{"id":546,"date":"2011-02-09T05:00:01","date_gmt":"2011-02-08T18:00:01","guid":{"rendered":"http:\/\/blog.mozilla.org\/nnethercote\/?p=546"},"modified":"2011-02-09T05:00:01","modified_gmt":"2011-02-08T18:00:01","slug":"limits-of-reliability","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/nnethercote\/2011\/02\/09\/limits-of-reliability\/","title":{"rendered":"Limits of reliability"},"content":{"rendered":"<p>Julian Seward asked me an interesting question a while ago:\u00a0 &#8220;what are the factors that limit Firefox&#8217;s reliability?&#8221;\u00a0 (You can use &#8220;crash rate&#8221; as a reasonable definition of &#8220;reliability&#8221;.)<\/p>\n<p>He suggested two things:<\/p>\n<ol>\n<li>Firefox depends on external code, such as plug-ins.<\/li>\n<li>Many crashes are hard to reproduce and so don&#8217;t get fixed.<\/li>\n<\/ol>\n<p>For the first, Electrolysis (a.k.a. process separation) is on track to pretty much make it a non-problem.\u00a0 It&#8217;s already in place for Flash, and will eventually be for other plug-ins.\u00a0 So that&#8217;s good.<\/p>\n<p>For the second, I see two main sub-factors.<\/p>\n<ol>\n<li>Firefox is implemented in C++ which is prone to memory-related bugs and data races, both of which can make crash reproduction difficult.\u00a0 Using a safer language like <a href=\"https:\/\/github.com\/graydon\/rust\/wiki\/\">Rust<\/a> would make many (all?) of these bugs impossible.\u00a0 Unfortunately, Rust isn&#8217;t production-ready, and rewriting even parts of the browser is a huge undertaking.\u00a0 So we better get started ASAP \ud83d\ude42<\/li>\n<li>Second, Firefox has some nasty low-level code like the garbage collector;\u00a0 bugs in it be very difficult to reproduce.\u00a0 I don&#8217;t see an obvious way to improve this other than the usual:\u00a0 testing, code review, using simple algorithms, etc.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Julian Seward asked me an interesting question a while ago:\u00a0 &#8220;what are the factors that limit Firefox&#8217;s reliability?&#8221;\u00a0 (You can use &#8220;crash rate&#8221; as a reasonable definition of &#8220;reliability&#8221;.) He suggested two things: Firefox depends on external code, such as plug-ins. Many crashes are hard to reproduce and so don&#8217;t get fixed. For the first, [&hellip;]<\/p>\n","protected":false},"author":139,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[528,616,30],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/posts\/546"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/users\/139"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/comments?post=546"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/posts\/546\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/media?parent=546"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/categories?post=546"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/tags?post=546"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}