* replay: feature flag consumption of duplicate proofs from blockstore (#34372)
* replay: feature flag consumption of duplicate proofs from blockstore
* pr feedback: reorder check, add flag for restart logic
(cherry picked from commit 4a8d27d921)
# Conflicts:
# sdk/src/feature_set.rs
* fix feature set conflict
---------
Co-authored-by: Ashwin Sekar <ashwin@solana.com>
Update hashes per tick with feature gates (#33600)
* Update hashes per tick with feature gates
(cherry picked from commit b36d051b51)
Co-authored-by: Brennan <brennan.watt@solana.com>
Bank: Add function to replace empty account with upgradeable program on feature activation (#32783)
* replace program account
* modify for all cases
* remove non-data swap
* address tests & conditional feedback
* get the rent involved
* mix in owner & executable
* feature-related cases
* stripped back to feature-specific case only
* added feature
* address initial feedback
* added more lamport checks
* condense tests
* using test_case
* add fail cases to tests
* more cleanup
* add verifiably built program
* update program account state
* cleaned up serializing logic
* use full word capitalization
* rename old & new to dst & src
* swap src and dst in parameters
* add warnings and errors
* rename feature to programify
* test suite description clarity
* remove strings from datapoints
* spell out source and destination
* more verbose comments in account replace functions
* move lamport calculation
* swap lamport check for state check
* move replace functions to helper module
* make replace_account methods fallible
* refactor error handling
* add test for source program state
(cherry picked from commit 25460f76e7)
Co-authored-by: Joe C <jcaulfield135@gmail.com>
* solana-program - altbn128: add g1 & g2 compression
still fixing tests for point of infinity
feat: proof compression syscall working
add rust test to ci
remove prints
added c test
added sycall pricing
* fixed ci checks
* refactored altbn128 and compression
Replaces `TransactionError::InstructionError(0, InstructionError::UnbalancedInstruction)` with `TransactionError::UnbalancedTransaction`.
Co-authored-by: Alexander Meißner <AlexanderMeissner@gmx.net>
* Add feature gate
* Add helper fn
* Require split destination to be rent-exempt if it is active
* Update cli to prefund split accounts
* cli: require rent param with sign-only
* Update tokens to prefund split accounts
* Update split tests with sysvar accounts
* Fix test_split_to_account_with_rent_exempt_reserve
* Fix test_staked_split_destination_minimum_balance
* Fix test_split_more_than_staked
* Fix test_split_minimum_stake_delegation and remove misleading StakeState::Initialized case
* Fix test_split_from_larger_sized_account
* Add test for pre-/post-activation behavior splitting some or all of stake account
* Assert active stake
* Fix runtime test
* Ignore stake-pool downstream
* Review comments
* Feature gate sysvar reads
Recalculating new_warmup_cooldown_rate_epoch for each item is redundant
and wasteful and instead can be done only once outside the iterators and
for loops.
Also NewWarmupCooldownRateEpoch is unnecessary and verbose and is
removed in this commit.
Computing Poseidon[0] hashes is too expensive to be done in a Solana
program in one transaction. Poseidon is a zero-knowlege proof friendly
hash function, used by the majority of ZK-based projects, including the
ones built on top of Solana.
This change introduces the `sol_poseidon` syscall which takes 2D byte
slice as an input and then calculates a Poseidon hash using a BN254
curve and the following Poseidon parameters:
* x^5 S-boxes
* width - 2 ≤ t ≤ 13
* inputs - 1 ≤ n ≤ 12
* 8 full rounds and partial rounds depending on t: [56, 57, 56, 60, 60,
63, 64, 63, 60, 66, 60, 65]
Computation of Poseidon hashes is done with the light-poseidon[1]
crate, which is audited[2] and compatible with Circom[3] (BN254 curve,
the same parameters and constants).
Proposed compute costs depend on number of inputs and are based on
light-poseidon benchmarks[4].
[0] https://www.poseidon-hash.info/
[1] https://crates.io/crates/light-poseidon
[2] https://github.com/Lightprotocol/light-poseidon/blob/main/assets/audit.pdf
[3] https://docs.circom.io/
[4] https://github.com/Lightprotocol/light-poseidon/tree/main#performance
Bank::get_leader_schedule_epoch returns: 1 + EpochSchedule::get_epoch.
As a result, at the epoch boundaries when the propagated shred is from
the next epoch, we are looking for epoch stakes for 2 epochs ahead of
the root or working bank's epoch.
However, the bank structure only contains epoch stakes for one epoch
ahead. This results in shreds propagated at epoch boundary having
unknown epoch stakes.
* stake: deprecate on chain warmup/cooldown rate and config
* Pr feedback: Deprecate since 1.16.7
Co-authored-by: Jon Cinque <me@jonc.dev>
---------
Co-authored-by: Jon Cinque <me@jonc.dev>
* add sysvar and logic for last restart slot
* cleanup
* add test for getting last restart slot from account
* format code
* add some basic rustdoc
* copy+paste error
* feature flag for last_restart_slot
* add to sysvars.md
* updated wording in sysvars.md
* rename sol_get_last_restart_slot_sysvar > sol_get_last_restart_slot
* create sbf C header for sol_get_last_restart_slot
* cleanup imports
* reverted hardened_unpack workaround
* cleanup imports
* cleanup logs + blank lines
* Implementing ui changes for last restart slot, nit
* Some more nit change and implementing the UI for sysvar
* fixing the CI
* Minor clippy fix
* format changes
* changes suggested by mvines and lichtso
* increase timeout in local_cluster test
* fix code format
* use keypair for feature flag from mvines
* delete test.json file
* Revert "increase timeout in local_cluster test"
This reverts commit a67465ae22.
* last restart slot should be always less than or equal to current slot
* fixing bug
* changes after steviez comments
* format issue fixed
* fixing the comment on premature application of future hardfork
* nit change in test
Co-authored-by: steviez <steven@solana.com>
* reverting sysvar_cache.rs because change was not necessary
---------
Co-authored-by: steve-gg <grooviegermanikus@gmail.com>
Co-authored-by: steviez <steven@solana.com>
* AccountSharedData: make data_mut() private
This ensures that the inner Vec is never handed out. This is in
preparation of enforcing that the capacity of the inner vec never
shrinks, which is required for direct mapping.
* Adds the feature bpf_account_data_direct_mapping.
* Remaps EbpfError::AccessViolation into InstructionError::ReadonlyDataModified.
* WIP: Memory regions for each instruction account in create_vm().
* Fix serialization benches, run both copy and !copy variants
* rbpf-cli: fix build
* BorrowedAccount: ensure that account capacity is never reduced
Accounts can be directly mapped in address space. Their capacity can't
be reduced mid transaction as that would create holes in vm address
space that point to invalid host memory.
* bpf_load: run serialization tests for both copy and !copy account data
* bpf_loader: add Serializer::write_account
* fix lints
* BorrowedAccount: make_data_mut is host only
* Fix unused import warning
* Fix lints
* cpi: add explicit direct_mapping arg to update_(callee|caller)_account
* cpi: rename account_data_or_only_realloc_padding to serialized_data
* cpi: add CallerAccount::original_data_len comment
* cpi: add update_callee_account direct_mapping test
* cpi: add test_update_caller_account_data_direct_mapping and fix bug
We used to have a bug in zeroing data when shrinking account, where we zeroed
the spare account capacity but not the realloc padding.
* cpi: add tests for mutated readonly accounts
* cpi: update_caller_account doesn't need to change .serialized_data when direct_mapping is on
* cpi: update_caller_account: ensure that account capacity is always enough
Introduce a better way to ensure that account capacity never goes below what
might be mapped in memory regions.
* cpi: zero account capacity using the newly introduced BorrowedAccount::spare_data_capacity_mut()
Before we were using BorrowedAccount::get_data_mut() to get the base pointer to
the account data, then we were slicing the spare capacity from it. Calling
get_data_mut() doesn't work if an account has been closed tho, since the
current program doesn't own the account anymore and therefore get_data_mut()
errors out.
* bpf_loader: fix same lint for the umpteenth time
* bpf_loader: map AccessViolation to ReadonlyDataModified only for account region violations
* programs/sbf: realloc: add test for large write after realloc
Add a test that after a realloc does a large write that spans the
original account length and the realloc area. This ensures that memory
mapping works correctly across the boundary.
* programs/sbf: run test_program_sbf_realloc with both direct_mapping on and off
By default test banks test with all features on. This ensures we keep
testing the existing code until the new feature is enabled.
* bpf_loader: tweak memcmp syscall
Split the actual memcmp code in a separate function. Remove check
indexing the slices since the slices are guaranteed to have the correct
length by construction.
* bpf_loader: tweak the memset syscall
Use slice::fill, which is effectively memset.
* bpf_loader: syscalls: update mem syscalls to work with non contiguous memory
With direct mapping enabled, accounts can now span multiple memory
regions.
* fix lint, rebase mem_ops
* Implement CoW for writable accounts
* Fix CI
* Move CoW to the MemoryMapping level
* Update after rbpf API change
* Fix merge screwup
* Add create_vm macro. Fix benches.
* cpi: simplify update_caller_account
Simplify the logic to update a caller's memory region when a callee
causes an account data pointer to change (eg during CoW)
* benches/bpf_loader: move serialization out of create_vm bench
* benches/bpf_loader: don't copy accounts when direct mapping is on
* Fix review nits
* bpf_loader: mem_ops: handle u64 overflow in MemoryChunkIterator::new
When starting at u64::MAX, the chunk iterator would always return the
empty sequence (None on the first next()) call, instead of returning a
memory access violation.
Use checked instead of saturating arithmetic to detect the condition and
error out.
This commit also adds more tests around boundary conditions.
* Fix loader-v3 tests: data_mut => data_as_mut_slice
* Fix CI
* bpf_loader: fix tuner bench: account must be writable
With direct mapping on, invalid writes are caught early meaning the
tuner would fail on the first store and not consume the whole budget
like the benchmark expects.
---------
Co-authored-by: Alexander Meißner <AlexanderMeissner@gmx.net>
Add new vote state version that replaces Lockout with LandedVote to allow vote latency to be tracked in a future change.
Includes a feature to be enabled which will when enabled cause the vote state to be written in the new form.
* Adds the feature gate stop_truncating_strings_in_syscalls.
* Removes the truncation of everything after the first NULL byte in translate_string_and_do().
* add feature gate
* builtins consume statically defined units at beginning of process_instruction()
* Add new instructionError; return error if builtin did not consume units to enforce builtin to consume units;
* updated related tests
* updated ProgramTest with deactivated native_programs_consume_cu feature to continue support existing mock/test programs that do not consume units
* include loaded accounts data size limit in transaction base fee calculation
* citing compute_budget for heap cost;
* update sbf tests
Co-authored-by: Trent Nelson <trent.a.b.nelson@gmail.com>
* Add new vote state version that replaces Lockout with LandedVote to allow vote latency to be tracked in a future change. Includes a feature to be enabled which will when enabled cause the vote state to be written in the new form.
* Update feature set key to one owned by ashwin
---------
Co-authored-by: Ashwin Sekar <ashwin@solana.com>
* Use three separate HashMaps instead of the enum TxBankExecutorCacheDiff.
* Replaces all places which deploy programs by a macro.
* Adds a feature gate.
* Adjust tests.
* Makes undeployment visible immediately.