What problems is WASI 0.2 and the Component Model solving? I've read the project goals but I still don't quite understand.
I mean, I guess having some defined interface between languages might be useful for some specific usecases, I just don't see what that has to do with WASM and I also don't understand how this complexity would be a net benefit to the broader ecosystem.
Basically since they want to redo P-Code/M-Code/JVM/CLR/BEAM/TIMI/Language Environments/..., now they need to re-invent CORBA, DCOM, XPC, AIDL, gRPC as well.
They already reinvented application servers with WASM containers on Kubernetes.
Otherwise how one would expect to create startups whose goal is to deliver services on top of WebAssembly, something whose original goal was only being a safer ActiveX, Flash, Silverlight, Applets, PNaCL, asm.js, alongside JavaScript.
Exactly. AFAIK the idea is the same as 1990's COM or CORBA, but for WASM (e.g. being able to call between WASM "DLLs" written in different languages but without having to define a C API for each DLL), so pretty much irrelevant for statically linked WASM apps or anything that uses C APIs anyway to talk to each other.
> pretty much irrelevant for statically linked WASM apps
One benefit off the top of my head is the extra isolation between component instances within this statically linked app: you can be shielded from many of the ways libwhatever might ruin everything because its linear memory can be totally isolated from the root component (and vice versa) with surprisingly little overhead.
The Wasm Component model takes security seriously, much in the way that Core Wasm does. Even without everything else it has to offer, this is something our craft is desperately in need of.
If Core Wasm took security seriously, the memory access opcodes for arrays would be bound checked like on MSIL and TIMI, instead of "as long as it is inside of a linear memory segment we're good" approach.
Arguably, memory safety inside the WASM heap is the job of the compiler, it's often possible to omit runtime range- and null-checks with the control-flow knowledge the compiler has access to which would be tricky to transmit down to the bytecode level (and even then it would only benefit a handful of languages that have builtin concepts for "ranges" and "nullability".
If you need more fine-grained isolation, split your code into different WASM instances.
"Arguably, memory safety inside the UNIX process heap is the job of the compiler, ...."
See what I did there?
And then we are back at the root problem of goverments having to step in, and hardware vendors coming up with hardware memory tagging, because that isn't scaling.
> "Arguably, memory safety inside the UNIX process heap is the job of the compiler, ...."
In my mind there's nothing controversial about this statement at all.
If memory corruption inside the sandbox allows to manipulate anything outside the sandbox, then the sandbox is broken. It's as simple as that, and it doesn't matter whether it's the WASM heap or a process heap.
And if there is no guarantee that the sandbox is on a safe state, whose execution doesn't translate into nasty side effects, like return true instead of false on a credential check, due to internal memory corruption, then it is equally broken.
It becomes the same approach as attacking OS processes via their public OS IPC end points.
and CM copies everything everywhere between components - so this fictional need to build your program out of wasm components made of several languages which in turn also may link many components will just be a nightmare for performance and memory. WIT has to have a “borrow” concept to alleviate the pain.
For background, WASI 0.1 is one interface: a smaller POSIX. Translating POSIX's low-level ABI concepts into WASM is enough for this. WASI came out of WASM's goal of portability, and 0.1 makes WASM portable across POSIX systems.
WASM and WASI aim to support other embeddings. WASI 0.2 introduces an interface for HTTP servers and clients, aimed at cloud/edge. Currently Docker images (on an OS) get used here, but POSIX, even small POSIX, is bloat. WASI 0.2 plans a range of other interfaces for embedding WASM e.g. IOT, so that even without POSIX, you still have portable standards, in your preferred language.
HTTP is a high-level idea. HTTP libraries in any language are never about writing binary to TCP sockets, they're about requests and responses. Depending on sockets would miss the point of leaving POSIX behind. A smaller, loosely-coupled API surface gives both sides more freedom. The runtime can work with the system, the language can work with its users, and the tooling can generate minimal glue that links them together.
Why define WASI APIs with an abstract interface rather than a rigid binary one? Because it follows the spirit of WASM's existing goals: low-level when needed for performance, and high-level whenever it makes WASM simpler to target, embed or reason about. That's why WASM has low-level assembly instructions yet high-level structured control-flow. It's also why WASI uses types appropriate for the API in question (e.g. files in the POSIX interface, responses in HTTP) yet translates them to binary glue when linking real hosts and guests.
Lin Clark's 2019 article[1] raises an issue that comes with low-level interfaces:
But if a function takes or returns anything besides numbers, things get complicated. You can either:- Ship one module that has a really hard-to-use API that only speaks in numbers… making life hard for the module’s user.- Add glue code for every single environment you want this module to run in… making life hard for the module’s developer.
Clark argues WebAssembly is the right abstraction level to solve this issue in an efficient yet ergonomic way. Frankly, if your WASM module written in Go wants to talk to your host in Java, I don't see why that needs to involve C bindings.
The Component Model falls out of WASI as a bonus. WASI needs to interoperate modules with their embeddings. From there WASI may as well (Lin Clark puts it) "interoperate all the things".
It seems to dead-end unexpectedly on some topics. For example, I delved "path tracing" -> "importance sampling" and it output a section on probability distribution functions (PDFs) but didn't offer any links to explore those further.
Putin gave an "explicit warning that Russia perceived NATO's eastward expansion as a threat to its national security" as early as 2007 in his Munich speech [0]. The Russo-Ukrainian war began in 2014 with the ouster of Yanukovych, who was pro-Russia and opposed closer ties with the EU [1]. Zelensky became president in 2019 and initially promised to end the Russo-Ukranian war, but instead continued to pursue NATO protection and in August 2021 "urged NATO members to speed up Ukraine's request for membership" [2]. Russia escalated the Russo-Ukrainian war and invaded Ukraine for a second time in February 2022 [3].
Is it a surprise to you that all of the countries that have historically been imperial subjects of Russia seek protection from the possibility of that eventuality coming to pass again? Is it surprising after Georgia in 2008 and Crimea/Donbas in 2014 that Ukraine would want some assurance of security and independence for the remainder of their country?
Whereas the nonsense you're providing us here is not hallucinated (by you), but rather cut-and-pasted from the usual pro-Russian sources.
Putin gave an "explicit warning that Russia perceived NATO's eastward expansion as a threat to its national security" as early as 2007 in his Munich speech.
And as a result (in combination with other factors) Ukraine's NATO aspirations were effectively halted by 2009. Simply put - some hawks in the U.S. wanted it, but it never got traction in Europe - not even after the initial invasion in 2014. In other words - in regard to the NATO-Ukraine question Putin had by that time already achieved a successful, non-violent containment strategy. But ultimately he opted for the full-scale invasion in 2022 anyway.
Why? Because it was never his real reason in the first place.
The Russo-Ukrainian war began in 2014 with the ouster of Yanukovych, who was pro-Russia and opposed closer ties with the EU.
First, it wasn't an "ouster" - he fled to escape likely imminent charges of corruption and complicity in murder. Second - if you really believe that whatever happens in the internal politics of one country is a "reason for", or can "provoke" another country into launching a full-scale invasion -- then I don't know what to tell you.
> if you really believe that whatever happens in the internal politics of one country is a "reason for", or can "provoke" another country into launching a full-scale invasion -- then I don't know what to tell you.
what do you mean? internal politics is just a label and the issue will most certainly not be contained by a border.
> in regard to the NATO-Ukraine question Putin had by that time already achieved a successful, non-violent containment strategy. But ultimately he opted for the full-scale invasion in 2022 anyway.
Beginning in 2019, Ukraine went full-press on seeking NATO membership. In fact, they "voted 334 to 17 to amend the constitution to state Ukraine's strategic objectives as joining the European Union and NATO" [0]. Again, Ukraine went as far as amending their constitution to codify the goal of joining the EU and NATO.
Now, was that Putin's "real" motive for the 2022 invasion? Who knows, I'm sure there are a number of reasons. Putin frankly denied Ukraine's right to exist. But regardless, it is very clear that his rhetoric over the past 17 years, and subsequent actions, are at least consistent with the NATO issue.
> First, it wasn't an "ouster" - he fled to escape likely imminent charges of corruption and complicity in murder.
There was a revolution in Ukraine in 2014 and he was overthrown. On February 22, 2014 the "Ukrainian parliament voted to remove Yanukovych from office by 328 to 0" [1]. He fled that evening. I have no doubt corruption and any number of other things led to the revolution. Regardless, he was very anti-EU and pro-Russia and his removal from office directly led to the 2014 Crimea invasion and the start of the Russo-Ukrainian war. In fact, Russia began organizing troops outside of Ukraine the very same day Yanukovych was voted out and the invasion began 5 days after his removal [2].
> Second - if you really believe that whatever happens in the internal politics of one country is a "reason for", or can "provoke" another country into launching a full-scale invasion -- then I don't know what to tell you.
If one country has been saying for nearly 2 decades that if another country joins NATO it means war, and then that country ratifies their constitution to seek NATO membership, and then a war happens, is it really that surprising? When the two countries are already at war over allegiances in the first place?
> If one country has been saying for nearly 2 decades that if another country joins NATO it means war, and then that country ratifies their constitution to seek NATO membership, and then a war happens, is it really that surprising?
I don't recall any direct threats of war. In fact, in the first few years of the war, Russia denied that their soldiers were even in Ukraine. They tried to portray the war as a civil conflict within Ukraine.
As to indirect threats and vague hints of total annihilation, Russia has been threatening everyone in Eastern Europe over everything they don't like; from EU and NATO to insignificant things like parking fines that their diplomats have been raking up, and this bullshit has been going on straight from USSR's collapse in early 1990s. Russia's permanent unwillingness to offer peaceful and mutually respectful relations is a key driver behind Eastern Europe seeking closer relations with Western Europe. Handing national sovereignty to Russia over threats is not a serious option.
Ukraine's mistake is not that they seeked NATO membership, but that they underestimated the Russian threat and didn't hurry with EU and NATO integration like other countries did.
Beginning in 2019, Ukraine went full-press on seeking NATO membership.
We've gone through this already. Yes, Ukraine wanted to join NATO - but the bigger fact was that Europe was against it. So it wasn't going to happen.
If one country has been saying for almost 2 decades that if another country joins NATO it means war
Have you actually read the Munich speech? It doesn't even mention Ukraine, and doesn't come close to using the belligerent language that you're saying it does.
I suggest that you develop a practice of reading original source materials, such as for the the 2007 Munich speech, directly -- rather than uncritically relying on random snippets from Wikipedia quoting what certain pro-Russia commentators (like Mearsheimer and Cohen) say about them.
I'm confused about what seems like conflicting info in the wikipedia article. I can't reconcile the quote you picked from the intro with two statements in the 'Impact' section:
> In total, U.S. government economic bailouts related to the global financial crisis had federal outflows (expenditures, loans, and investments) of $633.6 billion and inflows (funds returned to the Treasury as interest, dividends, fees, or stock warrant repurchases) of $754.8 billion, for a net profit of $121 billion.
> A 2019 study by economist Deborah Lucas published in the Annual Review of Financial Economics estimated "that the total direct cost of the 2008 crisis-related bailouts in the United States" (including TARP and other programs) was about $500 billion, or 3.5% of the United States's GDP in 2009, and that "the largest direct beneficiaries of the bailouts were the unsecured creditors of financial institutions."[92] Lucas noted that this cost estimate "stands in sharp contrast to popular accounts that claim there was no cost because the money was repaid, and with claims of costs in the trillions of dollars."
Yes and no. The government still has to pay interest on its debt, which is paid with tax receipts. The government shouldnt be in the business of making money, yes, but it also has to spend less than it makes. In this case, these loans would have had a negative real yield, meaning they made things worse debt wise. The consequence for higher debt, is devaluation of the dollar and these massive and frequent swings in economic conditions.
You should read the creature from Jekyll island. Bailouts just make the problem bigger and more centralized. It cant fix anything, its not possible, that debt still exists on someones balance sheet, it still accrues interest.
As you say, their profit isn't the point. Giving someone a loan with low enough interest is basically just handing them money free and clear with extra steps. So the real question is whether the handouts to the banks helped the populace or came at their expense. Would other uses of the money have helped more?
Have you tried using non-Tesla charging stations? It's a disaster! Those charging terminals are hastily thrown together pieces of junk, frankly. The hardware, software, billing, everything.
Most people should be doing most of their charging at home. As someone pointed out downthread, level 1 (120V/15A) charging should be sufficient to cover most people's daily driving needs as long as they can keep the vehicle plugged in while they're not driving it. Obviously this is much easier for some (people who own a home with a garage) than others (people who do not have a garage or other fixed parking spot) but that's a problem we can fix gradually as electric cars gain market share.
>Have you tried using non-Tesla charging stations? It's a disaster! Those charging terminals are hastily thrown together pieces of junk, frankly. The hardware, software, billing, everything.
I've used public CCS charging for several years and I think your assessment is more than a bit harsh. Is the Tesla network more refined, reliable, and widespread? Yes. Is the CCS option "a disaster"? Absolutely not. I would call it a mixed bag. Level-2 charging has just worked 99.999% of the time. DC fast charging there are stations that can be out of service more often than I would like, but if you use the plugshare app you will almost certainly be able to reliably find chargers that are both working and available.
It is extremely annoying to potentially have to use more than one app, but I would hope that will slowly change over time. The best thing the government could do is mandate some sort of centralized billing option for all of the various providers. For and GM are trying to do it through their apps but the problem is they only cover a subset of networks.
> Level-2 charging has just worked 99.999% of the time.
If Level 2 charging worked all but 1 in 100K trials, neither you (in several years) nor I (in 10 years) should have expected to be a favorite to have experienced even a single Level 2 charger outage. Instead, I've experienced multiple such failures every year.
I'm a pretty big supporter of the potential of EVs, and been very happy with mine (even having bought the cheapest and worst one: a Nissan Leaf). But, I'm also a fan of using correct estimations and data when confronting the problems with EV-related infrastructure and I estimate public Level 2 charging to be closer to 99.5% than 99.999% (1 in 200 failures vs 1 in 100K failures). That might even be a slightly generous estimate.
I've literally never come across an L2 charger not working anywhere in my state. I have seen one offline in the last 4 years. Looking at plugshare I see one site that had an outage for 2 days across all L2 chargers in the last 90 days.
Presumably you've got a database that you just forgot to link that you can reference for your information since you're a fan of correct estimations and data, and not just using your personal anecdotal experience. Because otherwise you're just being pedantic.
One thing the article didn't mention is that a gaussian blur can be approximated with multiple passes of a box blur. Not sure how that would relate performance-wise to the discussed stack blur algorithm. The code would probably be a bit simpler, anyway.
I'm interested in this idea. I think I got confused at some point and mistakenly thought box blur was a 2D kernel and so it wouldn't perform great. vImage does contain a box blur but I haven't checked its performance (I did check the tent blur and it was so-so...) https://developer.apple.com/documentation/accelerate/blurrin...
Stack blur is a fast, discrete tent filter (weights are 1, 2, 3, 2, 1, normalize, it makes a triangle/tent shape). You can find tent filter blurs all over, including in Apple's own image processing library:
Does that actually look good? I would have thought it would have really obnoxious diagonal artifacts.
Unless it can be tuned to behave like a repeated box blur (and therefore approximate a true Gaussian). A tent shape would just be two box blurs, right?
The convolution of a box filter with a box filter is a tent filter. So yes, a tent filter blur can be done with two box filter blurs.
And repeated box filters asymptotically approach a Gaussian filter, though in practice it converges very quickly. A single box filter can be thought of as a piece-wise constant approximation of a Gaussian filter. Two passes of box filters produce a piece-wise linear approximation (the tent). And three passes of box filters produce a piece-wise quadratic approximation. Four passes for a cubic approximation, etc. Usually, just the three box filters are used since they are close enough.
I'd need to look at the math in detail here, but I suspect that it's ultimately just cleverly interleaving the running sums for the two box filter to perform them in a single pass.
If so, it might be an interesting challenge to see if the idea can be extended to compute the higher quality three box filter approximation in a single pass.
Rich families already do this by sending their kids to private schools. Have you seen how expensive and competitive these schools are, even starting as early as Kindergarten?
> But if your assertion checks don't run in release mode, and due to some bug, those invariants don't hold, well, your program is already going to exhibit undefined behaviour. Why not let the compiler know about the undefined behaviour so it can optimize better?
Usually in release mode you want to log the core dump and then fix the bug.
Yeah; thats why I like rust's approach. You can either leave assertions in in release mode, so you get your core dump. Or you can take them out if you're confident they won't fire in order to make the program faster.
The unreachable pragma suggested by the author is just a more extreme version of the latter choice.
I mean, I guess having some defined interface between languages might be useful for some specific usecases, I just don't see what that has to do with WASM and I also don't understand how this complexity would be a net benefit to the broader ecosystem.