I use Firefox without extensions and plugins, and find it "leaks memory"; specifically, the memory footprint as seen via Win10 Ctl+Alt+Del Task Manager increases towards 2G over days of mult-tab use, whereupon the entire system slows down and becomes less responsive, while Firefox becomes as crabby as a sleepless toddler (prolly for much the same reasons).
For this reason, I use 32-bit Firefox, to limit its address range and thus impact on the rest of the system. Going 64-bit would only "solve" the problem in the same way a bigger gas tank would "solve" a leak, i.e. delay the onset of inevitable problems. 32 bits can address a 4G range, halved to 2G for signed offset addressing as is likely for Firefox's internal memory (mis-)management.
So when I saw "CVE-2020-15254: Undefined behavior in bounded channel of crossbeam rust crate" (seriously, WTF is a "crossbeam rust crate"?), I went Aha! And when I read "The impact on Firefox is undetermined", I went Aha! again, as in "geez Mozilla, don't you know Firefox leaks like a tennis net in a wind tunnel, haven't you even begun to wonder why?"
At the meta level, there's a familiar problem of per-instance vs. aggregate cost; since the days of DOS and Borland's program compilers, it's been "do we frequently ask the OS for small memory allocations, or do we seldom ask for large allocations and manages the details in-house?". Do you pull cash from an ATM for each cash purchase, or do you draw once a week and manage your own wallet of cash?
Such details may be managed in-house by Firefox developers, or more it's more likely "sub-contracted out" to some 3rd-party generic code library, prolly whatever came with the source code compiler or other development tools. As a cross-platform program, this is less likely to be handed off to the platform-specific OS; in fact, platform independence is a strong reason for in-house memory management.
Which brings us to another meta-level problem; "black box" code re-usability. The idea is that such blocks of code should hide their internal details and only expose a limited surface that is trivial enough to rely on (if all non-trivial code has bugs, keep all crucial code trivial!) but in practice they always leak, and such leaks may be exploitable - hence the CVE number.
No comments:
Post a Comment