Store stack and heap separately

CHANGELOG.md

@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+### Added
+
+### Changed
+
+#### Breaking
+
+- [#697](https://github.com/FuelLabs/fuel-vm/pull/697): Changed the VM to internally use separate buffers for the stack and the heap to improve startup time. After this change, memory that was never part of the stack or the heap cannot be accessed, even for reading. Also, even if the whole memory is allocated, accesses spanning from the stack to the heap are not allowed. This PR also fixes a bug that required one-byte gap between the stack and the heap. Multiple errors have been changed to be more sensible ones, and sometimes the order of which error is returned has changed. `ALOC` opcode now zeroes the newly allocated memory.
+
 ## [Version 0.48.0]
 
 ### Added

fuel-asm/src/panic_reason.rs

@@ -132,6 +132,11 @@ enum_from! {
         /// Caller of this internal context is also expected to be internal,
         /// i.e. $fp->$fp must be non-zero.
         ExpectedNestedCaller = 0x2e,
+        /// During memory growth, the stack overlapped with the heap
+        MemoryGrowthOverlap = 0x2f,
+        /// Attempting to read or write uninitialized memory.
+        /// Also occurs when boundary crosses from stack to heap.
+        UninitalizedMemoryAccess = 0x30,
     }
 }
 

fuel-types/src/array_types.rs

@@ -150,7 +150,8 @@ macro_rules! key_methods {
             ///
             /// This function will panic if the length of `buf` is smaller than
             /// `Self::LEN`.
-            pub fn from_bytes(bytes: &[u8]) -> Self {
+            #[wasm_bindgen(js_name = from_bytes)]
+            pub fn from_bytes_typescript(bytes: &[u8]) -> Self {
                 Self(bytes.try_into().expect(
                     format!("The size of the arrays it not {} size", $s).as_str(),
                 ))

fuel-vm/examples/external.rs

@@ -38,7 +38,6 @@ use fuel_vm::{
         Interpreter,
         IntoChecked,
         MemoryClient,
-        MemoryRange,
     },
     storage::MemoryStorage,
 };
@@ -62,8 +61,7 @@ impl EcalHandler for FileReadEcal {
         vm.gas_charge(b.saturating_add(1))?;
 
         // Extract file path from vm memory
-        let r = MemoryRange::new(c, d)?;
-        let path = String::from_utf8_lossy(&vm.memory()[r.usizes()]);
+        let path = String::from_utf8_lossy(vm.memory().read(c, d)?);
         let path = PathBuf::from(path.as_ref());
 
         // Seek file to correct position
@@ -74,8 +72,8 @@ impl EcalHandler for FileReadEcal {
 
         // Allocate the buffer in the vm memory and read directly from the file into it
         vm.allocate(b)?;
-        let r = MemoryRange::new(vm.registers()[RegId::HP], b)?;
-        file.read(&mut vm.memory_mut()[r.usizes()])
+        let hp = vm.registers()[RegId::HP];
+        file.read(vm.memory_mut().write_noownerchecks(hp, b)?)
             .map_err(|_| PanicReason::EcalError)?;
 
         Ok(())

fuel-vm/src/backtrace.rs

@@ -17,9 +17,9 @@ use crate::{
 };
 use derivative::Derivative;
 
+use crate::interpreter::Memory;
 use fuel_tx::ScriptExecutionResult;
 use fuel_types::{
-    fmt_truncated_hex,
     ContractId,
     Word,
 };
@@ -31,8 +31,7 @@ pub struct Backtrace {
     call_stack: Vec<CallFrame>,
     contract: ContractId,
     registers: [Word; VM_REGISTER_COUNT],
-    #[derivative(Debug(format_with = "fmt_truncated_hex::<16>"))]
-    memory: Vec<u8>,
+    memory: Memory,
     result: ScriptExecutionResult,
     initial_balances: InitialBalances,
 }
@@ -46,8 +45,8 @@ impl Backtrace {
         result: ScriptExecutionResult,
     ) -> Self {
         let call_stack = vm.call_stack().to_owned();
-        let contract = vm.internal_contract_or_default();
-        let memory = vm.memory().to_owned();
+        let contract = vm.internal_contract().unwrap_or_default();
+        let memory = vm.memory().clone();
         let initial_balances = vm.initial_balances().clone();
         let mut registers = [0; VM_REGISTER_COUNT];
 
@@ -79,8 +78,8 @@ impl Backtrace {
     }
 
     /// Memory of the VM when the error occurred.
-    pub fn memory(&self) -> &[u8] {
-        self.memory.as_slice()
+    pub fn memory(&self) -> &Memory {
+        &self.memory
     }
 
     /// [`ScriptExecutionResult`] of the error that caused this backtrace.
@@ -100,7 +99,7 @@ impl Backtrace {
         Vec<CallFrame>,
         ContractId,
         [Word; VM_REGISTER_COUNT],
-        Vec<u8>,
+        Memory,
         ScriptExecutionResult,
         InitialBalances,
     ) {

fuel-vm/src/constraints.rs

@@ -1,97 +1,9 @@
 //! Types to help constrain inputs to functions to only what is used.
-use core::ops::{
-    Deref,
-    DerefMut,
-};
 
-use fuel_asm::{
-    PanicReason,
-    Word,
-};
 use fuel_types::ContractId;
 
-#[cfg(test)]
-use fuel_types::canonical::Deserialize;
-
-use crate::{
-    consts::MEM_SIZE,
-    prelude::MemoryRange,
-};
-
 pub mod reg_key;
 
-/// A range of memory that has been checked that it fits into the VM memory.
-#[derive(Clone)]
-// TODO: Replace `LEN` constant with a generic object that implements some trait that
-// knows  the static size of the generic.
-pub struct CheckedMemConstLen<const LEN: usize>(MemoryRange);
-
-/// A range of memory that has been checked that it fits into the VM memory.
-/// This range can be used to read a value of type `T` from memory.
-#[derive(Clone)]
-// TODO: Merge this type with `CheckedMemConstLen`.
-pub struct CheckedMemValue<T>(MemoryRange, core::marker::PhantomData<T>);
-
-impl<T> CheckedMemValue<T> {
-    /// Create a new const sized memory range.
-    pub fn new<const SIZE: usize>(address: Word) -> Result<Self, PanicReason> {
-        Ok(Self(
-            MemoryRange::new_const::<_, SIZE>(address)?,
-            core::marker::PhantomData,
-        ))
-    }
-
-    /// Try to read a value of type `T` from memory.
-    pub fn try_from(self, memory: &[u8; MEM_SIZE]) -> Result<T, PanicReason>
-    where
-        T: for<'a> TryFrom<&'a [u8]>,
-        PanicReason: for<'a> From<<T as TryFrom<&'a [u8]>>::Error>,
-    {
-        Ok(T::try_from(&memory[self.0.usizes()])?)
-    }
-
-    /// The start of the range.
-    pub fn start(&self) -> usize {
-        self.0.start
-    }
-
-    /// The end of the range.
-    pub fn end(&self) -> usize {
-        self.0.end
-    }
-
-    #[cfg(test)]
-    /// Inspect a value of type `T` from memory.
-    pub fn inspect(self, memory: &[u8; MEM_SIZE]) -> T
-    where
-        T: Deserialize,
-    {
-        T::from_bytes(&memory[self.0.usizes()])
-            .expect("Inspect failed; invalid value for type")
-    }
-}
-
-impl<const LEN: usize> CheckedMemConstLen<LEN> {
-    /// Create a new const sized memory range.
-    pub fn new(address: Word) -> Result<Self, PanicReason> {
-        Ok(Self(MemoryRange::new_const::<_, LEN>(address)?))
-    }
-
-    /// Get the memory slice for this range.
-    pub fn read(self, memory: &[u8; MEM_SIZE]) -> &[u8; LEN] {
-        (&memory[self.0.usizes()]).try_into().expect(
-            "This is always correct as the address and LEN are checked on construction.",
-        )
-    }
-
-    /// Get the mutable memory slice for this range.
-    pub fn write(self, memory: &mut [u8; MEM_SIZE]) -> &mut [u8; LEN] {
-        (&mut memory[self.0.usizes()]).try_into().expect(
-            "This is always correct as the address and LEN are checked on construction.",
-        )
-    }
-}
-
 /// Location of an instructing collected during runtime
 #[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)]
 pub struct InstructionLocation {
@@ -100,17 +12,3 @@ pub struct InstructionLocation {
     /// Offset from the IS register
     pub offset: u64,
 }
-
-impl<const LEN: usize> Deref for CheckedMemConstLen<LEN> {
-    type Target = MemoryRange;
-
-    fn deref(&self) -> &Self::Target {
-        &self.0
-    }
-}
-
-impl<const LEN: usize> DerefMut for CheckedMemConstLen<LEN> {
-    fn deref_mut(&mut self) -> &mut Self::Target {
-        &mut self.0
-    }
-}

fuel-vm/src/consts.rs

@@ -17,11 +17,6 @@ pub const VM_REGISTER_SYSTEM_COUNT: usize = 16;
 /// The number of writable registers.
 pub const VM_REGISTER_PROGRAM_COUNT: usize = VM_REGISTER_COUNT - VM_REGISTER_SYSTEM_COUNT;
 
-/// Max amount of nested call contexts.
-/// Used to protect against stack overflows, since the CALL
-/// instruction is currently implemented using recursion.
-pub const VM_MAX_NESTED_CALLS: usize = 64;
-
 // MEMORY TYPES
 
 /// Length of a word, in bytes

fuel-vm/src/interpreter.rs

@@ -75,7 +75,10 @@ pub use ecal::{
     EcalHandler,
     PredicateErrorEcal,
 };
-pub use memory::MemoryRange;
+pub use memory::{
+    Memory,
+    MemoryRange,
+};
 
 use crate::checked_transaction::{
     CreateCheckedMetadata,
@@ -86,8 +89,6 @@ use crate::checked_transaction::{
     ScriptCheckedMetadata,
 };
 
-use self::memory::Memory;
-
 #[cfg(feature = "test-helpers")]
 pub use self::receipts::ReceiptsCtx;
 
@@ -109,7 +110,7 @@ pub struct NotSupportedEcal;
 #[derive(Debug, Clone)]
 pub struct Interpreter<S, Tx = (), Ecal = NotSupportedEcal> {
     registers: [Word; VM_REGISTER_COUNT],
-    memory: Memory<MEM_SIZE>,
+    memory: Memory,
     frames: Vec<CallFrame>,
     receipts: ReceiptsCtx,
     tx: Tx,
@@ -199,13 +200,13 @@ pub(crate) enum PanicContext {
 
 impl<S, Tx, Ecal> Interpreter<S, Tx, Ecal> {
     /// Returns the current state of the VM memory
-    pub fn memory(&self) -> &[u8] {
-        self.memory.as_slice()
+    pub fn memory(&self) -> &Memory {
+        &self.memory
     }
 
     /// Returns mutable access to the vm memory
-    pub fn memory_mut(&mut self) -> &mut [u8] {
-        self.memory.as_mut()
+    pub fn memory_mut(&mut self) -> &mut Memory {
+        &mut self.memory
     }
 
     /// Returns the current state of the registers