portable native client - llvmllvm.org/devmtg/2010-11/sehr-nativeclient.pdfhow should we handle...
TRANSCRIPT
1
Portable Native Client
David Sehr, Robert Muth, Jan Voung, David Meyer,Betul Buyukkurt, Karl Schimpf, Jason Kim, Rafael Espindola,Alan Donovan
Thursday, November 4, 2010
AgendaMotivationApproachSafe TranslationBitcode as an Interchange FormatStatusFuture Work
2
Thursday, November 4, 2010
Motivation
Thursday, November 4, 2010
A NaCl-Enabled Web Application
Thursday, November 4, 2010
A NaCl-Enabled Web Application
Native ClientHelper
Your favorite language
Thursday, November 4, 2010
A NaCl-Enabled Web Application
Native ClientHelper
Your favorite language
Screened for malicious instructions
Thursday, November 4, 2010
A NaCl-Enabled Web Application
Native ClientHelper
Your favorite language
Screened for malicious instructions
System calls moderated by a virtualized OS
Thursday, November 4, 2010
A NaCl-Enabled Web Application
Native ClientHelper
Your favorite language
Screened for malicious instructions
System calls moderated by a virtualized OS
Performance within 5% ofnative code
Thursday, November 4, 2010
Applications with NaCl
9
Lego Star Wars
Nexuiz
Darkroom demo
Thursday, November 4, 2010
Where Native Client Started
10
x86-32OSXWindows
Linux
Thursday, November 4, 2010
Where We Went Next
11
x86-32
ARM
Thursday, November 4, 2010
What Developers Want
12
x86-32
ARMx86-64
Only one porting effort
Thursday, November 4, 2010
Approach
13
Thursday, November 4, 2010
Application Life Cycle
14
app.bc
a.ccz.cc
app.so
sources
libraryinfo
lib.bc
Thursday, November 4, 2010
Application Life Cycle
15
app.bc
a.ccz.cc
app.so
sources
libraryinfo
lib.bc
Bitcode is PNaCl’s distribution format
Thursday, November 4, 2010
Client side
Native ClientHelper
http://myurl/myapp.bc
translationengine
myapp.so
NaClsandbox
ELFx86, x64, or ARM
Thursday, November 4, 2010
Translation Engine
17
in my cache?
myapp.so
translator(llvm)
myapp.bc
use cachedtranslation
savetranslation
Thursday, November 4, 2010
Translation Engine
18
in my cache?
myapp.so
translator(llvm)
myapp.bc
use cachedtranslation
savetranslation
Know the platform (uarch)
Thursday, November 4, 2010
Translation Engine
19
in my cache?
myapp.so
translator(llvm)
myapp.bc
use cachedtranslation
savetranslation
Know the platform (uarch)Can collect/use profiling data
Webpage-specific specialization
Thursday, November 4, 2010
Translation Engine
20
in my cache?
myapp.so
translator(llvm)
myapp.bc
use cachedtranslation
savetranslation
Know the platform (uarch)Can collect/use profiling data
Webpage-specific specialization
Can translate atinvocation timeinstall timeasynchronously
Thursday, November 4, 2010
Safe Translation
Thursday, November 4, 2010
Translating in a Sandbox
The translator must run in the browserMalicious bitcode files are a potential attack vector
22
Thursday, November 4, 2010
Translating in a Sandbox
The translator must run in the browserMalicious bitcode files are a potential attack vector
23
Translator phases are run as NaCl modules
Thursday, November 4, 2010
Translator
24
llc
myapp.so
myapp.bc
as
ld
today
Thursday, November 4, 2010
Translator
25
llc
myapp.so
myapp.bc
as
ld
today
llc
myapp.so
myapp.bc
what we want
Thursday, November 4, 2010
Translator
26
llc
myapp.so
myapp.bc
as
ld
today
llc
myapp.so
myapp.bc
what we want
+ MC ELF+ Bundling
+ DT_NEEDED
Thursday, November 4, 2010
Bitcode as an Interchange Format
Thursday, November 4, 2010
Target Model
Address space / data modelILP32 (sizeof(int) == sizeof(long) == sizeof(void*))sizeof(va_list) == 241GB maximum total address spaceStack pointer starts at the top of the address space
Data typesIEEE fp“natural” alignment
(e.g., double is aligned 0mod8)
Byte orderLittle Endian
28
Thursday, November 4, 2010
Target Model
C++ Exception Handlingx86-32 Linux model
varargssizeof(va_list) == 24Front end emits va_arg instruction
setjmpConsistent jmp_buf size (work in progress)
29
Thursday, November 4, 2010
Target Model
Calling conventionsBitcode file is calling convention neutralActual target convention determined by translator
Concurrency and memory modelAssume a least common denominator
Store ordering within a threadExplicit synchronization across threads
We expect people to use llvm atomic/barrier intrinsics where needed
30
Thursday, November 4, 2010
Bitcode as an Interchange Format
PNaCl will need bitcode stabilityDeveloper expects published bitcode to work forever
Download size is startup time.bc is ~3x bigger than .nexe, ~1.9x when .gz.bc is ~6x bigger than .NET
How should we handle bitcode versioning?
31
Thursday, November 4, 2010
Bitcode as an Interchange Format
PNaCl will need bitcode stabilityDeveloper expects published bitcode to work forever
Download size is startup time.bc is ~3x bigger than .nexe, ~1.9x when .gz.bc is ~6x bigger than .NET
How should we handle bitcode versioning?
32
We need your help!
Thursday, November 4, 2010
Status
33
Thursday, November 4, 2010
What’s running?
One bitcode file translates, validates, and runs on three architecturesAll of SPEC2000 int and the four C fp tests pass
The translator is sandboxedllc, as, ld runs as a NaCl module on x86-32 and 64
A few areas of portability work remainC++ exception handling on ARM is incompletesetjmp/longjmp is just coming together
34
Thursday, November 4, 2010
CodeGen Work
Control and data sandboxing on ARMRobert, Cliff
Control and data sandboxing on x86Robert, Alan, Jan, David
ILP32 on x86-64Jan, David
x86-32 and x86-64 MC ELF contributionsRafael
ARM MC ELF contributionsJason
35
Thursday, November 4, 2010
Front end work
ILP32 for x86-64Jan, DavidM
VarargsDavidM
Exception handling, setjmpRobert
36
Thursday, November 4, 2010
Future Work
37
Thursday, November 4, 2010
Directly Producing .so’s
ELF MCARM support is still incomplete
MCAssembler“Bundling” support for NaCl pseudo-instructions
.so generationSimulated linking to collect symbolsEmission work for DT_NEEDED
38
Thursday, November 4, 2010
Intrinsics and/or Assembly
One of the promises of NaCl is access to the performance that comes from hand-tuning while not sacrificing portability or safety.
How do we get to, e.g., AES instructions, etc.?How do we optimize for cache configuration, etc.?
39
Thursday, November 4, 2010
Other future work
ClangOther languages that could target bitcode
.NET/Mono, ...
JIT supportPerformance
feedback directed optimization, ...
Bitcode sizeTranslation time
40
Thursday, November 4, 2010
Want to Learn More?
http://www.chromium.org/nativeclient(Follow Portable Native Client link)
http://code.google.com/p/nativeclient
41
Thursday, November 4, 2010