655 FF bugs and 71 security leaks 

DavidR · 2006-09-08T16:48:09.000Z

My firefox with 18 extensions takes 8-9 seconds to load, but I’m not in that much of a rush, it only gets loaded once per day.

As M2 said even without extensions it is still slow probably a whole 6 secs on my system, which isn’t by any means fast. I think we get a little spoilt with speed, in this instant internet age, internet pages have to load instantly, we forget what it used to be like on a 8086 CPU computer, 9600 or 14400 modems, windows 3.1, etc. so 9 seconds in the greater scheme of things doesn’t make me consider going back to IE (no thanks).

szc · 2006-09-08T16:52:34.000Z

No way, going back… I meant on going forward to IE7 ;D

system · 2006-09-08T17:21:52.000Z

Well Firefox is optimized for Linux(so i have read somewhere) but it would certainly be nice if the developers could optimize it a little more for windows too, so that it starts a little faster(it’s really blazing fast on linux) …

polonus · 2006-09-08T19:23:08.000Z

Hi M2,

How can szc state that all those extensions are making FF or Flock that heavy to fire up, some have 45 kb, the heaviest has a meagre 450 kb. No it must have something to do with the allocation table, and the uneconomical way it does its work. It has to do with the lay-out of the browser, and it has to do with coding (race conditions etc.), idle code running.
As I said in other postings they have to go through the coding with a fine comb and brush, security scanning the codes, run it through a recompiler. Give it the sec consult.
But there is a lot the coders are not to be blamed for. DLL errors, the main route to letting a browser crash, can be a version thing, one version of the DLL has another functionality, or even worse lacks some vital functionality.
An example with the Browzar crapola briwser shell weighing nothing was a MSHTML.DLL error, because you make a call to a redirect in another domain, and some versions of this Microsoft DLL cannot handle that, the shell make IE crash. Also MFC42.DLL import crashes in Browzar are heard of.
FF makes some 73 imports inside the NSPR4.DLL.
JAR50.DLL can make errors in opening NSPR4.DLL, DLC4.DLL, PLDS4.DLL & XPCOM_CORE.DLL, this leads to errors opening files, allocation errors, profile corruption things cause it.
The thing should be compiled with a huge memory model.
Extensions can have compatibility issues, not overload issues.

polonus

system · 2006-09-08T20:15:26.000Z

Mozilla already use Coverity http://gemal.dk/blog/2006/05/18/mozilla_and_coverity/ Not to blame anyone but they are probably aware of most bugs and wont go "THANKS we newer knew… " See Bugzilla. Use that instead of blog of “researcher”.

I know up to 50-60 extensions runs just fine but to keep the “original” stability/speed you really need to put more effort in installation than just click away at Add-on site. They do a poor job at informing users that it can go wrong. So is extension developed actively, what are known bugs, does it conflict with FF or other extension and so on. Most of the top 10 or so extensions have had or still have memory leaks or worse problems. Starting to get better thanks to tools like Leak Monitor http://dbaron.org/mozilla/leak-monitor/ (dont run any extension which tricker it - bad QA) but still much “crap” to install. Too bad 1.5.0.x or Flock is part of that “crap” 8) Try Gmail or any Vbulletin forum just for a start. 2.0 is big step forward I think though it might not appear to be a revolution. That is what bug-hunting is about, being done every day.

Size in kb of extension have nothing to do with memory use or how “heavy” it feels btw.

Someone at Mozillazine wrote in a forumpost that they (Mozilla) should do what his company did. Once in a while they did a version of their whatever software with zero new features - only cleanup and optimizations. Who will disagree with that when it comes to Firefox? Known problem but guess unavoidable due to the way it is made. Patchwork, many inputs from many different people etc. And of course the competition, release demand. I still believe they are on top of things and that espeically 2.0 shows it. The somewhat broken/strange new theme is a minor and probably temporary problem, engine room is more important.

polonus · 2006-09-08T21:20:06.000Z

Hi dk70,

Fully agree with you that there can be unknown compatibility problems with some extensions (MacAfee SiteAdvisor was an example recently with all the jar50.dll crashes), and how these add-ons and plug-ins work out on each other. There are also code discrepancies as well, and secure code issues (race conditions).
But I cannot understand the users of the closed software browsers, when they rather like to feel secure not knowing what insecurities they have not heard of (security through obscurity).
With FF or Flock security one is to know more or less where you/we stand. With IE7 you take a blank check on the future.

And when you know where the main vectors are to infect your computer (mainly script and Flash). When you can pre-scan links, or you have some indication of the insecurity of a possible search query hyperlink (GeoTrust, SiteAdvisor), and avast Webshield running inside, the rest of your vulnerability window that is left open is made up by the online risks you run (surfing habits/attitude).
The major problems left are made up by instability issues.
Too much of firefox -p or flock -P?
No I think honesty is the best policy, and will render best results.

polonus

szc · 2006-09-08T21:53:23.000Z

Spending so much time thinking about security deals with paranoia my friend. If users spend all their free time on the internet searching on how to lock their computers and securing themselves from who knows who (maybe Cylons), not much time will left for them to at least try to be creative and do something creative using their computers. Why not simply unplug the internet cable and problem solved ?

Now about the Flash… just because it uses ActiveX (sometimes, not always especially not if developer doesn’t want to use it), what damage can my web site possibly give to you or your computer ? Here is one of those I made: www.peepers.ca

polonus · 2006-09-08T22:06:09.000Z

Hej Sasha,

Everybody is got to do what he likes to do. You wanna be creative on the Net, others like dk70 and little old me like to delve into security issues, because it is interesting to look for solutions. You want to know why things work or not, and why? You do not have this inclination. If I can see something interesting in a nice patch.
Now in this thread dk70 mentioned mem leaks, then polonus finds that memory leaks in FF can add up to a nice total of 500 MB daily. And we have something to discuss.
That is all the Flash Sasha needs to make some nice Avatars. How many Avatars would that be, Sasha?
I know security has it limits, and that the best firewall runs through the open fireplace, and the best security tool is a pair of pliers. But then everybody is entitled to his or her hobbies, right?

pozdravi,

the old pol

szc · 2006-09-08T22:22:30.000Z

Except I could never use Flash to make avatars, simply because this forum doesn’t support Flash even though we have INSERT FLASH tag when posting in this forum. Avatars are not my priority nor hobbi, I just do that on people’s request to make them happy if possible. I use simple graphic editing tools to create avatars, everyone could do it in no minutes if I show him how… if they would look exactly the same as mine, or better or worse, that depends on individuals.

My work span spreads far more than just simple avatars. When I am really, really, really tired of the primary work I do, then I close my eyes and do some avatars to release the pressure.

system · 2006-09-08T22:27:41.000Z

hey szc and the old polonus…do you know if they are ANY themes available for flock and the google toolbar extension seems very unstable…had to uninstall it-do you know of this problem?

http://extensions.flock.com/themes/

polonus · 2006-09-08T22:40:50.000Z

Look at the other one I posted in the general about add-ons.

I made a bookmarklet with the crunchator, and copied the leak of the wrong hanging pointer from Leak Monitor here:

Leaks in window 0x33b5c08:
[+] [leaked object] (1a13348) = [object Object]
[-] wrappedJSObject (1a13348) = [object Object]
type = insert
action = newbookmark
[+] item (1a13368) = [xpconnect wrapped nsIRDFResource]
[+] 0 (198c230) = [xpconnect wrapped nsIRDFResource]
Value = rdf:#$C4hvU
[-] QueryInterface (198c340) = function QueryInterface() {
[native code]
}
[-] EqualsNode (198c348) = function EqualsNode() {
[native code]
}
ValueUTF8 = rdf:#$C4hvU
[-] Init (198c398) = function Init() {
[native code]
}
[-] EqualsString (198c3b0) = function EqualsString() {
[native code]
}
[-] GetDelegate (198c3d8) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (198c438) = function ReleaseDelegate() {
[native code]
}
[+] parent (1a13370) = [xpconnect wrapped nsIRDFResource]
[+] 0 (1a212e0) = [xpconnect wrapped nsIRDFResource]
Value = NC:BookmarksRoot
[-] QueryInterface (198c1a8) = function QueryInterface() {
[native code]
}
[-] EqualsNode (198c1b0) = function EqualsNode() {
[native code]
}
ValueUTF8 = NC:BookmarksRoot
[-] Init (198c1c8) = function Init() {
[native code]
}
[-] EqualsString (198c1d0) = function EqualsString() {
[native code]
}
[-] GetDelegate (198c1d8) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (198c200) = function ReleaseDelegate() {
[native code]
}
[+] index (1a13380) = 6
0 = 6
[+] removedProp (1a13398) =
0 = null
[+] Properties (1a20e58) = [xpconnect wrapped nsIRDFResource],[xpconnect wrapped nsIRDFResource],[xpconnect wrapped nsIRDFResource],[xpconnect wrapped nsIRDFResource],[xpconnect wrapped nsIRDFResource],[xpconnect wrapped nsIRDFResource]
[+] 0 (1a200b8) = [xpconnect wrapped nsIRDFResource]
[-] QueryInterface (1944d38) = function QueryInterface() {
[native code]
}
[-] EqualsNode (1944d48) = function EqualsNode() {
[native code]
}
Value = http://home.netscape.com/NC-rdf#Name
ValueUTF8 = http://home.netscape.com/NC-rdf#Name
[-] Init (1945010) = function Init() {
[native code]
}
[-] EqualsString (1945298) = function EqualsString() {
[native code]
}
[-] GetDelegate (1945398) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (19453b0) = function ReleaseDelegate() {
[native code]
}
[+] 1 (1a200c8) = [xpconnect wrapped nsIRDFResource]
[-] QueryInterface (19457c0) = function QueryInterface() {
[native code]
}
[-] EqualsNode (18a2190) = function EqualsNode() {
[native code]
}
Value = http://home.netscape.com/NC-rdf#URL
ValueUTF8 = http://home.netscape.com/NC-rdf#URL
[-] Init (18a21b0) = function Init() {
[native code]
}
[-] EqualsString (18a21b8) = function EqualsString() {
[native code]
}
[-] GetDelegate (18a21c0) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (18a21d0) = function ReleaseDelegate() {
[native code]
}
[+] 2 (1a200d8) = [xpconnect wrapped nsIRDFResource]
[-] QueryInterface (18a2290) = function QueryInterface() {
[native code]
}
[-] EqualsNode (18a22b0) = function EqualsNode() {
[native code]
}
Value = http://home.netscape.com/NC-rdf#ShortcutURL
ValueUTF8 = http://home.netscape.com/NC-rdf#ShortcutURL
[-] Init (18a22d8) = function Init() {
[native code]
}
[-] EqualsString (18a22e0) = function EqualsString() {
[native code]
}
[-] GetDelegate (18a2300) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (18a2320) = function ReleaseDelegate() {
[native code]
}
[+] 3 (1a200e8) = [xpconnect wrapped nsIRDFResource]
[-] QueryInterface (18a23e0) = function QueryInterface() {
[native code]
}
[-] EqualsNode (18a23e8) = function EqualsNode() {
[native code]
}
Value = http://home.netscape.com/NC-rdf#Description
ValueUTF8 = http://home.netscape.com/NC-rdf#Description
[-] Init (18a2d38) = function Init() {
[native code]
}
[-] EqualsString (18a2dd0) = function EqualsString() {
[native code]
}
[-] GetDelegate (18a2dd8) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (18a2de0) = function ReleaseDelegate() {
[native code]
}
[+] 4 (1a200f8) = [xpconnect wrapped nsIRDFResource]
[-] QueryInterface (18a30e0) = function QueryInterface() {
[native code]
}
[-] EqualsNode (18a3100) = function EqualsNode() {
[native code]
}
Value = http://home.netscape.com/NC-rdf#WebPanel
ValueUTF8 = http://home.netscape.com/NC-rdf#WebPanel
[-] Init (18a32b8) = function Init() {
[native code]
}
[-] EqualsString (18a33a0) = function EqualsString() {
[native code]
}
[-] GetDelegate (18a33b0) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (18a3408) = function ReleaseDelegate() {
[native code]
}
[+] 5 (1a20108) = [xpconnect wrapped nsIRDFResource]
[-] QueryInterface (18a3c18) = function QueryInterface() {
[native code]
}
[-] EqualsNode (18a3c20) = function EqualsNode() {
[native code]
}
Value = http://home.netscape.com/NC-rdf#FeedURL
ValueUTF8 = http://home.netscape.com/NC-rdf#FeedURL
[-] Init (18a3cb0) = function Init() {
[native code]
}
[-] EqualsString (18a3cc0) = function EqualsString() {
[native code]
}
[-] GetDelegate (18a3cd0) = function GetDelegate() {
[native code]
}
[-] ReleaseDelegate (18a3d00) = function ReleaseDelegate() {
[native code]
}
[+] container (1a13360) = [xpconnect wrapped nsIRDFContainer]
[+] QueryInterface (d3ca58) = function QueryInterface() {
[native code]
}
prototype (1a134e0) = [object Object]
DataSource = null
Resource = null
[+] Init (17efff8) = function Init() {
[native code]
}
prototype (1a133d0) = [object Object]
[+] GetCount (1952f48) = function GetCount() {
[native code]
}
prototype (1a13340) = [object Object]
[+] GetElements (17c1310) = function GetElements() {
[native code]
}
prototype (1a132e8) = [object Object]
[+] AppendElement (17c1478) = function AppendElement() {
[native code]
}
prototype (1a132c8) = [object Object]
[+] RemoveElement (17c1ec0) = function RemoveElement() {
[native code]
}
prototype (1a13290) = [object Object]
[+] InsertElementAt (17c1ee8) = function InsertElementAt() {
[native code]
}
prototype (1a13260) = [object Object]
[+] RemoveElementAt (17c1f00) = function RemoveElementAt() {
[native code]
}
prototype (1a131e0) = [object Object]
[+] IndexOf (17c1f18) = function IndexOf() {
[native code]
}
prototype (1a131b8) = [object Object]

polonus

szc · 2006-09-08T22:43:57.000Z

Hey Polonus the Damian my friend ! ;D ;D

Have you found any security threat coming from the Flash page I posted link for in one of those previous links ? I am really interested what’s happening in the background even though I have no clue what could be happening when my intention was just to please my wonderful client from Vancouver and give her small but still beatiful web site.

Cheers !

EDIT: All I know is that I never ever enabled anything in Flash that would by any way try to breach my site visitor’s security.

system · 2006-09-08T22:46:07.000Z

Haha that was a good one ;D

system · 2006-09-08T23:05:50.000Z

Not sure what you made to tricker Leak Monitor but try again with 2.0 or even in 1.5.0.7 RC5 http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/1.5.0.7-candidates/rc5/

Anyway, what we dont know is the bookmarks of Polonus 8) Certain type of sites are more likely to increase demand for tighter security than others. My feeling is if you can manage so much security stuff you either do visit risky sites or you dont really have actual need for them. Awareness or human factor is good enough protection. Not so much awareness among those Myspace users who recently got in trouble with their not updated most likely “cheap” XPs - still SP1 but they knew. Some dont care and just reformat or fix themself up with Anti-Spyware programs. People are different.

Matter of definition of course, if you count tracking cookies as a form of spyware/evil that must go away start protecting. And trust! I trust Opera, Firefox and IE7 to have high security as a goal. Dont think they can even compete on this issue any more. There will be single events showing a hole from time to time but I think it will be closed before it becomes a general problem. Goes for all 3 of them - though we might only hear most about Firefox “thanks” to open source policy. No bug is too small for Bugzilla which is good. When Microsoft give away a tool like Windows Defender they are aware and when Microsoft are aware rest have been since long. Not like you need 3rd party tools to avoid getting attacked. Can increase security for sure.

If it helps I remember a problem some had with Google toolbar or rather the phishing database. If you chose active protection during installation, each url send to Google, then it can get weird. Or at least some probably now fixed version could. Can also eat some cpu cycles. If you chose passive protection, only local database used, you should avoid most problems. Google toolbar itself should be pretty stable. Could be a Flock only problem, dont know…

polonus · 2006-09-08T23:18:50.000Z

Hi dk70,

The bookmarklet of Polonus? Just a demo from the page on Memory Leaking in Wikipedia, patched the piece of demo code there in the Crunchator, and Leak Monitor leaked the results. Nothing to do with risky surfing. Just to demonstrate a point,

polonus

system · 2006-09-08T23:43:33.000Z

Yeah Leak Monitor works and author is a known figure and contributor to Firefox code/fixes. Think I read some Mozilla Chief Engineer something giving him much credit for 2.0 improvements (bug-hunting I assume). I can tell you many a website/javascript triggered it when I used 1.5.0.x Now on 2.0 it hardly ever happens. Some extensions still make it go crazy. I dont think Mozilla Add-on site should approve extensions which triggers monitor but they obviously do and some extension makers still dont test that much.

I somehow doubt every leak means 500mb used or no one would be able to use Gmail for long but it probably have some negative impact on “memory management”. In some cases may be even stability.

polonus · 2006-09-09T18:08:52.000Z

Hi dk70, the leaks are meant to be taken as cumulative leakage over a full 24 hours, not only mem leaks but also idle mem waste.

From your responses, it can be fairly concluded that you are a coder, and you know your way around browsers and appl. quite some bit.

Question to you, why you rank the coders of Flock amongst the crapola crowd? What are the problems with Flock in your opinion.

polonus

PS a tweak to free up some mem in FF:

Start Firefox (yeah, I know… duh.)
type “about:config” in the address bar and hit enter (don’t type the double-quotes)
type “config.trim_on_minimize” (again, not the double-quotes) into the Filter field. Odds are, you won’t have this preference but we should check first.
1. If you DO have the preference, make sure it is set to true
2. If you do NOT have the preference, add it
  1. Right click anywhere in the preference list and select New → Boolean
  2. Preference name should be “config.trim_on_minimize”
  3. Select true for the value
Close Firefox and then reopen it.

That should be all it takes. To verify you got it right, load up a few pages in a few tabs. Start up task manager or your platform’s monitoring tool of choice and see how much memory Firefox is using. Now, minimize Firefox…

D

system · 2006-09-09T19:23:50.000Z

No I have never coded anything except batchfiles.

Did I say anything bad about Flock I should have deleted it. However it share same code as 1.5.0.x and so also the same bugs making it very hard to use a tool like Leak Monitor for a longer periode. Must have been what I meant. Flock is clearly more than just extension pack. http://screencastsonline.com/sco/Shows/files/6bab7806ed46d123ba0175a8a90fcff3-82.html Not for everyone of course. I might use it if it was using 2.0 code - which it will eventually.

If minimize setting dont do anything for used memory you can be sure FF is halfdead. Shows something has gone wrong, can rarely be fixed except by restarting. Should always go down to 10-30mb or so.

1.5 has some hefty max. values for ram cache. Defaults are changed/lowered in 2.0. Why not use those on 1.5/Flock? user_pref(“browser.cache.memory.capacity”, 24576); is what I use user.js with 2gb ram. Is default not my number and naturally helps making 2.0 look better - http://kb.mozillazine.org/Browser.cache.memory.capacity Fast forward/rewind cache I have lowered to 4 http://kb.mozillazine.org/Browser.sessionhistory.max_total_viewers

Have seen some getting better performance by killing this http://kb.mozillazine.org/Browser.chrome.image_icons.max_size I use user_pref(“browser.chrome.image_icons.max_size”, 32); because then I still get favicon but avoid perhaps troublesome thumbnailing.

FF wont ever be notepad no matter what.

polonus · 2006-09-09T20:01:31.000Z

Hi dk70, this could be used for mem trimming in components:

nsWindow.cpp 27 Oct 200 04:30:54 -0000
@@ -71,6 +71,7 @@
#include “nsTransform2D.h”
#include “nsIEventQueue.h”
#include <windows.h>
+#include <psapi.h>

// unknwn.h is needed to build with WIN32_LEAN_AND_MEAN
#include <unknwn.h>
@@ -275,6 +276,7 @@
static PRUint32 gLastInputEventTime = 0;

static int gTrimOnMinimize = 2; // uninitialized, but still true
+static int gRestoreSavedWorkingSet = 2; // uninitialized, but still true

#if 0
static PRBool is_vk_down(int vk)
@@ -1540,6 +1542,7 @@
(conveniently created before any visible windows and after
the profile has been initialized) */
gTrimOnMinimize = 1;

gRestoreSavedWorkingSet = 1;
nsCOMPtr prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
if (prefs) {
nsCOMPtr prefBranch;
@@ -1550,6 +1553,11 @@
&trimOnMinimize))
&& !trimOnMinimize)
gTrimOnMinimize = 0;
```
   PRBool restoreSavedWorkingSet;
```

   if (NS_SUCCEEDED(prefBranch->GetBoolPref("config.restore_saved_workingset",

                                            &restoreSavedWorkingSet))

```
       && !restoreSavedWorkingSet)
```
```
     gRestoreSavedWorkingSet = 0;
 }
```
}
}
@@ -3707,6 +3715,113 @@
return TRUE;
}

+static LPDWORD CaptureWorkingSet()
+{

SIZE_T dwBufferSize = 4096;
LPDWORD lpNewBufferData = (LPDWORD)HeapAlloc(GetProcessHeap(), 0, dwBufferSize);
if (!lpNewBufferData) {
return NULL;
}
// Keep enlarging the buffer until we are able to fully retrieve
// the working set array.
while (!QueryWorkingSet(GetCurrentProcess(), lpNewBufferData, dwBufferSize) ||

    (lpNewBufferData[0] + 1) * sizeof(DWORD) > dwBufferSize) {

dwBufferSize += 4096;
if (dwBufferSize > 512*1024) {

 HeapFree(GetProcessHeap(), 0, lpNewBufferData);

```
 return NULL;
```
}
LPDWORD lpResizedBuffer = (LPDWORD)HeapReAlloc(GetProcessHeap(), 0, lpNewBufferData, dwBufferSize);
if (!lpResizedBuffer) {

 HeapFree(GetProcessHeap(), 0, lpNewBufferData);

 lpResizedBuffer = (LPDWORD)HeapAlloc(GetProcessHeap(), 0, dwBufferSize);

```
 if (!lpResizedBuffer) return NULL;
```
}
lpNewBufferData = lpResizedBuffer;
}
return lpNewBufferData;
+}

+static void SaveOrRestoreWorkingSet(BOOL SaveOrRestore)
+{

static LPDWORD lpBufferData = NULL;
if (SaveOrRestore) {
// Save WorkingSet
LPDWORD lpNewBufferData = CaptureWorkingSet();
if (!lpNewBufferData) return;
// Swap in the new working set array, freeing any old one.
LPDWORD lpOldBuffer = (LPDWORD)InterlockedExchangePointer(&lpBufferData, lpNewBufferData);
if (lpOldBuffer != NULL) {

 HeapFree(GetProcessHeap(), 0, lpOldBuffer);

}
} else {
// Restore WorkingSet
LPDWORD lpLocalData = (LPDWORD)InterlockedExchangePointer(&lpBufferData, NULL);
if (lpLocalData != NULL) {

+#if 1

 // Capture a fresh copy of the WorkingSet so that we can measure

```
 // how much we're swapping in.
```

 LPDWORD lpTmpBufferData = CaptureWorkingSet();

```
 if (lpTmpBufferData != NULL) {
```
```
   DWORD dwNumPresent = 0;
```

   DWORD cPages = lpTmpBufferData[0];    // First DWORD is page count

   for ( DWORD i = 1; i <= cPages; i++ ) {

     DWORD pageAddr = lpTmpBufferData[i] & 0xFFFFF000;

     DWORD pageFlags = lpTmpBufferData[i] & 0x00000FFF;

     if ((pageFlags & 31) > 0 && (pageFlags & 31) < 16) {

```
       dwNumPresent++;
```
```
     }
```
```
   }
```

   HeapFree(GetProcessHeap(), 0, lpTmpBufferData);

```
   lpTmpBufferData = NULL;
```
```
   char tmpstatus[200];
```

   _snprintf(tmpstatus, sizeof(tmpstatus), "There are currently %u pages (%u KB) present.\n", dwNumPresent, 4 * dwNumPresent);

```
   OutputDebugString(tmpstatus);
```
```
 }
```

+#endif
+
+

 // Start forcing the pages back into memory.

```
 DWORD dwNumForced = 0;
```

 DWORD cPages = lpLocalData[0];    // First DWORD is page count

 for ( DWORD i = 1; i <= cPages; i++ ) {

   DWORD pageAddr = lpLocalData[i] & 0xFFFFF000;

   DWORD pageFlags = lpLocalData[i] & 0x00000FFF;

   if ((pageFlags & 31) > 0 && (pageFlags & 31) < 16) {

     // Force the page to be swapped in.

     IsBadReadPtr((VOID*)pageAddr, 4096);

```
     dwNumForced++;
```
```
   }
```
```
 }
```

 // Log how many pages were forced back into memory.

+#if 1

```
 char tmpstatus[200];
```

 _snprintf(tmpstatus, sizeof(tmpstatus), "Forced %u pages (%u KB) to become present.\n", dwNumForced, 4 * dwNumForced);

```
 OutputDebugString(tmpstatus);
```

+#endif
+

 // Put this workingset buffer back into the array so that it can

 // be used again until the workingset is captured again.

 if (InterlockedCompareExchangePointer((PVOID*)&lpBufferData, lpLocalData, NULL) != NULL) {

   // the exchange did not occur because a newer buffer was

   // already put in its place, so just free the older buffer.

   HeapFree(GetProcessHeap(), 0, lpLocalData);

```
 }
```
}
}
+}

// Check for pending paints and dispatch any pending paint
// messages for any nsIWidget which is a descendant of the
// top-level window that this window is embedded within.
@@ -4500,6 +4615,17 @@
::ShowWindow(mWnd, SW_SHOWMINIMIZED);
result = PR_TRUE;
}

```
 if (gRestoreSavedWorkingSet) {
```
```
   if (wParam == SC_MINIMIZE) {
```

     OutputDebugString("gRestoreSavedWorkingSet is saving the current working set\n");

```
     SaveOrRestoreWorkingSet(TRUE);
```

     OutputDebugString("gRestoreSavedWorkingSet is done saving\n");

```
   } else if (wParam == SC_RESTORE) {
```

     OutputDebugString("gRestoreSavedWorkingSet is restoring the original working set\n");

```
     SaveOrRestoreWorkingSet(FALSE);
```

     OutputDebugString("gRestoreSavedWorkingSet is done restoring\n");

```
   }
```
```
 }
 break;
```
default:

polonus

system · 2006-09-09T21:38:23.000Z

Go tell them at Bugzilla - anyone can contribute or at least get into a discussion. Problem is you can file a bug for 1.5.0.x only to be told it is fixed in 2.0 daily whatever = considered fixed by Mozilla though not yet available in official final release. Then there is 3.0 which I have not even tried! So hard for normal people to take part in. Firefox always on the move and often on different levels.

Anyway, I still think it would be nice to have a new version 2.1 or something which only had the goal of optimizing and cleaning. If you check some Mozilla blogs you can see some think about the compromise betweem adding and tuning http://gemal.dk/blog/2005/11/10/nice_checkins_for_the_weekend/ “It seems that reviewers generally like to review new functionality than to review changes/optimizations to current code” Just the way it is - current code is old in 6 months cause then we are targeting 3.0 so why bother!. There is probably some opensource/Mozilla/general market situation logic to this missing cleanup version. Normal users think: it works or it does not - and clearly it does. Remember most people dont install any or only very few extensions and they sure play a big part of memory problems. Possible only the “geek” group are crying that loud…

I need to check out Opera and IE7 some more but they wont be notepad either. We are in 2006 and if Firefox runs sweet on a computer with lets say 512mb ram what is there to complain about? As said before activate leak monitor on 1.5.0.x then try 2.0 - lots of progress, shaving off 1.5555 seconds of startup time is almost irelevant though they claim 2.0 have improved on that as well. Cant say I care or understand why it is so important so some people. Like XP boot time, I lack understanding.

Announcements