* allow pedantic invalid cast lint
* allow lint with false-positive triggered by `test-case` crate
* nightly `fmt` correction
* adapt to rust layout changes
* remove dubious test
* Use transmute instead of pointer cast and de/ref when check_aligned is false.
* Renames clippy::integer_arithmetic to clippy::arithmetic_side_effects.
* bump rust nightly to 2023-08-25
* Upgrades Rust to 1.72.0
---------
Co-authored-by: Trent Nelson <trent@solana.com>
In most cases, either a &Bank or an Arc<Bank> is more proper.
- &Bank is used if the function only needs a momentary reference
- Arc<Bank> is used if the function needs its' own copy
This PR leaves several instances of &Arc<Bank> around; these instances
are situations where a clone may only happen conditionally.
* Add epoch rewards sysvar test to program test
* Add a test to check epoch rewards sysvar inside/outisde reward interval
---------
Co-authored-by: HaoranYi <haoran.yi@solana.com>
* Restrict access to Bank's HardForks
Callers could previously obtain a a lock to read/write HardForks from
any Bank. This would allow any caller to modify, and creates the
opportunity for inconsistent handling of what is considered a valid hard
fork (ie too old).
This PR adds a function to Bank so consistent sanity checks can be
applied; the caller will already have a Bank as that is where they would
have obtained the HardForks from in the first place. Additionally,
change the getter to return a copy of HardForks (simple Vec).
* Allow hard fork at bank slot if bank is not yet frozen
* add sysvar and logic for last restart slot
* cleanup
* add test for getting last restart slot from account
* format code
* add some basic rustdoc
* copy+paste error
* feature flag for last_restart_slot
* add to sysvars.md
* updated wording in sysvars.md
* rename sol_get_last_restart_slot_sysvar > sol_get_last_restart_slot
* create sbf C header for sol_get_last_restart_slot
* cleanup imports
* reverted hardened_unpack workaround
* cleanup imports
* cleanup logs + blank lines
* Implementing ui changes for last restart slot, nit
* Some more nit change and implementing the UI for sysvar
* fixing the CI
* Minor clippy fix
* format changes
* changes suggested by mvines and lichtso
* increase timeout in local_cluster test
* fix code format
* use keypair for feature flag from mvines
* delete test.json file
* Revert "increase timeout in local_cluster test"
This reverts commit a67465ae22.
* last restart slot should be always less than or equal to current slot
* fixing bug
* changes after steviez comments
* format issue fixed
* fixing the comment on premature application of future hardfork
* nit change in test
Co-authored-by: steviez <steven@solana.com>
* reverting sysvar_cache.rs because change was not necessary
---------
Co-authored-by: steve-gg <grooviegermanikus@gmail.com>
Co-authored-by: steviez <steven@solana.com>
Changes:
marshallpierce/rust-base64@v0.13.1...v0.21.0
`base64::{encode,decode}` are now deprecated in favor of an API that
explicitly selects an `Engine`. Migrated all calls to the new API.
* Replaces BuiltinProgram in the program-runtime with the one from solana_rbpf.
* Adjusts the runtimes built-ins to use Arc<LoadedProgram>.
* Adjusts the tests and benchmarks.
* AccountSharedData: make data_mut() private
This ensures that the inner Vec is never handed out. This is in
preparation of enforcing that the capacity of the inner vec never
shrinks, which is required for direct mapping.
* Adds the feature bpf_account_data_direct_mapping.
* Remaps EbpfError::AccessViolation into InstructionError::ReadonlyDataModified.
* WIP: Memory regions for each instruction account in create_vm().
* Fix serialization benches, run both copy and !copy variants
* rbpf-cli: fix build
* BorrowedAccount: ensure that account capacity is never reduced
Accounts can be directly mapped in address space. Their capacity can't
be reduced mid transaction as that would create holes in vm address
space that point to invalid host memory.
* bpf_load: run serialization tests for both copy and !copy account data
* bpf_loader: add Serializer::write_account
* fix lints
* BorrowedAccount: make_data_mut is host only
* Fix unused import warning
* Fix lints
* cpi: add explicit direct_mapping arg to update_(callee|caller)_account
* cpi: rename account_data_or_only_realloc_padding to serialized_data
* cpi: add CallerAccount::original_data_len comment
* cpi: add update_callee_account direct_mapping test
* cpi: add test_update_caller_account_data_direct_mapping and fix bug
We used to have a bug in zeroing data when shrinking account, where we zeroed
the spare account capacity but not the realloc padding.
* cpi: add tests for mutated readonly accounts
* cpi: update_caller_account doesn't need to change .serialized_data when direct_mapping is on
* cpi: update_caller_account: ensure that account capacity is always enough
Introduce a better way to ensure that account capacity never goes below what
might be mapped in memory regions.
* cpi: zero account capacity using the newly introduced BorrowedAccount::spare_data_capacity_mut()
Before we were using BorrowedAccount::get_data_mut() to get the base pointer to
the account data, then we were slicing the spare capacity from it. Calling
get_data_mut() doesn't work if an account has been closed tho, since the
current program doesn't own the account anymore and therefore get_data_mut()
errors out.
* bpf_loader: fix same lint for the umpteenth time
* bpf_loader: map AccessViolation to ReadonlyDataModified only for account region violations
* programs/sbf: realloc: add test for large write after realloc
Add a test that after a realloc does a large write that spans the
original account length and the realloc area. This ensures that memory
mapping works correctly across the boundary.
* programs/sbf: run test_program_sbf_realloc with both direct_mapping on and off
By default test banks test with all features on. This ensures we keep
testing the existing code until the new feature is enabled.
* bpf_loader: tweak memcmp syscall
Split the actual memcmp code in a separate function. Remove check
indexing the slices since the slices are guaranteed to have the correct
length by construction.
* bpf_loader: tweak the memset syscall
Use slice::fill, which is effectively memset.
* bpf_loader: syscalls: update mem syscalls to work with non contiguous memory
With direct mapping enabled, accounts can now span multiple memory
regions.
* fix lint, rebase mem_ops
* Implement CoW for writable accounts
* Fix CI
* Move CoW to the MemoryMapping level
* Update after rbpf API change
* Fix merge screwup
* Add create_vm macro. Fix benches.
* cpi: simplify update_caller_account
Simplify the logic to update a caller's memory region when a callee
causes an account data pointer to change (eg during CoW)
* benches/bpf_loader: move serialization out of create_vm bench
* benches/bpf_loader: don't copy accounts when direct mapping is on
* Fix review nits
* bpf_loader: mem_ops: handle u64 overflow in MemoryChunkIterator::new
When starting at u64::MAX, the chunk iterator would always return the
empty sequence (None on the first next()) call, instead of returning a
memory access violation.
Use checked instead of saturating arithmetic to detect the condition and
error out.
This commit also adds more tests around boundary conditions.
* Fix loader-v3 tests: data_mut => data_as_mut_slice
* Fix CI
* bpf_loader: fix tuner bench: account must be writable
With direct mapping on, invalid writes are caught early meaning the
tuner would fail on the first store and not consume the whole budget
like the benchmark expects.
---------
Co-authored-by: Alexander Meißner <AlexanderMeissner@gmx.net>
* Moves the registration of bpf_loader built-ins from the ledger into the runtime.
* Removes bpf_loader built-ins registration in tests and benchmarks.
* Removes declare_builtin!() of bpf_loader built-ins.
* Removes built-ins from the SDK.
* Adjusts tests.
* Enables JIT everywhere by default.
* Removes the CLI argument "no-bpf-jit" and its plumbering through out the validator code base.
* Removes with_jit bpf_loader variants.
* Removes the to_builtin!() macro.
* Moves BuiltinProgram of the program runtime into its own file.
* Unifies the runtimes Builtin and program runtimes BuiltinProgram definitions.
* Moves BuiltinPrograms from bank.rs into the program runtime.
* Removes test_program_entry_debug().
* Uses declare_process_instruction!() in all tests and benchmarks.
* Replaces with ProcessInstructionWithContext with solana_rbpf::BuiltInFunction.
* Moves stable_log::program_invoke(), stable_log::program_success() and stable_log::program_failure() calls from bpf_loader into InvokeContext::process_executable_chain().
* Turns result of ProcessInstructionWithContext from InstructionError into Box<dyn std::error::Error>.
* Bump to solana_rbpf v0.3.0
* Removes Result from return type of EbpfVm::new().
* Turns EbpfError into Box<dyn std::error::Error>.
* Removes BpfError.
* Removes SyscallError::InstructionError.
* Adds a type alias for Box<dyn std::error::Error> in syscalls.
* add feature gate
* builtins consume statically defined units at beginning of process_instruction()
* Add new instructionError; return error if builtin did not consume units to enforce builtin to consume units;
* updated related tests
* updated ProgramTest with deactivated native_programs_consume_cu feature to continue support existing mock/test programs that do not consume units
* add default_cost as mandatory field for Builtin
* updated tests
* set zkp program default to VerifyTransfer CUs
---------
Co-authored-by: Jon Cinque <joncinque@pm.me>
* Support versioned transactions in program test framework
* use working bank
* Update to process_transaction_with_metadata
* Migrate client apis from Transaction to Into<VersionedTransaction>
* feedback
* Bumps solana_rbpf to v0.2.36
* Removes ThisInstructionMeter.
* Removes one "unsafe" expression.
* Removes redundant call to solana_rbpf:🧝:register_bpf_function().
* Adjusts SyscallFunction and SyscallRegistry.
* Inlines ProgramEnvironment into EbpfVm.
* Refactors trait SyscallConsume into fn consume_compute_meter().
* Inlines ComputeMeter into InvokeContext.
* Removes solana-metrics dependency from bpf_loader.
* Replaces RBPF tracer functionality by the debugger.
* Take compute_units_consumed from execute_program().
* Merges execute_program_interpreted() and execute_program_jit().
* Use infallible, unchecked methods to write into the serialization buffer
We serialize in two steps: first we compute the size of the buffer, then
we write into it. Therefore there's no need to check if each individual
write fits the buffer - we know it does we just computed the required
size.
* serialize_parameters: remove extra loop/borrows
Remove one extra loop over accounts to gather account lengths. Also
gather all accounts at once and avoid temporary borrows.
* Move creating MemoryRegions for serialized parameters from create_vm to serialize_parameters
This is in preparation of using multiple MemoryRegions once we land direct account mapping.
* bpf_loader: introduce internal API to build serialization buffer/regions
This is prep work for landing the direct_mapping feature, which maps account
data in their own memory regions.
* serialization: fix after API changes
* BorrowedAccount: add set_data_from_slice(), make set_data() take owned values
set_data() used to take a slice and would force alloc+copy if the caller
has owned values (eg account creation, account lookup table).
Expose set_data_from_slice() for callers that have slices, and switch
set_data() to taking an owned Vec.
* BorrowAccount: refactor common accounts_update_delta code in helper method
* BorrowedAccount: add extend_from_slice()
This allows avoiding copies appending entries to account lookup tables.
* BorrowedAccount: remove unnecessary ifs around update_accounts_resize_delta
* Adds the feature disable_cpi_setting_executable_and_rent_epoch.
* Adds the feature gate for disable_cpi_setting_executable_and_rent_epoch.
* Removes TEST_EXECUTABLE_LAMPORTS.
* Test that is_executable and rent_epoch are ignored.
* Use BPF serialization ABI for native target in program-test (PR22754)
* Fixes for the program-test PR22754 rebase on v1.11.1
* Include bug test case in program-test unit tests
* Fix segfault on duped accounts
* Add CPI create_account test
* Revert gitignore addition
Co-authored-by: jozanza <hello@jsavary.com>
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* Adjusts test cases for stricter requirements.
* Removes account reset in deserialization test.
* Removes verify related test cases.
* Replicates account modification verification logic of PreAccount in BorrowedAccount.
* Adds TransactionContext::account_touched_flags.
* Adds account modification verification to the BPF ABIv0 and ABIv1 deserialization, CPI syscall and program-test.
* Replicates the total sum of all lamports verification of PreAccounts in InstructionContext
* Check that the callers instruction balance is maintained during a call / push.
* Replicates PreAccount statistics in TransactionContext.
* Disable verify() and verify_and_update() if the feature enable_early_verification_of_account_modifications is enabled.
* Moves Option<Rent> of enable_early_verification_of_account_modifications into TransactionContext::new().
* Relaxes AccountDataMeter related test cases.
* Don't touch the account if nothing changes.
* Adds two tests to trigger InstructionError::UnbalancedInstruction.
Co-authored-by: Justin Starry <justin@solana.com>
* Adds methods based on instruction_account_index to InstructionContext.
Removes methods which are based on index_in_instruction.
* Adjusts program-runtime.
* Adjusts runtime.
* Adjusts bpf loader.
* Adjusts built-in programs.
* Adjusts program-test and bpf tests.
* Award one credit per dequeued vote when processing VoteStateUpdate instruction,
to match vote rewards of Vote instruction.
* Update feature pubkey to one owned by cc (ashwin)
Co-authored-by: Ashwin Sekar <ashwin@solana.com>
Alexander Meißner
HaoranYi
Brooks
steviez
Jon Cinque
Pankaj Garg
galactus
Illia Bobyr
Alessandro Decina
Tao Zhu
Jon Cinque
Jeff Washington (jwash)
behzad nouri
Justin Starry
Dmitri Makarov
Jon Cinque
Michael Vines
Lcchy
bji