Updates for the latest hypleright version (#24)

Signed-off-by: Simon Davies <simongdavies@users.noreply.github.com>

Author: simongdavies

Cargo.lock

@@ -11,10 +11,10 @@ repository = "https://github.com/hyperlight-dev/hyperlight-js"
 readme = "README.md"
 
 [workspace.dependencies]
-hyperlight-common = { version = "0.12",  default-features = false }
-hyperlight-guest-bin = { version = "0.12" }
-hyperlight-guest = { version = "0.12" }
-hyperlight-host = { version = "0.12", default-features = false, features = ["executable_heap", "init-paging"] }
+hyperlight-common = { git = "https://github.com/hyperlight-dev/hyperlight", rev = "620339aa95d508e8cbd1d38b4374f09090aade7b", default-features = false }
+hyperlight-guest-bin = { git = "https://github.com/hyperlight-dev/hyperlight", rev = "620339aa95d508e8cbd1d38b4374f09090aade7b" }
+hyperlight-guest = { git = "https://github.com/hyperlight-dev/hyperlight", rev = "620339aa95d508e8cbd1d38b4374f09090aade7b" }
+hyperlight-host = { git = "https://github.com/hyperlight-dev/hyperlight", rev = "620339aa95d508e8cbd1d38b4374f09090aade7b", default-features = false, features = ["executable_heap", "init-paging"] }
 hyperlight-js = { version = "0.1.1", path = "src/hyperlight-js" }
 hyperlight-js-runtime = { version = "0.1.1", path = "src/hyperlight-js-runtime" }
 

Cargo.toml

@@ -197,7 +197,7 @@ fn handle_events_benchmark(c: &mut Criterion) {
                     let start = Instant::now();
                     let _ =
                         loaded_js_sandbox.handle_event("function1", event.to_string(), Some(gc));
-                    loaded_js_sandbox.restore(&snapshot).unwrap();
+                    loaded_js_sandbox.restore(snapshot.clone()).unwrap();
                     elapsed += start.elapsed();
                 }
             }

src/hyperlight-js/benches/benchmarks.rs

@@ -114,7 +114,7 @@ fn main() -> Result<()> {
 
     // Demonstrate recovery from poisoned state
     println!("\n📸 Restoring sandbox from snapshot...");
-    loaded_sandbox.restore(&snapshot)?;
+    loaded_sandbox.restore(snapshot)?;
 
     println!("🔒 Poisoned after restore: {}", loaded_sandbox.poisoned());
     assert!(

src/hyperlight-js/examples/interrupt/main.rs

@@ -15,6 +15,7 @@ limitations under the License.
 */
 use std::collections::HashMap;
 use std::fmt::Debug;
+use std::sync::Arc;
 
 use hyperlight_host::sandbox::snapshot::Snapshot;
 use hyperlight_host::{new_error, MultiUseSandbox, Result};
@@ -30,7 +31,7 @@ pub struct JSSandbox {
     handlers: HashMap<String, Script>,
     // Snapshot of state before any handlers are added.
     // This is used to restore state back to a neutral JSSandbox.
-    snapshot: Snapshot,
+    snapshot: Arc<Snapshot>,
     // metric drop guard to manage sandbox metric
     _metric_guard: SandboxMetricsGuard<JSSandbox>,
 }
@@ -48,8 +49,11 @@ impl JSSandbox {
     }
 
     /// Creates a new `JSSandbox` from a `MultiUseSandbox` and a `Snapshot` of state before any handlers were added.
-    pub(crate) fn from_loaded(mut loaded: MultiUseSandbox, snapshot: Snapshot) -> Result<Self> {
-        loaded.restore(&snapshot)?;
+    pub(crate) fn from_loaded(
+        mut loaded: MultiUseSandbox,
+        snapshot: Arc<Snapshot>,
+    ) -> Result<Self> {
+        loaded.restore(snapshot.clone())?;
         Ok(Self {
             inner: loaded,
             handlers: HashMap::new(),

src/hyperlight-js/src/sandbox/js_sandbox.rs

@@ -36,7 +36,7 @@ pub struct LoadedJSSandbox {
     inner: MultiUseSandbox,
     // Snapshot of state before the sandbox was loaded and before any handlers were added.
     // This is used to restore state back to a JSSandbox.
-    snapshot: Snapshot,
+    snapshot: Arc<Snapshot>,
     // metric drop guard to manage sandbox metric
     _metric_guard: SandboxMetricsGuard<LoadedJSSandbox>,
 }
@@ -57,7 +57,7 @@ impl Drop for MonitorTask {
 
 impl LoadedJSSandbox {
     #[instrument(err(Debug), skip_all, level=Level::INFO)]
-    pub(super) fn new(inner: MultiUseSandbox, snapshot: Snapshot) -> Result<LoadedJSSandbox> {
+    pub(super) fn new(inner: MultiUseSandbox, snapshot: Arc<Snapshot>) -> Result<LoadedJSSandbox> {
         metrics::counter!(METRIC_SANDBOX_LOADS).increment(1);
         Ok(LoadedJSSandbox {
             inner,
@@ -107,13 +107,13 @@ impl LoadedJSSandbox {
     /// Take a snapshot of the the current state of the sandbox.
     /// This can be used to restore the state of the sandbox later.
     #[instrument(err(Debug), skip_all, level=Level::DEBUG)]
-    pub fn snapshot(&mut self) -> Result<Snapshot> {
+    pub fn snapshot(&mut self) -> Result<Arc<Snapshot>> {
         self.inner.snapshot()
     }
 
     /// Restore the state of the sandbox to a previous snapshot.
     #[instrument(err(Debug), skip_all, level=Level::DEBUG)]
-    pub fn restore(&mut self, snapshot: &Snapshot) -> Result<()> {
+    pub fn restore(&mut self, snapshot: Arc<Snapshot>) -> Result<()> {
         self.inner.restore(snapshot)?;
         Ok(())
     }
@@ -417,7 +417,7 @@ mod tests {
         assert_eq!(response_json["count"], 3);
 
         // Restore the snapshot
-        loaded_js_sandbox.restore(&snapshot).unwrap();
+        loaded_js_sandbox.restore(snapshot.clone()).unwrap();
 
         // Handle the event again, should reset to initial state
         let result = loaded_js_sandbox
@@ -447,7 +447,7 @@ mod tests {
             .unwrap_err();
 
         // restore to snapshot before unload/reload
-        reloaded_js_sandbox.restore(&snapshot).unwrap();
+        reloaded_js_sandbox.restore(snapshot.clone()).unwrap();
         // handler should be available again
         let result = reloaded_js_sandbox
             .handle_event("handler", get_static_counter_event(), gc)

src/hyperlight-js/src/sandbox/loaded_js_sandbox.rs

@@ -16,8 +16,8 @@ limitations under the License.
 #[cfg(target_os = "linux")]
 use std::time::Duration;
 
-use hyperlight_host::sandbox::{is_hypervisor_present, SandboxConfiguration};
-use hyperlight_host::{GuestBinary, HyperlightError, Result};
+use hyperlight_host::sandbox::SandboxConfiguration;
+use hyperlight_host::{is_hypervisor_present, GuestBinary, HyperlightError, Result};
 
 use super::proto_js_sandbox::ProtoJSSandbox;
 use crate::HostPrintFn;
@@ -28,16 +28,35 @@ pub struct SandboxBuilder {
     host_print_fn: Option<HostPrintFn>,
 }
 
-const MIN_STACK_SIZE: u64 = 256 * 1024;
-// The minimum heap size is 4096KB.
+/// The minimum scratch size for the JS runtime sandbox.
+///
+/// The scratch region provides writable physical memory for:
+///   - I/O buffers (input + output data)
+///   - Page table copies (proportional to snapshot size — our ~13 MB guest
+///     binary + heap produce ~72 KiB of page tables)
+///   - Dynamically allocated pages (GDT/IDT, stack growth, Copy-on-Write
+///     resolution during QuickJS initialisation)
+///   - Exception stack and metadata (2 pages at the top)
+///
+/// Hyperlight's default scratch (288 KiB) is far too small for the JS
+/// runtime guest: after fixed overheads there are only ~44 free pages,
+/// which are exhausted during init.  1 MiB (0x10_0000) matches
+/// hyperlight's own "large guest" test configuration and gives
+/// comfortable headroom.
+const MIN_SCRATCH_SIZE: usize = 0x10_0000; // 1 MiB
+
+/// The minimum heap size is 4 MiB.  The QuickJS engine needs a
+/// reasonable amount of heap during initialisation for builtins,
+/// global objects, and the bytecode compiler.  This lives in the
+/// identity-mapped snapshot region (NOT scratch).
 const MIN_HEAP_SIZE: u64 = 4096 * 1024;
 
 impl SandboxBuilder {
     /// Create a new SandboxBuilder
     pub fn new() -> Self {
         let mut config = SandboxConfiguration::default();
-        config.set_stack_size(MIN_STACK_SIZE);
         config.set_heap_size(MIN_HEAP_SIZE);
+        config.set_scratch_size(MIN_SCRATCH_SIZE);
 
         Self {
             config,
@@ -67,13 +86,14 @@ impl SandboxBuilder {
         self
     }
 
-    /// Set the guest stack size
-    /// This is the size of the stack that code executing in the guest can use.
-    /// If this value is too small then the guest will fail with a stack overflow error
-    /// The default value (and minimum) is set to the value of the MIN_STACK_SIZE const.
-    pub fn with_guest_stack_size(mut self, guest_stack_size: u64) -> Self {
-        if guest_stack_size > MIN_STACK_SIZE {
-            self.config.set_stack_size(guest_stack_size);
+    /// Set the guest scratch size in bytes.
+    /// The scratch region provides writable memory for the guest, including the
+    /// dynamically-sized stack. Increase this if your guest code needs deep
+    /// recursion or large local variables.
+    /// Values smaller than the default (288KiB) are ignored.
+    pub fn with_guest_scratch_size(mut self, guest_scratch_size: usize) -> Self {
+        if guest_scratch_size > MIN_SCRATCH_SIZE {
+            self.config.set_scratch_size(guest_scratch_size);
         }
         self
     }

src/hyperlight-js/src/sandbox/sandbox_builder.rs

@@ -112,7 +112,7 @@ fn wall_clock_monitor_sandbox_recovers_with_restore() {
     assert!(loaded.poisoned(), "Should be poisoned after kill");
 
     // Restore from snapshot
-    loaded.restore(&snapshot).unwrap();
+    loaded.restore(snapshot.clone()).unwrap();
     assert!(!loaded.poisoned(), "Should not be poisoned after restore");
 
     // Should be able to run again
@@ -177,7 +177,7 @@ fn cpu_time_monitor_sandbox_recovers_with_restore() {
     assert!(loaded.poisoned(), "Should be poisoned after kill");
 
     // Restore from snapshot
-    loaded.restore(&snapshot).unwrap();
+    loaded.restore(snapshot.clone()).unwrap();
     assert!(!loaded.poisoned(), "Should not be poisoned after restore");
 
     // Should be able to run again
@@ -252,7 +252,7 @@ fn tuple_monitor_sandbox_recovers_with_restore() {
     assert!(loaded.poisoned(), "Should be poisoned after kill");
 
     // Restore and verify recovery
-    loaded.restore(&snapshot).unwrap();
+    loaded.restore(snapshot.clone()).unwrap();
     assert!(!loaded.poisoned(), "Should not be poisoned after restore");
 
     let monitor2 = (

src/hyperlight-js/tests/monitors.rs

@@ -107,7 +107,7 @@ fn handle_termination() -> Result<()> {
     );
 
     // Restore the sandbox from snapshot
-    loaded_sandbox.restore(&snapshot)?;
+    loaded_sandbox.restore(snapshot)?;
 
     // Verify sandbox is no longer poisoned after restore
     assert!(

src/hyperlight-js/tests/termination.rs

@@ -50,15 +50,15 @@ Creates and configures a new sandbox.
 
 **Methods:**
 - `setHeapSize(bytes: number)` → `this` — Set guest heap size (must be > 0, chainable)
-- `setStackSize(bytes: number)` → `this` — Set guest stack size (must be > 0, chainable)
+- `setScratchSize(bytes: number)` → `this` — Set guest scratch size, includes stack (must be > 0, chainable)
 - `setInputBufferSize(bytes: number)` → `this` — Set guest input buffer size (must be > 0, chainable)
 - `setOutputBufferSize(bytes: number)` → `this` — Set guest output buffer size (must be > 0, chainable)
 - `build()` → `Promise<ProtoJSSandbox>` — Builds a proto sandbox ready to load the JavaScript runtime
 
 ```javascript
 const builder = new SandboxBuilder()
     .setHeapSize(8 * 1024 * 1024)
-    .setStackSize(512 * 1024);
+    .setScratchSize(1024 * 1024);
 const protoSandbox = await builder.build();
 ```
 
@@ -237,9 +237,8 @@ All errors thrown by the API include a `code` property for programmatic handling
 |------|---------|
 | `ERR_INVALID_ARG` | Bad argument (empty handler name, zero timeout, etc.) |
 | `ERR_CONSUMED` | Object already consumed (e.g., calling `loadRuntime()` twice) |
-| `ERR_POISONED` | Sandbox is in an inconsistent state (after timeout kill, guest abort, etc.) — restore from snapshot or unload |
+| `ERR_POISONED` | Sandbox is in an inconsistent state (after timeout kill, guest abort, stack overflow, etc.) — restore from snapshot or unload |
 | `ERR_CANCELLED` | Execution was cancelled (by monitor timeout or manual `kill()`) |
-| `ERR_STACK_OVERFLOW` | Guest code caused a stack overflow |
 | `ERR_GUEST_ABORT` | Guest code aborted |
 | `ERR_INTERNAL` | Unexpected internal error |
 
@@ -251,8 +250,8 @@ try {
         case 'ERR_CANCELLED':
             console.log('Execution was cancelled');
             break;
-        case 'ERR_STACK_OVERFLOW':
-            console.log('Stack overflow in guest code');
+        case 'ERR_POISONED':
+            console.log('Sandbox is poisoned (e.g. stack overflow, timeout)');
             break;
         default:
             console.log(`Unexpected error [${error.code}]: ${error.message}`);