frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Show HN: Sub-millisecond VM sandboxes using CoW memory forking

https://github.com/adammiribyan/zeroboot
63•adammiribyan•13h ago
I wanted to see how fast an isolated code sandbox could start if I never had to boot a fresh VM.

So instead of launching a new microVM per execution, I boot Firecracker once with Python and numpy already loaded, then snapshot the full VM state. Every execution after that creates a new KVM VM backed by a `MAP_PRIVATE` mapping of the snapshot memory, so Linux gives me copy-on-write pages automatically.

That means each sandbox starts from an already-running Python process inside a real VM, runs the code, and exits.

These are real KVM VMs, not containers: separate guest kernel, separate guest memory, separate page tables. When a VM writes to memory, it gets a private copy of that page.

The hard part was not CoW itself. The hard part was resuming the snapshotted VM correctly.

Rust, Apache 2.0.

Comments

handfuloflight•2h ago
Can you run this in another sandbox? Not sure why you'd want to... but can you?
wmf•1h ago
It's pretty common to run VMs within containers so an attacker has to escape twice. You can probably disable 99% of system calls.
Teknoman117•1h ago
Nested page tables / nested virtualization made it to consumer CPUs about a decade ago, so yes :)
vmg12•1h ago
Does it only work with that specific version of firecracker and only with vms with 1 vcpu?

More than the sub ms startup time the 258kb of ram per VM is huge.

jauntywundrkind•1h ago
Mods: can we merge with https://news.ycombinator.com/item?id=47412812?
crawshaw•1h ago
Nice to see this work! I experimented with this for exe.dev before we launched. The VM itself worked really well, but there was a lot of setup to get the networking functioning. And in the end, our target are use cases that don't mind a ~1-second startup time, which meant doing a clean systemd start each time was easier.

That said, I have seen several use cases where people want a VM for something minimal, like a python interpreter, and this is absolutely the sort of approach they should be using. Lot of promise here, excited to see how far you can push it!

indigodaddy•48m ago
simonw seems like he's always wanting what you describe, maybe more for wasm though
diptanu•1h ago
The tricky part of doing this in production is cloning sandboxes across nodes. You would have to snapshot the resident memory, file system (or a CoW layer on top of the rootfs), move the data across nodes, etc.
indigodaddy•45m ago
Is this relevant?

https://codesandbox.io/blog/how-we-clone-a-running-vm-in-2-s...

buckle8017•51m ago
This is how android processes work, but it's a security problem breaking some ASLR type things.
indigodaddy•49m ago
Your write-up made me think of:

https://codesandbox.io/blog/how-we-clone-a-running-vm-in-2-s...

Are there parallels?

indigodaddy•46m ago
Does this need passthrough or might we be able to leverage PVM with it on a passthrough-less cloud VM/VPS?
cperciva•41m ago
Don't forget about entropy! You've just created two identical copies of all of your random number generators, which could be very very bad for security.

The firecracker team wrote a very good paper about addressing this when they added snapshot support.

latortuga•2m ago
[delayed]

Show HN: Sub-millisecond VM sandboxes using CoW memory forking

https://github.com/adammiribyan/zeroboot
63•adammiribyan•13h ago•14 comments

Show HN: Fatal Core Dump – A debugging murder mystery played with GDB

https://www.robopenguins.com/fatal_core_dump/
33•axlan•4d ago•1 comments

Show HN: I built an interactive 3D three-body problem simulator in the browser

https://structuredlabs.github.io/threebodyproblem/
27•amrutha_•4d ago•12 comments

Show HN: Horizon – GPU-accelerated infinite-canvas terminal in Rust

https://github.com/peters/horizon
57•petersunde•8h ago•22 comments

Show HN: Crust – A CLI framework for TypeScript and Bun

https://github.com/chenxin-yan/crust
70•jellyotsiro•22h ago•30 comments

Show HN: March Madness Bracket Challenge for AI Agents Only

https://www.Bracketmadness.ai
59•bwade818•13h ago•39 comments

Show HN: Antfly: Distributed, Multimodal Search and Memory and Graphs in Go

https://github.com/antflydb/antfly
81•kingcauchy•11h ago•34 comments

Show HN: Claude Code skills that build complete Godot games

https://github.com/htdt/godogen
299•htdt•1d ago•191 comments

Show HN: Oxyde – Pydantic-native async ORM with a Rust core

https://github.com/mr-fatalyst/oxyde
152•mr_Fatalyst•4d ago•79 comments

Show HN: CodeLedger – deterministic context and guardrails for AI

https://codeledger.dev
2•ashmivante•3h ago•0 comments

Show HN: I built a message board where you pay to be the homepage

https://saythat.sh
11•SayThatSh•14h ago•8 comments

Show HN: Thermal Receipt Printers – Markdown and Web UI

https://github.com/sadreck/ThermalMarky
113•howlett•4d ago•45 comments

Show HN: Soros – AI for geopolitical macro investing

https://www.asksoros.com
7•muggermuch•5h ago•7 comments

Show HN: Grape – AI note taking app

https://grape.cool
3•ozgrozer•6h ago•1 comments

Show HN: Droeftoeter, a Terminal Coding Toy

https://github.com/whtspc/droeftoeter
31•whtspc64•4d ago•6 comments

Show HN: A 4-layer self-audit system for AI behavioral evolution

https://github.com/oscarsterling/reasoning-loop
4•jhaugh•6h ago•0 comments

Show HN: Zeroboot – sub-millisecond VM sandboxes using CoW memory forking

https://github.com/adammiribyan/zeroboot
16•adammiribyan•12h ago•8 comments

Show HN: Sulcus Reactive AI Memory

https://sulcus.dforge.ca
4•mcdoolz•7h ago•0 comments

Show HN: TerraShift: What does +2°C (or -20°C) look like on Earth?

https://terrashift.io
4•ttruett•7h ago•2 comments

Show HN: M68k assembly emulator that runs in the browser

https://github.com/gianlucarea/m68k-interpreter
13•aldino97•16h ago•2 comments

Show HN: Flowershow Publish Markdown in seconds. Hosted, free, zero config

https://flowershow.app/
5•rufuspollock•9h ago•0 comments

Show HN: Mech keyboard sounds driven by a hidden accelerometer in MacBooks

https://www.haptyk.com/
5•olvvier•9h ago•1 comments

Show HN: Hackerbrief – Top posts on Hacker News summarized daily

https://hackerbrief.vercel.app/
74•p0u4a•1d ago•46 comments

Show HN: Signet – Autonomous wildfire tracking from satellite and weather data

https://signet.watch
123•mapldx•2d ago•32 comments

Show HN: FireClaw – Open-source proxy defending AI agents from prompt injection

https://github.com/raiph-ai/fireclaw
4•raiph_ai•10h ago•6 comments

Show HN: GDSL – 800 line kernel: Lisp subset in 500, C subset in 1300

https://firthemouse.github.io/
89•FirTheMouse•2d ago•20 comments

Show HN: Hecate – Call an AI from Signal

https://github.com/rhodey/hecate
24•rhodey•1d ago•3 comments

Show HN: Updated version of my interactive Middle-Earth map

https://github.com/Jean-Tinland/middle-earth/
3•jetin•10h ago•0 comments

Show HN: F0lkl0r3.dev – a searchable, interlinked map of computing history

https://f0lkl0r3.dev
2•dynamicwebpaige•10h ago•0 comments

Show HN: Unsloth Studio - Local Fine-tuning, Chat UI

https://github.com/unslothai/unsloth
7•danielhanchen•11h ago•2 comments