Sub-millisecond VM sandboxes using CoW memory forking
I wanted to see how fast an isolated code sandbox could start if I never had to boot a fresh VM. So instead of launching a new microVM per execution, I boot Firecracker once with Python and numpy already loaded, then snapshot the full VM state. Every execution after that creates a new KVM VM backed by a `MAP_PRIVATE` mapping of the snapshot memory, so Linux gives me copy-on-write pages automatically. That means each sandbox starts from an already-running Python process inside a real VM, runs the code, and exits. These are real KVM VMs, not containers: separate guest kernel, separate guest memory, separate page tables. When a VM writes to memory, it gets a private copy of that page. The hard part was not CoW itself. The hard part was resuming the snapshotted VM correctly. Rust, Apache 2.0.
- Cloud Native
- Open Source
- Privacy First
✨ AI Summary
ZeroBoot is a system that creates sub-millisecond VM sandboxes by snapshotting a pre-booted Firecracker microVM with Python and libraries loaded. Each new execution forks this snapshot using copy-on-write memory mappings, providing full KVM isolation without the overhead of a fresh VM boot.
Best For
Serverless/Function-as-a-Service platforms requiring fast cold starts, High-performance code sandboxing for untrusted user code, Data science or ML workloads needing rapid, isolated Python environments
Why It Matters
It delivers near-instant VM startup with full hardware-level isolation by eliminating the boot process through memory forking of a pre-initialized snapshot.
Key Features
- Starts VM sandboxes in under a millisecond using copy-on-write memory forking
- Boots Firecracker once with Python and numpy pre-loaded, then snapshots the full VM state
- Creates new KVM VMs backed by MAP_PRIVATE mappings of snapshot memory for automatic CoW pages
- Provides real KVM VM isolation with separate guest kernels, memory, and page tables
Use Cases
- A data science platform uses this to run thousands of isolated Python data transformations for different customers. Each user's script executes in a fresh VM that starts in under a millisecond, ensuring complete isolation between jobs while maintaining the performance of a pre-warmed environment with libraries like numpy already loaded.
- A serverless computing provider adopts this technology to create function execution environments. When a function is invoked, a new microVM forks from a snapshot containing the runtime, drastically reducing cold start latency from hundreds of milliseconds to sub-millisecond times, improving user experience for latency-sensitive applications.
- A security research firm employs these sandboxes to safely execute untrusted code samples for malware analysis. Each sample runs in a fully isolated VM that starts almost instantly, allowing researchers to test thousands of variants rapidly while containing any malicious activity within the forked environment.