top | item 45817402

(no title)

45% slower seems pretty decent considering they use a wasm kernel they developed to mimic the unix kernel so they can run non-modified unix programs inside the browser. It's actually pretty impressive that they did this, and even more impressive that it works and like another commentator said, is not even an order of magnitude slower.

I'm more interested in 1) usages of wasm in the browser that don't involve running unmodified unix programs and 2) wasm outside the browser for compile-once-run-anywhere usecases with sandboxing / security guarantees. Could it be the future for writing native applications?

Languages like Kotlin, C#, Rust, as well as C/C++ etc support wasm quite well. Could we see that be a legitimate target for applications in the future, if the performance gap was closer to 10%-ish? I would personally prefer running wasm binaries with guaranteed (as much as possible ofc) sandboxing compared to raw binaries.

edit: it's from 2019, there have been significant improvements made to wasm since then.

discuss

apitman|3 months ago

> wasm outside the browser for compile-once-run-anywhere usecases with sandboxing / security guarantees

I've been using it this way for DecentAuth[0]. It's awesome. I compile a single native codebase to wasm, and I can use my library from JS, Go, or Rust. New host languages only require about 1000 lines of glue. I don't have to worry at all about building for different architectures.

[0]: https://github.com/lastlogin-net/DecentAuth

wmf|3 months ago

wasm outside the browser for compile-once-run-anywhere usecases with sandboxing / security guarantees

Please just use Docker in a microVM or whatever. It's 0% slower and 100% more mature.

unoti|3 months ago

> Please just use Docker in a microVM or whatever. It's 0% slower and 100% more mature.

Wasm has different characteristics than docker containers and as a result can target different use cases and situations. For example, Imagine needing plugins for game mods or an actor system, where you need hundreds of them or thousands, with low latency startup times and low memory footprints and low overheads. This is something you can do sanely with wasm but not with containers. So containers are great for lots of things but not every conceivable thing, there’s still a place for wasm.

RussianCow|3 months ago

But way more difficult and with a much higher attack surface area.

And also, it's not necessarily apples to apples. It would be nice to be able to drop a compiled WASM module into your codebase and use it from just about any language on the backend. You could reuse a lot of code that way across different services without the overhead of spinning up yet another container. And you could potentially even run untrusted code in a sandboxed way.

saghm|3 months ago

Please just use a custom FPGA hand-coded to the exact specifications of the program. It's even less than 0% slower than Docker in a microVM, and unlike Docker, it at least provides one of the two benefits that you quoted from the parent comment. Good thing we already changed the parameters of what they said they're looking for!

almostgotcaught|3 months ago

not only is this a completely different use case, it's not even true:

https://stackoverflow.com/questions/60840320/docker-50-perfo...

rowanG077|3 months ago

Setting up docker and a microVM is orders and orders of magnitude harder and less ergonomic then using your browser. These are not at all interchangeable.

b_e_n_t_o_n|3 months ago

Getting an end user to set up and run docker to run an app is a non starter for most things.

jcelerier|3 months ago

does that allow me to do GPU and real-time audio work on windows and macos

eviks|3 months ago

Even for small plugins in your app?