Update guest-side error handling

- Update guest/host_comm.rs to use new Result-like return values
- Update guest_bin/call.rs to properly handle host function errors
- Update guest_bin/lib.rs to remove obsolete error handling import and make GUEST_HANDLE public (for use in C-API)
- Update guest_capi/error.rs to support new error types

Signed-off-by: Ludvig Liljenberg <[email protected]>

Author: ludfjig

src/hyperlight_guest/src/guest_handle/host_comm.rs

@@ -22,9 +22,9 @@ use core::slice::from_raw_parts;
 use flatbuffers::FlatBufferBuilder;
 use hyperlight_common::flatbuffer_wrappers::function_call::{FunctionCall, FunctionCallType};
 use hyperlight_common::flatbuffer_wrappers::function_types::{
-    ParameterValue, ReturnType, ReturnValue,
+    FunctionCallResult, ParameterValue, ReturnType, ReturnValue,
 };
-use hyperlight_common::flatbuffer_wrappers::guest_error::{ErrorCode, GuestError};
+use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode;
 use hyperlight_common::flatbuffer_wrappers::guest_log_data::GuestLogData;
 use hyperlight_common::flatbuffer_wrappers::guest_log_level::LogLevel;
 use hyperlight_common::flatbuffer_wrappers::host_function_details::HostFunctionDetails;
@@ -68,18 +68,24 @@ impl GuestHandle {
     /// internally to get the return value.
     #[hyperlight_guest_tracing::trace_function]
     pub fn get_host_return_value<T: TryFrom<ReturnValue>>(&self) -> Result<T> {
-        let return_value = self
-            .try_pop_shared_input_data_into::<ReturnValue>()
-            .expect("Unable to deserialize a return value from host");
-        T::try_from(return_value).map_err(|_| {
-            HyperlightGuestError::new(
-                ErrorCode::GuestError,
-                format!(
-                    "Host return value was not a {} as expected",
-                    core::any::type_name::<T>()
-                ),
-            )
-        })
+        let inner = self
+            .try_pop_shared_input_data_into::<FunctionCallResult>()
+            .expect("Unable to deserialize a return value from host")
+            .into_inner();
+
+        match inner {
+            Ok(ret) => T::try_from(ret).map_err(|_| {
+                let expected = core::any::type_name::<T>();
+                HyperlightGuestError::new(
+                    ErrorCode::UnsupportedParameterType,
+                    format!("Host return value could not be converted to expected {expected}",),
+                )
+            }),
+            Err(e) => Err(HyperlightGuestError {
+                kind: e.code,
+                message: e.message,
+            }),
+        }
     }
 
     /// Call a host function without reading its return value from shared mem.
@@ -148,22 +154,6 @@ impl GuestHandle {
             .expect("Failed to convert buffer to HostFunctionDetails")
     }
 
-    /// Write an error to the shared output data buffer.
-    #[hyperlight_guest_tracing::trace_function]
-    pub fn write_error(&self, error_code: ErrorCode, message: Option<&str>) {
-        let guest_error: GuestError = GuestError::new(
-            error_code,
-            message.map_or("".to_string(), |m| m.to_string()),
-        );
-        let guest_error_buffer: Vec<u8> = (&guest_error)
-            .try_into()
-            .expect("Invalid guest_error_buffer, could not be converted to a Vec<u8>");
-
-        if let Err(e) = self.push_shared_output_data(&guest_error_buffer) {
-            panic!("Unable to push guest error to shared output data: {:#?}", e);
-        }
-    }
-
     /// Log a message with the specified log level, source, caller, source file, and line number.
     #[hyperlight_guest_tracing::trace_function]
     pub fn log_message(

src/hyperlight_guest_bin/src/guest_function/call.rs

@@ -17,9 +17,10 @@ limitations under the License.
 use alloc::format;
 use alloc::vec::Vec;
 
+use flatbuffers::FlatBufferBuilder;
 use hyperlight_common::flatbuffer_wrappers::function_call::{FunctionCall, FunctionCallType};
-use hyperlight_common::flatbuffer_wrappers::function_types::ParameterType;
-use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode;
+use hyperlight_common::flatbuffer_wrappers::function_types::{FunctionCallResult, ParameterType};
+use hyperlight_common::flatbuffer_wrappers::guest_error::{ErrorCode, GuestError};
 use hyperlight_guest::error::{HyperlightGuestError, Result};
 use hyperlight_guest::exit::halt;
 
@@ -81,10 +82,12 @@ pub(crate) fn call_guest_function(function_call: FunctionCall) -> Result<Vec<u8>
 
 // This function is marked as no_mangle/inline to prevent the compiler from inlining it , if its inlined the epilogue will not be called
 // and we will leak memory as the epilogue will not be called as halt() is not going to return.
+//
+// This function may panic, as we have no other ways of dealing with errors at this level
 #[unsafe(no_mangle)]
 #[inline(never)]
 #[hyperlight_guest_tracing::trace_function]
-fn internal_dispatch_function() -> Result<()> {
+fn internal_dispatch_function() {
     let handle = unsafe { GUEST_HANDLE };
 
     #[cfg(debug_assertions)]
@@ -94,11 +97,24 @@ fn internal_dispatch_function() -> Result<()> {
         .try_pop_shared_input_data_into::<FunctionCall>()
         .expect("Function call deserialization failed");
 
-    let result_vec = call_guest_function(function_call).inspect_err(|e| {
-        handle.write_error(e.kind, Some(e.message.as_str()));
-    })?;
+    let res = call_guest_function(function_call);
 
-    handle.push_shared_output_data(&result_vec)
+    match res {
+        Ok(bytes) => {
+            handle
+                .push_shared_output_data(bytes.as_slice())
+                .expect("Failed to serialize function call result");
+        }
+        Err(err) => {
+            let guest_error = Err(GuestError::new(err.kind, err.message));
+            let fcr = FunctionCallResult::new(guest_error);
+            let mut builder = FlatBufferBuilder::new();
+            let data = fcr.encode(&mut builder);
+            handle
+                .push_shared_output_data(data)
+                .expect("Failed to serialize function call result");
+        }
+    }
 }
 
 // This is implemented as a separate function to make sure that epilogue in the internal_dispatch_function is called before the halt()
@@ -117,6 +133,6 @@ pub(crate) extern "C" fn dispatch_function() {
     // part of the big identity-mapped region at the base of the
     // guest.
     crate::paging::flush_tlb();
-    let _ = internal_dispatch_function();
+    internal_dispatch_function();
     halt();
 }

src/hyperlight_guest_bin/src/lib.rs

@@ -45,7 +45,6 @@ pub mod exceptions {
     pub(super) mod idtr;
     mod interrupt_entry;
 }
-pub mod guest_err;
 pub mod guest_function {
     pub(super) mod call;
     pub mod definition;
@@ -121,7 +120,7 @@ pub(crate) static HEAP_ALLOCATOR: LockedHeap<32> = LockedHeap::<32>::empty();
 pub(crate) static HEAP_ALLOCATOR: ProfiledLockedHeap<32> =
     ProfiledLockedHeap(LockedHeap::<32>::empty());
 
-pub(crate) static mut GUEST_HANDLE: GuestHandle = GuestHandle::new();
+pub static mut GUEST_HANDLE: GuestHandle = GuestHandle::new();
 pub(crate) static mut REGISTERED_GUEST_FUNCTIONS: GuestFunctionRegister =
     GuestFunctionRegister::new();
 

src/hyperlight_guest_capi/src/error.rs

@@ -14,15 +14,32 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-use core::ffi::c_char;
+use core::ffi::{CStr, c_char};
 
-use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode;
-use hyperlight_guest_bin::guest_err::setError;
+use flatbuffers::FlatBufferBuilder;
+use hyperlight_common::flatbuffer_wrappers::function_types::FunctionCallResult;
+use hyperlight_common::flatbuffer_wrappers::guest_error::{ErrorCode, GuestError};
+use hyperlight_guest_bin::GUEST_HANDLE;
+
+use crate::alloc::borrow::ToOwned;
 
 #[unsafe(no_mangle)]
 pub extern "C" fn hl_set_error(err: ErrorCode, message: *const c_char) {
+    let cstr = unsafe { CStr::from_ptr(message) };
+    let guest_error = Err(GuestError::new(
+        err.into(),
+        cstr.to_str()
+            .expect("Failed to convert CStr to &str")
+            .to_owned(),
+    ));
+    let fcr = FunctionCallResult::new(guest_error);
+    let mut builder = FlatBufferBuilder::new();
+    let data = fcr.encode(&mut builder);
     unsafe {
-        setError(err.into(), message);
+        #[allow(static_mut_refs)] // we are single threaded
+        GUEST_HANDLE
+            .push_shared_output_data(data)
+            .expect("Failed to set error")
     }
 }