Case in point: this entry which is for this diff does NOT match the regex at that point in time:
user_age == 0 & edit_delta < 5 & edit_delta > -5 & added_lines rlike "^[\n\s]+$"
Indeed, if you examine it and run the regex there, it does not match. Compare with Special:AbuseLog/18775762 (for the same edit) and you'll see the variables are all wrong. This apparently is what AbuseFilter is going off of. For example, the edit_delta (net change) is listed as 1, but looking at the contributions of the IP (or the page's revision history), there aren't any that were +1 in size. If you compare the UNIX timestamp you'll see the date matches up, so it at least thinks it's for the same edit.
I spot-checked some filters on enwiki and they don't seem to be malfunctioning like this, but there could be others.