Remove sandbox evolving and devolving and replace it with snapshotting API. (#697)

* expose snapshots to the public API

Signed-off-by: Jorge Prendes <[email protected]>

* remove usage of devolve

Signed-off-by: Jorge Prendes <[email protected]>

* remove DevolvableSandbox trait

Signed-off-by: Jorge Prendes <[email protected]>

* Remove dead code

Signed-off-by: Jorge Prendes <[email protected]>

* replace evolving a MultiUseSandbox with persist_call_guest_function_by_name

Signed-off-by: Jorge Prendes <[email protected]>

* make all guest function calls persistent

Signed-off-by: Jorge Prendes <[email protected]>

* remove dead code

Signed-off-by: Jorge Prendes <[email protected]>

* fix examples

Signed-off-by: Jorge Prendes <[email protected]>

* Remove MultiUseGuestCallContext

Signed-off-by: Jorge Prendes <[email protected]>

* remove EvolvableSandbox trait

Signed-off-by: Jorge Prendes <[email protected]>

* remove TransitionMetadata

Signed-off-by: Jorge Prendes <[email protected]>

* remove Noop transition

Signed-off-by: Jorge Prendes <[email protected]>

* remove automatic snapshot stack

Signed-off-by: Jorge Prendes <[email protected]>

* Remove Sandbox trait

Signed-off-by: Jorge Prendes <[email protected]>

* fix formatting

Signed-off-by: Jorge Prendes <[email protected]>

* fix license header

Signed-off-by: Jorge Prendes <[email protected]>

* fix benchmark to new API

Signed-off-by: Jorge Prendes <[email protected]>

* fix formatting again

Signed-off-by: Jorge Prendes <[email protected]>

* address review comments

Signed-off-by: Jorge Prendes <[email protected]>

---------

Signed-off-by: Jorge Prendes <[email protected]>

Author: jprendes

README.md

@@ -35,8 +35,6 @@ It is followed by an example of a simple guest application using the Hyperlight
 ```rust
 use std::thread;
 
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_host::{MultiUseSandbox, UninitializedSandbox};
 
 fn main() -> hyperlight_host::Result<()> {
@@ -54,7 +52,7 @@ fn main() -> hyperlight_host::Result<()> {
     // Note: This function is unused by the guest code below, it's just here for demonstration purposes
 
     // Initialize sandbox to be able to call host functions
-    let mut multi_use_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve(Noop::default())?;
+    let mut multi_use_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve()?;
 
     // Call a function in the guest
     let message = "Hello, World! I am executing inside of a VM :)\n".to_string();

fuzz/fuzz_targets/guest_call.rs

@@ -20,8 +20,6 @@ use std::sync::{Mutex, OnceLock};
 
 use hyperlight_host::func::{ParameterValue, ReturnType};
 use hyperlight_host::sandbox::uninitialized::GuestBinary;
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_host::{MultiUseSandbox, UninitializedSandbox};
 use hyperlight_testing::simple_guest_for_fuzzing_as_string;
 use libfuzzer_sys::fuzz_target;
@@ -38,7 +36,7 @@ fuzz_target!(
         )
         .unwrap();
 
-        let mu_sbox: MultiUseSandbox = u_sbox.evolve(Noop::default()).unwrap();
+        let mu_sbox: MultiUseSandbox = u_sbox.evolve().unwrap();
         SANDBOX.set(Mutex::new(mu_sbox)).unwrap();
     },
 

fuzz/fuzz_targets/host_call.rs

@@ -20,8 +20,6 @@ use std::sync::{Mutex, OnceLock};
 
 use hyperlight_host::func::{ParameterValue, ReturnType};
 use hyperlight_host::sandbox::uninitialized::GuestBinary;
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_host::{HyperlightError, MultiUseSandbox, UninitializedSandbox};
 use hyperlight_testing::simple_guest_for_fuzzing_as_string;
 use libfuzzer_sys::fuzz_target;
@@ -37,7 +35,7 @@ fuzz_target!(
         )
         .unwrap();
 
-        let mu_sbox: MultiUseSandbox = u_sbox.evolve(Noop::default()).unwrap();
+        let mu_sbox: MultiUseSandbox = u_sbox.evolve().unwrap();
         SANDBOX.set(Mutex::new(mu_sbox)).unwrap();
     },
 

fuzz/fuzz_targets/host_print.rs

@@ -3,8 +3,6 @@
 use std::sync::{Mutex, OnceLock};
 
 use hyperlight_host::sandbox::uninitialized::GuestBinary;
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_host::{MultiUseSandbox, UninitializedSandbox};
 use hyperlight_testing::simple_guest_for_fuzzing_as_string;
 use libfuzzer_sys::{Corpus, fuzz_target};
@@ -23,7 +21,7 @@ fuzz_target!(
         )
         .unwrap();
 
-        let mu_sbox: MultiUseSandbox = u_sbox.evolve(Noop::default()).unwrap();
+        let mu_sbox: MultiUseSandbox = u_sbox.evolve().unwrap();
         SANDBOX.set(Mutex::new(mu_sbox)).unwrap();
     },
 

src/hyperlight_component_util/src/host.rs

@@ -347,7 +347,6 @@ fn emit_component<'a, 'b, 'c>(s: &'c mut State<'a, 'b>, wn: WitName, ct: &'c Com
             pub(crate) rt: ::std::sync::Arc<::std::sync::Mutex<#rtsid<T>>>,
         }
         pub(crate) fn register_host_functions<I: #ns::#import_trait + ::std::marker::Send + 'static, S: ::hyperlight_host::func::Registerable>(sb: &mut S, i: I) -> ::std::sync::Arc<::std::sync::Mutex<#rtsid<I>>> {
-            use ::hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
             let rts = ::std::sync::Arc::new(::std::sync::Mutex::new(#rtsid::new()));
             let #import_id = ::std::sync::Arc::new(::std::sync::Mutex::new(i));
             #(#imports)*
@@ -357,14 +356,12 @@ fn emit_component<'a, 'b, 'c>(s: &'c mut State<'a, 'b>, wn: WitName, ct: &'c Com
             #(#exports)*
         }
         impl #ns::#r#trait for ::hyperlight_host::sandbox::UninitializedSandbox {
-            type Exports<I: #ns::#import_trait + ::std::marker::Send> = #wrapper_name<I, ::hyperlight_host::func::call_ctx::MultiUseGuestCallContext>;
+            type Exports<I: #ns::#import_trait + ::std::marker::Send> = #wrapper_name<I, ::hyperlight_host::sandbox::initialized_multi_use::MultiUseSandbox>;
             fn instantiate<I: #ns::#import_trait + ::std::marker::Send + 'static>(mut self, i: I) -> Self::Exports<I> {
                 let rts = register_host_functions(&mut self, i);
-                let noop = ::core::default::Default::default();
-                let sb = ::hyperlight_host::sandbox_state::sandbox::EvolvableSandbox::evolve(self, noop).unwrap();
-                let cc = ::hyperlight_host::func::call_ctx::MultiUseGuestCallContext::start(sb);
+                let sb = self.evolve().unwrap();
                 #wrapper_name {
-                    sb: cc,
+                    sb,
                     rt: rts,
                 }
             }

src/hyperlight_host/benches/benchmarks.rs

@@ -19,8 +19,6 @@ use hyperlight_host::GuestBinary;
 use hyperlight_host::sandbox::{
     Callable, MultiUseSandbox, SandboxConfiguration, UninitializedSandbox,
 };
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_testing::simple_guest_as_string;
 
 fn create_uninit_sandbox() -> UninitializedSandbox {
@@ -29,7 +27,7 @@ fn create_uninit_sandbox() -> UninitializedSandbox {
 }
 
 fn create_multiuse_sandbox() -> MultiUseSandbox {
-    create_uninit_sandbox().evolve(Noop::default()).unwrap()
+    create_uninit_sandbox().evolve().unwrap()
 }
 
 fn guest_call_benchmark(c: &mut Criterion) {
@@ -38,24 +36,20 @@ fn guest_call_benchmark(c: &mut Criterion) {
     // Benchmarks a single guest function call.
     // The benchmark does **not** include the time to reset the sandbox memory after the call.
     group.bench_function("guest_call", |b| {
-        let mut call_ctx = create_multiuse_sandbox().new_call_context();
+        let mut sbox = create_multiuse_sandbox();
 
-        b.iter(|| {
-            call_ctx
-                .call::<String>("Echo", "hello\n".to_string())
-                .unwrap()
-        });
+        b.iter(|| sbox.call::<String>("Echo", "hello\n".to_string()).unwrap());
     });
 
     // Benchmarks a single guest function call.
     // The benchmark does include the time to reset the sandbox memory after the call.
-    group.bench_function("guest_call_with_reset", |b| {
-        let mut sandbox = create_multiuse_sandbox();
+    group.bench_function("guest_call_with_restore", |b| {
+        let mut sbox = create_multiuse_sandbox();
+        let snapshot = sbox.snapshot().unwrap();
 
         b.iter(|| {
-            sandbox
-                .call_guest_function_by_name::<String>("Echo", "hello\n".to_string())
-                .unwrap()
+            sbox.call::<String>("Echo", "hello\n".to_string()).unwrap();
+            sbox.restore(&snapshot).unwrap();
         });
     });
 
@@ -69,11 +63,13 @@ fn guest_call_benchmark(c: &mut Criterion) {
             .register("HostAdd", |a: i32, b: i32| Ok(a + b))
             .unwrap();
 
-        let multiuse_sandbox: MultiUseSandbox =
-            uninitialized_sandbox.evolve(Noop::default()).unwrap();
-        let mut call_ctx = multiuse_sandbox.new_call_context();
+        let mut multiuse_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve().unwrap();
 
-        b.iter(|| call_ctx.call::<i32>("Add", (1_i32, 41_i32)).unwrap());
+        b.iter(|| {
+            multiuse_sandbox
+                .call::<i32>("Add", (1_i32, 41_i32))
+                .unwrap()
+        });
     });
 
     group.finish();
@@ -99,7 +95,7 @@ fn guest_call_benchmark_large_param(c: &mut Criterion) {
             Some(config),
         )
         .unwrap();
-        let mut sandbox = sandbox.evolve(Noop::default()).unwrap();
+        let mut sandbox = sandbox.evolve().unwrap();
 
         b.iter(|| {
             sandbox
@@ -139,17 +135,6 @@ fn sandbox_benchmark(c: &mut Criterion) {
         b.iter(create_multiuse_sandbox);
     });
 
-    // Benchmarks the time to create a new sandbox and create a new call context.
-    // Does **not** include the time to drop the sandbox or the call context.
-    group.bench_function("create_sandbox_and_call_context", |b| {
-        b.iter_with_large_drop(|| create_multiuse_sandbox().new_call_context());
-    });
-
-    // Benchmarks the time to create a new sandbox, create a new call context, and drop the call context.
-    group.bench_function("create_sandbox_and_call_context_and_drop", |b| {
-        b.iter(|| create_multiuse_sandbox().new_call_context());
-    });
-
     group.finish();
 }
 

src/hyperlight_host/examples/func_ctx/main.rs

@@ -14,42 +14,28 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-use hyperlight_host::func::call_ctx::MultiUseGuestCallContext;
-use hyperlight_host::sandbox::{Callable, MultiUseSandbox, UninitializedSandbox};
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
-use hyperlight_host::{GuestBinary, Result};
+use hyperlight_host::GuestBinary;
+use hyperlight_host::sandbox::UninitializedSandbox;
 use hyperlight_testing::simple_guest_as_string;
 
 fn main() {
     // create a new `MultiUseSandbox` configured to run the `simpleguest.exe`
     // test guest binary
-    let sbox1: MultiUseSandbox = {
-        let path = simple_guest_as_string().unwrap();
-        let u_sbox = UninitializedSandbox::new(GuestBinary::FilePath(path), None).unwrap();
-        u_sbox.evolve(Noop::default())
-    }
-    .unwrap();
-
-    // create a new call context from the sandbox, then do some calls with it.
-    let ctx1 = sbox1.new_call_context();
-    let sbox2 = do_calls(ctx1).unwrap();
-    // create a new call context from the returned sandbox, then do some calls
-    // with that one
-    let ctx2 = sbox2.new_call_context();
-    do_calls(ctx2).unwrap();
-}
-
-/// Given a `MultiUseGuestCallContext` derived from an existing
-/// `MultiUseSandbox` configured to run the `simpleguest.exe` test guest
-/// binary, do several calls against that binary, print their results, then
-/// call `ctx.finish()` and return the resulting `MultiUseSandbox`. Return an `Err`
-/// if anything failed.
-fn do_calls(mut ctx: MultiUseGuestCallContext) -> Result<MultiUseSandbox> {
-    let res: String = ctx.call("Echo", "hello".to_string())?;
+    let path = simple_guest_as_string().unwrap();
+    let mut sbox = UninitializedSandbox::new(GuestBinary::FilePath(path), None)
+        .unwrap()
+        .evolve()
+        .unwrap();
+
+    // Do several calls against a sandbox running the `simpleguest.exe` binary,
+    // and print their results
+    let res: String = sbox
+        .call_guest_function_by_name("Echo", "hello".to_string())
+        .unwrap();
     println!("got Echo res: {res}");
 
-    let res: i32 = ctx.call("CallMalloc", 200_i32)?;
+    let res: i32 = sbox
+        .call_guest_function_by_name("CallMalloc", 200_i32)
+        .unwrap();
     println!("got CallMalloc res: {res}");
-    ctx.finish()
 }

src/hyperlight_host/examples/guest-debugging/main.rs

@@ -19,8 +19,6 @@ use std::thread;
 use hyperlight_host::sandbox::SandboxConfiguration;
 #[cfg(gdb)]
 use hyperlight_host::sandbox::config::DebugInfo;
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_host::{MultiUseSandbox, UninitializedSandbox};
 
 /// Build a sandbox configuration that enables GDB debugging when the `gdb` feature is enabled.
@@ -70,9 +68,8 @@ fn main() -> hyperlight_host::Result<()> {
     // Note: This function is unused, it's just here for demonstration purposes
 
     // Initialize sandboxes to be able to call host functions
-    let mut multi_use_sandbox_dbg: MultiUseSandbox =
-        uninitialized_sandbox_dbg.evolve(Noop::default())?;
-    let mut multi_use_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve(Noop::default())?;
+    let mut multi_use_sandbox_dbg: MultiUseSandbox = uninitialized_sandbox_dbg.evolve()?;
+    let mut multi_use_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve()?;
 
     // Call guest function
     let message =

src/hyperlight_host/examples/hello-world/main.rs

@@ -16,8 +16,6 @@ limitations under the License.
 #![allow(clippy::disallowed_macros)]
 use std::thread;
 
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
 use hyperlight_host::{MultiUseSandbox, UninitializedSandbox};
 
 fn main() -> hyperlight_host::Result<()> {
@@ -37,7 +35,7 @@ fn main() -> hyperlight_host::Result<()> {
     // Note: This function is unused, it's just here for demonstration purposes
 
     // Initialize sandbox to be able to call host functions
-    let mut multi_use_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve(Noop::default())?;
+    let mut multi_use_sandbox: MultiUseSandbox = uninitialized_sandbox.evolve()?;
 
     // Call guest function
     let message = "Hello, World! I am executing inside of a VM :)\n".to_string();

src/hyperlight_host/examples/logging/main.rs

@@ -18,11 +18,8 @@ extern crate hyperlight_host;
 
 use std::sync::{Arc, Barrier};
 
-use hyperlight_host::sandbox::Callable;
 use hyperlight_host::sandbox::uninitialized::UninitializedSandbox;
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
-use hyperlight_host::{GuestBinary, MultiUseSandbox, Result};
+use hyperlight_host::{GuestBinary, Result};
 use hyperlight_testing::simple_guest_as_string;
 
 fn fn_writer(_msg: String) -> Result<i32> {
@@ -48,10 +45,7 @@ fn main() -> Result<()> {
             usandbox.register_print(fn_writer)?;
 
             // Initialize the sandbox.
-
-            let no_op = Noop::<UninitializedSandbox, MultiUseSandbox>::default();
-
-            let mut multiuse_sandbox = usandbox.evolve(no_op)?;
+            let mut multiuse_sandbox = usandbox.evolve()?;
 
             // Call a guest function 5 times to generate some log entries.
             for _ in 0..5 {
@@ -81,10 +75,7 @@ fn main() -> Result<()> {
         UninitializedSandbox::new(GuestBinary::FilePath(hyperlight_guest_path.clone()), None)?;
 
     // Initialize the sandbox.
-
-    let no_op = Noop::<UninitializedSandbox, MultiUseSandbox>::default();
-
-    let mut multiuse_sandbox = usandbox.evolve(no_op)?;
+    let mut multiuse_sandbox = usandbox.evolve()?;
     let interrupt_handle = multiuse_sandbox.interrupt_handle();
     let barrier = Arc::new(Barrier::new(2));
     let barrier2 = barrier.clone();
@@ -102,10 +93,10 @@ fn main() -> Result<()> {
     // Call a function that gets cancelled by the host function 5 times to generate some log entries.
 
     for _ in 0..NUM_CALLS {
-        let mut ctx = multiuse_sandbox.new_call_context();
         barrier.wait();
-        ctx.call::<()>("Spin", ()).unwrap_err();
-        multiuse_sandbox = ctx.finish().unwrap();
+        multiuse_sandbox
+            .call_guest_function_by_name::<()>("Spin", ())
+            .unwrap_err();
     }
     thread.join().unwrap();