Line data Source code
1 : #include "fd_runtime.h"
2 : #include "../events/fd_event_runtime.h"
3 :
4 : #include "../types/fd_cast.h"
5 : #include "fd_alut.h"
6 : #include "fd_hashes.h"
7 : #include "fd_runtime_stack.h"
8 : #include "fd_accdb_svm.h"
9 : #include "../genesis/fd_genesis_parse.h"
10 : #include "fd_txncache.h"
11 : #include "fd_compute_budget_details.h"
12 : #include "tests/fd_dump_pb.h"
13 :
14 : #include "sysvar/fd_sysvar_epoch_schedule.h"
15 : #include "sysvar/fd_sysvar_recent_hashes.h"
16 : #include "sysvar/fd_sysvar_stake_history.h"
17 : #include "sysvar/fd_sysvar_last_restart_slot.h"
18 : #include "sysvar/fd_sysvar_slot_hashes.h"
19 : #include "sysvar/fd_sysvar_slot_history.h"
20 :
21 : #include "../stakes/fd_stakes.h"
22 : #include "../rewards/fd_rewards.h"
23 : #include "../features/fd_feature_snoop.h"
24 :
25 : #include "program/fd_precompiles.h"
26 : #include "program/vote/fd_vote_state_versioned.h"
27 :
28 : /*
29 : https://github.com/anza-xyz/agave/blob/v2.1.1/runtime/src/bank.rs#L1254-L1258
30 : https://github.com/anza-xyz/agave/blob/v2.1.1/runtime/src/bank.rs#L1749
31 : */
32 : int
33 : fd_runtime_compute_max_tick_height( ulong ticks_per_slot,
34 : ulong slot,
35 0 : ulong * out_max_tick_height /* out */ ) {
36 0 : ulong max_tick_height = 0UL;
37 0 : if( FD_LIKELY( ticks_per_slot > 0UL ) ) {
38 0 : ulong next_slot = fd_ulong_sat_add( slot, 1UL );
39 0 : if( FD_UNLIKELY( next_slot == slot ) ) {
40 0 : FD_LOG_WARNING(( "max tick height addition overflowed slot %lu ticks_per_slot %lu", slot, ticks_per_slot ));
41 0 : return -1;
42 0 : }
43 0 : if( FD_UNLIKELY( ULONG_MAX / ticks_per_slot < next_slot ) ) {
44 0 : FD_LOG_WARNING(( "max tick height multiplication overflowed slot %lu ticks_per_slot %lu", slot, ticks_per_slot ));
45 0 : return -1;
46 0 : }
47 0 : max_tick_height = fd_ulong_sat_mul( next_slot, ticks_per_slot );
48 0 : }
49 0 : *out_max_tick_height = max_tick_height;
50 0 : return FD_RUNTIME_EXECUTE_SUCCESS;
51 0 : }
52 :
53 : void
54 : fd_runtime_update_next_leaders( fd_bank_t * bank,
55 0 : fd_runtime_stack_t * runtime_stack ) {
56 :
57 0 : fd_vote_stakes_t * vote_stakes = fd_bank_vote_stakes( bank );
58 0 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
59 :
60 0 : ulong epoch = fd_slot_to_epoch ( epoch_schedule, bank->f.slot, NULL ) + 1UL;
61 0 : ulong slot0 = fd_epoch_slot0 ( epoch_schedule, epoch );
62 0 : ulong slot_cnt = fd_epoch_slot_cnt( epoch_schedule, epoch );
63 :
64 0 : fd_top_votes_t const * top_votes_t_1 = fd_bank_top_votes_t_1_query( bank );
65 0 : fd_vote_stake_weight_t * epoch_weights = runtime_stack->stakes.stake_weights;
66 0 : ulong stake_weight_cnt = fd_stake_weights_by_node_next( top_votes_t_1, vote_stakes, bank->vote_stakes_fork_id, epoch_weights, FD_FEATURE_ACTIVE_BANK( bank, validator_admission_ticket ) );
67 :
68 0 : void * epoch_leaders_mem = fd_bank_epoch_leaders_modify( bank, epoch );
69 0 : fd_epoch_leaders_t * leaders = fd_epoch_leaders_join( fd_epoch_leaders_new(
70 0 : epoch_leaders_mem,
71 0 : epoch,
72 0 : slot0,
73 0 : slot_cnt,
74 0 : stake_weight_cnt,
75 0 : epoch_weights,
76 0 : 0UL ) );
77 0 : if( FD_UNLIKELY( !leaders ) ) {
78 0 : FD_LOG_ERR(( "Unable to init and join fd_epoch_leaders" ));
79 0 : }
80 :
81 : /* Populate a compressed set of stake weights for a valid leader
82 : schedule. */
83 0 : fd_vote_stake_weight_t * stake_weights = runtime_stack->epoch_weights.next_stake_weights;
84 0 : ulong idx = 0UL;
85 :
86 0 : int needs_compression = stake_weight_cnt>MAX_COMPRESSED_STAKE_WEIGHTS;
87 :
88 0 : for( ulong i=0UL; i<stake_weight_cnt; i++ ) {
89 0 : fd_pubkey_t const * vote_pubkey = &epoch_weights[i].vote_key;
90 0 : fd_pubkey_t const * node_pubkey = &epoch_weights[i].id_key;
91 0 : ulong stake = epoch_weights[i].stake;
92 :
93 0 : if( FD_LIKELY( !needs_compression || fd_epoch_leaders_is_leader_idx( leaders, i ) ) ) {
94 0 : stake_weights[ idx ].stake = stake;
95 0 : memcpy( stake_weights[ idx ].id_key.uc, node_pubkey, sizeof(fd_pubkey_t) );
96 0 : memcpy( stake_weights[ idx ].vote_key.uc, vote_pubkey, sizeof(fd_pubkey_t) );
97 0 : idx++;
98 0 : } else if( idx!=0UL && !fd_epoch_leaders_is_leader_idx( leaders, i-1UL ) ) {
99 0 : stake_weights[ idx-1UL ].stake += stake;
100 0 : } else {
101 0 : stake_weights[ idx ].id_key = (fd_pubkey_t){{0}};
102 0 : stake_weights[ idx ].vote_key = (fd_pubkey_t){{0}};
103 0 : stake_weights[ idx ].stake = stake;
104 0 : idx++;
105 0 : }
106 0 : }
107 0 : runtime_stack->epoch_weights.next_stake_weights_cnt = idx;
108 :
109 : /* Produce truncated set of id weights to send to Shred tile for
110 : Turbine tree computation. */
111 0 : ulong staked_cnt = compute_id_weights_from_vote_weights( runtime_stack->stakes.id_weights, epoch_weights, stake_weight_cnt );
112 0 : ulong excluded_stake = 0UL;
113 0 : if( FD_UNLIKELY( staked_cnt>MAX_SHRED_DESTS ) ) {
114 0 : for( ulong i=MAX_SHRED_DESTS; i<staked_cnt; i++ ) {
115 0 : excluded_stake += runtime_stack->stakes.id_weights[i].stake;
116 0 : }
117 0 : }
118 0 : staked_cnt = fd_ulong_min( staked_cnt, MAX_SHRED_DESTS );
119 0 : memcpy( runtime_stack->epoch_weights.next_id_weights, runtime_stack->stakes.id_weights, staked_cnt * sizeof(fd_stake_weight_t) );
120 0 : runtime_stack->epoch_weights.next_id_weights_cnt = staked_cnt;
121 0 : runtime_stack->epoch_weights.next_id_weights_excluded = excluded_stake;
122 0 : }
123 :
124 : void
125 : fd_runtime_update_leaders( fd_bank_t * bank,
126 186 : fd_runtime_stack_t * runtime_stack ) {
127 :
128 186 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
129 :
130 186 : ulong epoch = fd_slot_to_epoch ( epoch_schedule, bank->f.slot, NULL );
131 186 : ulong vat_epoch = fd_slot_to_epoch ( epoch_schedule, bank->f.features.validator_admission_ticket, NULL );
132 186 : ulong slot0 = fd_epoch_slot0 ( epoch_schedule, epoch );
133 186 : ulong slot_cnt = fd_epoch_slot_cnt( epoch_schedule, epoch );
134 :
135 186 : fd_vote_stakes_t * vote_stakes = fd_bank_vote_stakes( bank );
136 :
137 186 : int vat_in_prev = epoch>=vat_epoch+1UL ? 1 : 0;
138 :
139 186 : fd_top_votes_t const * top_votes_t_2 = fd_bank_top_votes_t_2_query( bank );
140 186 : fd_vote_stake_weight_t * epoch_weights = runtime_stack->stakes.stake_weights;
141 186 : ulong stake_weight_cnt = fd_stake_weights_by_node( top_votes_t_2, vote_stakes, bank->vote_stakes_fork_id, epoch_weights, vat_in_prev );
142 :
143 : /* TODO: Can optimize by avoiding recomputing if another fork has
144 : already computed them for this epoch. */
145 186 : void * epoch_leaders_mem = fd_bank_epoch_leaders_modify( bank, epoch );
146 186 : fd_epoch_leaders_t * leaders = fd_epoch_leaders_join( fd_epoch_leaders_new(
147 186 : epoch_leaders_mem,
148 186 : epoch,
149 186 : slot0,
150 186 : slot_cnt,
151 186 : stake_weight_cnt,
152 186 : epoch_weights,
153 186 : 0UL ) );
154 186 : if( FD_UNLIKELY( !leaders ) ) {
155 0 : FD_LOG_ERR(( "Unable to init and join fd_epoch_leaders" ));
156 0 : }
157 :
158 : /* Populate a compressed set of stake weights for a valid leader
159 : schedule. */
160 186 : fd_vote_stake_weight_t * stake_weights = runtime_stack->epoch_weights.stake_weights;
161 186 : ulong idx = 0UL;
162 :
163 186 : int needs_compression = stake_weight_cnt>MAX_COMPRESSED_STAKE_WEIGHTS;
164 :
165 441 : for( ulong i=0UL; i<leaders->pub_cnt; i++ ) {
166 255 : fd_pubkey_t const * vote_pubkey = &epoch_weights[i].vote_key;
167 255 : fd_pubkey_t const * node_pubkey = &epoch_weights[i].id_key;
168 255 : ulong stake = epoch_weights[i].stake;
169 :
170 255 : if( FD_LIKELY( !needs_compression || fd_epoch_leaders_is_leader_idx( leaders, i ) ) ) {
171 255 : stake_weights[ idx ].stake = stake;
172 255 : memcpy( stake_weights[ idx ].id_key.uc, node_pubkey, sizeof(fd_pubkey_t) );
173 255 : memcpy( stake_weights[ idx ].vote_key.uc, vote_pubkey, sizeof(fd_pubkey_t) );
174 255 : idx++;
175 255 : } else if( idx!=0UL && !fd_epoch_leaders_is_leader_idx( leaders, i-1UL ) ) {
176 0 : stake_weights[ idx-1UL ].stake += stake;
177 0 : } else {
178 0 : stake_weights[ idx ].id_key = (fd_pubkey_t){{0}};
179 0 : stake_weights[ idx ].vote_key = (fd_pubkey_t){{0}};
180 0 : stake_weights[ idx ].stake = stake;
181 0 : idx++;
182 0 : }
183 255 : }
184 186 : runtime_stack->epoch_weights.stake_weights_cnt = idx;
185 :
186 : /* Produce truncated set of id weights to send to Shred tile for
187 : Turbine tree computation. */
188 186 : ulong staked_cnt = compute_id_weights_from_vote_weights( runtime_stack->stakes.id_weights, epoch_weights, stake_weight_cnt );
189 186 : ulong excluded_stake = 0UL;
190 186 : if( FD_UNLIKELY( staked_cnt>MAX_SHRED_DESTS ) ) {
191 0 : for( ulong i=MAX_SHRED_DESTS; i<staked_cnt; i++ ) {
192 0 : excluded_stake += runtime_stack->stakes.id_weights[i].stake;
193 0 : }
194 0 : }
195 186 : staked_cnt = fd_ulong_min( staked_cnt, MAX_SHRED_DESTS );
196 186 : memcpy( runtime_stack->epoch_weights.id_weights, runtime_stack->stakes.id_weights, staked_cnt * sizeof(fd_stake_weight_t) );
197 186 : runtime_stack->epoch_weights.id_weights_cnt = staked_cnt;
198 186 : runtime_stack->epoch_weights.id_weights_excluded = excluded_stake;
199 186 : }
200 :
201 : /******************************************************************************/
202 : /* Various Private Runtime Helpers */
203 : /******************************************************************************/
204 :
205 : static int
206 : fd_runtime_validate_fee_collector( fd_bank_t const * bank,
207 : fd_acc_t const * collector,
208 12 : ulong fee ) {
209 12 : FD_TEST( fee );
210 12 : if( FD_UNLIKELY( memcmp( collector->owner, fd_solana_system_program_id.uc, 32UL ) ) ) return 0;
211 :
212 : /* https://github.com/anza-xyz/agave/blob/v1.18.23/runtime/src/bank/fee_distribution.rs#L111
213 : https://github.com/anza-xyz/agave/blob/v1.18.23/runtime/src/accounts/account_rent_state.rs#L39
214 :
215 : In agave's fee deposit code, rent state transition check logic is as follows:
216 : The transition is NOT allowed iff
217 : === BEGIN
218 : the post deposit account is rent paying AND the pre deposit account is not rent paying
219 : OR
220 : the post deposit account is rent paying AND the pre deposit account is rent paying AND !(post_data_size == pre_data_size && post_lamports <= pre_lamports)
221 : === END
222 : post_data_size == pre_data_size is always true during fee deposit.
223 : However, post_lamports > pre_lamports because we are paying a >0 amount.
224 : So, the above reduces down to
225 : === BEGIN
226 : the post deposit account is rent paying AND the pre deposit account is not rent paying
227 : OR
228 : the post deposit account is rent paying AND the pre deposit account is rent paying AND TRUE
229 : === END
230 : This is equivalent to checking that the post deposit account is rent paying.
231 : An account is rent paying if the post deposit balance is >0 AND it's not rent exempt.
232 : We already know that the post deposit balance is >0 because we are paying a >0 amount.
233 : So TLDR we just check if the account is rent exempt. */
234 9 : ulong balance = collector->lamports;
235 9 : FD_TEST( !__builtin_uaddl_overflow( balance, fee, &balance ) );
236 9 : return balance>=fd_rent_exempt_minimum_balance( &bank->f.rent, collector->data_len );
237 9 : }
238 :
239 : /* fd_runtime_settle_fees settles transaction fees accumulated during a
240 : slot. A portion is burnt, another portion is credited to the fee
241 : collector (typically leader). */
242 :
243 : static void
244 : fd_runtime_settle_fees( fd_bank_t * bank,
245 : fd_accdb_t * accdb,
246 81 : fd_capture_ctx_t * capture_ctx ) {
247 81 : ulong slot = bank->f.slot;
248 81 : ulong execution_fees = bank->f.execution_fees;
249 81 : ulong priority_fees = bank->f.priority_fees;
250 81 : ulong total_fees;
251 81 : if( FD_UNLIKELY( __builtin_uaddl_overflow( execution_fees, priority_fees, &total_fees ) ) ) {
252 0 : FD_LOG_EMERG(( "fee overflow detected (slot=%lu execution_fees=%lu priority_fees=%lu)",
253 0 : slot, execution_fees, priority_fees ));
254 0 : }
255 :
256 81 : ulong fee_burn = execution_fees / 2;
257 81 : ulong fee_reward = fd_ulong_sat_add( priority_fees, execution_fees - fee_burn );
258 :
259 : /* Remove fee balance from bank (decreasing capitalization).
260 : Allow underflow (wrap) to match Agave's silent fetch_sub behavior. */
261 81 : bank->f.capitalization -= total_fees;
262 81 : bank->f.execution_fees = 0;
263 81 : bank->f.priority_fees = 0;
264 :
265 81 : if( FD_LIKELY( fee_reward ) ) {
266 12 : fd_epoch_leaders_t const * leaders = fd_bank_epoch_leaders_query( bank, bank->f.epoch );
267 12 : fd_pubkey_t const * leader = fd_epoch_leaders_get( leaders, bank->f.slot );
268 12 : if( FD_UNLIKELY( !leader ) ) FD_LOG_CRIT(( "fd_epoch_leaders_get(%lu) returned NULL", bank->f.slot ));
269 :
270 : /* Pay out reward portion of collected fees (increasing capitalization) */
271 12 : fd_accdb_svm_update_t update[1];
272 12 : fd_acc_t acc = fd_accdb_svm_open_rw( bank, accdb, update, leader, 1 );
273 12 : if( FD_UNLIKELY( !fd_runtime_validate_fee_collector( bank, &acc, fee_reward ) ) ) { /* validation failed */
274 6 : FD_LOG_INFO(( "slot %lu has an invalid fee collector, burning fee reward (%lu lamports)", bank->f.slot, fee_reward ));
275 6 : } else {
276 6 : acc.lamports += fee_reward; /* guaranteed to not overflow, checked above */
277 6 : }
278 12 : fd_accdb_svm_close_rw( bank, accdb, capture_ctx, &acc, update );
279 12 : }
280 :
281 81 : FD_LOG_INFO(( "slot=%lu priority_fees=%lu execution_fees=%lu fee_burn=%lu fee_rewards=%lu",
282 81 : slot,
283 81 : priority_fees, execution_fees, fee_burn, fee_reward ));
284 81 : }
285 :
286 : static void
287 : fd_runtime_freeze( fd_bank_t * bank,
288 : fd_accdb_t * accdb,
289 81 : fd_capture_ctx_t * capture_ctx ) {
290 81 : if( FD_LIKELY( bank->f.slot ) ) fd_sysvar_recent_hashes_update( bank, accdb, capture_ctx );
291 81 : fd_sysvar_slot_history_update( bank, accdb, capture_ctx );
292 81 : fd_runtime_settle_fees( bank, accdb, capture_ctx );
293 :
294 : /* jito collects a 3% fee at the end of the block + 3% fee at
295 : distribution time. */
296 81 : ulong tips_pre_comission = bank->f.tips;
297 81 : bank->f.tips = (tips_pre_comission - (tips_pre_comission * 6UL / 100UL));
298 :
299 81 : fd_accdb_svm_remove( bank, accdb, capture_ctx, &fd_sysvar_incinerator_id );
300 81 : }
301 :
302 : /******************************************************************************/
303 : /* Block-Level Execution Preparation/Finalization */
304 : /******************************************************************************/
305 : void
306 : fd_runtime_new_fee_rate_governor_derived( fd_bank_t * bank,
307 4182 : ulong latest_signatures_per_slot ) {
308 :
309 4182 : fd_fee_rate_governor_t const * base_fee_rate_governor = &bank->f.fee_rate_governor;
310 :
311 4182 : ulong old_lamports_per_signature = bank->f.rbh_lamports_per_sig;
312 :
313 4182 : fd_fee_rate_governor_t me = {
314 4182 : .target_signatures_per_slot = base_fee_rate_governor->target_signatures_per_slot,
315 4182 : .target_lamports_per_signature = base_fee_rate_governor->target_lamports_per_signature,
316 4182 : .max_lamports_per_signature = base_fee_rate_governor->max_lamports_per_signature,
317 4182 : .min_lamports_per_signature = base_fee_rate_governor->min_lamports_per_signature,
318 4182 : .burn_percent = base_fee_rate_governor->burn_percent
319 4182 : };
320 :
321 4182 : ulong new_lamports_per_signature = 0;
322 4182 : if( me.target_signatures_per_slot > 0 ) {
323 6 : me.min_lamports_per_signature = fd_ulong_max( 1UL, (ulong)(me.target_lamports_per_signature / 2) );
324 6 : me.max_lamports_per_signature = me.target_lamports_per_signature * 10;
325 6 : ulong desired_lamports_per_signature = fd_ulong_min(
326 6 : me.max_lamports_per_signature,
327 6 : fd_ulong_max(
328 6 : me.min_lamports_per_signature,
329 6 : me.target_lamports_per_signature
330 6 : * fd_ulong_min(latest_signatures_per_slot, (ulong)UINT_MAX)
331 6 : / me.target_signatures_per_slot
332 6 : )
333 6 : );
334 6 : long gap = (long)desired_lamports_per_signature - (long)old_lamports_per_signature;
335 6 : if ( gap == 0 ) {
336 0 : new_lamports_per_signature = desired_lamports_per_signature;
337 6 : } else {
338 6 : long gap_adjust = (long)(fd_ulong_max( 1UL, (ulong)(me.target_lamports_per_signature / 20) ))
339 6 : * (gap != 0)
340 6 : * (gap > 0 ? 1 : -1);
341 6 : new_lamports_per_signature = fd_ulong_min(
342 6 : me.max_lamports_per_signature,
343 6 : fd_ulong_max(
344 6 : me.min_lamports_per_signature,
345 6 : (ulong)((long)old_lamports_per_signature + gap_adjust)
346 6 : )
347 6 : );
348 6 : }
349 4176 : } else {
350 4176 : new_lamports_per_signature = base_fee_rate_governor->target_lamports_per_signature;
351 4176 : me.min_lamports_per_signature = me.target_lamports_per_signature;
352 4176 : me.max_lamports_per_signature = me.target_lamports_per_signature;
353 4176 : }
354 4182 : bank->f.fee_rate_governor = me;
355 4182 : bank->f.rbh_lamports_per_sig = new_lamports_per_signature;
356 4182 : }
357 :
358 : /******************************************************************************/
359 : /* Epoch Boundary */
360 : /******************************************************************************/
361 :
362 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6704 */
363 : static void
364 : fd_apply_builtin_program_feature_transitions( fd_bank_t * bank,
365 : fd_accdb_t * accdb,
366 : fd_runtime_stack_t * runtime_stack,
367 186 : fd_capture_ctx_t * capture_ctx ) {
368 : /* TODO: Set the upgrade authority properly from the core bpf migration config. Right now it's set to None.
369 :
370 : Migrate any necessary stateless builtins to core BPF. So far,
371 : the only "stateless" builtin is the Feature program. Beginning
372 : checks in the migrate_builtin_to_core_bpf function will fail if the
373 : program has already been migrated to BPF. */
374 :
375 186 : fd_builtin_program_t const * builtins = fd_builtins();
376 1860 : for( ulong i=0UL; i<fd_num_builtins(); i++ ) {
377 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6732-L6751 */
378 1674 : if( builtins[i].core_bpf_migration_config && FD_FEATURE_ACTIVE_OFFSET( bank->f.slot, &bank->f.features, builtins[i].core_bpf_migration_config->enable_feature_offset ) ) {
379 0 : FD_BASE58_ENCODE_32_BYTES( builtins[i].pubkey->key, pubkey_b58 );
380 0 : FD_LOG_DEBUG(( "Migrating builtin program %s to core BPF", pubkey_b58 ));
381 0 : fd_migrate_builtin_to_core_bpf( bank, accdb, runtime_stack, builtins[i].core_bpf_migration_config, capture_ctx );
382 0 : }
383 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6753-L6774 */
384 1674 : if( builtins[i].enable_feature_offset!=NO_ENABLE_FEATURE_ID && FD_FEATURE_JUST_ACTIVATED_OFFSET( bank, builtins[i].enable_feature_offset ) ) {
385 0 : FD_BASE58_ENCODE_32_BYTES( builtins[i].pubkey->key, pubkey_b58 );
386 0 : FD_LOG_DEBUG(( "Enabling builtin program %s", pubkey_b58 ));
387 0 : fd_write_builtin_account( bank, accdb, capture_ctx, *builtins[i].pubkey, builtins[i].data,strlen(builtins[i].data) );
388 0 : }
389 1674 : }
390 :
391 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6776-L6793 */
392 186 : fd_stateless_builtin_program_t const * stateless_builtins = fd_stateless_builtins();
393 558 : for( ulong i=0UL; i<fd_num_stateless_builtins(); i++ ) {
394 372 : if( stateless_builtins[i].core_bpf_migration_config && FD_FEATURE_ACTIVE_OFFSET( bank->f.slot, &bank->f.features, stateless_builtins[i].core_bpf_migration_config->enable_feature_offset ) ) {
395 0 : FD_BASE58_ENCODE_32_BYTES( stateless_builtins[i].pubkey->key, pubkey_b58 );
396 0 : FD_LOG_DEBUG(( "Migrating stateless builtin program %s to core BPF", pubkey_b58 ));
397 0 : fd_migrate_builtin_to_core_bpf( bank, accdb, runtime_stack, stateless_builtins[i].core_bpf_migration_config, capture_ctx );
398 0 : }
399 372 : }
400 :
401 : /* https://github.com/anza-xyz/agave/blob/c1080de464cfb578c301e975f498964b5d5313db/runtime/src/bank.rs#L6795-L6805 */
402 744 : for( fd_precompile_program_t const * precompiles = fd_precompiles(); precompiles->verify_fn; precompiles++ ) {
403 558 : if( precompiles->feature_offset != NO_ENABLE_FEATURE_ID &&
404 558 : FD_FEATURE_JUST_ACTIVATED_OFFSET( bank, precompiles->feature_offset ) ) {
405 0 : fd_write_builtin_account( bank, accdb, capture_ctx, *precompiles->pubkey, "", 0 );
406 0 : }
407 558 : }
408 186 : }
409 :
410 : static void
411 : fd_feature_activate( fd_bank_t * bank,
412 : fd_accdb_t * accdb,
413 : fd_capture_ctx_t * capture_ctx,
414 : fd_feature_id_t const * id,
415 52266 : fd_pubkey_t const * addr ) {
416 52266 : fd_features_set( &bank->f.features, id, FD_FEATURE_DISABLED );
417 :
418 52266 : if( FD_UNLIKELY( id->reverted==1 ) ) return;
419 :
420 49290 : fd_acc_t acc = fd_accdb_read_one( accdb, bank->accdb_fork_id, addr->uc );
421 49290 : if( FD_UNLIKELY( !acc.lamports || memcmp( acc.owner, fd_solana_feature_program_id.uc, 32UL ) ) ) {
422 49173 : fd_accdb_unread_one( accdb, &acc ); /* Feature account not yet initialized */
423 49173 : return;
424 49173 : }
425 :
426 117 : fd_feature_t feature;
427 117 : if( FD_UNLIKELY( !fd_feature_decode( &feature, acc.data, acc.data_len ) ) ) {
428 3 : FD_BASE58_ENCODE_32_BYTES( addr->uc, addr_b58 );
429 3 : FD_LOG_WARNING(( "cannot activate feature %s, corrupt account data", addr_b58 ));
430 3 : FD_LOG_HEXDUMP_NOTICE(( "corrupt feature account", acc.data, acc.data_len ));
431 3 : fd_accdb_unread_one( accdb, &acc );
432 3 : return;
433 3 : }
434 114 : fd_accdb_unread_one( accdb, &acc );
435 :
436 114 : FD_BASE58_ENCODE_32_BYTES( addr->uc, addr_b58 );
437 114 : if( FD_UNLIKELY( feature.is_active ) ) {
438 111 : FD_LOG_DEBUG(( "feature %s already activated at slot %lu", addr_b58, feature.activation_slot ));
439 111 : fd_features_set( &bank->f.features, id, feature.activation_slot);
440 111 : } else {
441 3 : FD_LOG_DEBUG(( "feature %s not activated at slot %lu, activating", addr_b58, bank->f.slot ));
442 3 : fd_accdb_svm_update_t update[1];
443 3 : fd_acc_t acc = fd_accdb_svm_open_rw( bank, accdb, update, addr, 0 );
444 3 : if( FD_UNLIKELY( !acc.lamports ) ) return;
445 3 : FD_TEST( acc.data_len>=sizeof(fd_feature_t) );
446 :
447 3 : feature.is_active = 1;
448 3 : feature.activation_slot = bank->f.slot;
449 3 : FD_STORE( fd_feature_t, acc.data, feature );
450 3 : fd_accdb_svm_close_rw( bank, accdb, capture_ctx, &acc, update );
451 3 : }
452 114 : }
453 :
454 : static void
455 : fd_features_activate( fd_bank_t * bank,
456 : fd_accdb_t * accdb,
457 186 : fd_capture_ctx_t * capture_ctx ) {
458 186 : for( fd_feature_id_t const * id = fd_feature_iter_init();
459 52452 : !fd_feature_iter_done( id );
460 52266 : id = fd_feature_iter_next( id ) ) {
461 52266 : fd_feature_activate( bank, accdb, capture_ctx, id, &id->id );
462 52266 : }
463 186 : }
464 :
465 : /* SIMD-0194: deprecate_rent_exemption_threshold
466 : https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5322-L5329 */
467 : static void
468 : deprecate_rent_exemption_threshold( fd_bank_t * bank,
469 : fd_accdb_t * accdb,
470 0 : fd_capture_ctx_t * capture_ctx ) {
471 : /* We use the bank fields here to mirror Agave - in mainnet, devnet
472 : and testnet Agave's bank rent.burn_percent field is different to
473 : the value in the sysvar. When this feature is activated in Agave,
474 : the sysvar inherits the value from the bank. */
475 0 : fd_rent_t rent = bank->f.rent;
476 0 : rent.lamports_per_uint8_year = fd_rust_cast_double_to_ulong(
477 0 : (double)rent.lamports_per_uint8_year * rent.exemption_threshold );
478 0 : rent.exemption_threshold = FD_SIMD_0194_NEW_RENT_EXEMPTION_THRESHOLD;
479 0 : rent.burn_percent = FD_SIMD_0194_NEW_BURN_PERCENT;
480 :
481 : /* We don't refresh the sysvar cache here. The cache is refreshed in
482 : fd_sysvar_cache_restore, which is called at the start of every
483 : block in fd_runtime_block_execute_prepare, after this function. */
484 0 : fd_sysvar_rent_write( bank, accdb, capture_ctx, &rent );
485 0 : bank->f.rent = rent;
486 0 : }
487 :
488 : // https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5296-L5391
489 : static void
490 : fd_compute_and_apply_new_feature_activations( fd_bank_t * bank,
491 : fd_accdb_t * accdb,
492 : fd_runtime_stack_t * runtime_stack,
493 186 : fd_capture_ctx_t * capture_ctx ) {
494 : /* Activate new features
495 : https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5296-L5391 */
496 186 : fd_features_activate( bank, accdb, capture_ctx );
497 186 : fd_features_restore( bank, accdb );
498 :
499 : /* SIMD-0194: deprecate_rent_exemption_threshold
500 : https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5322-L5329 */
501 186 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, deprecate_rent_exemption_threshold ) ) ) {
502 0 : deprecate_rent_exemption_threshold( bank, accdb, capture_ctx );
503 0 : }
504 :
505 : /* Apply builtin program feature transitions
506 : https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6621-L6624 */
507 186 : fd_apply_builtin_program_feature_transitions( bank, accdb, runtime_stack, capture_ctx );
508 :
509 186 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, vote_state_v4 ) ) ) {
510 0 : fd_upgrade_core_bpf_program( bank, accdb, runtime_stack, &fd_solana_stake_program_id, &fd_solana_stake_program_vote_state_v4_buffer_address, capture_ctx );
511 0 : }
512 :
513 : /* https://github.com/anza-xyz/agave/blob/v4.0.0-beta.2/runtime/src/bank.rs#L5703-L5716 */
514 186 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, replace_spl_token_with_p_token ) ) ) {
515 0 : fd_upgrade_loader_v2_program_with_loader_v3_program(
516 0 : bank,
517 0 : accdb,
518 0 : runtime_stack,
519 0 : &fd_solana_spl_token_id,
520 0 : &fd_solana_ptoken_program_buffer_address,
521 0 : FD_FEATURE_ACTIVE_BANK( bank, relax_programdata_account_check_migration ),
522 0 : capture_ctx );
523 0 : }
524 :
525 : /* https://github.com/anza-xyz/agave/blob/v4.0.0-beta.4/runtime/src/bank.rs#L5736-L5744 */
526 186 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, upgrade_bpf_stake_program_to_v5 ) ) ) {
527 0 : fd_upgrade_core_bpf_program(
528 0 : bank,
529 0 : accdb,
530 0 : runtime_stack,
531 0 : &fd_solana_stake_program_id,
532 0 : &fd_solana_stake_program_v5_buffer_address,
533 0 : capture_ctx );
534 0 : }
535 186 : }
536 :
537 : /* Starting a new epoch.
538 : New epoch: T
539 : Just ended epoch: T-1
540 : Epoch before: T-2
541 :
542 : In this function:
543 : - stakes in T-2 (vote_states_prev_prev) should be replaced by T-1 (vote_states_prev)
544 : - stakes at T-1 (vote_states_prev) should be replaced by updated stakes at T (vote_states)
545 : - leader schedule should be calculated using new T-2 stakes (vote_states_prev_prev)
546 :
547 : Invariant during an epoch T:
548 : vote_states_prev holds the stakes at T-1
549 : vote_states_prev_prev holds the stakes at T-2
550 : */
551 : /* process for the start of a new epoch */
552 : static void
553 : fd_runtime_process_new_epoch( fd_banks_t * banks,
554 : fd_bank_t * bank,
555 : fd_accdb_t * accdb,
556 : fd_capture_ctx_t * capture_ctx,
557 : ulong parent_epoch,
558 186 : fd_runtime_stack_t * runtime_stack ) {
559 186 : long start = fd_log_wallclock();
560 :
561 186 : fd_compute_and_apply_new_feature_activations( bank, accdb, runtime_stack, capture_ctx );
562 :
563 186 : bank->f.slot_params = fd_slot_params_at_slot( bank, bank->f.slot );
564 :
565 : /* Update the cached warmup/cooldown rate epoch now that features may
566 : have changed (reduce_stake_warmup_cooldown may have just activated). */
567 186 : bank->f.warmup_cooldown_rate_epoch = fd_slot_to_epoch( &bank->f.epoch_schedule,
568 186 : bank->f.features.reduce_stake_warmup_cooldown,
569 186 : NULL );
570 :
571 : /* Updates stake history sysvar accumulated values and recomputes
572 : stake delegations for vote accounts. */
573 :
574 186 : fd_stake_delegations_t const * stake_delegations = fd_bank_stake_delegations_frontier_query( banks, bank );
575 186 : if( FD_UNLIKELY( !stake_delegations ) ) {
576 0 : FD_LOG_CRIT(( "stake_delegations is NULL" ));
577 0 : }
578 :
579 186 : fd_stakes_activate_epoch( bank, runtime_stack, accdb, capture_ctx, stake_delegations,
580 186 : &bank->f.warmup_cooldown_rate_epoch );
581 :
582 : /* Distribute rewards. This involves calculating the rewards for
583 : every vote and stake account. */
584 :
585 186 : fd_hash_t const * parent_blockhash = fd_blockhashes_peek_last_hash( &bank->f.block_hash_queue );
586 186 : fd_begin_partitioned_rewards( bank,
587 186 : accdb,
588 186 : runtime_stack,
589 186 : capture_ctx,
590 186 : stake_delegations,
591 186 : parent_blockhash,
592 186 : parent_epoch );
593 :
594 186 : fd_bank_stake_delegations_end_frontier_query( banks, bank );
595 :
596 : /* The Agave client handles updating their stakes cache with a call to
597 : update_epoch_stakes() which keys stakes by the leader schedule
598 : epochs and retains up to 6 epochs of stakes. However, to correctly
599 : calculate the leader schedule, we just need to maintain the vote
600 : states for the current epoch, the previous epoch, and the one
601 : before that.
602 : https://github.com/anza-xyz/agave/blob/v3.0.4/runtime/src/bank.rs#L2175
603 : */
604 :
605 : /* Now that our stakes caches have been updated, we can calculate the
606 : leader schedule for the upcoming epoch epoch using our new
607 : vote_states_prev_prev (stakes for T-2). */
608 :
609 186 : fd_runtime_update_leaders( bank, runtime_stack );
610 :
611 186 : long end = fd_log_wallclock();
612 186 : FD_LOG_NOTICE(( "starting epoch %s%lu%s at slot %lu %s(took %.6f seconds)%s", fd_log_style_bold(), bank->f.epoch, fd_log_style_normal(), bank->f.slot, fd_log_style_dim(), (double)(end - start) / 1e9, fd_log_style_normal() ));
613 186 : }
614 :
615 : static void
616 : fd_runtime_block_pre_execute_process_new_epoch( fd_banks_t * banks,
617 : fd_bank_t * bank,
618 : fd_accdb_t * accdb,
619 : fd_capture_ctx_t * capture_ctx,
620 : fd_runtime_stack_t * runtime_stack,
621 4182 : int * is_epoch_boundary ) {
622 :
623 4182 : ulong const slot = bank->f.slot;
624 4182 : if( FD_LIKELY( slot != 0UL ) ) {
625 4182 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
626 :
627 4182 : ulong prev_epoch = fd_slot_to_epoch( epoch_schedule, bank->f.parent_slot, NULL );
628 4182 : ulong slot_idx;
629 4182 : ulong new_epoch = fd_slot_to_epoch( epoch_schedule, slot, &slot_idx );
630 4182 : if( FD_UNLIKELY( slot_idx==1UL && new_epoch==0UL ) ) {
631 : /* The block after genesis has a height of 1. */
632 0 : bank->f.block_height = 1UL;
633 0 : }
634 :
635 4182 : if( FD_UNLIKELY( prev_epoch<new_epoch || !slot_idx ) ) {
636 186 : FD_LOG_DEBUG(( "Epoch boundary starting" ));
637 186 : fd_runtime_process_new_epoch( banks, bank, accdb, capture_ctx, prev_epoch, runtime_stack );
638 186 : *is_epoch_boundary = 1;
639 3996 : } else {
640 3996 : *is_epoch_boundary = 0;
641 3996 : }
642 :
643 4182 : fd_distribute_partitioned_epoch_rewards( bank, accdb, capture_ctx );
644 4182 : } else {
645 0 : *is_epoch_boundary = 0;
646 0 : }
647 4182 : }
648 :
649 :
650 : static void
651 : fd_runtime_block_sysvar_update_pre_execute( fd_bank_t * bank,
652 : fd_accdb_t * accdb,
653 : fd_runtime_stack_t * runtime_stack,
654 4182 : fd_capture_ctx_t * capture_ctx ) {
655 : // let (fee_rate_governor, fee_components_time_us) = measure_us!(
656 : // FeeRateGovernor::new_derived(&parent.fee_rate_governor, parent.signature_count())
657 : // );
658 : /* https://github.com/firedancer-io/solana/blob/dab3da8e7b667d7527565bddbdbecf7ec1fb868e/runtime/src/bank.rs#L1312-L1314 */
659 :
660 4182 : fd_runtime_new_fee_rate_governor_derived( bank, bank->f.parent_signature_cnt );
661 :
662 4182 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
663 4182 : ulong parent_epoch = fd_slot_to_epoch( epoch_schedule, bank->f.parent_slot, NULL );
664 4182 : fd_sysvar_clock_update( bank, accdb, capture_ctx, runtime_stack, &parent_epoch );
665 :
666 : // It has to go into the current txn previous info but is not in slot 0
667 4182 : if( bank->f.slot != 0 ) {
668 4182 : fd_sysvar_slot_hashes_update( bank, accdb, capture_ctx );
669 4182 : }
670 4182 : fd_sysvar_last_restart_slot_update( bank, accdb, capture_ctx );
671 4182 : }
672 :
673 : int
674 : fd_runtime_load_txn_address_lookup_tables( fd_txn_t const * txn,
675 : uchar const * payload,
676 : fd_accdb_t * accdb,
677 : fd_accdb_fork_id_t fork_id,
678 : ulong slot,
679 : fd_slot_hashes_t const * hashes,
680 216 : fd_acct_addr_t * out_accts_alt ) {
681 :
682 216 : if( FD_LIKELY( txn->transaction_version!=FD_TXN_V0 ) ) return FD_RUNTIME_EXECUTE_SUCCESS;
683 :
684 213 : fd_alut_interp_t interp[1];
685 213 : fd_alut_interp_new( interp, out_accts_alt, txn, payload, hashes, slot );
686 :
687 213 : fd_txn_acct_addr_lut_t const * addr_luts = fd_txn_get_address_tables_const( txn );
688 297 : for( ulong i=0UL; i<txn->addr_table_lookup_cnt; i++ ) {
689 117 : fd_txn_acct_addr_lut_t const * addr_lut = &addr_luts[i];
690 117 : fd_pubkey_t addr_lut_acc = FD_LOAD( fd_pubkey_t, payload+addr_lut->addr_off );
691 :
692 117 : fd_acc_t acc = fd_accdb_read_one( accdb, fork_id, addr_lut_acc.uc );
693 117 : if( FD_UNLIKELY( !acc.lamports ) ) {
694 3 : fd_accdb_unread_one( accdb, &acc );
695 3 : return FD_RUNTIME_TXN_ERR_ADDRESS_LOOKUP_TABLE_NOT_FOUND;
696 3 : }
697 114 : int err = fd_alut_interp_next( interp, &addr_lut_acc, acc.owner, acc.data, acc.data_len );
698 114 : fd_accdb_unread_one( accdb, &acc );
699 114 : if( FD_UNLIKELY( err ) ) return err;
700 114 : }
701 :
702 180 : return FD_RUNTIME_EXECUTE_SUCCESS;
703 213 : }
704 :
705 : /* Pre-populate the bank's in-memory feature set with upcoming feature
706 : activations. If the current slot is the last slot before an epoch
707 : boundary, scan all known feature accounts. Otherwise, returns early.
708 :
709 : For any feature that is pending (not yet activated on-chain) but has
710 : an account owned by the feature program, set the in-memory activation
711 : slot within the bank's featureset to the first slot of the next
712 : epoch. This is needed so that deployment verification (which uses
713 : slot+1) can detect features that will activate at the next epoch
714 : boundary.
715 :
716 : In Agave, program deployments use the feature set from the next
717 : slot via DELAY_VISIBILITY_SLOT_OFFSET. The runtime environments
718 : for deployment are selected based on epoch_of(slot+1):
719 : https://github.com/anza-xyz/agave/blob/v3.1.8/runtime/src/bank.rs#L3280-L3295
720 : https://github.com/anza-xyz/agave/blob/v3.1.8/svm/src/transaction_processor.rs#L339-L345
721 :
722 : This function does NOT write to feature accounts or update the
723 : lthash. It only modifies the bank's in-memory feature set. */
724 : static void
725 : fd_features_prepopulate_upcoming( fd_bank_t * bank,
726 4182 : fd_accdb_t * accdb ) {
727 4182 : ulong slot = bank->f.slot;
728 4182 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
729 4182 : ulong curr_epoch = fd_slot_to_epoch( epoch_schedule, slot, NULL );
730 4182 : ulong next_epoch = fd_slot_to_epoch( epoch_schedule, slot+1UL, NULL );
731 4182 : if( FD_LIKELY( curr_epoch==next_epoch ) ) return;
732 :
733 48 : fd_features_restore( bank, accdb );
734 48 : }
735 :
736 : void
737 : fd_runtime_block_execute_prepare( fd_banks_t * banks,
738 : fd_bank_t * bank,
739 : fd_accdb_t * accdb,
740 : fd_runtime_stack_t * runtime_stack,
741 : fd_capture_ctx_t * capture_ctx,
742 4182 : int * is_epoch_boundary ) {
743 4182 : fd_runtime_block_pre_execute_process_new_epoch( banks, bank, accdb, capture_ctx, runtime_stack, is_epoch_boundary );
744 :
745 4182 : if( FD_LIKELY( bank->f.slot ) ) {
746 4182 : fd_cost_tracker_t * cost_tracker = fd_bank_cost_tracker_modify( bank );
747 4182 : FD_TEST( cost_tracker );
748 4182 : fd_cost_tracker_init( cost_tracker, &bank->f.features, &bank->f.slot_params, bank->f.slot );
749 4182 : }
750 :
751 4182 : fd_features_prepopulate_upcoming( bank, accdb );
752 4182 : fd_runtime_block_sysvar_update_pre_execute( bank, accdb, runtime_stack, capture_ctx );
753 4182 : FD_TEST( fd_sysvar_cache_restore( bank, accdb ) );
754 4182 : }
755 :
756 : static void
757 : fd_runtime_update_bank_hash( fd_bank_t * bank,
758 81 : fd_capture_ctx_t * capture_ctx ) {
759 : /* Compute the new bank hash */
760 81 : fd_lthash_value_t const * lthash = fd_bank_lthash_locking_query( bank );
761 81 : fd_hash_t new_bank_hash[1] = { 0 };
762 81 : fd_hashes_hash_bank(
763 81 : lthash,
764 81 : &bank->f.prev_bank_hash,
765 81 : (fd_hash_t *)bank->f.poh.hash,
766 81 : bank->f.signature_count,
767 81 : new_bank_hash );
768 :
769 : /* Update the bank hash */
770 81 : bank->f.bank_hash = *new_bank_hash;
771 :
772 81 : if( capture_ctx && capture_ctx->capture_solcap &&
773 81 : bank->f.slot>=capture_ctx->solcap_start_slot ) {
774 :
775 0 : uchar lthash_hash[FD_HASH_FOOTPRINT];
776 0 : fd_blake3_hash(lthash->bytes, FD_LTHASH_LEN_BYTES, lthash_hash );
777 0 : fd_capture_link_write_bank_preimage(
778 0 : capture_ctx,
779 0 : bank->f.slot,
780 0 : (fd_hash_t *)new_bank_hash->hash,
781 0 : (fd_hash_t *)&bank->f.prev_bank_hash,
782 0 : (fd_hash_t *)lthash_hash,
783 0 : (fd_hash_t *)bank->f.poh.hash,
784 0 : bank->f.signature_count );
785 0 : }
786 :
787 81 : fd_bank_lthash_end_locking_query( bank );
788 81 : }
789 :
790 : /******************************************************************************/
791 : /* Transaction Level Execution Management */
792 : /******************************************************************************/
793 :
794 : /* fd_runtime_pre_execute_check is responsible for conducting many of
795 : the transaction sanitization checks. This is a combination of some
796 : of the work done in Agave's load_and_execute_transactions(), and some
797 : of the work done in Agave's transaction ingestion stage, before the
798 : transaction even hits the scheduler. We do some of the checks also
799 : in our transaction ingestion stage. For example, the duplicate
800 : account check is performed in both the leader and the replay
801 : scheduler. As a result, the duplicate account check below is
802 : essentially redundant, except that our fuzzing harness expects a
803 : single entry point to cover all of these checks. So we keep all of
804 : the checks below for fuzzing purposes. We could in theory hoist some
805 : of the pre-scheduler checks into a public function that is only
806 : invoked by the fuzzer to avoid duplication in the leader and the
807 : replay pipeline. But all the duplicate checks are pretty cheap, and
808 : the order and placement of the checks are also in motion on Agave's
809 : side, and performing all the checks faithfully would require access
810 : to the bank in the scheduler which is kind of gross. So that's all
811 : probably more hassle than worth. */
812 :
813 : static inline int
814 : fd_runtime_pre_execute_check( fd_runtime_t * runtime,
815 : fd_bank_t * bank,
816 : fd_txn_in_t const * txn_in,
817 273 : fd_txn_out_t * txn_out ) {
818 :
819 : /* https://github.com/anza-xyz/agave/blob/16de8b75ebcd57022409b422de557dd37b1de8db/sdk/src/transaction/sanitized.rs#L263-L275
820 : TODO: Agave's precompile verification is done at the slot level, before batching and executing transactions. This logic should probably
821 : be moved in the future. The Agave call heirarchy looks something like this:
822 : process_single_slot
823 : v
824 : confirm_full_slot
825 : v
826 : confirm_slot_entries --------------------------------------------------->
827 : v v v
828 : verify_transaction ComputeBudget::process_instruction process_entries
829 : v v
830 : verify_precompiles process_batches
831 : v
832 : ...
833 : v
834 : load_and_execute_transactions
835 : v
836 : ...
837 : v
838 : load_accounts --> load_transaction_accounts
839 : v
840 : general transaction execution
841 :
842 : */
843 :
844 : /* Verify the transaction. For now, this step only involves processing
845 : the compute budget instructions. */
846 273 : int err = fd_executor_verify_transaction( bank, txn_in, txn_out );
847 273 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
848 3 : txn_out->err.is_committable = 0;
849 3 : return err;
850 3 : }
851 :
852 : /* Set up the transaction accounts and other txn ctx metadata. This
853 : also resolves ALUT-referenced account keys and validates account
854 : locks before accounts are acquired. Bundle txns bind to the pool
855 : acquired and validated once for the whole bundle by
856 : fd_runtime_prepare_bundle_accounts and never acquire. */
857 270 : if( FD_UNLIKELY( txn_in->bundle.is_bundle ) ) {
858 99 : fd_executor_setup_accounts_for_txn_bundle( runtime, txn_in, txn_out );
859 171 : } else {
860 171 : err = fd_executor_setup_accounts_for_txn( runtime, bank, txn_in, txn_out );
861 171 : }
862 270 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
863 0 : txn_out->err.is_committable = 0;
864 0 : return err;
865 0 : }
866 :
867 270 : txn_out->details.check_start_ticks = fd_tickcount();
868 :
869 : /* load_and_execute_transactions() -> check_transactions()
870 : https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/runtime/src/bank.rs#L3667-L3672 */
871 270 : err = fd_executor_check_transactions( runtime, bank, txn_in, txn_out );
872 270 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
873 3 : txn_out->err.is_committable = 0;
874 3 : return err;
875 3 : }
876 :
877 : /* load_and_execute_sanitized_transactions() -> validate_fees() ->
878 : validate_transaction_fee_payer()
879 : https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/svm/src/transaction_processor.rs#L236-L249 */
880 267 : err = fd_executor_validate_transaction_fee_payer( bank, txn_in, txn_out );
881 267 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
882 0 : txn_out->err.is_committable = 0;
883 0 : return err;
884 0 : }
885 :
886 : /* https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/svm/src/transaction_processor.rs#L284-L296 */
887 267 : err = fd_executor_load_transaction_accounts( bank, txn_in, txn_out );
888 267 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
889 : /* Regardless of whether transaction accounts were loaded successfully, the transaction is
890 : included in the block and transaction fees are collected.
891 : https://github.com/anza-xyz/agave/blob/v2.1.6/svm/src/transaction_processor.rs#L341-L357 */
892 21 : txn_out->err.is_fees_only = 1;
893 :
894 : /* If the transaction fails to load, the "rollback" accounts will include one of the following:
895 : 1. Nonce account only
896 : 2. Fee payer only
897 : 3. Nonce account + fee payer
898 :
899 : Because the cost tracker uses the loaded account data size in block cost calculations, we need to
900 : make sure our calculated loaded accounts data size is conformant with Agave's.
901 : https://github.com/anza-xyz/agave/blob/v4.1.0-beta.1/svm/src/account_loader.rs#L437-L449
902 :
903 : These are different depending on if define_ltds_fee_only_semantics is enabled or not.
904 :
905 : If define_ltds_fee_only_semantics is enabled, we use the accumulated load size so far,
906 : clamped to the compute budget requested loaded_accounts_data_size_limit. */
907 21 : if( FD_FEATURE_ACTIVE_BANK( bank, define_ltds_fee_only_semantics ) ) {
908 : /* https://github.com/anza-xyz/agave/blob/v4.1.0-beta.1/svm/src/account_loader.rs#L495-L501 */
909 9 : txn_out->details.loaded_accounts_data_size = fd_ulong_min(
910 9 : txn_out->details.loaded_accounts_data_size,
911 9 : txn_out->details.compute_budget.loaded_accounts_data_size_limit );
912 12 : } else {
913 : /* If define_ltds_fee_only_semantics is not enabled, initialize
914 : loaded_accounts_data_size with the dlen of the fee payer. */
915 12 : txn_out->details.loaded_accounts_data_size = txn_out->accounts.account[ FD_FEE_PAYER_TXN_IDX ]->data_len;
916 :
917 : /* Special case handling for if a nonce account is present in the transaction. */
918 12 : if( txn_out->accounts.nonce_idx_in_txn!=ULONG_MAX ) {
919 : /* If the nonce account is not the fee payer, then we separately add the dlen of the nonce account. Otherwise, we would
920 : be double counting the dlen of the fee payer. */
921 6 : if( txn_out->accounts.nonce_idx_in_txn!=FD_FEE_PAYER_TXN_IDX ) {
922 3 : txn_out->details.loaded_accounts_data_size += txn_out->accounts.account[ txn_out->accounts.nonce_idx_in_txn ]->data_len;
923 3 : }
924 6 : }
925 12 : }
926 21 : }
927 :
928 : /*
929 : The fee payer and the nonce account will be stored and hashed so
930 : long as the transaction landed on chain, or, in Agave terminology,
931 : the transaction was processed.
932 : https://github.com/anza-xyz/agave/blob/v2.1.1/runtime/src/account_saver.rs#L72
933 :
934 : A transaction lands on chain in one of two ways:
935 : (1) Passed fee validation and loaded accounts.
936 : (2) Passed fee validation and failed to load accounts and the enable_transaction_loading_failure_fees feature is enabled as per
937 : SIMD-0082 https://github.com/anza-xyz/feature-gate-tracker/issues/52
938 :
939 : So, at this point, the transaction is committable.
940 : */
941 :
942 267 : return err;
943 267 : }
944 :
945 : /* fd_runtime_lthash_account updates the running lthash of the bank
946 : given an account that might have been updated. */
947 :
948 : static void
949 : fd_runtime_lthash_account( fd_bank_t * bank,
950 : fd_pubkey_t const * pubkey,
951 : fd_acc_t * acc,
952 135 : fd_capture_ctx_t * capture_ctx ) {
953 135 : if( FD_UNLIKELY( !acc->lamports ) ) {
954 12 : acc->data_len = 0UL;
955 12 : acc->executable = 0;
956 12 : memset( acc->owner, 0, sizeof(acc->owner) );
957 12 : }
958 :
959 135 : fd_lthash_value_t lthash_prev[1];
960 135 : if( FD_LIKELY( acc->prior_data ) ) {
961 132 : fd_hashes_account_lthash_simple( pubkey->uc, acc->prior_owner, acc->prior_lamports, acc->prior_executable, acc->prior_data, acc->prior_data_len, lthash_prev );
962 132 : } else {
963 3 : fd_lthash_zero( lthash_prev );
964 3 : }
965 :
966 135 : fd_lthash_value_t lthash_post[1];
967 135 : if( FD_LIKELY( acc->prior_lamports || acc->lamports ) ) {
968 135 : fd_hashes_update_simple( lthash_post, lthash_prev, pubkey->uc, acc->owner, acc->lamports, acc->executable, acc->data, acc->data_len, bank, capture_ctx );
969 135 : }
970 135 : }
971 :
972 : /* fd_runtime_commit_txn is a helper used by the transaction executor to
973 : finalize account changes back into the database. It also handles
974 : txncache insertion and updates to the vote/stake cache. TODO: This
975 : function should probably be moved to fd_executor.c. */
976 :
977 : void
978 : fd_runtime_commit_txn( fd_runtime_t * runtime,
979 : fd_bank_t * bank,
980 : fd_txn_in_t const * txn_in,
981 : fd_txn_out_t * txn_out,
982 117 : int report_transaction_diffs ) {
983 117 : FD_TEST( txn_out->err.is_committable );
984 :
985 117 : txn_out->details.commit_start_ticks = fd_tickcount();
986 :
987 117 : if( FD_UNLIKELY( !txn_out->err.txn_err ) ) {
988 96 : fd_top_votes_t * top_votes = fd_bank_top_votes_t_2_modify( bank );
989 804 : for( ushort i=0; i<txn_out->accounts.cnt; i++ ) {
990 : /* We are only interested in saving writable accounts and the fee
991 : payer account. */
992 708 : if( FD_UNLIKELY( !txn_out->accounts.is_writable[ i ] ) ) continue;
993 :
994 177 : fd_pubkey_t const * pubkey = &txn_out->accounts.keys[ i ];
995 :
996 : /* new_vote/rm_vote feed an ordered op-log (fd_new_votes), not a
997 : net-state cache, so they must fire per writable txn before the
998 : account_acquired gate below. In a bundle the accdb ref is
999 : owned by a single (last writable) txn, but every writable txn
1000 : that created/closed a vote account must contribute its op in
1001 : order so create->delete->recreate replays identically to a
1002 : per-txn commit. These flags are left on the txn that set them
1003 : (not carried), so each fires exactly where the vote program
1004 : recorded it. */
1005 177 : if( FD_UNLIKELY( txn_out->accounts.new_vote[ i ] &&
1006 177 : !FD_FEATURE_ACTIVE_BANK( bank, validator_admission_ticket ) ) ) {
1007 6 : fd_new_votes_t * new_votes = fd_bank_new_votes( bank );
1008 6 : fd_new_votes_insert( new_votes, bank->new_votes_fork_id, pubkey );
1009 6 : }
1010 177 : if( FD_UNLIKELY( txn_out->accounts.rm_vote[i] &&
1011 177 : !FD_FEATURE_ACTIVE_BANK( bank, validator_admission_ticket ) ) ) {
1012 6 : fd_new_votes_t * new_votes = fd_bank_new_votes( bank );
1013 6 : fd_new_votes_remove( new_votes, bank->new_votes_fork_id, pubkey );
1014 6 : }
1015 :
1016 : /* Only the txn that owns the accdb reference commits the account
1017 : state. In a bundle, an account is owned by its last writable
1018 : user (account_acquired==1); every other txn referencing it has
1019 : account_acquired==0 and skips here, so the final shared state is
1020 : lthashed exactly once and not double-counted. stake_update/
1021 : vote_update are recomputed from the final state and were moved
1022 : onto this owner, so they also fire here exactly once. */
1023 177 : if( FD_UNLIKELY( !txn_out->accounts.account_acquired[ i ] ) ) continue;
1024 :
1025 114 : fd_acc_t * account = txn_out->accounts.account[ i ];
1026 114 : account->commit = 1;
1027 :
1028 114 : if( FD_UNLIKELY( txn_out->accounts.stake_update[ i ] ) ) {
1029 6 : fd_stakes_update_stake_delegation( pubkey, account, bank );
1030 6 : }
1031 :
1032 114 : if( txn_out->accounts.vote_update[i] ) {
1033 0 : fd_vote_block_timestamp_t last_vote;
1034 0 : if( FD_UNLIKELY( !account->lamports ||
1035 0 : !fd_vsv_is_correct_size_owner_and_init( account->owner, account->data, account->data_len ) ||
1036 0 : fd_vote_account_last_timestamp( account->data, account->data_len, &last_vote ) ) ) {
1037 0 : fd_top_votes_invalidate( top_votes, pubkey );
1038 0 : } else {
1039 0 : fd_top_votes_update( top_votes, pubkey, last_vote.slot, last_vote.timestamp );
1040 0 : }
1041 0 : }
1042 :
1043 114 : fd_runtime_lthash_account( bank, pubkey, account, runtime->log.capture_ctx );
1044 114 : }
1045 :
1046 : /* Atomically add all accumulated tips to the bank once after
1047 : processing all accounts. */
1048 96 : if( FD_UNLIKELY( txn_out->details.tips ) ) FD_ATOMIC_FETCH_AND_ADD( &bank->f.tips, txn_out->details.tips );
1049 96 : }
1050 :
1051 117 : txn_out->details.commit_index_in_slot = FD_ATOMIC_FETCH_AND_ADD( &bank->f.txn_count, 1UL );
1052 117 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.execution_fees, txn_out->details.execution_fee );
1053 117 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.priority_fees, txn_out->details.priority_fee );
1054 117 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.signature_count, txn_out->details.signature_count );
1055 :
1056 117 : if( FD_LIKELY( !txn_out->details.is_simple_vote ) ) {
1057 117 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.nonvote_txn_count, 1 );
1058 117 : if( FD_UNLIKELY( txn_out->err.exec_err ) ) FD_ATOMIC_FETCH_AND_ADD( &bank->f.nonvote_failed_txn_count, 1 );
1059 117 : }
1060 :
1061 117 : if( FD_UNLIKELY( txn_out->err.exec_err ) ) FD_ATOMIC_FETCH_AND_ADD( &bank->f.failed_txn_count, 1 );
1062 117 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.total_compute_units_used, txn_out->details.compute_budget.compute_unit_limit-txn_out->details.compute_budget.compute_meter );
1063 :
1064 117 : fd_cost_tracker_t * cost_tracker = fd_bank_cost_tracker_modify( bank );
1065 117 : int res = fd_cost_tracker_try_add_cost( cost_tracker, txn_out );
1066 117 : if( FD_UNLIKELY( res!=FD_COST_TRACKER_SUCCESS ) ) {
1067 0 : FD_LOG_DEBUG(( "fd_runtime_commit_txn: transaction failed to fit into block %d", res ));
1068 0 : txn_out->err.is_committable = 0;
1069 0 : txn_out->err.txn_err = fd_cost_tracker_err_to_runtime_err( res );
1070 0 : }
1071 :
1072 117 : if( FD_LIKELY( runtime->status_cache && txn_out->accounts.nonce_idx_in_txn==ULONG_MAX ) ) {
1073 : /* In Agave, durable nonce transactions are inserted to the status
1074 : cache the same as any others, but this is only to serve RPC
1075 : requests, they do not need to be in there for correctness as the
1076 : nonce mechanism itself prevents double spend. We skip this logic
1077 : entirely to simplify and improve performance of the txn cache. */
1078 111 : fd_txncache_insert( runtime->status_cache, bank->txncache_fork_id, txn_out->details.blockhash.uc, txn_out->details.blake_txn_msg_hash.uc );
1079 111 : }
1080 :
1081 117 : if( FD_UNLIKELY( txn_out->err.txn_err ) ) {
1082 : /* With nonce account rollbacks, there are three cases:
1083 :
1084 : 1. No nonce account in the transaction
1085 : 2. Nonce account is the fee payer
1086 : 3. Nonce account is not the fee payer
1087 :
1088 : We should always rollback the nonce account first. Note that the
1089 : nonce account may be the fee payer (case 2). */
1090 21 : if( FD_UNLIKELY( txn_out->accounts.nonce_idx_in_txn!=ULONG_MAX ) ) {
1091 0 : fd_acc_t * nonce_account = txn_out->accounts.account[ txn_out->accounts.nonce_idx_in_txn ];
1092 0 : fd_memcpy( nonce_account->data, txn_out->accounts.nonce_rollback_data, txn_out->accounts.nonce_rollback_data_len );
1093 0 : nonce_account->data_len = txn_out->accounts.nonce_rollback_data_len;
1094 0 : fd_memcpy( nonce_account->owner, nonce_account->prior_owner, 32UL );
1095 0 : if( FD_UNLIKELY( txn_out->accounts.nonce_idx_in_txn==FD_FEE_PAYER_TXN_IDX ) ) {
1096 0 : nonce_account->lamports = txn_out->accounts.fee_payer_rollback_lamports;
1097 0 : } else {
1098 0 : nonce_account->lamports = nonce_account->prior_lamports;
1099 0 : }
1100 0 : nonce_account->executable = nonce_account->prior_executable;
1101 0 : nonce_account->commit = 1;
1102 0 : fd_runtime_lthash_account( bank, &txn_out->accounts.keys[ txn_out->accounts.nonce_idx_in_txn ], nonce_account, runtime->log.capture_ctx );
1103 0 : }
1104 :
1105 : /* Now, we must only save the fee payer if the nonce account was not
1106 : the fee payer (because that was already saved above). */
1107 21 : if( FD_LIKELY( txn_out->accounts.nonce_idx_in_txn!=FD_FEE_PAYER_TXN_IDX ) ) {
1108 21 : fd_acc_t * fee_payer_account = txn_out->accounts.account[ FD_FEE_PAYER_TXN_IDX ];
1109 21 : fd_memcpy( fee_payer_account->data, fee_payer_account->prior_data, fee_payer_account->prior_data_len );
1110 21 : fee_payer_account->data_len = fee_payer_account->prior_data_len;
1111 21 : fd_memcpy( fee_payer_account->owner, fee_payer_account->prior_owner, 32UL );
1112 21 : fee_payer_account->lamports = txn_out->accounts.fee_payer_rollback_lamports;
1113 21 : fee_payer_account->executable = fee_payer_account->prior_executable;
1114 :
1115 21 : fee_payer_account->commit = 1;
1116 21 : fd_runtime_lthash_account( bank, &txn_out->accounts.keys[ FD_FEE_PAYER_TXN_IDX ], fee_payer_account, runtime->log.capture_ctx );
1117 21 : }
1118 21 : }
1119 :
1120 117 : if( FD_UNLIKELY( report_transaction_diffs ) ) fd_event_runtime_txn_emit( txn_in, txn_out, bank );
1121 :
1122 117 : if( FD_LIKELY( !txn_out->accounts.is_bundle ) ) {
1123 45 : fd_accdb_release_ab( runtime->accdb,
1124 45 : txn_out->accounts.cnt, runtime->accounts.account,
1125 45 : runtime->accounts.executable_cnt, runtime->accounts.executable );
1126 45 : runtime->accounts.executable_cnt = 0UL;
1127 45 : }
1128 117 : }
1129 :
1130 : void
1131 : fd_runtime_cancel_txn( fd_runtime_t * runtime,
1132 : fd_bank_t * bank,
1133 : fd_txn_in_t const * txn_in,
1134 : fd_txn_out_t * txn_out,
1135 9 : int report_transaction_diffs ) {
1136 9 : FD_TEST( !txn_out->err.is_committable );
1137 9 : if( FD_UNLIKELY( !txn_out->accounts.is_setup ) ) return;
1138 :
1139 9 : if( FD_UNLIKELY( report_transaction_diffs ) ) fd_event_runtime_txn_emit( txn_in, txn_out, bank );
1140 :
1141 9 : fd_accdb_release_ab( runtime->accdb,
1142 9 : txn_out->accounts.cnt, runtime->accounts.account,
1143 9 : runtime->accounts.executable_cnt, runtime->accounts.executable );
1144 9 : runtime->accounts.executable_cnt = 0UL;
1145 9 : }
1146 :
1147 : void
1148 48 : fd_runtime_fini_bundle( fd_runtime_t * runtime ) {
1149 48 : fd_accdb_release_ab( runtime->accdb,
1150 48 : runtime->accounts.account_cnt, runtime->accounts.account,
1151 48 : runtime->accounts.executable_cnt, runtime->accounts.executable );
1152 48 : runtime->accounts.account_cnt = 0UL;
1153 48 : runtime->accounts.executable_cnt = 0UL;
1154 48 : }
1155 :
1156 : static inline void
1157 273 : fd_runtime_reset_runtime( fd_runtime_t * runtime ) {
1158 273 : runtime->instr.stack_sz = 0;
1159 273 : runtime->instr.trace_length = 0UL;
1160 273 : }
1161 :
1162 : static inline void
1163 : fd_runtime_new_txn_out( fd_txn_in_t const * txn_in,
1164 273 : fd_txn_out_t * txn_out ) {
1165 273 : txn_out->details.load_start_ticks = fd_tickcount();
1166 273 : txn_out->details.check_start_ticks = LONG_MAX;
1167 273 : txn_out->details.exec_start_ticks = LONG_MAX;
1168 273 : txn_out->details.commit_start_ticks = LONG_MAX;
1169 :
1170 273 : fd_compute_budget_details_new( &txn_out->details.compute_budget );
1171 :
1172 273 : txn_out->details.loaded_accounts_data_size = 0UL;
1173 273 : txn_out->details.accounts_resize_delta = 0L;
1174 :
1175 273 : txn_out->details.return_data.len = 0UL;
1176 273 : memset( txn_out->details.return_data.program_id.key, 0, sizeof(fd_pubkey_t) );
1177 :
1178 273 : txn_out->details.tips = 0UL;
1179 273 : txn_out->details.execution_fee = 0UL;
1180 273 : txn_out->details.priority_fee = 0UL;
1181 273 : txn_out->details.signature_count = 0UL;
1182 273 : fd_memset( txn_out->details.signature.uc, 0, sizeof(fd_signature_t) );
1183 :
1184 273 : txn_out->details.signature_count = TXN( txn_in->txn )->signature_cnt;
1185 273 : if( FD_LIKELY( txn_out->details.signature_count ) ) {
1186 273 : fd_memcpy( txn_out->details.signature.uc,
1187 273 : (uchar const *)txn_in->txn->payload + TXN( txn_in->txn )->signature_off,
1188 273 : sizeof(fd_signature_t) );
1189 273 : }
1190 273 : txn_out->details.is_simple_vote = fd_txn_is_simple_vote_transaction( TXN( txn_in->txn ), txn_in->txn->payload );
1191 :
1192 273 : fd_hash_t * blockhash = (fd_hash_t *)((uchar *)txn_in->txn->payload + TXN( txn_in->txn )->recent_blockhash_off);
1193 273 : memcpy( txn_out->details.blockhash.uc, blockhash->hash, sizeof(fd_hash_t) );
1194 :
1195 273 : txn_out->accounts.is_setup = 0;
1196 273 : txn_out->accounts.is_bundle = txn_in->bundle.is_bundle;
1197 273 : if( FD_LIKELY( !txn_in->bundle.is_bundle ) ) txn_out->accounts.cnt= 0UL;
1198 273 : memset( txn_out->accounts.is_writable, 0, sizeof(txn_out->accounts.is_writable) );
1199 273 : memset( txn_out->accounts.account_acquired, 0, sizeof(txn_out->accounts.account_acquired) );
1200 273 : memset( txn_out->accounts.stake_update, 0, sizeof(txn_out->accounts.stake_update) );
1201 273 : memset( txn_out->accounts.vote_update, 0, sizeof(txn_out->accounts.vote_update) );
1202 273 : memset( txn_out->accounts.new_vote, 0, sizeof(txn_out->accounts.new_vote) );
1203 273 : memset( txn_out->accounts.rm_vote, 0, sizeof(txn_out->accounts.rm_vote) );
1204 273 : txn_out->accounts.nonce_idx_in_txn = ULONG_MAX;
1205 :
1206 : /* For bundle txns the resolved key list and executable list (incl the
1207 : provenance/pd_write/skipped-size arrays) are bound once up-front by
1208 : fd_runtime_prepare_bundle_accounts (before this runs per-txn), so
1209 : preserve them here. For a non-bundle txn they are rebuilt in
1210 : fd_executor_setup_accounts_for_txn, so reset them.
1211 : executable_cur_len needs no reset: it is written per-element for
1212 : every i in [0, executable_cnt) before any read (its sentinel is
1213 : ULONG_MAX, so a zero memset would be wrong anyway). */
1214 273 : if( FD_LIKELY( !txn_in->bundle.is_bundle ) ) {
1215 174 : memset( txn_out->accounts.executable_from_parent, 0, sizeof(txn_out->accounts.executable_from_parent) );
1216 174 : memset( txn_out->accounts.executable_pd_write, 0, sizeof(txn_out->accounts.executable_pd_write) );
1217 174 : txn_out->accounts.executable_cnt = 0UL;
1218 174 : txn_out->accounts.executable_skipped_cnt = 0;
1219 174 : }
1220 273 : txn_out->accounts.nonce_rollback_data_len = 0UL;
1221 273 : txn_out->accounts.fee_payer_rollback_lamports = 0UL;
1222 :
1223 273 : txn_out->err.is_committable = 1;
1224 273 : txn_out->err.is_fees_only = 0;
1225 273 : txn_out->err.txn_err = FD_RUNTIME_EXECUTE_SUCCESS;
1226 273 : txn_out->err.exec_err = FD_EXECUTOR_INSTR_SUCCESS;
1227 273 : txn_out->err.exec_err_kind = FD_EXECUTOR_ERR_KIND_NONE;
1228 273 : txn_out->err.exec_err_idx = UINT_MAX;
1229 273 : txn_out->err.custom_err = 0;
1230 273 : }
1231 :
1232 : void
1233 : fd_runtime_prepare_and_execute_txn( fd_runtime_t * runtime,
1234 : fd_bank_t * bank,
1235 : fd_txn_in_t const * txn_in,
1236 273 : fd_txn_out_t * txn_out ) {
1237 273 : fd_runtime_reset_runtime( runtime );
1238 :
1239 273 : fd_runtime_new_txn_out( txn_in, txn_out );
1240 :
1241 273 : uchar dump_txn = !!(runtime->log.dump_proto_ctx &&
1242 273 : bank->f.slot >= runtime->log.dump_proto_ctx->dump_proto_start_slot &&
1243 273 : runtime->log.dump_proto_ctx->dump_txn_to_pb);
1244 :
1245 : /* Phase 1: Capture TxnContext before execution. */
1246 273 : if( FD_UNLIKELY( dump_txn ) ) {
1247 0 : if( runtime->log.txn_dump_ctx ) {
1248 0 : fd_dump_txn_context_to_protobuf( runtime->log.txn_dump_ctx, runtime, bank, txn_in, txn_out );
1249 0 : } else {
1250 0 : fd_dump_txn_to_protobuf( runtime, bank, txn_in, txn_out );
1251 0 : }
1252 0 : }
1253 :
1254 : /* Transaction sanitization. If a transaction can't be commited or is
1255 : fees-only, we return early. */
1256 273 : txn_out->err.txn_err = fd_runtime_pre_execute_check( runtime, bank, txn_in, txn_out );
1257 273 : ulong cu_before = txn_out->details.compute_budget.compute_meter;
1258 :
1259 : /* Execute the transaction if eligible to do so. */
1260 273 : if( FD_LIKELY( txn_out->err.is_committable ) ) {
1261 267 : if( FD_LIKELY( !txn_out->err.is_fees_only ) ) {
1262 246 : txn_out->details.exec_start_ticks = fd_tickcount();
1263 246 : txn_out->err.txn_err = fd_execute_txn( runtime, bank, txn_in, txn_out );
1264 246 : }
1265 267 : fd_cost_tracker_calculate_cost( bank, txn_in, txn_out );
1266 267 : }
1267 273 : ulong cu_after = txn_out->details.compute_budget.compute_meter;
1268 273 : runtime->metrics.cu_cum += fd_ulong_sat_sub( cu_before, cu_after );
1269 :
1270 : /* Phase 2: Capture TxnResult after execution and write to disk. */
1271 273 : if( FD_UNLIKELY( dump_txn && runtime->log.txn_dump_ctx ) ) {
1272 0 : fd_dump_txn_result_to_protobuf( runtime->log.txn_dump_ctx, txn_in, txn_out, txn_out->err.txn_err );
1273 0 : fd_dump_txn_fixture_to_file( runtime->log.txn_dump_ctx, runtime->log.dump_proto_ctx, txn_in );
1274 0 : }
1275 273 : }
1276 :
1277 : /* fd_executor_txn_verify and fd_runtime_pre_execute_check are responisble
1278 : for the bulk of the pre-transaction execution checks in the runtime.
1279 : They aim to preserve the ordering present in the Agave client to match
1280 : parity in terms of error codes. Sigverify is kept separate from the rest
1281 : of the transaction checks for fuzzing convenience.
1282 :
1283 : For reference this is the general code path which contains all relevant
1284 : pre-transactions checks in the v2.0.x Agave client from upstream
1285 : to downstream is as follows:
1286 :
1287 : confirm_slot_entries() which calls verify_ticks() and
1288 : verify_transaction(). verify_transaction() calls verify_and_hash_message()
1289 : and verify_precompiles() which parallels fd_executor_txn_verify() and
1290 : fd_executor_verify_transaction().
1291 :
1292 : process_entries() contains a duplicate account check which is part of
1293 : agave account lock acquiring. This is checked inline in
1294 : fd_runtime_pre_execute_check().
1295 :
1296 : load_and_execute_transactions() contains the function check_transactions().
1297 : This contains check_age() and check_status_cache() which is paralleled by
1298 : fd_executor_check_transaction_age_and_compute_budget_limits() and
1299 : fd_executor_check_status_cache() respectively.
1300 :
1301 : load_and_execute_sanitized_transactions() contains validate_fees()
1302 : which is responsible for executing the compute budget instructions,
1303 : validating the fee payer and collecting the fee. This is mirrored in
1304 : firedancer with fd_executor_compute_budget_program_execute_instructions()
1305 : and fd_executor_collect_fees(). load_and_execute_sanitized_transactions()
1306 : also checks the total data size of the accounts in load_accounts() and
1307 : validates the program accounts in load_transaction_accounts(). This
1308 : is paralled by fd_executor_load_transaction_accounts(). */
1309 :
1310 :
1311 : /******************************************************************************/
1312 : /* Genesis */
1313 : /*******************************************************************************/
1314 :
1315 : static void
1316 : fd_runtime_genesis_init_program( fd_bank_t * bank,
1317 : fd_accdb_t * accdb,
1318 0 : fd_capture_ctx_t * capture_ctx ) {
1319 :
1320 0 : fd_sysvar_clock_init( bank, accdb, capture_ctx );
1321 0 : fd_sysvar_rent_init( bank, accdb, capture_ctx );
1322 :
1323 0 : fd_sysvar_slot_history_init( bank, accdb, capture_ctx );
1324 0 : fd_sysvar_epoch_schedule_init( bank, accdb, capture_ctx );
1325 0 : fd_sysvar_recent_hashes_init( bank, accdb, capture_ctx );
1326 0 : fd_sysvar_stake_history_init( bank, accdb, capture_ctx );
1327 0 : fd_sysvar_last_restart_slot_init( bank, accdb, capture_ctx );
1328 :
1329 0 : fd_builtin_programs_init( bank, accdb, capture_ctx );
1330 0 : }
1331 :
1332 : static void
1333 : fd_runtime_init_bank_from_genesis( fd_banks_t * banks,
1334 : fd_bank_t * bank,
1335 : fd_runtime_stack_t * runtime_stack,
1336 : fd_accdb_t * accdb,
1337 : fd_genesis_t const * genesis,
1338 : uchar const * genesis_blob,
1339 0 : fd_hash_t const * genesis_hash ) {
1340 :
1341 0 : bank->f.parent_slot = ULONG_MAX;
1342 0 : bank->f.poh = *genesis_hash;
1343 :
1344 0 : fd_hash_t * bank_hash = &bank->f.bank_hash;
1345 0 : memset( bank_hash->hash, 0, FD_SHA256_HASH_SZ );
1346 :
1347 0 : uint128 target_tick_duration = (uint128)genesis->poh.tick_duration_secs * 1000000000UL + (uint128)genesis->poh.tick_duration_ns;
1348 :
1349 0 : fd_epoch_schedule_t * epoch_schedule = &bank->f.epoch_schedule;
1350 0 : epoch_schedule->leader_schedule_slot_offset = genesis->epoch_schedule.leader_schedule_slot_offset;
1351 0 : epoch_schedule->warmup = genesis->epoch_schedule.warmup;
1352 0 : epoch_schedule->first_normal_epoch = genesis->epoch_schedule.first_normal_epoch;
1353 0 : epoch_schedule->first_normal_slot = genesis->epoch_schedule.first_normal_slot;
1354 0 : epoch_schedule->slots_per_epoch = genesis->epoch_schedule.slots_per_epoch;
1355 :
1356 0 : fd_rent_t * rent = &bank->f.rent;
1357 0 : rent->lamports_per_uint8_year = genesis->rent.lamports_per_uint8_year;
1358 0 : rent->exemption_threshold = genesis->rent.exemption_threshold;
1359 0 : rent->burn_percent = genesis->rent.burn_percent;
1360 :
1361 0 : fd_inflation_t * inflation = &bank->f.inflation;
1362 0 : inflation->initial = genesis->inflation.initial;
1363 0 : inflation->terminal = genesis->inflation.terminal;
1364 0 : inflation->taper = genesis->inflation.taper;
1365 0 : inflation->foundation = genesis->inflation.foundation;
1366 0 : inflation->foundation_term = genesis->inflation.foundation_term;
1367 0 : inflation->unused = 0.0;
1368 :
1369 0 : bank->f.block_height = 0UL;
1370 :
1371 0 : {
1372 : /* FIXME Why is there a previous blockhash at genesis? Why is the
1373 : last_hash field an option type in Agave, if even the first
1374 : real block has a previous blockhash? */
1375 0 : fd_blockhashes_t * bhq = fd_blockhashes_init( &bank->f.block_hash_queue, 0UL );
1376 0 : fd_blockhash_info_t * info = fd_blockhashes_push_new( bhq, genesis_hash );
1377 0 : info->lamports_per_signature = 0UL;
1378 0 : }
1379 :
1380 0 : fd_fee_rate_governor_t * fee_rate_governor = &bank->f.fee_rate_governor;
1381 0 : fee_rate_governor->target_lamports_per_signature = genesis->fee_rate_governor.target_lamports_per_signature;
1382 0 : fee_rate_governor->target_signatures_per_slot = genesis->fee_rate_governor.target_signatures_per_slot;
1383 0 : fee_rate_governor->min_lamports_per_signature = genesis->fee_rate_governor.min_lamports_per_signature;
1384 0 : fee_rate_governor->max_lamports_per_signature = genesis->fee_rate_governor.max_lamports_per_signature;
1385 0 : fee_rate_governor->burn_percent = genesis->fee_rate_governor.burn_percent;
1386 :
1387 0 : bank->f.max_tick_height = genesis->poh.ticks_per_slot * (bank->f.slot + 1);
1388 0 : bank->f.slot_params = FD_SLOT_PARAMS_400MS;
1389 0 : bank->f.slot_params.ns_per_slot = (ulong)( target_tick_duration * genesis->poh.ticks_per_slot );
1390 0 : bank->f.slot_params.ns_per_slot_adjusted = fd_ulong_sat_sub( bank->f.slot_params.ns_per_slot, FD_TARGET_SLOT_ADJUSTMENT_NS );
1391 0 : bank->f.slot_params.slots_per_year = SECONDS_PER_YEAR * (1000000000.0 / (double)target_tick_duration) / (double)genesis->poh.ticks_per_slot;
1392 0 : bank->f.slot_params.hashes_per_tick = genesis->poh.hashes_per_tick;
1393 0 : bank->f.slot_params_default = bank->f.slot_params;
1394 :
1395 0 : bank->f.ticks_per_slot = genesis->poh.ticks_per_slot;
1396 0 : bank->f.genesis_creation_time = genesis->creation_time;
1397 :
1398 0 : bank->f.signature_count = 0UL;
1399 :
1400 : /* Derive epoch stakes */
1401 :
1402 0 : fd_stake_delegations_t * stake_delegations = fd_banks_stake_delegations_root_query( banks );
1403 0 : if( FD_UNLIKELY( !stake_delegations ) ) {
1404 0 : FD_LOG_CRIT(( "Failed to join and new a stake delegations" ));
1405 0 : }
1406 :
1407 0 : ulong capitalization = 0UL;
1408 :
1409 0 : fd_feature_snoop_t feature_snoop[1];
1410 0 : fd_memset( feature_snoop, 0, sizeof(feature_snoop) );
1411 :
1412 0 : for( ulong i=0UL; i<genesis->account_cnt; i++ ) {
1413 0 : fd_genesis_account_t account[1];
1414 0 : fd_genesis_account( genesis, genesis_blob, account, i );
1415 :
1416 0 : capitalization = fd_ulong_sat_add( capitalization, account->lamports );
1417 :
1418 0 : uchar const * acc_data = account->data;
1419 :
1420 0 : if( !memcmp( account->owner.uc, fd_solana_stake_program_id.key, sizeof(fd_pubkey_t) ) ) {
1421 : /* If an account is a stake account, then it must be added to the
1422 : stake delegations cache. We should only add stake accounts that
1423 : have a valid non-zero stake. */
1424 0 : fd_stake_state_t const * stake_state = fd_stake_state_view( acc_data, account->data_len );
1425 0 : if( FD_UNLIKELY( !stake_state ) ) { FD_BASE58_ENCODE_32_BYTES( account->pubkey.uc, stake_b58 ); FD_LOG_ERR(( "invalid stake account %s", stake_b58 )); }
1426 0 : if( stake_state->stake_type!=FD_STAKE_STATE_STAKE ) continue;
1427 0 : if( !stake_state->stake.stake.delegation.stake ) continue;
1428 :
1429 0 : fd_stake_delegations_root_update(
1430 0 : stake_delegations,
1431 0 : &account->pubkey,
1432 0 : &stake_state->stake.stake.delegation.voter_pubkey,
1433 0 : stake_state->stake.stake.delegation.stake,
1434 0 : stake_state->stake.stake.delegation.activation_epoch,
1435 0 : stake_state->stake.stake.delegation.deactivation_epoch,
1436 0 : stake_state->stake.stake.credits_observed,
1437 0 : FD_STAKE_DELEGATIONS_WARMUP_COOLDOWN_RATE_ENUM_025 /* genesis is epoch 0, always 0.25 */ );
1438 :
1439 0 : } else if( !memcmp( account->owner.uc, fd_solana_feature_program_id.key, sizeof(fd_pubkey_t) ) ) {
1440 0 : fd_feature_snoop_account( feature_snoop, &account->pubkey, account->lamports,
1441 0 : account->owner.uc, acc_data, account->data_len );
1442 0 : }
1443 0 : }
1444 :
1445 0 : fd_feature_snoop_finalize( &bank->f.features, bank->f.slot, &bank->f.epoch_schedule, feature_snoop );
1446 :
1447 : /* fd_refresh_vote_accounts is responsible for updating the vote
1448 : states with the total amount of active delegated stake. It does
1449 : this by iterating over all active stake delegations and summing up
1450 : the amount of stake that is delegated to each vote account. */
1451 0 : ulong new_rate_activation_epoch = 0UL;
1452 :
1453 0 : {
1454 : /* Snapshot the stake history sysvar into a local buffer and release
1455 : the accdb bracket before calling fd_refresh_vote_accounts, which
1456 : performs its own accdb acquires. fd_sysvar_stake_history_view
1457 : aliases the source bytes, so the bracket cannot be held open
1458 : across an inner acquire. */
1459 0 : uchar stake_history_data[ FD_SYSVAR_STAKE_HISTORY_BINCODE_SZ ];
1460 0 : fd_stake_history_t stake_history_[1];
1461 0 : fd_stake_history_t * stake_history = NULL;
1462 0 : fd_acc_t ro = fd_accdb_read_one( accdb, bank->accdb_fork_id, fd_sysvar_stake_history_id.uc );
1463 0 : if( FD_LIKELY( ro.lamports ) ) {
1464 0 : ulong copy_sz = fd_ulong_min( ro.data_len, FD_SYSVAR_STAKE_HISTORY_BINCODE_SZ );
1465 0 : fd_memcpy( stake_history_data, ro.data, copy_sz );
1466 0 : fd_accdb_unread_one( accdb, &ro );
1467 0 : stake_history = fd_sysvar_stake_history_view( stake_history_, stake_history_data, copy_sz );
1468 0 : } else {
1469 0 : fd_accdb_unread_one( accdb, &ro );
1470 0 : }
1471 :
1472 0 : fd_refresh_vote_accounts( bank, accdb, runtime_stack, stake_delegations, stake_history, &new_rate_activation_epoch );
1473 0 : }
1474 :
1475 : /* At genesis (epoch 0) there is no previous epoch, so the t-2 set
1476 : should equal the genesis staked set. */
1477 :
1478 0 : {
1479 0 : fd_top_votes_t * top_votes_t_1 = fd_bank_top_votes_t_1_modify( bank );
1480 0 : fd_top_votes_t * top_votes_t_2 = fd_bank_top_votes_t_2_modify( bank );
1481 0 : fd_memcpy( top_votes_t_2, top_votes_t_1, FD_TOP_VOTES_MAX_FOOTPRINT );
1482 0 : }
1483 :
1484 0 : fd_vote_stakes_t * vote_stakes = fd_bank_vote_stakes( bank );
1485 0 : fd_vote_stakes_genesis_fini( vote_stakes );
1486 :
1487 0 : bank->f.epoch = 0UL;
1488 0 : bank->f.capitalization = capitalization;
1489 0 : }
1490 :
1491 : static int
1492 : fd_runtime_process_genesis_block( fd_bank_t * bank,
1493 : fd_accdb_t * accdb,
1494 : fd_capture_ctx_t * capture_ctx,
1495 0 : fd_runtime_stack_t * runtime_stack ) {
1496 0 : fd_sha256_hash_32_repeated( bank->f.poh.hash, bank->f.poh.hash, bank->f.slot_params.hashes_per_tick * bank->f.ticks_per_slot );
1497 :
1498 0 : bank->f.execution_fees = 0UL;
1499 0 : bank->f.priority_fees = 0UL;
1500 0 : bank->f.signature_count = 0UL;
1501 0 : bank->f.txn_count = 0UL;
1502 0 : bank->f.failed_txn_count = 0UL;
1503 0 : bank->f.nonvote_failed_txn_count = 0UL;
1504 0 : bank->f.total_compute_units_used = 0UL;
1505 :
1506 0 : fd_runtime_genesis_init_program( bank, accdb, capture_ctx );
1507 0 : fd_sysvar_slot_history_update( bank, accdb, capture_ctx );
1508 0 : fd_runtime_update_leaders( bank, runtime_stack );
1509 0 : fd_runtime_freeze( bank, accdb, capture_ctx );
1510 :
1511 0 : fd_hash_t const * prev_bank_hash = &bank->f.bank_hash;
1512 :
1513 0 : fd_lthash_value_t const * lthash = fd_bank_lthash_locking_query( bank );
1514 :
1515 0 : fd_hash_t * bank_hash = &bank->f.bank_hash;
1516 0 : fd_hashes_hash_bank( lthash, prev_bank_hash, (fd_hash_t *)bank->f.poh.hash, 0UL, bank_hash );
1517 :
1518 0 : fd_bank_lthash_end_locking_query( bank );
1519 :
1520 0 : return FD_RUNTIME_EXECUTE_SUCCESS;
1521 0 : }
1522 :
1523 : void
1524 : fd_runtime_read_genesis( fd_banks_t * banks,
1525 : fd_bank_t * bank,
1526 : fd_accdb_t * accdb,
1527 : fd_capture_ctx_t * capture_ctx,
1528 : fd_hash_t const * genesis_hash,
1529 : fd_lthash_value_t const * genesis_lthash,
1530 : fd_genesis_t const * genesis,
1531 : uchar const * genesis_blob,
1532 0 : fd_runtime_stack_t * runtime_stack ) {
1533 0 : fd_lthash_value_t * lthash = fd_bank_lthash_locking_modify( bank );
1534 0 : *lthash = *genesis_lthash;
1535 0 : fd_bank_lthash_end_locking_modify( bank );
1536 :
1537 : /* Once the accounts have been loaded from the genesis config into
1538 : the accounts db, we can initialize the bank state. This involves
1539 : setting some fields, and notably setting up the vote and stake
1540 : caches which are used for leader scheduling/rewards. */
1541 :
1542 0 : fd_runtime_init_bank_from_genesis( banks, bank, runtime_stack, accdb, genesis, genesis_blob, genesis_hash );
1543 :
1544 : /* Write the native programs to the accounts db. */
1545 :
1546 0 : for( ulong i=0UL; i<genesis->builtin_cnt; i++ ) {
1547 0 : fd_genesis_builtin_t builtin[1];
1548 0 : fd_genesis_builtin( genesis, genesis_blob, builtin, i );
1549 0 : fd_write_builtin_account( bank, accdb, capture_ctx, builtin->pubkey, builtin->data, builtin->data_len );
1550 0 : }
1551 :
1552 : /* At this point, state related to the bank and the accounts db
1553 : have been initialized and we are free to finish executing the
1554 : block. In practice, this updates some bank fields (notably the
1555 : poh and bank hash). */
1556 :
1557 0 : int err = fd_runtime_process_genesis_block( bank, accdb, capture_ctx, runtime_stack );
1558 0 : if( FD_UNLIKELY( err ) ) FD_LOG_CRIT(( "genesis slot 0 execute failed with error %d", err ));
1559 0 : }
1560 :
1561 : void
1562 : fd_runtime_block_execute_finalize( fd_bank_t * bank,
1563 : fd_accdb_t * accdb,
1564 81 : fd_capture_ctx_t * capture_ctx ) {
1565 81 : fd_runtime_freeze( bank, accdb, capture_ctx );
1566 81 : fd_runtime_update_bank_hash( bank, capture_ctx );
1567 81 : }
1568 :
1569 : /* Mirrors Agave function solana_sdk::transaction_context::find_index_of_account
1570 :
1571 : Backward scan over transaction accounts. Returns ULONG_MAX if not found.
1572 :
1573 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L233-L238 */
1574 :
1575 : ulong
1576 : fd_runtime_find_index_of_account( fd_txn_out_t const * txn_out,
1577 10308 : fd_pubkey_t const * pubkey ) {
1578 24615 : for( ulong i=0UL; i<txn_out->accounts.cnt; i++ ) {
1579 21927 : if( FD_UNLIKELY( !memcmp( pubkey, &txn_out->accounts.keys[ txn_out->accounts.cnt-1UL-i ], sizeof(fd_pubkey_t) ) ) ) return txn_out->accounts.cnt-1UL-i;
1580 21927 : }
1581 2688 : return ULONG_MAX;
1582 10308 : }
1583 :
1584 : fd_acc_t *
1585 : fd_runtime_get_account_at_index( fd_txn_in_t const * txn_in,
1586 : fd_txn_out_t * txn_out,
1587 : ushort idx,
1588 25107 : fd_txn_account_condition_fn_t * condition ) {
1589 25107 : if( FD_UNLIKELY( idx>=txn_out->accounts.cnt ) ) return NULL;
1590 25107 : if( FD_LIKELY( condition && !condition( txn_in, txn_out, idx ) ) ) return NULL;
1591 25005 : return txn_out->accounts.account[ idx ];
1592 25107 : }
1593 :
1594 : fd_acc_t *
1595 : fd_runtime_get_executable_account( fd_txn_out_t * txn_out,
1596 : fd_pubkey_t const * pubkey,
1597 : int * from_parent_copy,
1598 36 : int * pd_write_this_slot ) {
1599 : /* First try to fetch the executable account from the existing
1600 : borrowed accounts. If the pubkey is in the account keys, then we
1601 : want to re-use that borrowed account since it reflects changes from
1602 : prior instructions. Referencing the read-only executable accounts
1603 : list is incorrect behavior when the program data account is written
1604 : to in a prior instruction (e.g. program upgrade + invoke within the
1605 : same txn) */
1606 :
1607 36 : if( FD_UNLIKELY( from_parent_copy ) ) *from_parent_copy = 0;
1608 36 : if( FD_UNLIKELY( pd_write_this_slot ) ) *pd_write_this_slot = 0;
1609 :
1610 36 : ulong account_idx = fd_runtime_find_index_of_account( txn_out, pubkey );
1611 36 : if( FD_LIKELY( account_idx!=ULONG_MAX && txn_out->accounts.account[ account_idx ]->lamports ) ) return txn_out->accounts.account[ account_idx ];
1612 :
1613 33 : for( ushort i=0; i<txn_out->accounts.executable_cnt; i++ ) {
1614 27 : fd_acc_t * ro = txn_out->accounts.executable[ i ];
1615 27 : if( FD_UNLIKELY( !memcmp( pubkey->uc, ro->pubkey, 32UL ) ) ) {
1616 27 : if( FD_UNLIKELY( !ro->lamports ) ) return NULL;
1617 27 : if( FD_UNLIKELY( from_parent_copy ) ) *from_parent_copy = txn_out->accounts.executable_from_parent[ i ];
1618 27 : if( FD_UNLIKELY( pd_write_this_slot ) ) *pd_write_this_slot = txn_out->accounts.executable_pd_write[ i ];
1619 27 : return ro;
1620 27 : }
1621 27 : }
1622 :
1623 6 : return NULL;
1624 33 : }
1625 :
1626 : int
1627 : fd_runtime_get_key_of_account_at_index( fd_txn_out_t * txn_out,
1628 : ushort idx,
1629 23601 : fd_pubkey_t const * * key ) {
1630 : /* Return a MissingAccount error if idx is out of bounds.
1631 : https://github.com/anza-xyz/agave/blob/v3.1.4/transaction-context/src/lib.rs#L187 */
1632 23601 : if( FD_UNLIKELY( idx>=txn_out->accounts.cnt ) ) {
1633 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1634 0 : }
1635 :
1636 23601 : *key = &txn_out->accounts.keys[ idx ];
1637 23601 : return FD_EXECUTOR_INSTR_SUCCESS;
1638 23601 : }
1639 :
1640 : /* https://github.com/anza-xyz/agave/blob/v2.1.1/sdk/program/src/message/versions/v0/loaded.rs#L162 */
1641 : int
1642 : fd_txn_account_is_demotion( const int idx,
1643 : const fd_txn_t * txn_descriptor,
1644 6264 : const uint bpf_upgradeable_in_txn ) {
1645 6264 : uint is_program = 0U;
1646 12543 : for( ulong j=0UL; j<txn_descriptor->instr_cnt; j++ ) {
1647 6285 : if( txn_descriptor->instr[j].program_id == idx ) {
1648 6 : is_program = 1U;
1649 6 : break;
1650 6 : }
1651 6285 : }
1652 :
1653 6264 : return (is_program && !bpf_upgradeable_in_txn);
1654 6264 : }
1655 :
1656 : uint
1657 : fd_txn_account_has_bpf_loader_upgradeable( fd_pubkey_t const * account_keys,
1658 7251 : ulong accounts_cnt ) {
1659 29946 : for( ulong j=0; j<accounts_cnt; j++ ) {
1660 22839 : const fd_pubkey_t * acc = &account_keys[j];
1661 22839 : if ( memcmp( acc->uc, fd_solana_bpf_loader_upgradeable_program_id.key, sizeof(fd_pubkey_t) ) == 0 ) {
1662 144 : return 1U;
1663 144 : }
1664 22839 : }
1665 7107 : return 0U;
1666 7251 : }
1667 :
1668 : static inline int
1669 : fd_runtime_account_is_writable_idx_flat( const ushort idx,
1670 : const fd_pubkey_t * addr_at_idx,
1671 : const fd_txn_t * txn_descriptor,
1672 7251 : const uint bpf_upgradeable_in_txn ) {
1673 : /* https://github.com/anza-xyz/agave/blob/v2.1.11/sdk/program/src/message/sanitized.rs#L43 */
1674 7251 : if( !fd_txn_is_writable( txn_descriptor, idx ) ) {
1675 972 : return 0;
1676 972 : }
1677 :
1678 : /* See comments in fd_system_ids.h.
1679 : https://github.com/anza-xyz/agave/blob/v2.1.11/sdk/program/src/message/sanitized.rs#L44 */
1680 6279 : if( fd_pubkey_is_active_reserved_key( addr_at_idx ) ||
1681 6279 : fd_pubkey_is_pending_reserved_key( addr_at_idx ) ) {
1682 :
1683 15 : return 0;
1684 15 : }
1685 :
1686 6264 : if( fd_txn_account_is_demotion( idx, txn_descriptor, bpf_upgradeable_in_txn ) ) {
1687 6 : return 0;
1688 6 : }
1689 :
1690 6258 : return 1;
1691 6264 : }
1692 :
1693 :
1694 : /* This function aims to mimic the writable accounts check to populate the writable accounts cache, used
1695 : to determine if accounts are writable or not.
1696 :
1697 : https://github.com/anza-xyz/agave/blob/v2.1.11/sdk/program/src/message/sanitized.rs#L38-L47 */
1698 : int
1699 : fd_runtime_account_is_writable_idx( fd_txn_in_t const * txn_in,
1700 : fd_txn_out_t const * txn_out,
1701 7251 : ushort idx ) {
1702 7251 : uint bpf_upgradeable = fd_txn_account_has_bpf_loader_upgradeable( txn_out->accounts.keys, txn_out->accounts.cnt );
1703 7251 : return fd_runtime_account_is_writable_idx_flat( idx,
1704 7251 : &txn_out->accounts.keys[idx],
1705 7251 : TXN( txn_in->txn ),
1706 7251 : bpf_upgradeable );
1707 7251 : }
1708 :
1709 : /* Account pre-condition filtering functions */
1710 :
1711 : int
1712 : fd_runtime_account_check_exists( fd_txn_in_t const * txn_in,
1713 : fd_txn_out_t * txn_out,
1714 1584 : ushort idx ) {
1715 1584 : (void) txn_in;
1716 1584 : return txn_out->accounts.account[ idx ]->lamports!=0UL;
1717 1584 : }
1718 :
1719 : int
1720 : fd_runtime_account_check_fee_payer_writable( fd_txn_in_t const * txn_in,
1721 : fd_txn_out_t * txn_out,
1722 267 : ushort idx ) {
1723 267 : (void) txn_out;
1724 267 : return fd_txn_is_writable( TXN( txn_in->txn ), idx );
1725 267 : }
1726 :
1727 :
1728 : int
1729 : fd_account_meta_checked_sub_lamports( fd_acc_t * acc,
1730 267 : ulong lamports ) {
1731 267 : ulong balance_post = 0UL;
1732 267 : int err = fd_ulong_checked_sub( acc->lamports, lamports, &balance_post );
1733 267 : if( FD_UNLIKELY( err ) ) return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW;
1734 :
1735 267 : acc->lamports = balance_post;
1736 267 : return FD_EXECUTOR_INSTR_SUCCESS;
1737 267 : }
1738 :
1739 : /* fd_executor_reuse_bundle_executable scans the runtime's deduplicated
1740 : account pools for a programdata account matching programdata_key that
1741 : was already opened by an earlier transaction in the bundle (either as
1742 : a regular transaction account or as a programdata account). Returns
1743 : the existing fd_acc_t so it can be reused instead of re-acquiring it,
1744 : or NULL if none is found. Must only be called for bundle txns. */
1745 :
1746 : static fd_acc_t *
1747 : reuse_bundle_executable( fd_runtime_t * runtime,
1748 858 : fd_pubkey_t const * programdata_key ) {
1749 4467 : for( ulong j=0UL; j<runtime->accounts.account_cnt; j++ ) {
1750 4452 : if( FD_LIKELY( !fd_pubkey_eq( fd_type_pun_const( &runtime->accounts.account[ j ].pubkey ), programdata_key ) ) ) continue;
1751 843 : return &runtime->accounts.account[ j ];
1752 4452 : }
1753 15 : for( ulong j=0UL; j<runtime->accounts.executable_cnt; j++ ) {
1754 6 : if( FD_LIKELY( !fd_pubkey_eq( fd_type_pun_const( &runtime->accounts.executable[ j ].pubkey ), programdata_key ) ) ) continue;
1755 6 : return &runtime->accounts.executable[ j ];
1756 6 : }
1757 9 : return NULL;
1758 15 : }
1759 :
1760 : int
1761 : fd_runtime_prepare_bundle_accounts( fd_runtime_t * runtime,
1762 : fd_bank_t * bank,
1763 : fd_txn_in_t const * txn_ins,
1764 : fd_txn_out_t * txn_outs,
1765 51 : ulong txn_cnt ) {
1766 :
1767 51 : # define FD_BUNDLE_ACCT_MAX (FD_PACK_MAX_TXN_PER_BUNDLE*MAX_TX_ACCOUNT_LOCKS)
1768 :
1769 51 : runtime->accounts.account_cnt = 0UL;
1770 51 : runtime->accounts.executable_cnt = 0UL;
1771 :
1772 51 : uchar const * acquire_pubkeys[ FD_BUNDLE_ACCT_MAX ];
1773 51 : int acquire_writable[ FD_BUNDLE_ACCT_MAX ];
1774 51 : ulong acquire_cnt = 0UL;
1775 :
1776 : /* First resolve a deduped set of account keys for all txns in the
1777 : bundle. This includes static account keys as well as ALUT resolved
1778 : addresses. */
1779 :
1780 153 : for( ulong i=0UL; i<txn_cnt; i++ ) {
1781 105 : fd_txn_in_t const * txn_in = &txn_ins [ i ];
1782 105 : fd_txn_out_t * txn_out = &txn_outs[ i ];
1783 :
1784 105 : txn_out->accounts.cnt = (uchar)TXN( txn_in->txn )->acct_addr_cnt;
1785 105 : fd_pubkey_t * tx_accs = (fd_pubkey_t *)((uchar *)txn_in->txn->payload + TXN( txn_in->txn )->acct_addr_off);
1786 954 : for( ulong j=0UL; j<TXN( txn_in->txn )->acct_addr_cnt; j++ ) {
1787 849 : txn_out->accounts.keys[ j ] = tx_accs[ j ];
1788 849 : txn_out->accounts.account[ j ] = NULL;
1789 849 : txn_out->accounts.account_acquired[ j ] = 0U;
1790 849 : }
1791 :
1792 105 : int err = fd_executor_setup_txn_alut_account_keys( runtime, bank, txn_in, txn_out );
1793 108 : for( ulong j=TXN( txn_in->txn )->acct_addr_cnt; j<txn_out->accounts.cnt; j++ ) {
1794 3 : txn_out->accounts.account[ j ] = NULL;
1795 3 : txn_out->accounts.account_acquired[ j ] = 0U;
1796 3 : }
1797 105 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) return err;
1798 :
1799 : /* Validate account locks before the union acquire below, bounding
1800 : the deduped set within the accdb acquire limit. */
1801 102 : err = fd_executor_validate_account_locks( txn_out );
1802 102 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) return err;
1803 :
1804 948 : for( ushort j=0; j<txn_out->accounts.cnt; j++ ) {
1805 846 : fd_pubkey_t const * key = &txn_out->accounts.keys[ j ];
1806 846 : int dup = 0;
1807 4422 : for( ulong k=0UL; k<acquire_cnt; k++ ) if( FD_UNLIKELY( !memcmp( acquire_pubkeys[ k ], key->uc, 32UL ) ) ) { dup = 1; break; }
1808 846 : if( FD_UNLIKELY( dup ) ) continue;
1809 378 : FD_TEST( acquire_cnt<FD_BUNDLE_ACCT_MAX );
1810 378 : acquire_pubkeys [ acquire_cnt ] = key->uc;
1811 : /* Bundle accounts are always acquired writable so that a later
1812 : txn can cleanly upgrade a read permission to a write. */
1813 378 : acquire_writable[ acquire_cnt ] = 1;
1814 378 : acquire_cnt++;
1815 378 : }
1816 102 : }
1817 :
1818 48 : if( FD_LIKELY( acquire_cnt ) ) {
1819 48 : fd_accdb_acquire_a( runtime->accdb, bank->accdb_fork_id, acquire_cnt, acquire_pubkeys, acquire_writable, runtime->accounts.account );
1820 48 : runtime->accounts.account_cnt = acquire_cnt;
1821 48 : }
1822 :
1823 147 : for( ulong i=0UL; i<txn_cnt; i++ ) {
1824 99 : fd_txn_out_t * txn_out = &txn_outs[ i ];
1825 936 : for( ushort j=0; j<txn_out->accounts.cnt; j++ ) {
1826 837 : txn_out->accounts.account[ j ] = NULL;
1827 4404 : for( ulong k=0UL; k<runtime->accounts.account_cnt; k++ ) {
1828 4404 : fd_acc_t * acc = &runtime->accounts.account[ k ];
1829 4404 : if( FD_LIKELY( !fd_pubkey_eq( fd_type_pun_const( &acc->pubkey ), &txn_out->accounts.keys[ j ] ) ) ) continue;
1830 837 : txn_out->accounts.account[ j ] = acc;
1831 837 : txn_out->accounts.starting_lamports[ j ] = acc->prior_lamports;
1832 837 : txn_out->accounts.starting_data_len[ j ] = acc->prior_data_len;
1833 837 : break;
1834 4404 : }
1835 837 : }
1836 99 : }
1837 :
1838 : /* Do the same for executable accounts (programdata accounts). Dedup
1839 : against all other executable-only accounts as well as ones that
1840 : were already included. */
1841 :
1842 48 : fd_pubkey_t programdata_keys[ FD_BUNDLE_ACCT_MAX ];
1843 48 : uchar const * pd_pubkeys [ FD_BUNDLE_ACCT_MAX ];
1844 48 : int pd_writable [ FD_BUNDLE_ACCT_MAX ];
1845 48 : int pd_probe_write [ FD_BUNDLE_ACCT_MAX ]; /* current-fork pd_write probe, per acquire_b pool entry */
1846 48 : ulong pd_probe_len [ FD_BUNDLE_ACCT_MAX ]; /* current-fork committed size (ULONG_MAX = no gen-match) */
1847 48 : ulong pd_cnt = 0UL;
1848 48 : fd_pubkey_t skip_keys[ FD_BUNDLE_ACCT_MAX ]; /* deployed-this-slot programdata: size-only accounting */
1849 48 : ulong skip_lens[ FD_BUNDLE_ACCT_MAX ];
1850 48 : ulong skip_cnt = 0UL;
1851 :
1852 48 : FD_TEST( bank->parent_accdb_fork_id.val!=USHORT_MAX );
1853 :
1854 417 : for( ulong i=0UL; i<runtime->accounts.account_cnt; i++ ) {
1855 369 : fd_acc_t * acc = &runtime->accounts.account[ i ];
1856 369 : if( FD_LIKELY( memcmp( acc->owner, fd_solana_bpf_loader_upgradeable_program_id.key, 32UL ) ) ) continue;
1857 15 : fd_bpf_state_t program_loader_state[1];
1858 15 : if( FD_UNLIKELY( fd_bpf_loader_program_get_state( acc, program_loader_state )!=FD_EXECUTOR_INSTR_SUCCESS ) ) continue;
1859 15 : if( FD_UNLIKELY( program_loader_state->discriminant!=FD_BPF_STATE_PROGRAM ) ) continue;
1860 :
1861 12 : fd_pubkey_t const * programdata_key = &program_loader_state->inner.program.programdata_address;
1862 12 : if( FD_UNLIKELY( !fd_accdb_exists( runtime->accdb, bank->parent_accdb_fork_id, programdata_key->uc ) ) ) {
1863 : /* Deployed this slot: no parent copy to acquire, but Agave still
1864 : counts its current-fork size toward loaded-accounts-data-size
1865 : before the invoke fails. Record for the binding loop below
1866 : (mirrors the single-txn skipped-key probe). */
1867 6 : int skip_pd = 0;
1868 6 : ulong skip_len = 0UL;
1869 6 : if( fd_accdb_probe_pd_this_fork( runtime->accdb, bank->accdb_fork_id, programdata_key->uc, &skip_pd, &skip_len ) ) {
1870 6 : int dup = 0;
1871 6 : for( ulong u=0UL; u<skip_cnt; u++ ) if( FD_UNLIKELY( !memcmp( skip_keys[ u ].uc, programdata_key->uc, 32UL ) ) ) { dup = 1; break; }
1872 6 : if( !dup ) {
1873 6 : FD_TEST( skip_cnt<FD_BUNDLE_ACCT_MAX );
1874 6 : skip_keys[ skip_cnt ] = *programdata_key;
1875 6 : skip_lens[ skip_cnt ] = skip_len;
1876 6 : skip_cnt++;
1877 6 : }
1878 6 : }
1879 6 : continue;
1880 6 : }
1881 :
1882 : /* Already part of the transaction account pool, or already queued. */
1883 6 : if( reuse_bundle_executable( runtime, programdata_key ) ) continue;
1884 6 : int dup = 0;
1885 6 : for( ulong u=0UL; u<pd_cnt; u++ ) if( FD_UNLIKELY( !memcmp( programdata_keys[ u ].uc, programdata_key->uc, 32UL ) ) ) { dup = 1; break; }
1886 6 : if( dup ) continue;
1887 :
1888 6 : FD_TEST( pd_cnt<FD_BUNDLE_ACCT_MAX );
1889 6 : programdata_keys[ pd_cnt ] = *programdata_key;
1890 6 : pd_pubkeys[ pd_cnt ] = programdata_keys[ pd_cnt ].uc;
1891 6 : pd_writable[ pd_cnt ] = 0;
1892 6 : pd_cnt++;
1893 6 : }
1894 :
1895 : /* acquire_b refunds the per-class reservations acquire_a made for the
1896 : union (reserved_cnt==acquire_cnt) that did not turn out to be
1897 : programdata. Skip it entirely for an empty bundle (nothing was
1898 : reserved and nothing is executable). */
1899 48 : if( FD_LIKELY( acquire_cnt || pd_cnt ) ) {
1900 48 : fd_accdb_acquire_b( runtime->accdb, bank->parent_accdb_fork_id, acquire_cnt, pd_cnt, pd_pubkeys, pd_writable, runtime->accounts.executable );
1901 48 : }
1902 48 : runtime->accounts.executable_cnt = pd_cnt;
1903 :
1904 54 : for( ulong u=0UL; u<pd_cnt; u++ ) {
1905 6 : int pd = 0;
1906 6 : ulong len = ULONG_MAX;
1907 6 : fd_accdb_probe_pd_this_fork( runtime->accdb, bank->accdb_fork_id, pd_pubkeys[ u ], &pd, &len );
1908 6 : pd_probe_write[ u ] = pd;
1909 6 : pd_probe_len [ u ] = len;
1910 6 : }
1911 :
1912 : /* Bind each txn's BPF-upgradeable programdata accounts to the shared
1913 : pre-acquired pool, once and for all here. This is the per-txn
1914 : executable list consumed during execution; computing it up-front
1915 : (instead of per-txn in fd_executor_setup_accounts_for_txn_bundle)
1916 : avoids redoing the program-state inspection on every txn. The
1917 : accounts are looked up in the shared pool by key, since per-txn
1918 : account[] pointers are not bound until setup. fd_runtime_new_txn_out
1919 : preserves these fields for bundle txns. */
1920 147 : for( ulong i=0UL; i<txn_cnt; i++ ) {
1921 99 : fd_txn_out_t * txn_out = &txn_outs[ i ];
1922 99 : ushort exe_cnt = 0;
1923 99 : txn_out->accounts.executable_skipped_cnt = 0;
1924 936 : for( ushort j=0; j<txn_out->accounts.cnt; j++ ) {
1925 837 : fd_acc_t * acc = reuse_bundle_executable( runtime, &txn_out->accounts.keys[ j ] );
1926 837 : if( FD_UNLIKELY( !acc ) ) continue;
1927 837 : if( FD_UNLIKELY( memcmp( acc->owner, fd_solana_bpf_loader_upgradeable_program_id.key, 32UL ) ) ) continue;
1928 18 : fd_bpf_state_t program_loader_state[1];
1929 18 : if( FD_UNLIKELY( fd_bpf_loader_program_get_state( acc, program_loader_state )!=FD_EXECUTOR_INSTR_SUCCESS ) ) continue;
1930 18 : if( FD_UNLIKELY( program_loader_state->discriminant!=FD_BPF_STATE_PROGRAM ) ) continue;
1931 :
1932 15 : fd_acc_t * programdata = reuse_bundle_executable( runtime, &program_loader_state->inner.program.programdata_address );
1933 15 : if( FD_UNLIKELY( !programdata ) ) {
1934 : /* Deployed this slot (no parent copy, no pool binding): forward
1935 : the size-only record so fd_collect_loaded_account still counts
1936 : it, as Agave does before the DelayVisibility failure. */
1937 3 : for( ulong u=0UL; u<skip_cnt; u++ ) {
1938 3 : if( FD_UNLIKELY( !memcmp( skip_keys[ u ].uc, program_loader_state->inner.program.programdata_address.uc, 32UL ) ) ) {
1939 3 : ushort s = txn_out->accounts.executable_skipped_cnt++;
1940 3 : txn_out->accounts.executable_skipped_key[ s ] = skip_keys[ u ];
1941 3 : txn_out->accounts.executable_skipped_len[ s ] = skip_lens[ u ];
1942 3 : break;
1943 3 : }
1944 3 : }
1945 3 : continue;
1946 3 : }
1947 12 : int from_parent = ( programdata>=runtime->accounts.executable ) &&
1948 12 : ( programdata< runtime->accounts.executable+runtime->accounts.executable_cnt ) &&
1949 12 : ( bank->parent_accdb_fork_id.val!=bank->accdb_fork_id.val );
1950 12 : txn_out->accounts.executable[ exe_cnt ] = programdata;
1951 12 : txn_out->accounts.executable_from_parent[ exe_cnt ] = from_parent;
1952 12 : if( from_parent ) {
1953 6 : ulong pool_idx = (ulong)( programdata - runtime->accounts.executable );
1954 6 : txn_out->accounts.executable_pd_write[ exe_cnt ] = pd_probe_write[ pool_idx ];
1955 6 : txn_out->accounts.executable_cur_len[ exe_cnt ] = pd_probe_len [ pool_idx ];
1956 6 : } else {
1957 6 : txn_out->accounts.executable_pd_write[ exe_cnt ] = 0;
1958 6 : txn_out->accounts.executable_cur_len[ exe_cnt ] = ULONG_MAX;
1959 6 : }
1960 12 : exe_cnt++;
1961 12 : }
1962 99 : txn_out->accounts.executable_cnt = exe_cnt;
1963 99 : }
1964 :
1965 48 : return FD_RUNTIME_EXECUTE_SUCCESS;
1966 :
1967 48 : # undef FD_BUNDLE_ACCT_MAX
1968 48 : }
|