[Lazarus] Memory corruption when allocating and freeing 1 byte memory

Juha Manninen juha.manninen62 at gmail.com
Fri Feb 25 19:22:56 CET 2011


Hi

I fixed a nasty memory corruption issue in r29667.
It happens when TRegExpr is passed an empty source file.
SearchFrm.pas has:
     RE.InputString:=Src;

Then GetMem reserves only 1 byte of memory.
Then FreeMem causes a crash and Lazarus dies (in my machine, in certain 
conditions):

Marked memory at $00007F806D2E3D00 invalid
Wrong signature $1BD5F2DE instead of 4125C513
  $00000000005D12E2 line 678 of ../inc/heaptrc.pp
  $00000000005D1401 line 718 of ../inc/heaptrc.pp
  $00000000005C4586 line 291 of ../inc/heap.inc
  $0000000000F90D8A line 1187 of synregexpr.pas
  $00000000005BDD8F line 278 of ../inc/objpas.inc
  $00000000005F0C23 line 132 of ../objpas/sysutils/sysutils.inc
  $0000000001155D54 line 603 of searchfrm.pas
  $0000000001158607 line 873 of searchfrm.pas
  $0000000001157C34 line 780 of searchfrm.pas


No useful backtrace was available from gdb and I was looking for the reason 
for some time.
This may be a bug in FPC heap manager (?) maybe related to 64-bits.
My system is AMD 64-bit Fedora Linux.

The strange thing is that I experienced the crash only with QT bindings 
although the problem has nothing to do with widget bindings.
Strange...
I bet most developers can't reproduce my findings (again).

Juha




More information about the Lazarus mailing list