md->end_match_ptr;
-     /* For a non-repeating ket, just continue at this level. This also
-     happens for a repeating ket if no characters were matched in the group.
-     This is the forcible breaking of infinite loops as implemented in Perl
-.005. If there is an options reset, it will get obeyed in the normal
-     course of events. */
-     if (*ecode == OP_KET || eptr == saved_eptr)
-       {
-       ecode += 1+LINK_SIZE;
-       break;
-       }
-     /* The repeating kets try the rest of the pattern or restart from the
-     preceding bracket, in the appropriate order. The second "call" of match()
-     uses tail recursion, to avoid using another stack frame. We need to reset
-     any options that changed within the bracket before re-running it, so
-     check the next opcode. */
-     if (ecode[1+LINK_SIZE] == OP_OPT)
-       {
-       ims = (ims & ~PCRE_IMS) | ecode[4];
-       DPRINTF(("ims set to %02lx at group repeat\n", ims));
        }
-     if (*ecode == OP_KETRMIN)
+     RECURSION_MATCHED:
-       {
+     break;
-       RMATCH(rrc, eptr, ecode + 1 + LINK_SIZE, offset_top, md, ims, eptrb, 0);
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-       ecode = prev;
-       flags = match_tail_recursed;
-       goto TAIL_RECURSE;
-       }
-     else  /* OP_KETRMAX */
-       {
-       RMATCH(rrc, eptr, prev, offset_top, md, ims, eptrb, match_cbegroup);
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-       ecode += 1 + LINK_SIZE;
-       flags = match_tail_recursed;
-       goto TAIL_RECURSE;
-       }
-     /* Control never gets here */
      /* An alternation is the end of a branch; scan along to find the end of the
      bracketed group and go to there. */
-Line 1070 
 for (;;)
+Line 1770 
 for (;;)
      do ecode += GET(ecode,1); while (*ecode == OP_ALT);
      break;
-     /* BRAZERO and BRAMINZERO occur just before a bracket group, indicating
+     /* BRAZERO, BRAMINZERO and SKIPZERO occur just before a bracket group,
-     that it may occur zero times. It may repeat infinitely, or not at all -
+     indicating that it may occur zero times. It may repeat infinitely, or not
-     i.e. it could be ()* or ()? in the pattern. Brackets with fixed upper
+     at all - i.e. it could be ()* or ()? or even (){0} in the pattern. Brackets
-     repeat limits are compiled as a number of copies, with the optional ones
+     with fixed upper repeat limits are compiled as a number of copies, with the
-     preceded by BRAZERO or BRAMINZERO. */
+     optional ones preceded by BRAZERO or BRAMINZERO. */
      case OP_BRAZERO:
-       {
+     next = ecode + 1;
-       next = ecode+1;
+     RMATCH(eptr, next, offset_top, md, eptrb, RM10);
-       RMATCH(rrc, eptr, next, offset_top, md, ims, eptrb, 0);
+     if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+     do next += GET(next, 1); while (*next == OP_ALT);
-       do next += GET(next,1); while (*next == OP_ALT);
+     ecode = next + 1 + LINK_SIZE;
-       ecode = next + 1 + LINK_SIZE;
-       }
      break;
      case OP_BRAMINZERO:
-       {
+     next = ecode + 1;
-       next = ecode+1;
+     do next += GET(next, 1); while (*next == OP_ALT);
-       do next += GET(next, 1); while (*next == OP_ALT);
+     RMATCH(eptr, next + 1+LINK_SIZE, offset_top, md, eptrb, RM11);
-       RMATCH(rrc, eptr, next + 1+LINK_SIZE, offset_top, md, ims, eptrb, 0);
+     if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-       if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+     ecode++;
-       ecode++;
+     break;
-       }
+     case OP_SKIPZERO:
+     next = ecode+1;
+     do next += GET(next,1); while (*next == OP_ALT);
+     ecode = next + 1 + LINK_SIZE;
      break;
+     /* BRAPOSZERO occurs before a possessive bracket group. Don't do anything
+     here; just jump to the group, with allow_zero set TRUE. */
+     case OP_BRAPOSZERO:
+     op = *(++ecode);
+     allow_zero = TRUE;
+     if (op == OP_CBRAPOS || op == OP_SCBRAPOS) goto POSSESSIVE_CAPTURE;
+       goto POSSESSIVE_NON_CAPTURE;
      /* End of a group, repeated or non-repeating. */
      case OP_KET:
      case OP_KETRMIN:
      case OP_KETRMAX:
+     case OP_KETRPOS:
      prev = ecode - GET(ecode, 1);
      /* If this was a group that remembered the subject start, in order to break
      infinite repeats of empty string matches, retrieve the subject start from
      the chain. Otherwise, set it NULL. */
-     if (*prev >= OP_SBRA)
+     if (*prev >= OP_SBRA || *prev == OP_ONCE)
        {
        saved_eptr = eptrb->epb_saved_eptr;   /* Value at start of group */
        eptrb = eptrb->epb_prev;              /* Backup to previous group */
        }
      else saved_eptr = NULL;
-     /* If we are at the end of an assertion group, stop matching and return
+     /* If we are at the end of an assertion group or a non-capturing atomic
-     MATCH_MATCH, but record the current high water mark for use by positive
+     group, stop matching and return MATCH_MATCH, but record the current high
-     assertions. Do this also for the "once" (atomic) groups. */
+     water mark for use by positive assertions. We also need to record the match
+     start in case it was changed by \K. */
-     if (*prev == OP_ASSERT || *prev == OP_ASSERT_NOT ||
-         *prev == OP_ASSERTBACK || *prev == OP_ASSERTBACK_NOT ||
+     if ((*prev >= OP_ASSERT && *prev <= OP_ASSERTBACK_NOT) ||
-         *prev == OP_ONCE)
+          *prev == OP_ONCE_NC)
        {
-       md->end_match_ptr = eptr;      /* For ONCE */
+       md->end_match_ptr = eptr;      /* For ONCE_NC */
        md->end_offset_top = offset_top;
-       RRETURN(MATCH_MATCH);
+       md->start_match_ptr = mstart;
+       MRRETURN(MATCH_MATCH);         /* Sets md->mark */
        }
      /* For capturing groups we have to check the group number back at the start
      and if necessary complete handling an extraction by setting the offsets and
-     bumping the high water mark. Note that whole-pattern recursion is coded as
+     bumping the high water mark. Whole-pattern recursion is coded as a recurse
-     a recurse into group 0, so it won't be picked up here. Instead, we catch it
+     into group 0, so it won't be picked up here. Instead, we catch it when the
-     when the OP_END is reached. Other recursion is handled here. */
+     OP_END is reached. Other recursion is handled here. We just have to record
+     the current subject position and start match pointer and give a MATCH
+     return. */
-     if (*prev == OP_CBRA || *prev == OP_SCBRA)
+     if (*prev == OP_CBRA || *prev == OP_SCBRA ||
+         *prev == OP_CBRAPOS || *prev == OP_SCBRAPOS)
        {
        number = GET2(prev, 1+LINK_SIZE);
        offset = number << 1;
- #ifdef DEBUG
+ #ifdef PCRE_DEBUG
        printf("end bracket %d", number);
        printf("\n");
  #endif
+       /* Handle a recursively called group. */
+       if (md->recursive != NULL && md->recursive->group_num == number)
+         {
+         md->end_match_ptr = eptr;
+         md->start_match_ptr = mstart;
+         RRETURN(MATCH_MATCH);
+         }
+       /* Deal with capturing */
        md->capture_last = number;
        if (offset >= md->offset_max) md->offset_overflow = TRUE; else
          {
+         /* If offset is greater than offset_top, it means that we are
+         "skipping" a capturing group, and that group's offsets must be marked
+         unset. In earlier versions of PCRE, all the offsets were unset at the
+         start of matching, but this doesn't work because atomic groups and
+         assertions can cause a value to be set that should later be unset.
+         Example: matching /(?>(a))b|(a)c/ against "ac". This sets group 1 as
+         part of the atomic group, but this is not on the final matching path,
+         so must be unset when 2 is set. (If there is no group 2, there is no
+         problem, because offset_top will then be 2, indicating no capture.) */
+         if (offset > offset_top)
+           {
+           register int *iptr = md->offset_vector + offset_top;
+           register int *iend = md->offset_vector + offset;
+           while (iptr < iend) *iptr++ = -1;
+           }
+         /* Now make the extraction */
          md->offset_vector[offset] =
            md->offset_vector[md->offset_end - number];
-         md->offset_vector[offset+1] = eptr - md->start_subject;
+         md->offset_vector[offset+1] = (int)(eptr - md->start_subject);
          if (offset_top <= offset) offset_top = offset + 2;
          }
+       }
-       /* Handle a recursively called group. Restore the offsets
+     /* For an ordinary non-repeating ket, just continue at this level. This
-       appropriately and continue from after the call. */
+     also happens for a repeating ket if no characters were matched in the
+     group. This is the forcible breaking of infinite loops as implemented in
+     Perl 5.005. For a non-repeating atomic group that includes captures,
+     establish a backup point by processing the rest of the pattern at a lower
+     level. If this results in a NOMATCH return, pass MATCH_ONCE back to the
+     original OP_ONCE level, thereby bypassing intermediate backup points, but
+     resetting any captures that happened along the way. */
-       if (md->recursive != NULL && md->recursive->group_num == number)
+     if (*ecode == OP_KET || eptr == saved_eptr)
+       {
+       if (*prev == OP_ONCE)
          {
-         recursion_info *rec = md->recursive;
+         RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, eptrb, RM12);
-         DPRINTF(("Recursion (%d) succeeded - continuing\n", number));
+         if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-         md->recursive = rec->prevrec;
+         md->once_target = prev;  /* Level at which to change to MATCH_NOMATCH */
-         md->start_match = rec->save_start;
+         RRETURN(MATCH_ONCE);
-         memcpy(md->offset_vector, rec->offset_save,
-           rec->saved_max * sizeof(int));
-         ecode = rec->after_call;
-         ims = original_ims;
-         break;
          }
+       ecode += 1 + LINK_SIZE;    /* Carry on at this level */
+       break;
        }
-     /* For both capturing and non-capturing groups, reset the value of the ims
+     /* OP_KETRPOS is a possessive repeating ket. Remember the current position,
-     flags, in case they got changed during the group. */
+     and return the MATCH_KETRPOS. This makes it possible to do the repeats one
+     at a time from the outer level, thus saving stack. */
-     ims = original_ims;
-     DPRINTF(("ims reset to %02lx\n", ims));
-     /* For a non-repeating ket, just continue at this level. This also
-     happens for a repeating ket if no characters were matched in the group.
-     This is the forcible breaking of infinite loops as implemented in Perl
-.005. If there is an options reset, it will get obeyed in the normal
-     course of events. */
-     if (*ecode == OP_KET || eptr == saved_eptr)
+     if (*ecode == OP_KETRPOS)
        {
-       ecode += 1 + LINK_SIZE;
+       md->end_match_ptr = eptr;
-       break;
+       md->end_offset_top = offset_top;
+       RRETURN(MATCH_KETRPOS);
        }
-     /* The repeating kets try the rest of the pattern or restart from the
+     /* The normal repeating kets try the rest of the pattern or restart from
-     preceding bracket, in the appropriate order. In the second case, we can use
+     the preceding bracket, in the appropriate order. In the second case, we can
-     tail recursion to avoid using another stack frame. */
+     use tail recursion to avoid using another stack frame, unless we have an
+     an atomic group or an unlimited repeat of a group that can match an empty
-     flags = (*prev >= OP_SBRA)? match_cbegroup : 0;
+     string. */
      if (*ecode == OP_KETRMIN)
        {
-       RMATCH(rrc, eptr, ecode + 1+LINK_SIZE, offset_top, md, ims, eptrb, 0);
+       RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, eptrb, RM7);
        if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+       if (*prev == OP_ONCE)
+         {
+         RMATCH(eptr, prev, offset_top, md, eptrb, RM8);
+         if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+         md->once_target = prev;  /* Level at which to change to MATCH_NOMATCH */
+         RRETURN(MATCH_ONCE);
+         }
+       if (*prev >= OP_SBRA)    /* Could match an empty string */
+         {
+         md->match_function_type = MATCH_CBEGROUP;
+         RMATCH(eptr, prev, offset_top, md, eptrb, RM50);
+         RRETURN(rrc);
+         }
        ecode = prev;
-       flags |= match_tail_recursed;
        goto TAIL_RECURSE;
        }
      else  /* OP_KETRMAX */
        {
-       RMATCH(rrc, eptr, prev, offset_top, md, ims, eptrb, flags);
+       if (*prev >= OP_SBRA) md->match_function_type = MATCH_CBEGROUP;
+       RMATCH(eptr, prev, offset_top, md, eptrb, RM13);
+       if (rrc == MATCH_ONCE && md->once_target == prev) rrc = MATCH_NOMATCH;
        if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+       if (*prev == OP_ONCE)
+         {
+         RMATCH(eptr, ecode + 1 + LINK_SIZE, offset_top, md, eptrb, RM9);
+         if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+         md->once_target = prev;
+         RRETURN(MATCH_ONCE);
+         }
        ecode += 1 + LINK_SIZE;
-       flags = match_tail_recursed;
        goto TAIL_RECURSE;
        }
      /* Control never gets here */
-     /* Start of subject unless notbol, or after internal newline if multiline */
+     /* Not multiline mode: start of subject assertion, unless notbol. */
      case OP_CIRC:
-     if (md->notbol && eptr == md->start_subject) RRETURN(MATCH_NOMATCH);
+     if (md->notbol && eptr == md->start_subject) MRRETURN(MATCH_NOMATCH);
-     if ((ims & PCRE_MULTILINE) != 0)
-       {
-       if (eptr != md->start_subject &&
-           (eptr == md->end_subject || !WAS_NEWLINE(eptr)))
-         RRETURN(MATCH_NOMATCH);
-       ecode++;
-       break;
-       }
-     /* ... else fall through */
      /* Start of subject assertion */
      case OP_SOD:
-     if (eptr != md->start_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr != md->start_subject) MRRETURN(MATCH_NOMATCH);
+     ecode++;
+     break;
+     /* Multiline mode: start of subject unless notbol, or after any newline. */
+     case OP_CIRCM:
+     if (md->notbol && eptr == md->start_subject) MRRETURN(MATCH_NOMATCH);
+     if (eptr != md->start_subject &&
+         (eptr == md->end_subject || !WAS_NEWLINE(eptr)))
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      /* Start of match assertion */
      case OP_SOM:
-     if (eptr != md->start_subject + md->start_offset) RRETURN(MATCH_NOMATCH);
+     if (eptr != md->start_subject + md->start_offset) MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
-     /* Assert before internal newline if multiline, or before a terminating
+     /* Reset the start of match point */
-     newline unless endonly is set, else end of subject unless noteol is set. */
-     case OP_DOLL:
+     case OP_SET_SOM:
-     if ((ims & PCRE_MULTILINE) != 0)
+     mstart = eptr;
-       {
+     ecode++;
-       if (eptr < md->end_subject)
+     break;
-         { if (!IS_NEWLINE(eptr)) RRETURN(MATCH_NOMATCH); }
-       else
+     /* Multiline mode: assert before any newline, or before end of subject
-         { if (md->noteol) RRETURN(MATCH_NOMATCH); }
+     unless noteol is set. */
-       ecode++;
-       break;
+     case OP_DOLLM:
-       }
+     if (eptr < md->end_subject)
+       { if (!IS_NEWLINE(eptr)) MRRETURN(MATCH_NOMATCH); }
      else
        {
-       if (md->noteol) RRETURN(MATCH_NOMATCH);
+       if (md->noteol) MRRETURN(MATCH_NOMATCH);
-       if (!md->endonly)
+       SCHECK_PARTIAL();
-         {
-         if (eptr != md->end_subject &&
-             (!IS_NEWLINE(eptr) || eptr != md->end_subject - md->nllen))
-           RRETURN(MATCH_NOMATCH);
-         ecode++;
-         break;
-         }
        }
+     ecode++;
+     break;
+     /* Not multiline mode: assert before a terminating newline or before end of
+     subject unless noteol is set. */
+     case OP_DOLL:
+     if (md->noteol) MRRETURN(MATCH_NOMATCH);
+     if (!md->endonly) goto ASSERT_NL_OR_EOS;
      /* ... else fall through for endonly */
      /* End of subject assertion (\z) */
      case OP_EOD:
-     if (eptr < md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr < md->end_subject) MRRETURN(MATCH_NOMATCH);
+     SCHECK_PARTIAL();
      ecode++;
      break;
      /* End of subject or ending \n assertion (\Z) */
      case OP_EODN:
-     if (eptr != md->end_subject &&
+     ASSERT_NL_OR_EOS:
+     if (eptr < md->end_subject &&
          (!IS_NEWLINE(eptr) || eptr != md->end_subject - md->nllen))
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
+     /* Either at end of string or \n before end. */
+     SCHECK_PARTIAL();
      ecode++;
      break;
-Line 1290 
 for (;;)
+Line 2065 
 for (;;)
        /* Find out if the previous and current characters are "word" characters.
        It takes a bit more work in UTF-8 mode. Characters > 255 are assumed to
-       be "non-word" characters. */
+       be "non-word" characters. Remember the earliest consulted character for
+       partial matching. */
  #ifdef SUPPORT_UTF8
        if (utf8)
          {
+         /* Get status of previous character */
          if (eptr == md->start_subject) prev_is_word = FALSE; else
            {
-           const uschar *lastptr = eptr - 1;
+           USPTR lastptr = eptr - 1;
            while((*lastptr & 0xc0) == 0x80) lastptr--;
+           if (lastptr < md->start_used_ptr) md->start_used_ptr = lastptr;
            GETCHAR(c, lastptr);
+ #ifdef SUPPORT_UCP
+           if (md->use_ucp)
+             {
+             if (c == '_') prev_is_word = TRUE; else
+               {
+               int cat = UCD_CATEGORY(c);
+               prev_is_word = (cat == ucp_L || cat == ucp_N);
+               }
+             }
+           else
+ #endif
            prev_is_word = c < 256 && (md->ctypes[c] & ctype_word) != 0;
            }
-         if (eptr >= md->end_subject) cur_is_word = FALSE; else
+         /* Get status of next character */
+         if (eptr >= md->end_subject)
+           {
+           SCHECK_PARTIAL();
+           cur_is_word = FALSE;
+           }
+         else
            {
            GETCHAR(c, eptr);
+ #ifdef SUPPORT_UCP
+           if (md->use_ucp)
+             {
+             if (c == '_') cur_is_word = TRUE; else
+               {
+               int cat = UCD_CATEGORY(c);
+               cur_is_word = (cat == ucp_L || cat == ucp_N);
+               }
+             }
+           else
+ #endif
            cur_is_word = c < 256 && (md->ctypes[c] & ctype_word) != 0;
            }
          }
        else
+ #endif
+       /* Not in UTF-8 mode, but we may still have PCRE_UCP set, and for
+       consistency with the behaviour of \w we do use it in this case. */
+         {
+         /* Get status of previous character */
+         if (eptr == md->start_subject) prev_is_word = FALSE; else
+           {
+           if (eptr <= md->start_used_ptr) md->start_used_ptr = eptr - 1;
+ #ifdef SUPPORT_UCP
+           if (md->use_ucp)
+             {
+             c = eptr[-1];
+             if (c == '_') prev_is_word = TRUE; else
+               {
+               int cat = UCD_CATEGORY(c);
+               prev_is_word = (cat == ucp_L || cat == ucp_N);
+               }
+             }
+           else
+ #endif
+           prev_is_word = ((md->ctypes[eptr[-1]] & ctype_word) != 0);
+           }
+         /* Get status of next character */
+         if (eptr >= md->end_subject)
+           {
+           SCHECK_PARTIAL();
+           cur_is_word = FALSE;
+           }
+         else
+ #ifdef SUPPORT_UCP
+         if (md->use_ucp)
+           {
+           c = *eptr;
+           if (c == '_') cur_is_word = TRUE; else
+             {
+             int cat = UCD_CATEGORY(c);
+             cur_is_word = (cat == ucp_L || cat == ucp_N);
+             }
+           }
+         else
  #endif
+         cur_is_word = ((md->ctypes[*eptr] & ctype_word) != 0);
-       /* More streamlined when not in UTF-8 mode */
-         {
-         prev_is_word = (eptr != md->start_subject) &&
-           ((md->ctypes[eptr[-1]] & ctype_word) != 0);
-         cur_is_word = (eptr < md->end_subject) &&
-           ((md->ctypes[*eptr] & ctype_word) != 0);
          }
        /* Now see if the situation is what we want */
        if ((*ecode++ == OP_WORD_BOUNDARY)?
             cur_is_word == prev_is_word : cur_is_word != prev_is_word)
-         RRETURN(MATCH_NOMATCH);
+         MRRETURN(MATCH_NOMATCH);
        }
      break;
      /* Match a single character type; inline for speed */
      case OP_ANY:
-     if ((ims & PCRE_DOTALL) == 0)
+     if (IS_NEWLINE(eptr)) MRRETURN(MATCH_NOMATCH);
-       {
+     /* Fall through */
-       if (IS_NEWLINE(eptr)) RRETURN(MATCH_NOMATCH);
+     case OP_ALLANY:
+     if (eptr >= md->end_subject)   /* DO NOT merge the eptr++ here; it must */
+       {                            /* not be updated before SCHECK_PARTIAL. */
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
        }
-     if (eptr++ >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     eptr++;
-     if (utf8)
+     if (utf8) while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
-       while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
      ecode++;
      break;
-Line 1345 
 for (;;)
+Line 2196 
 for (;;)
      any byte, even newline, independent of the setting of PCRE_DOTALL. */
      case OP_ANYBYTE:
-     if (eptr++ >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)   /* DO NOT merge the eptr++ here; it must */
+       {                            /* not be updated before SCHECK_PARTIAL. */
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
+     eptr++;
      ecode++;
      break;
      case OP_NOT_DIGIT:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      if (
  #ifdef SUPPORT_UTF8
-Line 1358 
 for (;;)
+Line 2218 
 for (;;)
  #endif
         (md->ctypes[c] & ctype_digit) != 0
         )
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      case OP_DIGIT:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      if (
  #ifdef SUPPORT_UTF8
-Line 1371 
 for (;;)
+Line 2235 
 for (;;)
  #endif
         (md->ctypes[c] & ctype_digit) == 0
         )
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      case OP_NOT_WHITESPACE:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      if (
  #ifdef SUPPORT_UTF8
-Line 1384 
 for (;;)
+Line 2252 
 for (;;)
  #endif
         (md->ctypes[c] & ctype_space) != 0
         )
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      case OP_WHITESPACE:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      if (
  #ifdef SUPPORT_UTF8
-Line 1397 
 for (;;)
+Line 2269 
 for (;;)
  #endif
         (md->ctypes[c] & ctype_space) == 0
         )
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      case OP_NOT_WORDCHAR:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      if (
  #ifdef SUPPORT_UTF8
-Line 1410 
 for (;;)
+Line 2286 
 for (;;)
  #endif
         (md->ctypes[c] & ctype_word) != 0
         )
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      case OP_WORDCHAR:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      if (
  #ifdef SUPPORT_UTF8
-Line 1423 
 for (;;)
+Line 2303 
 for (;;)
  #endif
         (md->ctypes[c] & ctype_word) == 0
         )
-       RRETURN(MATCH_NOMATCH);
+       MRRETURN(MATCH_NOMATCH);
      ecode++;
      break;
      case OP_ANYNL:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
      switch(c)
        {
-       default: RRETURN(MATCH_NOMATCH);
+       default: MRRETURN(MATCH_NOMATCH);
        case 0x000d:
        if (eptr < md->end_subject && *eptr == 0x0a) eptr++;
        break;
        case 0x000a:
+       break;
        case 0x000b:
        case 0x000c:
        case 0x0085:
        case 0x2028:
        case 0x2029:
+       if (md->bsr_anycrlf) MRRETURN(MATCH_NOMATCH);
+       break;
+       }
+     ecode++;
+     break;
+     case OP_NOT_HSPACE:
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
+     GETCHARINCTEST(c, eptr);
+     switch(c)
+       {
+       default: break;
+       case 0x09:      /* HT */
+       case 0x20:      /* SPACE */
+       case 0xa0:      /* NBSP */
+       case 0x1680:    /* OGHAM SPACE MARK */
+       case 0x180e:    /* MONGOLIAN VOWEL SEPARATOR */
+       case 0x2000:    /* EN QUAD */
+       case 0x2001:    /* EM QUAD */
+       case 0x2002:    /* EN SPACE */
+       case 0x2003:    /* EM SPACE */
+       case 0x2004:    /* THREE-PER-EM SPACE */
+       case 0x2005:    /* FOUR-PER-EM SPACE */
+       case 0x2006:    /* SIX-PER-EM SPACE */
+       case 0x2007:    /* FIGURE SPACE */
+       case 0x2008:    /* PUNCTUATION SPACE */
+       case 0x2009:    /* THIN SPACE */
+       case 0x200A:    /* HAIR SPACE */
+       case 0x202f:    /* NARROW NO-BREAK SPACE */
+       case 0x205f:    /* MEDIUM MATHEMATICAL SPACE */
+       case 0x3000:    /* IDEOGRAPHIC SPACE */
+       MRRETURN(MATCH_NOMATCH);
+       }
+     ecode++;
+     break;
+     case OP_HSPACE:
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
+     GETCHARINCTEST(c, eptr);
+     switch(c)
+       {
+       default: MRRETURN(MATCH_NOMATCH);
+       case 0x09:      /* HT */
+       case 0x20:      /* SPACE */
+       case 0xa0:      /* NBSP */
+       case 0x1680:    /* OGHAM SPACE MARK */
+       case 0x180e:    /* MONGOLIAN VOWEL SEPARATOR */
+       case 0x2000:    /* EN QUAD */
+       case 0x2001:    /* EM QUAD */
+       case 0x2002:    /* EN SPACE */
+       case 0x2003:    /* EM SPACE */
+       case 0x2004:    /* THREE-PER-EM SPACE */
+       case 0x2005:    /* FOUR-PER-EM SPACE */
+       case 0x2006:    /* SIX-PER-EM SPACE */
+       case 0x2007:    /* FIGURE SPACE */
+       case 0x2008:    /* PUNCTUATION SPACE */
+       case 0x2009:    /* THIN SPACE */
+       case 0x200A:    /* HAIR SPACE */
+       case 0x202f:    /* NARROW NO-BREAK SPACE */
+       case 0x205f:    /* MEDIUM MATHEMATICAL SPACE */
+       case 0x3000:    /* IDEOGRAPHIC SPACE */
+       break;
+       }
+     ecode++;
+     break;
+     case OP_NOT_VSPACE:
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
+     GETCHARINCTEST(c, eptr);
+     switch(c)
+       {
+       default: break;
+       case 0x0a:      /* LF */
+       case 0x0b:      /* VT */
+       case 0x0c:      /* FF */
+       case 0x0d:      /* CR */
+       case 0x85:      /* NEL */
+       case 0x2028:    /* LINE SEPARATOR */
+       case 0x2029:    /* PARAGRAPH SEPARATOR */
+       MRRETURN(MATCH_NOMATCH);
+       }
+     ecode++;
+     break;
+     case OP_VSPACE:
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
+     GETCHARINCTEST(c, eptr);
+     switch(c)
+       {
+       default: MRRETURN(MATCH_NOMATCH);
+       case 0x0a:      /* LF */
+       case 0x0b:      /* VT */
+       case 0x0c:      /* FF */
+       case 0x0d:      /* CR */
+       case 0x85:      /* NEL */
+       case 0x2028:    /* LINE SEPARATOR */
+       case 0x2029:    /* PARAGRAPH SEPARATOR */
        break;
        }
      ecode++;
-Line 1453 
 for (;;)
+Line 2454 
 for (;;)
      case OP_PROP:
      case OP_NOTPROP:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
        {
-       int chartype, script;
+       const ucd_record *prop = GET_UCD(c);
-       int category = _pcre_ucp_findprop(c, &chartype, &script);
        switch(ecode[1])
          {
          case PT_ANY:
-         if (op == OP_NOTPROP) RRETURN(MATCH_NOMATCH);
+         if (op == OP_NOTPROP) MRRETURN(MATCH_NOMATCH);
          break;
          case PT_LAMP:
-         if ((chartype == ucp_Lu ||
+         if ((prop->chartype == ucp_Lu ||
-              chartype == ucp_Ll ||
+              prop->chartype == ucp_Ll ||
-              chartype == ucp_Lt) == (op == OP_NOTPROP))
+              prop->chartype == ucp_Lt) == (op == OP_NOTPROP))
-           RRETURN(MATCH_NOMATCH);
+           MRRETURN(MATCH_NOMATCH);
-          break;
+         break;
          case PT_GC:
-         if ((ecode[2] != category) == (op == OP_PROP))
+         if ((ecode[2] != _pcre_ucp_gentype[prop->chartype]) == (op == OP_PROP))
-           RRETURN(MATCH_NOMATCH);
+           MRRETURN(MATCH_NOMATCH);
          break;
          case PT_PC:
-         if ((ecode[2] != chartype) == (op == OP_PROP))
+         if ((ecode[2] != prop->chartype) == (op == OP_PROP))
-           RRETURN(MATCH_NOMATCH);
+           MRRETURN(MATCH_NOMATCH);
          break;
          case PT_SC:
-         if ((ecode[2] != script) == (op == OP_PROP))
+         if ((ecode[2] != prop->script) == (op == OP_PROP))
-           RRETURN(MATCH_NOMATCH);
+           MRRETURN(MATCH_NOMATCH);
+         break;
+         /* These are specials */
+         case PT_ALNUM:
+         if ((_pcre_ucp_gentype[prop->chartype] == ucp_L ||
+              _pcre_ucp_gentype[prop->chartype] == ucp_N) == (op == OP_NOTPROP))
+           MRRETURN(MATCH_NOMATCH);
+         break;
+         case PT_SPACE:    /* Perl space */
+         if ((_pcre_ucp_gentype[prop->chartype] == ucp_Z ||
+              c == CHAR_HT || c == CHAR_NL || c == CHAR_FF || c == CHAR_CR)
+                == (op == OP_NOTPROP))
+           MRRETURN(MATCH_NOMATCH);
+         break;
+         case PT_PXSPACE:  /* POSIX space */
+         if ((_pcre_ucp_gentype[prop->chartype] == ucp_Z ||
+              c == CHAR_HT || c == CHAR_NL || c == CHAR_VT ||
+              c == CHAR_FF || c == CHAR_CR)
+                == (op == OP_NOTPROP))
+           MRRETURN(MATCH_NOMATCH);
+         break;
+         case PT_WORD:
+         if ((_pcre_ucp_gentype[prop->chartype] == ucp_L ||
+              _pcre_ucp_gentype[prop->chartype] == ucp_N ||
+              c == CHAR_UNDERSCORE) == (op == OP_NOTPROP))
+           MRRETURN(MATCH_NOMATCH);
          break;
+         /* This should never occur */
          default:
          RRETURN(PCRE_ERROR_INTERNAL);
          }
-Line 1499 
 for (;;)
+Line 2535 
 for (;;)
      is in the binary; otherwise a compile-time error occurs. */
      case OP_EXTUNI:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      GETCHARINCTEST(c, eptr);
+     if (UCD_CATEGORY(c) == ucp_M) MRRETURN(MATCH_NOMATCH);
+     while (eptr < md->end_subject)
        {
-       int chartype, script;
+       int len = 1;
-       int category = _pcre_ucp_findprop(c, &chartype, &script);
+       if (!utf8) c = *eptr; else { GETCHARLEN(c, eptr, len); }
-       if (category == ucp_M) RRETURN(MATCH_NOMATCH);
+       if (UCD_CATEGORY(c) != ucp_M) break;
-       while (eptr < md->end_subject)
+       eptr += len;
-         {
-         int len = 1;
-         if (!utf8) c = *eptr; else
-           {
-           GETCHARLEN(c, eptr, len);
-           }
-         category = _pcre_ucp_findprop(c, &chartype, &script);
-         if (category != ucp_M) break;
-         eptr += len;
-         }
        }
      ecode++;
      break;
-Line 1531 
 for (;;)
+Line 2563 
 for (;;)
      loops). */
      case OP_REF:
-       {
+     case OP_REFI:
-       offset = GET2(ecode, 1) << 1;               /* Doubled ref number */
+     caseless = op == OP_REFI;
-       ecode += 3;                                 /* Advance past item */
+     offset = GET2(ecode, 1) << 1;               /* Doubled ref number */
+     ecode += 3;
-       /* If the reference is unset, set the length to be longer than the amount
+     /* If the reference is unset, there are two possibilities:
-       of subject left; this ensures that every attempt at a match fails. We
-       can't just fail here, because of the possibility of quantifiers with zero
-       minima. */
-       length = (offset >= offset_top || md->offset_vector[offset] < 0)?
-         md->end_subject - eptr + 1 :
-         md->offset_vector[offset+1] - md->offset_vector[offset];
-       /* Set up for repetition, or handle the non-repeated case */
+     (a) In the default, Perl-compatible state, set the length negative;
+     this ensures that every attempt at a match fails. We can't just fail
+     here, because of the possibility of quantifiers with zero minima.
-       switch (*ecode)
+     (b) If the JavaScript compatibility flag is set, set the length to zero
-         {
+     so that the back reference matches an empty string.
-         case OP_CRSTAR:
-         case OP_CRMINSTAR:
-         case OP_CRPLUS:
-         case OP_CRMINPLUS:
-         case OP_CRQUERY:
-         case OP_CRMINQUERY:
-         c = *ecode++ - OP_CRSTAR;
-         minimize = (c & 1) != 0;
-         min = rep_min[c];                 /* Pick up values from tables; */
-         max = rep_max[c];                 /* zero for max => infinity */
-         if (max == 0) max = INT_MAX;
-         break;
-         case OP_CRRANGE:
+     Otherwise, set the length to the length of what was matched by the
-         case OP_CRMINRANGE:
+     referenced subpattern. */
-         minimize = (*ecode == OP_CRMINRANGE);
-         min = GET2(ecode, 1);
-         max = GET2(ecode, 3);
-         if (max == 0) max = INT_MAX;
-         ecode += 5;
-         break;
-         default:               /* No repeat follows */
+     if (offset >= offset_top || md->offset_vector[offset] < 0)
-         if (!match_ref(offset, eptr, length, md, ims)) RRETURN(MATCH_NOMATCH);
+       length = (md->jscript_compat)? 0 : -1;
-         eptr += length;
+     else
-         continue;              /* With the main loop */
+       length = md->offset_vector[offset+1] - md->offset_vector[offset];
+     /* Set up for repetition, or handle the non-repeated case */
+     switch (*ecode)
+       {
+       case OP_CRSTAR:
+       case OP_CRMINSTAR:
+       case OP_CRPLUS:
+       case OP_CRMINPLUS:
+       case OP_CRQUERY:
+       case OP_CRMINQUERY:
+       c = *ecode++ - OP_CRSTAR;
+       minimize = (c & 1) != 0;
+       min = rep_min[c];                 /* Pick up values from tables; */
+       max = rep_max[c];                 /* zero for max => infinity */
+       if (max == 0) max = INT_MAX;
+       break;
+       case OP_CRRANGE:
+       case OP_CRMINRANGE:
+       minimize = (*ecode == OP_CRMINRANGE);
+       min = GET2(ecode, 1);
+       max = GET2(ecode, 3);
+       if (max == 0) max = INT_MAX;
+       ecode += 5;
+       break;
+       default:               /* No repeat follows */
+       if ((length = match_ref(offset, eptr, length, md, caseless)) < 0)
+         {
+         CHECK_PARTIAL();
+         MRRETURN(MATCH_NOMATCH);
          }
+       eptr += length;
+       continue;              /* With the main loop */
+       }
-       /* If the length of the reference is zero, just continue with the
+     /* Handle repeated back references. If the length of the reference is
-       main loop. */
+     zero, just continue with the main loop. */
-       if (length == 0) continue;
+     if (length == 0) continue;
-       /* First, ensure the minimum number of matches are present. We get back
+     /* First, ensure the minimum number of matches are present. We get back
-       the length of the reference string explicitly rather than passing the
+     the length of the reference string explicitly rather than passing the
-       address of eptr, so that eptr can be a register variable. */
+     address of eptr, so that eptr can be a register variable. */
-       for (i = 1; i <= min; i++)
+     for (i = 1; i <= min; i++)
+       {
+       int slength;
+       if ((slength = match_ref(offset, eptr, length, md, caseless)) < 0)
          {
-         if (!match_ref(offset, eptr, length, md, ims)) RRETURN(MATCH_NOMATCH);
+         CHECK_PARTIAL();
-         eptr += length;
+         MRRETURN(MATCH_NOMATCH);
          }
+       eptr += slength;
+       }
-       /* If min = max, continue at the same level without recursion.
+     /* If min = max, continue at the same level without recursion.
-       They are not both allowed to be zero. */
+     They are not both allowed to be zero. */
-       if (min == max) continue;
+     if (min == max) continue;
-       /* If minimizing, keep trying and advancing the pointer */
+     /* If minimizing, keep trying and advancing the pointer */
-       if (minimize)
+     if (minimize)
+       {
+       for (fi = min;; fi++)
          {
-         for (fi = min;; fi++)
+         int slength;
+         RMATCH(eptr, ecode, offset_top, md, eptrb, RM14);
+         if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+         if (fi >= max) MRRETURN(MATCH_NOMATCH);
+         if ((slength = match_ref(offset, eptr, length, md, caseless)) < 0)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           CHECK_PARTIAL();
-           if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+           MRRETURN(MATCH_NOMATCH);
-           if (fi >= max || !match_ref(offset, eptr, length, md, ims))
-             RRETURN(MATCH_NOMATCH);
-           eptr += length;
            }
-         /* Control never gets here */
+         eptr += slength;
          }
+       /* Control never gets here */
+       }
-       /* If maximizing, find the longest string and work backwards */
+     /* If maximizing, find the longest string and work backwards */
-       else
+     else
+       {
+       pp = eptr;
+       for (i = min; i < max; i++)
          {
-         pp = eptr;
+         int slength;
-         for (i = min; i < max; i++)
+         if ((slength = match_ref(offset, eptr, length, md, caseless)) < 0)
-           {
-           if (!match_ref(offset, eptr, length, md, ims)) break;
-           eptr += length;
-           }
-         while (eptr >= pp)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           CHECK_PARTIAL();
-           if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+           break;
-           eptr -= length;
            }
-         RRETURN(MATCH_NOMATCH);
+         eptr += slength;
          }
+       while (eptr >= pp)
+         {
+         RMATCH(eptr, ecode, offset_top, md, eptrb, RM15);
+         if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+         eptr -= length;
+         }
+       MRRETURN(MATCH_NOMATCH);
        }
      /* Control never gets here */
      /* Match a bit-mapped character class, possibly repeatedly. This op code is
      used when all the characters in the class have values in the range 0-255,
      and either the matching is caseful, or the characters are in the range
-Line 1688 
 for (;;)
+Line 2745 
 for (;;)
          {
          for (i = 1; i <= min; i++)
            {
-           if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
            GETCHARINC(c, eptr);
            if (c > 255)
              {
-             if (op == OP_CLASS) RRETURN(MATCH_NOMATCH);
+             if (op == OP_CLASS) MRRETURN(MATCH_NOMATCH);
              }
            else
              {
-             if ((data[c/8] & (1 << (c&7))) == 0) RRETURN(MATCH_NOMATCH);
+             if ((data[c/8] & (1 << (c&7))) == 0) MRRETURN(MATCH_NOMATCH);
              }
            }
          }
-Line 1706 
 for (;;)
+Line 2767 
 for (;;)
          {
          for (i = 1; i <= min; i++)
            {
-           if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
            c = *eptr++;
-           if ((data[c/8] & (1 << (c&7))) == 0) RRETURN(MATCH_NOMATCH);
+           if ((data[c/8] & (1 << (c&7))) == 0) MRRETURN(MATCH_NOMATCH);
            }
          }
-Line 1728 
 for (;;)
+Line 2793 
 for (;;)
            {
            for (fi = min;; fi++)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM16);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-             if (fi >= max || eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+             if (fi >= max) MRRETURN(MATCH_NOMATCH);
+             if (eptr >= md->end_subject)
+               {
+               SCHECK_PARTIAL();
+               MRRETURN(MATCH_NOMATCH);
+               }
              GETCHARINC(c, eptr);
              if (c > 255)
                {
-               if (op == OP_CLASS) RRETURN(MATCH_NOMATCH);
+               if (op == OP_CLASS) MRRETURN(MATCH_NOMATCH);
                }
              else
                {
-               if ((data[c/8] & (1 << (c&7))) == 0) RRETURN(MATCH_NOMATCH);
+               if ((data[c/8] & (1 << (c&7))) == 0) MRRETURN(MATCH_NOMATCH);
                }
              }
            }
-Line 1748 
 for (;;)
+Line 2818 
 for (;;)
            {
            for (fi = min;; fi++)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM17);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-             if (fi >= max || eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+             if (fi >= max) MRRETURN(MATCH_NOMATCH);
+             if (eptr >= md->end_subject)
+               {
+               SCHECK_PARTIAL();
+               MRRETURN(MATCH_NOMATCH);
+               }
              c = *eptr++;
-             if ((data[c/8] & (1 << (c&7))) == 0) RRETURN(MATCH_NOMATCH);
+             if ((data[c/8] & (1 << (c&7))) == 0) MRRETURN(MATCH_NOMATCH);
              }
            }
          /* Control never gets here */
-Line 1771 
 for (;;)
+Line 2846 
 for (;;)
            for (i = min; i < max; i++)
              {
              int len = 1;
-             if (eptr >= md->end_subject) break;
+             if (eptr >= md->end_subject)
+               {
+               SCHECK_PARTIAL();
+               break;
+               }
              GETCHARLEN(c, eptr, len);
              if (c > 255)
                {
-Line 1785 
 for (;;)
+Line 2864 
 for (;;)
              }
            for (;;)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM18);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
              if (eptr-- == pp) break;        /* Stop if tried at original pos */
              BACKCHAR(eptr);
-Line 1797 
 for (;;)
+Line 2876 
 for (;;)
            {
            for (i = min; i < max; i++)
              {
-             if (eptr >= md->end_subject) break;
+             if (eptr >= md->end_subject)
+               {
+               SCHECK_PARTIAL();
+               break;
+               }
              c = *eptr;
              if ((data[c/8] & (1 << (c&7))) == 0) break;
              eptr++;
              }
            while (eptr >= pp)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM19);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
              eptr--;
              }
            }
-         RRETURN(MATCH_NOMATCH);
+         MRRETURN(MATCH_NOMATCH);
          }
        }
      /* Control never gets here */
      /* Match an extended character class. This opcode is encountered only
-     in UTF-8 mode, because that's the only time it is compiled. */
+     when UTF-8 mode mode is supported. Nevertheless, we may not be in UTF-8
+     mode, because Unicode properties are supported in non-UTF-8 mode. */
  #ifdef SUPPORT_UTF8
      case OP_XCLASS:
-Line 1858 
 for (;;)
+Line 2942 
 for (;;)
        for (i = 1; i <= min; i++)
          {
-         if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+         if (eptr >= md->end_subject)
-         GETCHARINC(c, eptr);
+           {
-         if (!_pcre_xclass(c, data)) RRETURN(MATCH_NOMATCH);
+           SCHECK_PARTIAL();
+           MRRETURN(MATCH_NOMATCH);
+           }
+         GETCHARINCTEST(c, eptr);
+         if (!_pcre_xclass(c, data)) MRRETURN(MATCH_NOMATCH);
          }
        /* If max == min we can continue with the main loop without the
-Line 1875 
 for (;;)
+Line 2963 
 for (;;)
          {
          for (fi = min;; fi++)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           RMATCH(eptr, ecode, offset_top, md, eptrb, RM20);
            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-           if (fi >= max || eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+           if (fi >= max) MRRETURN(MATCH_NOMATCH);
-           GETCHARINC(c, eptr);
+           if (eptr >= md->end_subject)
-           if (!_pcre_xclass(c, data)) RRETURN(MATCH_NOMATCH);
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
+           GETCHARINCTEST(c, eptr);
+           if (!_pcre_xclass(c, data)) MRRETURN(MATCH_NOMATCH);
            }
          /* Control never gets here */
          }
-Line 1892 
 for (;;)
+Line 2985 
 for (;;)
          for (i = min; i < max; i++)
            {
            int len = 1;
-           if (eptr >= md->end_subject) break;
+           if (eptr >= md->end_subject)
-           GETCHARLEN(c, eptr, len);
+             {
+             SCHECK_PARTIAL();
+             break;
+             }
+           GETCHARLENTEST(c, eptr, len);
            if (!_pcre_xclass(c, data)) break;
            eptr += len;
            }
          for(;;)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           RMATCH(eptr, ecode, offset_top, md, eptrb, RM21);
            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
            if (eptr-- == pp) break;        /* Stop if tried at original pos */
-           BACKCHAR(eptr)
+           if (utf8) BACKCHAR(eptr);
            }
-         RRETURN(MATCH_NOMATCH);
+         MRRETURN(MATCH_NOMATCH);
          }
        /* Control never gets here */
-Line 1920 
 for (;;)
+Line 3017 
 for (;;)
        length = 1;
        ecode++;
        GETCHARLEN(fc, ecode, length);
-       if (length > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
+       if (length > md->end_subject - eptr)
-       while (length-- > 0) if (*ecode++ != *eptr++) RRETURN(MATCH_NOMATCH);
+         {
+         CHECK_PARTIAL();             /* Not SCHECK_PARTIAL() */
+         MRRETURN(MATCH_NOMATCH);
+         }
+       while (length-- > 0) if (*ecode++ != *eptr++) MRRETURN(MATCH_NOMATCH);
        }
      else
  #endif
      /* Non-UTF-8 mode */
        {
-       if (md->end_subject - eptr < 1) RRETURN(MATCH_NOMATCH);
+       if (md->end_subject - eptr < 1)
-       if (ecode[1] != *eptr++) RRETURN(MATCH_NOMATCH);
+         {
+         SCHECK_PARTIAL();            /* This one can use SCHECK_PARTIAL() */
+         MRRETURN(MATCH_NOMATCH);
+         }
+       if (ecode[1] != *eptr++) MRRETURN(MATCH_NOMATCH);
        ecode += 2;
        }
      break;
      /* Match a single character, caselessly */
-     case OP_CHARNC:
+     case OP_CHARI:
  #ifdef SUPPORT_UTF8
      if (utf8)
        {
-Line 1944 
 for (;;)
+Line 3049 
 for (;;)
        ecode++;
        GETCHARLEN(fc, ecode, length);
-       if (length > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
+       if (length > md->end_subject - eptr)
+         {
+         CHECK_PARTIAL();             /* Not SCHECK_PARTIAL() */
+         MRRETURN(MATCH_NOMATCH);
+         }
        /* If the pattern character's value is < 128, we have only one byte, and
        can use the fast lookup table. */
        if (fc < 128)
          {
-         if (md->lcc[*ecode++] != md->lcc[*eptr++]) RRETURN(MATCH_NOMATCH);
+         if (md->lcc[*ecode++] != md->lcc[*eptr++]) MRRETURN(MATCH_NOMATCH);
          }
        /* Otherwise we must pick up the subject character */
-Line 1968 
 for (;;)
+Line 3077 
 for (;;)
          if (fc != dc)
            {
  #ifdef SUPPORT_UCP
-           if (dc != _pcre_ucp_othercase(fc))
+           if (dc != UCD_OTHERCASE(fc))
  #endif
-             RRETURN(MATCH_NOMATCH);
+             MRRETURN(MATCH_NOMATCH);
            }
          }
        }
-Line 1979 
 for (;;)
+Line 3088 
 for (;;)
      /* Non-UTF-8 mode */
        {
-       if (md->end_subject - eptr < 1) RRETURN(MATCH_NOMATCH);
+       if (md->end_subject - eptr < 1)
-       if (md->lcc[ecode[1]] != md->lcc[*eptr++]) RRETURN(MATCH_NOMATCH);
+         {
+         SCHECK_PARTIAL();            /* This one can use SCHECK_PARTIAL() */
+         MRRETURN(MATCH_NOMATCH);
+         }
+       if (md->lcc[ecode[1]] != md->lcc[*eptr++]) MRRETURN(MATCH_NOMATCH);
        ecode += 2;
        }
      break;
-Line 1988 
 for (;;)
+Line 3101 
 for (;;)
      /* Match a single character repeatedly. */
      case OP_EXACT:
+     case OP_EXACTI:
      min = max = GET2(ecode, 1);
      ecode += 3;
      goto REPEATCHAR;
      case OP_POSUPTO:
+     case OP_POSUPTOI:
      possessive = TRUE;
      /* Fall through */
      case OP_UPTO:
+     case OP_UPTOI:
      case OP_MINUPTO:
+     case OP_MINUPTOI:
      min = 0;
      max = GET2(ecode, 1);
-     minimize = *ecode == OP_MINUPTO;
+     minimize = *ecode == OP_MINUPTO || *ecode == OP_MINUPTOI;
      ecode += 3;
      goto REPEATCHAR;
      case OP_POSSTAR:
+     case OP_POSSTARI:
      possessive = TRUE;
      min = 0;
      max = INT_MAX;
-Line 2012 
 for (;;)
+Line 3130 
 for (;;)
      goto REPEATCHAR;
      case OP_POSPLUS:
+     case OP_POSPLUSI:
      possessive = TRUE;
      min = 1;
      max = INT_MAX;
-Line 2019 
 for (;;)
+Line 3138 
 for (;;)
      goto REPEATCHAR;
      case OP_POSQUERY:
+     case OP_POSQUERYI:
      possessive = TRUE;
      min = 0;
      max = 1;
-Line 2026 
 for (;;)
+Line 3146 
 for (;;)
      goto REPEATCHAR;
      case OP_STAR:
+     case OP_STARI:
      case OP_MINSTAR:
+     case OP_MINSTARI:
      case OP_PLUS:
+     case OP_PLUSI:
      case OP_MINPLUS:
+     case OP_MINPLUSI:
      case OP_QUERY:
+     case OP_QUERYI:
      case OP_MINQUERY:
-     c = *ecode++ - OP_STAR;
+     case OP_MINQUERYI:
+     c = *ecode++ - ((op < OP_STARI)? OP_STAR : OP_STARI);
      minimize = (c & 1) != 0;
      min = rep_min[c];                 /* Pick up values from tables; */
      max = rep_max[c];                 /* zero for max => infinity */
      if (max == 0) max = INT_MAX;
-     /* Common code for all repeated single-character matches. We can give
+     /* Common code for all repeated single-character matches. */
-     up quickly if there are fewer than the minimum number of characters left in
-     the subject. */
      REPEATCHAR:
  #ifdef SUPPORT_UTF8
-Line 2048 
 for (;;)
+Line 3172 
 for (;;)
        length = 1;
        charptr = ecode;
        GETCHARLEN(fc, ecode, length);
-       if (min * length > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
        ecode += length;
        /* Handle multibyte character matching specially here. There is
-Line 2058 
 for (;;)
+Line 3181 
 for (;;)
          {
  #ifdef SUPPORT_UCP
          unsigned int othercase;
-         if ((ims & PCRE_CASELESS) != 0 &&
+         if (op >= OP_STARI &&     /* Caseless */
-             (othercase = _pcre_ucp_othercase(fc)) != NOTACHAR)
+             (othercase = UCD_OTHERCASE(fc)) != fc)
            oclength = _pcre_ord2utf8(othercase, occhars);
          else oclength = 0;
  #endif  /* SUPPORT_UCP */
          for (i = 1; i <= min; i++)
            {
-           if (memcmp(eptr, charptr, length) == 0) eptr += length;
+           if (eptr <= md->end_subject - length &&
+             memcmp(eptr, charptr, length) == 0) eptr += length;
  #ifdef SUPPORT_UCP
-           /* Need braces because of following else */
+           else if (oclength > 0 &&
-           else if (oclength == 0) { RRETURN(MATCH_NOMATCH); }
+                    eptr <= md->end_subject - oclength &&
+                    memcmp(eptr, occhars, oclength) == 0) eptr += oclength;
+ #endif  /* SUPPORT_UCP */
            else
              {
-             if (memcmp(eptr, occhars, oclength) != 0) RRETURN(MATCH_NOMATCH);
+             CHECK_PARTIAL();
-             eptr += oclength;
+             MRRETURN(MATCH_NOMATCH);
              }
- #else   /* without SUPPORT_UCP */
-           else { RRETURN(MATCH_NOMATCH); }
- #endif  /* SUPPORT_UCP */
            }
          if (min == max) continue;
-Line 2086 
 for (;;)
+Line 3209 
 for (;;)
            {
            for (fi = min;; fi++)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM22);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-             if (fi >= max || eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+             if (fi >= max) MRRETURN(MATCH_NOMATCH);
-             if (memcmp(eptr, charptr, length) == 0) eptr += length;
+             if (eptr <= md->end_subject - length &&
+               memcmp(eptr, charptr, length) == 0) eptr += length;
  #ifdef SUPPORT_UCP
-             /* Need braces because of following else */
+             else if (oclength > 0 &&
-             else if (oclength == 0) { RRETURN(MATCH_NOMATCH); }
+                      eptr <= md->end_subject - oclength &&
+                      memcmp(eptr, occhars, oclength) == 0) eptr += oclength;
+ #endif  /* SUPPORT_UCP */
              else
                {
-               if (memcmp(eptr, occhars, oclength) != 0) RRETURN(MATCH_NOMATCH);
+               CHECK_PARTIAL();
-               eptr += oclength;
+               MRRETURN(MATCH_NOMATCH);
                }
- #else   /* without SUPPORT_UCP */
-             else { RRETURN (MATCH_NOMATCH); }
- #endif  /* SUPPORT_UCP */
              }
            /* Control never gets here */
            }
-Line 2110 
 for (;;)
+Line 3233 
 for (;;)
            pp = eptr;
            for (i = min; i < max; i++)
              {
-             if (eptr > md->end_subject - length) break;
+             if (eptr <= md->end_subject - length &&
-             if (memcmp(eptr, charptr, length) == 0) eptr += length;
+                 memcmp(eptr, charptr, length) == 0) eptr += length;
  #ifdef SUPPORT_UCP
-             else if (oclength == 0) break;
+             else if (oclength > 0 &&
+                      eptr <= md->end_subject - oclength &&
+                      memcmp(eptr, occhars, oclength) == 0) eptr += oclength;
+ #endif  /* SUPPORT_UCP */
              else
                {
-               if (memcmp(eptr, occhars, oclength) != 0) break;
+               CHECK_PARTIAL();
-               eptr += oclength;
+               break;
                }
- #else   /* without SUPPORT_UCP */
-             else break;
- #endif  /* SUPPORT_UCP */
              }
            if (possessive) continue;
            for(;;)
-            {
+             {
-            RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM23);
-            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+             if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-            if (eptr == pp) RRETURN(MATCH_NOMATCH);
+             if (eptr == pp) { MRRETURN(MATCH_NOMATCH); }
  #ifdef SUPPORT_UCP
-            eptr--;
+             eptr--;
-            BACKCHAR(eptr);
+             BACKCHAR(eptr);
  #else   /* without SUPPORT_UCP */
-            eptr -= length;
+             eptr -= length;
  #endif  /* SUPPORT_UCP */
-            }
+             }
            }
          /* Control never gets here */
          }
-Line 2149 
 for (;;)
+Line 3273 
 for (;;)
  #endif  /* SUPPORT_UTF8 */
      /* When not in UTF-8 mode, load a single-byte character. */
-       {
-       if (min > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
+     fc = *ecode++;
-       fc = *ecode++;
-       }
      /* The value of fc at this point is always less than 256, though we may or
      may not be in UTF-8 mode. The code is duplicated for the caseless and
-Line 2166 
 for (;;)
+Line 3288 
 for (;;)
      DPRINTF(("matching %c{%d,%d} against subject %.*s\n", fc, min, max,
        max, eptr));
-     if ((ims & PCRE_CASELESS) != 0)
+     if (op >= OP_STARI)  /* Caseless */
        {
        fc = md->lcc[fc];
        for (i = 1; i <= min; i++)
-         if (fc != md->lcc[*eptr++]) RRETURN(MATCH_NOMATCH);
+         {
+         if (eptr >= md->end_subject)
+           {
+           SCHECK_PARTIAL();
+           MRRETURN(MATCH_NOMATCH);
+           }
+         if (fc != md->lcc[*eptr++]) MRRETURN(MATCH_NOMATCH);
+         }
        if (min == max) continue;
        if (minimize)
          {
          for (fi = min;; fi++)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           RMATCH(eptr, ecode, offset_top, md, eptrb, RM24);
            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-           if (fi >= max || eptr >= md->end_subject ||
+           if (fi >= max) MRRETURN(MATCH_NOMATCH);
-               fc != md->lcc[*eptr++])
+           if (eptr >= md->end_subject)
-             RRETURN(MATCH_NOMATCH);
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
+           if (fc != md->lcc[*eptr++]) MRRETURN(MATCH_NOMATCH);
            }
          /* Control never gets here */
          }
-Line 2189 
 for (;;)
+Line 3322 
 for (;;)
          pp = eptr;
          for (i = min; i < max; i++)
            {
-           if (eptr >= md->end_subject || fc != md->lcc[*eptr]) break;
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             break;
+             }
+           if (fc != md->lcc[*eptr]) break;
            eptr++;
            }
          if (possessive) continue;
          while (eptr >= pp)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           RMATCH(eptr, ecode, offset_top, md, eptrb, RM25);
            eptr--;
            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
            }
-         RRETURN(MATCH_NOMATCH);
+         MRRETURN(MATCH_NOMATCH);
          }
        /* Control never gets here */
        }
-Line 2208 
 for (;;)
+Line 3348 
 for (;;)
      else
        {
-       for (i = 1; i <= min; i++) if (fc != *eptr++) RRETURN(MATCH_NOMATCH);
+       for (i = 1; i <= min; i++)
+         {
+         if (eptr >= md->end_subject)
+           {
+           SCHECK_PARTIAL();
+           MRRETURN(MATCH_NOMATCH);
+           }
+         if (fc != *eptr++) MRRETURN(MATCH_NOMATCH);
+         }
        if (min == max) continue;
        if (minimize)
          {
          for (fi = min;; fi++)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           RMATCH(eptr, ecode, offset_top, md, eptrb, RM26);
            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-           if (fi >= max || eptr >= md->end_subject || fc != *eptr++)
+           if (fi >= max) MRRETURN(MATCH_NOMATCH);
-             RRETURN(MATCH_NOMATCH);
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
+           if (fc != *eptr++) MRRETURN(MATCH_NOMATCH);
            }
          /* Control never gets here */
          }
-Line 2226 
 for (;;)
+Line 3381 
 for (;;)
          pp = eptr;
          for (i = min; i < max; i++)
            {
-           if (eptr >= md->end_subject || fc != *eptr) break;
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             break;
+             }
+           if (fc != *eptr) break;
            eptr++;
            }
          if (possessive) continue;
          while (eptr >= pp)
            {
-           RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+           RMATCH(eptr, ecode, offset_top, md, eptrb, RM27);
            eptr--;
            if (rrc != MATCH_NOMATCH) RRETURN(rrc);
            }
-         RRETURN(MATCH_NOMATCH);
+         MRRETURN(MATCH_NOMATCH);
          }
        }
      /* Control never gets here */
-Line 2245 
 for (;;)
+Line 3406 
 for (;;)
      checking can be multibyte. */
      case OP_NOT:
-     if (eptr >= md->end_subject) RRETURN(MATCH_NOMATCH);
+     case OP_NOTI:
+     if (eptr >= md->end_subject)
+       {
+       SCHECK_PARTIAL();
+       MRRETURN(MATCH_NOMATCH);
+       }
      ecode++;
      GETCHARINCTEST(c, eptr);
-     if ((ims & PCRE_CASELESS) != 0)
+     if (op == OP_NOTI)         /* The caseless case */
        {
  #ifdef SUPPORT_UTF8
        if (c < 256)
  #endif
        c = md->lcc[c];
-       if (md->lcc[*ecode++] == c) RRETURN(MATCH_NOMATCH);
+       if (md->lcc[*ecode++] == c) MRRETURN(MATCH_NOMATCH);
        }
-     else
+     else    /* Caseful */
        {
-       if (*ecode++ == c) RRETURN(MATCH_NOMATCH);
+       if (*ecode++ == c) MRRETURN(MATCH_NOMATCH);
        }
      break;
-Line 2270 
 for (;;)
+Line 3436 
 for (;;)
      about... */
      case OP_NOTEXACT:
+     case OP_NOTEXACTI:
      min = max = GET2(ecode, 1);
      ecode += 3;
      goto REPEATNOTCHAR;
      case OP_NOTUPTO:
+     case OP_NOTUPTOI:
      case OP_NOTMINUPTO:
+     case OP_NOTMINUPTOI:
      min = 0;
      max = GET2(ecode, 1);
-     minimize = *ecode == OP_NOTMINUPTO;
+     minimize = *ecode == OP_NOTMINUPTO || *ecode == OP_NOTMINUPTOI;
      ecode += 3;
      goto REPEATNOTCHAR;
      case OP_NOTPOSSTAR:
+     case OP_NOTPOSSTARI:
      possessive = TRUE;
      min = 0;
      max = INT_MAX;
-Line 2290 
 for (;;)
+Line 3460 
 for (;;)
      goto REPEATNOTCHAR;
      case OP_NOTPOSPLUS:
+     case OP_NOTPOSPLUSI:
      possessive = TRUE;
      min = 1;
      max = INT_MAX;
-Line 2297 
 for (;;)
+Line 3468 
 for (;;)
      goto REPEATNOTCHAR;
      case OP_NOTPOSQUERY:
+     case OP_NOTPOSQUERYI:
      possessive = TRUE;
      min = 0;
      max = 1;
-Line 2304 
 for (;;)
+Line 3476 
 for (;;)
      goto REPEATNOTCHAR;
      case OP_NOTPOSUPTO:
+     case OP_NOTPOSUPTOI:
      possessive = TRUE;
      min = 0;
      max = GET2(ecode, 1);
-Line 2311 
 for (;;)
+Line 3484 
 for (;;)
      goto REPEATNOTCHAR;
      case OP_NOTSTAR:
+     case OP_NOTSTARI:
      case OP_NOTMINSTAR:
+     case OP_NOTMINSTARI:
      case OP_NOTPLUS:
+     case OP_NOTPLUSI:
      case OP_NOTMINPLUS:
+     case OP_NOTMINPLUSI:
      case OP_NOTQUERY:
+     case OP_NOTQUERYI:
      case OP_NOTMINQUERY:
-     c = *ecode++ - OP_NOTSTAR;
+     case OP_NOTMINQUERYI:
+     c = *ecode++ - ((op >= OP_NOTSTARI)? OP_NOTSTARI: OP_NOTSTAR);
      minimize = (c & 1) != 0;
      min = rep_min[c];                 /* Pick up values from tables; */
      max = rep_max[c];                 /* zero for max => infinity */
      if (max == 0) max = INT_MAX;
-     /* Common code for all repeated single-byte matches. We can give up quickly
+     /* Common code for all repeated single-byte matches. */
-     if there are fewer than the minimum number of bytes left in the
-     subject. */
      REPEATNOTCHAR:
-     if (min > md->end_subject - eptr) RRETURN(MATCH_NOMATCH);
      fc = *ecode++;
      /* The code is duplicated for the caseless and caseful cases, for speed,
-Line 2341 
 for (;;)
+Line 3517 
 for (;;)
      DPRINTF(("negative matching %c{%d,%d} against subject %.*s\n", fc, min, max,
        max, eptr));
-     if ((ims & PCRE_CASELESS) != 0)
+     if (op >= OP_NOTSTARI)     /* Caseless */
        {
        fc = md->lcc[fc];
-Line 2352 
 for (;;)
+Line 3528 
 for (;;)
          register unsigned int d;
          for (i = 1; i <= min; i++)
            {
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
            GETCHARINC(d, eptr);
            if (d < 256) d = md->lcc[d];
-           if (fc == d) RRETURN(MATCH_NOMATCH);
+           if (fc == d) MRRETURN(MATCH_NOMATCH);
            }
          }
        else
-Line 2363 
 for (;;)
+Line 3544 
 for (;;)
        /* Not UTF-8 mode */
          {
          for (i = 1; i <= min; i++)
-           if (fc == md->lcc[*eptr++]) RRETURN(MATCH_NOMATCH);
+           {
+           if (eptr >= md->end_subject)
+             {
+             SCHECK_PARTIAL();
+             MRRETURN(MATCH_NOMATCH);
+             }
+           if (fc == md->lcc[*eptr++]) MRRETURN(MATCH_NOMATCH);
+           }
          }
        if (min == max) continue;
-Line 2377 
 for (;;)
+Line 3565 
 for (;;)
            register unsigned int d;
            for (fi = min;; fi++)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM28);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
+             if (fi >= max) MRRETURN(MATCH_NOMATCH);
+             if (eptr >= md->end_subject)
+               {
+               SCHECK_PARTIAL();
+               MRRETURN(MATCH_NOMATCH);
+               }
              GETCHARINC(d, eptr);
              if (d < 256) d = md->lcc[d];
-             if (fi >= max || eptr >= md->end_subject || fc == d)
+             if (fc == d) MRRETURN(MATCH_NOMATCH);
-               RRETURN(MATCH_NOMATCH);
              }
            }
          else
-Line 2391 
 for (;;)
+Line 3584 
 for (;;)
            {
            for (fi = min;; fi++)
              {
-             RMATCH(rrc, eptr, ecode, offset_top, md, ims, eptrb, 0);
+             RMATCH(eptr, ecode, offset_top, md, eptrb, RM29);
              if (rrc != MATCH_NOMATCH) RRETURN(rrc);
-             if (fi >= max || eptr >= md->end_subject || fc == md->lcc[*eptr++])
+             if (fi >= max) MRRETURN(MATCH_NOMATCH);
-               RRETURN(MATCH_NOMATCH);
+             if (eptr >= md->end_subject)
+               {
+               SCHECK_PARTIAL();
+               MRRETURN(MATCH_NOMATCH);
+               }
+             if (fc == md->lcc[*eptr++]) MRRETURN(MATCH_NOMATCH);
              }