Avi Drissman | e4622aa | 2022-09-08 20:36:06 | [diff] [blame] | 1 | // Copyright 2013 The Chromium Authors |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef BASE_PROCESS_MEMORY_H_ |
| 6 | #define BASE_PROCESS_MEMORY_H_ |
| 7 | |
avi | beced7c | 2015-12-24 06:47:59 | [diff] [blame] | 8 | #include <stddef.h> |
| 9 | |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 10 | #include "base/base_export.h" |
Etienne Dechamps | 4dacf2b | 2024-12-19 16:31:05 | [diff] [blame] | 11 | #include "base/check.h" |
[email protected] | dd4b5126 | 2013-07-25 21:38:23 | [diff] [blame] | 12 | #include "base/process/process_handle.h" |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 13 | #include "build/build_config.h" |
Etienne Dechamps | 4dacf2b | 2024-12-19 16:31:05 | [diff] [blame] | 14 | #include "partition_alloc/buildflags.h" |
| 15 | |
| 16 | #if PA_BUILDFLAG(USE_PARTITION_ALLOC) |
| 17 | #include "partition_alloc/oom.h" // nogncheck |
| 18 | #endif |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 19 | |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 20 | namespace base { |
| 21 | |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 22 | // Enables 'terminate on heap corruption' flag. Helps protect against heap |
| 23 | // overflow. Has no effect if the OS doesn't provide the necessary facility. |
| 24 | BASE_EXPORT void EnableTerminationOnHeapCorruption(); |
| 25 | |
| 26 | // Turns on process termination if memory runs out. |
| 27 | BASE_EXPORT void EnableTerminationOnOutOfMemory(); |
| 28 | |
Etienne Dechamps | 4dacf2b | 2024-12-19 16:31:05 | [diff] [blame] | 29 | #if PA_BUILDFLAG(USE_PARTITION_ALLOC) |
Bartek Nowierski | a9ac9273 | 2022-05-25 17:44:33 | [diff] [blame] | 30 | using partition_alloc::TerminateBecauseOutOfMemory; |
Etienne Dechamps | 4dacf2b | 2024-12-19 16:31:05 | [diff] [blame] | 31 | #else |
| 32 | inline void TerminateBecauseOutOfMemory(size_t) { |
| 33 | logging::RawCheckFailure("Out of memory"); |
| 34 | } |
| 35 | #endif |
Torne (Richard Coles) | f6e6c27 | 2021-01-26 16:58:40 | [diff] [blame] | 36 | |
Xiaohan Wang | 37e8161 | 2022-01-15 18:27:00 | [diff] [blame] | 37 | #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID) || \ |
| 38 | BUILDFLAG(IS_AIX) |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 39 | // The maximum allowed value for the OOM score. |
| 40 | const int kMaxOomScore = 1000; |
| 41 | |
| 42 | // This adjusts /proc/<pid>/oom_score_adj so the Linux OOM killer will |
| 43 | // prefer to kill certain process types over others. The range for the |
| 44 | // adjustment is [-1000, 1000], with [0, 1000] being user accessible. |
| 45 | // If the Linux system doesn't support the newer oom_score_adj range |
| 46 | // of [0, 1000], then we revert to using the older oom_adj, and |
| 47 | // translate the given value into [0, 15]. Some aliasing of values |
| 48 | // may occur in that case, of course. |
| 49 | BASE_EXPORT bool AdjustOOMScore(ProcessId process, int score); |
| 50 | #endif |
| 51 | |
Benoît Lizé | 70f64a0 | 2020-01-15 00:33:13 | [diff] [blame] | 52 | namespace internal { |
| 53 | // Returns true if address-space was released. Some configurations reserve part |
| 54 | // of the process address-space for special allocations (e.g. WASM). |
| 55 | bool ReleaseAddressSpaceReservation(); |
| 56 | } // namespace internal |
| 57 | |
Xiaohan Wang | 37e8161 | 2022-01-15 18:27:00 | [diff] [blame] | 58 | #if BUILDFLAG(IS_WIN) |
wfh | 8ca194a | 2016-07-20 02:06:54 | [diff] [blame] | 59 | namespace win { |
| 60 | |
Bartek Nowierski | a9ac9273 | 2022-05-25 17:44:33 | [diff] [blame] | 61 | using partition_alloc::win::kOomExceptionCode; |
wfh | 8ca194a | 2016-07-20 02:06:54 | [diff] [blame] | 62 | |
| 63 | } // namespace win |
| 64 | #endif |
| 65 | |
[email protected] | 29159eb | 2014-03-21 22:07:03 | [diff] [blame] | 66 | // Special allocator functions for callers that want to check for OOM. |
| 67 | // These will not abort if the allocation fails even if |
| 68 | // EnableTerminationOnOutOfMemory has been called. |
| 69 | // This can be useful for huge and/or unpredictable size memory allocations. |
| 70 | // Please only use this if you really handle the case when the allocation |
| 71 | // fails. Doing otherwise would risk security. |
[email protected] | e24b74f | 2014-03-29 17:30:40 | [diff] [blame] | 72 | // These functions may still crash on OOM when running under memory tools, |
| 73 | // specifically ASan and other sanitizers. |
[email protected] | 29159eb | 2014-03-21 22:07:03 | [diff] [blame] | 74 | // Return value tells whether the allocation succeeded. If it fails |result| is |
| 75 | // set to NULL, otherwise it holds the memory address. |
Benoit Lize | 69ecd9f72 | 2021-12-13 13:49:05 | [diff] [blame] | 76 | // |
| 77 | // Note: You *must* use UncheckedFree() to free() the memory allocated, not |
| 78 | // regular free(). This also means that this a pointer allocated below cannot be |
| 79 | // passed to realloc(). |
Daniel Cheng | 4455c984 | 2022-01-13 23:26:37 | [diff] [blame] | 80 | [[nodiscard]] BASE_EXPORT bool UncheckedMalloc(size_t size, void** result); |
| 81 | [[nodiscard]] BASE_EXPORT bool UncheckedCalloc(size_t num_items, |
| 82 | size_t size, |
| 83 | void** result); |
[email protected] | 29159eb | 2014-03-21 22:07:03 | [diff] [blame] | 84 | |
Benoit Lize | 69ecd9f72 | 2021-12-13 13:49:05 | [diff] [blame] | 85 | // *Must* be used to free memory allocated with base::UncheckedMalloc() and |
| 86 | // base::UncheckedCalloc(). |
Alison Gale | 47d1537d | 2024-04-19 21:31:46 | [diff] [blame] | 87 | // TODO(crbug.com/40208525): Enforce it, when all callers are converted. |
Benoit Lize | 69ecd9f72 | 2021-12-13 13:49:05 | [diff] [blame] | 88 | BASE_EXPORT void UncheckedFree(void* ptr); |
| 89 | |
Matt Wolenetz | dcb3201 | 2022-12-15 18:49:34 | [diff] [blame] | 90 | // Function object which invokes 'UncheckedFree' on its parameter, which should |
| 91 | // be a pointer resulting from UncheckedMalloc or UncheckedCalloc. Can be used |
| 92 | // to store such pointers in std::unique_ptr: |
| 93 | // |
| 94 | // int* foo_ptr = nullptr; |
| 95 | // if (UncheckedMalloc(sizeof(*foo_ptr), reinterpret_cast<void**>(&foo_ptr))) { |
| 96 | // std::unique_ptr<int, base::UncheckedFreeDeleter> unique_foo_ptr(foo_ptr); |
| 97 | // ... |
| 98 | // } |
| 99 | struct UncheckedFreeDeleter { |
| 100 | inline void operator()(void* ptr) const { UncheckedFree(ptr); } |
| 101 | }; |
| 102 | |
[email protected] | bac98410 | 2013-06-28 17:40:24 | [diff] [blame] | 103 | } // namespace base |
| 104 | |
| 105 | #endif // BASE_PROCESS_MEMORY_H_ |