Hacker News new | ask | show | jobs
by amelius 1378 days ago
Probably a stupid question, but if you are building a sandbox on the server-side, why use WebAssembly rather than something more generic? There are so many sandboxing/container/VM environments available where you can run i86/arm code directly.
3 comments
bkolobara 1378 days ago
You can get a WebAssembly instance running in a few micro seconds. This makes it feasible to spawn a new sandbox for each request and scaling down to zero becomes almost trivial.

Another benefit is that you are not bound to a specific OS/arch. Lunatic lets you develop on macOs-arm64 and deploy on Windows-x64. Even container technologies widespread like Docker can't run on different CPU architectures. That proved to be a pain for people switching to the new M1 macs.

link
pjmlp 1378 days ago
Just like any other bytecode format since early 1960's.
link
marcosdumay 1378 days ago
My guess is that the resource protection of WASM is quite well made.

There are experimental or hobbyist VMs with great resource protection but that didn't receive a lot of attention, so they have all kinds of sharp edges. And there are mainstream VMs that all completely suck at resource protection even when it's one of the main goals of the project.

On the middle, with a good enough to be useful amount of protection, and receiving attention enough to be usable, there is basically only WASM.

I imagine there is an amount of javascript-like "I want whatever I have on the browser, so I'll have to learn less stuff" happening too. But I don't think it's as relevant, because there is much less to learn when picking a VM.

link
amelius 1378 days ago
Ok, how well are things like multithreading currently supported on WASM? How about shared memory (e.g. for efficient immutable structural sharing)? And does WASM support special instructions (memory barrier instructions come to mind) that allows one to implement (say) a garbage collected runtime on top of it?
link
marcosdumay 1378 days ago
The fact that it has a niche doesn't mean it's good for everything.
link
pjmlp 1378 days ago
Because a new wave of startups need to replicate everything what Java and CLR have done the last 20 years, sell it as modern and here we go again at yet another industry cycle.
link