LLVM Image Activator

Konstantin Belousov kostikbel at gmail.com
Mon Jan 7 17:24:40 UTC 2013 

On Mon, Jan 07, 2013 at 09:36:38AM -0500, John Baldwin wrote:
> On Sunday, January 06, 2013 01:02:21 PM Nathan Whitehorn wrote:
> > Having LLVM/clang in the base system lets us do some interesting things
> > that we couldn't do with GCC. One is that LLVM ships with a JIT for LLVM
> > IR as well as components of a toolchain for it (this is what Google's
> > pNACL uses) and that you can end up producing binary files that are in
> > IR instead of native code. The IR isn't really cross-platform, but does
> > let you do CPU-specific optimizations when executed by the JIT, etc.
> > 
> > The attached patch causes the LLVM JIT (lli) to be built by default
> > (adding ~20 seconds to buildworld on my five-year-old laptop) and adds a
> > kernel image activator that invokes it when passed LLVM bitcode files.
> > It's not completely finished (see the XXX comment in the middle), but it
> > does work, as follows:
> > 
> > $ clang -emit-llvm -c -o hw.ll hw.c
> > $ file hw.ll
> > hw.ll: LLVM bitcode
> > $ lli hw.ll
> > Hello world!
> > $ chmod a+x hw.ll
> > $ ./hw.ll
> > Hello world!
> > $
> > 
> > Is there any interest in having features like this? It seems like this
> > could provides some interesting possibilities for us and nice
> > integration from having imported clang into base.
> > -Nathan
> 
> This sounds neat indeed.  Does the IR format provide any sort of notation for 
> encoding the path to the interpreter (similar to ELF)?  If not, you might want 
> to at least make the path to 'lli' be configurable via a tunable and/or sysctl 
> (e.g. if using a newer version of clang in /usr/local).

I do not like one-purpose write-once never-used image activators.
I still do remember the buzz about the binary format 0xCAFEBABE, which
AFAIR gained image activator support on several OSes, to be garbage
collected.

For one thing, such hacks are very system-specific and thus are never
used, causing quick bit rot. Second, more important, is that parsing
of yet another format opens an attack vector on kernel, and due to the
nature of the activators, on the user space.

Look at the PE image activator history, including at least one SA, to
see what I mean. And PE is real image format instead of hack. Even for
ELF, there were recent panic-level bugs.

Note that several language runtimes are happy to use the shebang for
bytecode. For examples, look at the ocaml and lisps.

If adding despite these arguments, please do not make the thing 'standard'.
Provide the option to compile it in, and may be make it a module.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-toolchain/attachments/20130107/89c210f7/attachment.sig>

More information about the freebsd-toolchain mailing list