Comment by sph
1 month ago
After years of wondering what the post-UNIX paradigm of computing could look like, these past few months I've been prototyping a software platform built around capabilities and message passing, targeting Linux and bare-metal RISC-V. The big ideas I'm pursuing is a stackless design running on a flat address space with lightweight processes to minimize message-passing latency, and all the benefits of capabilities so every process is sandboxed and has only access to capabilities they have been explicitly passed via message passing.
I've also built a RISC-V emulator to integrate with this platform, so eventually it'll be able to run native binaries written in any language, completely sandboxed, completely built around message-passing. Basically a native, low-level BEAM-like platform to build an entire operating system and user-space.
While my day job is writing boring applications, this is the stuff that keeps me awake at night, and I would love so much to talk and write more about this, about the trial-and-errors I'm facing, but it's still so much in flux every week I'm exploring a new approach. Most of my work has been around the stackless scheduler, and I have a plan to achieve preemption for long-running or misbehaved tasks without having to compromise on memory usage (i.e. without giving each process its own stack and allocate memory for context switching).
Eventually I'd like to layer on top either Cap'n Proto or another high-performance serialisation system to create a distributed, introspectable environment of object-capabilities that are sending typed messages between each other, achieving the ultimate goal of creating an unholy hybrid between Smalltalk and the Erlang VM.
God, how I wish I was paid to work on this type of problems :-)
If this sounds close to your area of interests, please send me an email and I’d love to chat.
Are you aware of CHERI? And Singularity from Microsoft Research?
The end goal is to provide user-space memory isolation on CHERI-enabled hardware, where I won't need the RISC-V VM/sandbox any more. Anything as long as I can run on a flat address space and not have to waste countless CPU cycles swapping out page tables every message send. I admit my knowledge of CHERI is superficial and have not spent too much time reading the specs until I can play with off-the-shelf CPUs that support it.
Singularity/Midori from MS Research have a lot of good ideas but I feel we don't completely have to compromise forcing a managed environment or language in userspace. I want to run native binaries in this platform, which of course would look a bit different than one is used to (no _entry, no dedicated stack, just a message handler that's called directly by the scheduler, no concept of syscall, just sending messages to a capability)
> how I wish I was paid to work on this type of problems
Did you apply for funding? Any subsidies?
When the code is ready to be opened and I have settled for a design; right now it's very much in flux and I want to see where the vision takes me, and which challenges I encounter along the way.
I'd like to apply for funding by the end of this year, when I'll have saved enough money from contracting to dedicate myself fully to this project.
From my experience I never felt "ready enough" to apply. I also underestimated, despite knowing how slow the process would be, the time required not to submit a proposal for funding but how long it would take to receive an answer. Consequently I recommend you start "too early".
2 replies →