[LLVMdev] LLVM based Virtual Machine "Environment" idea sanity check.
autodmc at autodmclabs.com
Tue Sep 5 22:29:20 PDT 2006
> If you don't mind my asking, can you tell us a little more about your
> overall goal for this project?
> I can't really give any
> feedback on which is more appropriate until I know more about the
> constraints of your project.
> -- John T.
Hopefully I can explain my project more fully (without being too wordy):
"CRAZY CRACKPOT IDEA"
What I want to do is create an idealized "processing node." This
virtual machine would include:
1) A processing core
2) Access to "permanent storage"
3) Access to a "Network device"
With any luck, you should be able to run this virtual "processing node"
on an old Pentium II, on a Apple G3, on a soon-to-be-extinct PS2
(because everyone'll be selling them to get the PS3), on a Gumstix
Waysmall computer... basically anything that you can get your hands on.
Each of the computers above would run the "idealized processing node" in
their native operating system.
An outside observer would see a group of heterogeneous computers
networked with each other through the internet.
An "inside" observer would see a group of homogeneous "processing nodes"
networked with each other through Jabber (see below).
"WHAT I WANT TO USE"
I'd like to use LLVM for the Processing Core part of this "idealized
processing node." This would allow me to exploit the programming
language frontends available and the optimizing and JIT compiling
abilities on the backend. The key here is that the "node operator"
might want to help a project, but might not want to fully trust the code
for the project. For example, if I run Folding at home, I have to fully
trust the programmers of the Folding at home client... trust that they
haven't hidden something evil in their program, or have a hidden
vulnerability that hurts me.
However, if the Folding at home process was running in a virtual machine,
they could run just about any code they wanted in it, without me having
to worry (in general). Of course, this is where JIT compiling should
help out... Basically, the process should have access to the computing
abilities of the host... but no access to any of the hosts actual
hardware devices. As far as this hypothetical Folding at home process is
concerned... it's running directly on a simple LLVM processor with a
hard drive and a NIC... that's it.
Also, the Folding at home team has to be able to handle multiple operating
system's way of handling files and permissions. My "processing node"
would give them a complete "raw hard drive" that they could write to,
without worrying about permissions. They could use whatever data
storage scheme they found useful, and I would know that no matter what
they wrote, they couldn't clobber any of MY data. Worst case, their
hard drive image could fill my physical hard drive... but that can be
remedied in the somewhat harsh but forceful way of killing the offending
process and deleting their hard drive image.
As for Networking... I was thinking of using something high level, like
Jabber. While Jabber was designed for instant messenging... it could
easily be used for "interprocess communication." The hypothetical
Folding at home client would contact "ProjectManager at foldingathome.org" to
get it's data. The processing node's "Jabber ID" would be something
like "node at domain/foldingathome". The server could send updates to the
node, and the node could send updates to the server... all without
worrying about "IP addresses."
The general all around idea *from the user's side* is to make a way for
a node to be able to run trusted/untrusted code as fast as possible in
as safe a way as possible.
The general all around idea *from the project developer's side* is to
have a system that allows the developer to write one version of a client
and run it on as many "virtual processing nodes" as possible.
The general all around idea *from the point of view of the program being
run* is that it's the only process running on top of very simple
"hardware"... a LLVM processor, a hard drive, and a NIC that speaks Jabber.
My goal is to write the blank-slate VM that is as simple and powerful as
possible... and let the application writers string the "processing
nodes" up how they want. If they want a more complex Interprocess
Communication... they can write it on top of the
plain-text-through-Jabber protocol (maybe with XML or YAML or something
even more exciting). Or they can write a library that makes a full UNIX
style file system on top of my raw-block "hard drive." They can make
the nodes run single file or in a tree or any way they want... I'm just
building the "hardware platform."
As for the "processing node" itself... the user can kill it, or restart
it if it seems to have become "hung..." or the server requesting the
processing job could ask to have it's job reset or killed. The most
important thing is that a badly written program can "nuke" and "crash"
the VM, but it shouldn't "nuke" or "crash" the host computer.
This is where I'm stumped... how can I use LLVM inside my "simplified
processing node," allowing it only access to my "virtual devices,"
getting it to run "as fast as possible" with as little possibility of it
clobbering the host computer should something untoward happen to the
LLVM code? I'm still sifting through the documentation and feel like
I'm 90% there to understanding out LLVM works as a Virtual Machine, and
not a Compiler backend or Intermediate Language. Or, if LLVM isn't my
"perfect match," where should I look?
+----+ Shawn Boles +------+/
/( )/| "Chief Engineer" | \/
+----+ + AutoDMC Labs |Cert. |
|oooo|/ |Video |
+----+ autodmc at autodmclabs.com +------+
More information about the llvm-dev