[PartitionAlloc] Increase the pool size on macOS

Some pages can allocate more than 8GiB in the malloc() partition. This was allowed on macOS previously, as there is no sandbox memory limit there. The move to PartitionAlloc thus led to some pages crashing due to OOM which were not previously. Increase the GigaCage size on macOS as a consequence. While a more general and better change is in https://chromium-review.googlesource.com/c/chromium/src/+/3383838, it is larger (depends on another change), and as a result harder to cherry-pick. (cherry picked from commit 8869179) Bug: 1232567 Change-Id: Ic785f77b896b56682fbd5c5effd28a4462de3b3c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3447347 Reviewed-by: Bartek Nowierski <bartekn@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Commit-Queue: Benoit Lize <lizeb@chromium.org> Cr-Original-Commit-Position: refs/heads/main@{#968357} Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3456383 Reviewed-by: Egor Pasko <pasko@chromium.org> Owners-Override: Benoit Lize <lizeb@chromium.org> Cr-Commit-Position: refs/branch-heads/4758@{#1147} Cr-Branched-From: 4a2cf4b-refs/heads/main@{#950365}
chromium · Feb 11, 2022 · ecb61f5 · ecb61f5
1 parent d6e5845
commit ecb61f5
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/base/allocator/partition_allocator/address_pool_manager_unittest.cc b/base/allocator/partition_allocator/address_pool_manager_unittest.cc
@@ -45,8 +45,8 @@ class PartitionAllocAddressPoolManagerTest : public testing::Test {
 
   AddressPoolManager* GetAddressPoolManager() { return manager_.get(); }
 
-  static constexpr size_t kPageCnt = 4096;
-  static constexpr size_t kPoolSize = kSuperPageSize * kPageCnt;
+  static constexpr size_t kPoolSize = kPoolMaxSize;
+  static constexpr size_t kPageCnt = kPoolMaxSize / kSuperPageSize;
 
   std::unique_ptr<AddressPoolManagerForTesting> manager_;
   void* base_address_;

diff --git a/base/allocator/partition_allocator/partition_alloc_constants.h b/base/allocator/partition_allocator/partition_alloc_constants.h
@@ -212,7 +212,17 @@ constexpr size_t kSuperPageBaseMask = ~kSuperPageOffsetMask & kMemTagUnmask;
 #if defined(PA_HAS_64_BITS_POINTERS)
 // The Configurable Pool is only available in 64-bit mode
 constexpr size_t kNumPools = 3;
+
+#if defined(OS_MAC)
+// Special-case macOS. Contrary to other platforms, there is no sandbox limit
+// there, meaning that a single renderer could "happily" consume >8GiB. So the
+// 8GiB pool size is a regression. Make the limit higher on this platform only
+// to be consistent with previous behavior. See crbug.com/1232567 for details.
+constexpr size_t kPoolMaxSize = 16 * kGiB;
+#else
 constexpr size_t kPoolMaxSize = 8 * kGiB;
+#endif  // defined(OS_MAC)
+
 #else
 constexpr size_t kNumPools = 2;
 constexpr size_t kPoolMaxSize = 4 * kGiB;