hyperledger-labs · cmickeyb · Sep 15, 2025 · Aug 28, 2025 · Sep 22, 2025 · Aug 7, 2025
diff --git a/build/cmake/Memory.cmake b/build/cmake/Memory.cmake
@@ -0,0 +1,99 @@
+# Copyright 2025 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+################################################################################
+# Memory size configuration
+################################################################################
+
+# The memory size option configures enclave and interpreter memory
+# size values. The variable may have the value of "SMALL", "MEDIUM" or
+# "LARGE". This is a project variable because the configurations
+# depend on one another (the interpreter heap size must fit into the
+# enclave heap, for example).
+SET(PDO_MEMORY_CONFIG "MEDIUM" CACHE STRING "Set memory size parameters for enclave and interpreter")
+IF (DEFINED ENV{PDO_MEMORY_CONFIG})
+  SET(PDO_MEMORY_CONFIG $ENV{PDO_MEMORY_CONFIG})
+ENDIF()
+SET(MEMORY_SIZE_OPTIONS "SMALL" "MEDIUM" "LARGE")
+IF (NOT ${PDO_MEMORY_CONFIG} IN_LIST MEMORY_SIZE_OPTIONS)
+  MESSAGE(FATAL_ERROR "Invalid memory size; ${PDO_MEMORY_CONFIG}")
+ENDIF()
+
+# Module heap and stack, these are related to the contract maximum
+# size, we could specify these and derive the maximum contract size
+# from them
+IF (${PDO_MEMORY_CONFIG} STREQUAL "SMALL")
+  MATH(EXPR CONTRACT_HEAP_SIZE "2 * 1024 * 1024")
+  MATH(EXPR CONTRACT_STACK_SIZE "1 * 1024 * 1024")
+ELSEIF (${PDO_MEMORY_CONFIG} STREQUAL "MEDIUM")
+  MATH(EXPR CONTRACT_HEAP_SIZE "4 * 1024 * 1024")
+  MATH(EXPR CONTRACT_STACK_SIZE "2 * 1024 * 1024")
+ELSEIF (${PDO_MEMORY_CONFIG} STREQUAL "LARGE")
+  MATH(EXPR CONTRACT_HEAP_SIZE "8 * 1024 * 1024")
+  MATH(EXPR CONTRACT_STACK_SIZE "4 * 1024 * 1024")
+ELSE()
+  MESSAGE(FATAL_ERROR "Invalid memory size; ${PDO_MEMORY_CONFIG}")
+ENDIF()
+
+# This determines the reserved memory size in the enclave, that is,
+# the interpreters linear memory is currently stored in the enclave
+# reserve memory. The padding is expected to be constant over the
+# size of the contract.
+MATH(EXPR CONTRACT_PADDING "1 * 1024 * 1024")
+MATH(EXPR CONTRACT_MAXIMUM_SIZE "${CONTRACT_HEAP_SIZE} + ${CONTRACT_STACK_SIZE} + ${CONTRACT_PADDING}")
+
+# Global heap is used for the management structures that store WAMR
+# state information, not specific to the module or contract size. This
+# memory is allocated from the enclave heap/stack. Note that it is
+# difficult (and not particularly well documented) to determine what
+# this number should be. The current computation represents a best
+# guess and will need to be adjusted as appropriate.
+MATH(EXPR CONTRACT_GLOBAL_HEAP_SIZE "4 * 1024 * 1024 + ${CONTRACT_MAXIMUM_SIZE}")
+
+# State cache size is one of the main consumers of memory, probably impacts
+# both enclave stack and heap, the state data block size is probably not
+# important enough to provide variable sizing. Should probably just set it
+# to 8K and leave it.
+MATH(EXPR STATE_CACHE_SIZE "4 * 1024 * 1024")
+MATH(EXPR STATE_DATA_BLOCK_SIZE "8 * 1024")
+
+# The worker stack and heap sizes are per-thread allocations. The heap
+# size must be large enough to hold the state cache, the global heap, and
+# some padding. For now, the stack size is a fraction of the heap.
+MATH(EXPR ENCLAVE_WORKER_HEAP "${STATE_CACHE_SIZE} + ${CONTRACT_GLOBAL_HEAP_SIZE} + ${CONTRACT_MAXIMUM_SIZE}")
+MATH(EXPR ENCLAVE_WORKER_STACK "${ENCLAVE_WORKER_HEAP} / 4")
+
+# The WAMR requirement for reserved memory is the WAMR heap size plus
+# the total memory required by the WASM module that is loaded. We can
+# set a limit here and trust the wawaka module to enforce the
+# limit. Note that the contract heap is double counted (explicitly and
+# again in the contract maximum size). This is a reflection of how the
+# contract interpreter handles reserved memory allocation.
+MATH(EXPR ENCLAVE_WORKER_RESERVED_SIZE "${CONTRACT_HEAP_SIZE} + ${CONTRACT_MAXIMUM_SIZE}")
+
+# The worker thread count corresponds roughly to the expected number
+# of concurrent workers in the enclave, each will allocate memory to
+# the contract interpreter.
+SET(ENCLAVE_WORKER_THREADS "2")
+
+# Heap padding is memory expected to be used by the enclave outside
+# the interpreter (that is, it does not depend on the configuration of
+# the interpreter).
+MATH(EXPR ENCLAVE_STACK_PADDING "4 * 1024 * 1024")
+MATH(EXPR ENCLAVE_HEAP_PADDING "4 * 1024 * 1024")
+
+# And the final numbers allocate enough space for each worker plus the shared padding
+MATH(EXPR ENCLAVE_STACK_SIZE "${ENCLAVE_WORKER_THREADS} * ${ENCLAVE_WORKER_STACK} + ${ENCLAVE_STACK_PADDING}")
+MATH(EXPR ENCLAVE_HEAP_SIZE "${ENCLAVE_WORKER_THREADS} * ${ENCLAVE_WORKER_HEAP} + ${ENCLAVE_HEAP_PADDING}")
+MATH(EXPR ENCLAVE_RESERVED_SIZE "${ENCLAVE_WORKER_THREADS} * ${ENCLAVE_WORKER_RESERVED_SIZE}")
diff --git a/build/cmake/ProjectVariables.cmake b/build/cmake/ProjectVariables.cmake
@@ -66,19 +66,10 @@ IF (NOT DEFINED ENV{PDO_SOURCE_ROOT})
 ENDIF()
 SET(PDO_SOURCE_ROOT $ENV{PDO_SOURCE_ROOT})
 
-# The memory size option configures enclave and interpreter memory
-# size values. The variable may have the value of "SMALL", "MEDIUM" or
-# "LARGE". This is a project variable because the configurations
-# depend on one another (the interpreter heap size must fit into the
-# enclave heap, for example).
-SET(PDO_MEMORY_CONFIG "MEDIUM" CACHE STRING "Set memory size parameters for enclave and interpreter")
-IF (DEFINED ENV{PDO_MEMORY_CONFIG})
-  SET(PDO_MEMORY_CONFIG $ENV{PDO_MEMORY_CONFIG})
-ENDIF()
-SET(MEMORY_SIZE_OPTIONS "SMALL" "MEDIUM" "LARGE")
-IF (NOT ${PDO_MEMORY_CONFIG} IN_LIST MEMORY_SIZE_OPTIONS)
-  MESSAGE(FATAL_ERROR "Invalid memory size; ${PDO_MEMORY_CONFIG}")
-ENDIF()
+# Pull in the configuration for memory allocation across the entire
+# project including the state cache and interpreter size in common and
+# the enclave allocation in the eservice.
+INCLUDE(Memory)
 
 # Get the current version using the get_version
 # utility; note that this will provide 0.0.0 as

diff --git a/build/cmake/SGX.cmake b/build/cmake/SGX.cmake
@@ -21,31 +21,15 @@ IF (NOT DEFINED ENV{PDO_SGX_KEY_ROOT})
 ENDIF()
 SET(PDO_SGX_KEY_ROOT "$ENV{PDO_SGX_KEY_ROOT}")
 
-# Memory size should be set in ProjectVariables.cmake which must be included
+# Memory size should be set in Memory.cmake which must be included
 # before this file. There are three values for memory size: SMALL, MEDIUM
 # and LARGE. Each provides defaults for memory allocation. See the note
-# about memory size in ProjectVariables.cmake regarding dependencies between
+# about memory size in Memory.cmake regarding dependencies between
 # memory settings here and in other parts of PDO.
 IF (NOT DEFINED PDO_MEMORY_CONFIG)
   MESSAGE(FATAL_ERROR "PDO_MEMORY_CONFIG not defined")
 ENDIF()
 
-IF (${PDO_MEMORY_CONFIG} STREQUAL "SMALL")
-  MATH(EXPR ENCLAVE_STACK_SIZE "2 * 1024 * 1024")
-  MATH(EXPR ENCLAVE_HEAP_SIZE "32 * 1024 * 1024")
-  MATH(EXPR ENCLAVE_RESERVED_SIZE "1 * 1024 * 1024")
-ELSEIF (${PDO_MEMORY_CONFIG} STREQUAL "MEDIUM")
-  MATH(EXPR ENCLAVE_STACK_SIZE "2 * 1024 * 1024")
-  MATH(EXPR ENCLAVE_HEAP_SIZE "64 * 1024 * 1024")
-  MATH(EXPR ENCLAVE_RESERVED_SIZE "2 * 1024 * 1024")
-ELSEIF (${PDO_MEMORY_CONFIG} STREQUAL "LARGE")
-  MATH(EXPR ENCLAVE_STACK_SIZE "2 * 1024 * 1024")
-  MATH(EXPR ENCLAVE_HEAP_SIZE "128 * 1024 * 1024")
-  MATH(EXPR ENCLAVE_RESERVED_SIZE "4 * 1024 * 1024")
-ELSE()
-  MESSAGE(FATAL_ERROR "Invalid memory size; ${PDO_MEMORY_CONFIG}")
-ENDIF()
-
 # There are effectively three build modes for SGX:
 #   1) SIM mode with PDO_DEBUG_BUILD enabled
 #   2) HW mode with PDO_DEBUG_BUILD enabled

diff --git a/build/template/eservice.toml b/build/template/eservice.toml
@@ -22,10 +22,10 @@ HttpPort = ${{7100+_count_}}
 Host = "${host}"
 
 # Max number of threads for processing WSGI requests
-WorkerThreads = 8
+WorkerThreads = 4
 
 # Suggested number of threads for processing other requests
-ReactorThreads = 8
+ReactorThreads = 4
 
 # --------------------------------------------------
 # StorageService -- information about KV block stores
@@ -79,7 +79,7 @@ BaseName = "${identity}"
 [EnclaveModule]
 
 # Number of available enclave workers to service requests
-NumberOfEnclaves = '7'
+NumberOfEnclaves = '1'
 
 # ias_url is the URL of the Intel Attestation Service (IAS) server.  The
 # example server is for debug enclaves only,
@@ -88,4 +88,3 @@ ias_url = 'https://api.trustedservices.intel.com/sgx/dev'
 
 # sgx key root folder configuration
 sgx_key_root = "${sgx_key_root}"
-
diff --git a/build/tests/wawaka/memory-test.json b/build/tests/wawaka/memory-test.json
@@ -53,20 +53,6 @@
         "KeywordParameters": { "levels" : 2147483647 },
         "expected":"2147483647"
     },
-    {
-        "description" : "deep recursion test 2^32 levels should {invert}",
-        "MethodName": "deep_recursion_test",
-        "KeywordParameters": { "levels" : 2147483648 },
-        "invert": "fail",
-        "expected": "method evaluation failed"
-    },
-    {
-        "description" : "deep recursion test 10G levels should {invert}",
-        "MethodName": "deep_recursion_test",
-        "KeywordParameters": { "levels" : 10000000000 },
-        "invert": "fail",
-        "expected": "method evaluation failed"
-    },
     {
         "description" : "deep recursion test {KeywordParameters}",
         "MethodName": "deep_recursion_test",

diff --git a/common/CMakeLists.txt b/common/CMakeLists.txt
@@ -39,6 +39,15 @@ IF (BUILD_TRUSTED OR BUILD_UNTRUSTED)
   INCLUDE(SGX)
 ENDIF()
 
+# Memory size should be set in ProjectVariables.cmake which must be included
+# before this file. There are three values for memory size: SMALL, MEDIUM
+# and LARGE. Each provides defaults for memory allocation. See the note
+# about memory size in ProjectVariables.cmake regarding dependencies between
+# memory settings here and in other parts of PDO.
+IF (NOT DEFINED PDO_MEMORY_CONFIG)
+  MESSAGE(FATAL_ERROR "PDO_MEMORY_CONFIG not defined")
+ENDIF()
+
 ################################################################################
 # Common components for both trusted and untrusted common libraries
 ################################################################################
@@ -81,6 +90,8 @@ IF (BUILD_CLIENT)
 
   TARGET_COMPILE_OPTIONS(${C_COMMON_LIB_NAME} PRIVATE ${OPENSSL_CFLAGS})
 
+  TARGET_COMPILE_DEFINITIONS(${C_COMMON_LIB_NAME} PRIVATE "STATE_DATA_BLOCK_SIZE=${STATE_DATA_BLOCK_SIZE}")
+  TARGET_COMPILE_DEFINITIONS(${C_COMMON_LIB_NAME} PRIVATE "STATE_CACHE_SIZE=${STATE_CACHE_SIZE}")
   TARGET_COMPILE_DEFINITIONS(${C_COMMON_LIB_NAME} PRIVATE "_UNTRUSTED_=1")
   TARGET_COMPILE_DEFINITIONS(${C_COMMON_LIB_NAME} PRIVATE "_CLIENT_ONLY_=1")
 ENDIF()
@@ -96,6 +107,8 @@ IF (BUILD_UNTRUSTED)
   ADD_LIBRARY(${U_COMMON_LIB_NAME} STATIC ${PROJECT_HEADERS} ${PROJECT_SOURCES})
   SGX_PREPARE_UNTRUSTED(${U_COMMON_LIB_NAME})
 
+  TARGET_COMPILE_DEFINITIONS(${U_COMMON_LIB_NAME} PRIVATE "STATE_DATA_BLOCK_SIZE=${STATE_DATA_BLOCK_SIZE}")
+  TARGET_COMPILE_DEFINITIONS(${U_COMMON_LIB_NAME} PRIVATE "STATE_CACHE_SIZE=${STATE_CACHE_SIZE}")
   TARGET_COMPILE_DEFINITIONS(${U_COMMON_LIB_NAME} PRIVATE "_UNTRUSTED_=1")
 ENDIF()
 
@@ -107,6 +120,9 @@ IF (BUILD_TRUSTED)
 
   ADD_LIBRARY(${T_COMMON_LIB_NAME} STATIC ${PROJECT_HEADERS} ${PROJECT_SOURCES})
   SGX_PREPARE_TRUSTED(${T_COMMON_LIB_NAME})
+
+  TARGET_COMPILE_DEFINITIONS(${T_COMMON_LIB_NAME} PRIVATE "STATE_DATA_BLOCK_SIZE=${STATE_DATA_BLOCK_SIZE}")
+  TARGET_COMPILE_DEFINITIONS(${T_COMMON_LIB_NAME} PRIVATE "STATE_CACHE_SIZE=${STATE_CACHE_SIZE}")
 ENDIF()
 
 ################################################################################

diff --git a/common/error.h b/common/error.h
@@ -17,13 +17,15 @@
 
 #include <stdexcept>
 #include <string>
+#include <stdarg.h>
 
 #include "pdo_error.h"
 #if _CLIENT_ONLY_
 #else
 #include "sgx_error.h"
 #endif
 
+#define ERROR_MESSAGE_SIZE 1024
 namespace pdo {
     namespace error {
 
@@ -179,24 +181,48 @@ namespace pdo {
         template<typename PointerType>
         inline void ThrowIfNull(
             const PointerType ptr,
-            const char* msg = nullptr
+            const char* msg = nullptr,
+            ...
             )
         {
-            if (!ptr) {
-                throw ValueError(msg ? msg : "Unexpected null parameter.");
+            va_list args;
+            va_start(args, msg);
+
+            if (ptr == nullptr) {
+                if (msg == nullptr)
+                    throw ValueError("Unexpected null parameter.");
+
+                char buffer[ERROR_MESSAGE_SIZE] = {0};
+                vsnprintf(buffer, ERROR_MESSAGE_SIZE, msg, args);
+                va_end(args);
+                throw ValueError(buffer);
             }
+
+            va_end(args);
         } // ThrowIfNull
 
         // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
         template <typename except>
         inline void ThrowIf(
             bool condition,
-            const char* msg
+            const char* msg,
+            ...
             )
         {
+            va_list args;
+            va_start(args, msg);
+
             if (condition) {
-                throw except(msg);
+                if (msg == nullptr)
+                    throw except("Unexpected null parameter.");
+
+                char buffer[ERROR_MESSAGE_SIZE] = {0};
+                vsnprintf(buffer, ERROR_MESSAGE_SIZE, msg, args);
+                va_end(args);
+                throw except(buffer);
             }
+
+            va_end(args);
         } // ThrowIf
 
         // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX