0-days mostly got expensive from compiler optimizations and other security guarantees that carry over to webassembly, like ASLR and pointer authentication, as well as sandboxes and multi-process architectures. It's not all thrown away here.

Browsers are millions of lines of code, the amount of UAFs, overflows, etc so far is not the bottleneck.