Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox needs a memory limit

more options

Firefox needs a limit on memory usage. I was developing a tiny web page on Linux (PopOS) and accidentally created an endless loop in Javascript that ate memory (by growing an array). My entire OS became inoperable and had to be hard-rebooted. I was surprised this could happen due to Javascript (a sandboxed browser language), running in a web page (a sandboxed app) running in a Firefox browser that is supposed to protect users from the world wild web. One errant line of legal Javascript in HTML should not equate to a denial-of-service attack.

A sensible approach would be similar to the nice warning given when a script takes too much CPU, offering the user the choice to continue or stop the script when a tab exceeds some reasonable size: a fixed MB size, or say 10% of real RAM memory.

Ideally there should also be some hard limit calculated by Firefox according to the machine's available memory and Firefox's reasonable percentage of it. For example, maybe limit Firefox (all tabs combined) to 50% or maybe 75% of real memory, so that the O/S has a reasonable chance to remain operational so that a bad tab can be closed. Otherwise, Firefox could cause the O/S to lock up, resulting in data loss if there are tabs or other apps outside of Firefox that have unsaved changes.

Thanks for your consideration!

Firefox needs a '''limit''' on memory usage. I was developing a tiny web page on Linux (PopOS) and accidentally created an endless loop in Javascript that ate memory (by growing an array). My entire OS became inoperable and had to be hard-rebooted. I was surprised this could happen due to Javascript (a sandboxed browser language), running in a web page (a sandboxed app) running in a Firefox browser that is supposed to protect users from the world wild web. One errant line of legal Javascript in HTML should not equate to a denial-of-service attack. A sensible approach would be similar to the nice warning given when a script takes too much CPU, offering the user the choice to continue or stop the script when a tab exceeds some reasonable size: a fixed MB size, or say 10% of real RAM memory. Ideally there should '''also''' be some hard limit calculated by Firefox according to the machine's available memory and Firefox's reasonable percentage of it. For example, maybe limit Firefox (all tabs combined) to 50% or maybe 75% of real memory, so that the O/S has a reasonable chance to remain operational so that a bad tab can be closed. Otherwise, Firefox could cause the O/S to lock up, resulting in data loss if there are tabs or other apps outside of Firefox that have unsaved changes. Thanks for your consideration!

Chosen solution

I'm sure we've all done that more than once, but perhaps not with such dire consequences.

Could you file a new bug for this and, if you think it's security sensitive, mark it that way in your submission:

https://bugzilla.mozilla.org/

Read this answer in context 👍 1

All Replies (3)

more options

Chosen Solution

I'm sure we've all done that more than once, but perhaps not with such dire consequences.

Could you file a new bug for this and, if you think it's security sensitive, mark it that way in your submission:

https://bugzilla.mozilla.org/

more options

Thanks for the quick response! I'll file the bug report.

more options

Actually, I just added my comments to two open bug reports that are 3-4 years old. Hopefully they will attract renewed attention. The two old bugs are:

1437470: Per-compartment hard limits on memory usage 1537871: Hard crash the browser if it uses more memory than a specified limit