Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Firefox Programming Games Technology

Emscripten and New Javascript Engine Bring Unreal Engine To Firefox 124

MojoKid writes "There's no doubt that gaming on the Web has improved dramatically in recent years, but Mozilla believes it has developed new technology that will deliver a big leap in what browser-based gaming can become. The company developed a highly-optimized version of Javascript that's designed to 'supercharge' a game's code to deliver near-native performance. And now that innovation has enabled Mozilla to bring Epic's Unreal Engine 3 to the browser. As a sort of proof of concept, Mozilla debuted this BananaBread game demo that was built using WebGL, Emscripten, and the new JavaScript version called 'asm.js.' Mozilla says that it's working with the likes of EA, Disney, and ZeptoLab to optimize games for the mobile Web, as well." Emscripten was previously used to port Doom to the browser.

This discussion has been archived. No new comments can be posted.

Emscripten and New Javascript Engine Bring Unreal Engine To Firefox

Comments Filter:
  • What's the average lifetime of a Javascript engine in Firefox?
    Are they all forks of each others?
    I like it.

    • What's the average lifetime of a Javascript engine in Firefox? Are they all forks of each others? I like it.

      I think it's obvious what the Mozilla folks are trying to do: They're attempting to recreate the collected works of William Shakespeare using genetic algorithms. Four monkeys done, an infinite number of monkeys to go...

    • by hairyfeet ( 841228 ) <bassbeast1968@gm ... minus herbivore> on Thursday March 28, 2013 @06:41PM (#43307495) Journal

      Considering the fact that Windows has had low rights mode for 6 years now and Firefox STILL doesn't support it? I don't know how much I'd trust running GPU code on their browser. Heck I don't know if I'd trust it on ANY browser but at least the Chromium based do sandboxing and use low rights mode to help minimize the risk.

      Just see my "Yahoo porn bug" to see why supporting low rights mode is good and not supporting it is bad, that trick that allows spammers to send spam to every address in someone's Yahoo email ONLY works on Firefox, not on Chromium based nor IE, because in those browsers the browser has less rights than the user.

      Lets face it we really only have 3 major GPU vendors now and modern GPUs have processors, memory, and firmware, so they are just ripe for being the next big attack vector. Running code from any old website straight onto the GPU is just asking for it IMHO, just as Flash games were often used as an attack vector in the past anything that lets you get close enough to bare metal to get "near native" speeds is gonna be a nasty security risk.

      • by Anonymous Coward on Thursday March 28, 2013 @07:22PM (#43307769)

        I suspect the security concerns about WebGL are overblown. The code that runs on the GPU are vertex and fragment shaders. The shader language is very limited and exposes only a small surface between the host and the GPU. You can load/compile shader code, assign uniforms/attributes, share frame buffers and textures and that's about it. It's not as though the coder gets unfettered access to the entire DirectX stack.

        Both firefox and chrome sanitize shader code so shaders can't play with whatever unsafe features some GPU might implement. One strength of WebGL (and OpenGL ES that's it's based on) is that the fixed function OpenGL API is gone; everything is done with shaders. That means the huge user-land fixed function API is gone and you're left with a simple API that just loads shader code and data (vectors, textures etc.) So the user-land attack surface is relatively small.

        Vulnerabilities have been found in individual drivers but they've been few and fixed quickly. WebGL exploits are highly unlikely to be portable; they'll attack certain versions of GPU+drivers on certain OSs... broadly successful exploits won't be feasible.

        • Re: (Score:2, Insightful)

          by hairyfeet ( 841228 )

          And how many times have we heard those EXACT SAME WORDS said about everything from browsers to sandboxes like the JVM? This isn't like the old days ya know, they don't have to take over the system, hell they don't even have to make a permanent anything on the host PC for what they want to do, again see the Yahoo Porn Bug I wrote about. With that there isn't a drop of code left on the victim's PC which is why it took me awhile to figure out what they were doing, but all they cared about was sending spam thro

          • by Anonymous Coward

            we still haven't solved the problem of how to run net code on CPUs without getting malware

            And yet we continue to run "net code" despite this. The value of that code is apparently greater than the the risk of using systems that permit it to run.

            When a killer 3D web application appears it will be the same; we'll run it, risking exploitation, and the vendors will harden their products.

            We're integrating GPUs onto CPUs such that it's getting difficult to buy a CPU without one and we're writing GP-GPU frameworks to exploit these powerful devices. There is exactly zero possibility these capabilities

            • And THIS is why ACs need to be banned or at least heavily downmodded by default, as pretty much all AC is used for is flamebait or trying to stir up shit.

              But if you can show me a single place where I said this shouldn't be used? You can't because that is not what i said, you are trying to twist my words to serve YOUR agenda. All I said is that caution should be used and security should be job #1, something that was NOT done with JavaScript and look at where we are now, nearly a million infected Android phon

        • Re: (Score:2, Interesting)

          by Anonymous Coward

          I suspect the security concerns about WebGL are overblown. The code that runs on the GPU are vertex and fragment shaders.

          And that's enough. I went to an opengl class where we would write vertex/fragment shaders. You know what? Most of the times I locked my machine was because I carelessly wrote an infinite loop. The code runs at the GPU so everything comes to a standstill, it seems macosx at least is unable to interrupt badly behaved GPU code.

          So at least you can trigger a DOS attack. And I'm sure you can d

    • by buchner.johannes ( 1139593 ) on Thursday March 28, 2013 @07:33PM (#43307825) Homepage Journal

      Ah, my mistake. "use asm" is a proposed Javascript feature:

      ... asm.js, a strict subset of JavaScript that can be used as a low-level, efficient target language for compilers. The asm.js language provides an abstraction similar to the C/C++ virtual machine: a large binary heap with efficient loads and stores, integer and floating-point arithmetic, first-order function definitions, and function pointers. []
      Also interesting:

      You could write your programs in Asm.js, but the idea is that you will use other languages that compile to Asm.js. This opens up the possibility of converting existing desktop apps to run in the browser. Emscripten, for example, is a compiler that converts the LLVM bitcode intermediate language to either JavaScript or the asm.js subset. []

  • Chrome (Score:5, Informative)

    by The MAZZTer ( 911996 ) <> on Thursday March 28, 2013 @06:06PM (#43307235) Homepage
    Looks like Chrome is looking to do this [] as well.
  • by DRAGONWEEZEL ( 125809 ) on Thursday March 28, 2013 @06:07PM (#43307249) Homepage

    The unreal Engine is quite the powerhouse, running games like Bioshock and Tribes. This could be a web based game changer... (Pun intended).


    • Mix this up with the decentralised P2P browsers thing and I present to you, ladies and gentlemen, the future!

      I can't see anywhere to stick the meter though.

      • by Anonymous Coward

        Finally, a real Metaverse!

    • Perhaps, but what's the application for something like this? The biggest one I can think of is cross-platform compatibility, since if you built something to run in the browser, it'd instantly work in Windows, Mac, and Linux. Assuming such a thing was possible, I doubt it'd be long before someone essentially used WebKit, Gecko, or whatever else to create a wrapper that could be applied to games using UE3, effectively creating a universal executable that would be little more than a chrome-less browser, somewh

      • Perhaps, but what's the application for something like this?

        Turning WildTangent into a smoking hole in the ground, and about time, too.

      • The demo they showed is actually the Epic Citadel demo that is available on iOS and Android. It easily runs 60 frames per second at 1280x720 in full quality on my Galaxy S3 so it isn't impressive they are running it on a PC, only that it is running in javascript
        Since they are claiming the javascript is running like it is native code they should show something more impressive
      • by Lennie ( 16154 )

        Actually the CPU-performance of Javscript is about twice as slow as a C-program. So "only" 18 months behind according to moore's law.

        The GPU-performance might be even better then twice because they use WebGL to tell the GPU what to do.

  • by K. S. Kyosuke ( 729550 ) on Thursday March 28, 2013 @06:08PM (#43307259)
    Asm.js is *not* a "new JavaScript version". Asm.js is to JavaScript what Squeak Slang is to Smalltalk, what Richard Kelsey's Pre-Scheme is to RxRS Scheme, and, more remotely, what RPython is to Python (although RPython is much richer in comparison with the other restricted languages, and really not all that JITtable - the translation process is very slow).
  • When "browsers" were used for "browsing" the web, instead of being crappy application platforms with endless non-browsing-related features shoehorned into them? What happened to just browsing well instead of doing everything else poorly?

    • by Pieroxy ( 222434 ) on Thursday March 28, 2013 @06:17PM (#43307337) Homepage

      What happened to seeing a grid of 80x25 characters on a black background? Progress.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        Yeah, now instead of just floppies as a virus transmission medium, they're really write-once run everywhere.

        No more customizing ASM for elf/win32. Better yet, because it's delivered over HTTP in a browser that's already authenticated to a proxy server if there is one, we have an instant authenticated outbound tunnel which can utilize json-p to establish a backchannel as long as the browser is open to any other HTTP service!

        But best of all, the new and improved technology ships in with built-in advertising

        • by Pieroxy ( 222434 )

          You realize that all the complaints you have were also true in the good old days of IE3 and NS3? Since then, lots have changed, but all that has changed is irrelevant to all of your points.

          • by Anonymous Coward

            Barely. I don't think I actually recall IE3, although I do recall IE4, and I have a copy of NS2 on a cd somewhere...

            Webpages weren't using DHTML & Ajax, and nobody would have tried to deliver a damned game in the browser.

            Even a crappy app would've at least been done in VB.

            All this is is the same old damned problems returning unsolved, and with less performance than native apps.

            The same AC stands by his original opinion, and agrees:

            "All that has changed is irrelevant to your [my] points"

            The web and brow

        • If it lets me do more than I could do ten years ago, that's progress by any meaningful definition of the word.

          • by bryonak ( 836632 )

            I think his point was that the improved UX and hardware let you do more, which is called progress.

            But having it run wholly inside a web browser, instead of a native GUI that has optional (clearly interfaced) internet storage support but can be controlled by my own firewall... this does not really enable you to do more (but it enables "them" to do more, e.g. built-in app obsolescence via DRM, profiling via tracking, etc.) and therefore is not progress.

            • by tibman ( 623933 ) on Thursday March 28, 2013 @11:22PM (#43309065) Homepage

              "them" could be anyone, including you. Spinning up Apache is something any beginner developer can work through. Or even better, just pay 3$ a month for a place to host your stuff. Now you are one of "them". I understand your argument but it's like saying we shouldn't use wikipedia because they could nuke the website tomorrow to spite us. I don't want to go back to Encarta on a CD.

              • by bryonak ( 836632 )

                Hmm, you're placing me inside "them" because I stated it's progress for "them". If we're talking about service providers in general (i.e. my local apache server), there are two points I'd like to highlight:

                1. This enables "all of them", not just "the part of them that is me". When it comes to my security, I prefer the exclusive approach.

                2. The typical situation is that you're not really a part of "them". "Them" is for example G+/Facebook, and you can try to play along and run a Diaspora node, but... well, w

        • This sounds like Grace Hoppers rant about hanging 1K feet of optical cable (speed of light @ 1 microsecond) around the necks of programmers that wasted microseconds of compute time.

          Computing requires exponential gains so that we can compute additional layers of abstraction. It makes it possible to program what we do. The reason usability has gotten better is because we don't need to write hand-tuned machine code just to get UI widgets working.

          And do not tell me that the IT department are that much better

          • Oh, and please think back to security in the old days of paper checks and manual accounting. It's much hard to forge an SSL cert than it is to fake a doctors prescription.

      • They couldn't shove in enough unwanted advertisements with 80x25 on black background.

      • The terminal is still incredibly useful. In fact, things that might take ten minutes to do via a GUI takes maybe half a minute, if that much. This doesn't sound like much, until you start repeating the things you do (like constantly toggling an option). This is why keyboard shortcuts on a GUI are't going anywhere. Besides which, don't forget that every text editor is pretty much a neutered terminal window with color.

        Progress does not mean the next new thing, it means the next better thing.

        Now, I'm not sure

    • by Anonymous Coward

      Microsoft killed it by not following the Posix standard, making cross platform application development a royal pain in the ass.

      HTML/CSS/Javascript is the only platform agnostic platform.

      Alas, its all we got.

  • Not me (Score:2, Insightful)

    by JustNiz ( 692889 )

    I for one won't ever buy any games that run in the cloud and/or you have to play through a browser.

    • Re:Not me (Score:5, Insightful)

      by Mr. McGibby ( 41471 ) on Thursday March 28, 2013 @07:53PM (#43307931) Homepage Journal

      That's fine. Plenty of people are doing it already. So nobody that matters really cares what you think.

    • Why not? Out of spite?
      • by JustNiz ( 692889 )

        The main reason why is that I dont want to have a dependency on the internet.

        Partly its about just not wanting to have to be connected to play. What if I want to play where there is no internet, such as on an airplane or while camping etc. Also now you are subject to issues like available bandwidth, latency etc.

        Also if the game is running in the cloud, it means I relinquish all control about what they do with the game, i.e. direction they take it in with patches etc,

        Also with a local copy I am insulated if

        • by JustNiz ( 692889 )

          Also.. as for running in a brower, its another layer of abstraction that can be avoided by running a local app.

          Compared to running a native binary, running through a browser can't help but to cost something extra in terms of computer resources, so ultimately cant help but to impact gaming performance at some level.

          The inconvenience of having to go through a browser (a window in a window, browser toolbar etc ) is also enough to put me off.

    • I, for one, will buy (good) games that run on a standards based platform that eschew DRM, running on any computer I want, and has the added advantage of not needing to be "installed".

  • I wouldn't use Java to download so much as an email... even if it came from the Nigerian royal family.
  • The Mozilla folks didn't speak kindly of Google Native Client, but asm.js is not much different than PNaCl (portable native client)
    PNaCl compiles LLVM bitcode to native code
    asm.js uses code generated with Emscripten from ..... LLVM bitcode
    Devs can easily target both platforms. If somebody ports the Pepper API to asm.js, converting a PNaCl application to asm.js can be an automated task.
    • by robmv ( 855035 )

      asm.js JavaScript subset runs on the same VM, only one VM to secure, it can access DOM APIs directly. NaCl is just another VM like technology, more the p variant that uses an intermediary bytecode, with new APIs made for it, it is a new kind of Java or Flash plugin, probably a lot more secure but a plugin like technology nonetheless

    • by BZ ( 40346 )

      Porting Pepper is a huge undertaking, comparable to reimplementing large parts of a web browser from scratch. Oh, and without real specs, so you have to do a bunch of reverse-engineering.

    • by Anonymous Coward

      asm.js is just normal javascript with some backwards-compatible notations. Therefore it will run (more slowly) on any browser, including IE.

      for example: "var i = 10 | 0;" informs the runtime you want an integer instead of a normal javascript floating-point number.

      As of right now, Nacl is a google-proprietary thing and isn't even enabled in Chrome yet.

  • "this is to notify you of activity occurring on the Mozilla site listed below which infringes on the exclusive intellectual property rights of Id Software LLC .. The copyrighted work at issue is .. DOOM

    The link below offers an unauthorized derivation or version of Id Software's DOOM game". link []
  • by edxwelch ( 600979 ) on Thursday March 28, 2013 @08:31PM (#43308149)

    It says that it's twice as slow as native c code. This must be a new definition of the word "near".

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      In the computing world that's close enough that noone really cares. With a traditional interpreted language (like javascript interpreters used to be) you're looking at something more in the range of 100-10000x slowdown.

      • That's simple not true. There are parts of a graphic engine that are quite slow, even in c (like fustrum culling). If you implement those algorithms in a language that is twice as slow you will have problems

  • The distinction between installed-software and software that's being run from your browser cache is becoming subtle.

    RMS's views on the problem: The JavaScript Trap []

    A solution: The LibreJS plugin for IceCat, Firefox etc. disables javascript if it is non-trivial and doesn't have a notice about using a free software licence: []

    ("trivial" is defined as "defines functions")

  • by Anonymous Coward

    "At least some at Google [] want to embrace a Mozilla-backed project to speed up Web apps written with JavaScript -- even though it competes directly with Google's own Native Client and Dart programming technology. "

    • by spage ( 73271 )

      Mod AC parent up! Here it is again

      "At least some at Google [] [] want to embrace a Mozilla-backed project to speed up Web apps written with JavaScript -- even though it competes directly with Google's own Native Client and Dart programming technology. "

  • Perhaps equally exciting to me is that asm is going to be used to speed up Firefox's Ionmonkey JIT.
    Devs will compile asm code and compare it to native to find inefficiencies, thereby learning where to optimize the compiler.
    So even if you don't use asm.js, we all get faster Javascript.

  • nice post Soccer Team Uniforms []

"If it's not loud, it doesn't work!" -- Blank Reg, from "Max Headroom"