Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-57778

Linking to QtWebEngine redirects "operator new" due to chromium's allocator_shim.cc

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: P1: Critical P1: Critical
    • 5.9.0 Beta 2
    • 5.8.0 RC
    • WebEngine
    • None
    • Qt 5.8 git, Linux X11
    • 5c2cbfc

      Running some Qt apps in valgrind shows problems like this:

      ==4799== Mismatched free() / delete / delete []
==4799==    at 0x4C2A65D: operator delete(void*) (vg_replace_malloc.c:576)
==4799==    by 0x6CF853D: QVBoxLayout::~QVBoxLayout() (qboxlayout.cpp:1354)
==4799==    by 0x6D1CE90: QWidget::~QWidget() (qwidget.cpp:1594)
==4799==    by 0x6F631A1: QDialog::~QDialog() (qdialog.cpp:352)
==4799==    by 0x5152C85: Akonadi::EmailAddressSelectionDialog::~EmailAddressSelectionDialog() (emailaddressselectiondialog.cpp:92)
==4799==    by 0x401876: main (emailaddressselectiondialogtest.cpp:35)
==4799==  Address 0x279546e0 is 0 bytes inside a block of size 32 alloc'd
==4799==    at 0x4C29D78: operator new[](unsigned long) (vg_replace_malloc.c:423)
==4799==    by 0x5152DB7: Akonadi::EmailAddressSelectionDialog::Private::Private(Akonadi::EmailAddressSelectionDialog*, QAbstractItemModel*) (emailaddressselectiondialog.cpp:40)
==4799==    by 0x5152B22: Akonadi::EmailAddressSelectionDialog::EmailAddressSelectionDialog(QWidget*) (emailaddressselectiondialog.cpp:82)
==4799==    by 0x401681: main (emailaddressselectiondialogtest.cpp:35)

      Using "step" in gdb I found out that the new call at emailaddressselectiondialog.cpp:40 goes into.....

      qtwebengine/src/3rdparty/chromium/base/allocator/allocator_shim.cc

      146├>void* ShimCppNew(size_t size) {
147│   const allocator::AllocatorDispatch* const chain_head = GetChainHead();
148│   void* ptr;
149│   do {
150│     ptr = chain_head->alloc_function(chain_head, size);
151│   } while (!ptr && CallNewHandler());
152│   return ptr;
153│ }

      Indeed chromium's allocator_shim_override_cpp_symbols.h says

      SHIM_ALWAYS_EXPORT void* operator new(size_t size)
    SHIM_ALIAS_SYMBOL(ShimCppNew);

      I checked and this header doesn't end up included when compiling my cpp file.
      It looks more like the symbol exported by QtWebEngine/chromium ends up being used at runtime...

      And the corresponding delete, for a QObject, is done in QtCore so, I suppose, not redirected to the shim delete (I don't really know how this overriding works).

      Would it help if that custom operator new wasn't exported?
      Or maybe it should be disabled since chromium in QtWebEngine is "just a library" and shouldn't affect the whole application like this?

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            qt_webengine_team Qt WebEngine Team
            dfaure_kdab David Faure
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes