Linux: Build with use_allocator_shim=false

Issue #3095 new
Henri Beauchamp created an issue

Greetings,

I recent CEF/Chromium versions (v77+), the implementation of a SHIM causes CEF (compiled with use_allocator=none) to crash whenever it is used together with jemalloc under Linux.

The reason for that crash is that the hooking mechanism of the SHIM into malloc functions is totally flawed; the hook/override for malloc_usable_size() is not implemented in the same way as for all other malloc functions, and this results in CEF memory being properly allocated and deallocated by jemalloc, but in CEF wrongly calling libc’s malloc_usable_size() with an address of a memory block allocated by jemalloc.

Here is one of such crash I captured (CEF being used as a plugin from a Second Life viewer using jemalloc):

Thread 13 "ThreadPoolForeg" received signal SIGSEGV, Segmentation fault.
[Switching to LWP 8148]
0x00007ffff732fcf8 in malloc_usable_size () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff732fcf8 in malloc_usable_size () at /lib64/libc.so.6
#1  0x00007ffff27ded76 in  () at ~/CoolVLViewer-x86_64-1.28.1.0/lib/libcef.so
#2  0x0000000000000000 in  ()

There is an option to disable that SHIM, but alas you cannot compile CEF/Chromium with both ‘use_allocator=none' and 'use_allocator_shim=false' options (the compilation stops with a missing __libc_malloc symbol error).

The culprit code for the compilation failure resides (currently, i.e. for CEF v88) in chromium_git/chromium/src/base/process/memory_linux.cc and is in UncheckedMalloc().

Instead of:

#if BUILDFLAG(USE_ALLOCATOR_SHIM)
.../...
#elif defined(MEMORY_TOOL_REPLACES_ALLOCATOR) || \
    (!defined(LIBC_GLIBC) && !BUILDFLAG(USE_TCMALLOC))
  *result = malloc(size);
#elif defined(LIBC_GLIBC) && !BUILDFLAG(USE_TCMALLOC)
  *result = __libc_malloc(size);
#elif BUILDFLAG(USE_TCMALLOC)
  *result = tc_malloc_skip_new_handler(size);
#endif

It should read:

#if BUILDFLAG(USE_ALLOCATOR_SHIM)
.../...
#elif defined(MEMORY_TOOL_REPLACES_ALLOCATOR) || \
    (!defined(LIBC_GLIBC) && !BUILDFLAG(USE_TCMALLOC))
  *result = malloc(size);
#elif defined(LIBC_GLIBC) && !BUILDFLAG(USE_TCMALLOC)
  *result = malloc(size);
#elif BUILDFLAG(USE_TCMALLOC)
  *result = tc_malloc_skip_new_handler(size);
#endif

With this change implemented, CEF runs fine together with jemalloc…

Comments (11)

  1. Henri Beauchamp reporter

    I don't have a Google acount (and won’t create one)… So I cannot report bugs over there… 😕

  2. Marshall Greenblatt

    This issue requires review by the Chromium developers. It’s unlikely that this issue will be resolved any time soon if you’re unwilling to begin that process. Additionally, usage of jemalloc is specific to your application.

  3. Czarek Tomczak

    Working on the PR fix.

    Currently when you try to build master branch with the use_allocator_shim=false GN flag you get this error:

    [8609/47156] CXX obj/base/base/memory_linux.o
    FAILED: obj/base/base/memory_linux.o
    ../../third_party/llvm-build/Release+Asserts/bin/clang++ …………….. ../../base/process/memory_linux.cc -o obj/base/base/memory_linux.o
    ../../base/process/memory_linux.cc:122:13: error: use of undeclared identifier '__libc_malloc'
    *result = __libc_malloc(size);
    ^
    1 error generated.
    [8622/47156] CXX obj/base/base/file_path_watcher_linux.o

  4. Henri Beauchamp reporter

    @Czarek Tomczak

    While your pull request solves the building error, it does not solve the crash seen in CEF when used in conjunction with jemalloc. I am still using (with 100% success) my proposed solution for my builds (in use by the Cool VL Viewer).

  5. Log in to comment