LCOV - code coverage report
Current view: top level - flamenco/runtime/program - fd_bpf_loader_program.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 300 1531 19.6 %
Date: 2026-07-01 06:01:22 Functions: 8 13 61.5 %

          Line data    Source code
       1             : #include "fd_bpf_loader_program.h"
       2             : #include "fd_system_program.h"
       3             : 
       4             : /* For additional context see https://solana.com/docs/programs/deploying#state-accounts */
       5             : 
       6             : #include "../../progcache/fd_progcache_user.h"
       7             : #include "../fd_runtime_helpers.h"
       8             : #include "../fd_executor.h"
       9             : #include "../tests/fd_dump_pb.h"
      10             : #include "../sysvar/fd_sysvar.h"
      11             : #include "../fd_pubkey_utils.h"
      12             : #include "../fd_borrowed_account.h"
      13             : #include "../fd_system_ids.h"
      14             : #include "fd_bpf_loader_serialization.h"
      15             : #include "fd_builtin_programs.h"
      16             : #include "fd_native_cpi.h"
      17             : 
      18             : /* https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/sdk/program/src/program_error.rs#L290-L335 */
      19             : static inline int
      20             : program_error_to_instr_error( ulong  err,
      21          51 :                               uint * custom_err ) {
      22          51 :   switch( err ) {
      23           0 :     case CUSTOM_ZERO:
      24           0 :       *custom_err = 0;
      25           0 :       return FD_EXECUTOR_INSTR_ERR_CUSTOM_ERR;
      26           0 :     case INVALID_ARGUMENT:
      27           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
      28           0 :     case INVALID_INSTRUCTION_DATA:
      29           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
      30           0 :     case INVALID_ACCOUNT_DATA:
      31           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
      32           0 :     case ACCOUNT_DATA_TOO_SMALL:
      33           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
      34           0 :     case INSUFFICIENT_FUNDS:
      35           0 :       return FD_EXECUTOR_INSTR_ERR_INSUFFICIENT_FUNDS;
      36           0 :     case INCORRECT_PROGRAM_ID:
      37           0 :       return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
      38           0 :     case MISSING_REQUIRED_SIGNATURES:
      39           0 :       return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
      40           0 :     case ACCOUNT_ALREADY_INITIALIZED:
      41           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
      42           0 :     case UNINITIALIZED_ACCOUNT:
      43           0 :       return FD_EXECUTOR_INSTR_ERR_UNINITIALIZED_ACCOUNT;
      44           0 :     case NOT_ENOUGH_ACCOUNT_KEYS:
      45           0 :       return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
      46           0 :     case ACCOUNT_BORROW_FAILED:
      47           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_BORROW_FAILED;
      48           0 :     case MAX_SEED_LENGTH_EXCEEDED:
      49           0 :       return FD_EXECUTOR_INSTR_ERR_MAX_SEED_LENGTH_EXCEEDED;
      50           0 :     case INVALID_SEEDS:
      51           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_SEEDS;
      52           0 :     case BORSH_IO_ERROR:
      53           0 :       return FD_EXECUTOR_INSTR_ERR_BORSH_IO_ERROR;
      54           0 :     case ACCOUNT_NOT_RENT_EXEMPT:
      55           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_NOT_RENT_EXEMPT;
      56           0 :     case UNSUPPORTED_SYSVAR:
      57           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
      58           0 :     case ILLEGAL_OWNER:
      59           0 :       return FD_EXECUTOR_INSTR_ERR_ILLEGAL_OWNER;
      60           0 :     case MAX_ACCOUNTS_DATA_ALLOCATIONS_EXCEEDED:
      61           0 :       return FD_EXECUTOR_INSTR_ERR_MAX_ACCS_DATA_ALLOCS_EXCEEDED;
      62           0 :     case INVALID_ACCOUNT_DATA_REALLOC:
      63           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
      64           0 :     case MAX_INSTRUCTION_TRACE_LENGTH_EXCEEDED:
      65           0 :       return FD_EXECUTOR_INSTR_ERR_MAX_INSN_TRACE_LENS_EXCEEDED;
      66           0 :     case BUILTIN_PROGRAMS_MUST_CONSUME_COMPUTE_UNITS:
      67           0 :       return FD_EXECUTOR_INSTR_ERR_BUILTINS_MUST_CONSUME_CUS;
      68           0 :     case INVALID_ACCOUNT_OWNER:
      69           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
      70           0 :     case ARITHMETIC_OVERFLOW:
      71           0 :       return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW;
      72           0 :     case IMMUTABLE:
      73           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
      74           0 :     case INCORRECT_AUTHORITY:
      75           0 :       return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
      76          51 :     default:
      77          51 :       if( err>>BUILTIN_BIT_SHIFT == 0 ) {
      78          51 :         *custom_err = (uint)err;
      79          51 :         return FD_EXECUTOR_INSTR_ERR_CUSTOM_ERR;
      80          51 :       }
      81           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ERR;
      82          51 :   }
      83          51 : }
      84             : 
      85             : /* https://github.com/anza-xyz/agave/blob/9b22f28104ec5fd606e4bb39442a7600b38bb671/programs/bpf_loader/src/lib.rs#L216-L229 */
      86             : static ulong
      87        2454 : calculate_heap_cost( ulong heap_size, ulong heap_cost ) {
      88        4908 :   #define KIBIBYTE_MUL_PAGES       (1024UL * 32UL)
      89        2454 :   #define KIBIBYTE_MUL_PAGES_SUB_1 (KIBIBYTE_MUL_PAGES - 1UL)
      90             : 
      91        2454 :   heap_size = fd_ulong_sat_add( heap_size, KIBIBYTE_MUL_PAGES_SUB_1 );
      92             : 
      93        2454 :   heap_size = fd_ulong_sat_mul( fd_ulong_sat_sub( heap_size / KIBIBYTE_MUL_PAGES, 1UL ), heap_cost );
      94        2454 :   return heap_size;
      95             : 
      96        2454 :   #undef KIBIBYTE_MUL_PAGES
      97        2454 :   #undef KIBIBYTE_MUL_PAGES_SUB_1
      98        2454 : }
      99             : 
     100             : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L105-L171
     101             : 
     102             :    Our arguments to deploy_program are different from the Agave version because
     103             :    we handle the caching of deployed programs differently. In Firedancer we
     104             :    lack the concept of ProgramCacheEntryType entirely.
     105             :    https://github.com/anza-xyz/agave/blob/114d94a25e9631f9bf6349c4b833d7900ef1fb1c/program-runtime/src/loaded_programs.rs#L158
     106             : 
     107             :    In Agave there is a separate caching structure that is used to store the
     108             :    deployed programs. In Firedancer the deployed, validated program is stored as
     109             :    metadata for the account.
     110             : 
     111             :    See https://github.com/firedancer-io/firedancer/blob/9c1df680b3f38bebb0597e089766ec58f3b41e85/src/flamenco/runtime/program/fd_bpf_loader_v3_program.c#L1640
     112             :    for how we handle the concept of 'LoadedProgramType::DelayVisibility' in Firedancer.
     113             : 
     114             :    As a concrete example, our version of deploy_program does not have the
     115             :    'account_size' argument because we do not update the record here. */
     116             : int
     117             : fd_deploy_program( fd_exec_instr_ctx_t * instr_ctx,
     118             :                    uchar const *         programdata,
     119             :                    ulong                 programdata_size,
     120          12 :                    int                   disable_sbpf_v0_v1_v2_deployment ) {
     121          12 :   int deploy_mode                            = 1;
     122          12 :   int direct_mapping                         = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, account_data_direct_mapping );
     123          12 :   int syscall_parameter_address_restrictions = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, syscall_parameter_address_restrictions );
     124          12 :   int virtual_address_space_adjustments      = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, virtual_address_space_adjustments );
     125             : 
     126          12 :   uchar syscalls_mem[ FD_SBPF_SYSCALLS_FOOTPRINT ] __attribute__((aligned(FD_SBPF_SYSCALLS_ALIGN)));
     127          12 :   fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_join( fd_sbpf_syscalls_new( syscalls_mem ) );
     128          12 :   if( FD_UNLIKELY( !syscalls ) ) {
     129             :     //TODO: full log including err
     130           0 :     fd_log_collector_msg_literal( instr_ctx, "Failed to register syscalls" );
     131           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     132           0 :   }
     133             : 
     134             :   /* Agave uses the feature set from the next slot for deployment
     135             :      verification (DELAY_VISIBILITY_SLOT_OFFSET = 1).  This matters at
     136             :      epoch boundaries where features activate: a deployment at the last
     137             :      slot of an epoch should see features that activate at the boundary.
     138             :      https://github.com/anza-xyz/agave/blob/v3.1.8/runtime/src/bank.rs#L3280-L3295 */
     139          12 :   ulong deploy_slot = instr_ctx->bank->f.slot+1UL;
     140             : 
     141          12 :   fd_vm_syscall_register_slot( syscalls,
     142          12 :                                deploy_slot,
     143          12 :                                &instr_ctx->bank->f.features,
     144          12 :                                1 );
     145             : 
     146             :   /* Load executable */
     147          12 :   fd_sbpf_elf_info_t elf_info[ 1UL ];
     148          12 :   fd_prog_versions_t versions = fd_prog_versions( &instr_ctx->bank->f.features, deploy_slot );
     149             : 
     150             :   /* SIMD-0500: when active, restrict program deployment to SBPF v3+.
     151             :      Older SBPF versions remain executable.
     152             :      TODO: fix link when 4.1 is releaed
     153             :      https://github.com/anza-xyz/agave/blob/v4.1.0-alpha.0/program-runtime/src/deploy.rs#L30-L32 */
     154          12 :   if( disable_sbpf_v0_v1_v2_deployment ) {
     155           6 :     versions.min_sbpf_version = FD_SBPF_V3;
     156           6 :   }
     157             : 
     158          12 :   fd_sbpf_loader_config_t config = { 0 };
     159          12 :   config.elf_deploy_checks = deploy_mode;
     160          12 :   config.sbpf_min_version = versions.min_sbpf_version;
     161          12 :   config.sbpf_max_version = versions.max_sbpf_version;
     162             : 
     163          12 :   if( FD_UNLIKELY( fd_sbpf_elf_peek( elf_info, programdata, programdata_size, &config )<0 ) ) {
     164           3 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     165           3 :   }
     166             : 
     167             :   /* Allocate rodata segment */
     168           9 :   void * rodata = instr_ctx->runtime->bpf_loader_program.rodata;
     169           9 :   if( FD_UNLIKELY( !rodata ) ) {
     170           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     171           0 :   }
     172             : 
     173             :   /* Allocate program buffer */
     174           9 :   fd_sbpf_program_t * prog = fd_sbpf_program_new( instr_ctx->runtime->bpf_loader_program.sbpf_footprint, elf_info, rodata );
     175           9 :   if( FD_UNLIKELY( !prog ) ) {
     176           0 :     FD_LOG_ERR(( "fd_sbpf_program_new() failed" ));
     177           0 :   }
     178             : 
     179             :   /* Load program */
     180           9 :   void * scratch = instr_ctx->runtime->bpf_loader_program.programdata;
     181           9 :   int err = fd_sbpf_program_load( prog, programdata, programdata_size, syscalls, &config, scratch, programdata_size );
     182           9 :   if( FD_UNLIKELY( err ) ) {
     183           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     184           0 :   }
     185             : 
     186             :   /* Validate the program */
     187           9 :   fd_vm_t _vm[ 1UL ];
     188           9 :   fd_vm_t * vm = fd_vm_join( fd_vm_new( _vm ) );
     189             : 
     190           9 :   vm = fd_vm_init(
     191           9 :     /* vm                                     */ vm,
     192           9 :     /* instr_ctx                              */ instr_ctx,
     193           9 :     /* heap_max                               */ instr_ctx->txn_out->details.compute_budget.heap_size,
     194           9 :     /* entry_cu                               */ instr_ctx->txn_out->details.compute_budget.compute_meter,
     195           9 :     /* rodata                                 */ prog->rodata,
     196           9 :     /* rodata_sz                              */ prog->rodata_sz,
     197           9 :     /* text                                   */ prog->text,
     198           9 :     /* text_cnt                               */ prog->info.text_cnt,
     199           9 :     /* text_off                               */ prog->info.text_off, /* FIXME: What if text_off is not multiple of 8 */
     200           9 :     /* text_sz                                */ prog->info.text_sz,
     201           9 :     /* entry_pc                               */ prog->entry_pc,
     202           9 :     /* calldests                              */ prog->calldests,
     203           9 :     /* sbpf_version                           */ elf_info->sbpf_version,
     204           9 :     /* syscalls                               */ syscalls,
     205           9 :     /* trace                                  */ NULL,
     206           9 :     /* sha                                    */ NULL,
     207           9 :     /* mem_regions                            */ NULL,
     208           9 :     /* mem_regions_cnt                        */ 0,
     209           9 :     /* mem_region_accs                        */ NULL,
     210           9 :     /* is_deprecated                          */ 0,
     211           9 :     /* direct mapping                         */ direct_mapping,
     212           9 :     /* syscall_parameter_address_restrictions */ syscall_parameter_address_restrictions,
     213           9 :     /* virtual_address_space_adjustments      */ virtual_address_space_adjustments,
     214           9 :     /* dump_syscall_to_pb                     */ 0,
     215           9 :     /* r2_initial_value                       */ 0UL );
     216           9 :   if ( FD_UNLIKELY( vm == NULL ) ) {
     217           0 :     FD_LOG_WARNING(( "NULL vm" ));
     218           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     219           0 :   }
     220             : 
     221           9 :   int validate_result = fd_vm_validate( vm );
     222           9 :   if( FD_UNLIKELY( validate_result!=FD_VM_SUCCESS ) ) {
     223           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     224           0 :   }
     225             : 
     226           9 :   return FD_EXECUTOR_INSTR_SUCCESS;
     227           9 : }
     228             : 
     229             : /* SIMD-0500 finalize gate: when the feature is active and the ELF
     230             :    embedded in `programdata` parses as SBPFv0/v1/v2, reject;
     231             :    otherwise accept (including the short-programdata case, which
     232             :    mirrors the let-chain short-circuit in agave).  See the call site
     233             :    in `process_loader_upgradeable_instruction` for the SetAuthority
     234             :    handler.
     235             :    https://github.com/anza-xyz/agave/blob/v4.1.0-alpha.0/programs/bpf_loader/src/lib.rs#L580-L591 */
     236             : int
     237             : fd_bpf_loader_finalize_v3_check( int           feature_active,
     238             :                                  uchar const * programdata,
     239          12 :                                  ulong         programdata_len ) {
     240          12 :   ulong const off = PROGRAMDATA_METADATA_SIZE + 48UL; /* ELF64 e_flags */
     241          12 :   if( !feature_active                         ) return FD_EXECUTOR_INSTR_SUCCESS;
     242           6 :   if( programdata_len < off + sizeof(uint)    ) return FD_EXECUTOR_INSTR_SUCCESS;
     243           6 :   if( FD_LOAD( uint, programdata+off )<FD_SBPF_V3 ) return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     244           3 :   return FD_EXECUTOR_INSTR_SUCCESS;
     245           6 : }
     246             : 
     247             : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L195-L218 */
     248             : static int
     249             : write_program_data( fd_exec_instr_ctx_t *   instr_ctx,
     250             :                     ushort                  instr_acc_idx,
     251             :                     ulong                   program_data_offset,
     252             :                     uchar const *           bytes,
     253           0 :                     ulong                   bytes_len ) {
     254           0 :   int err;
     255             : 
     256             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L202 */
     257           0 :   fd_guarded_borrowed_account_t program = {0};
     258           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, instr_acc_idx, &program );
     259             : 
     260             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L203 */
     261           0 :   uchar * data = NULL;
     262           0 :   ulong   dlen = 0UL;
     263           0 :   err = fd_borrowed_account_get_data_mut( &program, &data, &dlen );
     264           0 :   if( FD_UNLIKELY( err ) ) {
     265           0 :     return err;
     266           0 :   }
     267             : 
     268           0 :   ulong write_offset = fd_ulong_sat_add( program_data_offset, bytes_len );
     269           0 :   if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &program )<write_offset ) ) {
     270             :     /* Max msg_sz: 24 - 6 + 2*20 = 58 < 127 => we can use printf */
     271           0 :     fd_log_collector_printf_dangerous_max_127( instr_ctx,
     272           0 :       "Write overflow: %lu < %lu", fd_borrowed_account_get_data_len( &program ), write_offset );
     273           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     274           0 :   }
     275             : 
     276           0 :   if( FD_UNLIKELY( program_data_offset>dlen ) ) {
     277           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     278           0 :   }
     279             : 
     280           0 :   if( FD_LIKELY( bytes_len ) ) {
     281           0 :     fd_memcpy( data+program_data_offset, bytes, bytes_len );
     282           0 :   }
     283             : 
     284           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     285           0 : }
     286             : 
     287             : int
     288             : fd_bpf_loader_program_get_state( fd_acc_t const * acc,
     289          45 :                                  fd_bpf_state_t * state ) {
     290          45 :   if( FD_UNLIKELY( fd_bpf_state_decode( state, acc->data, acc->data_len ) ) ) {
     291           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     292           0 :   }
     293          45 :   return FD_EXECUTOR_INSTR_SUCCESS;
     294          45 : }
     295             : 
     296             :   int
     297             :   fd_bpf_loader_program_get_state2( uchar const *    data,
     298             :                                     ulong            data_len,
     299           0 :                                     fd_bpf_state_t * state ) {
     300           0 :   if( FD_UNLIKELY( fd_bpf_state_decode( state, data, data_len ) ) ) {
     301           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     302           0 :   }
     303           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     304           0 : }
     305             : 
     306             : /* Mirrors solana_sdk::transaction_context::BorrowedAccount::set_state()
     307             :    https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L973 */
     308             : int
     309             : fd_bpf_loader_v3_program_set_state( fd_borrowed_account_t * borrowed_acct,
     310           0 :                                     fd_bpf_state_t *        state ) {
     311           0 :   ulong state_size = fd_bpf_state_size( state );
     312             : 
     313           0 :   uchar * data = NULL;
     314           0 :   ulong   dlen = 0UL;
     315             : 
     316           0 :   int err = fd_borrowed_account_get_data_mut( borrowed_acct, &data, &dlen );
     317           0 :   if( FD_UNLIKELY( err ) ) {
     318           0 :     return err;
     319           0 :   }
     320             : 
     321           0 :   if( FD_UNLIKELY( state_size>dlen ) ) {
     322           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     323           0 :   }
     324             : 
     325           0 :   ulong out_sz = 0UL;
     326           0 :   if( FD_UNLIKELY( fd_bpf_state_encode( state, data, state_size, &out_sz ) ) ) {
     327           0 :     return FD_EXECUTOR_INSTR_ERR_GENERIC_ERR;
     328           0 :   }
     329             : 
     330           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     331           0 : }
     332             : 
     333             : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1299-L1331 */
     334             : static int
     335             : common_close_account( fd_pubkey_t *         authority_address,
     336             :                       fd_exec_instr_ctx_t * instr_ctx,
     337           0 :                       fd_bpf_state_t *      state ) {
     338           0 :   int err;
     339             : 
     340             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1307 */
     341           0 :   if( FD_UNLIKELY( !authority_address ) ) {
     342           0 :     fd_log_collector_msg_literal( instr_ctx, "Account is immutable" );
     343           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
     344           0 :   }
     345             : 
     346             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1312-L1313 */
     347           0 :   fd_pubkey_t const * acc_key = NULL;
     348           0 :   err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &acc_key );
     349           0 :   if( FD_UNLIKELY( err ) ) {
     350           0 :     return err;
     351           0 :   }
     352             : 
     353           0 :   if( FD_UNLIKELY( memcmp( authority_address, acc_key, sizeof(fd_pubkey_t) ) ) ) {
     354           0 :     fd_log_collector_msg_literal( instr_ctx, "Incorrect authority provided" );
     355           0 :     return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
     356           0 :   }
     357             : 
     358             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1319-L1322 */
     359           0 :   if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL, &err ) ) ) {
     360             :     /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
     361           0 :     if( FD_UNLIKELY( !!err ) ) return err;
     362           0 :     fd_log_collector_msg_literal( instr_ctx, "Authority did not sign" );
     363           0 :     return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
     364           0 :   }
     365             : 
     366             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1324 */
     367           0 :   fd_guarded_borrowed_account_t close_account = {0};
     368           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &close_account );
     369             : 
     370             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1326 */
     371           0 :   fd_guarded_borrowed_account_t recipient_account = {0};
     372           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &recipient_account );
     373             : 
     374           0 :   err = fd_borrowed_account_checked_add_lamports( &recipient_account,
     375           0 :                                                   fd_borrowed_account_get_lamports( &close_account ) );
     376           0 :   if( FD_UNLIKELY( err ) ) {
     377           0 :     return err;
     378           0 :   }
     379             : 
     380           0 :   err = fd_borrowed_account_set_lamports( &close_account, 0UL );
     381           0 :   if( FD_UNLIKELY( err ) ) {
     382           0 :     return err;
     383           0 :   }
     384             : 
     385           0 :   state->discriminant = FD_BPF_STATE_UNINITIALIZED;
     386           0 :   err = fd_bpf_loader_v3_program_set_state( &close_account, state );
     387           0 :   if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
     388           0 :     return err;
     389           0 :   }
     390             : 
     391           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     392           0 : }
     393             : 
     394             : 
     395             : /* Every loader-owned BPF program goes through this function, which goes into the VM.
     396             : 
     397             :    https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1332-L1501 */
     398             : int
     399             : fd_bpf_execute( fd_exec_instr_ctx_t *      instr_ctx,
     400             :                 fd_progcache_rec_t const * cache_entry,
     401        2454 :                 uchar                      is_deprecated ) {
     402        2454 :   long const regime0 = fd_tickcount();
     403             : 
     404        2454 :   int err = FD_EXECUTOR_INSTR_SUCCESS;
     405             : 
     406        2454 :   uchar syscalls_mem[ FD_SBPF_SYSCALLS_FOOTPRINT ] __attribute__((aligned(FD_SBPF_SYSCALLS_ALIGN)));
     407        2454 :   fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_join( fd_sbpf_syscalls_new( syscalls_mem ) );
     408        2454 :   if( FD_UNLIKELY( !syscalls ) ) {
     409           0 :     FD_LOG_CRIT(( "Unable to allocate syscalls" ));
     410           0 :   }
     411             : 
     412             :   /* TODO do we really need to re-do this on every instruction? */
     413        2454 :   fd_vm_syscall_register_slot( syscalls,
     414        2454 :                                instr_ctx->bank->f.slot,
     415        2454 :                                &instr_ctx->bank->f.features,
     416        2454 :                                0 );
     417             : 
     418             :   /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1362-L1368 */
     419        2454 :   ulong                   input_sz                                 = 0UL;
     420        2454 :   ulong                   pre_lens[256]                            = {0};
     421        2454 :   fd_vm_input_region_t    input_mem_regions[1000]                  = {0}; /* We can have a max of (3 * num accounts + 1) regions */
     422        2454 :   fd_vm_acc_region_meta_t acc_region_metas[256]                    = {0}; /* instr acc idx to idx */
     423        2454 :   uint                    input_mem_regions_cnt                    = 0U;
     424        2454 :   int                     direct_mapping                           = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, account_data_direct_mapping );
     425        2454 :   int                     syscall_parameter_address_restrictions   = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, syscall_parameter_address_restrictions );
     426        2454 :   int                     virtual_address_space_adjustments        = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, virtual_address_space_adjustments );
     427        2454 :   int                     provide_instruction_data_offset_in_vm_r2 = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, provide_instruction_data_offset_in_vm_r2 );
     428        2454 :   int                     direct_account_pointers_in_program_input = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, direct_account_pointers_in_program_input );
     429             : 
     430        2454 :   ulong instruction_data_offset = 0UL;
     431             :   /* 16-byte aligned buffer:
     432             :      https://github.com/anza-xyz/agave/blob/v3.0.0/program-runtime/src/serialization.rs#L60 */
     433        2454 :   uchar * input = instr_ctx->runtime->bpf_loader_serialization.serialization_mem[ instr_ctx->runtime->instr.stack_sz-1UL ];
     434        2454 :   err = fd_bpf_loader_input_serialize_parameters( instr_ctx, pre_lens,
     435        2454 :                                                   input_mem_regions, &input_mem_regions_cnt,
     436        2454 :                                                   acc_region_metas, virtual_address_space_adjustments, direct_mapping,
     437        2454 :                                                   direct_account_pointers_in_program_input, is_deprecated,
     438        2454 :                                                   &instruction_data_offset, &input_sz );
     439        2454 :   if( FD_UNLIKELY( err ) ) {
     440           0 :     return err;
     441           0 :   }
     442             : 
     443        2454 :   fd_sha256_t _sha[1];
     444        2454 :   fd_sha256_t * sha = fd_sha256_join( fd_sha256_new( _sha ) );
     445             : 
     446        2454 :   fd_vm_t _vm[1];
     447        2454 :   fd_vm_t * vm = fd_vm_join( fd_vm_new( _vm ) );
     448             : 
     449        2454 :   ulong pre_insn_cus = instr_ctx->txn_out->details.compute_budget.compute_meter;
     450        2454 :   ulong heap_size    = instr_ctx->txn_out->details.compute_budget.heap_size;
     451             : 
     452             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L275-L278 */
     453        2454 :   ulong heap_cost = calculate_heap_cost( heap_size, FD_VM_HEAP_COST );
     454        2454 :   int heap_cost_result = fd_executor_consume_cus( instr_ctx->txn_out, heap_cost );
     455        2454 :   if( FD_UNLIKELY( heap_cost_result ) ) {
     456           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     457           0 :   }
     458             : 
     459             :   /* For dumping syscalls for seed corpora */
     460        2454 :   int dump_syscall_to_pb = instr_ctx->runtime->log.dump_proto_ctx &&
     461        2454 :                            instr_ctx->bank->f.slot>=instr_ctx->runtime->log.dump_proto_ctx->dump_proto_start_slot &&
     462        2454 :                            instr_ctx->runtime->log.dump_proto_ctx->dump_syscall_to_pb;
     463             : 
     464             :   /* https://github.com/anza-xyz/agave/blob/v3.1.1/programs/bpf_loader/src/lib.rs#L1525-L1528 */
     465        2454 :   ulong r2_initial_value = provide_instruction_data_offset_in_vm_r2 ? instruction_data_offset : 0UL;
     466             : 
     467             :   /* TODO: (topointon): correctly set check_size in vm setup */
     468        2454 :   fd_wksp_t * progcache_wksp = instr_ctx->runtime->progcache->join->data_base;
     469        2454 :   void const * rodata = fd_progcache_rec_rodata( cache_entry, progcache_wksp );
     470        2454 :   vm = fd_vm_init(
     471        2454 :     /* vm                                     */ vm,
     472        2454 :     /* instr_ctx                              */ instr_ctx,
     473        2454 :     /* heap_max                               */ heap_size,
     474        2454 :     /* entry_cu                               */ instr_ctx->txn_out->details.compute_budget.compute_meter,
     475        2454 :     /* rodata                                 */ rodata,
     476        2454 :     /* rodata_sz                              */ cache_entry->rodata_sz,
     477        2454 :     /* text (note: text_off is byte offset)   */ (ulong *)( (ulong)rodata + cache_entry->text_off ),
     478        2454 :     /* text_cnt                               */ cache_entry->text_cnt,
     479        2454 :     /* text_off                               */ cache_entry->text_off,
     480        2454 :     /* text_sz                                */ cache_entry->text_sz,
     481        2454 :     /* entry_pc                               */ cache_entry->entry_pc,
     482        2454 :     /* calldests                              */ fd_progcache_rec_calldests( cache_entry, progcache_wksp ),
     483        2454 :     /* sbpf_version                           */ cache_entry->sbpf_version,
     484        2454 :     /* syscalls                               */ syscalls,
     485        2454 :     /* trace                                  */ NULL,
     486        2454 :     /* sha                                    */ sha,
     487        2454 :     /* input_mem_regions                      */ input_mem_regions,
     488        2454 :     /* input_mem_regions_cnt                  */ input_mem_regions_cnt,
     489        2454 :     /* acc_region_metas                       */ acc_region_metas,
     490        2454 :     /* is_deprecated                          */ is_deprecated,
     491        2454 :     /* direct_mapping                         */ direct_mapping,
     492        2454 :     /* syscall_parameter_address_restrictions */ syscall_parameter_address_restrictions,
     493        2454 :     /* virtual_address_space_adjustments      */ virtual_address_space_adjustments,
     494        2454 :     /* dump_syscall_to_pb                     */ dump_syscall_to_pb,
     495        2454 :     /* r2_initial_value                       */ r2_initial_value );
     496        2454 :   if( FD_UNLIKELY( !vm ) ) {
     497             :     /* We throw an error here because it could be the case that the given heap_size > HEAP_MAX.
     498             :        In this case, Agave fails the transaction but does not error out.
     499             : 
     500             :        https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1396 */
     501           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     502           0 :   }
     503             : 
     504        2454 :   if( FD_UNLIKELY( instr_ctx->runtime->log.enable_vm_tracing && instr_ctx->runtime->log.tracing_mem ) ) {
     505           0 :     vm->trace = fd_vm_trace_join( fd_vm_trace_new( instr_ctx->runtime->log.tracing_mem + ((instr_ctx->runtime->instr.stack_sz-1UL) * FD_RUNTIME_VM_TRACE_STATIC_FOOTPRINT), FD_RUNTIME_VM_TRACE_EVENT_MAX, FD_RUNTIME_VM_TRACE_EVENT_DATA_MAX ));
     506           0 :     if( FD_UNLIKELY( !vm->trace ) ) FD_LOG_ERR(( "unable to create trace; make sure you've compiled with sufficient spad size " ));
     507           0 :   }
     508             : 
     509        2454 :   long const regime1 = fd_tickcount();
     510             : 
     511        2454 :   int exec_err = fd_vm_exec( vm );
     512        2454 :   instr_ctx->txn_out->details.compute_budget.compute_meter = vm->cu;
     513             : 
     514        2454 :   long const regime2 = fd_tickcount();
     515             : 
     516        2454 :   if( instr_ctx->instr->stack_height==1 ) {
     517           0 :     instr_ctx->runtime->metrics.vm_setup_cum_ticks  += (ulong)( regime1-regime0 );
     518           0 :     instr_ctx->runtime->metrics.vm_exec_cum_ticks   += (ulong)( regime2-regime1 );
     519        2454 :   } else {
     520        2454 :     instr_ctx->runtime->metrics.cpi_setup_cum_ticks += (ulong)( regime1-regime0 );
     521        2454 :   }
     522             : 
     523        2454 :   if( FD_UNLIKELY( vm->trace ) ) {
     524           0 :     err = fd_vm_trace_printf( vm->trace, vm->syscalls );
     525           0 :     if( FD_UNLIKELY( err ) ) {
     526           0 :       FD_LOG_WARNING(( "fd_vm_trace_printf failed (%i-%s)", err, fd_vm_strerror( err ) ));
     527           0 :     }
     528           0 :   }
     529             : 
     530             :   /* Log consumed compute units and return data.
     531             :      https://github.com/anza-xyz/agave/blob/v2.0.6/programs/bpf_loader/src/lib.rs#L1418-L1429 */
     532        2454 :   fd_log_collector_program_consumed( instr_ctx, pre_insn_cus-vm->cu, pre_insn_cus );
     533        2454 :   if( FD_UNLIKELY( instr_ctx->txn_out->details.return_data.len ) ) {
     534           0 :     fd_log_collector_program_return( instr_ctx );
     535           0 :   }
     536             : 
     537             :   /* We have a big error-matching arm here
     538             :      https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1674-L1744 */
     539             : 
     540             :   /* Handle non-zero return status with successful VM execution. This is
     541             :      the Ok(status) case, hence exec_err must be 0 for this case to be hit.
     542             :      https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1675-L1678 */
     543        2454 :   if( FD_LIKELY( !exec_err ) ) {
     544        2424 :     ulong status = vm->reg[0];
     545        2424 :     if( FD_UNLIKELY( status ) ) {
     546          51 :       err = program_error_to_instr_error( status, &instr_ctx->txn_out->err.custom_err );
     547          51 :       FD_VM_PREPARE_ERR_OVERWRITE( vm );
     548          51 :       FD_VM_ERR_FOR_LOG_INSTR( vm, err );
     549          51 :       return err;
     550          51 :     }
     551        2424 :   } else {
     552             :     /* https://github.com/anza-xyz/agave/blob/v2.1.13/programs/bpf_loader/src/lib.rs#L1434-L1439 */
     553             :     /* (SIMD-182) Consume ALL requested CUs on non-Syscall errors */
     554          30 :     if( FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, deplete_cu_meter_on_vm_failure ) &&
     555          30 :         exec_err!=FD_VM_ERR_EBPF_SYSCALL_ERROR ) {
     556           0 :       instr_ctx->txn_out->details.compute_budget.compute_meter = 0UL;
     557           0 :     }
     558             : 
     559             :     /* Direct mapping access violation case
     560             :        Edge case with error codes: if direct mapping is enabled, the EBPF error is an access violation,
     561             :        and the access type was a store, a different error code is returned to give developers more insight
     562             :        as to what caused the error.
     563             :        https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1556-L1618 */
     564          30 :     if( FD_UNLIKELY( virtual_address_space_adjustments &&
     565          30 :                      ( exec_err==FD_VM_ERR_EBPF_ACCESS_VIOLATION || instr_ctx->txn_out->err.exec_err==FD_VM_ERR_EBPF_ACCESS_VIOLATION ) &&
     566          30 :                      vm->segv_vaddr!=ULONG_MAX ) ) {
     567             : 
     568             :       /* If the vaddr of the access violation falls within the bounds of a
     569             :          serialized account vaddr range, then try to retrieve a more specific
     570             :          vm error based on the account's accesss permissions. */
     571          24 :       for( ushort i=0UL; i<instr_ctx->instr->acct_cnt; i++ ) {
     572             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1455 */
     573             : 
     574             :         /* Find the input memory region that corresponds to the access
     575             :            https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1566-L1617 */
     576          24 :         ulong idx = acc_region_metas[i].region_idx;
     577          24 :         fd_vm_input_region_t const * input_mem_region = &input_mem_regions[idx];
     578          24 :         fd_vm_acc_region_meta_t const * acc_region_meta = &acc_region_metas[i];
     579             : 
     580             :         /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1484-L1492 */
     581          24 :         ulong region_data_vaddr_start = FD_VM_MEM_MAP_INPUT_REGION_START + input_mem_region->vaddr_offset + input_mem_region->region_sz;
     582          24 :         ulong region_data_vaddr_end   = fd_ulong_sat_add( region_data_vaddr_start, acc_region_meta->original_data_len );
     583          24 :         if( FD_LIKELY( !is_deprecated ) ) {
     584          24 :           region_data_vaddr_end       = fd_ulong_sat_add( region_data_vaddr_end, MAX_PERMITTED_DATA_INCREASE );
     585          24 :         }
     586             : 
     587          24 :         if( vm->segv_vaddr >= region_data_vaddr_start && vm->segv_vaddr <= region_data_vaddr_end ) {
     588             : 
     589             :           /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1575-L1616 */
     590          24 :           fd_guarded_borrowed_account_t instr_acc = {0};
     591          24 :           FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, i, &instr_acc );
     592             : 
     593             :           /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1581-L1616 */
     594          24 :           if( fd_ulong_sat_add( vm->segv_vaddr, vm->segv_access_len ) <= region_data_vaddr_end ) {
     595             :             /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1592-L1601 */
     596          24 :             if( vm->segv_access_type==FD_VM_ACCESS_TYPE_ST ) {
     597          24 :               int borrow_err = FD_EXECUTOR_INSTR_SUCCESS;
     598          24 :               if( !fd_borrowed_account_can_data_be_changed( &instr_acc, &borrow_err ) || borrow_err != FD_EXECUTOR_INSTR_SUCCESS ) {
     599          24 :                 err = borrow_err;
     600          24 :               } else {
     601           0 :                 err = FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
     602           0 :               }
     603          24 :             } else if( vm->segv_access_type==FD_VM_ACCESS_TYPE_LD ) {
     604           0 :               int borrow_err = FD_EXECUTOR_INSTR_SUCCESS;
     605           0 :               if( !fd_borrowed_account_can_data_be_changed( &instr_acc, &borrow_err ) || borrow_err != FD_EXECUTOR_INSTR_SUCCESS ) {
     606           0 :                 err = FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     607           0 :               } else {
     608           0 :                 err = FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
     609           0 :               }
     610           0 :             } else {
     611           0 :               FD_LOG_CRIT(( "invariant violation: unsupported access type: %i", vm->segv_access_type ));
     612           0 :             }
     613             : 
     614          24 :             FD_VM_PREPARE_ERR_OVERWRITE( vm );
     615          24 :             FD_VM_ERR_FOR_LOG_INSTR( vm, err );
     616          24 :             return err;
     617          24 :           }
     618          24 :         }
     619          24 :       }
     620          24 :     }
     621             : 
     622             :     /* The error kind should have been set in the VM. Match it and set
     623             :        the error code accordingly. There are no direct permalinks here -
     624             :        this is all a result of Agave's complex nested error-code handling
     625             :        and our design decisions for making our error codes match. */
     626             : 
     627             :     /* Instr error case. Set the error kind and return the instruction error */
     628           6 :     if( instr_ctx->txn_out->err.exec_err_kind==FD_EXECUTOR_ERR_KIND_INSTR ) {
     629           0 :       err = instr_ctx->txn_out->err.exec_err;
     630           0 :       FD_VM_PREPARE_ERR_OVERWRITE( vm );
     631           0 :       FD_VM_ERR_FOR_LOG_INSTR( vm, err );
     632           0 :       return err;
     633           0 :     }
     634             : 
     635             :     /* Syscall error case. The VM would have also set the syscall error
     636             :        code in the txn_ctx exec_err. */
     637           6 :     if( instr_ctx->txn_out->err.exec_err_kind==FD_EXECUTOR_ERR_KIND_SYSCALL ) {
     638           0 :       err = instr_ctx->txn_out->err.exec_err;
     639           0 :       FD_VM_PREPARE_ERR_OVERWRITE( vm );
     640           0 :       FD_VM_ERR_FOR_LOG_SYSCALL( vm, err );
     641           0 :       return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
     642           0 :     }
     643             : 
     644             :     /* An access violation that takes place inside a syscall will
     645             :        cause `exec_res` to be set to EbpfError::SyscallError,
     646             :       'but the `txn_ctx->err.exec_err_kind` will be set to EBPF and
     647             :        `txn_ctx->err.exec_err` will be set to the EBPF error. In this
     648             :        specific case, there is nothing to do since the error and error
     649             :        kind area already set correctly. Otherwise, we need to log the
     650             :        EBPF error. */
     651           6 :     if( exec_err!=FD_VM_ERR_EBPF_SYSCALL_ERROR ) {
     652           6 :       FD_VM_PREPARE_ERR_OVERWRITE( vm );
     653           6 :       FD_VM_ERR_FOR_LOG_EBPF( vm, exec_err );
     654           6 :     }
     655             : 
     656           6 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
     657           6 :   }
     658             : 
     659        2373 :   err = fd_bpf_loader_input_deserialize_parameters(
     660        2373 :     instr_ctx, pre_lens, input, input_sz, virtual_address_space_adjustments, direct_mapping, is_deprecated );
     661             : 
     662        2373 :   long const regime3 = fd_tickcount();
     663        2373 :   if( instr_ctx->instr->stack_height==1 ) {
     664           0 :     instr_ctx->runtime->metrics.vm_commit_cum_ticks += (ulong)( regime3-regime2 );
     665        2373 :   } else {
     666        2373 :     instr_ctx->runtime->metrics.cpi_commit_cum_ticks  += (ulong)( regime3-regime2 );
     667        2373 :   }
     668             : 
     669        2373 :   return err;
     670        2454 : }
     671             : 
     672             : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1358-L1539 */
     673             : static int
     674             : common_extend_program( fd_exec_instr_ctx_t * instr_ctx,
     675             :                        uint                  additional_bytes,
     676           0 :                        uchar                 check_authority ) {
     677           0 :   int err;
     678             : 
     679             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1366 */
     680           0 :   fd_pubkey_t const * program_id = NULL;
     681           0 :   err = fd_exec_instr_ctx_get_last_program_key( instr_ctx, &program_id );
     682           0 :   if( FD_UNLIKELY( err ) ) {
     683           0 :     return err;
     684           0 :   }
     685             : 
     686             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1368-L1370 */
     687           0 :   #define PROGRAM_DATA_ACCOUNT_INDEX (0)
     688           0 :   #define PROGRAM_ACCOUNT_INDEX      (1)
     689           0 :   #define AUTHORITY_ACCOUNT_INDEX    (2)
     690             : 
     691             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1371-L1372 */
     692           0 :   uchar optional_payer_account_index = check_authority ? 4 : 3;
     693             : 
     694             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1374-L1377 */
     695           0 :   if( FD_UNLIKELY( additional_bytes==0U ) ) {
     696           0 :     fd_log_collector_msg_literal( instr_ctx, "Additional bytes must be greater than 0" );
     697           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
     698           0 :   }
     699             : 
     700             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1379-L1381 */
     701           0 :   fd_guarded_borrowed_account_t programdata_account = {0};
     702           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, PROGRAM_DATA_ACCOUNT_INDEX, &programdata_account );
     703           0 :   fd_pubkey_t const * programdata_key = (fd_pubkey_t*)programdata_account.acc->pubkey;
     704             : 
     705             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1383-L1386 */
     706           0 :   if( FD_UNLIKELY( memcmp( program_id, fd_borrowed_account_get_owner( &programdata_account ), sizeof(fd_pubkey_t) ) ) ) {
     707           0 :     fd_log_collector_msg_literal( instr_ctx, "ProgramData owner is invalid" );
     708           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
     709           0 :   }
     710             : 
     711             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1387-L1390 */
     712           0 :   if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &programdata_account ) ) ) {
     713           0 :     fd_log_collector_msg_literal( instr_ctx, "ProgramData is not writable" );
     714           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     715           0 :   }
     716             : 
     717             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1392-L1393 */
     718           0 :   fd_guarded_borrowed_account_t program_account = {0};
     719           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, PROGRAM_ACCOUNT_INDEX, &program_account );
     720             : 
     721             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1394-L1397 */
     722           0 :   if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program_account ) ) ) {
     723           0 :     fd_log_collector_msg_literal( instr_ctx, "Program account is not writable" );
     724           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     725           0 :   }
     726             : 
     727             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1398-L1401 */
     728           0 :   if( FD_UNLIKELY( memcmp( program_id, fd_borrowed_account_get_owner( &program_account ), sizeof(fd_pubkey_t) ) ) ) {
     729           0 :     fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
     730           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
     731           0 :   }
     732             : 
     733             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1403-L1419 */
     734           0 :   fd_bpf_state_t program_state[1];
     735           0 :   err = fd_bpf_loader_program_get_state( program_account.acc, program_state );
     736           0 :   if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
     737           0 :     return err;
     738           0 :   }
     739             : 
     740           0 :   if( program_state->discriminant==FD_BPF_STATE_PROGRAM ) {
     741           0 :     if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
     742           0 :       fd_log_collector_msg_literal( instr_ctx, "ProgramData account does not match ProgramData account" );
     743           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     744           0 :     }
     745           0 :   } else {
     746           0 :     fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
     747           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     748           0 :   }
     749             : 
     750             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1420 */
     751           0 :   fd_borrowed_account_drop( &program_account );
     752             : 
     753             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1422-L1432 */
     754           0 :   ulong old_len = fd_borrowed_account_get_data_len( &programdata_account );
     755           0 :   ulong new_len = fd_ulong_sat_add( old_len, additional_bytes );
     756           0 :   if( FD_UNLIKELY( new_len>MAX_PERMITTED_DATA_LENGTH ) ) {
     757             :     /* Max msg_sz: 85 - 6 + 2*20 = 119 < 127 => we can use printf */
     758           0 :     fd_log_collector_printf_dangerous_max_127( instr_ctx,
     759           0 :       "Extended ProgramData length of %lu bytes exceeds max account data length of %lu bytes", new_len, MAX_PERMITTED_DATA_LENGTH );
     760           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
     761           0 :   }
     762             : 
     763             :   /* https://github.com/anza-xyz/agave/blob/v4.1.0-beta.1/programs/bpf_loader/src/lib.rs#L861-L883 */
     764           0 :   if( FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, loader_v3_minimum_extend_program_size ) ) {
     765           0 :     ulong headroom = fd_ulong_sat_sub( MAX_PERMITTED_DATA_LENGTH, old_len );
     766           0 :     if( FD_UNLIKELY( additional_bytes<MINIMUM_EXTEND_PROGRAM_BYTES && additional_bytes!=headroom ) ) {
     767             :       /* Max msg_sz: 113 - (3+2) + (5+10) = 123 < 127 => we can use printf */
     768           0 :       fd_log_collector_printf_dangerous_max_127(
     769           0 :         instr_ctx,
     770           0 :         "ExtendProgram requires a minimum of %lu additional bytes or to extend to maximum size, but only %u were requested",
     771           0 :         MINIMUM_EXTEND_PROGRAM_BYTES,
     772           0 :         additional_bytes
     773           0 :       );
     774           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     775           0 :     }
     776           0 :   }
     777             : 
     778             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1434-L1437 */
     779           0 :   fd_sol_sysvar_clock_t clock[1];
     780           0 :   if( FD_UNLIKELY( !fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, clock ) ) ) {
     781           0 :     return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
     782           0 :   }
     783           0 :   ulong clock_slot = clock->slot;
     784             : 
     785             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1439-L1478 */
     786           0 :   fd_pubkey_t * upgrade_authority_address = NULL;
     787           0 :   fd_bpf_state_t programdata_state[1];
     788           0 :   err = fd_bpf_loader_program_get_state( programdata_account.acc, programdata_state );
     789           0 :   if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
     790           0 :     return err;
     791           0 :   }
     792           0 :   if( programdata_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
     793             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1444-L1447 */
     794           0 :     if( FD_UNLIKELY( clock_slot==programdata_state->inner.program_data.slot ) ) {
     795           0 :       fd_log_collector_msg_literal( instr_ctx, "Program was extended in this block already" );
     796           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     797           0 :     }
     798             : 
     799             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1449-L1455 */
     800           0 :     if( FD_UNLIKELY( !programdata_state->inner.program_data.has_upgrade_authority_address ) ) {
     801           0 :       fd_log_collector_msg_literal( instr_ctx, "Cannot extend ProgramData accounts that are not upgradeable" );
     802           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
     803           0 :     }
     804             : 
     805             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1457-L1472 */
     806           0 :     if( check_authority ) {
     807             :       /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1458-L1463 */
     808           0 :       fd_pubkey_t const * authority_key = NULL;
     809           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, AUTHORITY_ACCOUNT_INDEX, &authority_key );
     810           0 :       if( FD_UNLIKELY( err ) ) {
     811           0 :         return err;
     812           0 :       }
     813             : 
     814             :       /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1464-L1467 */
     815           0 :       if( FD_UNLIKELY( !fd_pubkey_eq( &programdata_state->inner.program_data.upgrade_authority_address, authority_key ) ) ) {
     816           0 :         fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
     817           0 :         return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
     818           0 :       }
     819             : 
     820             :       /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1468-L1471 */
     821           0 :       if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, AUTHORITY_ACCOUNT_INDEX, &err ) ) ) {
     822             :         /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
     823           0 :         if( FD_UNLIKELY( !!err ) ) return err;
     824           0 :         fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
     825           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
     826           0 :       }
     827           0 :     }
     828             : 
     829             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1474 */
     830           0 :     fd_bpf_state_program_data_t * pd = &programdata_state->inner.program_data;
     831           0 :     upgrade_authority_address = pd->has_upgrade_authority_address ? &pd->upgrade_authority_address : NULL;
     832           0 :   } else {
     833             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1476-L1477 */
     834           0 :     fd_log_collector_msg_literal( instr_ctx, "ProgramData state is invalid" );
     835           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     836           0 :   }
     837             : 
     838             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1480-L1485 */
     839           0 :   fd_rent_t rent_;
     840           0 :   fd_rent_t const * rent = fd_sysvar_cache_rent_read( instr_ctx->sysvar_cache, &rent_ );
     841           0 :   if( FD_UNLIKELY( !rent ) ) {
     842           0 :     return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
     843           0 :   }
     844             : 
     845           0 :   ulong balance          = fd_borrowed_account_get_lamports( &programdata_account );
     846           0 :   ulong min_balance      = fd_ulong_max( fd_rent_exempt_minimum_balance( rent, new_len ), 1UL );
     847           0 :   ulong required_payment = fd_ulong_sat_sub( min_balance, balance );
     848             : 
     849             :   /* Borrowed accounts need to be dropped before native invocations. Note:
     850             :      the programdata account is manually released and acquired within the
     851             :      extend instruction to preserve the local variable scoping to maintain
     852             :      readability. The scoped macro still successfully handles the case of
     853             :      freeing a write lock in case of an early termination. */
     854             : 
     855             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1488 */
     856           0 :   fd_borrowed_account_drop( &programdata_account );
     857             : 
     858             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1492-L1502 */
     859           0 :   if( FD_UNLIKELY( required_payment>0UL ) ) {
     860             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1493-L1496 */
     861           0 :     fd_pubkey_t const * payer_key = NULL;
     862           0 :     err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, optional_payer_account_index, &payer_key );
     863           0 :     if( FD_UNLIKELY( err ) ) {
     864           0 :       return err;
     865           0 :     }
     866             : 
     867             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1498-L1501 */
     868           0 :     uchar instr_data[FD_TXN_MTU];
     869           0 :     fd_system_program_instruction_t instr = {
     870           0 :       .discriminant = FD_SYSTEM_PROGRAM_INSTR_TRANSFER,
     871           0 :       .inner = {
     872           0 :         .transfer = required_payment
     873           0 :       }
     874           0 :     };
     875             : 
     876           0 :     ulong instr_data_sz;
     877           0 :     int err = fd_system_program_instruction_encode( &instr, instr_data, FD_TXN_MTU, &instr_data_sz );
     878           0 :     if( FD_UNLIKELY( err ) ) {
     879           0 :       FD_LOG_CRIT(( "Failed to encode SystemInstruction with error %d", err ));
     880           0 :     }
     881             : 
     882           0 :     fd_vm_rust_account_meta_t acct_metas[ 2UL ];
     883           0 :     fd_native_cpi_create_account_meta( payer_key,       1UL, 1UL, &acct_metas[ 0UL ] );
     884           0 :     fd_native_cpi_create_account_meta( programdata_key, 0UL, 1UL, &acct_metas[ 1UL ] );
     885             : 
     886           0 :     err = fd_native_cpi_native_invoke( instr_ctx,
     887           0 :                                        &fd_solana_system_program_id,
     888           0 :                                        instr_data,
     889           0 :                                        instr_data_sz,
     890           0 :                                        acct_metas,
     891           0 :                                        2UL,
     892           0 :                                        NULL,
     893           0 :                                        0UL );
     894           0 :     if( FD_UNLIKELY( err ) ) {
     895           0 :       return err;
     896           0 :     }
     897           0 :   }
     898             : 
     899             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1506-L1507 */
     900           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, PROGRAM_DATA_ACCOUNT_INDEX, &programdata_account );
     901             : 
     902             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1508 */
     903           0 :   err = fd_borrowed_account_set_data_length( &programdata_account, new_len );
     904           0 :   if( FD_UNLIKELY( err ) ) {
     905           0 :     return err;
     906           0 :   }
     907             : 
     908             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1510 */
     909           0 :   ulong programdata_data_offset = PROGRAMDATA_METADATA_SIZE;
     910             : 
     911             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1517-L1520 */
     912           0 :   if( FD_UNLIKELY( programdata_data_offset>fd_borrowed_account_get_data_len( &programdata_account ) ) ) {
     913           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     914           0 :   }
     915           0 :   uchar const * programdata_data = fd_borrowed_account_get_data( &programdata_account ) + programdata_data_offset;
     916           0 :   ulong         programdata_size = new_len - PROGRAMDATA_METADATA_SIZE;
     917             : 
     918             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1512-L1522 */
     919             :   /* SIMD-0500: extend_program is exempt from the deployment-version gate. */
     920           0 :   err = fd_deploy_program( instr_ctx, programdata_data, programdata_size, /* disable_sbpf_v0_v1_v2_deployment */ 0 );
     921           0 :   if( FD_UNLIKELY( err ) ) {
     922           0 :     return err;
     923           0 :   }
     924             : 
     925             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1523 */
     926           0 :   fd_borrowed_account_drop( &programdata_account );
     927             : 
     928             :   /* Setting the discriminant and upgrade authority address here can likely
     929             :      be a no-op because these values shouldn't change. These can probably be
     930             :      removed, but can help to mirror against Agave client's implementation.
     931             :      The set_state function also contains an ownership check. */
     932             : 
     933             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1525-L1526 */
     934           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata_account );
     935             : 
     936             :   /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1527-L1530 */
     937           0 :   programdata_state->discriminant            = FD_BPF_STATE_PROGRAM_DATA;
     938           0 :   programdata_state->inner.program_data.slot = clock_slot;
     939           0 :   programdata_state->inner.program_data.has_upgrade_authority_address = !!upgrade_authority_address;
     940           0 :   if( upgrade_authority_address ) programdata_state->inner.program_data.upgrade_authority_address = *upgrade_authority_address;
     941             : 
     942           0 :   err = fd_bpf_loader_v3_program_set_state( &programdata_account, programdata_state );
     943           0 :   if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
     944           0 :     return err;
     945           0 :   }
     946             : 
     947             :   /* Max msg_sz: 41 - 2 + 20 = 57 < 127 => we can use printf
     948             :      https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1532-L1536 */
     949           0 :   fd_log_collector_printf_dangerous_max_127( instr_ctx,
     950           0 :     "Extended ProgramData account by %u bytes", additional_bytes );
     951             : 
     952             :   /* programdata account is dropped when it goes out of scope */
     953             : 
     954           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     955             : 
     956           0 :   #undef PROGRAM_DATA_ACCOUNT_INDEX
     957           0 :   #undef PROGRAM_ACCOUNT_INDEX
     958           0 :   #undef AUTHORITY_ACCOUNT_INDEX
     959           0 : }
     960             : 
     961             : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L566-L1444 */
     962             : static int
     963           6 : process_loader_upgradeable_instruction( fd_exec_instr_ctx_t * instr_ctx ) {
     964           6 :   fd_bpf_instruction_t instruction[1] = {0};
     965           6 :   if( FD_UNLIKELY( fd_bpf_instruction_decode(
     966           6 :       instruction,
     967           6 :       instr_ctx->instr->data,
     968           6 :       fd_ulong_min( instr_ctx->instr->data_sz, FD_TXN_MTU ) ) ) ) {
     969           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
     970           0 :   }
     971             :   /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L510 */
     972           6 :   fd_pubkey_t const * program_id = NULL;
     973           6 :   int err = fd_exec_instr_ctx_get_last_program_key( instr_ctx, &program_id );
     974           6 :   if( FD_UNLIKELY( err ) ) {
     975           0 :     return err;
     976           0 :   }
     977             : 
     978           6 :   switch( instruction->discriminant ) {
     979             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L476-L493 */
     980           0 :     case FD_BPF_INSTR_INITIALIZE_BUFFER: {
     981           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
     982           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
     983           0 :       }
     984             : 
     985             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L479 */
     986           0 :       fd_guarded_borrowed_account_t buffer = {0};
     987           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &buffer );
     988             : 
     989           0 :       fd_bpf_state_t buffer_state[1];
     990           0 :       err = fd_bpf_loader_program_get_state( buffer.acc, buffer_state );
     991           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
     992           0 :         return err;
     993           0 :       }
     994             : 
     995           0 :       if( FD_UNLIKELY( buffer_state->discriminant!=FD_BPF_STATE_UNINITIALIZED ) ) {
     996           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account already initialized" );
     997           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
     998           0 :       }
     999             : 
    1000             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L487-L489 */
    1001           0 :       fd_pubkey_t const * authority_key = NULL;
    1002           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &authority_key );
    1003           0 :       if( FD_UNLIKELY( err ) ) {
    1004           0 :         return err;
    1005           0 :       }
    1006             : 
    1007           0 :       buffer_state->discriminant                       = FD_BPF_STATE_BUFFER;
    1008           0 :       buffer_state->inner.buffer.has_authority_address = 1;
    1009           0 :       buffer_state->inner.buffer.authority_address     = *authority_key;
    1010             : 
    1011           0 :       err = fd_bpf_loader_v3_program_set_state( &buffer, buffer_state );
    1012           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1013           0 :         return err;
    1014           0 :       }
    1015             : 
    1016             :       /* implicit drop of buffer account */
    1017             : 
    1018           0 :       break;
    1019           0 :     }
    1020             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L494-L525 */
    1021           0 :     case FD_BPF_INSTR_WRITE: {
    1022           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
    1023           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1024           0 :       }
    1025             : 
    1026             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L497 */
    1027           0 :       fd_guarded_borrowed_account_t buffer = {0};
    1028           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &buffer );
    1029             : 
    1030           0 :       fd_bpf_state_t loader_state[1];
    1031           0 :       err = fd_bpf_loader_program_get_state( buffer.acc, loader_state );
    1032           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1033           0 :         return err;
    1034           0 :       }
    1035             : 
    1036           0 :       if( loader_state->discriminant==FD_BPF_STATE_BUFFER ) {
    1037           0 :         if( FD_UNLIKELY( !loader_state->inner.buffer.has_authority_address ) ) {
    1038           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
    1039           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1040           0 :         }
    1041             : 
    1042             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L505-L507 */
    1043           0 :         fd_pubkey_t const * authority_key = NULL;
    1044           0 :         err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &authority_key );
    1045           0 :         if( FD_UNLIKELY( err ) ) {
    1046           0 :           return err;
    1047           0 :         }
    1048             : 
    1049           0 :         if( FD_UNLIKELY( !fd_pubkey_eq( &loader_state->inner.buffer.authority_address, authority_key ) ) ) {
    1050           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
    1051           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1052           0 :         }
    1053           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &err ) ) ) {
    1054             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1055           0 :           if( FD_UNLIKELY( !!err ) ) return err;
    1056           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
    1057           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1058           0 :         }
    1059           0 :       } else {
    1060           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
    1061           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1062           0 :       }
    1063             : 
    1064             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L520 */
    1065           0 :       fd_borrowed_account_drop( &buffer );
    1066             : 
    1067           0 :       ulong program_data_offset = fd_ulong_sat_add( BUFFER_METADATA_SIZE, instruction->inner.write.offset );
    1068           0 :       err = write_program_data( instr_ctx,
    1069           0 :                                 0UL,
    1070           0 :                                 program_data_offset,
    1071           0 :                                 instruction->inner.write.bytes,
    1072           0 :                                 instruction->inner.write.bytes_len );
    1073           0 :       if( FD_UNLIKELY( err ) ) {
    1074           0 :         return err;
    1075           0 :       }
    1076             : 
    1077           0 :       break;
    1078           0 :     }
    1079             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L526-L702 */
    1080           0 :     case FD_BPF_INSTR_DEPLOY_WITH_MAX_DATA_LEN: {
    1081             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L527-L541 */
    1082           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 4U ) ) ) {
    1083           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1084           0 :       }
    1085             : 
    1086             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L529-L534 */
    1087           0 :       fd_pubkey_t const * payer_key       = NULL;
    1088           0 :       fd_pubkey_t const * programdata_key = NULL;
    1089             : 
    1090           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &payer_key );
    1091           0 :       if( FD_UNLIKELY( err ) ) {
    1092           0 :         return err;
    1093           0 :       }
    1094             : 
    1095           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &programdata_key );
    1096           0 :       if( FD_UNLIKELY( err ) ) {
    1097           0 :         return err;
    1098           0 :       }
    1099             : 
    1100           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 4UL, &fd_sysvar_rent_id );
    1101           0 :       if( FD_UNLIKELY( err ) ) {
    1102           0 :         return err;
    1103           0 :       }
    1104             : 
    1105           0 :       fd_rent_t rent_;
    1106           0 :       fd_rent_t const * rent = fd_sysvar_cache_rent_read( instr_ctx->sysvar_cache, &rent_ );
    1107           0 :       if( FD_UNLIKELY( !rent ) ) {
    1108           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1109           0 :       }
    1110             : 
    1111           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 5UL, &fd_sysvar_clock_id );
    1112           0 :       if( FD_UNLIKELY( err ) ) {
    1113           0 :         return err;
    1114           0 :       }
    1115             : 
    1116           0 :       fd_sol_sysvar_clock_t clock_;
    1117           0 :       fd_sol_sysvar_clock_t const * clock = fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, &clock_ );
    1118           0 :       if( FD_UNLIKELY( !clock ) ) {
    1119           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1120           0 :       }
    1121             : 
    1122             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L538 */
    1123           0 :       if( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 8U ) ) {
    1124           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1125           0 :       }
    1126             : 
    1127             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L539-L541 */
    1128           0 :       fd_pubkey_t const * authority_key = NULL;
    1129           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 7UL, &authority_key );
    1130           0 :       if( FD_UNLIKELY( err ) ) return err;
    1131             : 
    1132             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L542-L560 */
    1133             :       /* Verify Program account */
    1134           0 :       fd_pubkey_t const * new_program_id = NULL;
    1135             : 
    1136             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L545 */
    1137           0 :       fd_guarded_borrowed_account_t program = {0};
    1138           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &program );
    1139             : 
    1140           0 :       fd_bpf_state_t loader_state[1];
    1141           0 :       int err = fd_bpf_loader_program_get_state( program.acc, loader_state );
    1142           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1143           0 :         return err;
    1144           0 :       }
    1145           0 :       if( FD_UNLIKELY( loader_state->discriminant!=FD_BPF_STATE_UNINITIALIZED ) ) {
    1146           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account already initialized" );
    1147           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
    1148           0 :       }
    1149           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &program )<SIZE_OF_PROGRAM ) ) {
    1150           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account too small" );
    1151           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1152           0 :       }
    1153           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_lamports( &program )<
    1154           0 :                        fd_rent_exempt_minimum_balance( rent, fd_borrowed_account_get_data_len( &program ) ) ) ) {
    1155           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not rent-exempt" );
    1156           0 :         return FD_EXECUTOR_INSTR_ERR_EXECUTABLE_ACCOUNT_NOT_RENT_EXEMPT;
    1157           0 :       }
    1158           0 :       new_program_id = (fd_pubkey_t*)program.acc->pubkey;
    1159             : 
    1160             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L560 */
    1161           0 :       fd_borrowed_account_drop( &program );
    1162             : 
    1163             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L561-L600 */
    1164             :       /* Verify Buffer account */
    1165             : 
    1166           0 :       fd_pubkey_t const* buffer_key         = NULL;
    1167           0 :       ulong              buffer_data_offset = 0UL;
    1168           0 :       ulong              buffer_data_len    = 0UL;
    1169           0 :       ulong              programdata_len    = 0UL;
    1170             : 
    1171             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L564-L565 */
    1172           0 :       fd_guarded_borrowed_account_t buffer = {0};
    1173           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
    1174             : 
    1175           0 :       fd_bpf_state_t buffer_state[1];
    1176           0 :       err = fd_bpf_loader_program_get_state( buffer.acc, buffer_state );
    1177           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1178           0 :         return err;
    1179           0 :       }
    1180             : 
    1181           0 :       if( buffer_state->discriminant==FD_BPF_STATE_BUFFER ) {
    1182           0 :         if( FD_UNLIKELY( (authority_key==NULL) != (!buffer_state->inner.buffer.has_authority_address) ||
    1183           0 :             (authority_key!=NULL && !fd_pubkey_eq( &buffer_state->inner.buffer.authority_address, authority_key ) ) ) ) {
    1184           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer and upgrade authority don't match" );
    1185           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1186           0 :         }
    1187           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 7UL, &err ) ) ) {
    1188             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1189           0 :           if( FD_UNLIKELY( !!err ) ) return err;
    1190           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1191           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1192           0 :         }
    1193           0 :       } else {
    1194           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
    1195           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1196           0 :       }
    1197           0 :       buffer_key         = (fd_pubkey_t*)buffer.acc->pubkey;
    1198           0 :       buffer_data_offset = BUFFER_METADATA_SIZE;
    1199           0 :       buffer_data_len    = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &buffer ), buffer_data_offset );
    1200             :       /* UpgradeableLoaderState::size_of_program_data( max_data_len ) */
    1201           0 :       programdata_len    = fd_ulong_sat_add( PROGRAMDATA_METADATA_SIZE,
    1202           0 :                                              instruction->inner.deploy_with_max_data_len.max_data_len );
    1203             : 
    1204           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &buffer )<BUFFER_METADATA_SIZE || buffer_data_len==0UL ) ) {
    1205           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account too small" );
    1206           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1207           0 :       }
    1208             : 
    1209           0 :       if( FD_UNLIKELY( instruction->inner.deploy_with_max_data_len.max_data_len<buffer_data_len ) ) {
    1210           0 :         fd_log_collector_msg_literal( instr_ctx, "Max data length is too small to hold Buffer data" );
    1211           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1212           0 :       }
    1213             : 
    1214           0 :       if( FD_UNLIKELY( programdata_len>MAX_PERMITTED_DATA_LENGTH ) ) {
    1215           0 :         fd_log_collector_msg_literal( instr_ctx, "Max data length is too large" );
    1216           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1217           0 :       }
    1218             : 
    1219             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L590 */
    1220           0 :       fd_borrowed_account_drop( &buffer );
    1221             : 
    1222             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L602-L608 */
    1223             :       /* Create ProgramData account */
    1224             : 
    1225           0 :       fd_pubkey_t derived_address[ 1UL ];
    1226           0 :       uchar const * seeds[ 1UL ];
    1227           0 :       seeds[ 0UL ]    = (uchar const *)new_program_id;
    1228           0 :       ulong seed_sz   = sizeof(fd_pubkey_t);
    1229           0 :       uchar bump_seed = 0;
    1230           0 :       err = fd_pubkey_find_program_address( program_id, 1UL, seeds, &seed_sz, derived_address,
    1231           0 :                                             &bump_seed, &instr_ctx->txn_out->err.custom_err );
    1232           0 :       if( FD_UNLIKELY( err ) ) {
    1233             :         /* TODO: We should handle these errors more gracefully instead of just killing the client (e.g. excluding the transaction
    1234             :            from the block). */
    1235           0 :         FD_LOG_ERR(( "Unable to find a viable program address bump seed" )); // Solana panics, error code is undefined
    1236           0 :         return err;
    1237           0 :       }
    1238           0 :       if( FD_UNLIKELY( memcmp( derived_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
    1239           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData address is not derived" );
    1240           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1241           0 :       }
    1242             : 
    1243             :       /* Drain the Buffer account to payer before paying for programdata account in a local scope
    1244             :          https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L612-L628 */
    1245             : 
    1246           0 :       do {
    1247             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L615 */
    1248           0 :         fd_guarded_borrowed_account_t payer = {0};
    1249           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &payer );
    1250             : 
    1251             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L613 */
    1252           0 :         fd_guarded_borrowed_account_t buffer = {0};
    1253           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
    1254             : 
    1255           0 :         err = fd_borrowed_account_checked_add_lamports( &payer, fd_borrowed_account_get_lamports( &buffer ) );
    1256           0 :         if( FD_UNLIKELY( err ) ) {
    1257           0 :           return err;
    1258           0 :         }
    1259           0 :         err = fd_borrowed_account_set_lamports( &buffer, 0UL );
    1260           0 :         if( FD_UNLIKELY( err ) ) {
    1261           0 :           return err;
    1262           0 :         }
    1263           0 :       } while (0);
    1264             : 
    1265             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L628-L642 */
    1266             :       /* Pass an extra account to avoid the overly strict unbalanced instruction error */
    1267             :       /* Invoke the system program to create the new account */
    1268           0 :       uchar instr_data[FD_TXN_MTU];
    1269           0 :       create_account_t create_acct = {
    1270           0 :         .lamports = fd_rent_exempt_minimum_balance( rent, programdata_len ),
    1271           0 :         .space    = programdata_len,
    1272           0 :         .owner    = *program_id,
    1273           0 :       };
    1274           0 :       if( !create_acct.lamports ) {
    1275           0 :         create_acct.lamports = 1UL;
    1276           0 :       }
    1277             : 
    1278           0 :       fd_system_program_instruction_t instr = {
    1279           0 :         .discriminant = FD_SYSTEM_PROGRAM_INSTR_CREATE_ACCOUNT,
    1280           0 :         .inner = {
    1281           0 :           .create_account = create_acct,
    1282           0 :         }
    1283           0 :       };
    1284             : 
    1285           0 :       ulong instr_data_sz;
    1286           0 :       err = fd_system_program_instruction_encode( &instr, instr_data, FD_TXN_MTU, &instr_data_sz );
    1287           0 :       if( FD_UNLIKELY( err ) ) {
    1288           0 :         FD_LOG_CRIT(( "Failed to encode SystemInstruction with error %d", err ));
    1289           0 :       }
    1290             : 
    1291           0 :       fd_vm_rust_account_meta_t acct_metas[ 3UL ];
    1292           0 :       fd_native_cpi_create_account_meta( payer_key,       1U, 1U, &acct_metas[ 0UL ] );
    1293           0 :       fd_native_cpi_create_account_meta( programdata_key, 1U, 1U, &acct_metas[ 1UL ] );
    1294           0 :       fd_native_cpi_create_account_meta( buffer_key,      0U, 1U, &acct_metas[ 2UL ] );
    1295             : 
    1296             :       /* caller_program_id == program_id */
    1297           0 :       fd_pubkey_t signers[ 1UL ];
    1298           0 :       err = fd_pubkey_derive_pda( program_id, 1UL, seeds, &seed_sz, &bump_seed, signers, &instr_ctx->txn_out->err.custom_err );
    1299           0 :       if( FD_UNLIKELY( err ) ) {
    1300           0 :         return err;
    1301           0 :       }
    1302           0 :       err = fd_native_cpi_native_invoke( instr_ctx,
    1303           0 :                                          &fd_solana_system_program_id,
    1304           0 :                                          instr_data,
    1305           0 :                                          instr_data_sz,
    1306           0 :                                          acct_metas,
    1307           0 :                                          3UL,
    1308           0 :                                          signers,
    1309           0 :                                          1UL );
    1310           0 :       if( FD_UNLIKELY( err ) ) {
    1311           0 :         return err;
    1312           0 :       }
    1313             : 
    1314             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L644-L665 */
    1315             :       /* Load and verify the program bits */
    1316             : 
    1317             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L648-L649 */
    1318           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
    1319             : 
    1320           0 :       if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
    1321           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1322           0 :       }
    1323             : 
    1324           0 :       const uchar * buffer_data = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1325             : 
    1326           0 :       err = fd_deploy_program( instr_ctx, buffer_data, buffer_data_len,
    1327           0 :                                FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, disable_sbpf_v0_v1_v2_deployment ) );
    1328           0 :       if( FD_UNLIKELY( err ) ) {
    1329           0 :         return err;
    1330           0 :       }
    1331             : 
    1332             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L657 */
    1333           0 :       fd_borrowed_account_drop( &buffer );
    1334             : 
    1335             :       /* Update the ProgramData account and record the program bits in a local scope
    1336             :          https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L669-L691 */
    1337           0 :       do {
    1338             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L670-L671 */
    1339           0 :         fd_guarded_borrowed_account_t programdata = {0};
    1340           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &programdata );
    1341             : 
    1342           0 :         fd_bpf_state_t programdata_loader_state = {
    1343           0 :           .discriminant = FD_BPF_STATE_PROGRAM_DATA,
    1344           0 :           .inner.program_data = {
    1345           0 :             .slot                          = clock->slot,
    1346           0 :             .has_upgrade_authority_address = !!authority_key,
    1347           0 :             .upgrade_authority_address     = authority_key ? *authority_key : (fd_pubkey_t){{0}},
    1348           0 :           },
    1349           0 :         };
    1350           0 :         err = fd_bpf_loader_v3_program_set_state( &programdata, &programdata_loader_state );
    1351           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1352           0 :           return err;
    1353           0 :         }
    1354             : 
    1355             :         /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L675-L689 */
    1356           0 :         if( FD_UNLIKELY( PROGRAMDATA_METADATA_SIZE+buffer_data_len>fd_borrowed_account_get_data_len( &programdata ) ) ) {
    1357           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1358           0 :         }
    1359             : 
    1360           0 :         uchar * programdata_data = NULL;
    1361           0 :         ulong   programdata_dlen = 0UL;
    1362           0 :         err = fd_borrowed_account_get_data_mut( &programdata, &programdata_data, &programdata_dlen );
    1363           0 :         if( FD_UNLIKELY( err ) ) {
    1364           0 :           return err;
    1365           0 :         }
    1366             : 
    1367           0 :         uchar *   dst_slice = programdata_data + PROGRAMDATA_METADATA_SIZE;
    1368           0 :         ulong dst_slice_len = buffer_data_len;
    1369             : 
    1370             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L683-L684 */
    1371           0 :         fd_guarded_borrowed_account_t buffer = {0};
    1372           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
    1373             : 
    1374           0 :         if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
    1375           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1376           0 :         }
    1377           0 :         const uchar * src_slice = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1378           0 :         fd_memcpy( dst_slice, src_slice, dst_slice_len );
    1379             :         /* Update buffer data length.
    1380             :           BUFFER_METADATA_SIZE == UpgradeableLoaderState::size_of_buffer(0) */
    1381           0 :         err = fd_borrowed_account_set_data_length( &buffer, BUFFER_METADATA_SIZE );
    1382           0 :         if( FD_UNLIKELY( err ) ) {
    1383           0 :           return err;
    1384           0 :         }
    1385           0 :       } while(0);
    1386             : 
    1387             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L692-L699 */
    1388             : 
    1389             :       /* Update the Program account
    1390             :          https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L694-L695 */
    1391           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &program );
    1392             : 
    1393           0 :       loader_state->discriminant = FD_BPF_STATE_PROGRAM;
    1394           0 :       loader_state->inner.program.programdata_address =  *programdata_key;
    1395           0 :       err = fd_bpf_loader_v3_program_set_state( &program, loader_state );
    1396           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1397           0 :         return err;
    1398           0 :       }
    1399           0 :       err = fd_borrowed_account_set_executable( &program, 1 );
    1400           0 :       if( FD_UNLIKELY( err ) ) {
    1401           0 :         return err;
    1402           0 :       }
    1403             : 
    1404           0 :       FD_BASE58_ENCODE_32_BYTES( program.acc->pubkey, program_b58 );
    1405           0 :       FD_LOG_INFO(( "Program deployed %s", program_b58 ));
    1406             : 
    1407             :       /* Max msg_sz: 19 - 2 + 45 = 62 < 127 => we can use printf */
    1408           0 :       FD_BASE58_ENCODE_32_BYTES( program_id->uc, program_id_b58 );
    1409           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "Deployed program %s", program_id_b58 );
    1410             : 
    1411             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L700 */
    1412           0 :       fd_borrowed_account_drop( &program );
    1413             : 
    1414           0 :       break;
    1415           0 :     }
    1416             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L703-L891 */
    1417           0 :     case FD_BPF_INSTR_UPGRADE: {
    1418             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L704-L714 */
    1419           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1420           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1421           0 :       }
    1422             : 
    1423             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L706-L708 */
    1424           0 :       fd_pubkey_t const * programdata_key = NULL;
    1425           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &programdata_key );
    1426           0 :       if( FD_UNLIKELY( err ) ) {
    1427           0 :         return err;
    1428           0 :       }
    1429             : 
    1430             :       /* rent is accessed directly from the epoch bank and the clock from the
    1431             :         slot context. However, a check must be done to make sure that the
    1432             :         sysvars are correctly included in the set of transaction accounts. */
    1433           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 4UL, &fd_sysvar_rent_id );
    1434           0 :       if( FD_UNLIKELY( err ) ) {
    1435           0 :         return err;
    1436           0 :       }
    1437             : 
    1438           0 :       fd_rent_t rent_;
    1439           0 :       fd_rent_t const * rent = fd_sysvar_cache_rent_read( instr_ctx->sysvar_cache, &rent_ );
    1440           0 :       if( FD_UNLIKELY( !rent ) ) {
    1441           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1442           0 :       }
    1443             : 
    1444           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 5UL, &fd_sysvar_clock_id );
    1445           0 :       if( FD_UNLIKELY( err ) ) {
    1446           0 :         return err;
    1447           0 :       }
    1448             : 
    1449           0 :       fd_sol_sysvar_clock_t clock_;
    1450           0 :       fd_sol_sysvar_clock_t const * clock = fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, &clock_ );
    1451           0 :       if( FD_UNLIKELY( !clock ) ) {
    1452           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1453           0 :       }
    1454             : 
    1455           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 7U ) ) ) {
    1456           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1457           0 :       }
    1458             : 
    1459             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L713-L715 */
    1460           0 :       fd_pubkey_t const * authority_key = NULL;
    1461           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 6UL, &authority_key );
    1462           0 :       if( FD_UNLIKELY( err ) ) return err;
    1463             : 
    1464             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L716-L745 */
    1465             :       /* Verify Program account */
    1466             : 
    1467             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L719-L720 */
    1468           0 :       fd_guarded_borrowed_account_t program = {0};
    1469           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &program );
    1470             : 
    1471           0 :       if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program ) ) ) {
    1472           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not writeable" );
    1473           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1474           0 :       }
    1475           0 :       if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program ), program_id, sizeof(fd_pubkey_t) ) ) ) {
    1476           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
    1477           0 :         return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    1478           0 :       }
    1479           0 :       fd_bpf_state_t program_state[1];
    1480           0 :       err = fd_bpf_loader_program_get_state( program.acc, program_state );
    1481           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1482           0 :         return err;
    1483           0 :       }
    1484           0 :       if( FD_UNLIKELY( program_state->discriminant==FD_BPF_STATE_PROGRAM ) ) {
    1485           0 :         if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
    1486           0 :           fd_log_collector_msg_literal( instr_ctx, "Program and ProgramData account mismatch" );
    1487           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1488           0 :         }
    1489           0 :       } else {
    1490           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
    1491           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1492           0 :       }
    1493             : 
    1494             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L746 */
    1495           0 :       fd_pubkey_t new_program_id = *(fd_pubkey_t*)program.acc->pubkey;
    1496           0 :       fd_borrowed_account_drop( &program );
    1497             : 
    1498             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L747-L773 */
    1499             :       /* Verify Buffer account */
    1500             : 
    1501           0 :       ulong buffer_lamports    = 0UL;
    1502           0 :       ulong buffer_data_offset = 0UL;
    1503           0 :       ulong buffer_data_len    = 0UL;
    1504             : 
    1505             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L750-L751 */
    1506           0 :       fd_guarded_borrowed_account_t buffer = {0};
    1507           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1508             : 
    1509           0 :       fd_bpf_state_t buffer_state[1];
    1510           0 :       err = fd_bpf_loader_program_get_state( buffer.acc, buffer_state );
    1511           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1512           0 :         return err;
    1513           0 :       }
    1514           0 :       if( buffer_state->discriminant==FD_BPF_STATE_BUFFER ) {
    1515           0 :         if( FD_UNLIKELY( (authority_key==NULL) != (!buffer_state->inner.buffer.has_authority_address) ||
    1516           0 :             (authority_key!=NULL && !fd_pubkey_eq( &buffer_state->inner.buffer.authority_address, authority_key ) ) ) ) {
    1517           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer and upgrade authority don't match" );
    1518           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1519           0 :         }
    1520           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 6UL, &err ) ) ) {
    1521             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1522           0 :           if( FD_UNLIKELY( !!err ) ) return err;
    1523           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1524           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1525           0 :         }
    1526           0 :       } else {
    1527           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
    1528           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1529           0 :       }
    1530           0 :       buffer_lamports    = fd_borrowed_account_get_lamports( &buffer );
    1531           0 :       buffer_data_offset = BUFFER_METADATA_SIZE;
    1532           0 :       buffer_data_len    = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &buffer ), buffer_data_offset );
    1533           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &buffer )<BUFFER_METADATA_SIZE || buffer_data_len==0UL ) ) {
    1534           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account too small" );
    1535           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1536           0 :       }
    1537             : 
    1538             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L774 */
    1539           0 :       fd_borrowed_account_drop( &buffer );
    1540             : 
    1541             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L775-L823 */
    1542             :       /* Verify ProgramData account */
    1543             : 
    1544           0 :       ulong programdata_data_offset      = PROGRAMDATA_METADATA_SIZE;
    1545           0 :       ulong programdata_balance_required = 0UL;
    1546             : 
    1547             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L778-L779 */
    1548           0 :       fd_guarded_borrowed_account_t programdata = {0};
    1549           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
    1550             : 
    1551           0 :       programdata_balance_required = fd_ulong_max( 1UL, fd_rent_exempt_minimum_balance( rent, fd_borrowed_account_get_data_len( &programdata ) ) );
    1552             : 
    1553           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &programdata )<fd_ulong_sat_add( PROGRAMDATA_METADATA_SIZE, buffer_data_len ) ) ) {
    1554           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData account not large enough" );
    1555           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1556           0 :       }
    1557           0 :       if( FD_UNLIKELY( fd_ulong_sat_add( fd_borrowed_account_get_lamports( &programdata ), buffer_lamports )<programdata_balance_required ) ) {
    1558           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account balance too low to fund upgrade" );
    1559           0 :         return FD_EXECUTOR_INSTR_ERR_INSUFFICIENT_FUNDS;
    1560           0 :       }
    1561             : 
    1562           0 :       fd_bpf_state_t programdata_state[1];
    1563           0 :       err = fd_bpf_loader_program_get_state( programdata.acc, programdata_state );
    1564           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1565           0 :         return err;
    1566           0 :       }
    1567             : 
    1568           0 :       if( programdata_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
    1569           0 :         if( FD_UNLIKELY( clock->slot==programdata_state->inner.program_data.slot ) ) {
    1570           0 :           fd_log_collector_msg_literal( instr_ctx, "Program was deployed in this block already" );
    1571           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1572           0 :         }
    1573           0 :         if( FD_UNLIKELY( !programdata_state->inner.program_data.has_upgrade_authority_address ) ) {
    1574           0 :           fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
    1575           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1576           0 :         }
    1577           0 :         if( FD_UNLIKELY( !fd_pubkey_eq( &programdata_state->inner.program_data.upgrade_authority_address, authority_key ) ) ) {
    1578           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
    1579           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1580           0 :         }
    1581           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 6UL, &err ) ) ) {
    1582             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1583           0 :           if( FD_UNLIKELY( !!err ) ) return err;
    1584           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1585           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1586           0 :         }
    1587           0 :       } else {
    1588           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid ProgramData account" );
    1589           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1590           0 :       }
    1591             : 
    1592             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L824 */
    1593           0 :       fd_borrowed_account_drop( &programdata );
    1594             : 
    1595             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L825-L845 */
    1596             :       /* Load and verify the program bits */
    1597             : 
    1598             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L827-L828 */
    1599           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1600             : 
    1601           0 :       if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
    1602           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1603           0 :       }
    1604             : 
    1605           0 :       const uchar * buffer_data = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1606           0 :       err = fd_deploy_program( instr_ctx, buffer_data, buffer_data_len,
    1607           0 :                                FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, disable_sbpf_v0_v1_v2_deployment ) );
    1608           0 :       if( FD_UNLIKELY( err ) ) {
    1609           0 :         return err;
    1610           0 :       }
    1611             : 
    1612             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L836 */
    1613           0 :       fd_borrowed_account_drop( &buffer );
    1614             : 
    1615             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L849-L850 */
    1616           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
    1617             : 
    1618             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L846-L874 */
    1619             :       /* Update the ProgramData account, record the upgraded data, and zero the rest in a local scope */
    1620           0 :       do {
    1621           0 :         programdata_state->discriminant                                     = FD_BPF_STATE_PROGRAM_DATA;
    1622           0 :         programdata_state->inner.program_data.slot                          = clock->slot;
    1623           0 :         programdata_state->inner.program_data.has_upgrade_authority_address = 1;
    1624           0 :         programdata_state->inner.program_data.upgrade_authority_address     = *authority_key;
    1625           0 :         err = fd_bpf_loader_v3_program_set_state( &programdata, programdata_state );
    1626           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1627           0 :           return err;
    1628           0 :         }
    1629             : 
    1630             :         /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L846-L875 */
    1631             :         /* We want to copy over the data and zero out the rest */
    1632           0 :         if( FD_UNLIKELY( programdata_data_offset+buffer_data_len>fd_borrowed_account_get_data_len( &programdata ) ) ) {
    1633           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1634           0 :         }
    1635             : 
    1636           0 :         uchar * programdata_data = NULL;
    1637           0 :         ulong   programdata_dlen = 0UL;
    1638           0 :         err = fd_borrowed_account_get_data_mut( &programdata, &programdata_data, &programdata_dlen );
    1639           0 :         if( FD_UNLIKELY( err ) ) {
    1640           0 :           return err;
    1641           0 :         }
    1642           0 :         uchar * dst_slice     = programdata_data + programdata_data_offset;
    1643           0 :         ulong   dst_slice_len = buffer_data_len;
    1644             : 
    1645             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L863-L864 */
    1646           0 :         fd_guarded_borrowed_account_t buffer = {0};
    1647           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1648             : 
    1649           0 :         if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ){
    1650           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1651           0 :         }
    1652             : 
    1653           0 :         const uchar * src_slice = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1654           0 :         fd_memcpy( dst_slice, src_slice, dst_slice_len );
    1655           0 :         fd_memset( dst_slice + dst_slice_len, 0, fd_borrowed_account_get_data_len( &programdata ) - programdata_data_offset - dst_slice_len );
    1656             : 
    1657             :         /* implicit drop of buffer */
    1658           0 :       } while (0);
    1659             : 
    1660             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L876-L891 */
    1661             :       /* Fund ProgramData to rent-exemption, spill the rest */
    1662             : 
    1663             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L878-L879 */
    1664           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1665             : 
    1666             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L880-L881 */
    1667           0 :       fd_guarded_borrowed_account_t spill = {0};
    1668           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &spill );
    1669             : 
    1670           0 :       ulong spill_addend = fd_ulong_sat_sub( fd_ulong_sat_add( fd_borrowed_account_get_lamports( &programdata ), buffer_lamports ),
    1671           0 :                                             programdata_balance_required );
    1672           0 :       err = fd_borrowed_account_checked_add_lamports( &spill, spill_addend );
    1673           0 :       if( FD_UNLIKELY( err ) ) {
    1674           0 :         return err;
    1675           0 :       }
    1676           0 :       err = fd_borrowed_account_set_lamports( &buffer, 0UL );
    1677           0 :       if( FD_UNLIKELY( err ) ) {
    1678           0 :         return err;
    1679           0 :       }
    1680           0 :       err = fd_borrowed_account_set_lamports( &programdata, programdata_balance_required );
    1681           0 :       if( FD_UNLIKELY( err ) ) {
    1682           0 :         return err;
    1683           0 :       }
    1684             : 
    1685             :       /* Buffer account set_data_length */
    1686           0 :       err = fd_borrowed_account_set_data_length( &buffer, BUFFER_METADATA_SIZE );
    1687           0 :       if( FD_UNLIKELY( err ) ) {
    1688           0 :         return err;
    1689           0 :       }
    1690             : 
    1691             :       /* buffer is dropped when it goes out of scope */
    1692             :       /* spill is dropped when it goes out of scope */
    1693             :       /* programdata is dropped when it goes out of scope */
    1694             : 
    1695             :       /* Max msg_sz: 19 - 2 + 45 = 62 < 127 => we can use printf */
    1696           0 :       FD_BASE58_ENCODE_32_BYTES( new_program_id.uc, program_id_b58 );
    1697           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "Upgraded program %s", program_id_b58 );
    1698             : 
    1699           0 :       break;
    1700           0 :     }
    1701             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L893-L957 */
    1702           0 :     case FD_BPF_INSTR_SET_AUTHORITY: {
    1703           0 :       int err;
    1704           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
    1705           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1706           0 :       }
    1707             : 
    1708             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L896-L897 */
    1709           0 :       fd_guarded_borrowed_account_t account = {0};
    1710           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &account );
    1711             : 
    1712             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L898-L900 */
    1713           0 :       fd_pubkey_t const * present_authority_key = NULL;
    1714           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &present_authority_key );
    1715           0 :       if( FD_UNLIKELY( err ) ) {
    1716           0 :         return err;
    1717           0 :       }
    1718             : 
    1719             :       /* Don't check the error here because the new_authority key is allowed to be NULL until further checks.
    1720             :          https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L901-L906 */
    1721           0 :       fd_pubkey_t const * new_authority = NULL;
    1722           0 :       fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &new_authority );
    1723             : 
    1724           0 :       fd_bpf_state_t account_state[1];
    1725           0 :       err = fd_bpf_loader_program_get_state( account.acc, account_state );
    1726           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1727           0 :         return err;
    1728           0 :       }
    1729             : 
    1730           0 :       if( account_state->discriminant==FD_BPF_STATE_BUFFER ) {
    1731           0 :         if( FD_UNLIKELY( !new_authority ) ) {
    1732           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority is not optional" );
    1733           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1734           0 :         }
    1735           0 :         if( FD_UNLIKELY( !account_state->inner.buffer.has_authority_address ) ) {
    1736           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
    1737           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1738           0 :         }
    1739           0 :         if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.buffer.authority_address, present_authority_key ) ) ) {
    1740           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
    1741           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1742           0 :         }
    1743           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &err ) ) ) {
    1744             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1745           0 :           if( FD_UNLIKELY( !!err ) ) return err;
    1746           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
    1747           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1748           0 :         }
    1749             : 
    1750             :         /* copy in the authority public key into the authority address.
    1751             :            https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L926-L928 */
    1752           0 :         account_state->inner.buffer.has_authority_address = !!new_authority;
    1753           0 :         if( new_authority ) {
    1754           0 :           account_state->inner.buffer.authority_address = *new_authority;
    1755           0 :         }
    1756             : 
    1757           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1758           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1759           0 :           return err;
    1760           0 :         }
    1761           0 :       } else if( account_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
    1762           0 :         if( FD_UNLIKELY( !account_state->inner.program_data.has_upgrade_authority_address ) ) {
    1763           0 :           fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
    1764           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1765           0 :         }
    1766           0 :         if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.program_data.upgrade_authority_address, present_authority_key ) ) ) {
    1767           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
    1768           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1769           0 :         }
    1770           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &err ) ) ) {
    1771             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1772           0 :           if( FD_UNLIKELY( !!err ) ) return err;
    1773           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1774           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1775           0 :         }
    1776             : 
    1777             :         /* SIMD-0500: forbid finalize (SetAuthority None) on programs
    1778             :            that are not at least SBPF v3. */
    1779           0 :         if( !new_authority ) {
    1780           0 :           int rc = fd_bpf_loader_finalize_v3_check(
    1781           0 :               FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, disable_sbpf_v0_v1_v2_deployment ),
    1782           0 :               fd_borrowed_account_get_data    ( &account ),
    1783           0 :               fd_borrowed_account_get_data_len( &account ) );
    1784           0 :           if( FD_UNLIKELY( rc!=FD_EXECUTOR_INSTR_SUCCESS ) ) return rc;
    1785           0 :         }
    1786             : 
    1787             :         /* copy in the authority public key into the upgrade authority address.
    1788             :            https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L946-L949 */
    1789           0 :         account_state->inner.program_data.has_upgrade_authority_address = !!new_authority;
    1790           0 :         if( new_authority ) {
    1791           0 :           account_state->inner.program_data.upgrade_authority_address = *new_authority;
    1792           0 :         }
    1793             : 
    1794           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1795           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1796           0 :           return err;
    1797           0 :         }
    1798           0 :       } else {
    1799           0 :         fd_log_collector_msg_literal( instr_ctx, "Account does not support authorities" );
    1800           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1801           0 :       }
    1802             : 
    1803             :       /* Max msg_sz: 16 - 2 + 45 = 59 < 127 => we can use printf */
    1804           0 :       if( new_authority ) {
    1805           0 :         FD_BASE58_ENCODE_32_BYTES( new_authority->uc, new_authority_b58 );
    1806           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority Some(%s)", new_authority_b58 );
    1807           0 :       } else {
    1808           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority None" );
    1809           0 :       }
    1810             : 
    1811             :       /* implicit drop of account */
    1812             : 
    1813           0 :       break;
    1814           0 :     }
    1815             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L958-L1030 */
    1816           0 :     case FD_BPF_INSTR_SET_AUTHORITY_CHECKED: {
    1817           0 :       int err;
    1818           0 :       if( !FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, enable_bpf_loader_set_authority_checked_ix ) ) {
    1819           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    1820           0 :       }
    1821             : 
    1822           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1823           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1824           0 :       }
    1825             : 
    1826             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L968-L969 */
    1827           0 :       fd_guarded_borrowed_account_t account = {0};
    1828           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &account );
    1829             : 
    1830             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L970-L975 */
    1831           0 :       fd_pubkey_t const * present_authority_key = NULL;
    1832           0 :       fd_pubkey_t const * new_authority_key     = NULL;
    1833             : 
    1834           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &present_authority_key );
    1835           0 :       if( FD_UNLIKELY( err ) ) return err;
    1836             : 
    1837           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &new_authority_key );
    1838           0 :       if( FD_UNLIKELY( err ) ) return err;
    1839             : 
    1840           0 :       fd_bpf_state_t account_state[1];
    1841           0 :       err = fd_bpf_loader_program_get_state( account.acc, account_state );
    1842           0 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1843           0 :         return err;
    1844           0 :       }
    1845             : 
    1846           0 :       if( account_state->discriminant==FD_BPF_STATE_BUFFER ) {
    1847           0 :         if( FD_UNLIKELY( !account_state->inner.buffer.has_authority_address ) ) {
    1848           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
    1849           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1850           0 :         }
    1851           0 :         if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.buffer.authority_address, present_authority_key ) ) ) {
    1852           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
    1853           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1854           0 :         }
    1855           0 :         int instr_err_code = 0;
    1856           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &instr_err_code ) ) ) {
    1857             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1858           0 :           if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
    1859           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
    1860           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1861           0 :         }
    1862           0 :         instr_err_code = 0;
    1863           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL, &instr_err_code ) ) ) {
    1864             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1865           0 :           if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
    1866           0 :           fd_log_collector_msg_literal( instr_ctx, "New authority did not sign" );
    1867           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1868           0 :         }
    1869           0 :         account_state->inner.buffer.has_authority_address = 1;
    1870           0 :         account_state->inner.buffer.authority_address     = *new_authority_key;
    1871           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1872           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1873           0 :           return err;
    1874           0 :         }
    1875           0 :       } else if( account_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
    1876           0 :         if( FD_UNLIKELY( !account_state->inner.program_data.has_upgrade_authority_address ) ) {
    1877           0 :           fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
    1878           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1879           0 :         }
    1880           0 :         if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.program_data.upgrade_authority_address, present_authority_key ) ) ) {
    1881           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
    1882           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1883           0 :         }
    1884           0 :         int instr_err_code = 0;
    1885           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &instr_err_code ) ) ) {
    1886             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1887           0 :           if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
    1888           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1889           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1890           0 :         }
    1891           0 :         instr_err_code = 0;
    1892           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL, &instr_err_code ) ) ) {
    1893             :           /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
    1894           0 :           if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
    1895           0 :           fd_log_collector_msg_literal( instr_ctx, "New authority did not sign" );
    1896           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1897           0 :         }
    1898           0 :         account_state->inner.program_data.has_upgrade_authority_address = 1;
    1899           0 :         account_state->inner.program_data.upgrade_authority_address     = *new_authority_key;
    1900           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1901           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1902           0 :           return err;
    1903           0 :         }
    1904           0 :       } else {
    1905           0 :         fd_log_collector_msg_literal( instr_ctx, "Account does not support authorities" );
    1906           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1907           0 :       }
    1908             : 
    1909             :       /* Max msg_sz: 16 - 2 + 45 = 59 < 127 => we can use printf */
    1910           0 :       FD_BASE58_ENCODE_32_BYTES( new_authority_key->uc, new_authority_b58 );
    1911           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority %s", new_authority_b58 );
    1912             : 
    1913             :       /* implicit drop of account */
    1914             : 
    1915           0 :       break;
    1916           0 :     }
    1917             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1031-L1134 */
    1918           6 :     case FD_BPF_INSTR_CLOSE: {
    1919           6 :       int err;
    1920             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1032-L1046 */
    1921           6 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
    1922           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1923           0 :       }
    1924             : 
    1925             :       /* It's safe to directly access the instruction accounts because we already checked for two
    1926             :          instruction accounts previously.
    1927             :          https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1034-L1035 */
    1928           6 :       if( FD_UNLIKELY( instr_ctx->instr->accounts[ 0UL ].index_in_transaction ==
    1929           6 :                        instr_ctx->instr->accounts[ 1UL ].index_in_transaction ) ) {
    1930           0 :         fd_log_collector_msg_literal( instr_ctx, "Recipient is the same as the account being closed" );
    1931           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1932           0 :       }
    1933             : 
    1934             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1043-L1044 */
    1935           6 :       fd_guarded_borrowed_account_t close_account = {0};
    1936           6 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &close_account );
    1937             : 
    1938           6 :       fd_pubkey_t const * close_key = (fd_pubkey_t*)close_account.acc->pubkey;
    1939           6 :       fd_bpf_state_t close_account_state[1];
    1940           6 :       err = fd_bpf_loader_program_get_state( close_account.acc, close_account_state );
    1941           6 :       if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    1942           0 :         return err;
    1943           0 :       }
    1944             :       /* Close account set data length */
    1945           6 :       err = fd_borrowed_account_set_data_length( &close_account, SIZE_OF_UNINITIALIZED );
    1946           6 :       if( FD_UNLIKELY( err ) ) {
    1947           0 :         return err;
    1948           0 :       }
    1949             : 
    1950             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1049-L1056 */
    1951           6 :       if( close_account_state->discriminant==FD_BPF_STATE_UNINITIALIZED ) {
    1952             : 
    1953             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1050-L1051 */
    1954           6 :         fd_guarded_borrowed_account_t recipient_account = {0};
    1955           6 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &recipient_account );
    1956             : 
    1957           6 :         err = fd_borrowed_account_checked_add_lamports( &recipient_account, fd_borrowed_account_get_lamports( &close_account ) );
    1958           6 :         if( FD_UNLIKELY( err ) ) {
    1959           0 :           return err;
    1960           0 :         }
    1961           6 :         err = fd_borrowed_account_set_lamports( &close_account, 0UL );
    1962           6 :         if( FD_UNLIKELY( err ) ) {
    1963           0 :           return err;
    1964           0 :         }
    1965             :         /* Max msg_sz: 23 - 2 + 45 = 66 < 127 => we can use printf */
    1966           6 :         FD_BASE58_ENCODE_32_BYTES( close_key->uc, close_key_b58 );
    1967           6 :         fd_log_collector_printf_dangerous_max_127( instr_ctx, "Closed Uninitialized %s", close_key_b58 );
    1968             : 
    1969             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1057-L1068 */
    1970           6 :       } else if( close_account_state->discriminant==FD_BPF_STATE_BUFFER ) {
    1971             : 
    1972             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1059 */
    1973           0 :         fd_borrowed_account_drop( &close_account );
    1974             : 
    1975           0 :         if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1976           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1977           0 :         }
    1978             : 
    1979           0 :         fd_bpf_state_buffer_t * state_buf = &close_account_state->inner.buffer;
    1980           0 :         err = common_close_account(
    1981           0 :             state_buf->has_authority_address ? &state_buf->authority_address : NULL,
    1982           0 :             instr_ctx,
    1983           0 :             close_account_state );
    1984           0 :         if( FD_UNLIKELY( err ) ) return err;
    1985             : 
    1986             :         /* Max msg_sz: 16 - 2 + 45 = 63 < 127 => we can use printf */
    1987           0 :         FD_BASE58_ENCODE_32_BYTES( close_key->uc, close_key_b58 );
    1988           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx, "Closed Buffer %s", close_key_b58 );
    1989             : 
    1990             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1069-L1129 */
    1991           0 :       } else if( close_account_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
    1992           0 :         int err;
    1993           0 :         if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 4U ) ) ) {
    1994           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
    1995           0 :         }
    1996             : 
    1997             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1074 */
    1998           0 :         fd_borrowed_account_drop( &close_account );
    1999             : 
    2000             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1075-L1076 */
    2001           0 :         fd_guarded_borrowed_account_t program_account = {0};
    2002           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK(instr_ctx, 3UL, &program_account );
    2003             : 
    2004           0 :         if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program_account ) ) ) {
    2005           0 :           fd_log_collector_msg_literal( instr_ctx, "Program account is not writable" );
    2006           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    2007           0 :         }
    2008           0 :         if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program_account ), program_id, sizeof(fd_pubkey_t) ) ) ) {
    2009           0 :           fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
    2010           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    2011           0 :         }
    2012           0 :         fd_sol_sysvar_clock_t clock_;
    2013           0 :         fd_sol_sysvar_clock_t const * clock = fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, &clock_ );
    2014           0 :         if( FD_UNLIKELY( !clock ) ) {
    2015           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    2016           0 :         }
    2017           0 :         if( FD_UNLIKELY( clock->slot==close_account_state->inner.program_data.slot ) ) {
    2018           0 :           fd_log_collector_msg_literal( instr_ctx,"Program was deployed in this block already" );
    2019           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    2020           0 :         }
    2021             : 
    2022           0 :         fd_bpf_state_t program_state[1];
    2023           0 :         err = fd_bpf_loader_program_get_state( program_account.acc, program_state );
    2024           0 :         if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    2025           0 :           return err;
    2026           0 :         }
    2027             : 
    2028           0 :         if( program_state->discriminant==FD_BPF_STATE_PROGRAM ) {
    2029           0 :           if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, close_key, sizeof(fd_pubkey_t) ) ) ) {
    2030           0 :             fd_log_collector_msg_literal( instr_ctx,"ProgramData account does not match ProgramData account" );
    2031           0 :             return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    2032           0 :           }
    2033             : 
    2034             :           /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1105 */
    2035           0 :           fd_borrowed_account_drop( &program_account );
    2036             : 
    2037           0 :           fd_bpf_state_program_data_t * pd = &close_account_state->inner.program_data;
    2038           0 :           err = common_close_account(
    2039           0 :               pd->has_upgrade_authority_address ? &pd->upgrade_authority_address : NULL,
    2040           0 :               instr_ctx,
    2041           0 :               close_account_state );
    2042           0 :           if( FD_UNLIKELY( err ) ) return err;
    2043             : 
    2044             :           /* The Agave client updates the account state upon closing an account
    2045             :              in their loaded program cache. Checking for a program can be
    2046             :              checked by checking to see if the programdata account's loader state
    2047             :              is unitialized. The firedancer implementation also removes closed
    2048             :              accounts from the loaded program cache at the end of a slot. Closed
    2049             :              accounts are not checked from the cache, instead the account state
    2050             :              is looked up. */
    2051             : 
    2052           0 :         } else {
    2053           0 :           fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
    2054           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    2055           0 :         }
    2056             : 
    2057             :         /* Max msg_sz: 17 - 2 + 45 = 60 < 127 => we can use printf */
    2058           0 :         FD_BASE58_ENCODE_32_BYTES( program_account.acc->pubkey, program_account_b58 );
    2059           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx, "Closed Program %s", program_account_b58 );
    2060             : 
    2061             :         /* program account is dropped when it goes out of scope */
    2062           0 :       } else {
    2063           0 :         fd_log_collector_msg_literal( instr_ctx, "Account does not support closing" );
    2064           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    2065           0 :       }
    2066             : 
    2067             :       /* implicit drop of close account */
    2068           6 :       break;
    2069           6 :     }
    2070             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1158-L1170 */
    2071           6 :     case FD_BPF_INSTR_EXTEND_PROGRAM: {
    2072           0 :       err = common_extend_program( instr_ctx, instruction->inner.extend_program.additional_bytes, 0 );
    2073           0 :       if( FD_UNLIKELY( err ) ) {
    2074           0 :         return err;
    2075           0 :       }
    2076             : 
    2077           0 :       break;
    2078           0 :     }
    2079             :     /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1171-L1179 */
    2080           0 :     case FD_BPF_INSTR_EXTEND_PROGRAM_CHECKED: {
    2081           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    2082           0 :     }
    2083             :     /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1338-L1508 */
    2084           0 :     case FD_BPF_INSTR_MIGRATE: {
    2085             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1339-L1344 */
    2086           0 :       if( FD_UNLIKELY( !FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, enable_loader_v4 ) ) ) {
    2087           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    2088           0 :       }
    2089             : 
    2090             :       /* TODO: Implement me */
    2091           0 :       FD_LOG_WARNING(( "migrate instruction is not implemented" ));
    2092           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    2093           0 :     }
    2094           0 :     default: {
    2095           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2096           0 :     }
    2097           6 :   }
    2098           6 :   return FD_EXECUTOR_INSTR_SUCCESS;
    2099           6 : }
    2100             : 
    2101             : /* process_instruction_inner() */
    2102             : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L394-L564 */
    2103             : int
    2104        2460 : fd_bpf_loader_program_execute( fd_exec_instr_ctx_t * ctx ) {
    2105             :   /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L491-L529 */
    2106             : 
    2107             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L403-L404 */
    2108        2460 :   fd_guarded_borrowed_account_t program_account = {0};
    2109        2460 :   int err = fd_exec_instr_ctx_try_borrow_last_program_account( ctx, &program_account );
    2110        2460 :   if( FD_UNLIKELY( err ) ) {
    2111           0 :     return err;
    2112           0 :   }
    2113             : 
    2114             :   /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L409 */
    2115        2460 :   fd_pubkey_t const * program_id = NULL;
    2116        2460 :   err = fd_exec_instr_ctx_get_last_program_key( ctx, &program_id );
    2117        2460 :   if( FD_UNLIKELY( err ) ) {
    2118           0 :     return err;
    2119           0 :   }
    2120             : 
    2121             :   /* Program management instruction */
    2122        2460 :   if( FD_UNLIKELY( !memcmp( &fd_solana_native_loader_id, fd_borrowed_account_get_owner( &program_account ), sizeof(fd_pubkey_t) ) ) ) {
    2123             :     /* https://github.com/anza-xyz/agave/blob/v2.2.3/programs/bpf_loader/src/lib.rs#L416 */
    2124           6 :     fd_borrowed_account_drop( &program_account );
    2125             : 
    2126           6 :     if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_upgradeable_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
    2127           6 :       FD_EXEC_CU_UPDATE( ctx, UPGRADEABLE_LOADER_COMPUTE_UNITS );
    2128           6 :       return process_loader_upgradeable_instruction( ctx );
    2129           6 :     } else if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
    2130           0 :       FD_EXEC_CU_UPDATE( ctx, DEFAULT_LOADER_COMPUTE_UNITS );
    2131           0 :       fd_log_collector_msg_literal( ctx, "BPF loader management instructions are no longer supported" );
    2132           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2133           0 :     } else if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_deprecated_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
    2134           0 :       FD_EXEC_CU_UPDATE( ctx, DEPRECATED_LOADER_COMPUTE_UNITS );
    2135           0 :       fd_log_collector_msg_literal( ctx, "Deprecated loader is no longer supported" );
    2136           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2137           0 :     } else {
    2138           0 :       fd_log_collector_msg_literal( ctx, "Invalid BPF loader id" );
    2139           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2140           0 :     }
    2141           6 :   }
    2142             : 
    2143             :   /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L551-L563 */
    2144             :   /* The Agave client stores a loaded program type state in its implementation
    2145             :      of the loaded program cache. It checks to see if an account is able to be
    2146             :      executed. It is possible for a program to be in the DelayVisibility state or
    2147             :      Closed state but it won't be reflected in the Firedancer cache. Program
    2148             :      accounts that are in this state should exit with an invalid account data
    2149             :      error. For programs that are recently deployed or upgraded, they should not
    2150             :      be allowed to be executed for the remainder of the slot. For closed
    2151             :      accounts, they're uninitialized and shouldn't be executed as well.
    2152             : 
    2153             :      For the former case the slot that the
    2154             :      program was last updated in is in the program data account.
    2155             :      This means that if the slot in the program data account is greater than or
    2156             :      equal to the current execution slot, then the account is in a
    2157             :      'LoadedProgramType::DelayVisiblity' state.
    2158             : 
    2159             :      The latter case as described above is a tombstone account which is in a Closed
    2160             :      state. This occurs when a program data account is closed. However, our cache
    2161             :      does not track this. Instead, this can be checked for by seeing if the program
    2162             :      account's respective program data account is uninitialized. This should only
    2163             :      happen when the account is closed.
    2164             : 
    2165             :      Every error that comes out of this block is mapped to an InvalidAccountData instruction error in Agave. */
    2166             : 
    2167        2454 :   uchar is_deprecated = !memcmp( program_account.acc->owner, &fd_solana_bpf_loader_deprecated_program_id, sizeof(fd_pubkey_t) );
    2168             : 
    2169        2454 :   fd_acc_t const * progdata_ro = program_account.acc;
    2170        2454 :   if( !memcmp( program_account.acc->owner, &fd_solana_bpf_loader_upgradeable_program_id, sizeof(fd_pubkey_t) ) ) {
    2171           0 :     fd_bpf_state_t program_account_state[1];
    2172           0 :     err = fd_bpf_loader_program_get_state( program_account.acc, program_account_state );
    2173           0 :     if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    2174           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2175           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2176           0 :     }
    2177             : 
    2178             :     /* https://github.com/anza-xyz/agave/blob/v2.0.9/svm/src/program_loader.rs#L96-L98
    2179             :        Program account and program data account discriminants get checked when loading in program accounts
    2180             :        into the program cache. If the discriminants are incorrect, the program is marked as closed. */
    2181           0 :     if( FD_UNLIKELY( program_account_state->discriminant!=FD_BPF_STATE_PROGRAM ) ) {
    2182             :       /* https://github.com/anza-xyz/agave/tree/v3.0.5/programs/bpf_loader/src/lib.rs#L424-L433
    2183             :          Agave's program cache will add any non-migrating built-ins as built-in
    2184             :          accounts, even though they might be owned by the BPF loader. In these
    2185             :          cases, Agave does not log this message. Meanwhile, non-migrating
    2186             :          built-in programs do not use the BPF loader, by definition. */
    2187           0 :       if( !fd_is_non_migrating_builtin_program( program_id ) ) {
    2188           0 :         fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2189           0 :       }
    2190           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2191           0 :     }
    2192             : 
    2193           0 :     fd_pubkey_t * programdata_pubkey = &program_account_state->inner.program.programdata_address;
    2194           0 :     progdata_ro = fd_runtime_get_executable_account( ctx->txn_out, programdata_pubkey );
    2195           0 :     if( FD_UNLIKELY( !progdata_ro ) ) {
    2196           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2197           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2198           0 :     }
    2199             : 
    2200           0 :     if( FD_UNLIKELY( progdata_ro->data_len<PROGRAMDATA_METADATA_SIZE ) ) {
    2201           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2202           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2203           0 :     }
    2204             : 
    2205           0 :     fd_bpf_state_t program_data_account_state[1];
    2206           0 :     err = fd_bpf_loader_program_get_state( progdata_ro, program_data_account_state );
    2207           0 :     if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
    2208           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2209           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2210           0 :     }
    2211             : 
    2212             :     /* https://github.com/anza-xyz/agave/blob/v2.0.9/svm/src/program_loader.rs#L100-L104
    2213             :        Same as above comment. Program data discriminant must be set correctly. */
    2214           0 :     if( FD_UNLIKELY( program_data_account_state->discriminant!=FD_BPF_STATE_PROGRAM_DATA ) ) {
    2215             :       /* The account is closed. */
    2216           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2217           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2218           0 :     }
    2219             : 
    2220           0 :     ulong program_data_slot = program_data_account_state->inner.program_data.slot;
    2221           0 :     if( FD_UNLIKELY( program_data_slot>=ctx->bank->f.slot ) ) {
    2222             :       /* The account was likely just deployed or upgraded. Corresponds to
    2223             :          'LoadedProgramType::DelayVisibility' */
    2224           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2225           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2226           0 :     }
    2227           0 :   }
    2228             : 
    2229        2454 :   fd_prog_load_env_t load_env[1]; fd_prog_load_env_from_bank( load_env, ctx->bank );
    2230        2454 :   fd_progcache_t * progcache = ctx->runtime->progcache;
    2231        2454 :   fd_progcache_rec_t * cache_entry =
    2232        2454 :       fd_progcache_pull( progcache, ctx->bank->progcache_fork_id, program_id, load_env, progdata_ro );
    2233        2454 :   if( FD_UNLIKELY( !cache_entry ) ) {
    2234           0 :     fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2235           0 :     return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2236           0 :   }
    2237             : 
    2238             :   /* The program may be in the cache but could have failed verification in the current epoch. */
    2239        2454 :   if( FD_UNLIKELY( !cache_entry->data_gaddr ) ) {
    2240           0 :     fd_progcache_rec_close( progcache, cache_entry );
    2241           0 :     fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2242           0 :     return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2243           0 :   }
    2244             : 
    2245             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L446 */
    2246        2454 :   fd_borrowed_account_drop( &program_account );
    2247             : 
    2248        2454 :   int exec_err = fd_bpf_execute( ctx, cache_entry, is_deprecated );
    2249        2454 :   fd_progcache_rec_close( progcache, cache_entry );
    2250        2454 :   return exec_err;
    2251        2454 : }

Generated by: LCOV version 1.14