re: wmc and ElectricFence

Sure enough, valgrind finds something to complain about:

$ cd dlls/kernel $ make messages/winerr_enu.mc.rc LD_LIBRARY_PATH="../../library:../../unicode:$LD_LIBRARY_PATH" valgrind ../../tools/wmc/wmc -i -U -H /dev/null -o messages/winerr_enu.mc.rc messages/winerr_enu.mc ... ==7935== Invalid read of size 4 ==7935== at 0x804B7A4: yyparse (./mcy.y:232) ==7935== by 0x804A4B3: main (wmc.c:256) ==7935== by 0x420158D3: __libc_start_main (in /lib/i686/libc-2.2.93.so) ==7935== by 0x8048E50: (within /home/dank/wine-20021125/tools/wmc/wmc) ==7935== Address 0x4106E5E4 is 8 bytes inside a block of size 24 free'd ==7935== at 0x4015D715: free (vg_clientfuncs.c:182) ==7935== by 0x804B79A: yyparse (./mcy.y:231) ==7935== by 0x804A4B3: main (wmc.c:256) ==7935== by 0x420158D3: __libc_start_main (in /lib/i686/libc-2.2.93.so)

Recompiling wmc with -O0 and rerunning, I get ==7970== Invalid read of size 4 ==7970== at 0x804C73E: yyparse (./mcy.y:232) ==7970== by 0x804AA3B: main (wmc.c:256) ==7970== by 0x420158D3: __libc_start_main (in /lib/i686/libc-2.2.93.so) ==7970== by 0x8048D6C: (within /home/dank/wine-20021125/tools/wmc/wmc) ==7970== Address 0x4106E5E4 is 8 bytes inside a block of size 24 free'd ==7970== at 0x4015D715: free (vg_clientfuncs.c:182) ==7970== by 0x804D2F4: do_add_token (./mcy.y:434) ==7970== by 0x804C731: yyparse (./mcy.y:231) ==7970== by 0x804AA3B: main (wmc.c:256)

Looking at y.tab.c, I see the bug is that do_add_token sometimes frees its 2nd argument, which trips up the following line sometimes. Here's the sequence that crashed:

do_add_token(tok_language, yyvsp[-6].tok, "language"); if(!find_language(yyvsp[-6].tok->token) && !find_cpxlat(yyvsp[-6].tok->token))

These come from mcy.y:

do_add_token(tok_language, $1, "language"); if(!find_language($1->token) && !find_cpxlat($1->token))

Can someone who knows wmc have a look? - Dan