Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-57778

Linking to QtWebEngine redirects "operator new" due to chromium's allocator_shim.cc

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 5.9.0 Beta 2
    • 5.8.0 RC
    • WebEngine
    • None
    • Qt 5.8 git, Linux X11
    • 5c2cbfc

    Description

      Running some Qt apps in valgrind shows problems like this:

      ==4799== Mismatched free() / delete / delete []
==4799==    at 0x4C2A65D: operator delete(void*) (vg_replace_malloc.c:576)
==4799==    by 0x6CF853D: QVBoxLayout::~QVBoxLayout() (qboxlayout.cpp:1354)
==4799==    by 0x6D1CE90: QWidget::~QWidget() (qwidget.cpp:1594)
==4799==    by 0x6F631A1: QDialog::~QDialog() (qdialog.cpp:352)
==4799==    by 0x5152C85: Akonadi::EmailAddressSelectionDialog::~EmailAddressSelectionDialog() (emailaddressselectiondialog.cpp:92)
==4799==    by 0x401876: main (emailaddressselectiondialogtest.cpp:35)
==4799==  Address 0x279546e0 is 0 bytes inside a block of size 32 alloc'd
==4799==    at 0x4C29D78: operator new[](unsigned long) (vg_replace_malloc.c:423)
==4799==    by 0x5152DB7: Akonadi::EmailAddressSelectionDialog::Private::Private(Akonadi::EmailAddressSelectionDialog*, QAbstractItemModel*) (emailaddressselectiondialog.cpp:40)
==4799==    by 0x5152B22: Akonadi::EmailAddressSelectionDialog::EmailAddressSelectionDialog(QWidget*) (emailaddressselectiondialog.cpp:82)
==4799==    by 0x401681: main (emailaddressselectiondialogtest.cpp:35)

      Using "step" in gdb I found out that the new call at emailaddressselectiondialog.cpp:40 goes into.....

      qtwebengine/src/3rdparty/chromium/base/allocator/allocator_shim.cc

      146├>void* ShimCppNew(size_t size) {
147│   const allocator::AllocatorDispatch* const chain_head = GetChainHead();
148│   void* ptr;
149│   do {
150│     ptr = chain_head->alloc_function(chain_head, size);
151│   } while (!ptr && CallNewHandler());
152│   return ptr;
153│ }

      Indeed chromium's allocator_shim_override_cpp_symbols.h says

      SHIM_ALWAYS_EXPORT void* operator new(size_t size)
    SHIM_ALIAS_SYMBOL(ShimCppNew);

      I checked and this header doesn't end up included when compiling my cpp file.
      It looks more like the symbol exported by QtWebEngine/chromium ends up being used at runtime...

      And the corresponding delete, for a QObject, is done in QtCore so, I suppose, not redirected to the shim delete (I don't really know how this overriding works).

      Would it help if that custom operator new wasn't exported?
      Or maybe it should be disabled since chromium in QtWebEngine is "just a library" and shouldn't affect the whole application like this?

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-61521 symbol free, version Qt_5 not defined in file libQt5WebEngineCore.so.5 with link time reference

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              qt_webengine_team Qt WebEngine Team
              dfaure_kdab David Faure
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes