Line data Source code
1 : #include "fd_runtime.h"
2 :
3 : #include "../types/fd_cast.h"
4 : #include "fd_alut.h"
5 : #include "fd_hashes.h"
6 : #include "fd_runtime_stack.h"
7 : #include "fd_accdb_svm.h"
8 : #include "../genesis/fd_genesis_parse.h"
9 : #include "fd_txncache.h"
10 : #include "fd_compute_budget_details.h"
11 : #include "tests/fd_dump_pb.h"
12 :
13 : #include "sysvar/fd_sysvar_epoch_schedule.h"
14 : #include "sysvar/fd_sysvar_recent_hashes.h"
15 : #include "sysvar/fd_sysvar_stake_history.h"
16 : #include "sysvar/fd_sysvar_last_restart_slot.h"
17 : #include "sysvar/fd_sysvar_slot_hashes.h"
18 : #include "sysvar/fd_sysvar_slot_history.h"
19 :
20 : #include "../stakes/fd_stakes.h"
21 : #include "../rewards/fd_rewards.h"
22 :
23 : #include "program/fd_precompiles.h"
24 : #include "program/vote/fd_vote_state_versioned.h"
25 :
26 : /*
27 : https://github.com/anza-xyz/agave/blob/v2.1.1/runtime/src/bank.rs#L1254-L1258
28 : https://github.com/anza-xyz/agave/blob/v2.1.1/runtime/src/bank.rs#L1749
29 : */
30 : int
31 : fd_runtime_compute_max_tick_height( ulong ticks_per_slot,
32 : ulong slot,
33 0 : ulong * out_max_tick_height /* out */ ) {
34 0 : ulong max_tick_height = 0UL;
35 0 : if( FD_LIKELY( ticks_per_slot > 0UL ) ) {
36 0 : ulong next_slot = fd_ulong_sat_add( slot, 1UL );
37 0 : if( FD_UNLIKELY( next_slot == slot ) ) {
38 0 : FD_LOG_WARNING(( "max tick height addition overflowed slot %lu ticks_per_slot %lu", slot, ticks_per_slot ));
39 0 : return -1;
40 0 : }
41 0 : if( FD_UNLIKELY( ULONG_MAX / ticks_per_slot < next_slot ) ) {
42 0 : FD_LOG_WARNING(( "max tick height multiplication overflowed slot %lu ticks_per_slot %lu", slot, ticks_per_slot ));
43 0 : return -1;
44 0 : }
45 0 : max_tick_height = fd_ulong_sat_mul( next_slot, ticks_per_slot );
46 0 : }
47 0 : *out_max_tick_height = max_tick_height;
48 0 : return FD_RUNTIME_EXECUTE_SUCCESS;
49 0 : }
50 :
51 : void
52 : fd_runtime_update_next_leaders( fd_bank_t * bank,
53 0 : fd_runtime_stack_t * runtime_stack ) {
54 :
55 0 : fd_vote_stakes_t * vote_stakes = fd_bank_vote_stakes( bank );
56 0 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
57 :
58 0 : ulong epoch = fd_slot_to_epoch ( epoch_schedule, bank->f.slot, NULL ) + 1UL;
59 0 : ulong slot0 = fd_epoch_slot0 ( epoch_schedule, epoch );
60 0 : ulong slot_cnt = fd_epoch_slot_cnt( epoch_schedule, epoch );
61 :
62 0 : fd_top_votes_t const * top_votes_t_1 = fd_bank_top_votes_t_1_query( bank );
63 0 : fd_vote_stake_weight_t * epoch_weights = runtime_stack->stakes.stake_weights;
64 0 : ulong stake_weight_cnt = fd_stake_weights_by_node_next( top_votes_t_1, vote_stakes, bank->vote_stakes_fork_id, epoch_weights, FD_FEATURE_ACTIVE_BANK( bank, validator_admission_ticket ) );
65 :
66 0 : void * epoch_leaders_mem = fd_bank_epoch_leaders_modify( bank, epoch );
67 0 : fd_epoch_leaders_t * leaders = fd_epoch_leaders_join( fd_epoch_leaders_new(
68 0 : epoch_leaders_mem,
69 0 : epoch,
70 0 : slot0,
71 0 : slot_cnt,
72 0 : stake_weight_cnt,
73 0 : epoch_weights,
74 0 : 0UL ) );
75 0 : if( FD_UNLIKELY( !leaders ) ) {
76 0 : FD_LOG_ERR(( "Unable to init and join fd_epoch_leaders" ));
77 0 : }
78 :
79 : /* Populate a compressed set of stake weights for a valid leader
80 : schedule. */
81 0 : fd_vote_stake_weight_t * stake_weights = runtime_stack->epoch_weights.next_stake_weights;
82 0 : ulong idx = 0UL;
83 :
84 0 : int needs_compression = stake_weight_cnt>MAX_COMPRESSED_STAKE_WEIGHTS;
85 :
86 0 : for( ulong i=0UL; i<stake_weight_cnt; i++ ) {
87 0 : fd_pubkey_t const * vote_pubkey = &epoch_weights[i].vote_key;
88 0 : fd_pubkey_t const * node_pubkey = &epoch_weights[i].id_key;
89 0 : ulong stake = epoch_weights[i].stake;
90 :
91 0 : if( FD_LIKELY( !needs_compression || fd_epoch_leaders_is_leader_idx( leaders, i ) ) ) {
92 0 : stake_weights[ idx ].stake = stake;
93 0 : memcpy( stake_weights[ idx ].id_key.uc, node_pubkey, sizeof(fd_pubkey_t) );
94 0 : memcpy( stake_weights[ idx ].vote_key.uc, vote_pubkey, sizeof(fd_pubkey_t) );
95 0 : idx++;
96 0 : } else if( idx!=0UL && !fd_epoch_leaders_is_leader_idx( leaders, i-1UL ) ) {
97 0 : stake_weights[ idx-1UL ].stake += stake;
98 0 : } else {
99 0 : stake_weights[ idx ].id_key = (fd_pubkey_t){{0}};
100 0 : stake_weights[ idx ].vote_key = (fd_pubkey_t){{0}};
101 0 : stake_weights[ idx ].stake = stake;
102 0 : idx++;
103 0 : }
104 0 : }
105 0 : runtime_stack->epoch_weights.next_stake_weights_cnt = idx;
106 :
107 : /* Produce truncated set of id weights to send to Shred tile for
108 : Turbine tree computation. */
109 0 : ulong staked_cnt = compute_id_weights_from_vote_weights( runtime_stack->stakes.id_weights, epoch_weights, stake_weight_cnt );
110 0 : ulong excluded_stake = 0UL;
111 0 : if( FD_UNLIKELY( staked_cnt>MAX_SHRED_DESTS ) ) {
112 0 : for( ulong i=MAX_SHRED_DESTS; i<staked_cnt; i++ ) {
113 0 : excluded_stake += runtime_stack->stakes.id_weights[i].stake;
114 0 : }
115 0 : }
116 0 : staked_cnt = fd_ulong_min( staked_cnt, MAX_SHRED_DESTS );
117 0 : memcpy( runtime_stack->epoch_weights.next_id_weights, runtime_stack->stakes.id_weights, staked_cnt * sizeof(fd_stake_weight_t) );
118 0 : runtime_stack->epoch_weights.next_id_weights_cnt = staked_cnt;
119 0 : runtime_stack->epoch_weights.next_id_weights_excluded = excluded_stake;
120 0 : }
121 :
122 : void
123 : fd_runtime_update_leaders( fd_bank_t * bank,
124 195 : fd_runtime_stack_t * runtime_stack ) {
125 :
126 195 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
127 :
128 195 : ulong epoch = fd_slot_to_epoch ( epoch_schedule, bank->f.slot, NULL );
129 195 : ulong vat_epoch = fd_slot_to_epoch ( epoch_schedule, bank->f.features.validator_admission_ticket, NULL );
130 195 : ulong slot0 = fd_epoch_slot0 ( epoch_schedule, epoch );
131 195 : ulong slot_cnt = fd_epoch_slot_cnt( epoch_schedule, epoch );
132 :
133 195 : fd_vote_stakes_t * vote_stakes = fd_bank_vote_stakes( bank );
134 :
135 195 : int vat_in_prev = epoch>=vat_epoch+1UL ? 1 : 0;
136 :
137 195 : fd_top_votes_t const * top_votes_t_2 = fd_bank_top_votes_t_2_query( bank );
138 195 : fd_vote_stake_weight_t * epoch_weights = runtime_stack->stakes.stake_weights;
139 195 : ulong stake_weight_cnt = fd_stake_weights_by_node( top_votes_t_2, vote_stakes, bank->vote_stakes_fork_id, epoch_weights, vat_in_prev );
140 :
141 : /* TODO: Can optimize by avoiding recomputing if another fork has
142 : already computed them for this epoch. */
143 195 : void * epoch_leaders_mem = fd_bank_epoch_leaders_modify( bank, epoch );
144 195 : fd_epoch_leaders_t * leaders = fd_epoch_leaders_join( fd_epoch_leaders_new(
145 195 : epoch_leaders_mem,
146 195 : epoch,
147 195 : slot0,
148 195 : slot_cnt,
149 195 : stake_weight_cnt,
150 195 : epoch_weights,
151 195 : 0UL ) );
152 195 : if( FD_UNLIKELY( !leaders ) ) {
153 0 : FD_LOG_ERR(( "Unable to init and join fd_epoch_leaders" ));
154 0 : }
155 :
156 : /* Populate a compressed set of stake weights for a valid leader
157 : schedule. */
158 195 : fd_vote_stake_weight_t * stake_weights = runtime_stack->epoch_weights.stake_weights;
159 195 : ulong idx = 0UL;
160 :
161 195 : int needs_compression = stake_weight_cnt>MAX_COMPRESSED_STAKE_WEIGHTS;
162 :
163 459 : for( ulong i=0UL; i<leaders->pub_cnt; i++ ) {
164 264 : fd_pubkey_t const * vote_pubkey = &epoch_weights[i].vote_key;
165 264 : fd_pubkey_t const * node_pubkey = &epoch_weights[i].id_key;
166 264 : ulong stake = epoch_weights[i].stake;
167 :
168 264 : if( FD_LIKELY( !needs_compression || fd_epoch_leaders_is_leader_idx( leaders, i ) ) ) {
169 264 : stake_weights[ idx ].stake = stake;
170 264 : memcpy( stake_weights[ idx ].id_key.uc, node_pubkey, sizeof(fd_pubkey_t) );
171 264 : memcpy( stake_weights[ idx ].vote_key.uc, vote_pubkey, sizeof(fd_pubkey_t) );
172 264 : idx++;
173 264 : } else if( idx!=0UL && !fd_epoch_leaders_is_leader_idx( leaders, i-1UL ) ) {
174 0 : stake_weights[ idx-1UL ].stake += stake;
175 0 : } else {
176 0 : stake_weights[ idx ].id_key = (fd_pubkey_t){{0}};
177 0 : stake_weights[ idx ].vote_key = (fd_pubkey_t){{0}};
178 0 : stake_weights[ idx ].stake = stake;
179 0 : idx++;
180 0 : }
181 264 : }
182 195 : runtime_stack->epoch_weights.stake_weights_cnt = idx;
183 :
184 : /* Produce truncated set of id weights to send to Shred tile for
185 : Turbine tree computation. */
186 195 : ulong staked_cnt = compute_id_weights_from_vote_weights( runtime_stack->stakes.id_weights, epoch_weights, stake_weight_cnt );
187 195 : ulong excluded_stake = 0UL;
188 195 : if( FD_UNLIKELY( staked_cnt>MAX_SHRED_DESTS ) ) {
189 0 : for( ulong i=MAX_SHRED_DESTS; i<staked_cnt; i++ ) {
190 0 : excluded_stake += runtime_stack->stakes.id_weights[i].stake;
191 0 : }
192 0 : }
193 195 : staked_cnt = fd_ulong_min( staked_cnt, MAX_SHRED_DESTS );
194 195 : memcpy( runtime_stack->epoch_weights.id_weights, runtime_stack->stakes.id_weights, staked_cnt * sizeof(fd_stake_weight_t) );
195 195 : runtime_stack->epoch_weights.id_weights_cnt = staked_cnt;
196 195 : runtime_stack->epoch_weights.id_weights_excluded = excluded_stake;
197 195 : }
198 :
199 : /******************************************************************************/
200 : /* Various Private Runtime Helpers */
201 : /******************************************************************************/
202 :
203 : static int
204 : fd_runtime_validate_fee_collector( fd_bank_t const * bank,
205 : fd_acc_t const * collector,
206 12 : ulong fee ) {
207 12 : FD_TEST( fee );
208 12 : if( FD_UNLIKELY( memcmp( collector->owner, fd_solana_system_program_id.uc, 32UL ) ) ) return 0;
209 :
210 : /* https://github.com/anza-xyz/agave/blob/v1.18.23/runtime/src/bank/fee_distribution.rs#L111
211 : https://github.com/anza-xyz/agave/blob/v1.18.23/runtime/src/accounts/account_rent_state.rs#L39
212 :
213 : In agave's fee deposit code, rent state transition check logic is as follows:
214 : The transition is NOT allowed iff
215 : === BEGIN
216 : the post deposit account is rent paying AND the pre deposit account is not rent paying
217 : OR
218 : the post deposit account is rent paying AND the pre deposit account is rent paying AND !(post_data_size == pre_data_size && post_lamports <= pre_lamports)
219 : === END
220 : post_data_size == pre_data_size is always true during fee deposit.
221 : However, post_lamports > pre_lamports because we are paying a >0 amount.
222 : So, the above reduces down to
223 : === BEGIN
224 : the post deposit account is rent paying AND the pre deposit account is not rent paying
225 : OR
226 : the post deposit account is rent paying AND the pre deposit account is rent paying AND TRUE
227 : === END
228 : This is equivalent to checking that the post deposit account is rent paying.
229 : An account is rent paying if the post deposit balance is >0 AND it's not rent exempt.
230 : We already know that the post deposit balance is >0 because we are paying a >0 amount.
231 : So TLDR we just check if the account is rent exempt. */
232 9 : ulong balance = collector->lamports;
233 9 : FD_TEST( !__builtin_uaddl_overflow( balance, fee, &balance ) );
234 9 : return balance>=fd_rent_exempt_minimum_balance( &bank->f.rent, collector->data_len );
235 9 : }
236 :
237 : /* fd_runtime_settle_fees settles transaction fees accumulated during a
238 : slot. A portion is burnt, another portion is credited to the fee
239 : collector (typically leader). */
240 :
241 : static void
242 : fd_runtime_settle_fees( fd_bank_t * bank,
243 : fd_accdb_t * accdb,
244 81 : fd_capture_ctx_t * capture_ctx ) {
245 81 : ulong slot = bank->f.slot;
246 81 : ulong execution_fees = bank->f.execution_fees;
247 81 : ulong priority_fees = bank->f.priority_fees;
248 81 : ulong total_fees;
249 81 : if( FD_UNLIKELY( __builtin_uaddl_overflow( execution_fees, priority_fees, &total_fees ) ) ) {
250 0 : FD_LOG_EMERG(( "fee overflow detected (slot=%lu execution_fees=%lu priority_fees=%lu)",
251 0 : slot, execution_fees, priority_fees ));
252 0 : }
253 :
254 81 : ulong fee_burn = execution_fees / 2;
255 81 : ulong fee_reward = fd_ulong_sat_add( priority_fees, execution_fees - fee_burn );
256 :
257 : /* Remove fee balance from bank (decreasing capitalization).
258 : Allow underflow (wrap) to match Agave's silent fetch_sub behavior. */
259 81 : bank->f.capitalization -= total_fees;
260 81 : bank->f.execution_fees = 0;
261 81 : bank->f.priority_fees = 0;
262 :
263 81 : if( FD_LIKELY( fee_reward ) ) {
264 12 : fd_epoch_leaders_t const * leaders = fd_bank_epoch_leaders_query( bank, bank->f.epoch );
265 12 : fd_pubkey_t const * leader = fd_epoch_leaders_get( leaders, bank->f.slot );
266 12 : if( FD_UNLIKELY( !leader ) ) FD_LOG_CRIT(( "fd_epoch_leaders_get(%lu) returned NULL", bank->f.slot ));
267 :
268 : /* Pay out reward portion of collected fees (increasing capitalization) */
269 12 : fd_accdb_svm_update_t update[1];
270 12 : fd_acc_t acc = fd_accdb_svm_open_rw( bank, accdb, update, leader, 1 );
271 12 : if( FD_UNLIKELY( !fd_runtime_validate_fee_collector( bank, &acc, fee_reward ) ) ) { /* validation failed */
272 6 : FD_LOG_INFO(( "slot %lu has an invalid fee collector, burning fee reward (%lu lamports)", bank->f.slot, fee_reward ));
273 6 : } else {
274 6 : acc.lamports += fee_reward; /* guaranteed to not overflow, checked above */
275 6 : }
276 12 : fd_accdb_svm_close_rw( bank, accdb, capture_ctx, &acc, update );
277 12 : }
278 :
279 81 : FD_LOG_INFO(( "slot=%lu priority_fees=%lu execution_fees=%lu fee_burn=%lu fee_rewards=%lu",
280 81 : slot,
281 81 : priority_fees, execution_fees, fee_burn, fee_reward ));
282 81 : }
283 :
284 : static void
285 : fd_runtime_freeze( fd_bank_t * bank,
286 : fd_accdb_t * accdb,
287 81 : fd_capture_ctx_t * capture_ctx ) {
288 81 : if( FD_LIKELY( bank->f.slot ) ) fd_sysvar_recent_hashes_update( bank, accdb, capture_ctx );
289 81 : fd_sysvar_slot_history_update( bank, accdb, capture_ctx );
290 81 : fd_runtime_settle_fees( bank, accdb, capture_ctx );
291 :
292 : /* jito collects a 3% fee at the end of the block + 3% fee at
293 : distribution time. */
294 81 : ulong tips_pre_comission = bank->f.tips;
295 81 : bank->f.tips = (tips_pre_comission - (tips_pre_comission * 6UL / 100UL));
296 :
297 81 : fd_accdb_svm_remove( bank, accdb, capture_ctx, &fd_sysvar_incinerator_id );
298 81 : }
299 :
300 : /******************************************************************************/
301 : /* Block-Level Execution Preparation/Finalization */
302 : /******************************************************************************/
303 : void
304 : fd_runtime_new_fee_rate_governor_derived( fd_bank_t * bank,
305 3792 : ulong latest_signatures_per_slot ) {
306 :
307 3792 : fd_fee_rate_governor_t const * base_fee_rate_governor = &bank->f.fee_rate_governor;
308 :
309 3792 : ulong old_lamports_per_signature = bank->f.rbh_lamports_per_sig;
310 :
311 3792 : fd_fee_rate_governor_t me = {
312 3792 : .target_signatures_per_slot = base_fee_rate_governor->target_signatures_per_slot,
313 3792 : .target_lamports_per_signature = base_fee_rate_governor->target_lamports_per_signature,
314 3792 : .max_lamports_per_signature = base_fee_rate_governor->max_lamports_per_signature,
315 3792 : .min_lamports_per_signature = base_fee_rate_governor->min_lamports_per_signature,
316 3792 : .burn_percent = base_fee_rate_governor->burn_percent
317 3792 : };
318 :
319 3792 : ulong new_lamports_per_signature = 0;
320 3792 : if( me.target_signatures_per_slot > 0 ) {
321 6 : me.min_lamports_per_signature = fd_ulong_max( 1UL, (ulong)(me.target_lamports_per_signature / 2) );
322 6 : me.max_lamports_per_signature = me.target_lamports_per_signature * 10;
323 6 : ulong desired_lamports_per_signature = fd_ulong_min(
324 6 : me.max_lamports_per_signature,
325 6 : fd_ulong_max(
326 6 : me.min_lamports_per_signature,
327 6 : me.target_lamports_per_signature
328 6 : * fd_ulong_min(latest_signatures_per_slot, (ulong)UINT_MAX)
329 6 : / me.target_signatures_per_slot
330 6 : )
331 6 : );
332 6 : long gap = (long)desired_lamports_per_signature - (long)old_lamports_per_signature;
333 6 : if ( gap == 0 ) {
334 0 : new_lamports_per_signature = desired_lamports_per_signature;
335 6 : } else {
336 6 : long gap_adjust = (long)(fd_ulong_max( 1UL, (ulong)(me.target_lamports_per_signature / 20) ))
337 6 : * (gap != 0)
338 6 : * (gap > 0 ? 1 : -1);
339 6 : new_lamports_per_signature = fd_ulong_min(
340 6 : me.max_lamports_per_signature,
341 6 : fd_ulong_max(
342 6 : me.min_lamports_per_signature,
343 6 : (ulong)((long)old_lamports_per_signature + gap_adjust)
344 6 : )
345 6 : );
346 6 : }
347 3786 : } else {
348 3786 : new_lamports_per_signature = base_fee_rate_governor->target_lamports_per_signature;
349 3786 : me.min_lamports_per_signature = me.target_lamports_per_signature;
350 3786 : me.max_lamports_per_signature = me.target_lamports_per_signature;
351 3786 : }
352 3792 : bank->f.fee_rate_governor = me;
353 3792 : bank->f.rbh_lamports_per_sig = new_lamports_per_signature;
354 3792 : }
355 :
356 : /******************************************************************************/
357 : /* Epoch Boundary */
358 : /******************************************************************************/
359 :
360 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6704 */
361 : static void
362 : fd_apply_builtin_program_feature_transitions( fd_bank_t * bank,
363 : fd_accdb_t * accdb,
364 : fd_runtime_stack_t * runtime_stack,
365 195 : fd_capture_ctx_t * capture_ctx ) {
366 : /* TODO: Set the upgrade authority properly from the core bpf migration config. Right now it's set to None.
367 :
368 : Migrate any necessary stateless builtins to core BPF. So far,
369 : the only "stateless" builtin is the Feature program. Beginning
370 : checks in the migrate_builtin_to_core_bpf function will fail if the
371 : program has already been migrated to BPF. */
372 :
373 195 : fd_builtin_program_t const * builtins = fd_builtins();
374 1950 : for( ulong i=0UL; i<fd_num_builtins(); i++ ) {
375 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6732-L6751 */
376 1755 : if( builtins[i].core_bpf_migration_config && FD_FEATURE_ACTIVE_OFFSET( bank->f.slot, &bank->f.features, builtins[i].core_bpf_migration_config->enable_feature_offset ) ) {
377 0 : FD_BASE58_ENCODE_32_BYTES( builtins[i].pubkey->key, pubkey_b58 );
378 0 : FD_LOG_DEBUG(( "Migrating builtin program %s to core BPF", pubkey_b58 ));
379 0 : fd_migrate_builtin_to_core_bpf( bank, accdb, runtime_stack, builtins[i].core_bpf_migration_config, capture_ctx );
380 0 : }
381 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6753-L6774 */
382 1755 : if( builtins[i].enable_feature_offset!=NO_ENABLE_FEATURE_ID && FD_FEATURE_JUST_ACTIVATED_OFFSET( bank, builtins[i].enable_feature_offset ) ) {
383 0 : FD_BASE58_ENCODE_32_BYTES( builtins[i].pubkey->key, pubkey_b58 );
384 0 : FD_LOG_DEBUG(( "Enabling builtin program %s", pubkey_b58 ));
385 0 : fd_write_builtin_account( bank, accdb, capture_ctx, *builtins[i].pubkey, builtins[i].data,strlen(builtins[i].data) );
386 0 : }
387 1755 : }
388 :
389 : /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6776-L6793 */
390 195 : fd_stateless_builtin_program_t const * stateless_builtins = fd_stateless_builtins();
391 585 : for( ulong i=0UL; i<fd_num_stateless_builtins(); i++ ) {
392 390 : if( stateless_builtins[i].core_bpf_migration_config && FD_FEATURE_ACTIVE_OFFSET( bank->f.slot, &bank->f.features, stateless_builtins[i].core_bpf_migration_config->enable_feature_offset ) ) {
393 0 : FD_BASE58_ENCODE_32_BYTES( stateless_builtins[i].pubkey->key, pubkey_b58 );
394 0 : FD_LOG_DEBUG(( "Migrating stateless builtin program %s to core BPF", pubkey_b58 ));
395 0 : fd_migrate_builtin_to_core_bpf( bank, accdb, runtime_stack, stateless_builtins[i].core_bpf_migration_config, capture_ctx );
396 0 : }
397 390 : }
398 :
399 : /* https://github.com/anza-xyz/agave/blob/c1080de464cfb578c301e975f498964b5d5313db/runtime/src/bank.rs#L6795-L6805 */
400 780 : for( fd_precompile_program_t const * precompiles = fd_precompiles(); precompiles->verify_fn; precompiles++ ) {
401 585 : if( precompiles->feature_offset != NO_ENABLE_FEATURE_ID &&
402 585 : FD_FEATURE_JUST_ACTIVATED_OFFSET( bank, precompiles->feature_offset ) ) {
403 0 : fd_write_builtin_account( bank, accdb, capture_ctx, *precompiles->pubkey, "", 0 );
404 0 : }
405 585 : }
406 195 : }
407 :
408 : static void
409 : fd_feature_activate( fd_bank_t * bank,
410 : fd_accdb_t * accdb,
411 : fd_capture_ctx_t * capture_ctx,
412 : fd_feature_id_t const * id,
413 54015 : fd_pubkey_t const * addr ) {
414 54015 : fd_features_set( &bank->f.features, id, FD_FEATURE_DISABLED );
415 :
416 54015 : if( FD_UNLIKELY( id->reverted==1 ) ) return;
417 :
418 51090 : fd_acc_t acc = fd_accdb_read_one( accdb, bank->accdb_fork_id, addr->uc );
419 51090 : if( FD_UNLIKELY( !acc.lamports || memcmp( acc.owner, fd_solana_feature_program_id.uc, 32UL ) ) ) {
420 50964 : fd_accdb_unread_one( accdb, &acc ); /* Feature account not yet initialized */
421 50964 : return;
422 50964 : }
423 :
424 126 : fd_feature_t feature;
425 126 : if( FD_UNLIKELY( !fd_feature_decode( &feature, acc.data, acc.data_len ) ) ) {
426 3 : FD_BASE58_ENCODE_32_BYTES( addr->uc, addr_b58 );
427 3 : FD_LOG_WARNING(( "cannot activate feature %s, corrupt account data", addr_b58 ));
428 3 : FD_LOG_HEXDUMP_NOTICE(( "corrupt feature account", acc.data, acc.data_len ));
429 3 : fd_accdb_unread_one( accdb, &acc );
430 3 : return;
431 3 : }
432 123 : fd_accdb_unread_one( accdb, &acc );
433 :
434 123 : FD_BASE58_ENCODE_32_BYTES( addr->uc, addr_b58 );
435 123 : if( FD_UNLIKELY( feature.is_active ) ) {
436 120 : FD_LOG_DEBUG(( "feature %s already activated at slot %lu", addr_b58, feature.activation_slot ));
437 120 : fd_features_set( &bank->f.features, id, feature.activation_slot);
438 120 : } else {
439 3 : FD_LOG_DEBUG(( "feature %s not activated at slot %lu, activating", addr_b58, bank->f.slot ));
440 3 : fd_accdb_svm_update_t update[1];
441 3 : fd_acc_t acc = fd_accdb_svm_open_rw( bank, accdb, update, addr, 0 );
442 3 : if( FD_UNLIKELY( !acc.lamports ) ) return;
443 3 : FD_TEST( acc.data_len>=sizeof(fd_feature_t) );
444 :
445 3 : feature.is_active = 1;
446 3 : feature.activation_slot = bank->f.slot;
447 3 : FD_STORE( fd_feature_t, acc.data, feature );
448 3 : fd_accdb_svm_close_rw( bank, accdb, capture_ctx, &acc, update );
449 3 : }
450 123 : }
451 :
452 : static void
453 : fd_features_activate( fd_bank_t * bank,
454 : fd_accdb_t * accdb,
455 195 : fd_capture_ctx_t * capture_ctx ) {
456 195 : for( fd_feature_id_t const * id = fd_feature_iter_init();
457 54210 : !fd_feature_iter_done( id );
458 54015 : id = fd_feature_iter_next( id ) ) {
459 54015 : fd_feature_activate( bank, accdb, capture_ctx, id, &id->id );
460 54015 : }
461 195 : }
462 :
463 : /* SIMD-0194: deprecate_rent_exemption_threshold
464 : https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5322-L5329 */
465 : static void
466 : deprecate_rent_exemption_threshold( fd_bank_t * bank,
467 : fd_accdb_t * accdb,
468 3 : fd_capture_ctx_t * capture_ctx ) {
469 : /* We use the bank fields here to mirror Agave - in mainnet, devnet
470 : and testnet Agave's bank rent.burn_percent field is different to
471 : the value in the sysvar. When this feature is activated in Agave,
472 : the sysvar inherits the value from the bank. */
473 3 : fd_rent_t rent = bank->f.rent;
474 3 : rent.lamports_per_uint8_year = fd_rust_cast_double_to_ulong(
475 3 : (double)rent.lamports_per_uint8_year * rent.exemption_threshold );
476 3 : rent.exemption_threshold = FD_SIMD_0194_NEW_RENT_EXEMPTION_THRESHOLD;
477 3 : rent.burn_percent = FD_SIMD_0194_NEW_BURN_PERCENT;
478 :
479 : /* We don't refresh the sysvar cache here. The cache is refreshed in
480 : fd_sysvar_cache_restore, which is called at the start of every
481 : block in fd_runtime_block_execute_prepare, after this function. */
482 3 : fd_sysvar_rent_write( bank, accdb, capture_ctx, &rent );
483 3 : bank->f.rent = rent;
484 3 : }
485 :
486 : // https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5296-L5391
487 : static void
488 : fd_compute_and_apply_new_feature_activations( fd_bank_t * bank,
489 : fd_accdb_t * accdb,
490 : fd_runtime_stack_t * runtime_stack,
491 195 : fd_capture_ctx_t * capture_ctx ) {
492 : /* Activate new features
493 : https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5296-L5391 */
494 195 : fd_features_activate( bank, accdb, capture_ctx );
495 195 : fd_features_restore( bank, accdb );
496 :
497 : /* SIMD-0194: deprecate_rent_exemption_threshold
498 : https://github.com/anza-xyz/agave/blob/v3.1.4/runtime/src/bank.rs#L5322-L5329 */
499 195 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, deprecate_rent_exemption_threshold ) ) ) {
500 3 : deprecate_rent_exemption_threshold( bank, accdb, capture_ctx );
501 3 : }
502 :
503 : /* Apply builtin program feature transitions
504 : https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6621-L6624 */
505 195 : fd_apply_builtin_program_feature_transitions( bank, accdb, runtime_stack, capture_ctx );
506 :
507 195 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, vote_state_v4 ) ) ) {
508 0 : fd_upgrade_core_bpf_program( bank, accdb, runtime_stack, &fd_solana_stake_program_id, &fd_solana_stake_program_vote_state_v4_buffer_address, capture_ctx );
509 0 : }
510 :
511 : /* https://github.com/anza-xyz/agave/blob/v4.0.0-beta.2/runtime/src/bank.rs#L5703-L5716 */
512 195 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, replace_spl_token_with_p_token ) ) ) {
513 0 : fd_upgrade_loader_v2_program_with_loader_v3_program(
514 0 : bank,
515 0 : accdb,
516 0 : runtime_stack,
517 0 : &fd_solana_spl_token_id,
518 0 : &fd_solana_ptoken_program_buffer_address,
519 0 : FD_FEATURE_ACTIVE_BANK( bank, relax_programdata_account_check_migration ),
520 0 : capture_ctx );
521 0 : }
522 :
523 : /* https://github.com/anza-xyz/agave/blob/v4.0.0-beta.4/runtime/src/bank.rs#L5736-L5744 */
524 195 : if( FD_UNLIKELY( FD_FEATURE_JUST_ACTIVATED_BANK( bank, upgrade_bpf_stake_program_to_v5 ) ) ) {
525 0 : fd_upgrade_core_bpf_program(
526 0 : bank,
527 0 : accdb,
528 0 : runtime_stack,
529 0 : &fd_solana_stake_program_id,
530 0 : &fd_solana_stake_program_v5_buffer_address,
531 0 : capture_ctx );
532 0 : }
533 195 : }
534 :
535 : /* Starting a new epoch.
536 : New epoch: T
537 : Just ended epoch: T-1
538 : Epoch before: T-2
539 :
540 : In this function:
541 : - stakes in T-2 (vote_states_prev_prev) should be replaced by T-1 (vote_states_prev)
542 : - stakes at T-1 (vote_states_prev) should be replaced by updated stakes at T (vote_states)
543 : - leader schedule should be calculated using new T-2 stakes (vote_states_prev_prev)
544 :
545 : Invariant during an epoch T:
546 : vote_states_prev holds the stakes at T-1
547 : vote_states_prev_prev holds the stakes at T-2
548 : */
549 : /* process for the start of a new epoch */
550 : static void
551 : fd_runtime_process_new_epoch( fd_banks_t * banks,
552 : fd_bank_t * bank,
553 : fd_accdb_t * accdb,
554 : fd_capture_ctx_t * capture_ctx,
555 : ulong parent_epoch,
556 195 : fd_runtime_stack_t * runtime_stack ) {
557 195 : long start = fd_log_wallclock();
558 :
559 195 : fd_compute_and_apply_new_feature_activations( bank, accdb, runtime_stack, capture_ctx );
560 :
561 : /* Update the cached warmup/cooldown rate epoch now that features may
562 : have changed (reduce_stake_warmup_cooldown may have just activated). */
563 195 : bank->f.warmup_cooldown_rate_epoch = fd_slot_to_epoch( &bank->f.epoch_schedule,
564 195 : bank->f.features.reduce_stake_warmup_cooldown,
565 195 : NULL );
566 :
567 : /* Updates stake history sysvar accumulated values and recomputes
568 : stake delegations for vote accounts. */
569 :
570 195 : fd_stake_delegations_t const * stake_delegations = fd_bank_stake_delegations_frontier_query( banks, bank );
571 195 : if( FD_UNLIKELY( !stake_delegations ) ) {
572 0 : FD_LOG_CRIT(( "stake_delegations is NULL" ));
573 0 : }
574 :
575 195 : fd_stakes_activate_epoch( bank, runtime_stack, accdb, capture_ctx, stake_delegations,
576 195 : &bank->f.warmup_cooldown_rate_epoch );
577 :
578 : /* Distribute rewards. This involves calculating the rewards for
579 : every vote and stake account. */
580 :
581 195 : fd_hash_t const * parent_blockhash = fd_blockhashes_peek_last_hash( &bank->f.block_hash_queue );
582 195 : fd_begin_partitioned_rewards( bank,
583 195 : accdb,
584 195 : runtime_stack,
585 195 : capture_ctx,
586 195 : stake_delegations,
587 195 : parent_blockhash,
588 195 : parent_epoch );
589 :
590 195 : fd_bank_stake_delegations_end_frontier_query( banks, bank );
591 :
592 : /* The Agave client handles updating their stakes cache with a call to
593 : update_epoch_stakes() which keys stakes by the leader schedule
594 : epochs and retains up to 6 epochs of stakes. However, to correctly
595 : calculate the leader schedule, we just need to maintain the vote
596 : states for the current epoch, the previous epoch, and the one
597 : before that.
598 : https://github.com/anza-xyz/agave/blob/v3.0.4/runtime/src/bank.rs#L2175
599 : */
600 :
601 : /* Now that our stakes caches have been updated, we can calculate the
602 : leader schedule for the upcoming epoch epoch using our new
603 : vote_states_prev_prev (stakes for T-2). */
604 :
605 195 : fd_runtime_update_leaders( bank, runtime_stack );
606 :
607 195 : long end = fd_log_wallclock();
608 195 : FD_LOG_NOTICE(( "starting epoch %lu at slot %lu took %.6f seconds", bank->f.epoch, bank->f.slot, (double)(end - start) / 1e9 ));
609 195 : }
610 :
611 : static void
612 : fd_runtime_block_pre_execute_process_new_epoch( fd_banks_t * banks,
613 : fd_bank_t * bank,
614 : fd_accdb_t * accdb,
615 : fd_capture_ctx_t * capture_ctx,
616 : fd_runtime_stack_t * runtime_stack,
617 3792 : int * is_epoch_boundary ) {
618 :
619 3792 : ulong const slot = bank->f.slot;
620 3792 : if( FD_LIKELY( slot != 0UL ) ) {
621 3792 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
622 :
623 3792 : ulong prev_epoch = fd_slot_to_epoch( epoch_schedule, bank->f.parent_slot, NULL );
624 3792 : ulong slot_idx;
625 3792 : ulong new_epoch = fd_slot_to_epoch( epoch_schedule, slot, &slot_idx );
626 3792 : if( FD_UNLIKELY( slot_idx==1UL && new_epoch==0UL ) ) {
627 : /* The block after genesis has a height of 1. */
628 0 : bank->f.block_height = 1UL;
629 0 : }
630 :
631 3792 : if( FD_UNLIKELY( prev_epoch<new_epoch || !slot_idx ) ) {
632 195 : FD_LOG_DEBUG(( "Epoch boundary starting" ));
633 195 : fd_runtime_process_new_epoch( banks, bank, accdb, capture_ctx, prev_epoch, runtime_stack );
634 195 : *is_epoch_boundary = 1;
635 3597 : } else {
636 3597 : *is_epoch_boundary = 0;
637 3597 : }
638 :
639 3792 : fd_distribute_partitioned_epoch_rewards( bank, accdb, capture_ctx );
640 3792 : } else {
641 0 : *is_epoch_boundary = 0;
642 0 : }
643 3792 : }
644 :
645 :
646 : static void
647 : fd_runtime_block_sysvar_update_pre_execute( fd_bank_t * bank,
648 : fd_accdb_t * accdb,
649 : fd_runtime_stack_t * runtime_stack,
650 3792 : fd_capture_ctx_t * capture_ctx ) {
651 : // let (fee_rate_governor, fee_components_time_us) = measure_us!(
652 : // FeeRateGovernor::new_derived(&parent.fee_rate_governor, parent.signature_count())
653 : // );
654 : /* https://github.com/firedancer-io/solana/blob/dab3da8e7b667d7527565bddbdbecf7ec1fb868e/runtime/src/bank.rs#L1312-L1314 */
655 :
656 3792 : fd_runtime_new_fee_rate_governor_derived( bank, bank->f.parent_signature_cnt );
657 :
658 3792 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
659 3792 : ulong parent_epoch = fd_slot_to_epoch( epoch_schedule, bank->f.parent_slot, NULL );
660 3792 : fd_sysvar_clock_update( bank, accdb, capture_ctx, runtime_stack, &parent_epoch );
661 :
662 : // It has to go into the current txn previous info but is not in slot 0
663 3792 : if( bank->f.slot != 0 ) {
664 3792 : fd_sysvar_slot_hashes_update( bank, accdb, capture_ctx );
665 3792 : }
666 3792 : fd_sysvar_last_restart_slot_update( bank, accdb, capture_ctx );
667 3792 : }
668 :
669 : int
670 : fd_runtime_load_txn_address_lookup_tables( fd_txn_t const * txn,
671 : uchar const * payload,
672 : fd_accdb_t * accdb,
673 : fd_accdb_fork_id_t fork_id,
674 : ulong slot,
675 : fd_slot_hashes_t const * hashes,
676 216 : fd_acct_addr_t * out_accts_alt ) {
677 :
678 216 : if( FD_LIKELY( txn->transaction_version!=FD_TXN_V0 ) ) return FD_RUNTIME_EXECUTE_SUCCESS;
679 :
680 213 : fd_alut_interp_t interp[1];
681 213 : fd_alut_interp_new( interp, out_accts_alt, txn, payload, hashes, slot );
682 :
683 213 : fd_txn_acct_addr_lut_t const * addr_luts = fd_txn_get_address_tables_const( txn );
684 297 : for( ulong i=0UL; i<txn->addr_table_lookup_cnt; i++ ) {
685 117 : fd_txn_acct_addr_lut_t const * addr_lut = &addr_luts[i];
686 117 : fd_pubkey_t addr_lut_acc = FD_LOAD( fd_pubkey_t, payload+addr_lut->addr_off );
687 :
688 117 : fd_acc_t acc = fd_accdb_read_one( accdb, fork_id, addr_lut_acc.uc );
689 117 : if( FD_UNLIKELY( !acc.lamports ) ) {
690 3 : fd_accdb_unread_one( accdb, &acc );
691 3 : return FD_RUNTIME_TXN_ERR_ADDRESS_LOOKUP_TABLE_NOT_FOUND;
692 3 : }
693 114 : int err = fd_alut_interp_next( interp, &addr_lut_acc, acc.owner, acc.data, acc.data_len );
694 114 : fd_accdb_unread_one( accdb, &acc );
695 114 : if( FD_UNLIKELY( err ) ) return err;
696 114 : }
697 :
698 180 : return FD_RUNTIME_EXECUTE_SUCCESS;
699 213 : }
700 :
701 : /* Pre-populate the bank's in-memory feature set with upcoming feature
702 : activations. If the current slot is the last slot before an epoch
703 : boundary, scan all known feature accounts. Otherwise, returns early.
704 :
705 : For any feature that is pending (not yet activated on-chain) but has
706 : an account owned by the feature program, set the in-memory activation
707 : slot within the bank's featureset to the first slot of the next
708 : epoch. This is needed so that deployment verification (which uses
709 : slot+1) can detect features that will activate at the next epoch
710 : boundary.
711 :
712 : In Agave, program deployments use the feature set from the next
713 : slot via DELAY_VISIBILITY_SLOT_OFFSET. The runtime environments
714 : for deployment are selected based on epoch_of(slot+1):
715 : https://github.com/anza-xyz/agave/blob/v3.1.8/runtime/src/bank.rs#L3280-L3295
716 : https://github.com/anza-xyz/agave/blob/v3.1.8/svm/src/transaction_processor.rs#L339-L345
717 :
718 : This function does NOT write to feature accounts or update the
719 : lthash. It only modifies the bank's in-memory feature set. */
720 : static void
721 : fd_features_prepopulate_upcoming( fd_bank_t * bank,
722 3792 : fd_accdb_t * accdb ) {
723 3792 : ulong slot = bank->f.slot;
724 3792 : fd_epoch_schedule_t const * epoch_schedule = &bank->f.epoch_schedule;
725 3792 : ulong curr_epoch = fd_slot_to_epoch( epoch_schedule, slot, NULL );
726 3792 : ulong next_epoch = fd_slot_to_epoch( epoch_schedule, slot+1UL, NULL );
727 3792 : if( FD_LIKELY( curr_epoch==next_epoch ) ) return;
728 :
729 57 : fd_features_restore( bank, accdb );
730 57 : }
731 :
732 : void
733 : fd_runtime_block_execute_prepare( fd_banks_t * banks,
734 : fd_bank_t * bank,
735 : fd_accdb_t * accdb,
736 : fd_runtime_stack_t * runtime_stack,
737 : fd_capture_ctx_t * capture_ctx,
738 3792 : int * is_epoch_boundary ) {
739 3792 : fd_runtime_block_pre_execute_process_new_epoch( banks, bank, accdb, capture_ctx, runtime_stack, is_epoch_boundary );
740 :
741 3792 : if( FD_LIKELY( bank->f.slot ) ) {
742 3792 : fd_cost_tracker_t * cost_tracker = fd_bank_cost_tracker_modify( bank );
743 3792 : FD_TEST( cost_tracker );
744 3792 : fd_cost_tracker_init( cost_tracker, &bank->f.features, bank->f.slot );
745 3792 : }
746 :
747 3792 : fd_features_prepopulate_upcoming( bank, accdb );
748 3792 : fd_runtime_block_sysvar_update_pre_execute( bank, accdb, runtime_stack, capture_ctx );
749 3792 : FD_TEST( fd_sysvar_cache_restore( bank, accdb ) );
750 3792 : }
751 :
752 : static void
753 : fd_runtime_update_bank_hash( fd_bank_t * bank,
754 81 : fd_capture_ctx_t * capture_ctx ) {
755 : /* Compute the new bank hash */
756 81 : fd_lthash_value_t const * lthash = fd_bank_lthash_locking_query( bank );
757 81 : fd_hash_t new_bank_hash[1] = { 0 };
758 81 : fd_hashes_hash_bank(
759 81 : lthash,
760 81 : &bank->f.prev_bank_hash,
761 81 : (fd_hash_t *)bank->f.poh.hash,
762 81 : bank->f.signature_count,
763 81 : new_bank_hash );
764 :
765 : /* Update the bank hash */
766 81 : bank->f.bank_hash = *new_bank_hash;
767 :
768 81 : if( capture_ctx && capture_ctx->capture_solcap &&
769 81 : bank->f.slot>=capture_ctx->solcap_start_slot ) {
770 :
771 0 : uchar lthash_hash[FD_HASH_FOOTPRINT];
772 0 : fd_blake3_hash(lthash->bytes, FD_LTHASH_LEN_BYTES, lthash_hash );
773 0 : fd_capture_link_write_bank_preimage(
774 0 : capture_ctx,
775 0 : bank->f.slot,
776 0 : (fd_hash_t *)new_bank_hash->hash,
777 0 : (fd_hash_t *)&bank->f.prev_bank_hash,
778 0 : (fd_hash_t *)lthash_hash,
779 0 : (fd_hash_t *)bank->f.poh.hash,
780 0 : bank->f.signature_count );
781 0 : }
782 :
783 81 : fd_bank_lthash_end_locking_query( bank );
784 81 : }
785 :
786 : /******************************************************************************/
787 : /* Transaction Level Execution Management */
788 : /******************************************************************************/
789 :
790 : /* fd_runtime_pre_execute_check is responsible for conducting many of
791 : the transaction sanitization checks. This is a combination of some
792 : of the work done in Agave's load_and_execute_transactions(), and some
793 : of the work done in Agave's transaction ingestion stage, before the
794 : transaction even hits the scheduler. We do some of the checks also
795 : in our transaction ingestion stage. For example, the duplicate
796 : account check is performed in both the leader and the replay
797 : scheduler. As a result, the duplicate account check below is
798 : essentially redundant, except that our fuzzing harness expects a
799 : single entry point to cover all of these checks. So we keep all of
800 : the checks below for fuzzing purposes. We could in theory hoist some
801 : of the pre-scheduler checks into a public function that is only
802 : invoked by the fuzzer to avoid duplication in the leader and the
803 : replay pipeline. But all the duplicate checks are pretty cheap, and
804 : the order and placement of the checks are also in motion on Agave's
805 : side, and performing all the checks faithfully would require access
806 : to the bank in the scheduler which is kind of gross. So that's all
807 : probably more hassle than worth. */
808 :
809 : static inline int
810 : fd_runtime_pre_execute_check( fd_runtime_t * runtime,
811 : fd_bank_t * bank,
812 : fd_txn_in_t const * txn_in,
813 225 : fd_txn_out_t * txn_out ) {
814 :
815 : /* https://github.com/anza-xyz/agave/blob/16de8b75ebcd57022409b422de557dd37b1de8db/sdk/src/transaction/sanitized.rs#L263-L275
816 : TODO: Agave's precompile verification is done at the slot level, before batching and executing transactions. This logic should probably
817 : be moved in the future. The Agave call heirarchy looks something like this:
818 : process_single_slot
819 : v
820 : confirm_full_slot
821 : v
822 : confirm_slot_entries --------------------------------------------------->
823 : v v v
824 : verify_transaction ComputeBudget::process_instruction process_entries
825 : v v
826 : verify_precompiles process_batches
827 : v
828 : ...
829 : v
830 : load_and_execute_transactions
831 : v
832 : ...
833 : v
834 : load_accounts --> load_transaction_accounts
835 : v
836 : general transaction execution
837 :
838 : */
839 :
840 : /* Verify the transaction. For now, this step only involves processing
841 : the compute budget instructions. */
842 225 : int err = fd_executor_verify_transaction( bank, txn_in, txn_out );
843 225 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
844 3 : txn_out->err.is_committable = 0;
845 3 : return err;
846 3 : }
847 :
848 : /* Set up the transaction accounts and other txn ctx metadata. This
849 : also resolves ALUT-referenced account keys and validates account
850 : locks before accounts are acquired. Bundle txns bind to the pool
851 : acquired and validated once for the whole bundle by
852 : fd_runtime_prepare_bundle_accounts and never acquire. */
853 222 : if( FD_UNLIKELY( txn_in->bundle.is_bundle ) ) {
854 90 : fd_executor_setup_accounts_for_txn_bundle( runtime, txn_in, txn_out );
855 132 : } else {
856 132 : err = fd_executor_setup_accounts_for_txn( runtime, bank, txn_in, txn_out );
857 132 : }
858 222 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
859 0 : txn_out->err.is_committable = 0;
860 0 : return err;
861 0 : }
862 :
863 222 : txn_out->details.check_start_ticks = fd_tickcount();
864 :
865 : /* load_and_execute_transactions() -> check_transactions()
866 : https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/runtime/src/bank.rs#L3667-L3672 */
867 222 : err = fd_executor_check_transactions( runtime, bank, txn_in, txn_out );
868 222 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
869 3 : txn_out->err.is_committable = 0;
870 3 : return err;
871 3 : }
872 :
873 : /* load_and_execute_sanitized_transactions() -> validate_fees() ->
874 : validate_transaction_fee_payer()
875 : https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/svm/src/transaction_processor.rs#L236-L249 */
876 219 : err = fd_executor_validate_transaction_fee_payer( bank, txn_in, txn_out );
877 219 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
878 0 : txn_out->err.is_committable = 0;
879 0 : return err;
880 0 : }
881 :
882 : /* https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/svm/src/transaction_processor.rs#L284-L296 */
883 219 : err = fd_executor_load_transaction_accounts( bank, txn_in, txn_out );
884 219 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) {
885 : /* Regardless of whether transaction accounts were loaded successfully, the transaction is
886 : included in the block and transaction fees are collected.
887 : https://github.com/anza-xyz/agave/blob/v2.1.6/svm/src/transaction_processor.rs#L341-L357 */
888 21 : txn_out->err.is_fees_only = 1;
889 :
890 : /* If the transaction fails to load, the "rollback" accounts will include one of the following:
891 : 1. Nonce account only
892 : 2. Fee payer only
893 : 3. Nonce account + fee payer
894 :
895 : Because the cost tracker uses the loaded account data size in block cost calculations, we need to
896 : make sure our calculated loaded accounts data size is conformant with Agave's.
897 : https://github.com/anza-xyz/agave/blob/v4.1.0-beta.1/svm/src/account_loader.rs#L437-L449
898 :
899 : These are different depending on if define_ltds_fee_only_semantics is enabled or not.
900 :
901 : If define_ltds_fee_only_semantics is enabled, we use the accumulated load size so far,
902 : clamped to the compute budget requested loaded_accounts_data_size_limit. */
903 21 : if( FD_FEATURE_ACTIVE_BANK( bank, define_ltds_fee_only_semantics ) ) {
904 : /* https://github.com/anza-xyz/agave/blob/v4.1.0-beta.1/svm/src/account_loader.rs#L495-L501 */
905 9 : txn_out->details.loaded_accounts_data_size = fd_ulong_min(
906 9 : txn_out->details.loaded_accounts_data_size,
907 9 : txn_out->details.compute_budget.loaded_accounts_data_size_limit );
908 12 : } else {
909 : /* If define_ltds_fee_only_semantics is not enabled, initialize
910 : loaded_accounts_data_size with the dlen of the fee payer. */
911 12 : txn_out->details.loaded_accounts_data_size = txn_out->accounts.account[ FD_FEE_PAYER_TXN_IDX ]->data_len;
912 :
913 : /* Special case handling for if a nonce account is present in the transaction. */
914 12 : if( txn_out->accounts.nonce_idx_in_txn!=ULONG_MAX ) {
915 : /* If the nonce account is not the fee payer, then we separately add the dlen of the nonce account. Otherwise, we would
916 : be double counting the dlen of the fee payer. */
917 6 : if( txn_out->accounts.nonce_idx_in_txn!=FD_FEE_PAYER_TXN_IDX ) {
918 3 : txn_out->details.loaded_accounts_data_size += txn_out->accounts.account[ txn_out->accounts.nonce_idx_in_txn ]->data_len;
919 3 : }
920 6 : }
921 12 : }
922 21 : }
923 :
924 : /*
925 : The fee payer and the nonce account will be stored and hashed so
926 : long as the transaction landed on chain, or, in Agave terminology,
927 : the transaction was processed.
928 : https://github.com/anza-xyz/agave/blob/v2.1.1/runtime/src/account_saver.rs#L72
929 :
930 : A transaction lands on chain in one of two ways:
931 : (1) Passed fee validation and loaded accounts.
932 : (2) Passed fee validation and failed to load accounts and the enable_transaction_loading_failure_fees feature is enabled as per
933 : SIMD-0082 https://github.com/anza-xyz/feature-gate-tracker/issues/52
934 :
935 : So, at this point, the transaction is committable.
936 : */
937 :
938 219 : return err;
939 219 : }
940 :
941 : /* fd_runtime_lthash_account updates the running lthash of the bank
942 : given an account that might have been updated. */
943 :
944 : static void
945 : fd_runtime_lthash_account( fd_bank_t * bank,
946 : fd_pubkey_t const * pubkey,
947 : fd_acc_t * acc,
948 66 : fd_capture_ctx_t * capture_ctx ) {
949 66 : if( FD_UNLIKELY( !acc->lamports ) ) {
950 9 : acc->data_len = 0UL;
951 9 : acc->executable = 0;
952 9 : memset( acc->owner, 0, sizeof(acc->owner) );
953 9 : }
954 :
955 66 : fd_lthash_value_t lthash_prev[1];
956 66 : if( FD_LIKELY( acc->prior_data ) ) {
957 66 : fd_hashes_account_lthash_simple( pubkey->uc, acc->prior_owner, acc->prior_lamports, acc->prior_executable, acc->prior_data, acc->prior_data_len, lthash_prev );
958 66 : } else {
959 0 : fd_lthash_zero( lthash_prev );
960 0 : }
961 :
962 66 : fd_lthash_value_t lthash_post[1];
963 66 : if( FD_LIKELY( acc->prior_lamports || acc->lamports ) ) {
964 66 : fd_hashes_update_simple( lthash_post, lthash_prev, pubkey->uc, acc->owner, acc->lamports, acc->executable, acc->data, acc->data_len, bank, capture_ctx );
965 66 : }
966 66 : }
967 :
968 : /* fd_runtime_commit_txn is a helper used by the transaction executor to
969 : finalize account changes back into the database. It also handles
970 : txncache insertion and updates to the vote/stake cache. TODO: This
971 : function should probably be moved to fd_executor.c. */
972 :
973 : void
974 : fd_runtime_commit_txn( fd_runtime_t * runtime,
975 : fd_bank_t * bank,
976 69 : fd_txn_out_t * txn_out ) {
977 69 : FD_TEST( txn_out->err.is_committable );
978 :
979 69 : txn_out->details.commit_start_ticks = fd_tickcount();
980 :
981 69 : if( FD_UNLIKELY( !txn_out->err.txn_err ) ) {
982 69 : fd_top_votes_t * top_votes = fd_bank_top_votes_t_2_modify( bank );
983 690 : for( ushort i=0; i<txn_out->accounts.cnt; i++ ) {
984 : /* We are only interested in saving writable accounts and the fee
985 : payer account. */
986 621 : if( FD_UNLIKELY( !txn_out->accounts.is_writable[ i ] ) ) continue;
987 :
988 129 : fd_pubkey_t const * pubkey = &txn_out->accounts.keys[ i ];
989 :
990 : /* new_vote/rm_vote feed an ordered op-log (fd_new_votes), not a
991 : net-state cache, so they must fire per writable txn before the
992 : account_acquired gate below. In a bundle the accdb ref is
993 : owned by a single (last writable) txn, but every writable txn
994 : that created/closed a vote account must contribute its op in
995 : order so create->delete->recreate replays identically to a
996 : per-txn commit. These flags are left on the txn that set them
997 : (not carried), so each fires exactly where the vote program
998 : recorded it. */
999 129 : if( FD_UNLIKELY( txn_out->accounts.new_vote[ i ] &&
1000 129 : !FD_FEATURE_ACTIVE_BANK( bank, validator_admission_ticket ) ) ) {
1001 6 : fd_new_votes_t * new_votes = fd_bank_new_votes( bank );
1002 6 : fd_new_votes_insert( new_votes, bank->new_votes_fork_id, pubkey );
1003 6 : }
1004 129 : if( FD_UNLIKELY( txn_out->accounts.rm_vote[i] &&
1005 129 : !FD_FEATURE_ACTIVE_BANK( bank, validator_admission_ticket ) ) ) {
1006 6 : fd_new_votes_t * new_votes = fd_bank_new_votes( bank );
1007 6 : fd_new_votes_remove( new_votes, bank->new_votes_fork_id, pubkey );
1008 6 : }
1009 :
1010 : /* Only the txn that owns the accdb reference commits the account
1011 : state. In a bundle, an account is owned by its last writable
1012 : user (account_acquired==1); every other txn referencing it has
1013 : account_acquired==0 and skips here, so the final shared state is
1014 : lthashed exactly once and not double-counted. stake_update/
1015 : vote_update are recomputed from the final state and were moved
1016 : onto this owner, so they also fire here exactly once. */
1017 129 : if( FD_UNLIKELY( !txn_out->accounts.account_acquired[ i ] ) ) continue;
1018 :
1019 66 : fd_acc_t * account = txn_out->accounts.account[ i ];
1020 66 : account->commit = 1;
1021 :
1022 66 : if( FD_UNLIKELY( txn_out->accounts.stake_update[ i ] ) ) {
1023 6 : fd_stakes_update_stake_delegation( pubkey, account, bank );
1024 6 : }
1025 :
1026 66 : if( txn_out->accounts.vote_update[i] ) {
1027 0 : fd_vote_block_timestamp_t last_vote;
1028 0 : if( FD_UNLIKELY( !account->lamports ||
1029 0 : !fd_vsv_is_correct_size_owner_and_init( account->owner, account->data, account->data_len ) ||
1030 0 : fd_vote_account_last_timestamp( account->data, account->data_len, &last_vote ) ) ) {
1031 0 : fd_top_votes_invalidate( top_votes, pubkey );
1032 0 : } else {
1033 0 : fd_top_votes_update( top_votes, pubkey, last_vote.slot, last_vote.timestamp );
1034 0 : }
1035 0 : }
1036 :
1037 66 : fd_runtime_lthash_account( bank, pubkey, account, runtime->log.capture_ctx );
1038 66 : }
1039 :
1040 : /* Atomically add all accumulated tips to the bank once after
1041 : processing all accounts. */
1042 69 : if( FD_UNLIKELY( txn_out->details.tips ) ) FD_ATOMIC_FETCH_AND_ADD( &bank->f.tips, txn_out->details.tips );
1043 69 : }
1044 :
1045 69 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.txn_count, 1UL );
1046 69 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.execution_fees, txn_out->details.execution_fee );
1047 69 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.priority_fees, txn_out->details.priority_fee );
1048 69 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.signature_count, txn_out->details.signature_count );
1049 :
1050 69 : if( FD_LIKELY( !txn_out->details.is_simple_vote ) ) {
1051 69 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.nonvote_txn_count, 1 );
1052 69 : if( FD_UNLIKELY( txn_out->err.exec_err ) ) FD_ATOMIC_FETCH_AND_ADD( &bank->f.nonvote_failed_txn_count, 1 );
1053 69 : }
1054 :
1055 69 : if( FD_UNLIKELY( txn_out->err.exec_err ) ) FD_ATOMIC_FETCH_AND_ADD( &bank->f.failed_txn_count, 1 );
1056 69 : FD_ATOMIC_FETCH_AND_ADD( &bank->f.total_compute_units_used, txn_out->details.compute_budget.compute_unit_limit-txn_out->details.compute_budget.compute_meter );
1057 :
1058 69 : fd_cost_tracker_t * cost_tracker = fd_bank_cost_tracker_modify( bank );
1059 69 : int res = fd_cost_tracker_try_add_cost( cost_tracker, txn_out );
1060 69 : if( FD_UNLIKELY( res!=FD_COST_TRACKER_SUCCESS ) ) {
1061 0 : FD_LOG_DEBUG(( "fd_runtime_commit_txn: transaction failed to fit into block %d", res ));
1062 0 : txn_out->err.is_committable = 0;
1063 0 : txn_out->err.txn_err = fd_cost_tracker_err_to_runtime_err( res );
1064 0 : }
1065 :
1066 69 : if( FD_LIKELY( runtime->status_cache && txn_out->accounts.nonce_idx_in_txn==ULONG_MAX ) ) {
1067 : /* In Agave, durable nonce transactions are inserted to the status
1068 : cache the same as any others, but this is only to serve RPC
1069 : requests, they do not need to be in there for correctness as the
1070 : nonce mechanism itself prevents double spend. We skip this logic
1071 : entirely to simplify and improve performance of the txn cache. */
1072 63 : fd_txncache_insert( runtime->status_cache, bank->txncache_fork_id, txn_out->details.blockhash.uc, txn_out->details.blake_txn_msg_hash.uc );
1073 63 : }
1074 :
1075 69 : if( FD_UNLIKELY( txn_out->err.txn_err ) ) {
1076 : /* With nonce account rollbacks, there are three cases:
1077 :
1078 : 1. No nonce account in the transaction
1079 : 2. Nonce account is the fee payer
1080 : 3. Nonce account is not the fee payer
1081 :
1082 : We should always rollback the nonce account first. Note that the
1083 : nonce account may be the fee payer (case 2). */
1084 0 : if( FD_UNLIKELY( txn_out->accounts.nonce_idx_in_txn!=ULONG_MAX ) ) {
1085 0 : fd_acc_t * nonce_account = txn_out->accounts.account[ txn_out->accounts.nonce_idx_in_txn ];
1086 0 : fd_memcpy( nonce_account->data, txn_out->accounts.nonce_rollback_data, txn_out->accounts.nonce_rollback_data_len );
1087 0 : nonce_account->data_len = txn_out->accounts.nonce_rollback_data_len;
1088 0 : fd_memcpy( nonce_account->owner, nonce_account->prior_owner, 32UL );
1089 0 : if( FD_UNLIKELY( txn_out->accounts.nonce_idx_in_txn==FD_FEE_PAYER_TXN_IDX ) ) {
1090 0 : nonce_account->lamports = txn_out->accounts.fee_payer_rollback_lamports;
1091 0 : } else {
1092 0 : nonce_account->lamports = nonce_account->prior_lamports;
1093 0 : }
1094 0 : nonce_account->executable = nonce_account->prior_executable;
1095 0 : nonce_account->commit = 1;
1096 0 : fd_runtime_lthash_account( bank, &txn_out->accounts.keys[ txn_out->accounts.nonce_idx_in_txn ], nonce_account, runtime->log.capture_ctx );
1097 0 : }
1098 :
1099 : /* Now, we must only save the fee payer if the nonce account was not
1100 : the fee payer (because that was already saved above). */
1101 0 : if( FD_LIKELY( txn_out->accounts.nonce_idx_in_txn!=FD_FEE_PAYER_TXN_IDX ) ) {
1102 0 : fd_acc_t * fee_payer_account = txn_out->accounts.account[ FD_FEE_PAYER_TXN_IDX ];
1103 0 : fd_memcpy( fee_payer_account->data, fee_payer_account->prior_data, fee_payer_account->prior_data_len );
1104 0 : fee_payer_account->data_len = fee_payer_account->prior_data_len;
1105 0 : fd_memcpy( fee_payer_account->owner, fee_payer_account->prior_owner, 32UL );
1106 0 : fee_payer_account->lamports = txn_out->accounts.fee_payer_rollback_lamports;
1107 0 : fee_payer_account->executable = fee_payer_account->prior_executable;
1108 :
1109 0 : fee_payer_account->commit = 1;
1110 0 : fd_runtime_lthash_account( bank, &txn_out->accounts.keys[ FD_FEE_PAYER_TXN_IDX ], fee_payer_account, runtime->log.capture_ctx );
1111 0 : }
1112 0 : }
1113 :
1114 69 : if( FD_LIKELY( !txn_out->accounts.is_bundle ) ) {
1115 6 : fd_accdb_release_ab( runtime->accdb,
1116 6 : txn_out->accounts.cnt, runtime->accounts.account,
1117 6 : runtime->accounts.executable_cnt, runtime->accounts.executable );
1118 6 : runtime->accounts.executable_cnt = 0UL;
1119 6 : }
1120 69 : }
1121 :
1122 : void
1123 : fd_runtime_cancel_txn( fd_runtime_t * runtime,
1124 9 : fd_txn_out_t * txn_out ) {
1125 9 : FD_TEST( !txn_out->err.is_committable );
1126 9 : if( FD_UNLIKELY( !txn_out->accounts.is_setup ) ) return;
1127 :
1128 9 : fd_accdb_release_ab( runtime->accdb,
1129 9 : txn_out->accounts.cnt, runtime->accounts.account,
1130 9 : runtime->accounts.executable_cnt, runtime->accounts.executable );
1131 9 : runtime->accounts.executable_cnt = 0UL;
1132 9 : }
1133 :
1134 : void
1135 39 : fd_runtime_fini_bundle( fd_runtime_t * runtime ) {
1136 39 : fd_accdb_release_ab( runtime->accdb,
1137 39 : runtime->accounts.account_cnt, runtime->accounts.account,
1138 39 : runtime->accounts.executable_cnt, runtime->accounts.executable );
1139 39 : runtime->accounts.account_cnt = 0UL;
1140 39 : runtime->accounts.executable_cnt = 0UL;
1141 39 : }
1142 :
1143 : static inline void
1144 225 : fd_runtime_reset_runtime( fd_runtime_t * runtime ) {
1145 225 : runtime->instr.stack_sz = 0;
1146 225 : runtime->instr.trace_length = 0UL;
1147 225 : }
1148 :
1149 : static inline void
1150 : fd_runtime_new_txn_out( fd_txn_in_t const * txn_in,
1151 225 : fd_txn_out_t * txn_out ) {
1152 225 : txn_out->details.load_start_ticks = fd_tickcount();
1153 225 : txn_out->details.check_start_ticks = LONG_MAX;
1154 225 : txn_out->details.exec_start_ticks = LONG_MAX;
1155 225 : txn_out->details.commit_start_ticks = LONG_MAX;
1156 :
1157 225 : fd_compute_budget_details_new( &txn_out->details.compute_budget );
1158 :
1159 225 : txn_out->details.loaded_accounts_data_size = 0UL;
1160 225 : txn_out->details.accounts_resize_delta = 0L;
1161 :
1162 225 : txn_out->details.return_data.len = 0UL;
1163 225 : memset( txn_out->details.return_data.program_id.key, 0, sizeof(fd_pubkey_t) );
1164 :
1165 225 : txn_out->details.tips = 0UL;
1166 225 : txn_out->details.execution_fee = 0UL;
1167 225 : txn_out->details.priority_fee = 0UL;
1168 225 : txn_out->details.signature_count = 0UL;
1169 225 : fd_memset( txn_out->details.signature.uc, 0, sizeof(fd_signature_t) );
1170 :
1171 225 : txn_out->details.signature_count = TXN( txn_in->txn )->signature_cnt;
1172 225 : if( FD_LIKELY( txn_out->details.signature_count ) ) {
1173 225 : fd_memcpy( txn_out->details.signature.uc,
1174 225 : (uchar const *)txn_in->txn->payload + TXN( txn_in->txn )->signature_off,
1175 225 : sizeof(fd_signature_t) );
1176 225 : }
1177 225 : txn_out->details.is_simple_vote = fd_txn_is_simple_vote_transaction( TXN( txn_in->txn ), txn_in->txn->payload );
1178 :
1179 225 : fd_hash_t * blockhash = (fd_hash_t *)((uchar *)txn_in->txn->payload + TXN( txn_in->txn )->recent_blockhash_off);
1180 225 : memcpy( txn_out->details.blockhash.uc, blockhash->hash, sizeof(fd_hash_t) );
1181 :
1182 225 : txn_out->accounts.is_setup = 0;
1183 225 : txn_out->accounts.is_bundle = txn_in->bundle.is_bundle;
1184 225 : if( FD_LIKELY( !txn_in->bundle.is_bundle ) ) txn_out->accounts.cnt= 0UL;
1185 225 : memset( txn_out->accounts.is_writable, 0, sizeof(txn_out->accounts.is_writable) );
1186 225 : memset( txn_out->accounts.account_acquired, 0, sizeof(txn_out->accounts.account_acquired) );
1187 225 : memset( txn_out->accounts.stake_update, 0, sizeof(txn_out->accounts.stake_update) );
1188 225 : memset( txn_out->accounts.vote_update, 0, sizeof(txn_out->accounts.vote_update) );
1189 225 : memset( txn_out->accounts.new_vote, 0, sizeof(txn_out->accounts.new_vote) );
1190 225 : memset( txn_out->accounts.rm_vote, 0, sizeof(txn_out->accounts.rm_vote) );
1191 225 : txn_out->accounts.nonce_idx_in_txn = ULONG_MAX;
1192 :
1193 : /* For bundle txns the resolved key list and executable list are bound
1194 : once up-front by fd_runtime_prepare_bundle_accounts (before this
1195 : runs per-txn), so preserve them here. For a non-bundle txn they are
1196 : rebuilt in fd_executor_setup_accounts_for_txn, so reset them. */
1197 225 : if( FD_LIKELY( !txn_in->bundle.is_bundle ) ) {
1198 135 : memset( txn_out->accounts.executable_acquired, 0, sizeof(txn_out->accounts.executable_acquired) );
1199 135 : txn_out->accounts.executable_cnt = 0UL;
1200 135 : }
1201 225 : txn_out->accounts.nonce_rollback_data_len = 0UL;
1202 225 : txn_out->accounts.fee_payer_rollback_lamports = 0UL;
1203 :
1204 225 : txn_out->err.is_committable = 1;
1205 225 : txn_out->err.is_fees_only = 0;
1206 225 : txn_out->err.txn_err = FD_RUNTIME_EXECUTE_SUCCESS;
1207 225 : txn_out->err.exec_err = FD_EXECUTOR_INSTR_SUCCESS;
1208 225 : txn_out->err.exec_err_kind = FD_EXECUTOR_ERR_KIND_NONE;
1209 225 : txn_out->err.exec_err_idx = INT_MAX;
1210 225 : txn_out->err.custom_err = 0;
1211 225 : }
1212 :
1213 : void
1214 : fd_runtime_prepare_and_execute_txn( fd_runtime_t * runtime,
1215 : fd_bank_t * bank,
1216 : fd_txn_in_t const * txn_in,
1217 225 : fd_txn_out_t * txn_out ) {
1218 225 : fd_runtime_reset_runtime( runtime );
1219 :
1220 225 : fd_runtime_new_txn_out( txn_in, txn_out );
1221 :
1222 225 : uchar dump_txn = !!(runtime->log.dump_proto_ctx &&
1223 225 : bank->f.slot >= runtime->log.dump_proto_ctx->dump_proto_start_slot &&
1224 225 : runtime->log.dump_proto_ctx->dump_txn_to_pb);
1225 :
1226 : /* Phase 1: Capture TxnContext before execution. */
1227 225 : if( FD_UNLIKELY( dump_txn ) ) {
1228 0 : if( runtime->log.txn_dump_ctx ) {
1229 0 : fd_dump_txn_context_to_protobuf( runtime->log.txn_dump_ctx, runtime, bank, txn_in, txn_out );
1230 0 : } else {
1231 0 : fd_dump_txn_to_protobuf( runtime, bank, txn_in, txn_out );
1232 0 : }
1233 0 : }
1234 :
1235 : /* Transaction sanitization. If a transaction can't be commited or is
1236 : fees-only, we return early. */
1237 225 : txn_out->err.txn_err = fd_runtime_pre_execute_check( runtime, bank, txn_in, txn_out );
1238 225 : ulong cu_before = txn_out->details.compute_budget.compute_meter;
1239 :
1240 : /* Execute the transaction if eligible to do so. */
1241 225 : if( FD_LIKELY( txn_out->err.is_committable ) ) {
1242 219 : if( FD_LIKELY( !txn_out->err.is_fees_only ) ) {
1243 198 : txn_out->details.exec_start_ticks = fd_tickcount();
1244 198 : txn_out->err.txn_err = fd_execute_txn( runtime, bank, txn_in, txn_out );
1245 198 : }
1246 219 : fd_cost_tracker_calculate_cost( bank, txn_in, txn_out );
1247 219 : }
1248 225 : ulong cu_after = txn_out->details.compute_budget.compute_meter;
1249 225 : runtime->metrics.cu_cum += fd_ulong_sat_sub( cu_before, cu_after );
1250 :
1251 : /* Phase 2: Capture TxnResult after execution and write to disk. */
1252 225 : if( FD_UNLIKELY( dump_txn && runtime->log.txn_dump_ctx ) ) {
1253 0 : fd_dump_txn_result_to_protobuf( runtime->log.txn_dump_ctx, txn_in, txn_out, txn_out->err.txn_err );
1254 0 : fd_dump_txn_fixture_to_file( runtime->log.txn_dump_ctx, runtime->log.dump_proto_ctx, txn_in );
1255 0 : }
1256 225 : }
1257 :
1258 : /* fd_executor_txn_verify and fd_runtime_pre_execute_check are responisble
1259 : for the bulk of the pre-transaction execution checks in the runtime.
1260 : They aim to preserve the ordering present in the Agave client to match
1261 : parity in terms of error codes. Sigverify is kept separate from the rest
1262 : of the transaction checks for fuzzing convenience.
1263 :
1264 : For reference this is the general code path which contains all relevant
1265 : pre-transactions checks in the v2.0.x Agave client from upstream
1266 : to downstream is as follows:
1267 :
1268 : confirm_slot_entries() which calls verify_ticks() and
1269 : verify_transaction(). verify_transaction() calls verify_and_hash_message()
1270 : and verify_precompiles() which parallels fd_executor_txn_verify() and
1271 : fd_executor_verify_transaction().
1272 :
1273 : process_entries() contains a duplicate account check which is part of
1274 : agave account lock acquiring. This is checked inline in
1275 : fd_runtime_pre_execute_check().
1276 :
1277 : load_and_execute_transactions() contains the function check_transactions().
1278 : This contains check_age() and check_status_cache() which is paralleled by
1279 : fd_executor_check_transaction_age_and_compute_budget_limits() and
1280 : fd_executor_check_status_cache() respectively.
1281 :
1282 : load_and_execute_sanitized_transactions() contains validate_fees()
1283 : which is responsible for executing the compute budget instructions,
1284 : validating the fee payer and collecting the fee. This is mirrored in
1285 : firedancer with fd_executor_compute_budget_program_execute_instructions()
1286 : and fd_executor_collect_fees(). load_and_execute_sanitized_transactions()
1287 : also checks the total data size of the accounts in load_accounts() and
1288 : validates the program accounts in load_transaction_accounts(). This
1289 : is paralled by fd_executor_load_transaction_accounts(). */
1290 :
1291 :
1292 : /******************************************************************************/
1293 : /* Genesis */
1294 : /*******************************************************************************/
1295 :
1296 : static void
1297 : fd_runtime_genesis_init_program( fd_bank_t * bank,
1298 : fd_accdb_t * accdb,
1299 0 : fd_capture_ctx_t * capture_ctx ) {
1300 :
1301 0 : fd_sysvar_clock_init( bank, accdb, capture_ctx );
1302 0 : fd_sysvar_rent_init( bank, accdb, capture_ctx );
1303 :
1304 0 : fd_sysvar_slot_history_init( bank, accdb, capture_ctx );
1305 0 : fd_sysvar_epoch_schedule_init( bank, accdb, capture_ctx );
1306 0 : fd_sysvar_recent_hashes_init( bank, accdb, capture_ctx );
1307 0 : fd_sysvar_stake_history_init( bank, accdb, capture_ctx );
1308 0 : fd_sysvar_last_restart_slot_init( bank, accdb, capture_ctx );
1309 :
1310 0 : fd_builtin_programs_init( bank, accdb, capture_ctx );
1311 0 : }
1312 :
1313 : static void
1314 : fd_runtime_init_bank_from_genesis( fd_banks_t * banks,
1315 : fd_bank_t * bank,
1316 : fd_runtime_stack_t * runtime_stack,
1317 : fd_accdb_t * accdb,
1318 : fd_genesis_t const * genesis,
1319 : uchar const * genesis_blob,
1320 0 : fd_hash_t const * genesis_hash ) {
1321 :
1322 0 : bank->f.parent_slot = ULONG_MAX;
1323 0 : bank->f.poh = *genesis_hash;
1324 :
1325 0 : fd_hash_t * bank_hash = &bank->f.bank_hash;
1326 0 : memset( bank_hash->hash, 0, FD_SHA256_HASH_SZ );
1327 :
1328 0 : uint128 target_tick_duration = (uint128)genesis->poh.tick_duration_secs * 1000000000UL + (uint128)genesis->poh.tick_duration_ns;
1329 :
1330 0 : fd_epoch_schedule_t * epoch_schedule = &bank->f.epoch_schedule;
1331 0 : epoch_schedule->leader_schedule_slot_offset = genesis->epoch_schedule.leader_schedule_slot_offset;
1332 0 : epoch_schedule->warmup = genesis->epoch_schedule.warmup;
1333 0 : epoch_schedule->first_normal_epoch = genesis->epoch_schedule.first_normal_epoch;
1334 0 : epoch_schedule->first_normal_slot = genesis->epoch_schedule.first_normal_slot;
1335 0 : epoch_schedule->slots_per_epoch = genesis->epoch_schedule.slots_per_epoch;
1336 :
1337 0 : fd_rent_t * rent = &bank->f.rent;
1338 0 : rent->lamports_per_uint8_year = genesis->rent.lamports_per_uint8_year;
1339 0 : rent->exemption_threshold = genesis->rent.exemption_threshold;
1340 0 : rent->burn_percent = genesis->rent.burn_percent;
1341 :
1342 0 : fd_inflation_t * inflation = &bank->f.inflation;
1343 0 : inflation->initial = genesis->inflation.initial;
1344 0 : inflation->terminal = genesis->inflation.terminal;
1345 0 : inflation->taper = genesis->inflation.taper;
1346 0 : inflation->foundation = genesis->inflation.foundation;
1347 0 : inflation->foundation_term = genesis->inflation.foundation_term;
1348 0 : inflation->unused = 0.0;
1349 :
1350 0 : bank->f.block_height = 0UL;
1351 :
1352 0 : {
1353 : /* FIXME Why is there a previous blockhash at genesis? Why is the
1354 : last_hash field an option type in Agave, if even the first
1355 : real block has a previous blockhash? */
1356 0 : fd_blockhashes_t * bhq = fd_blockhashes_init( &bank->f.block_hash_queue, 0UL );
1357 0 : fd_blockhash_info_t * info = fd_blockhashes_push_new( bhq, genesis_hash );
1358 0 : info->lamports_per_signature = 0UL;
1359 0 : }
1360 :
1361 0 : fd_fee_rate_governor_t * fee_rate_governor = &bank->f.fee_rate_governor;
1362 0 : fee_rate_governor->target_lamports_per_signature = genesis->fee_rate_governor.target_lamports_per_signature;
1363 0 : fee_rate_governor->target_signatures_per_slot = genesis->fee_rate_governor.target_signatures_per_slot;
1364 0 : fee_rate_governor->min_lamports_per_signature = genesis->fee_rate_governor.min_lamports_per_signature;
1365 0 : fee_rate_governor->max_lamports_per_signature = genesis->fee_rate_governor.max_lamports_per_signature;
1366 0 : fee_rate_governor->burn_percent = genesis->fee_rate_governor.burn_percent;
1367 :
1368 0 : bank->f.max_tick_height = genesis->poh.ticks_per_slot * (bank->f.slot + 1);
1369 0 : bank->f.hashes_per_tick = genesis->poh.hashes_per_tick;
1370 0 : bank->f.ns_per_slot = (fd_w_u128_t) { .ud=target_tick_duration * genesis->poh.ticks_per_slot };
1371 0 : bank->f.ticks_per_slot = genesis->poh.ticks_per_slot;
1372 0 : bank->f.genesis_creation_time = genesis->creation_time;
1373 0 : bank->f.slots_per_year = SECONDS_PER_YEAR * (1000000000.0 / (double)target_tick_duration) / (double)genesis->poh.ticks_per_slot;
1374 0 : bank->f.signature_count = 0UL;
1375 :
1376 : /* Derive epoch stakes */
1377 :
1378 0 : fd_stake_delegations_t * stake_delegations = fd_banks_stake_delegations_root_query( banks );
1379 0 : if( FD_UNLIKELY( !stake_delegations ) ) {
1380 0 : FD_LOG_CRIT(( "Failed to join and new a stake delegations" ));
1381 0 : }
1382 :
1383 0 : ulong capitalization = 0UL;
1384 :
1385 0 : for( ulong i=0UL; i<genesis->account_cnt; i++ ) {
1386 0 : fd_genesis_account_t account[1];
1387 0 : fd_genesis_account( genesis, genesis_blob, account, i );
1388 :
1389 0 : capitalization = fd_ulong_sat_add( capitalization, account->lamports );
1390 :
1391 0 : uchar const * acc_data = account->data;
1392 :
1393 0 : if( !memcmp( account->owner.uc, fd_solana_stake_program_id.key, sizeof(fd_pubkey_t) ) ) {
1394 : /* If an account is a stake account, then it must be added to the
1395 : stake delegations cache. We should only add stake accounts that
1396 : have a valid non-zero stake. */
1397 0 : fd_stake_state_t const * stake_state = fd_stake_state_view( acc_data, account->data_len );
1398 0 : if( FD_UNLIKELY( !stake_state ) ) { FD_BASE58_ENCODE_32_BYTES( account->pubkey.uc, stake_b58 ); FD_LOG_ERR(( "invalid stake account %s", stake_b58 )); }
1399 0 : if( stake_state->stake_type!=FD_STAKE_STATE_STAKE ) continue;
1400 0 : if( !stake_state->stake.stake.delegation.stake ) continue;
1401 :
1402 0 : fd_stake_delegations_root_update(
1403 0 : stake_delegations,
1404 0 : &account->pubkey,
1405 0 : &stake_state->stake.stake.delegation.voter_pubkey,
1406 0 : stake_state->stake.stake.delegation.stake,
1407 0 : stake_state->stake.stake.delegation.activation_epoch,
1408 0 : stake_state->stake.stake.delegation.deactivation_epoch,
1409 0 : stake_state->stake.stake.credits_observed,
1410 0 : FD_STAKE_DELEGATIONS_WARMUP_COOLDOWN_RATE_ENUM_025 /* genesis is epoch 0, always 0.25 */ );
1411 :
1412 0 : } else if( !memcmp( account->owner.uc, fd_solana_feature_program_id.key, sizeof(fd_pubkey_t) ) ) {
1413 : /* Feature Account */
1414 :
1415 : /* Scan list of feature IDs to resolve address=>feature offset */
1416 0 : fd_feature_id_t const *found = NULL;
1417 0 : for( fd_feature_id_t const * id = fd_feature_iter_init();
1418 0 : !fd_feature_iter_done( id );
1419 0 : id = fd_feature_iter_next( id ) ) {
1420 0 : if( fd_pubkey_eq( &account->pubkey, &id->id ) ) {
1421 0 : found = id;
1422 0 : break;
1423 0 : }
1424 0 : }
1425 :
1426 0 : if( found ) {
1427 : /* Load feature activation */
1428 0 : fd_feature_t feature[1];
1429 0 : if( FD_UNLIKELY( !fd_feature_decode( feature, acc_data, account->data_len ) ) ) {
1430 0 : FD_BASE58_ENCODE_32_BYTES( account->pubkey.uc, addr_b58 );
1431 0 : FD_LOG_WARNING(( "genesis contains corrupt feature account %s", addr_b58 ));
1432 0 : FD_LOG_HEXDUMP_ERR(( "data", acc_data, account->data_len ));
1433 0 : }
1434 0 : fd_features_t * features = &bank->f.features;
1435 0 : if( feature->is_active ) {
1436 0 : FD_BASE58_ENCODE_32_BYTES( account->pubkey.uc, pubkey_b58 );
1437 0 : FD_LOG_DEBUG(( "feature %s activated at slot %lu (genesis)", pubkey_b58, feature->activation_slot ));
1438 0 : fd_features_set( features, found, feature->activation_slot );
1439 0 : } else {
1440 0 : FD_BASE58_ENCODE_32_BYTES( account->pubkey.uc, pubkey_b58 );
1441 0 : FD_LOG_DEBUG(( "feature %s not activated (genesis)", pubkey_b58 ));
1442 0 : fd_features_set( features, found, ULONG_MAX );
1443 0 : }
1444 0 : }
1445 0 : }
1446 0 : }
1447 :
1448 : /* fd_refresh_vote_accounts is responsible for updating the vote
1449 : states with the total amount of active delegated stake. It does
1450 : this by iterating over all active stake delegations and summing up
1451 : the amount of stake that is delegated to each vote account. */
1452 0 : ulong new_rate_activation_epoch = 0UL;
1453 :
1454 0 : {
1455 : /* Snapshot the stake history sysvar into a local buffer and release
1456 : the accdb bracket before calling fd_refresh_vote_accounts, which
1457 : performs its own accdb acquires. fd_sysvar_stake_history_view
1458 : aliases the source bytes, so the bracket cannot be held open
1459 : across an inner acquire. */
1460 0 : uchar stake_history_data[ FD_SYSVAR_STAKE_HISTORY_BINCODE_SZ ];
1461 0 : fd_stake_history_t stake_history_[1];
1462 0 : fd_stake_history_t * stake_history = NULL;
1463 0 : fd_acc_t ro = fd_accdb_read_one( accdb, bank->accdb_fork_id, fd_sysvar_stake_history_id.uc );
1464 0 : if( FD_LIKELY( ro.lamports ) ) {
1465 0 : ulong copy_sz = fd_ulong_min( ro.data_len, FD_SYSVAR_STAKE_HISTORY_BINCODE_SZ );
1466 0 : fd_memcpy( stake_history_data, ro.data, copy_sz );
1467 0 : fd_accdb_unread_one( accdb, &ro );
1468 0 : stake_history = fd_sysvar_stake_history_view( stake_history_, stake_history_data, copy_sz );
1469 0 : } else {
1470 0 : fd_accdb_unread_one( accdb, &ro );
1471 0 : }
1472 :
1473 0 : fd_refresh_vote_accounts( bank, accdb, runtime_stack, stake_delegations, stake_history, &new_rate_activation_epoch );
1474 0 : }
1475 :
1476 : /* At genesis (epoch 0) there is no previous epoch, so the t-2 set
1477 : should equal the genesis staked set. */
1478 :
1479 0 : {
1480 0 : fd_top_votes_t * top_votes_t_1 = fd_bank_top_votes_t_1_modify( bank );
1481 0 : fd_top_votes_t * top_votes_t_2 = fd_bank_top_votes_t_2_modify( bank );
1482 0 : fd_memcpy( top_votes_t_2, top_votes_t_1, FD_TOP_VOTES_MAX_FOOTPRINT );
1483 0 : }
1484 :
1485 0 : fd_vote_stakes_t * vote_stakes = fd_bank_vote_stakes( bank );
1486 0 : fd_vote_stakes_genesis_fini( vote_stakes );
1487 :
1488 0 : bank->f.epoch = 0UL;
1489 0 : bank->f.capitalization = capitalization;
1490 0 : }
1491 :
1492 : static int
1493 : fd_runtime_process_genesis_block( fd_bank_t * bank,
1494 : fd_accdb_t * accdb,
1495 : fd_capture_ctx_t * capture_ctx,
1496 0 : fd_runtime_stack_t * runtime_stack ) {
1497 0 : fd_sha256_hash_32_repeated( bank->f.poh.hash, bank->f.poh.hash, bank->f.hashes_per_tick * bank->f.ticks_per_slot );
1498 :
1499 0 : bank->f.execution_fees = 0UL;
1500 0 : bank->f.priority_fees = 0UL;
1501 0 : bank->f.signature_count = 0UL;
1502 0 : bank->f.txn_count = 0UL;
1503 0 : bank->f.failed_txn_count = 0UL;
1504 0 : bank->f.nonvote_failed_txn_count = 0UL;
1505 0 : bank->f.total_compute_units_used = 0UL;
1506 :
1507 0 : fd_runtime_genesis_init_program( bank, accdb, capture_ctx );
1508 0 : fd_sysvar_slot_history_update( bank, accdb, capture_ctx );
1509 0 : fd_runtime_update_leaders( bank, runtime_stack );
1510 0 : fd_runtime_freeze( bank, accdb, capture_ctx );
1511 :
1512 0 : fd_hash_t const * prev_bank_hash = &bank->f.bank_hash;
1513 :
1514 0 : fd_lthash_value_t const * lthash = fd_bank_lthash_locking_query( bank );
1515 :
1516 0 : fd_hash_t * bank_hash = &bank->f.bank_hash;
1517 0 : fd_hashes_hash_bank( lthash, prev_bank_hash, (fd_hash_t *)bank->f.poh.hash, 0UL, bank_hash );
1518 :
1519 0 : fd_bank_lthash_end_locking_query( bank );
1520 :
1521 0 : return FD_RUNTIME_EXECUTE_SUCCESS;
1522 0 : }
1523 :
1524 : void
1525 : fd_runtime_read_genesis( fd_banks_t * banks,
1526 : fd_bank_t * bank,
1527 : fd_accdb_t * accdb,
1528 : fd_capture_ctx_t * capture_ctx,
1529 : fd_hash_t const * genesis_hash,
1530 : fd_lthash_value_t const * genesis_lthash,
1531 : fd_genesis_t const * genesis,
1532 : uchar const * genesis_blob,
1533 0 : fd_runtime_stack_t * runtime_stack ) {
1534 0 : fd_lthash_value_t * lthash = fd_bank_lthash_locking_modify( bank );
1535 0 : *lthash = *genesis_lthash;
1536 0 : fd_bank_lthash_end_locking_modify( bank );
1537 :
1538 : /* Once the accounts have been loaded from the genesis config into
1539 : the accounts db, we can initialize the bank state. This involves
1540 : setting some fields, and notably setting up the vote and stake
1541 : caches which are used for leader scheduling/rewards. */
1542 :
1543 0 : fd_runtime_init_bank_from_genesis( banks, bank, runtime_stack, accdb, genesis, genesis_blob, genesis_hash );
1544 :
1545 : /* Write the native programs to the accounts db. */
1546 :
1547 0 : for( ulong i=0UL; i<genesis->builtin_cnt; i++ ) {
1548 0 : fd_genesis_builtin_t builtin[1];
1549 0 : fd_genesis_builtin( genesis, genesis_blob, builtin, i );
1550 0 : fd_write_builtin_account( bank, accdb, capture_ctx, builtin->pubkey, builtin->data, builtin->data_len );
1551 0 : }
1552 :
1553 0 : fd_features_restore( bank, accdb );
1554 :
1555 : /* At this point, state related to the bank and the accounts db
1556 : have been initialized and we are free to finish executing the
1557 : block. In practice, this updates some bank fields (notably the
1558 : poh and bank hash). */
1559 :
1560 0 : int err = fd_runtime_process_genesis_block( bank, accdb, capture_ctx, runtime_stack );
1561 0 : if( FD_UNLIKELY( err ) ) FD_LOG_CRIT(( "genesis slot 0 execute failed with error %d", err ));
1562 0 : }
1563 :
1564 : void
1565 : fd_runtime_block_execute_finalize( fd_bank_t * bank,
1566 : fd_accdb_t * accdb,
1567 81 : fd_capture_ctx_t * capture_ctx ) {
1568 81 : fd_runtime_freeze( bank, accdb, capture_ctx );
1569 81 : fd_runtime_update_bank_hash( bank, capture_ctx );
1570 81 : }
1571 :
1572 : /* Mirrors Agave function solana_sdk::transaction_context::find_index_of_account
1573 :
1574 : Backward scan over transaction accounts. Returns ULONG_MAX if not found.
1575 :
1576 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L233-L238 */
1577 :
1578 : ulong
1579 : fd_runtime_find_index_of_account( fd_txn_out_t const * txn_out,
1580 10179 : fd_pubkey_t const * pubkey ) {
1581 24186 : for( ulong i=0UL; i<txn_out->accounts.cnt; i++ ) {
1582 21606 : if( FD_UNLIKELY( !memcmp( pubkey, &txn_out->accounts.keys[ txn_out->accounts.cnt-1UL-i ], sizeof(fd_pubkey_t) ) ) ) return txn_out->accounts.cnt-1UL-i;
1583 21606 : }
1584 2580 : return ULONG_MAX;
1585 10179 : }
1586 :
1587 : fd_acc_t *
1588 : fd_runtime_get_account_at_index( fd_txn_in_t const * txn_in,
1589 : fd_txn_out_t * txn_out,
1590 : ushort idx,
1591 24795 : fd_txn_account_condition_fn_t * condition ) {
1592 24795 : if( FD_UNLIKELY( idx>=txn_out->accounts.cnt ) ) return NULL;
1593 24795 : if( FD_LIKELY( condition && !condition( txn_in, txn_out, idx ) ) ) return NULL;
1594 24699 : return txn_out->accounts.account[ idx ];
1595 24795 : }
1596 :
1597 : fd_acc_t *
1598 : fd_runtime_get_executable_account( fd_txn_out_t * txn_out,
1599 0 : fd_pubkey_t const * pubkey ) {
1600 : /* First try to fetch the executable account from the existing
1601 : borrowed accounts. If the pubkey is in the account keys, then we
1602 : want to re-use that borrowed account since it reflects changes from
1603 : prior instructions. Referencing the read-only executable accounts
1604 : list is incorrect behavior when the program data account is written
1605 : to in a prior instruction (e.g. program upgrade + invoke within the
1606 : same txn) */
1607 :
1608 0 : ulong account_idx = fd_runtime_find_index_of_account( txn_out, pubkey );
1609 0 : if( FD_LIKELY( account_idx!=ULONG_MAX && txn_out->accounts.account[ account_idx ]->lamports ) ) return txn_out->accounts.account[ account_idx ];
1610 :
1611 0 : for( ushort i=0; i<txn_out->accounts.executable_cnt; i++ ) {
1612 0 : fd_acc_t * ro = txn_out->accounts.executable[ i ];
1613 0 : if( FD_UNLIKELY( !memcmp( pubkey->uc, ro->pubkey, 32UL ) ) ) {
1614 0 : if( FD_UNLIKELY( !ro->lamports ) ) return NULL;
1615 0 : return ro;
1616 0 : }
1617 0 : }
1618 :
1619 0 : return NULL;
1620 0 : }
1621 :
1622 : int
1623 : fd_runtime_get_key_of_account_at_index( fd_txn_out_t * txn_out,
1624 : ushort idx,
1625 31947 : fd_pubkey_t const * * key ) {
1626 : /* Return a MissingAccount error if idx is out of bounds.
1627 : https://github.com/anza-xyz/agave/blob/v3.1.4/transaction-context/src/lib.rs#L187 */
1628 31947 : if( FD_UNLIKELY( idx>=txn_out->accounts.cnt ) ) {
1629 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1630 0 : }
1631 :
1632 31947 : *key = &txn_out->accounts.keys[ idx ];
1633 31947 : return FD_EXECUTOR_INSTR_SUCCESS;
1634 31947 : }
1635 :
1636 : /* https://github.com/anza-xyz/agave/blob/v2.1.1/sdk/program/src/message/versions/v0/loaded.rs#L162 */
1637 : int
1638 : fd_txn_account_is_demotion( const int idx,
1639 : const fd_txn_t * txn_descriptor,
1640 6168 : const uint bpf_upgradeable_in_txn ) {
1641 6168 : uint is_program = 0U;
1642 12351 : for( ulong j=0UL; j<txn_descriptor->instr_cnt; j++ ) {
1643 6189 : if( txn_descriptor->instr[j].program_id == idx ) {
1644 6 : is_program = 1U;
1645 6 : break;
1646 6 : }
1647 6189 : }
1648 :
1649 6168 : return (is_program && !bpf_upgradeable_in_txn);
1650 6168 : }
1651 :
1652 : uint
1653 : fd_txn_account_has_bpf_loader_upgradeable( fd_pubkey_t const * account_keys,
1654 7077 : ulong accounts_cnt ) {
1655 29256 : for( ulong j=0; j<accounts_cnt; j++ ) {
1656 22242 : const fd_pubkey_t * acc = &account_keys[j];
1657 22242 : if ( memcmp( acc->uc, fd_solana_bpf_loader_upgradeable_program_id.key, sizeof(fd_pubkey_t) ) == 0 ) {
1658 63 : return 1U;
1659 63 : }
1660 22242 : }
1661 7014 : return 0U;
1662 7077 : }
1663 :
1664 : static inline int
1665 : fd_runtime_account_is_writable_idx_flat( const ushort idx,
1666 : const fd_pubkey_t * addr_at_idx,
1667 : const fd_txn_t * txn_descriptor,
1668 7077 : const uint bpf_upgradeable_in_txn ) {
1669 : /* https://github.com/anza-xyz/agave/blob/v2.1.11/sdk/program/src/message/sanitized.rs#L43 */
1670 7077 : if( !fd_txn_is_writable( txn_descriptor, idx ) ) {
1671 894 : return 0;
1672 894 : }
1673 :
1674 : /* See comments in fd_system_ids.h.
1675 : https://github.com/anza-xyz/agave/blob/v2.1.11/sdk/program/src/message/sanitized.rs#L44 */
1676 6183 : if( fd_pubkey_is_active_reserved_key( addr_at_idx ) ||
1677 6183 : fd_pubkey_is_pending_reserved_key( addr_at_idx ) ) {
1678 :
1679 15 : return 0;
1680 15 : }
1681 :
1682 6168 : if( fd_txn_account_is_demotion( idx, txn_descriptor, bpf_upgradeable_in_txn ) ) {
1683 6 : return 0;
1684 6 : }
1685 :
1686 6162 : return 1;
1687 6168 : }
1688 :
1689 :
1690 : /* This function aims to mimic the writable accounts check to populate the writable accounts cache, used
1691 : to determine if accounts are writable or not.
1692 :
1693 : https://github.com/anza-xyz/agave/blob/v2.1.11/sdk/program/src/message/sanitized.rs#L38-L47 */
1694 : int
1695 : fd_runtime_account_is_writable_idx( fd_txn_in_t const * txn_in,
1696 : fd_txn_out_t const * txn_out,
1697 7077 : ushort idx ) {
1698 7077 : uint bpf_upgradeable = fd_txn_account_has_bpf_loader_upgradeable( txn_out->accounts.keys, txn_out->accounts.cnt );
1699 7077 : return fd_runtime_account_is_writable_idx_flat( idx,
1700 7077 : &txn_out->accounts.keys[idx],
1701 7077 : TXN( txn_in->txn ),
1702 7077 : bpf_upgradeable );
1703 7077 : }
1704 :
1705 : /* Account pre-condition filtering functions */
1706 :
1707 : int
1708 : fd_runtime_account_check_exists( fd_txn_in_t const * txn_in,
1709 : fd_txn_out_t * txn_out,
1710 1404 : ushort idx ) {
1711 1404 : (void) txn_in;
1712 1404 : return txn_out->accounts.account[ idx ]->lamports!=0UL;
1713 1404 : }
1714 :
1715 : int
1716 : fd_runtime_account_check_fee_payer_writable( fd_txn_in_t const * txn_in,
1717 : fd_txn_out_t * txn_out,
1718 219 : ushort idx ) {
1719 219 : (void) txn_out;
1720 219 : return fd_txn_is_writable( TXN( txn_in->txn ), idx );
1721 219 : }
1722 :
1723 :
1724 : int
1725 : fd_account_meta_checked_sub_lamports( fd_acc_t * acc,
1726 219 : ulong lamports ) {
1727 219 : ulong balance_post = 0UL;
1728 219 : int err = fd_ulong_checked_sub( acc->lamports, lamports, &balance_post );
1729 219 : if( FD_UNLIKELY( err ) ) return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW;
1730 :
1731 219 : acc->lamports = balance_post;
1732 219 : return FD_EXECUTOR_INSTR_SUCCESS;
1733 219 : }
1734 :
1735 : /* fd_executor_reuse_bundle_executable scans the runtime's deduplicated
1736 : account pools for a programdata account matching programdata_key that
1737 : was already opened by an earlier transaction in the bundle (either as
1738 : a regular transaction account or as a programdata account). Returns
1739 : the existing fd_acc_t so it can be reused instead of re-acquiring it,
1740 : or NULL if none is found. Must only be called for bundle txns. */
1741 :
1742 : static fd_acc_t *
1743 : reuse_bundle_executable( fd_runtime_t * runtime,
1744 828 : fd_pubkey_t const * programdata_key ) {
1745 4404 : for( ulong j=0UL; j<runtime->accounts.account_cnt; j++ ) {
1746 4404 : if( FD_LIKELY( !fd_pubkey_eq( fd_type_pun_const( &runtime->accounts.account[ j ].pubkey ), programdata_key ) ) ) continue;
1747 828 : return &runtime->accounts.account[ j ];
1748 4404 : }
1749 0 : for( ulong j=0UL; j<runtime->accounts.executable_cnt; j++ ) {
1750 0 : if( FD_LIKELY( !fd_pubkey_eq( fd_type_pun_const( &runtime->accounts.executable[ j ].pubkey ), programdata_key ) ) ) continue;
1751 0 : return &runtime->accounts.executable[ j ];
1752 0 : }
1753 0 : return NULL;
1754 0 : }
1755 :
1756 : int
1757 : fd_runtime_prepare_bundle_accounts( fd_runtime_t * runtime,
1758 : fd_bank_t * bank,
1759 : fd_txn_in_t const * txn_ins,
1760 : fd_txn_out_t * txn_outs,
1761 42 : ulong txn_cnt ) {
1762 :
1763 42 : # define FD_BUNDLE_ACCT_MAX (FD_PACK_MAX_TXN_PER_BUNDLE*MAX_TX_ACCOUNT_LOCKS)
1764 :
1765 42 : runtime->accounts.account_cnt = 0UL;
1766 42 : runtime->accounts.executable_cnt = 0UL;
1767 :
1768 42 : uchar const * acquire_pubkeys[ FD_BUNDLE_ACCT_MAX ];
1769 42 : int acquire_writable[ FD_BUNDLE_ACCT_MAX ];
1770 42 : ulong acquire_cnt = 0UL;
1771 :
1772 : /* First resolve a deduped set of account keys for all txns in the
1773 : bundle. This includes static account keys as well as ALUT resolved
1774 : addresses. */
1775 :
1776 135 : for( ulong i=0UL; i<txn_cnt; i++ ) {
1777 96 : fd_txn_in_t const * txn_in = &txn_ins [ i ];
1778 96 : fd_txn_out_t * txn_out = &txn_outs[ i ];
1779 :
1780 96 : txn_out->accounts.cnt = (uchar)TXN( txn_in->txn )->acct_addr_cnt;
1781 96 : fd_pubkey_t * tx_accs = (fd_pubkey_t *)((uchar *)txn_in->txn->payload + TXN( txn_in->txn )->acct_addr_off);
1782 927 : for( ulong j=0UL; j<TXN( txn_in->txn )->acct_addr_cnt; j++ ) {
1783 831 : txn_out->accounts.keys[ j ] = tx_accs[ j ];
1784 831 : txn_out->accounts.account[ j ] = NULL;
1785 831 : txn_out->accounts.account_acquired[ j ] = 0U;
1786 831 : }
1787 :
1788 96 : int err = fd_executor_setup_txn_alut_account_keys( runtime, bank, txn_in, txn_out );
1789 99 : for( ulong j=TXN( txn_in->txn )->acct_addr_cnt; j<txn_out->accounts.cnt; j++ ) {
1790 3 : txn_out->accounts.account[ j ] = NULL;
1791 3 : txn_out->accounts.account_acquired[ j ] = 0U;
1792 3 : }
1793 96 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) return err;
1794 :
1795 : /* Validate account locks before the union acquire below, bounding
1796 : the deduped set within the accdb acquire limit. */
1797 93 : err = fd_executor_validate_account_locks( txn_out );
1798 93 : if( FD_UNLIKELY( err!=FD_RUNTIME_EXECUTE_SUCCESS ) ) return err;
1799 :
1800 921 : for( ushort j=0; j<txn_out->accounts.cnt; j++ ) {
1801 828 : fd_pubkey_t const * key = &txn_out->accounts.keys[ j ];
1802 828 : int dup = 0;
1803 4395 : for( ulong k=0UL; k<acquire_cnt; k++ ) if( FD_UNLIKELY( !memcmp( acquire_pubkeys[ k ], key->uc, 32UL ) ) ) { dup = 1; break; }
1804 828 : if( FD_UNLIKELY( dup ) ) continue;
1805 360 : FD_TEST( acquire_cnt<FD_BUNDLE_ACCT_MAX );
1806 360 : acquire_pubkeys [ acquire_cnt ] = key->uc;
1807 : /* Bundle accounts are always acquired writable so that a later
1808 : txn can cleanly upgrade a read permission to a write. */
1809 360 : acquire_writable[ acquire_cnt ] = 1;
1810 360 : acquire_cnt++;
1811 360 : }
1812 93 : }
1813 :
1814 39 : if( FD_LIKELY( acquire_cnt ) ) {
1815 39 : fd_accdb_acquire_a( runtime->accdb, bank->accdb_fork_id, acquire_cnt, acquire_pubkeys, acquire_writable, runtime->accounts.account );
1816 39 : runtime->accounts.account_cnt = acquire_cnt;
1817 39 : }
1818 :
1819 129 : for( ulong i=0UL; i<txn_cnt; i++ ) {
1820 90 : fd_txn_out_t * txn_out = &txn_outs[ i ];
1821 909 : for( ushort j=0; j<txn_out->accounts.cnt; j++ ) {
1822 819 : txn_out->accounts.account[ j ] = NULL;
1823 4377 : for( ulong k=0UL; k<runtime->accounts.account_cnt; k++ ) {
1824 4377 : fd_acc_t * acc = &runtime->accounts.account[ k ];
1825 4377 : if( FD_LIKELY( !fd_pubkey_eq( fd_type_pun_const( &acc->pubkey ), &txn_out->accounts.keys[ j ] ) ) ) continue;
1826 819 : txn_out->accounts.account[ j ] = acc;
1827 819 : txn_out->accounts.starting_lamports[ j ] = acc->prior_lamports;
1828 819 : txn_out->accounts.starting_data_len[ j ] = acc->prior_data_len;
1829 819 : break;
1830 4377 : }
1831 819 : }
1832 90 : }
1833 :
1834 : /* Do the same for executable accounts (programdata accounts). Dedup
1835 : against all other executable-only accounts as well as ones that
1836 : were already included. */
1837 :
1838 39 : fd_pubkey_t programdata_keys[ FD_BUNDLE_ACCT_MAX ];
1839 39 : uchar const * pd_pubkeys [ FD_BUNDLE_ACCT_MAX ];
1840 39 : int pd_writable [ FD_BUNDLE_ACCT_MAX ];
1841 39 : ulong pd_cnt = 0UL;
1842 :
1843 390 : for( ulong i=0UL; i<runtime->accounts.account_cnt; i++ ) {
1844 351 : fd_acc_t * acc = &runtime->accounts.account[ i ];
1845 351 : if( FD_LIKELY( memcmp( acc->owner, fd_solana_bpf_loader_upgradeable_program_id.key, 32UL ) ) ) continue;
1846 6 : fd_bpf_state_t program_loader_state[1];
1847 6 : if( FD_UNLIKELY( fd_bpf_loader_program_get_state( acc, program_loader_state )!=FD_EXECUTOR_INSTR_SUCCESS ) ) continue;
1848 6 : if( FD_UNLIKELY( program_loader_state->discriminant!=FD_BPF_STATE_PROGRAM ) ) continue;
1849 :
1850 3 : fd_pubkey_t const * programdata_key = &program_loader_state->inner.program.programdata_address;
1851 3 : if( FD_UNLIKELY( !fd_accdb_exists( runtime->accdb, bank->accdb_fork_id, programdata_key->uc ) ) ) continue;
1852 :
1853 : /* Already part of the transaction account pool, or already queued. */
1854 3 : if( reuse_bundle_executable( runtime, programdata_key ) ) continue;
1855 0 : int dup = 0;
1856 0 : for( ulong u=0UL; u<pd_cnt; u++ ) if( FD_UNLIKELY( !memcmp( programdata_keys[ u ].uc, programdata_key->uc, 32UL ) ) ) { dup = 1; break; }
1857 0 : if( dup ) continue;
1858 :
1859 0 : FD_TEST( pd_cnt<FD_BUNDLE_ACCT_MAX );
1860 0 : programdata_keys[ pd_cnt ] = *programdata_key;
1861 0 : pd_pubkeys[ pd_cnt ] = programdata_keys[ pd_cnt ].uc;
1862 0 : pd_writable[ pd_cnt ] = 0;
1863 0 : pd_cnt++;
1864 0 : }
1865 :
1866 : /* acquire_b refunds the per-class reservations acquire_a made for the
1867 : union (reserved_cnt==acquire_cnt) that did not turn out to be
1868 : programdata. Skip it entirely for an empty bundle (nothing was
1869 : reserved and nothing is executable). */
1870 39 : if( FD_LIKELY( acquire_cnt || pd_cnt ) ) {
1871 39 : fd_accdb_acquire_b( runtime->accdb, bank->accdb_fork_id, acquire_cnt, pd_cnt, pd_pubkeys, pd_writable, runtime->accounts.executable );
1872 39 : }
1873 39 : runtime->accounts.executable_cnt = pd_cnt;
1874 :
1875 : /* Bind each txn's BPF-upgradeable programdata accounts to the shared
1876 : pre-acquired pool, once and for all here. This is the per-txn
1877 : executable list consumed during execution; computing it up-front
1878 : (instead of per-txn in fd_executor_setup_accounts_for_txn_bundle)
1879 : avoids redoing the program-state inspection on every txn. The
1880 : accounts are looked up in the shared pool by key, since per-txn
1881 : account[] pointers are not bound until setup. fd_runtime_new_txn_out
1882 : preserves these fields for bundle txns. */
1883 129 : for( ulong i=0UL; i<txn_cnt; i++ ) {
1884 90 : fd_txn_out_t * txn_out = &txn_outs[ i ];
1885 90 : ushort exe_cnt = 0;
1886 909 : for( ushort j=0; j<txn_out->accounts.cnt; j++ ) {
1887 819 : fd_acc_t * acc = reuse_bundle_executable( runtime, &txn_out->accounts.keys[ j ] );
1888 819 : if( FD_UNLIKELY( !acc ) ) continue;
1889 819 : if( FD_UNLIKELY( memcmp( acc->owner, fd_solana_bpf_loader_upgradeable_program_id.key, 32UL ) ) ) continue;
1890 9 : fd_bpf_state_t program_loader_state[1];
1891 9 : if( FD_UNLIKELY( fd_bpf_loader_program_get_state( acc, program_loader_state )!=FD_EXECUTOR_INSTR_SUCCESS ) ) continue;
1892 9 : if( FD_UNLIKELY( program_loader_state->discriminant!=FD_BPF_STATE_PROGRAM ) ) continue;
1893 :
1894 6 : fd_acc_t * programdata = reuse_bundle_executable( runtime, &program_loader_state->inner.program.programdata_address );
1895 6 : if( FD_UNLIKELY( !programdata ) ) continue;
1896 6 : txn_out->accounts.executable[ exe_cnt ] = programdata;
1897 6 : txn_out->accounts.executable_acquired[ exe_cnt ] = 0U;
1898 6 : exe_cnt++;
1899 6 : }
1900 90 : txn_out->accounts.executable_cnt = exe_cnt;
1901 90 : }
1902 :
1903 39 : return FD_RUNTIME_EXECUTE_SUCCESS;
1904 :
1905 39 : # undef FD_BUNDLE_ACCT_MAX
1906 39 : }
|
