Emscripten and New Javascript Engine Bring Unreal Engine To Firefox

MojoKid writes "There's no doubt that gaming on the Web has improved dramatically in recent years, but Mozilla believes it has developed new technology that will deliver a big leap in what browser-based gaming can become. The company developed a highly-optimized version of Javascript that's designed to 'supercharge' a game's code to deliver near-native performance. And now that innovation has enabled Mozilla to bring Epic's Unreal Engine 3 to the browser. As a sort of proof of concept, Mozilla debuted this BananaBread game demo that was built using WebGL, Emscripten, and the new JavaScript version called 'asm.js.' Mozilla says that it's working with the likes of EA, Disney, and ZeptoLab to optimize games for the mobile Web, as well." Emscripten was previously used to port Doom to the browser.

Chrome

[The+MAZZTer]

Looks like Chrome is looking to do this as well.

Interesting.

[DRAGONWEEZEL]

The unreal Engine is quite the powerhouse, running games like Bioshock and Tribes. This could be a web based game changer... (Pun intended).

-DW

Re:Interesting.

[Intrepid+imaginaut]

Mix this up with the decentralised P2P browsers thing and I present to you, ladies and gentlemen, the future!

I can't see anywhere to stick the meter though.

Re:Interesting.

[Anubis+IV]

Perhaps, but what's the application for something like this? The biggest one I can think of is cross-platform compatibility, since if you built something to run in the browser, it'd instantly work in Windows, Mac, and Linux. Assuming such a thing was possible, I doubt it'd be long before someone essentially used WebKit, Gecko, or whatever else to create a wrapper that could be applied to games using UE3, effectively creating a universal executable that would be little more than a chrome-less browser, somewhat similarly to how Fluid functions for Mac.

But as far as the level of technology, this puts browsers on par with four year-old smartphones, since the iPhone 3GS is capable of running Infinity Blade, which also uses Unreal Engine 3, and no one is suggesting that such a phone is on-par with the current level of PC gaming.

Re:I don't care

[The+MAZZTer]

A lot of plugins are only built for 32-bit browsers. It is a lot more work to get 32-bit plugins working in a 64-bit browser than in a 32-bit browser. Plus, there is no real advantage to using a 64-bit browser unless you want it to use more than 2gb of memory, and I thought one of the common complaints was that Firefox uses too much memory?

I'm not sure what you think the big deal is.

"new JavaScript version called 'asm.js.'"

[K.+S.+Kyosuke]

Asm.js is *not* a "new JavaScript version". Asm.js is to JavaScript what Squeak Slang is to Smalltalk, what Richard Kelsey's Pre-Scheme is to RxRS Scheme, and, more remotely, what RPython is to Python (although RPython is much richer in comparison with the other restricted languages, and really not all that JITtable - the translation process is very slow).

Re:I don't care

[wierd_w]

I've ued 64bit builds of nightly for some time now.

The issue is getting plugins to play nice.

You can't really blame Mozilla for not wanting to jump the shark, when they will catch all the flames for plugin makers who refuse to make their plugins 64bit friendly.

Right now, it's "whaaaaaa! I want 64bit builds!"

They offer a 64bit build, and then its "whaaaa! Flash plugin doesn't work! Noscript doesn't work! Adblock Plus doesn't work! Its horrible, and it crashes to boot!"

The market has to build up enough pressure to push out the colonic obstructions in the way of 64bit adoption as the new standard. It will take awhile.

Re:Javascript engine evolution

[K.+S.+Kyosuke]

What's the average lifetime of a Javascript engine in Firefox? Are they all forks of each others? I like it.

I think it's obvious what the Mozilla folks are trying to do: They're attempting to recreate the collected works of William Shakespeare using genetic algorithms. Four monkeys done, an infinite number of monkeys to go...

Remember the good old days?

[StoatBringer]

When "browsers" were used for "browsing" the web, instead of being crappy application platforms with endless non-browsing-related features shoehorned into them? What happened to just browsing well instead of doing everything else poorly?

Re:Remember the good old days?

[Pieroxy]

What happened to seeing a grid of 80x25 characters on a black background? Progress.

Re:Remember the good old days?

Yeah, now instead of just floppies as a virus transmission medium, they're really write-once run everywhere.

No more customizing ASM for elf/win32. Better yet, because it's delivered over HTTP in a browser that's already authenticated to a proxy server if there is one, we have an instant authenticated outbound tunnel which can utilize json-p to establish a backchannel as long as the browser is open to any other HTTP service!

But best of all, the new and improved technology ships in with built-in advertising frameworks, remote execution tracking, user analytics, the ability to sniff platform information, and built-in DRM -- if I unplug my server nobody can run the app ever again.

Look -- you can call it progress because the UX is improved, because the system is faster than the old ones (the same way my phone is faster than an old TI or the ENIAC ...)

But I dispute your use of the word progress, as do many other wholly reasonable individuals. The system runs are fractions of native speed on poorly specified, highly ambiguous platforms. It strips away my control of local execution, and 'just happens to' hand over information that was traditionally not reported to all types of unidentified third parties.

Beyond that, a lot of this completely and utterly circumvents the traditional IT process. What used to involve testing, specification has been replaced with "requires chrome 21+" -- except it will import three different scripts, which will load 20 more remote scripts (all anonymously namespaced to avoid conflict/collision), load 4 different versions of jQuery between them (CDN will speed it up if done properly) -- any single one of which *might* be swapped out at any time without notification to IT.

And any single one of which is technically capable of doing all of the horrible things I mentioned above -- in addition to delivering the traditional problems in the form of a real exploit.

You can keep your damned progress, and I'll keep my computer.

Re:Remember the good old days?

[Hentes]

This. The web is popular because it's a simple way to deploy something that works across different OSes and different devices. On the users' part, no installation isrequired, and web apps are safely sandboxed. The web is thriving because of the shortcomings of native platforms.

Re:Remember the good old days?

[tibman]

"them" could be anyone, including you. Spinning up Apache is something any beginner developer can work through. Or even better, just pay 3$ a month for a place to host your stuff. Now you are one of "them". I understand your argument but it's like saying we shouldn't use wikipedia because they could nuke the website tomorrow to spite us. I don't want to go back to Encarta on a CD.

Not at all, Features hit users faster

[tuppe666]

To the average Slashdot user, it is apparent that Firefox fans who are turned off by frequent browser updates

I'm sorry, as a [I like to think better ;)] than average Slashdot User...or at least not an AC. I have to say Users love the silent background updating of Mozilla, [Business Users less so], as it allows large features to hit users sooner [I'm loving the new PDF reader]. In fact most users here prefer *release often* strategy its part of their culture [it is mine]. Hell my whole OS gets updated every six months, perhaps you live on a stagnant platform, with occasional releases [read years apart].

Not me

[JustNiz]

I for one won't ever buy any games that run in the cloud and/or you have to play through a browser.

Re:Not me

[Mr.+McGibby]

That's fine. Plenty of people are doing it already. So nobody that matters really cares what you think.

Re:Not me

[Thwacht]

Why not? Out of spite?

Re:I don't care

[dyingtolive]

You're wrong! 64 bit is better because the number is bigger! It has more bits! AC learned this when he got his MBA.

Re:Hot Dog!

Javascript is to Java as a smart person is to you.

64-bit gives better security

[pavon]

Plus, there is no real advantage to using a 64-bit browser unless you want it to use more than 2gb of memory

ASLR (Address Space Layout Randomization) is far more effective in a 64-bit address space than in a 32-bit address space. Browsers need all the layers of protection they can get from exploits.

On the other hand, WebGL gives any website in the world nearly direct access to exploit bugs in GPU drivers, significantly increasing the attack surface of the browser. I say nearly, because the browser does check all parameters for possible buffer overflow conditions before passing them onto OpenGL calls, but any other type of exploit is still possible.

I would definitely prefer that Firefox prioritize features that increase security over those that decrease it.

Re:Javascript engine evolution

[hairyfeet]

Considering the fact that Windows has had low rights mode for 6 years now and Firefox STILL doesn't support it? I don't know how much I'd trust running GPU code on their browser. Heck I don't know if I'd trust it on ANY browser but at least the Chromium based do sandboxing and use low rights mode to help minimize the risk.

Just see my "Yahoo porn bug" to see why supporting low rights mode is good and not supporting it is bad, that trick that allows spammers to send spam to every address in someone's Yahoo email ONLY works on Firefox, not on Chromium based nor IE, because in those browsers the browser has less rights than the user.

Lets face it we really only have 3 major GPU vendors now and modern GPUs have processors, memory, and firmware, so they are just ripe for being the next big attack vector. Running code from any old website straight onto the GPU is just asking for it IMHO, just as Flash games were often used as an attack vector in the past anything that lets you get close enough to bare metal to get "near native" speeds is gonna be a nasty security risk.

Re:I don't care

[Enderandrew]

Adobe had a 64-bit version of Flash.

There is a 64-bit version of Java.

There is a 64-bit version of Silverlight.

What plugin is exactly stopping Firefox from making a 64-bit browser build? They started the 64-bit build project in 2003. Ten years later they apparently struggle to figure it out, even though community members roll their own 64-bit builds all the time.

Re:I don't care

[Enderandrew]

64-bit browsers are inherently more secure, and can access more memory. Native 64-bit apps also run faster. You're trying to call someone an idiot without realizing that you don't know what you're talking about in claiming there are no advantages.

http://arstechnica.com/information-technology/2012/11/64-bit-firefox-for-windows-should-be-prioritized-not-suspended/

Re:Hot Dog!

[rmdingler]

I take it anonymous is latin for Whoosh.

Re:I don't care

[Enderandrew]

Firefox these days uses less memory than Chrome.

http://www.ghacks.net/2012/06/21/chrome-uses-way-more-memory-than-firefox-opera-or-internet-explorer/

Mind you, Chrome is still my everyday browser, but Firefox has gotten really good at being efficient with memory.

Re:Javascript engine evolution

I suspect the security concerns about WebGL are overblown. The code that runs on the GPU are vertex and fragment shaders. The shader language is very limited and exposes only a small surface between the host and the GPU. You can load/compile shader code, assign uniforms/attributes, share frame buffers and textures and that's about it. It's not as though the coder gets unfettered access to the entire DirectX stack.

Both firefox and chrome sanitize shader code so shaders can't play with whatever unsafe features some GPU might implement. One strength of WebGL (and OpenGL ES that's it's based on) is that the fixed function OpenGL API is gone; everything is done with shaders. That means the huge user-land fixed function API is gone and you're left with a simple API that just loads shader code and data (vectors, textures etc.) So the user-land attack surface is relatively small.

Vulnerabilities have been found in individual drivers but they've been few and fixed quickly. WebGL exploits are highly unlikely to be portable; they'll attack certain versions of GPU+drivers on certain OSs... broadly successful exploits won't be feasible.

Re:Javascript engine evolution

[buchner.johannes]

Ah, my mistake. "use asm" is a proposed Javascript feature:

... asm.js, a strict subset of JavaScript that can be used as a low-level, efficient target language for compilers. The asm.js language provides an abstraction similar to the C/C++ virtual machine: a large binary heap with efficient loads and stores, integer and floating-point arithmetic, first-order function definitions, and function pointers.

http://asmjs.org/spec/latest/
Also interesting:

You could write your programs in Asm.js, but the idea is that you will use other languages that compile to Asm.js. This opens up the possibility of converting existing desktop apps to run in the browser. Emscripten, for example, is a compiler that converts the LLVM bitcode intermediate language to either JavaScript or the asm.js subset.

http://www.i-programmer.info/news/167-javascript/5694-firefox-runs-javascript-games-at-native-speed.html

Re:I don't care

[shia84]

Flash, Noscript and Adblock have been available in 64bit browsers for "ages".
I've been using Firefox exclusively compiled to 64bit for 3-4 years now (the default in the Debian sid repo) and never had came across incompatible plugin after they released Flash for 64bit. Though... I need only around 15 plugins, so heavier user may have a legitimate reason to use a 32bit browser.

Could you point out some of the plugins that actually don't support a 64bit binary? Windows is 64bit per default now too, isn't it... so you'd expect vendors to keep up.

"near-native performance"?

[edxwelch]

It says that it's twice as slow as native c code. This must be a new definition of the word "near".

Re:"near-native performance"?

In the computing world that's close enough that noone really cares. With a traditional interpreted language (like javascript interpreters used to be) you're looking at something more in the range of 100-10000x slowdown.

Re:"near-native performance"?

[edxwelch]

That's simple not true. There are parts of a graphic engine that are quite slow, even in c (like fustrum culling). If you implement those algorithms in a language that is twice as slow you will have problems

Re:Javascript engine evolution

[hairyfeet]

And how many times have we heard those EXACT SAME WORDS said about everything from browsers to sandboxes like the JVM? This isn't like the old days ya know, they don't have to take over the system, hell they don't even have to make a permanent anything on the host PC for what they want to do, again see the Yahoo Porn Bug I wrote about. With that there isn't a drop of code left on the victim's PC which is why it took me awhile to figure out what they were doing, but all they cared about was sending spam through as many address books as they could and this bug allows that without having to do much of anything, much less actually get to bare metal.

And finally don't forget that both Nvidia and AMD are rallying around GP-GPU and OpenCL so that you will be able to use that hardware for pretty much anything, heck a $45 HD4850 has something like 800 stream processors on it, the $100 HD7770 has 640 plus a GB of GDDR 5, so with GP-GPU code there really isn't any reason why they couldn't be playing the game WHILE doing something nasty in the background, hell any slowdowns and the user will blame it on the game or the system anyway.

So I wouldn't be so quick to poo poo this if I were you, malware is a billion dollar business and this will open up access to a LOT of GPUs with a LOT of processing power just ripe to be used...somebody is gonna crack this, the only question in my mind is when. Hell with Google and MSFT pouring mountains of cash into it we still haven't solved the problem of how to run net code on CPUs without getting malware, you think GPUs are gonna get a free pass?

RMS is right, we must demand free javascript

[ciaran_o_riordan]

The distinction between installed-software and software that's being run from your browser cache is becoming subtle.

RMS's views on the problem: The JavaScript Trap
https://www.gnu.org/philosophy/javascript-trap.en.html

A solution: The LibreJS plugin for IceCat, Firefox etc. disables javascript if it is non-trivial and doesn't have a notice about using a free software licence:
https://www.gnu.org/software/librejs/

("trivial" is defined as "defines functions")

Google is interested in asm.js

"At least some at Google want to embrace a Mozilla-backed project to speed up Web apps written with JavaScript -- even though it competes directly with Google's own Native Client and Dart programming technology. "

Re:WHY?!?

[spage]

Why? Because you're in a browser right now and it's the most popular software platform ever.

Where's the controller/joystick API for the web browser?

https://wiki.mozilla.org/GamepadAPI

WebGL is just VRML version 2.

No it isn't.

We have too many layers of cruft/abstraction layers/API's to deal with.

WebGL sends shader programs to the GPU which executes them. There isn't a layer underneath it.

A properly designed "world browser" that actually starts in the 3D environment and perhaps renders flat 2D web pages as such would make a lot more sense instead of trying to shoehorn 3D into a 2D "web page"

People had no interest in such world browsers, several companies including Microsoft offered them in the 90s and they all died. Microsoft's 1997 technology was called Chrome (yes, really), and they promised "Chromeffects would turn a web browser into a rippling, 3D space with audio and video playback".

Meanwhile people do like 3D games, they do love running things in their browser, and the fullscreen API lets the game canvas go fullscreen. Enjoy your lawn.

Re:I don't care

[jkflying]

No, x86 is clearly bigger and better than x64!

Re:Javascript engine evolution

I suspect the security concerns about WebGL are overblown. The code that runs on the GPU are vertex and fragment shaders.

And that's enough. I went to an opengl class where we would write vertex/fragment shaders. You know what? Most of the times I locked my machine was because I carelessly wrote an infinite loop. The code runs at the GPU so everything comes to a standstill, it seems macosx at least is unable to interrupt badly behaved GPU code.

So at least you can trigger a DOS attack. And I'm sure you can do funnier stuff given the attacks the previous year were malware flashed video cards to stay persistant accross reboots.

Conclusion: if you can't imagine where's the problem, don't worry, you simply lack imagination. Other more clever people will fill in the gaps for you.