
WebAssembly Threads ready to try in Chrome 70 - feross
https://developers.google.com/web/updates/2018/10/wasm-threads
======
kodablah
Quick notes... The threads feature is in proposed status vs others that are in
implementation status [0], but I assume this has been implemented before
things like multi-value. I wonder why threads first, I assume just for
experimentation. It should be noted that threads are essentially atomic memory
accesses and wait/notify, nothing for starting a worker inside of WASM or
anything, that is still in JS land. The test cases don't appear to include
wait/wake nor does the test case interpreter that I saw [1]. Also, "Report
issues" in the blog post links to [https://TBD](https://TBD).

0 -
[https://github.com/WebAssembly/proposals](https://github.com/WebAssembly/proposals)
1 -
[https://github.com/WebAssembly/threads](https://github.com/WebAssembly/threads)

~~~
tree_of_item
The example in the article creates a thread. Is that what you mean by
"starting a worker"? Because it does seem to be able to do that.

~~~
markdog12
Just to clarify, it creates Web Workers with JavaScript which share a
WebAssembly instance. This plumbing is done automatically when compiled with
Emscripten with the correct flags. You can't just take code that spawns
threads, create and run a single WebAssembly instance and have it work without
something like Emscripten that will do this plumbing for you. It must be done
via Web Workers, which are heavyweight, so you wouldn't want to be spawning
lots of them.

------
Waterluvian
What's a solid language choice for targetting wasm if I want to kick the
tires? Go?

~~~
eksemplar
.Net with Blazor.net is pretty neat.

C# doesn’t get a lot of love on HN, but we’re launching our first Blazor app
in production this week and it’s been pretty easy to use.

~~~
legulere
Blazor is (currently) using the mono .net interpreter compiled to WebAssembly.
This seems to me more of a proof of concept than something you would really
want to use.

With garbage collection support landing in WebAssembly we might see
compilation of .net IL to WebAssembly, but that’s still out in the future.

~~~
eksemplar
We found it good enough to build internal apps. Better than our current JS
setup because it’s far more productive.

It’ll make its way into .net core 3.0, so I think it’s more than just a poc.

It’s early of course and not very flexible, if you want to build something it
wasn’t meant for, it breaks.

~~~
singularity2001
what's the performance penalty of the mono VM?

~~~
eksemplar
Performance is fine, but it’s still too big for slow internet. A simple form
for turning in signed data and starting an internal service is easily a few
MB. Which isn’t a problem for internal solutions that never leave the
administrative network, but we’ll keep doing vue and graphql Apollo for our
apps that have to function on mobile networks for the time being.

------
m1el
What happened to concerns on Spectre/Meltdown being exploitable through high-
resolution timers implemented through shared buffers/multithreading in Chrome?

~~~
feross
Fixed by these:

\- Site Isolation ([https://www.chromium.org/Home/chromium-security/site-
isolati...](https://www.chromium.org/Home/chromium-security/site-isolation))

\- Cross-Origin Read Blocking ([https://www.chromium.org/Home/chromium-
security/corb-for-dev...](https://www.chromium.org/Home/chromium-
security/corb-for-developers))

~~~
bzbarsky
It's not fully fixed by those, for what it's worth; I'm happy to provide
examples outside a public venue. Chrome just decided it doesn't care about the
security holes it's creating in websites.

Other browsers are working on rolling out other mitigations they consider
security-critical before being OK with re-enabling SharedArrayBuffer.

------
denormalfloat
So, what's the memory model going to be? Without guarantees about the safety
of operation, how can anyone reason about the safety of the program?

~~~
teraflop
Some discussion here:
[https://github.com/WebAssembly/threads/issues/9](https://github.com/WebAssembly/threads/issues/9)

tl;dr if WASM shared memory is specified to follow the same rules as
SharedArrayBuffer, then atomic operations are sequentially consistent. Normal
memory accesses in the presence of data races may be inconsistent, but they
are still constrained (e.g. they must obey happens-before relationships).

------
ddtaylor
I tried searching does anyone know if this is available in Firefox yet?

~~~
willglynn
Nope:
[https://bugzilla.mozilla.org/show_bug.cgi?id=1389458](https://bugzilla.mozilla.org/show_bug.cgi?id=1389458)

WebAssembly threads mostly depend on SharedArrayBuffer, which was yanked by
everyone for security reasons. Chrome rearranged their browser memory model
and re-enabled it, which let them deliver this feature while everyone else
still has blockers.

[https://caniuse.com/#feat=sharedarraybuffer](https://caniuse.com/#feat=sharedarraybuffer)

~~~
bzbarsky
To be clear, Chrome re-enabled it without implementing mitigations that other
browsers are likely to consider a basic requirement before re-enabling. A
clear case of product or marketing trumping security...

~~~
Ajedi32
They implemented site isolation and cross-origin read blocking. Unless the OS
is also vulnerable, shouldn't that be enough to ensure sites can't access
anything not already accessible to the current origin?

~~~
bzbarsky
No, that's not enough. I can provide examples in a non-public venue.

~~~
mrep
Bold claim. If you can prove that, I'm sure google will give you a nice chrome
security payout for letting them know. If they won't, why not pull a Google
security style blog post exposing it?

~~~
bzbarsky
Google won't give me a payout for a problem they already know about. I know
they know about it, because we have discussed it with them. In case it wasn't
clear: I work on a web browser that is not Chrome.

> why not pull a Google security style blog post exposing it

Because I don't think publicly exposing specific security problems in shipping
software is necessarily the right thing to do.

~~~
mrep
> Because I don't think publicly exposing specific security problems in
> shipping software is necessarily the right thing to do.

I'm no security engineer, but isn't it best practice to expose security risks
instead of letting them get knowingly exploited, especially if the parent
company considers it designed as intended?

~~~
bzbarsky
It depends on the exact situation. In this case there is coordination
happening among multiple vendors who are working on various fixes in this
space, which complicates things. Also complicated is that apart from "don't
use Chrome" there's no useful mitigation users can do for this risk, and most
Chrome users would never see any security-related blog post, nor act on it if
they did.

There are times when "screw you, I'm going public with this" is in fact the
right thing to do. Again, in this particular case I don't think it is.

------
nevi-me
There's no mention of whether applications will gracefully degrade if there's
no threads support. What happens in that case? Or should developers have to
check whether threads are enabled?

~~~
natorion
Devs need to do feature detection like with any other feature e.g. for the
presence of atomics and sharedarraybuffers.

------
Sephr
I hope WebAssembly threads are only enabled in contexts where site isolation
is active, lest we have another Spectre.

~~~
natorion
Yes, atomics and SABs are tied to SI being active.

------
jamesfmilne
Documentation on how this is implemeneted in emscripten:

[https://kripken.github.io/emscripten-
site/docs/porting/pthre...](https://kripken.github.io/emscripten-
site/docs/porting/pthreads.html)

------
deckarep
How does synchronization or the lack of it carry over and translate to WASM
based threading?

I’m assumming all the typical threading problems are inherited by design such
as the potential for deadlocks, memory corruption, priority inversion...etc?

Also I’m assumming these threads will allow true parallelism to occur?

~~~
simcop2387
Exactly right, everything sharing the same sharedarraybuffer will have all
those same issues and will run in parallel. It's a space that I suspect newer
languages like go, rust, d, etc will start to really make a mark on wasm
because of the concurrency models and other safety features that they contain.

------
ToFab123
Every time I hear the word Webassembly I always imagine that one day the
browser itself will be written in/compiled to webassembly and eventually the
entire operating system will be too. Isn't that the natural end game for
webassembly?

~~~
colek42
your wait is over.
[https://bellard.org/jslinux/vm.html?url=https://bellard.org/...](https://bellard.org/jslinux/vm.html?url=https://bellard.org/jslinux/win2k.cfg&mem=192&graphic=1&w=1024&h=768)

~~~
fiedzia
Its a bad idea. You will ignore all the benefits of running native code:
performance and access to low level features.You will not gain portability
because every platform will have different APIs - those are not part of wasm
project.

~~~
pjmlp
That bad idea is how mainframes user space applications work, and is partially
adopted across watchOS, Android, ChromeOS, webOS, Windows/UWP and Garmin apps.

~~~
fiedzia
Its certainly not how the OS and its runtime works. It may make sense when you
have to support range of different hardware architectures, but its not really
something you want to have by design. Limited range of supported hardware and
native code will always be better.

------
ArtWomb
Very cool. I remember using the pthread flag from C. But I don't ever recall
provisioning a set number of thread pool workers at compile time. Assume that
will change at some point.

------
thefounder
Does this mean we can have MPV or VLC compiled to WASM?

~~~
markdog12
One nice feature missing that's important for video decoding efficiency is
SIMD. It's being worked on, but not ready yet:
[https://github.com/WebAssembly/simd](https://github.com/WebAssembly/simd)

------
jetzzz
Why illustrate it with a program which has undefined behavior? It has signed
integer overflow.

------
Jyaif
Does that translate in having support for std::thread?

~~~
jamesfmilne
Yes, as std::thread is built on pthreads (for platforms which use pthreads,
like emscripten.)

------
de_watcher
Ok, Qt/QML is happier now.

~~~
oever
How so?

------
Animats
Are the first WebAssembly attacks out yet?

