|
Truga posted:app tells kernel "i'm gonna malloc 1tb rams" and the kernel says "ok, sure, here's a 1tb chunk of ram" that's actually probably only a mb or so initially, similar to how an "empty" sparse file would be on disk
|
# ? Aug 17, 2023 11:52 |
|
|
# ? Jun 10, 2024 11:33 |
|
Address space is cheap, using it for better isolation and cache patterns is virtuous.
|
# ? Aug 17, 2023 12:51 |
|
BlankSystemDaemon posted:You really don't see why it's funny that some JavaScript nonsense ends up taking over 1TB of memory? Many 64-bit CPUs support 256 TB virtual address spaces. It's common among OSes (Linux, I'd assume the BSDs, etc.) to split this in half so the lower 128 TB is user-controlled via mmap and the upper 128 TB is reserved for kernel mappings. It's also been best practice for a decade now for OSes to make use of the "entire" address space via address-space layout randomization (ASLR) where things the heap and stack location are (more or less) randomly placed within the address space on a per-process basis as otherwise placing these structures at fixed locations enables much greater opportunity for reliable exploitation of memory vulnerabilities. So, it's in this context that V8 reserves 1 TB (plus guard bands) (out of 128 TB on amd64) of address space for its own internal allocations, with the guarantee that any future memory exploits within V8's JIT can't read any contents of process memory outside that 1 TB (plus guard band) region. That's a pretty darn reasonable setup to ensure that V8 stays performant while also protecting your TLS keys. Again, just to emphasize, this doesn't mean that V8 "uses 1 TB of virtual memory" or anything like that. This is all about spacing out intra-process memory allocations to preemptively avoid exploits that leak sensitive data. Even then, the 1 TB sandbox size is mostly arbitrary--it could be made smaller. It seems the main drive is to support a "reasonable number" of 10 GB WebAssembly (wasm) sandboxes within a single V8 instance. ExcessBLarg! fucked around with this message at 13:06 on Aug 17, 2023 |
# ? Aug 17, 2023 13:04 |
|
ExcessBLarg! posted:Maybe it's worth taking a step back here. An important aspect of this is that there is no inter-process scarcity of userspace address space. If a v8[*]-bearing process uses 100kB, 1TB or 128TB of that address space—which is not about how much RAM is used, but rather just how that memory is “named”; an important thing for security when so very many security bugs come from faking or corrupting the memory names manipulated by programs—no other process is affected in any way. [*] whatever my personal feelings may be about the early v8 team, it’s one of the most sophisticated virtual machines and compilers in all of software, easily comparable to the .NET and JVM runtimes
|
# ? Aug 17, 2023 13:20 |
|
64 bit memory addressing is a curse. We never should have told developers about it.
|
# ? Aug 17, 2023 13:33 |
|
The extra cache traffic isn’t great, certainly, and I know that both Chrome and Firefox put off moving to 64-bit builds for a long time because of performance and memory consumption costs. (Chrome and v8 specifically go to some lengths to compress pointers to reduce those effects.) If the alternative is a bunch of segment-style addressing like Intel’s PAE stuff, though, and 4GB limits on process address space, then I think we ended up in a better place. If it makes you feel better, mostly the 64-bit pointers only have 39 and 57 bits of actual address and the rest are reserved in current architectures (required to be zero as addressed by programs, with some bits in the 64 bit value as metadata for things like pointer authentication).
|
# ? Aug 17, 2023 13:50 |
Truga posted:pro-tip: run discord in firefox, it runs way better and doesn't leak ram like a colander lmao Doesn't seem like there's any real advantage to it, since I'm pretty sure I've had video conferencing with both audio and video working in Firefox, and going the Electron route doesn't get global PTT hotkeys either. VictualSquid posted:Actually, how does VM work these days? If you got the system with 16GB ram and 16GB swap, what does allocating 1TB for firefox or whatever actually do? Everything I found by googling suggests that total VM allocation should be smaller then RAM+swap.
|
|
# ? Aug 17, 2023 13:52 |
|
i got tired of various apps not doing it correctly or not at all and finally solved global ptt by making a script that reads the device my ptt button is on and using pactl to unmute the mic in pulse/pipewire
|
# ? Aug 17, 2023 14:04 |
|
Subjunctive posted:An important aspect of this is that there is no inter-process scarcity of userspace address space. I think it's worth clarifying this: every process gets its own virtual address space. So running 128 electron apps at once that each use 1TB of reserved space is no problem and won't make the system run out of address space. The OS only cares about the memory that is actually in use. So when electron says "I'm reserving the address space from 0x10000000 to 0xfa7a5500" it's doing a thing that has not mattered since the 1980s or whenever the last time you sat in front of a real-mode OS. The program still goes through the motions of reserving space because maybe you are running a real-mode OS. But you aren't, and it affects the hard-core all-C program you love just as much as the giant javascript engine you hate. Mr. Crow posted:To be clear, electron is a turd though. For a long time I thought so too, but it was because every electron app I had experience with actually felt bad to use. Not because I was looking at memory allocation and deciding I knew better than google engineers. Like, programs would have a non-zero delay doing basic operations that felt like I'd stepped into a portal to the 90s. I tried the github atom editor at one point and was finally convinced to buy sublime text. Now I use an electron app (obsidian) running all the time and it's 100% fine. VS Code, also fine. Either electron itself got performance improvements, or people stopped writing lovely apps. Giving a poo poo that it uses a half GB of ram on a 32GB system is old man yelling at clouds. Giving a poo poo that it uses 1TB of virtual memory is uninformed old man yelling at clouds.
|
# ? Aug 17, 2023 15:40 |
|
I dislike electron because it looks like rear end on HiDPI displays. Maybe they fixed this recently, but I'm now vested in code-server, which uses the same browser I use for everything else.
|
# ? Aug 17, 2023 16:43 |
|
Electron is rear end because it has terrible ui/ux and the hilarious memory and security issues with it that are always popping up are just icing on the cake. Vscode is no exception. I really dont understand how people like vscode, gimme a real ide any day of the week. Hell visual studio is leaps and bounds above it, if i want a text editor I've got vim, sublime text, etc. This is probably indicative more with the people I'm working with but I'm constantly helping people with problems and just doing basic poo poo like run configurations for a python project people can't figure out. "Can you look into this build failure?" Does it build locally? "I couldn't figure out how to build it locally" as they're running a remote vscode session like dude just run the loving build script. You can't just set your working directory as part of your run configuration? (Yes I know you can in Vscode). Maybe I'm just internalizing frustrations and projecting because the dumbest people I work with are all obsessive about it but idk. I've never been impressed with it when I tried to use it personally. Mr. Crow fucked around with this message at 17:05 on Aug 17, 2023 |
# ? Aug 17, 2023 17:02 |
|
cruft posted:I dislike electron because it looks like rear end on HiDPI displays. I’m no electron fan but I’ve never noticed this. How is it any different than, say, Chrome rendering a website optimized for high res screens, which is pretty common?
|
# ? Aug 17, 2023 17:21 |
|
Last Chance posted:I’m no electron fan but I’ve never noticed this. How is it any different than, say, Chrome rendering a website optimized for high res screens, which is pretty common? Something to do with chromium and wayland and HiDPI. I dunno. I spent a while trying to fix it, found code-server, and haven't looked back. I did have to tell Chrome to use a different display back-end to keep it from looking like potato quality. There are no flags in electron; or if there are, their location wasn't obvious to me.
|
# ? Aug 17, 2023 17:27 |
|
Mr. Crow posted:I really dont understand how people like vscode, gimme a real ide any day of the week. Hell visual studio is leaps and bounds above it, if i want a text editor I've got vim, sublime text, etc. Before moving to vscode I was using Acme from Plan 9
|
# ? Aug 17, 2023 17:29 |
|
Is it normal for initrd to get kinda huge, or am I doing something stupid? Having some trouble upgrading from Ubuntu 20.04 to 22.04 despite using apt autoremove to clean all but two kernels out of a 473MB boot partition, and noticing I indeed have little space. These are all just whatever Ubuntu has built for me by default during normal usage of apt and stuff, I don't really know anything about compiling my own:code:
|
# ? Aug 17, 2023 17:56 |
|
Lore Crimes posted:Is it normal for initrd to get kinda huge, or am I doing something stupid? Having some trouble upgrading from Ubuntu 20.04 to 22.04 despite using apt autoremove to clean all but two kernels out of a 473MB boot partition, and noticing I indeed have little space. These are all just whatever Ubuntu has built for me by default during normal usage of apt and stuff, I don't really know anything about compiling my own: Uncompress the initrd and check what is using all the space.
|
# ? Aug 17, 2023 18:08 |
|
The standard distribution initrds tend to be large because you might have your encrypted root partition on ntfs-over-iSCSI using some ATM adapter, so it’s got pretty much everything in it. I believe there are tools that will prune your initrd to just be “stuff that is loaded now”, but I can’t remember the name of the one I’m thinking of.
|
# ? Aug 17, 2023 18:12 |
|
Lore Crimes posted:
Yes.
|
# ? Aug 17, 2023 18:56 |
|
Saukkis posted:Uncompress the initrd and check what is using all the space. Thanks for this, learned something new. Yeah looks like two thirds of that is related to nvidia drivers which I suppose is the price one pays. Gonna need a bigger /boot. Thanks all.
|
# ? Aug 17, 2023 19:23 |
Klyith posted:Apparently, sandboxing your javascript by putting it in a couple of small boxes, and then putting the small boxes into a giant empty box, which makes it very easy to catch if the javascript ever tries to escape from the small box into the big box. Capsicum is the sandboxing environment that Google (and the FreeBSD Foundation, as well as DARPA) sponsored folks at University of Cambridge to develop, and was intended to be fully cross-compatible. ExcessBLarg! posted:Maybe it's worth taking a step back here. Also, I specifically linked the example from top and even included the part about it using ~450MB, because that's the resident set size. BlankSystemDaemon fucked around with this message at 21:34 on Aug 17, 2023 |
|
# ? Aug 17, 2023 21:31 |
|
BlankSystemDaemon posted:I know all of this, but how often do you run into a process that actually requests over 1TB of virtual memory? We have tens of thousands of them at work, called databases!
|
# ? Aug 17, 2023 21:38 |
Subjunctive posted:We have tens of thousands of them at work, called databases! How often do you see non-production stuff that requests over 1TB of memory? Wait, that doesn't work either, because people insist that nodejs is made for production. Teaching sand to do maths was a mistake.
|
|
# ? Aug 17, 2023 21:43 |
|
If C can be used in production, the bar is low. Also, on macOS atop Apple Silicon by default all processes map 384GB of memory for talking to the GPU or something, so that’s a pretty decent head start in the quest for a terabyte. (Video editing apps can easily need to map 1 TB of data for serious work.)
|
# ? Aug 17, 2023 21:49 |
|
the part of this that actually seems weird is, why would you need to sandbox discord if it's a program the user chose to install? That mechanism exists so that arbitrary JS from random websites can't pwn your computer. it doesn't make sense in the context of electron
|
# ? Aug 17, 2023 21:51 |
|
Electron is a repurposing of the Chromium engine (which is designed to consume hostile content all day), and Chromium likely doesn’t think it’s very important to provide knobs to turn off security mechanisms, especially those like this which really have zero impact on the user or the system other than a big number showing up in top. But also, like any modern application framework, Electron provides a webview which needs to cope with such hostile content.
|
# ? Aug 17, 2023 21:56 |
|
Because Electron does as little effort as possible to incorporate Chromium and a 1 TB address space isn't actually a problem.
|
# ? Aug 17, 2023 21:57 |
|
VostokProgram posted:the part of this that actually seems weird is, why would you need to sandbox discord if it's a program the user chose to install? That mechanism exists so that arbitrary JS from random websites can't pwn your computer. it doesn't make sense in the context of electron I think a sandbox is reasonable when you consider Discord is presenting you arbitrary data from remote users and there is no guarantee of perfect security/sanitation by the Discord servers.
|
# ? Aug 17, 2023 22:00 |
|
BlankSystemDaemon posted:Sandboxing has very limited use (since exploits are typically chained together) It may have limited use for security, but: 1) every little bit helps 2) it also probably helps chrome kill bad javascript that might otherwise blow up the browser. I know I've occasionally found sites over the years that could crash firefox with some supremely terrible JS, and chrome would handle it. But also its free real estate. There's no downside to an app giving itself 1TB of virtual address space, other than you seeing 1TB memory in top and then getting clowned on. VostokProgram posted:the part of this that actually seems weird is, why would you need to sandbox discord if it's a program the user chose to install? That mechanism exists so that arbitrary JS from random websites can't pwn your computer. it doesn't make sense in the context of electron Electron apps are build on chromium, so the JS engine comes along for the ride. You could probably dig into it and reduce the virtual memory box, but why bother? Also while the JS that runs the discord client might be safe, some electron apps support addons or whatnot that might be less safe. Obsidian has plugins for example.
|
# ? Aug 17, 2023 22:06 |
|
Exploits are chained together because they need to be in order to overcome mechanisms like address space randomization, control-flow enforcement, memory protection modes, and other restrictions. There is a tremendous amount of survivor bias involved in looking at the population of successful exploitations only, and deciding that the mechanisms which have been defeated must therefore not have any use. Chrome has had many bugs in content handling that were not security-critical only because of another layer of protection, and during my time we suffered many security issues in Firefox that would have been prevented if we had implemented some of Chrome’s techniques. Security is a game of economics, not certainty, and raising the cost of exploitation (as well as, in many cases, making it less reliable or more detectable through errors or crashes surrounding the attack) is all you can do over the long term.
|
# ? Aug 17, 2023 22:13 |
|
Hadlock posted:I got this working in Dolphin now that I have a few minutes additional chapter in this saga dolphin on debian 12 apparently chokes trying to transfer 10+gb files from your phone camera to a network share. no issues with files under ~25mb, but just loving dies if you try to move a 110mb video across popOS with it's plucky "files" app is a champ and just loving does it. currently posting from popOS
|
# ? Aug 18, 2023 08:37 |
|
Hadlock posted:additional chapter in this saga I use Nemo, with its builtin "Connect to server" option, op. (Although the open as root in nemo is broken rn cause it doesn't know what DISPLAY:1 is vs DISPLAY:0?, too lazy to fix. I blame Nixos) (I think gnome's default Files sucks rear end!!!) alternately, if you're on KDE or even GNOME, can't you use GSConnect or KDEConnect? I Guess not if you have an iPhone.. ziasquinn fucked around with this message at 16:14 on Aug 18, 2023 |
# ? Aug 18, 2023 13:04 |
|
KDE Connect file transfer is superb and works everywhere, not just KDE
|
# ? Aug 18, 2023 13:08 |
|
spiritual bypass posted:KDE Connect file transfer is superb and works everywhere, not just KDE oh yeah for sure, I just was thinking like, "natively" which is kinda moot
|
# ? Aug 18, 2023 13:21 |
|
Hadlock posted:additional chapter in this saga Moving multiple gigabytes of files from a phone, I'd either connect it with a wire or use an app that was actively pushing from the phone (could be KDE Connect, could be a file manager app like Cx File Explorer). The other way where the phone is in the passive role, I wouldn't be 100% surprised if the phone broke the network connection from like powersave or whatever. OTOH I also wouldn't be surprised if Dolphin was the problem. When I first switched over to linux I was moving a lot of files around and had a semi-replicable bug where copying from my ntfs partitions made plasmashell blow up. I dunno how dolphin manages to gently caress up something as simple as moving / copying files, but it can. VVVV edit: it also stopped doing it the next time I got a set of KDE updates and has never re-occurred, but yeah I have the habit to cmdline for large file transfers Klyith fucked around with this message at 16:12 on Aug 18, 2023 |
# ? Aug 18, 2023 15:03 |
|
Honestly, I haven't entirely trusted kio since the dcop/dbus conversion.
|
# ? Aug 18, 2023 15:44 |
|
VostokProgram posted:the part of this that actually seems weird is, why would you need to sandbox discord if it's a program the user chose to install? That mechanism exists so that arbitrary JS from random websites can't pwn your computer. it doesn't make sense in the context of electron discord app just opens the website in its own window, so you still need the sandbox lol
|
# ? Aug 18, 2023 17:28 |
|
Klyith posted:OTOH I also wouldn't be surprised if Dolphin was the problem. When I first switched over to linux I was moving a lot of files around and had a semi-replicable bug where copying from my ntfs partitions made plasmashell blow up. I dunno how dolphin manages to gently caress up something as simple as moving / copying files, but it can. Yeah it's weird, dolphin just loving dies when it gets to large files moving off my phone The files app on popOS just has zero issues though I'd look into it more but I think my phone has like, I dunno 64 or 128gb storage so I just offload everything every 3 months or so. Looks like I last did this in May, and before that January. Windows has never had an issue and kind of assumed Linux GUI file managers had their poo poo together especially the default KDE one
|
# ? Aug 18, 2023 21:39 |
|
I know for me on Ubuntu in almost any browser if downloads hit > 50MB/s the browser is borderline unresponsive until transfer finishes. All other browsers will be fine.
|
# ? Aug 18, 2023 21:57 |
|
Is there a way to protect a password from being deleted (accidentally or maliciously) from pass? I like the package; it's a pretty secure way to store passwords but anyone could go into your system and just do pass rm [site name] if they wanted to gently caress you over. e: I guess I could alias it, but someone savvy enough could just bypass that... F_Shit_Fitzgerald fucked around with this message at 02:30 on Aug 20, 2023 |
# ? Aug 20, 2023 02:27 |
|
|
# ? Jun 10, 2024 11:33 |
|
If someone has access to your system, does it really even matter at that point?
|
# ? Aug 20, 2023 02:35 |