Comment by ComputerGuru

Comment by ComputerGuru 2 days ago

9 replies

View on Hacker News

Running ffmpeg compiled for wasm and watching as most codec selections lead to runtime crashes due to invalid memory accesses is fun. But, yeah, it’s runtime safety, so going to wasm as a middle step doesn’t do much.

pizlonator 2 days ago

> Running ffmpeg compiled for wasm and watching as most codec selections lead to runtime crashes due to invalid memory accesses is fun.

For all you know that’s a bug in the wasm port of the codec.

> it’s runtime safety

So is Fil-C

The problem with wasm is that an OOBA in one C allocation in the wasm guest can still give the attacker the power to clobber any memory in the guest. All that’s protected is the host. That’s enough to achieve weird execution.

Hence why I say that wasm is a sandbox. It’s not memory safety.

Reply View 1 reply
[removed] 2 days ago
[deleted]
Reply View 0 replies
pjmlp 2 days ago

Finally reality is catching up with the WASM sales pitch against other bytecode formats introduced since 1958, regarding security and how great it is over anything else.

Reply View 5 replies
  • singpolyma3 2 days ago

    Warm was great because it was lightweight and easy to target from any language and create any custom interaction API with the host. That's becoming less true as they bolt on features no one needed (GC) and popularize standardized interfaces that contain the kitchen sink (WASI) but these things can still be treated as optional so it can still be used for much more flexible use cases than java or .net

    Reply View 4 replies
    • azakai 2 days ago

      > features no one needed (GC)

      WasmGC is absolutely necessary for languages like Dart, Kotlin, and Java, which are all using it right now successfully.

      But I get that if you're compiling C or Rust then it might seem like it isn't useful.

      Reply View 0 replies
    • mhjkl 2 days ago

      There’s no guarantee the toolchains will support WASM “preview” forever and make the bloat optional, and even if they do you could still end up in an ecosystem where it would be unviable. At some point you’re probably better off just compiling to RISCV and using an emulator library instead.

      Reply View 1 reply
      • apitman 2 days ago

        Fortunately core wasm is simple enough for a single person to implement an interpreter or even compiler for.

        Even if the major engines continue to pile on complexity we have a pretty good escape hatch I think.

        Reply View 0 replies
    • pjmlp 2 days ago

      Since 1958 (UNCOL) there have been more options than only Java or CLR MSIL.

      Reply View 0 replies