Ask HN: Can WASM be used as a means of sanitizing native code?
Title. Normally with sanitizers (e.g., UBSan, ASan, TSan) the sanitizer is implemented by instrumenting code to store information at runtime.
Could a WASM sandbox work together with a compiler to improve the performance of sanitizers? I am thinking that the WASM sandbox (which is likely more optimized than the above sanitizers) could run native language programs compiled to WAMS and maybe track information more cheaply at runtime than the sanitizer implementation could. Yes, and it's a very interesting use case for Wasm. Firefox has a sandbox called RLbox built on this, and has been published in a few papers. Performance is one benefit, but the real killer feature is Wasm's guarantees are incredibly strong and formally proved. So by definition, you won't get out of bounds memory reads, memory corruption etc, assuming the implementation is correct. And because of the thorough specification, these kinds of exploits are far rarer in wasm runtimes. https://hacks.mozilla.org/2020/02/securing-firefox-with-weba...