Line data Source code
1 : #include "fd_bpf_loader_program.h"
2 : #include "fd_system_program.h"
3 :
4 : /* For additional context see https://solana.com/docs/programs/deploying#state-accounts */
5 :
6 : #include "../../progcache/fd_progcache_user.h"
7 : #include "../fd_runtime_helpers.h"
8 : #include "../fd_executor.h"
9 : #include "../tests/fd_dump_pb.h"
10 : #include "../sysvar/fd_sysvar.h"
11 : #include "../fd_pubkey_utils.h"
12 : #include "../fd_borrowed_account.h"
13 : #include "../fd_system_ids.h"
14 : #include "fd_bpf_loader_serialization.h"
15 : #include "fd_builtin_programs.h"
16 : #include "fd_native_cpi.h"
17 :
18 : /* https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/sdk/program/src/program_error.rs#L290-L335 */
19 : static inline int
20 : program_error_to_instr_error( ulong err,
21 51 : uint * custom_err ) {
22 51 : switch( err ) {
23 0 : case CUSTOM_ZERO:
24 0 : *custom_err = 0;
25 0 : return FD_EXECUTOR_INSTR_ERR_CUSTOM_ERR;
26 0 : case INVALID_ARGUMENT:
27 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
28 0 : case INVALID_INSTRUCTION_DATA:
29 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
30 0 : case INVALID_ACCOUNT_DATA:
31 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
32 0 : case ACCOUNT_DATA_TOO_SMALL:
33 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
34 0 : case INSUFFICIENT_FUNDS:
35 0 : return FD_EXECUTOR_INSTR_ERR_INSUFFICIENT_FUNDS;
36 0 : case INCORRECT_PROGRAM_ID:
37 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
38 0 : case MISSING_REQUIRED_SIGNATURES:
39 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
40 0 : case ACCOUNT_ALREADY_INITIALIZED:
41 0 : return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
42 0 : case UNINITIALIZED_ACCOUNT:
43 0 : return FD_EXECUTOR_INSTR_ERR_UNINITIALIZED_ACCOUNT;
44 0 : case NOT_ENOUGH_ACCOUNT_KEYS:
45 0 : return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
46 0 : case ACCOUNT_BORROW_FAILED:
47 0 : return FD_EXECUTOR_INSTR_ERR_ACC_BORROW_FAILED;
48 0 : case MAX_SEED_LENGTH_EXCEEDED:
49 0 : return FD_EXECUTOR_INSTR_ERR_MAX_SEED_LENGTH_EXCEEDED;
50 0 : case INVALID_SEEDS:
51 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_SEEDS;
52 0 : case BORSH_IO_ERROR:
53 0 : return FD_EXECUTOR_INSTR_ERR_BORSH_IO_ERROR;
54 0 : case ACCOUNT_NOT_RENT_EXEMPT:
55 0 : return FD_EXECUTOR_INSTR_ERR_ACC_NOT_RENT_EXEMPT;
56 0 : case UNSUPPORTED_SYSVAR:
57 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
58 0 : case ILLEGAL_OWNER:
59 0 : return FD_EXECUTOR_INSTR_ERR_ILLEGAL_OWNER;
60 0 : case MAX_ACCOUNTS_DATA_ALLOCATIONS_EXCEEDED:
61 0 : return FD_EXECUTOR_INSTR_ERR_MAX_ACCS_DATA_ALLOCS_EXCEEDED;
62 0 : case INVALID_ACCOUNT_DATA_REALLOC:
63 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
64 0 : case MAX_INSTRUCTION_TRACE_LENGTH_EXCEEDED:
65 0 : return FD_EXECUTOR_INSTR_ERR_MAX_INSN_TRACE_LENS_EXCEEDED;
66 0 : case BUILTIN_PROGRAMS_MUST_CONSUME_COMPUTE_UNITS:
67 0 : return FD_EXECUTOR_INSTR_ERR_BUILTINS_MUST_CONSUME_CUS;
68 0 : case INVALID_ACCOUNT_OWNER:
69 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
70 0 : case ARITHMETIC_OVERFLOW:
71 0 : return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW;
72 0 : case IMMUTABLE:
73 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
74 0 : case INCORRECT_AUTHORITY:
75 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
76 51 : default:
77 51 : if( err>>BUILTIN_BIT_SHIFT == 0 ) {
78 51 : *custom_err = (uint)err;
79 51 : return FD_EXECUTOR_INSTR_ERR_CUSTOM_ERR;
80 51 : }
81 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ERR;
82 51 : }
83 51 : }
84 :
85 : /* https://github.com/anza-xyz/agave/blob/9b22f28104ec5fd606e4bb39442a7600b38bb671/programs/bpf_loader/src/lib.rs#L216-L229 */
86 : static ulong
87 2454 : calculate_heap_cost( ulong heap_size, ulong heap_cost ) {
88 4908 : #define KIBIBYTE_MUL_PAGES (1024UL * 32UL)
89 2454 : #define KIBIBYTE_MUL_PAGES_SUB_1 (KIBIBYTE_MUL_PAGES - 1UL)
90 :
91 2454 : heap_size = fd_ulong_sat_add( heap_size, KIBIBYTE_MUL_PAGES_SUB_1 );
92 :
93 2454 : heap_size = fd_ulong_sat_mul( fd_ulong_sat_sub( heap_size / KIBIBYTE_MUL_PAGES, 1UL ), heap_cost );
94 2454 : return heap_size;
95 :
96 2454 : #undef KIBIBYTE_MUL_PAGES
97 2454 : #undef KIBIBYTE_MUL_PAGES_SUB_1
98 2454 : }
99 :
100 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L105-L171
101 :
102 : Our arguments to deploy_program are different from the Agave version because
103 : we handle the caching of deployed programs differently. In Firedancer we
104 : lack the concept of ProgramCacheEntryType entirely.
105 : https://github.com/anza-xyz/agave/blob/114d94a25e9631f9bf6349c4b833d7900ef1fb1c/program-runtime/src/loaded_programs.rs#L158
106 :
107 : In Agave there is a separate caching structure that is used to store the
108 : deployed programs. In Firedancer the deployed, validated program is stored as
109 : metadata for the account.
110 :
111 : See https://github.com/firedancer-io/firedancer/blob/9c1df680b3f38bebb0597e089766ec58f3b41e85/src/flamenco/runtime/program/fd_bpf_loader_v3_program.c#L1640
112 : for how we handle the concept of 'LoadedProgramType::DelayVisibility' in Firedancer.
113 :
114 : As a concrete example, our version of deploy_program does not have the
115 : 'account_size' argument because we do not update the record here. */
116 : int
117 : fd_deploy_program( fd_exec_instr_ctx_t * instr_ctx,
118 : uchar const * programdata,
119 : ulong programdata_size,
120 12 : int disable_sbpf_v0_v1_v2_deployment ) {
121 12 : int deploy_mode = 1;
122 12 : int direct_mapping = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, account_data_direct_mapping );
123 12 : int syscall_parameter_address_restrictions = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, syscall_parameter_address_restrictions );
124 12 : int virtual_address_space_adjustments = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, virtual_address_space_adjustments );
125 :
126 12 : uchar syscalls_mem[ FD_SBPF_SYSCALLS_FOOTPRINT ] __attribute__((aligned(FD_SBPF_SYSCALLS_ALIGN)));
127 12 : fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_join( fd_sbpf_syscalls_new( syscalls_mem ) );
128 12 : if( FD_UNLIKELY( !syscalls ) ) {
129 : //TODO: full log including err
130 0 : fd_log_collector_msg_literal( instr_ctx, "Failed to register syscalls" );
131 0 : return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
132 0 : }
133 :
134 : /* Agave uses the feature set from the next slot for deployment
135 : verification (DELAY_VISIBILITY_SLOT_OFFSET = 1). This matters at
136 : epoch boundaries where features activate: a deployment at the last
137 : slot of an epoch should see features that activate at the boundary.
138 : https://github.com/anza-xyz/agave/blob/v3.1.8/runtime/src/bank.rs#L3280-L3295 */
139 12 : ulong deploy_slot = instr_ctx->bank->f.slot+1UL;
140 :
141 12 : fd_vm_syscall_register_slot( syscalls,
142 12 : deploy_slot,
143 12 : &instr_ctx->bank->f.features,
144 12 : 1 );
145 :
146 : /* Load executable */
147 12 : fd_sbpf_elf_info_t elf_info[ 1UL ];
148 12 : fd_prog_versions_t versions = fd_prog_versions( &instr_ctx->bank->f.features, deploy_slot );
149 :
150 : /* SIMD-0500: when active, restrict program deployment to SBPF v3+.
151 : Older SBPF versions remain executable.
152 : TODO: fix link when 4.1 is releaed
153 : https://github.com/anza-xyz/agave/blob/v4.1.0-alpha.0/program-runtime/src/deploy.rs#L30-L32 */
154 12 : if( disable_sbpf_v0_v1_v2_deployment ) {
155 6 : versions.min_sbpf_version = FD_SBPF_V3;
156 6 : }
157 :
158 12 : fd_sbpf_loader_config_t config = { 0 };
159 12 : config.elf_deploy_checks = deploy_mode;
160 12 : config.sbpf_min_version = versions.min_sbpf_version;
161 12 : config.sbpf_max_version = versions.max_sbpf_version;
162 :
163 12 : if( FD_UNLIKELY( fd_sbpf_elf_peek( elf_info, programdata, programdata_size, &config )<0 ) ) {
164 3 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
165 3 : }
166 :
167 : /* Allocate rodata segment */
168 9 : void * rodata = instr_ctx->runtime->bpf_loader_program.rodata;
169 9 : if( FD_UNLIKELY( !rodata ) ) {
170 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
171 0 : }
172 :
173 : /* Allocate program buffer */
174 9 : fd_sbpf_program_t * prog = fd_sbpf_program_new( instr_ctx->runtime->bpf_loader_program.sbpf_footprint, elf_info, rodata );
175 9 : if( FD_UNLIKELY( !prog ) ) {
176 0 : FD_LOG_ERR(( "fd_sbpf_program_new() failed" ));
177 0 : }
178 :
179 : /* Load program */
180 9 : void * scratch = instr_ctx->runtime->bpf_loader_program.programdata;
181 9 : int err = fd_sbpf_program_load( prog, programdata, programdata_size, syscalls, &config, scratch, programdata_size );
182 9 : if( FD_UNLIKELY( err ) ) {
183 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
184 0 : }
185 :
186 : /* Validate the program */
187 9 : fd_vm_t _vm[ 1UL ];
188 9 : fd_vm_t * vm = fd_vm_join( fd_vm_new( _vm ) );
189 :
190 9 : vm = fd_vm_init(
191 9 : /* vm */ vm,
192 9 : /* instr_ctx */ instr_ctx,
193 9 : /* heap_max */ instr_ctx->txn_out->details.compute_budget.heap_size,
194 9 : /* entry_cu */ instr_ctx->txn_out->details.compute_budget.compute_meter,
195 9 : /* rodata */ prog->rodata,
196 9 : /* rodata_sz */ prog->rodata_sz,
197 9 : /* text */ prog->text,
198 9 : /* text_cnt */ prog->info.text_cnt,
199 9 : /* text_off */ prog->info.text_off, /* FIXME: What if text_off is not multiple of 8 */
200 9 : /* text_sz */ prog->info.text_sz,
201 9 : /* entry_pc */ prog->entry_pc,
202 9 : /* calldests */ prog->calldests,
203 9 : /* sbpf_version */ elf_info->sbpf_version,
204 9 : /* syscalls */ syscalls,
205 9 : /* trace */ NULL,
206 9 : /* sha */ NULL,
207 9 : /* mem_regions */ NULL,
208 9 : /* mem_regions_cnt */ 0,
209 9 : /* mem_region_accs */ NULL,
210 9 : /* is_deprecated */ 0,
211 9 : /* direct mapping */ direct_mapping,
212 9 : /* syscall_parameter_address_restrictions */ syscall_parameter_address_restrictions,
213 9 : /* virtual_address_space_adjustments */ virtual_address_space_adjustments,
214 9 : /* dump_syscall_to_pb */ 0,
215 9 : /* r2_initial_value */ 0UL );
216 9 : if ( FD_UNLIKELY( vm == NULL ) ) {
217 0 : FD_LOG_WARNING(( "NULL vm" ));
218 0 : return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
219 0 : }
220 :
221 9 : int validate_result = fd_vm_validate( vm );
222 9 : if( FD_UNLIKELY( validate_result!=FD_VM_SUCCESS ) ) {
223 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
224 0 : }
225 :
226 9 : return FD_EXECUTOR_INSTR_SUCCESS;
227 9 : }
228 :
229 : /* SIMD-0500 finalize gate: when the feature is active and the ELF
230 : embedded in `programdata` parses as SBPFv0/v1/v2, reject;
231 : otherwise accept (including the short-programdata case, which
232 : mirrors the let-chain short-circuit in agave). See the call site
233 : in `process_loader_upgradeable_instruction` for the SetAuthority
234 : handler.
235 : https://github.com/anza-xyz/agave/blob/v4.1.0-alpha.0/programs/bpf_loader/src/lib.rs#L580-L591 */
236 : int
237 : fd_bpf_loader_finalize_v3_check( int feature_active,
238 : uchar const * programdata,
239 12 : ulong programdata_len ) {
240 12 : ulong const off = PROGRAMDATA_METADATA_SIZE + 48UL; /* ELF64 e_flags */
241 12 : if( !feature_active ) return FD_EXECUTOR_INSTR_SUCCESS;
242 6 : if( programdata_len < off + sizeof(uint) ) return FD_EXECUTOR_INSTR_SUCCESS;
243 6 : if( FD_LOAD( uint, programdata+off )<FD_SBPF_V3 ) return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
244 3 : return FD_EXECUTOR_INSTR_SUCCESS;
245 6 : }
246 :
247 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L195-L218 */
248 : static int
249 : write_program_data( fd_exec_instr_ctx_t * instr_ctx,
250 : ushort instr_acc_idx,
251 : ulong program_data_offset,
252 : uchar const * bytes,
253 0 : ulong bytes_len ) {
254 0 : int err;
255 :
256 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L202 */
257 0 : fd_guarded_borrowed_account_t program = {0};
258 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, instr_acc_idx, &program );
259 :
260 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L203 */
261 0 : uchar * data = NULL;
262 0 : ulong dlen = 0UL;
263 0 : err = fd_borrowed_account_get_data_mut( &program, &data, &dlen );
264 0 : if( FD_UNLIKELY( err ) ) {
265 0 : return err;
266 0 : }
267 :
268 0 : ulong write_offset = fd_ulong_sat_add( program_data_offset, bytes_len );
269 0 : if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &program )<write_offset ) ) {
270 : /* Max msg_sz: 24 - 6 + 2*20 = 58 < 127 => we can use printf */
271 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx,
272 0 : "Write overflow: %lu < %lu", fd_borrowed_account_get_data_len( &program ), write_offset );
273 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
274 0 : }
275 :
276 0 : if( FD_UNLIKELY( program_data_offset>dlen ) ) {
277 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
278 0 : }
279 :
280 0 : if( FD_LIKELY( bytes_len ) ) {
281 0 : fd_memcpy( data+program_data_offset, bytes, bytes_len );
282 0 : }
283 :
284 0 : return FD_EXECUTOR_INSTR_SUCCESS;
285 0 : }
286 :
287 : int
288 : fd_bpf_loader_program_get_state( fd_acc_t const * acc,
289 45 : fd_bpf_state_t * state ) {
290 45 : if( FD_UNLIKELY( fd_bpf_state_decode( state, acc->data, acc->data_len ) ) ) {
291 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
292 0 : }
293 45 : return FD_EXECUTOR_INSTR_SUCCESS;
294 45 : }
295 :
296 : int
297 : fd_bpf_loader_program_get_state2( uchar const * data,
298 : ulong data_len,
299 0 : fd_bpf_state_t * state ) {
300 0 : if( FD_UNLIKELY( fd_bpf_state_decode( state, data, data_len ) ) ) {
301 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
302 0 : }
303 0 : return FD_EXECUTOR_INSTR_SUCCESS;
304 0 : }
305 :
306 : /* Mirrors solana_sdk::transaction_context::BorrowedAccount::set_state()
307 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L973 */
308 : int
309 : fd_bpf_loader_v3_program_set_state( fd_borrowed_account_t * borrowed_acct,
310 0 : fd_bpf_state_t * state ) {
311 0 : ulong state_size = fd_bpf_state_size( state );
312 :
313 0 : uchar * data = NULL;
314 0 : ulong dlen = 0UL;
315 :
316 0 : int err = fd_borrowed_account_get_data_mut( borrowed_acct, &data, &dlen );
317 0 : if( FD_UNLIKELY( err ) ) {
318 0 : return err;
319 0 : }
320 :
321 0 : if( FD_UNLIKELY( state_size>dlen ) ) {
322 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
323 0 : }
324 :
325 0 : ulong out_sz = 0UL;
326 0 : if( FD_UNLIKELY( fd_bpf_state_encode( state, data, state_size, &out_sz ) ) ) {
327 0 : return FD_EXECUTOR_INSTR_ERR_GENERIC_ERR;
328 0 : }
329 :
330 0 : return FD_EXECUTOR_INSTR_SUCCESS;
331 0 : }
332 :
333 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1299-L1331 */
334 : static int
335 : common_close_account( fd_pubkey_t * authority_address,
336 : fd_exec_instr_ctx_t * instr_ctx,
337 0 : fd_bpf_state_t * state ) {
338 0 : int err;
339 :
340 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1307 */
341 0 : if( FD_UNLIKELY( !authority_address ) ) {
342 0 : fd_log_collector_msg_literal( instr_ctx, "Account is immutable" );
343 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
344 0 : }
345 :
346 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1312-L1313 */
347 0 : fd_pubkey_t const * acc_key = NULL;
348 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &acc_key );
349 0 : if( FD_UNLIKELY( err ) ) {
350 0 : return err;
351 0 : }
352 :
353 0 : if( FD_UNLIKELY( memcmp( authority_address, acc_key, sizeof(fd_pubkey_t) ) ) ) {
354 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect authority provided" );
355 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
356 0 : }
357 :
358 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1319-L1322 */
359 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL, &err ) ) ) {
360 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
361 0 : if( FD_UNLIKELY( !!err ) ) return err;
362 0 : fd_log_collector_msg_literal( instr_ctx, "Authority did not sign" );
363 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
364 0 : }
365 :
366 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1324 */
367 0 : fd_guarded_borrowed_account_t close_account = {0};
368 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &close_account );
369 :
370 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1326 */
371 0 : fd_guarded_borrowed_account_t recipient_account = {0};
372 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &recipient_account );
373 :
374 0 : err = fd_borrowed_account_checked_add_lamports( &recipient_account,
375 0 : fd_borrowed_account_get_lamports( &close_account ) );
376 0 : if( FD_UNLIKELY( err ) ) {
377 0 : return err;
378 0 : }
379 :
380 0 : err = fd_borrowed_account_set_lamports( &close_account, 0UL );
381 0 : if( FD_UNLIKELY( err ) ) {
382 0 : return err;
383 0 : }
384 :
385 0 : state->discriminant = FD_BPF_STATE_UNINITIALIZED;
386 0 : err = fd_bpf_loader_v3_program_set_state( &close_account, state );
387 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
388 0 : return err;
389 0 : }
390 :
391 0 : return FD_EXECUTOR_INSTR_SUCCESS;
392 0 : }
393 :
394 :
395 : /* Every loader-owned BPF program goes through this function, which goes into the VM.
396 :
397 : https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1332-L1501 */
398 : int
399 : fd_bpf_execute( fd_exec_instr_ctx_t * instr_ctx,
400 : fd_progcache_rec_t const * cache_entry,
401 2454 : uchar is_deprecated ) {
402 2454 : long const regime0 = fd_tickcount();
403 :
404 2454 : int err = FD_EXECUTOR_INSTR_SUCCESS;
405 :
406 2454 : uchar syscalls_mem[ FD_SBPF_SYSCALLS_FOOTPRINT ] __attribute__((aligned(FD_SBPF_SYSCALLS_ALIGN)));
407 2454 : fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_join( fd_sbpf_syscalls_new( syscalls_mem ) );
408 2454 : if( FD_UNLIKELY( !syscalls ) ) {
409 0 : FD_LOG_CRIT(( "Unable to allocate syscalls" ));
410 0 : }
411 :
412 : /* TODO do we really need to re-do this on every instruction? */
413 2454 : fd_vm_syscall_register_slot( syscalls,
414 2454 : instr_ctx->bank->f.slot,
415 2454 : &instr_ctx->bank->f.features,
416 2454 : 0 );
417 :
418 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1362-L1368 */
419 2454 : ulong input_sz = 0UL;
420 2454 : ulong pre_lens[256] = {0};
421 2454 : fd_vm_input_region_t input_mem_regions[1000] = {0}; /* We can have a max of (3 * num accounts + 1) regions */
422 2454 : fd_vm_acc_region_meta_t acc_region_metas[256] = {0}; /* instr acc idx to idx */
423 2454 : uint input_mem_regions_cnt = 0U;
424 2454 : int direct_mapping = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, account_data_direct_mapping );
425 2454 : int syscall_parameter_address_restrictions = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, syscall_parameter_address_restrictions );
426 2454 : int virtual_address_space_adjustments = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, virtual_address_space_adjustments );
427 2454 : int provide_instruction_data_offset_in_vm_r2 = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, provide_instruction_data_offset_in_vm_r2 );
428 2454 : int direct_account_pointers_in_program_input = FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, direct_account_pointers_in_program_input );
429 :
430 2454 : ulong instruction_data_offset = 0UL;
431 : /* 16-byte aligned buffer:
432 : https://github.com/anza-xyz/agave/blob/v3.0.0/program-runtime/src/serialization.rs#L60 */
433 2454 : uchar * input = instr_ctx->runtime->bpf_loader_serialization.serialization_mem[ instr_ctx->runtime->instr.stack_sz-1UL ];
434 2454 : err = fd_bpf_loader_input_serialize_parameters( instr_ctx, pre_lens,
435 2454 : input_mem_regions, &input_mem_regions_cnt,
436 2454 : acc_region_metas, virtual_address_space_adjustments, direct_mapping,
437 2454 : direct_account_pointers_in_program_input, is_deprecated,
438 2454 : &instruction_data_offset, &input_sz );
439 2454 : if( FD_UNLIKELY( err ) ) {
440 0 : return err;
441 0 : }
442 :
443 2454 : fd_sha256_t _sha[1];
444 2454 : fd_sha256_t * sha = fd_sha256_join( fd_sha256_new( _sha ) );
445 :
446 2454 : fd_vm_t _vm[1];
447 2454 : fd_vm_t * vm = fd_vm_join( fd_vm_new( _vm ) );
448 :
449 2454 : ulong pre_insn_cus = instr_ctx->txn_out->details.compute_budget.compute_meter;
450 2454 : ulong heap_size = instr_ctx->txn_out->details.compute_budget.heap_size;
451 :
452 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L275-L278 */
453 2454 : ulong heap_cost = calculate_heap_cost( heap_size, FD_VM_HEAP_COST );
454 2454 : int heap_cost_result = fd_executor_consume_cus( instr_ctx->txn_out, heap_cost );
455 2454 : if( FD_UNLIKELY( heap_cost_result ) ) {
456 0 : return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
457 0 : }
458 :
459 : /* For dumping syscalls for seed corpora */
460 2454 : int dump_syscall_to_pb = instr_ctx->runtime->log.dump_proto_ctx &&
461 2454 : instr_ctx->bank->f.slot>=instr_ctx->runtime->log.dump_proto_ctx->dump_proto_start_slot &&
462 2454 : instr_ctx->runtime->log.dump_proto_ctx->dump_syscall_to_pb;
463 :
464 : /* https://github.com/anza-xyz/agave/blob/v3.1.1/programs/bpf_loader/src/lib.rs#L1525-L1528 */
465 2454 : ulong r2_initial_value = provide_instruction_data_offset_in_vm_r2 ? instruction_data_offset : 0UL;
466 :
467 : /* TODO: (topointon): correctly set check_size in vm setup */
468 2454 : fd_wksp_t * progcache_wksp = instr_ctx->runtime->progcache->join->data_base;
469 2454 : void const * rodata = fd_progcache_rec_rodata( cache_entry, progcache_wksp );
470 2454 : vm = fd_vm_init(
471 2454 : /* vm */ vm,
472 2454 : /* instr_ctx */ instr_ctx,
473 2454 : /* heap_max */ heap_size,
474 2454 : /* entry_cu */ instr_ctx->txn_out->details.compute_budget.compute_meter,
475 2454 : /* rodata */ rodata,
476 2454 : /* rodata_sz */ cache_entry->rodata_sz,
477 2454 : /* text (note: text_off is byte offset) */ (ulong *)( (ulong)rodata + cache_entry->text_off ),
478 2454 : /* text_cnt */ cache_entry->text_cnt,
479 2454 : /* text_off */ cache_entry->text_off,
480 2454 : /* text_sz */ cache_entry->text_sz,
481 2454 : /* entry_pc */ cache_entry->entry_pc,
482 2454 : /* calldests */ fd_progcache_rec_calldests( cache_entry, progcache_wksp ),
483 2454 : /* sbpf_version */ cache_entry->sbpf_version,
484 2454 : /* syscalls */ syscalls,
485 2454 : /* trace */ NULL,
486 2454 : /* sha */ sha,
487 2454 : /* input_mem_regions */ input_mem_regions,
488 2454 : /* input_mem_regions_cnt */ input_mem_regions_cnt,
489 2454 : /* acc_region_metas */ acc_region_metas,
490 2454 : /* is_deprecated */ is_deprecated,
491 2454 : /* direct_mapping */ direct_mapping,
492 2454 : /* syscall_parameter_address_restrictions */ syscall_parameter_address_restrictions,
493 2454 : /* virtual_address_space_adjustments */ virtual_address_space_adjustments,
494 2454 : /* dump_syscall_to_pb */ dump_syscall_to_pb,
495 2454 : /* r2_initial_value */ r2_initial_value );
496 2454 : if( FD_UNLIKELY( !vm ) ) {
497 : /* We throw an error here because it could be the case that the given heap_size > HEAP_MAX.
498 : In this case, Agave fails the transaction but does not error out.
499 :
500 : https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1396 */
501 0 : return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
502 0 : }
503 :
504 2454 : if( FD_UNLIKELY( instr_ctx->runtime->log.enable_vm_tracing && instr_ctx->runtime->log.tracing_mem ) ) {
505 0 : vm->trace = fd_vm_trace_join( fd_vm_trace_new( instr_ctx->runtime->log.tracing_mem + ((instr_ctx->runtime->instr.stack_sz-1UL) * FD_RUNTIME_VM_TRACE_STATIC_FOOTPRINT), FD_RUNTIME_VM_TRACE_EVENT_MAX, FD_RUNTIME_VM_TRACE_EVENT_DATA_MAX ));
506 0 : if( FD_UNLIKELY( !vm->trace ) ) FD_LOG_ERR(( "unable to create trace; make sure you've compiled with sufficient spad size " ));
507 0 : }
508 :
509 2454 : long const regime1 = fd_tickcount();
510 :
511 2454 : int exec_err = fd_vm_exec( vm );
512 2454 : instr_ctx->txn_out->details.compute_budget.compute_meter = vm->cu;
513 :
514 2454 : long const regime2 = fd_tickcount();
515 :
516 2454 : if( instr_ctx->instr->stack_height==1 ) {
517 0 : instr_ctx->runtime->metrics.vm_setup_cum_ticks += (ulong)( regime1-regime0 );
518 0 : instr_ctx->runtime->metrics.vm_exec_cum_ticks += (ulong)( regime2-regime1 );
519 2454 : } else {
520 2454 : instr_ctx->runtime->metrics.cpi_setup_cum_ticks += (ulong)( regime1-regime0 );
521 2454 : }
522 :
523 2454 : if( FD_UNLIKELY( vm->trace ) ) {
524 0 : err = fd_vm_trace_printf( vm->trace, vm->syscalls );
525 0 : if( FD_UNLIKELY( err ) ) {
526 0 : FD_LOG_WARNING(( "fd_vm_trace_printf failed (%i-%s)", err, fd_vm_strerror( err ) ));
527 0 : }
528 0 : }
529 :
530 : /* Log consumed compute units and return data.
531 : https://github.com/anza-xyz/agave/blob/v2.0.6/programs/bpf_loader/src/lib.rs#L1418-L1429 */
532 2454 : fd_log_collector_program_consumed( instr_ctx, pre_insn_cus-vm->cu, pre_insn_cus );
533 2454 : if( FD_UNLIKELY( instr_ctx->txn_out->details.return_data.len ) ) {
534 0 : fd_log_collector_program_return( instr_ctx );
535 0 : }
536 :
537 : /* We have a big error-matching arm here
538 : https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1674-L1744 */
539 :
540 : /* Handle non-zero return status with successful VM execution. This is
541 : the Ok(status) case, hence exec_err must be 0 for this case to be hit.
542 : https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1675-L1678 */
543 2454 : if( FD_LIKELY( !exec_err ) ) {
544 2424 : ulong status = vm->reg[0];
545 2424 : if( FD_UNLIKELY( status ) ) {
546 51 : err = program_error_to_instr_error( status, &instr_ctx->txn_out->err.custom_err );
547 51 : FD_VM_PREPARE_ERR_OVERWRITE( vm );
548 51 : FD_VM_ERR_FOR_LOG_INSTR( vm, err );
549 51 : return err;
550 51 : }
551 2424 : } else {
552 : /* https://github.com/anza-xyz/agave/blob/v2.1.13/programs/bpf_loader/src/lib.rs#L1434-L1439 */
553 : /* (SIMD-182) Consume ALL requested CUs on non-Syscall errors */
554 30 : if( FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, deplete_cu_meter_on_vm_failure ) &&
555 30 : exec_err!=FD_VM_ERR_EBPF_SYSCALL_ERROR ) {
556 0 : instr_ctx->txn_out->details.compute_budget.compute_meter = 0UL;
557 0 : }
558 :
559 : /* Direct mapping access violation case
560 : Edge case with error codes: if direct mapping is enabled, the EBPF error is an access violation,
561 : and the access type was a store, a different error code is returned to give developers more insight
562 : as to what caused the error.
563 : https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1556-L1618 */
564 30 : if( FD_UNLIKELY( virtual_address_space_adjustments &&
565 30 : ( exec_err==FD_VM_ERR_EBPF_ACCESS_VIOLATION || instr_ctx->txn_out->err.exec_err==FD_VM_ERR_EBPF_ACCESS_VIOLATION ) &&
566 30 : vm->segv_vaddr!=ULONG_MAX ) ) {
567 :
568 : /* If the vaddr of the access violation falls within the bounds of a
569 : serialized account vaddr range, then try to retrieve a more specific
570 : vm error based on the account's accesss permissions. */
571 24 : for( ushort i=0UL; i<instr_ctx->instr->acct_cnt; i++ ) {
572 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1455 */
573 :
574 : /* Find the input memory region that corresponds to the access
575 : https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1566-L1617 */
576 24 : ulong idx = acc_region_metas[i].region_idx;
577 24 : fd_vm_input_region_t const * input_mem_region = &input_mem_regions[idx];
578 24 : fd_vm_acc_region_meta_t const * acc_region_meta = &acc_region_metas[i];
579 :
580 : /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1484-L1492 */
581 24 : ulong region_data_vaddr_start = FD_VM_MEM_MAP_INPUT_REGION_START + input_mem_region->vaddr_offset + input_mem_region->region_sz;
582 24 : ulong region_data_vaddr_end = fd_ulong_sat_add( region_data_vaddr_start, acc_region_meta->original_data_len );
583 24 : if( FD_LIKELY( !is_deprecated ) ) {
584 24 : region_data_vaddr_end = fd_ulong_sat_add( region_data_vaddr_end, MAX_PERMITTED_DATA_INCREASE );
585 24 : }
586 :
587 24 : if( vm->segv_vaddr >= region_data_vaddr_start && vm->segv_vaddr <= region_data_vaddr_end ) {
588 :
589 : /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1575-L1616 */
590 24 : fd_guarded_borrowed_account_t instr_acc = {0};
591 24 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, i, &instr_acc );
592 :
593 : /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1581-L1616 */
594 24 : if( fd_ulong_sat_add( vm->segv_vaddr, vm->segv_access_len ) <= region_data_vaddr_end ) {
595 : /* https://github.com/anza-xyz/agave/blob/v3.0.4/programs/bpf_loader/src/lib.rs#L1592-L1601 */
596 24 : if( vm->segv_access_type==FD_VM_ACCESS_TYPE_ST ) {
597 24 : int borrow_err = FD_EXECUTOR_INSTR_SUCCESS;
598 24 : if( !fd_borrowed_account_can_data_be_changed( &instr_acc, &borrow_err ) || borrow_err != FD_EXECUTOR_INSTR_SUCCESS ) {
599 24 : err = borrow_err;
600 24 : } else {
601 0 : err = FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
602 0 : }
603 24 : } else if( vm->segv_access_type==FD_VM_ACCESS_TYPE_LD ) {
604 0 : int borrow_err = FD_EXECUTOR_INSTR_SUCCESS;
605 0 : if( !fd_borrowed_account_can_data_be_changed( &instr_acc, &borrow_err ) || borrow_err != FD_EXECUTOR_INSTR_SUCCESS ) {
606 0 : err = FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
607 0 : } else {
608 0 : err = FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
609 0 : }
610 0 : } else {
611 0 : FD_LOG_CRIT(( "invariant violation: unsupported access type: %i", vm->segv_access_type ));
612 0 : }
613 :
614 24 : FD_VM_PREPARE_ERR_OVERWRITE( vm );
615 24 : FD_VM_ERR_FOR_LOG_INSTR( vm, err );
616 24 : return err;
617 24 : }
618 24 : }
619 24 : }
620 24 : }
621 :
622 : /* The error kind should have been set in the VM. Match it and set
623 : the error code accordingly. There are no direct permalinks here -
624 : this is all a result of Agave's complex nested error-code handling
625 : and our design decisions for making our error codes match. */
626 :
627 : /* Instr error case. Set the error kind and return the instruction error */
628 6 : if( instr_ctx->txn_out->err.exec_err_kind==FD_EXECUTOR_ERR_KIND_INSTR ) {
629 0 : err = instr_ctx->txn_out->err.exec_err;
630 0 : FD_VM_PREPARE_ERR_OVERWRITE( vm );
631 0 : FD_VM_ERR_FOR_LOG_INSTR( vm, err );
632 0 : return err;
633 0 : }
634 :
635 : /* Syscall error case. The VM would have also set the syscall error
636 : code in the txn_ctx exec_err. */
637 6 : if( instr_ctx->txn_out->err.exec_err_kind==FD_EXECUTOR_ERR_KIND_SYSCALL ) {
638 0 : err = instr_ctx->txn_out->err.exec_err;
639 0 : FD_VM_PREPARE_ERR_OVERWRITE( vm );
640 0 : FD_VM_ERR_FOR_LOG_SYSCALL( vm, err );
641 0 : return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
642 0 : }
643 :
644 : /* An access violation that takes place inside a syscall will
645 : cause `exec_res` to be set to EbpfError::SyscallError,
646 : 'but the `txn_ctx->err.exec_err_kind` will be set to EBPF and
647 : `txn_ctx->err.exec_err` will be set to the EBPF error. In this
648 : specific case, there is nothing to do since the error and error
649 : kind area already set correctly. Otherwise, we need to log the
650 : EBPF error. */
651 6 : if( exec_err!=FD_VM_ERR_EBPF_SYSCALL_ERROR ) {
652 6 : FD_VM_PREPARE_ERR_OVERWRITE( vm );
653 6 : FD_VM_ERR_FOR_LOG_EBPF( vm, exec_err );
654 6 : }
655 :
656 6 : return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
657 6 : }
658 :
659 2373 : err = fd_bpf_loader_input_deserialize_parameters(
660 2373 : instr_ctx, pre_lens, input, input_sz, virtual_address_space_adjustments, direct_mapping, is_deprecated );
661 :
662 2373 : long const regime3 = fd_tickcount();
663 2373 : if( instr_ctx->instr->stack_height==1 ) {
664 0 : instr_ctx->runtime->metrics.vm_commit_cum_ticks += (ulong)( regime3-regime2 );
665 2373 : } else {
666 2373 : instr_ctx->runtime->metrics.cpi_commit_cum_ticks += (ulong)( regime3-regime2 );
667 2373 : }
668 :
669 2373 : return err;
670 2454 : }
671 :
672 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1358-L1539 */
673 : static int
674 : common_extend_program( fd_exec_instr_ctx_t * instr_ctx,
675 : uint additional_bytes,
676 0 : uchar check_authority ) {
677 0 : int err;
678 :
679 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1366 */
680 0 : fd_pubkey_t const * program_id = NULL;
681 0 : err = fd_exec_instr_ctx_get_last_program_key( instr_ctx, &program_id );
682 0 : if( FD_UNLIKELY( err ) ) {
683 0 : return err;
684 0 : }
685 :
686 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1368-L1370 */
687 0 : #define PROGRAM_DATA_ACCOUNT_INDEX (0)
688 0 : #define PROGRAM_ACCOUNT_INDEX (1)
689 0 : #define AUTHORITY_ACCOUNT_INDEX (2)
690 :
691 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1371-L1372 */
692 0 : uchar optional_payer_account_index = check_authority ? 4 : 3;
693 :
694 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1374-L1377 */
695 0 : if( FD_UNLIKELY( additional_bytes==0U ) ) {
696 0 : fd_log_collector_msg_literal( instr_ctx, "Additional bytes must be greater than 0" );
697 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
698 0 : }
699 :
700 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1379-L1381 */
701 0 : fd_guarded_borrowed_account_t programdata_account = {0};
702 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, PROGRAM_DATA_ACCOUNT_INDEX, &programdata_account );
703 0 : fd_pubkey_t const * programdata_key = (fd_pubkey_t*)programdata_account.acc->pubkey;
704 :
705 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1383-L1386 */
706 0 : if( FD_UNLIKELY( memcmp( program_id, fd_borrowed_account_get_owner( &programdata_account ), sizeof(fd_pubkey_t) ) ) ) {
707 0 : fd_log_collector_msg_literal( instr_ctx, "ProgramData owner is invalid" );
708 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
709 0 : }
710 :
711 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1387-L1390 */
712 0 : if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &programdata_account ) ) ) {
713 0 : fd_log_collector_msg_literal( instr_ctx, "ProgramData is not writable" );
714 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
715 0 : }
716 :
717 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1392-L1393 */
718 0 : fd_guarded_borrowed_account_t program_account = {0};
719 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, PROGRAM_ACCOUNT_INDEX, &program_account );
720 :
721 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1394-L1397 */
722 0 : if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program_account ) ) ) {
723 0 : fd_log_collector_msg_literal( instr_ctx, "Program account is not writable" );
724 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
725 0 : }
726 :
727 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1398-L1401 */
728 0 : if( FD_UNLIKELY( memcmp( program_id, fd_borrowed_account_get_owner( &program_account ), sizeof(fd_pubkey_t) ) ) ) {
729 0 : fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
730 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
731 0 : }
732 :
733 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1403-L1419 */
734 0 : fd_bpf_state_t program_state[1];
735 0 : err = fd_bpf_loader_program_get_state( program_account.acc, program_state );
736 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
737 0 : return err;
738 0 : }
739 :
740 0 : if( program_state->discriminant==FD_BPF_STATE_PROGRAM ) {
741 0 : if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
742 0 : fd_log_collector_msg_literal( instr_ctx, "ProgramData account does not match ProgramData account" );
743 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
744 0 : }
745 0 : } else {
746 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
747 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
748 0 : }
749 :
750 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1420 */
751 0 : fd_borrowed_account_drop( &program_account );
752 :
753 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1422-L1432 */
754 0 : ulong old_len = fd_borrowed_account_get_data_len( &programdata_account );
755 0 : ulong new_len = fd_ulong_sat_add( old_len, additional_bytes );
756 0 : if( FD_UNLIKELY( new_len>MAX_PERMITTED_DATA_LENGTH ) ) {
757 : /* Max msg_sz: 85 - 6 + 2*20 = 119 < 127 => we can use printf */
758 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx,
759 0 : "Extended ProgramData length of %lu bytes exceeds max account data length of %lu bytes", new_len, MAX_PERMITTED_DATA_LENGTH );
760 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
761 0 : }
762 :
763 : /* https://github.com/anza-xyz/agave/blob/v4.1.0-beta.1/programs/bpf_loader/src/lib.rs#L861-L883 */
764 0 : if( FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, loader_v3_minimum_extend_program_size ) ) {
765 0 : ulong headroom = fd_ulong_sat_sub( MAX_PERMITTED_DATA_LENGTH, old_len );
766 0 : if( FD_UNLIKELY( additional_bytes<MINIMUM_EXTEND_PROGRAM_BYTES && additional_bytes!=headroom ) ) {
767 : /* Max msg_sz: 113 - (3+2) + (5+10) = 123 < 127 => we can use printf */
768 0 : fd_log_collector_printf_dangerous_max_127(
769 0 : instr_ctx,
770 0 : "ExtendProgram requires a minimum of %lu additional bytes or to extend to maximum size, but only %u were requested",
771 0 : MINIMUM_EXTEND_PROGRAM_BYTES,
772 0 : additional_bytes
773 0 : );
774 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
775 0 : }
776 0 : }
777 :
778 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1434-L1437 */
779 0 : fd_sol_sysvar_clock_t clock[1];
780 0 : if( FD_UNLIKELY( !fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, clock ) ) ) {
781 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
782 0 : }
783 0 : ulong clock_slot = clock->slot;
784 :
785 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1439-L1478 */
786 0 : fd_pubkey_t * upgrade_authority_address = NULL;
787 0 : fd_bpf_state_t programdata_state[1];
788 0 : err = fd_bpf_loader_program_get_state( programdata_account.acc, programdata_state );
789 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
790 0 : return err;
791 0 : }
792 0 : if( programdata_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
793 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1444-L1447 */
794 0 : if( FD_UNLIKELY( clock_slot==programdata_state->inner.program_data.slot ) ) {
795 0 : fd_log_collector_msg_literal( instr_ctx, "Program was extended in this block already" );
796 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
797 0 : }
798 :
799 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1449-L1455 */
800 0 : if( FD_UNLIKELY( !programdata_state->inner.program_data.has_upgrade_authority_address ) ) {
801 0 : fd_log_collector_msg_literal( instr_ctx, "Cannot extend ProgramData accounts that are not upgradeable" );
802 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
803 0 : }
804 :
805 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1457-L1472 */
806 0 : if( check_authority ) {
807 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1458-L1463 */
808 0 : fd_pubkey_t const * authority_key = NULL;
809 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, AUTHORITY_ACCOUNT_INDEX, &authority_key );
810 0 : if( FD_UNLIKELY( err ) ) {
811 0 : return err;
812 0 : }
813 :
814 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1464-L1467 */
815 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &programdata_state->inner.program_data.upgrade_authority_address, authority_key ) ) ) {
816 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
817 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
818 0 : }
819 :
820 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1468-L1471 */
821 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, AUTHORITY_ACCOUNT_INDEX, &err ) ) ) {
822 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
823 0 : if( FD_UNLIKELY( !!err ) ) return err;
824 0 : fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
825 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
826 0 : }
827 0 : }
828 :
829 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1474 */
830 0 : fd_bpf_state_program_data_t * pd = &programdata_state->inner.program_data;
831 0 : upgrade_authority_address = pd->has_upgrade_authority_address ? &pd->upgrade_authority_address : NULL;
832 0 : } else {
833 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1476-L1477 */
834 0 : fd_log_collector_msg_literal( instr_ctx, "ProgramData state is invalid" );
835 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
836 0 : }
837 :
838 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1480-L1485 */
839 0 : fd_rent_t rent_;
840 0 : fd_rent_t const * rent = fd_sysvar_cache_rent_read( instr_ctx->sysvar_cache, &rent_ );
841 0 : if( FD_UNLIKELY( !rent ) ) {
842 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
843 0 : }
844 :
845 0 : ulong balance = fd_borrowed_account_get_lamports( &programdata_account );
846 0 : ulong min_balance = fd_ulong_max( fd_rent_exempt_minimum_balance( rent, new_len ), 1UL );
847 0 : ulong required_payment = fd_ulong_sat_sub( min_balance, balance );
848 :
849 : /* Borrowed accounts need to be dropped before native invocations. Note:
850 : the programdata account is manually released and acquired within the
851 : extend instruction to preserve the local variable scoping to maintain
852 : readability. The scoped macro still successfully handles the case of
853 : freeing a write lock in case of an early termination. */
854 :
855 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1488 */
856 0 : fd_borrowed_account_drop( &programdata_account );
857 :
858 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1492-L1502 */
859 0 : if( FD_UNLIKELY( required_payment>0UL ) ) {
860 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1493-L1496 */
861 0 : fd_pubkey_t const * payer_key = NULL;
862 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, optional_payer_account_index, &payer_key );
863 0 : if( FD_UNLIKELY( err ) ) {
864 0 : return err;
865 0 : }
866 :
867 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1498-L1501 */
868 0 : uchar instr_data[FD_TXN_MTU];
869 0 : fd_system_program_instruction_t instr = {
870 0 : .discriminant = FD_SYSTEM_PROGRAM_INSTR_TRANSFER,
871 0 : .inner = {
872 0 : .transfer = required_payment
873 0 : }
874 0 : };
875 :
876 0 : ulong instr_data_sz;
877 0 : int err = fd_system_program_instruction_encode( &instr, instr_data, FD_TXN_MTU, &instr_data_sz );
878 0 : if( FD_UNLIKELY( err ) ) {
879 0 : FD_LOG_CRIT(( "Failed to encode SystemInstruction with error %d", err ));
880 0 : }
881 :
882 0 : fd_vm_rust_account_meta_t acct_metas[ 2UL ];
883 0 : fd_native_cpi_create_account_meta( payer_key, 1UL, 1UL, &acct_metas[ 0UL ] );
884 0 : fd_native_cpi_create_account_meta( programdata_key, 0UL, 1UL, &acct_metas[ 1UL ] );
885 :
886 0 : err = fd_native_cpi_native_invoke( instr_ctx,
887 0 : &fd_solana_system_program_id,
888 0 : instr_data,
889 0 : instr_data_sz,
890 0 : acct_metas,
891 0 : 2UL,
892 0 : NULL,
893 0 : 0UL );
894 0 : if( FD_UNLIKELY( err ) ) {
895 0 : return err;
896 0 : }
897 0 : }
898 :
899 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1506-L1507 */
900 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, PROGRAM_DATA_ACCOUNT_INDEX, &programdata_account );
901 :
902 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1508 */
903 0 : err = fd_borrowed_account_set_data_length( &programdata_account, new_len );
904 0 : if( FD_UNLIKELY( err ) ) {
905 0 : return err;
906 0 : }
907 :
908 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1510 */
909 0 : ulong programdata_data_offset = PROGRAMDATA_METADATA_SIZE;
910 :
911 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1517-L1520 */
912 0 : if( FD_UNLIKELY( programdata_data_offset>fd_borrowed_account_get_data_len( &programdata_account ) ) ) {
913 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
914 0 : }
915 0 : uchar const * programdata_data = fd_borrowed_account_get_data( &programdata_account ) + programdata_data_offset;
916 0 : ulong programdata_size = new_len - PROGRAMDATA_METADATA_SIZE;
917 :
918 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1512-L1522 */
919 : /* SIMD-0500: extend_program is exempt from the deployment-version gate. */
920 0 : err = fd_deploy_program( instr_ctx, programdata_data, programdata_size, /* disable_sbpf_v0_v1_v2_deployment */ 0 );
921 0 : if( FD_UNLIKELY( err ) ) {
922 0 : return err;
923 0 : }
924 :
925 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1523 */
926 0 : fd_borrowed_account_drop( &programdata_account );
927 :
928 : /* Setting the discriminant and upgrade authority address here can likely
929 : be a no-op because these values shouldn't change. These can probably be
930 : removed, but can help to mirror against Agave client's implementation.
931 : The set_state function also contains an ownership check. */
932 :
933 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1525-L1526 */
934 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata_account );
935 :
936 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1527-L1530 */
937 0 : programdata_state->discriminant = FD_BPF_STATE_PROGRAM_DATA;
938 0 : programdata_state->inner.program_data.slot = clock_slot;
939 0 : programdata_state->inner.program_data.has_upgrade_authority_address = !!upgrade_authority_address;
940 0 : if( upgrade_authority_address ) programdata_state->inner.program_data.upgrade_authority_address = *upgrade_authority_address;
941 :
942 0 : err = fd_bpf_loader_v3_program_set_state( &programdata_account, programdata_state );
943 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
944 0 : return err;
945 0 : }
946 :
947 : /* Max msg_sz: 41 - 2 + 20 = 57 < 127 => we can use printf
948 : https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1532-L1536 */
949 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx,
950 0 : "Extended ProgramData account by %u bytes", additional_bytes );
951 :
952 : /* programdata account is dropped when it goes out of scope */
953 :
954 0 : return FD_EXECUTOR_INSTR_SUCCESS;
955 :
956 0 : #undef PROGRAM_DATA_ACCOUNT_INDEX
957 0 : #undef PROGRAM_ACCOUNT_INDEX
958 0 : #undef AUTHORITY_ACCOUNT_INDEX
959 0 : }
960 :
961 : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L566-L1444 */
962 : static int
963 6 : process_loader_upgradeable_instruction( fd_exec_instr_ctx_t * instr_ctx ) {
964 6 : fd_bpf_instruction_t instruction[1] = {0};
965 6 : if( FD_UNLIKELY( fd_bpf_instruction_decode(
966 6 : instruction,
967 6 : instr_ctx->instr->data,
968 6 : fd_ulong_min( instr_ctx->instr->data_sz, FD_TXN_MTU ) ) ) ) {
969 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
970 0 : }
971 : /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L510 */
972 6 : fd_pubkey_t const * program_id = NULL;
973 6 : int err = fd_exec_instr_ctx_get_last_program_key( instr_ctx, &program_id );
974 6 : if( FD_UNLIKELY( err ) ) {
975 0 : return err;
976 0 : }
977 :
978 6 : switch( instruction->discriminant ) {
979 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L476-L493 */
980 0 : case FD_BPF_INSTR_INITIALIZE_BUFFER: {
981 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
982 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
983 0 : }
984 :
985 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L479 */
986 0 : fd_guarded_borrowed_account_t buffer = {0};
987 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &buffer );
988 :
989 0 : fd_bpf_state_t buffer_state[1];
990 0 : err = fd_bpf_loader_program_get_state( buffer.acc, buffer_state );
991 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
992 0 : return err;
993 0 : }
994 :
995 0 : if( FD_UNLIKELY( buffer_state->discriminant!=FD_BPF_STATE_UNINITIALIZED ) ) {
996 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer account already initialized" );
997 0 : return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
998 0 : }
999 :
1000 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L487-L489 */
1001 0 : fd_pubkey_t const * authority_key = NULL;
1002 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &authority_key );
1003 0 : if( FD_UNLIKELY( err ) ) {
1004 0 : return err;
1005 0 : }
1006 :
1007 0 : buffer_state->discriminant = FD_BPF_STATE_BUFFER;
1008 0 : buffer_state->inner.buffer.has_authority_address = 1;
1009 0 : buffer_state->inner.buffer.authority_address = *authority_key;
1010 :
1011 0 : err = fd_bpf_loader_v3_program_set_state( &buffer, buffer_state );
1012 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1013 0 : return err;
1014 0 : }
1015 :
1016 : /* implicit drop of buffer account */
1017 :
1018 0 : break;
1019 0 : }
1020 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L494-L525 */
1021 0 : case FD_BPF_INSTR_WRITE: {
1022 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
1023 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1024 0 : }
1025 :
1026 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L497 */
1027 0 : fd_guarded_borrowed_account_t buffer = {0};
1028 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &buffer );
1029 :
1030 0 : fd_bpf_state_t loader_state[1];
1031 0 : err = fd_bpf_loader_program_get_state( buffer.acc, loader_state );
1032 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1033 0 : return err;
1034 0 : }
1035 :
1036 0 : if( loader_state->discriminant==FD_BPF_STATE_BUFFER ) {
1037 0 : if( FD_UNLIKELY( !loader_state->inner.buffer.has_authority_address ) ) {
1038 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
1039 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
1040 0 : }
1041 :
1042 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L505-L507 */
1043 0 : fd_pubkey_t const * authority_key = NULL;
1044 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &authority_key );
1045 0 : if( FD_UNLIKELY( err ) ) {
1046 0 : return err;
1047 0 : }
1048 :
1049 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &loader_state->inner.buffer.authority_address, authority_key ) ) ) {
1050 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
1051 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1052 0 : }
1053 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &err ) ) ) {
1054 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1055 0 : if( FD_UNLIKELY( !!err ) ) return err;
1056 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
1057 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1058 0 : }
1059 0 : } else {
1060 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
1061 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
1062 0 : }
1063 :
1064 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L520 */
1065 0 : fd_borrowed_account_drop( &buffer );
1066 :
1067 0 : ulong program_data_offset = fd_ulong_sat_add( BUFFER_METADATA_SIZE, instruction->inner.write.offset );
1068 0 : err = write_program_data( instr_ctx,
1069 0 : 0UL,
1070 0 : program_data_offset,
1071 0 : instruction->inner.write.bytes,
1072 0 : instruction->inner.write.bytes_len );
1073 0 : if( FD_UNLIKELY( err ) ) {
1074 0 : return err;
1075 0 : }
1076 :
1077 0 : break;
1078 0 : }
1079 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L526-L702 */
1080 0 : case FD_BPF_INSTR_DEPLOY_WITH_MAX_DATA_LEN: {
1081 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L527-L541 */
1082 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 4U ) ) ) {
1083 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1084 0 : }
1085 :
1086 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L529-L534 */
1087 0 : fd_pubkey_t const * payer_key = NULL;
1088 0 : fd_pubkey_t const * programdata_key = NULL;
1089 :
1090 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &payer_key );
1091 0 : if( FD_UNLIKELY( err ) ) {
1092 0 : return err;
1093 0 : }
1094 :
1095 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &programdata_key );
1096 0 : if( FD_UNLIKELY( err ) ) {
1097 0 : return err;
1098 0 : }
1099 :
1100 0 : err = fd_sysvar_instr_acct_check( instr_ctx, 4UL, &fd_sysvar_rent_id );
1101 0 : if( FD_UNLIKELY( err ) ) {
1102 0 : return err;
1103 0 : }
1104 :
1105 0 : fd_rent_t rent_;
1106 0 : fd_rent_t const * rent = fd_sysvar_cache_rent_read( instr_ctx->sysvar_cache, &rent_ );
1107 0 : if( FD_UNLIKELY( !rent ) ) {
1108 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
1109 0 : }
1110 :
1111 0 : err = fd_sysvar_instr_acct_check( instr_ctx, 5UL, &fd_sysvar_clock_id );
1112 0 : if( FD_UNLIKELY( err ) ) {
1113 0 : return err;
1114 0 : }
1115 :
1116 0 : fd_sol_sysvar_clock_t clock_;
1117 0 : fd_sol_sysvar_clock_t const * clock = fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, &clock_ );
1118 0 : if( FD_UNLIKELY( !clock ) ) {
1119 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
1120 0 : }
1121 :
1122 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L538 */
1123 0 : if( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 8U ) ) {
1124 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1125 0 : }
1126 :
1127 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L539-L541 */
1128 0 : fd_pubkey_t const * authority_key = NULL;
1129 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 7UL, &authority_key );
1130 0 : if( FD_UNLIKELY( err ) ) return err;
1131 :
1132 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L542-L560 */
1133 : /* Verify Program account */
1134 0 : fd_pubkey_t const * new_program_id = NULL;
1135 :
1136 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L545 */
1137 0 : fd_guarded_borrowed_account_t program = {0};
1138 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &program );
1139 :
1140 0 : fd_bpf_state_t loader_state[1];
1141 0 : int err = fd_bpf_loader_program_get_state( program.acc, loader_state );
1142 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1143 0 : return err;
1144 0 : }
1145 0 : if( FD_UNLIKELY( loader_state->discriminant!=FD_BPF_STATE_UNINITIALIZED ) ) {
1146 0 : fd_log_collector_msg_literal( instr_ctx, "Program account already initialized" );
1147 0 : return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
1148 0 : }
1149 0 : if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &program )<SIZE_OF_PROGRAM ) ) {
1150 0 : fd_log_collector_msg_literal( instr_ctx, "Program account too small" );
1151 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1152 0 : }
1153 0 : if( FD_UNLIKELY( fd_borrowed_account_get_lamports( &program )<
1154 0 : fd_rent_exempt_minimum_balance( rent, fd_borrowed_account_get_data_len( &program ) ) ) ) {
1155 0 : fd_log_collector_msg_literal( instr_ctx, "Program account not rent-exempt" );
1156 0 : return FD_EXECUTOR_INSTR_ERR_EXECUTABLE_ACCOUNT_NOT_RENT_EXEMPT;
1157 0 : }
1158 0 : new_program_id = (fd_pubkey_t*)program.acc->pubkey;
1159 :
1160 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L560 */
1161 0 : fd_borrowed_account_drop( &program );
1162 :
1163 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L561-L600 */
1164 : /* Verify Buffer account */
1165 :
1166 0 : fd_pubkey_t const* buffer_key = NULL;
1167 0 : ulong buffer_data_offset = 0UL;
1168 0 : ulong buffer_data_len = 0UL;
1169 0 : ulong programdata_len = 0UL;
1170 :
1171 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L564-L565 */
1172 0 : fd_guarded_borrowed_account_t buffer = {0};
1173 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
1174 :
1175 0 : fd_bpf_state_t buffer_state[1];
1176 0 : err = fd_bpf_loader_program_get_state( buffer.acc, buffer_state );
1177 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1178 0 : return err;
1179 0 : }
1180 :
1181 0 : if( buffer_state->discriminant==FD_BPF_STATE_BUFFER ) {
1182 0 : if( FD_UNLIKELY( (authority_key==NULL) != (!buffer_state->inner.buffer.has_authority_address) ||
1183 0 : (authority_key!=NULL && !fd_pubkey_eq( &buffer_state->inner.buffer.authority_address, authority_key ) ) ) ) {
1184 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer and upgrade authority don't match" );
1185 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1186 0 : }
1187 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 7UL, &err ) ) ) {
1188 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1189 0 : if( FD_UNLIKELY( !!err ) ) return err;
1190 0 : fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
1191 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1192 0 : }
1193 0 : } else {
1194 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
1195 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1196 0 : }
1197 0 : buffer_key = (fd_pubkey_t*)buffer.acc->pubkey;
1198 0 : buffer_data_offset = BUFFER_METADATA_SIZE;
1199 0 : buffer_data_len = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &buffer ), buffer_data_offset );
1200 : /* UpgradeableLoaderState::size_of_program_data( max_data_len ) */
1201 0 : programdata_len = fd_ulong_sat_add( PROGRAMDATA_METADATA_SIZE,
1202 0 : instruction->inner.deploy_with_max_data_len.max_data_len );
1203 :
1204 0 : if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &buffer )<BUFFER_METADATA_SIZE || buffer_data_len==0UL ) ) {
1205 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer account too small" );
1206 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
1207 0 : }
1208 :
1209 0 : if( FD_UNLIKELY( instruction->inner.deploy_with_max_data_len.max_data_len<buffer_data_len ) ) {
1210 0 : fd_log_collector_msg_literal( instr_ctx, "Max data length is too small to hold Buffer data" );
1211 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1212 0 : }
1213 :
1214 0 : if( FD_UNLIKELY( programdata_len>MAX_PERMITTED_DATA_LENGTH ) ) {
1215 0 : fd_log_collector_msg_literal( instr_ctx, "Max data length is too large" );
1216 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1217 0 : }
1218 :
1219 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L590 */
1220 0 : fd_borrowed_account_drop( &buffer );
1221 :
1222 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L602-L608 */
1223 : /* Create ProgramData account */
1224 :
1225 0 : fd_pubkey_t derived_address[ 1UL ];
1226 0 : uchar const * seeds[ 1UL ];
1227 0 : seeds[ 0UL ] = (uchar const *)new_program_id;
1228 0 : ulong seed_sz = sizeof(fd_pubkey_t);
1229 0 : uchar bump_seed = 0;
1230 0 : err = fd_pubkey_find_program_address( program_id, 1UL, seeds, &seed_sz, derived_address,
1231 0 : &bump_seed, &instr_ctx->txn_out->err.custom_err );
1232 0 : if( FD_UNLIKELY( err ) ) {
1233 : /* TODO: We should handle these errors more gracefully instead of just killing the client (e.g. excluding the transaction
1234 : from the block). */
1235 0 : FD_LOG_ERR(( "Unable to find a viable program address bump seed" )); // Solana panics, error code is undefined
1236 0 : return err;
1237 0 : }
1238 0 : if( FD_UNLIKELY( memcmp( derived_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
1239 0 : fd_log_collector_msg_literal( instr_ctx, "ProgramData address is not derived" );
1240 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1241 0 : }
1242 :
1243 : /* Drain the Buffer account to payer before paying for programdata account in a local scope
1244 : https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L612-L628 */
1245 :
1246 0 : do {
1247 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L615 */
1248 0 : fd_guarded_borrowed_account_t payer = {0};
1249 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &payer );
1250 :
1251 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L613 */
1252 0 : fd_guarded_borrowed_account_t buffer = {0};
1253 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
1254 :
1255 0 : err = fd_borrowed_account_checked_add_lamports( &payer, fd_borrowed_account_get_lamports( &buffer ) );
1256 0 : if( FD_UNLIKELY( err ) ) {
1257 0 : return err;
1258 0 : }
1259 0 : err = fd_borrowed_account_set_lamports( &buffer, 0UL );
1260 0 : if( FD_UNLIKELY( err ) ) {
1261 0 : return err;
1262 0 : }
1263 0 : } while (0);
1264 :
1265 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L628-L642 */
1266 : /* Pass an extra account to avoid the overly strict unbalanced instruction error */
1267 : /* Invoke the system program to create the new account */
1268 0 : uchar instr_data[FD_TXN_MTU];
1269 0 : create_account_t create_acct = {
1270 0 : .lamports = fd_rent_exempt_minimum_balance( rent, programdata_len ),
1271 0 : .space = programdata_len,
1272 0 : .owner = *program_id,
1273 0 : };
1274 0 : if( !create_acct.lamports ) {
1275 0 : create_acct.lamports = 1UL;
1276 0 : }
1277 :
1278 0 : fd_system_program_instruction_t instr = {
1279 0 : .discriminant = FD_SYSTEM_PROGRAM_INSTR_CREATE_ACCOUNT,
1280 0 : .inner = {
1281 0 : .create_account = create_acct,
1282 0 : }
1283 0 : };
1284 :
1285 0 : ulong instr_data_sz;
1286 0 : err = fd_system_program_instruction_encode( &instr, instr_data, FD_TXN_MTU, &instr_data_sz );
1287 0 : if( FD_UNLIKELY( err ) ) {
1288 0 : FD_LOG_CRIT(( "Failed to encode SystemInstruction with error %d", err ));
1289 0 : }
1290 :
1291 0 : fd_vm_rust_account_meta_t acct_metas[ 3UL ];
1292 0 : fd_native_cpi_create_account_meta( payer_key, 1U, 1U, &acct_metas[ 0UL ] );
1293 0 : fd_native_cpi_create_account_meta( programdata_key, 1U, 1U, &acct_metas[ 1UL ] );
1294 0 : fd_native_cpi_create_account_meta( buffer_key, 0U, 1U, &acct_metas[ 2UL ] );
1295 :
1296 : /* caller_program_id == program_id */
1297 0 : fd_pubkey_t signers[ 1UL ];
1298 0 : err = fd_pubkey_derive_pda( program_id, 1UL, seeds, &seed_sz, &bump_seed, signers, &instr_ctx->txn_out->err.custom_err );
1299 0 : if( FD_UNLIKELY( err ) ) {
1300 0 : return err;
1301 0 : }
1302 0 : err = fd_native_cpi_native_invoke( instr_ctx,
1303 0 : &fd_solana_system_program_id,
1304 0 : instr_data,
1305 0 : instr_data_sz,
1306 0 : acct_metas,
1307 0 : 3UL,
1308 0 : signers,
1309 0 : 1UL );
1310 0 : if( FD_UNLIKELY( err ) ) {
1311 0 : return err;
1312 0 : }
1313 :
1314 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L644-L665 */
1315 : /* Load and verify the program bits */
1316 :
1317 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L648-L649 */
1318 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
1319 :
1320 0 : if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
1321 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1322 0 : }
1323 :
1324 0 : const uchar * buffer_data = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
1325 :
1326 0 : err = fd_deploy_program( instr_ctx, buffer_data, buffer_data_len,
1327 0 : FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, disable_sbpf_v0_v1_v2_deployment ) );
1328 0 : if( FD_UNLIKELY( err ) ) {
1329 0 : return err;
1330 0 : }
1331 :
1332 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L657 */
1333 0 : fd_borrowed_account_drop( &buffer );
1334 :
1335 : /* Update the ProgramData account and record the program bits in a local scope
1336 : https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L669-L691 */
1337 0 : do {
1338 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L670-L671 */
1339 0 : fd_guarded_borrowed_account_t programdata = {0};
1340 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &programdata );
1341 :
1342 0 : fd_bpf_state_t programdata_loader_state = {
1343 0 : .discriminant = FD_BPF_STATE_PROGRAM_DATA,
1344 0 : .inner.program_data = {
1345 0 : .slot = clock->slot,
1346 0 : .has_upgrade_authority_address = !!authority_key,
1347 0 : .upgrade_authority_address = authority_key ? *authority_key : (fd_pubkey_t){{0}},
1348 0 : },
1349 0 : };
1350 0 : err = fd_bpf_loader_v3_program_set_state( &programdata, &programdata_loader_state );
1351 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1352 0 : return err;
1353 0 : }
1354 :
1355 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L675-L689 */
1356 0 : if( FD_UNLIKELY( PROGRAMDATA_METADATA_SIZE+buffer_data_len>fd_borrowed_account_get_data_len( &programdata ) ) ) {
1357 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1358 0 : }
1359 :
1360 0 : uchar * programdata_data = NULL;
1361 0 : ulong programdata_dlen = 0UL;
1362 0 : err = fd_borrowed_account_get_data_mut( &programdata, &programdata_data, &programdata_dlen );
1363 0 : if( FD_UNLIKELY( err ) ) {
1364 0 : return err;
1365 0 : }
1366 :
1367 0 : uchar * dst_slice = programdata_data + PROGRAMDATA_METADATA_SIZE;
1368 0 : ulong dst_slice_len = buffer_data_len;
1369 :
1370 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L683-L684 */
1371 0 : fd_guarded_borrowed_account_t buffer = {0};
1372 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
1373 :
1374 0 : if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
1375 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1376 0 : }
1377 0 : const uchar * src_slice = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
1378 0 : fd_memcpy( dst_slice, src_slice, dst_slice_len );
1379 : /* Update buffer data length.
1380 : BUFFER_METADATA_SIZE == UpgradeableLoaderState::size_of_buffer(0) */
1381 0 : err = fd_borrowed_account_set_data_length( &buffer, BUFFER_METADATA_SIZE );
1382 0 : if( FD_UNLIKELY( err ) ) {
1383 0 : return err;
1384 0 : }
1385 0 : } while(0);
1386 :
1387 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L692-L699 */
1388 :
1389 : /* Update the Program account
1390 : https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L694-L695 */
1391 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &program );
1392 :
1393 0 : loader_state->discriminant = FD_BPF_STATE_PROGRAM;
1394 0 : loader_state->inner.program.programdata_address = *programdata_key;
1395 0 : err = fd_bpf_loader_v3_program_set_state( &program, loader_state );
1396 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1397 0 : return err;
1398 0 : }
1399 0 : err = fd_borrowed_account_set_executable( &program, 1 );
1400 0 : if( FD_UNLIKELY( err ) ) {
1401 0 : return err;
1402 0 : }
1403 :
1404 0 : FD_BASE58_ENCODE_32_BYTES( program.acc->pubkey, program_b58 );
1405 0 : FD_LOG_INFO(( "Program deployed %s", program_b58 ));
1406 :
1407 : /* Max msg_sz: 19 - 2 + 45 = 62 < 127 => we can use printf */
1408 0 : FD_BASE58_ENCODE_32_BYTES( program_id->uc, program_id_b58 );
1409 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "Deployed program %s", program_id_b58 );
1410 :
1411 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L700 */
1412 0 : fd_borrowed_account_drop( &program );
1413 :
1414 0 : break;
1415 0 : }
1416 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L703-L891 */
1417 0 : case FD_BPF_INSTR_UPGRADE: {
1418 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L704-L714 */
1419 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
1420 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1421 0 : }
1422 :
1423 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L706-L708 */
1424 0 : fd_pubkey_t const * programdata_key = NULL;
1425 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &programdata_key );
1426 0 : if( FD_UNLIKELY( err ) ) {
1427 0 : return err;
1428 0 : }
1429 :
1430 : /* rent is accessed directly from the epoch bank and the clock from the
1431 : slot context. However, a check must be done to make sure that the
1432 : sysvars are correctly included in the set of transaction accounts. */
1433 0 : err = fd_sysvar_instr_acct_check( instr_ctx, 4UL, &fd_sysvar_rent_id );
1434 0 : if( FD_UNLIKELY( err ) ) {
1435 0 : return err;
1436 0 : }
1437 :
1438 0 : fd_rent_t rent_;
1439 0 : fd_rent_t const * rent = fd_sysvar_cache_rent_read( instr_ctx->sysvar_cache, &rent_ );
1440 0 : if( FD_UNLIKELY( !rent ) ) {
1441 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
1442 0 : }
1443 :
1444 0 : err = fd_sysvar_instr_acct_check( instr_ctx, 5UL, &fd_sysvar_clock_id );
1445 0 : if( FD_UNLIKELY( err ) ) {
1446 0 : return err;
1447 0 : }
1448 :
1449 0 : fd_sol_sysvar_clock_t clock_;
1450 0 : fd_sol_sysvar_clock_t const * clock = fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, &clock_ );
1451 0 : if( FD_UNLIKELY( !clock ) ) {
1452 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
1453 0 : }
1454 :
1455 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 7U ) ) ) {
1456 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1457 0 : }
1458 :
1459 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L713-L715 */
1460 0 : fd_pubkey_t const * authority_key = NULL;
1461 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 6UL, &authority_key );
1462 0 : if( FD_UNLIKELY( err ) ) return err;
1463 :
1464 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L716-L745 */
1465 : /* Verify Program account */
1466 :
1467 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L719-L720 */
1468 0 : fd_guarded_borrowed_account_t program = {0};
1469 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &program );
1470 :
1471 0 : if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program ) ) ) {
1472 0 : fd_log_collector_msg_literal( instr_ctx, "Program account not writeable" );
1473 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1474 0 : }
1475 0 : if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program ), program_id, sizeof(fd_pubkey_t) ) ) ) {
1476 0 : fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
1477 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
1478 0 : }
1479 0 : fd_bpf_state_t program_state[1];
1480 0 : err = fd_bpf_loader_program_get_state( program.acc, program_state );
1481 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1482 0 : return err;
1483 0 : }
1484 0 : if( FD_UNLIKELY( program_state->discriminant==FD_BPF_STATE_PROGRAM ) ) {
1485 0 : if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
1486 0 : fd_log_collector_msg_literal( instr_ctx, "Program and ProgramData account mismatch" );
1487 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1488 0 : }
1489 0 : } else {
1490 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
1491 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
1492 0 : }
1493 :
1494 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L746 */
1495 0 : fd_pubkey_t new_program_id = *(fd_pubkey_t*)program.acc->pubkey;
1496 0 : fd_borrowed_account_drop( &program );
1497 :
1498 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L747-L773 */
1499 : /* Verify Buffer account */
1500 :
1501 0 : ulong buffer_lamports = 0UL;
1502 0 : ulong buffer_data_offset = 0UL;
1503 0 : ulong buffer_data_len = 0UL;
1504 :
1505 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L750-L751 */
1506 0 : fd_guarded_borrowed_account_t buffer = {0};
1507 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
1508 :
1509 0 : fd_bpf_state_t buffer_state[1];
1510 0 : err = fd_bpf_loader_program_get_state( buffer.acc, buffer_state );
1511 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1512 0 : return err;
1513 0 : }
1514 0 : if( buffer_state->discriminant==FD_BPF_STATE_BUFFER ) {
1515 0 : if( FD_UNLIKELY( (authority_key==NULL) != (!buffer_state->inner.buffer.has_authority_address) ||
1516 0 : (authority_key!=NULL && !fd_pubkey_eq( &buffer_state->inner.buffer.authority_address, authority_key ) ) ) ) {
1517 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer and upgrade authority don't match" );
1518 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1519 0 : }
1520 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 6UL, &err ) ) ) {
1521 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1522 0 : if( FD_UNLIKELY( !!err ) ) return err;
1523 0 : fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
1524 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1525 0 : }
1526 0 : } else {
1527 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
1528 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1529 0 : }
1530 0 : buffer_lamports = fd_borrowed_account_get_lamports( &buffer );
1531 0 : buffer_data_offset = BUFFER_METADATA_SIZE;
1532 0 : buffer_data_len = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &buffer ), buffer_data_offset );
1533 0 : if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &buffer )<BUFFER_METADATA_SIZE || buffer_data_len==0UL ) ) {
1534 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer account too small" );
1535 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
1536 0 : }
1537 :
1538 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L774 */
1539 0 : fd_borrowed_account_drop( &buffer );
1540 :
1541 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L775-L823 */
1542 : /* Verify ProgramData account */
1543 :
1544 0 : ulong programdata_data_offset = PROGRAMDATA_METADATA_SIZE;
1545 0 : ulong programdata_balance_required = 0UL;
1546 :
1547 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L778-L779 */
1548 0 : fd_guarded_borrowed_account_t programdata = {0};
1549 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
1550 :
1551 0 : programdata_balance_required = fd_ulong_max( 1UL, fd_rent_exempt_minimum_balance( rent, fd_borrowed_account_get_data_len( &programdata ) ) );
1552 :
1553 0 : if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &programdata )<fd_ulong_sat_add( PROGRAMDATA_METADATA_SIZE, buffer_data_len ) ) ) {
1554 0 : fd_log_collector_msg_literal( instr_ctx, "ProgramData account not large enough" );
1555 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1556 0 : }
1557 0 : if( FD_UNLIKELY( fd_ulong_sat_add( fd_borrowed_account_get_lamports( &programdata ), buffer_lamports )<programdata_balance_required ) ) {
1558 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer account balance too low to fund upgrade" );
1559 0 : return FD_EXECUTOR_INSTR_ERR_INSUFFICIENT_FUNDS;
1560 0 : }
1561 :
1562 0 : fd_bpf_state_t programdata_state[1];
1563 0 : err = fd_bpf_loader_program_get_state( programdata.acc, programdata_state );
1564 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1565 0 : return err;
1566 0 : }
1567 :
1568 0 : if( programdata_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
1569 0 : if( FD_UNLIKELY( clock->slot==programdata_state->inner.program_data.slot ) ) {
1570 0 : fd_log_collector_msg_literal( instr_ctx, "Program was deployed in this block already" );
1571 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1572 0 : }
1573 0 : if( FD_UNLIKELY( !programdata_state->inner.program_data.has_upgrade_authority_address ) ) {
1574 0 : fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
1575 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
1576 0 : }
1577 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &programdata_state->inner.program_data.upgrade_authority_address, authority_key ) ) ) {
1578 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
1579 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1580 0 : }
1581 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 6UL, &err ) ) ) {
1582 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1583 0 : if( FD_UNLIKELY( !!err ) ) return err;
1584 0 : fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
1585 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1586 0 : }
1587 0 : } else {
1588 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid ProgramData account" );
1589 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
1590 0 : }
1591 :
1592 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L824 */
1593 0 : fd_borrowed_account_drop( &programdata );
1594 :
1595 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L825-L845 */
1596 : /* Load and verify the program bits */
1597 :
1598 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L827-L828 */
1599 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
1600 :
1601 0 : if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
1602 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1603 0 : }
1604 :
1605 0 : const uchar * buffer_data = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
1606 0 : err = fd_deploy_program( instr_ctx, buffer_data, buffer_data_len,
1607 0 : FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, disable_sbpf_v0_v1_v2_deployment ) );
1608 0 : if( FD_UNLIKELY( err ) ) {
1609 0 : return err;
1610 0 : }
1611 :
1612 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L836 */
1613 0 : fd_borrowed_account_drop( &buffer );
1614 :
1615 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L849-L850 */
1616 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
1617 :
1618 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L846-L874 */
1619 : /* Update the ProgramData account, record the upgraded data, and zero the rest in a local scope */
1620 0 : do {
1621 0 : programdata_state->discriminant = FD_BPF_STATE_PROGRAM_DATA;
1622 0 : programdata_state->inner.program_data.slot = clock->slot;
1623 0 : programdata_state->inner.program_data.has_upgrade_authority_address = 1;
1624 0 : programdata_state->inner.program_data.upgrade_authority_address = *authority_key;
1625 0 : err = fd_bpf_loader_v3_program_set_state( &programdata, programdata_state );
1626 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1627 0 : return err;
1628 0 : }
1629 :
1630 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L846-L875 */
1631 : /* We want to copy over the data and zero out the rest */
1632 0 : if( FD_UNLIKELY( programdata_data_offset+buffer_data_len>fd_borrowed_account_get_data_len( &programdata ) ) ) {
1633 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1634 0 : }
1635 :
1636 0 : uchar * programdata_data = NULL;
1637 0 : ulong programdata_dlen = 0UL;
1638 0 : err = fd_borrowed_account_get_data_mut( &programdata, &programdata_data, &programdata_dlen );
1639 0 : if( FD_UNLIKELY( err ) ) {
1640 0 : return err;
1641 0 : }
1642 0 : uchar * dst_slice = programdata_data + programdata_data_offset;
1643 0 : ulong dst_slice_len = buffer_data_len;
1644 :
1645 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L863-L864 */
1646 0 : fd_guarded_borrowed_account_t buffer = {0};
1647 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
1648 :
1649 0 : if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ){
1650 0 : return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
1651 0 : }
1652 :
1653 0 : const uchar * src_slice = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
1654 0 : fd_memcpy( dst_slice, src_slice, dst_slice_len );
1655 0 : fd_memset( dst_slice + dst_slice_len, 0, fd_borrowed_account_get_data_len( &programdata ) - programdata_data_offset - dst_slice_len );
1656 :
1657 : /* implicit drop of buffer */
1658 0 : } while (0);
1659 :
1660 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L876-L891 */
1661 : /* Fund ProgramData to rent-exemption, spill the rest */
1662 :
1663 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L878-L879 */
1664 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
1665 :
1666 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L880-L881 */
1667 0 : fd_guarded_borrowed_account_t spill = {0};
1668 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &spill );
1669 :
1670 0 : ulong spill_addend = fd_ulong_sat_sub( fd_ulong_sat_add( fd_borrowed_account_get_lamports( &programdata ), buffer_lamports ),
1671 0 : programdata_balance_required );
1672 0 : err = fd_borrowed_account_checked_add_lamports( &spill, spill_addend );
1673 0 : if( FD_UNLIKELY( err ) ) {
1674 0 : return err;
1675 0 : }
1676 0 : err = fd_borrowed_account_set_lamports( &buffer, 0UL );
1677 0 : if( FD_UNLIKELY( err ) ) {
1678 0 : return err;
1679 0 : }
1680 0 : err = fd_borrowed_account_set_lamports( &programdata, programdata_balance_required );
1681 0 : if( FD_UNLIKELY( err ) ) {
1682 0 : return err;
1683 0 : }
1684 :
1685 : /* Buffer account set_data_length */
1686 0 : err = fd_borrowed_account_set_data_length( &buffer, BUFFER_METADATA_SIZE );
1687 0 : if( FD_UNLIKELY( err ) ) {
1688 0 : return err;
1689 0 : }
1690 :
1691 : /* buffer is dropped when it goes out of scope */
1692 : /* spill is dropped when it goes out of scope */
1693 : /* programdata is dropped when it goes out of scope */
1694 :
1695 : /* Max msg_sz: 19 - 2 + 45 = 62 < 127 => we can use printf */
1696 0 : FD_BASE58_ENCODE_32_BYTES( new_program_id.uc, program_id_b58 );
1697 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "Upgraded program %s", program_id_b58 );
1698 :
1699 0 : break;
1700 0 : }
1701 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L893-L957 */
1702 0 : case FD_BPF_INSTR_SET_AUTHORITY: {
1703 0 : int err;
1704 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
1705 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1706 0 : }
1707 :
1708 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L896-L897 */
1709 0 : fd_guarded_borrowed_account_t account = {0};
1710 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &account );
1711 :
1712 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L898-L900 */
1713 0 : fd_pubkey_t const * present_authority_key = NULL;
1714 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &present_authority_key );
1715 0 : if( FD_UNLIKELY( err ) ) {
1716 0 : return err;
1717 0 : }
1718 :
1719 : /* Don't check the error here because the new_authority key is allowed to be NULL until further checks.
1720 : https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L901-L906 */
1721 0 : fd_pubkey_t const * new_authority = NULL;
1722 0 : fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &new_authority );
1723 :
1724 0 : fd_bpf_state_t account_state[1];
1725 0 : err = fd_bpf_loader_program_get_state( account.acc, account_state );
1726 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1727 0 : return err;
1728 0 : }
1729 :
1730 0 : if( account_state->discriminant==FD_BPF_STATE_BUFFER ) {
1731 0 : if( FD_UNLIKELY( !new_authority ) ) {
1732 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer authority is not optional" );
1733 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1734 0 : }
1735 0 : if( FD_UNLIKELY( !account_state->inner.buffer.has_authority_address ) ) {
1736 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
1737 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
1738 0 : }
1739 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.buffer.authority_address, present_authority_key ) ) ) {
1740 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
1741 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1742 0 : }
1743 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &err ) ) ) {
1744 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1745 0 : if( FD_UNLIKELY( !!err ) ) return err;
1746 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
1747 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1748 0 : }
1749 :
1750 : /* copy in the authority public key into the authority address.
1751 : https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L926-L928 */
1752 0 : account_state->inner.buffer.has_authority_address = !!new_authority;
1753 0 : if( new_authority ) {
1754 0 : account_state->inner.buffer.authority_address = *new_authority;
1755 0 : }
1756 :
1757 0 : err = fd_bpf_loader_v3_program_set_state( &account, account_state );
1758 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1759 0 : return err;
1760 0 : }
1761 0 : } else if( account_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
1762 0 : if( FD_UNLIKELY( !account_state->inner.program_data.has_upgrade_authority_address ) ) {
1763 0 : fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
1764 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
1765 0 : }
1766 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.program_data.upgrade_authority_address, present_authority_key ) ) ) {
1767 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
1768 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1769 0 : }
1770 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &err ) ) ) {
1771 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1772 0 : if( FD_UNLIKELY( !!err ) ) return err;
1773 0 : fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
1774 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1775 0 : }
1776 :
1777 : /* SIMD-0500: forbid finalize (SetAuthority None) on programs
1778 : that are not at least SBPF v3. */
1779 0 : if( !new_authority ) {
1780 0 : int rc = fd_bpf_loader_finalize_v3_check(
1781 0 : FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, disable_sbpf_v0_v1_v2_deployment ),
1782 0 : fd_borrowed_account_get_data ( &account ),
1783 0 : fd_borrowed_account_get_data_len( &account ) );
1784 0 : if( FD_UNLIKELY( rc!=FD_EXECUTOR_INSTR_SUCCESS ) ) return rc;
1785 0 : }
1786 :
1787 : /* copy in the authority public key into the upgrade authority address.
1788 : https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L946-L949 */
1789 0 : account_state->inner.program_data.has_upgrade_authority_address = !!new_authority;
1790 0 : if( new_authority ) {
1791 0 : account_state->inner.program_data.upgrade_authority_address = *new_authority;
1792 0 : }
1793 :
1794 0 : err = fd_bpf_loader_v3_program_set_state( &account, account_state );
1795 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1796 0 : return err;
1797 0 : }
1798 0 : } else {
1799 0 : fd_log_collector_msg_literal( instr_ctx, "Account does not support authorities" );
1800 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1801 0 : }
1802 :
1803 : /* Max msg_sz: 16 - 2 + 45 = 59 < 127 => we can use printf */
1804 0 : if( new_authority ) {
1805 0 : FD_BASE58_ENCODE_32_BYTES( new_authority->uc, new_authority_b58 );
1806 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority Some(%s)", new_authority_b58 );
1807 0 : } else {
1808 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority None" );
1809 0 : }
1810 :
1811 : /* implicit drop of account */
1812 :
1813 0 : break;
1814 0 : }
1815 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L958-L1030 */
1816 0 : case FD_BPF_INSTR_SET_AUTHORITY_CHECKED: {
1817 0 : int err;
1818 0 : if( !FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, enable_bpf_loader_set_authority_checked_ix ) ) {
1819 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
1820 0 : }
1821 :
1822 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
1823 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1824 0 : }
1825 :
1826 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L968-L969 */
1827 0 : fd_guarded_borrowed_account_t account = {0};
1828 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &account );
1829 :
1830 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L970-L975 */
1831 0 : fd_pubkey_t const * present_authority_key = NULL;
1832 0 : fd_pubkey_t const * new_authority_key = NULL;
1833 :
1834 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &present_authority_key );
1835 0 : if( FD_UNLIKELY( err ) ) return err;
1836 :
1837 0 : err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &new_authority_key );
1838 0 : if( FD_UNLIKELY( err ) ) return err;
1839 :
1840 0 : fd_bpf_state_t account_state[1];
1841 0 : err = fd_bpf_loader_program_get_state( account.acc, account_state );
1842 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1843 0 : return err;
1844 0 : }
1845 :
1846 0 : if( account_state->discriminant==FD_BPF_STATE_BUFFER ) {
1847 0 : if( FD_UNLIKELY( !account_state->inner.buffer.has_authority_address ) ) {
1848 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
1849 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
1850 0 : }
1851 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.buffer.authority_address, present_authority_key ) ) ) {
1852 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
1853 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1854 0 : }
1855 0 : int instr_err_code = 0;
1856 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &instr_err_code ) ) ) {
1857 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1858 0 : if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
1859 0 : fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
1860 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1861 0 : }
1862 0 : instr_err_code = 0;
1863 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL, &instr_err_code ) ) ) {
1864 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1865 0 : if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
1866 0 : fd_log_collector_msg_literal( instr_ctx, "New authority did not sign" );
1867 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1868 0 : }
1869 0 : account_state->inner.buffer.has_authority_address = 1;
1870 0 : account_state->inner.buffer.authority_address = *new_authority_key;
1871 0 : err = fd_bpf_loader_v3_program_set_state( &account, account_state );
1872 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1873 0 : return err;
1874 0 : }
1875 0 : } else if( account_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
1876 0 : if( FD_UNLIKELY( !account_state->inner.program_data.has_upgrade_authority_address ) ) {
1877 0 : fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
1878 0 : return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
1879 0 : }
1880 0 : if( FD_UNLIKELY( !fd_pubkey_eq( &account_state->inner.program_data.upgrade_authority_address, present_authority_key ) ) ) {
1881 0 : fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
1882 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
1883 0 : }
1884 0 : int instr_err_code = 0;
1885 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL, &instr_err_code ) ) ) {
1886 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1887 0 : if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
1888 0 : fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
1889 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1890 0 : }
1891 0 : instr_err_code = 0;
1892 0 : if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL, &instr_err_code ) ) ) {
1893 : /* https://github.com/anza-xyz/agave/blob/v3.0.3/transaction-context/src/lib.rs#L789 */
1894 0 : if( FD_UNLIKELY( !!instr_err_code ) ) return instr_err_code;
1895 0 : fd_log_collector_msg_literal( instr_ctx, "New authority did not sign" );
1896 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
1897 0 : }
1898 0 : account_state->inner.program_data.has_upgrade_authority_address = 1;
1899 0 : account_state->inner.program_data.upgrade_authority_address = *new_authority_key;
1900 0 : err = fd_bpf_loader_v3_program_set_state( &account, account_state );
1901 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1902 0 : return err;
1903 0 : }
1904 0 : } else {
1905 0 : fd_log_collector_msg_literal( instr_ctx, "Account does not support authorities" );
1906 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1907 0 : }
1908 :
1909 : /* Max msg_sz: 16 - 2 + 45 = 59 < 127 => we can use printf */
1910 0 : FD_BASE58_ENCODE_32_BYTES( new_authority_key->uc, new_authority_b58 );
1911 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority %s", new_authority_b58 );
1912 :
1913 : /* implicit drop of account */
1914 :
1915 0 : break;
1916 0 : }
1917 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1031-L1134 */
1918 6 : case FD_BPF_INSTR_CLOSE: {
1919 6 : int err;
1920 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1032-L1046 */
1921 6 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
1922 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1923 0 : }
1924 :
1925 : /* It's safe to directly access the instruction accounts because we already checked for two
1926 : instruction accounts previously.
1927 : https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1034-L1035 */
1928 6 : if( FD_UNLIKELY( instr_ctx->instr->accounts[ 0UL ].index_in_transaction ==
1929 6 : instr_ctx->instr->accounts[ 1UL ].index_in_transaction ) ) {
1930 0 : fd_log_collector_msg_literal( instr_ctx, "Recipient is the same as the account being closed" );
1931 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
1932 0 : }
1933 :
1934 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1043-L1044 */
1935 6 : fd_guarded_borrowed_account_t close_account = {0};
1936 6 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &close_account );
1937 :
1938 6 : fd_pubkey_t const * close_key = (fd_pubkey_t*)close_account.acc->pubkey;
1939 6 : fd_bpf_state_t close_account_state[1];
1940 6 : err = fd_bpf_loader_program_get_state( close_account.acc, close_account_state );
1941 6 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
1942 0 : return err;
1943 0 : }
1944 : /* Close account set data length */
1945 6 : err = fd_borrowed_account_set_data_length( &close_account, SIZE_OF_UNINITIALIZED );
1946 6 : if( FD_UNLIKELY( err ) ) {
1947 0 : return err;
1948 0 : }
1949 :
1950 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1049-L1056 */
1951 6 : if( close_account_state->discriminant==FD_BPF_STATE_UNINITIALIZED ) {
1952 :
1953 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1050-L1051 */
1954 6 : fd_guarded_borrowed_account_t recipient_account = {0};
1955 6 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &recipient_account );
1956 :
1957 6 : err = fd_borrowed_account_checked_add_lamports( &recipient_account, fd_borrowed_account_get_lamports( &close_account ) );
1958 6 : if( FD_UNLIKELY( err ) ) {
1959 0 : return err;
1960 0 : }
1961 6 : err = fd_borrowed_account_set_lamports( &close_account, 0UL );
1962 6 : if( FD_UNLIKELY( err ) ) {
1963 0 : return err;
1964 0 : }
1965 : /* Max msg_sz: 23 - 2 + 45 = 66 < 127 => we can use printf */
1966 6 : FD_BASE58_ENCODE_32_BYTES( close_key->uc, close_key_b58 );
1967 6 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "Closed Uninitialized %s", close_key_b58 );
1968 :
1969 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1057-L1068 */
1970 6 : } else if( close_account_state->discriminant==FD_BPF_STATE_BUFFER ) {
1971 :
1972 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1059 */
1973 0 : fd_borrowed_account_drop( &close_account );
1974 :
1975 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
1976 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1977 0 : }
1978 :
1979 0 : fd_bpf_state_buffer_t * state_buf = &close_account_state->inner.buffer;
1980 0 : err = common_close_account(
1981 0 : state_buf->has_authority_address ? &state_buf->authority_address : NULL,
1982 0 : instr_ctx,
1983 0 : close_account_state );
1984 0 : if( FD_UNLIKELY( err ) ) return err;
1985 :
1986 : /* Max msg_sz: 16 - 2 + 45 = 63 < 127 => we can use printf */
1987 0 : FD_BASE58_ENCODE_32_BYTES( close_key->uc, close_key_b58 );
1988 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "Closed Buffer %s", close_key_b58 );
1989 :
1990 : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1069-L1129 */
1991 0 : } else if( close_account_state->discriminant==FD_BPF_STATE_PROGRAM_DATA ) {
1992 0 : int err;
1993 0 : if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 4U ) ) ) {
1994 0 : return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
1995 0 : }
1996 :
1997 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1074 */
1998 0 : fd_borrowed_account_drop( &close_account );
1999 :
2000 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1075-L1076 */
2001 0 : fd_guarded_borrowed_account_t program_account = {0};
2002 0 : FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK(instr_ctx, 3UL, &program_account );
2003 :
2004 0 : if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program_account ) ) ) {
2005 0 : fd_log_collector_msg_literal( instr_ctx, "Program account is not writable" );
2006 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
2007 0 : }
2008 0 : if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program_account ), program_id, sizeof(fd_pubkey_t) ) ) ) {
2009 0 : fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
2010 0 : return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
2011 0 : }
2012 0 : fd_sol_sysvar_clock_t clock_;
2013 0 : fd_sol_sysvar_clock_t const * clock = fd_sysvar_cache_clock_read( instr_ctx->sysvar_cache, &clock_ );
2014 0 : if( FD_UNLIKELY( !clock ) ) {
2015 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
2016 0 : }
2017 0 : if( FD_UNLIKELY( clock->slot==close_account_state->inner.program_data.slot ) ) {
2018 0 : fd_log_collector_msg_literal( instr_ctx,"Program was deployed in this block already" );
2019 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
2020 0 : }
2021 :
2022 0 : fd_bpf_state_t program_state[1];
2023 0 : err = fd_bpf_loader_program_get_state( program_account.acc, program_state );
2024 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
2025 0 : return err;
2026 0 : }
2027 :
2028 0 : if( program_state->discriminant==FD_BPF_STATE_PROGRAM ) {
2029 0 : if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, close_key, sizeof(fd_pubkey_t) ) ) ) {
2030 0 : fd_log_collector_msg_literal( instr_ctx,"ProgramData account does not match ProgramData account" );
2031 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
2032 0 : }
2033 :
2034 : /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1105 */
2035 0 : fd_borrowed_account_drop( &program_account );
2036 :
2037 0 : fd_bpf_state_program_data_t * pd = &close_account_state->inner.program_data;
2038 0 : err = common_close_account(
2039 0 : pd->has_upgrade_authority_address ? &pd->upgrade_authority_address : NULL,
2040 0 : instr_ctx,
2041 0 : close_account_state );
2042 0 : if( FD_UNLIKELY( err ) ) return err;
2043 :
2044 : /* The Agave client updates the account state upon closing an account
2045 : in their loaded program cache. Checking for a program can be
2046 : checked by checking to see if the programdata account's loader state
2047 : is unitialized. The firedancer implementation also removes closed
2048 : accounts from the loaded program cache at the end of a slot. Closed
2049 : accounts are not checked from the cache, instead the account state
2050 : is looked up. */
2051 :
2052 0 : } else {
2053 0 : fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
2054 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
2055 0 : }
2056 :
2057 : /* Max msg_sz: 17 - 2 + 45 = 60 < 127 => we can use printf */
2058 0 : FD_BASE58_ENCODE_32_BYTES( program_account.acc->pubkey, program_account_b58 );
2059 0 : fd_log_collector_printf_dangerous_max_127( instr_ctx, "Closed Program %s", program_account_b58 );
2060 :
2061 : /* program account is dropped when it goes out of scope */
2062 0 : } else {
2063 0 : fd_log_collector_msg_literal( instr_ctx, "Account does not support closing" );
2064 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
2065 0 : }
2066 :
2067 : /* implicit drop of close account */
2068 6 : break;
2069 6 : }
2070 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1158-L1170 */
2071 6 : case FD_BPF_INSTR_EXTEND_PROGRAM: {
2072 0 : err = common_extend_program( instr_ctx, instruction->inner.extend_program.additional_bytes, 0 );
2073 0 : if( FD_UNLIKELY( err ) ) {
2074 0 : return err;
2075 0 : }
2076 :
2077 0 : break;
2078 0 : }
2079 : /* https://github.com/anza-xyz/agave/blob/v2.3.1/programs/bpf_loader/src/lib.rs#L1171-L1179 */
2080 0 : case FD_BPF_INSTR_EXTEND_PROGRAM_CHECKED: {
2081 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
2082 0 : }
2083 : /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1338-L1508 */
2084 0 : case FD_BPF_INSTR_MIGRATE: {
2085 : /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1339-L1344 */
2086 0 : if( FD_UNLIKELY( !FD_FEATURE_ACTIVE_BANK( instr_ctx->bank, enable_loader_v4 ) ) ) {
2087 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
2088 0 : }
2089 :
2090 : /* TODO: Implement me */
2091 0 : FD_LOG_WARNING(( "migrate instruction is not implemented" ));
2092 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
2093 0 : }
2094 0 : default: {
2095 0 : return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
2096 0 : }
2097 6 : }
2098 6 : return FD_EXECUTOR_INSTR_SUCCESS;
2099 6 : }
2100 :
2101 : /* process_instruction_inner() */
2102 : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L394-L564 */
2103 : int
2104 2460 : fd_bpf_loader_program_execute( fd_exec_instr_ctx_t * ctx ) {
2105 : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L491-L529 */
2106 :
2107 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L403-L404 */
2108 2460 : fd_guarded_borrowed_account_t program_account = {0};
2109 2460 : int err = fd_exec_instr_ctx_try_borrow_last_program_account( ctx, &program_account );
2110 2460 : if( FD_UNLIKELY( err ) ) {
2111 0 : return err;
2112 0 : }
2113 :
2114 : /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L409 */
2115 2460 : fd_pubkey_t const * program_id = NULL;
2116 2460 : err = fd_exec_instr_ctx_get_last_program_key( ctx, &program_id );
2117 2460 : if( FD_UNLIKELY( err ) ) {
2118 0 : return err;
2119 0 : }
2120 :
2121 : /* Program management instruction */
2122 2460 : if( FD_UNLIKELY( !memcmp( &fd_solana_native_loader_id, fd_borrowed_account_get_owner( &program_account ), sizeof(fd_pubkey_t) ) ) ) {
2123 : /* https://github.com/anza-xyz/agave/blob/v2.2.3/programs/bpf_loader/src/lib.rs#L416 */
2124 6 : fd_borrowed_account_drop( &program_account );
2125 :
2126 6 : if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_upgradeable_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
2127 6 : FD_EXEC_CU_UPDATE( ctx, UPGRADEABLE_LOADER_COMPUTE_UNITS );
2128 6 : return process_loader_upgradeable_instruction( ctx );
2129 6 : } else if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
2130 0 : FD_EXEC_CU_UPDATE( ctx, DEFAULT_LOADER_COMPUTE_UNITS );
2131 0 : fd_log_collector_msg_literal( ctx, "BPF loader management instructions are no longer supported" );
2132 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2133 0 : } else if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_deprecated_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
2134 0 : FD_EXEC_CU_UPDATE( ctx, DEPRECATED_LOADER_COMPUTE_UNITS );
2135 0 : fd_log_collector_msg_literal( ctx, "Deprecated loader is no longer supported" );
2136 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2137 0 : } else {
2138 0 : fd_log_collector_msg_literal( ctx, "Invalid BPF loader id" );
2139 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2140 0 : }
2141 6 : }
2142 :
2143 : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L551-L563 */
2144 : /* The Agave client stores a loaded program type state in its implementation
2145 : of the loaded program cache. It checks to see if an account is able to be
2146 : executed. It is possible for a program to be in the DelayVisibility state or
2147 : Closed state but it won't be reflected in the Firedancer cache. Program
2148 : accounts that are in this state should exit with an invalid account data
2149 : error. For programs that are recently deployed or upgraded, they should not
2150 : be allowed to be executed for the remainder of the slot. For closed
2151 : accounts, they're uninitialized and shouldn't be executed as well.
2152 :
2153 : For the former case the slot that the
2154 : program was last updated in is in the program data account.
2155 : This means that if the slot in the program data account is greater than or
2156 : equal to the current execution slot, then the account is in a
2157 : 'LoadedProgramType::DelayVisiblity' state.
2158 :
2159 : The latter case as described above is a tombstone account which is in a Closed
2160 : state. This occurs when a program data account is closed. However, our cache
2161 : does not track this. Instead, this can be checked for by seeing if the program
2162 : account's respective program data account is uninitialized. This should only
2163 : happen when the account is closed.
2164 :
2165 : Every error that comes out of this block is mapped to an InvalidAccountData instruction error in Agave. */
2166 :
2167 2454 : uchar is_deprecated = !memcmp( program_account.acc->owner, &fd_solana_bpf_loader_deprecated_program_id, sizeof(fd_pubkey_t) );
2168 :
2169 2454 : fd_acc_t const * progdata_ro = program_account.acc;
2170 2454 : if( !memcmp( program_account.acc->owner, &fd_solana_bpf_loader_upgradeable_program_id, sizeof(fd_pubkey_t) ) ) {
2171 0 : fd_bpf_state_t program_account_state[1];
2172 0 : err = fd_bpf_loader_program_get_state( program_account.acc, program_account_state );
2173 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
2174 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2175 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2176 0 : }
2177 :
2178 : /* https://github.com/anza-xyz/agave/blob/v2.0.9/svm/src/program_loader.rs#L96-L98
2179 : Program account and program data account discriminants get checked when loading in program accounts
2180 : into the program cache. If the discriminants are incorrect, the program is marked as closed. */
2181 0 : if( FD_UNLIKELY( program_account_state->discriminant!=FD_BPF_STATE_PROGRAM ) ) {
2182 : /* https://github.com/anza-xyz/agave/tree/v3.0.5/programs/bpf_loader/src/lib.rs#L424-L433
2183 : Agave's program cache will add any non-migrating built-ins as built-in
2184 : accounts, even though they might be owned by the BPF loader. In these
2185 : cases, Agave does not log this message. Meanwhile, non-migrating
2186 : built-in programs do not use the BPF loader, by definition. */
2187 0 : if( !fd_is_non_migrating_builtin_program( program_id ) ) {
2188 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2189 0 : }
2190 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2191 0 : }
2192 :
2193 0 : fd_pubkey_t * programdata_pubkey = &program_account_state->inner.program.programdata_address;
2194 0 : progdata_ro = fd_runtime_get_executable_account( ctx->txn_out, programdata_pubkey );
2195 0 : if( FD_UNLIKELY( !progdata_ro ) ) {
2196 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2197 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2198 0 : }
2199 :
2200 0 : if( FD_UNLIKELY( progdata_ro->data_len<PROGRAMDATA_METADATA_SIZE ) ) {
2201 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2202 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2203 0 : }
2204 :
2205 0 : fd_bpf_state_t program_data_account_state[1];
2206 0 : err = fd_bpf_loader_program_get_state( progdata_ro, program_data_account_state );
2207 0 : if( FD_UNLIKELY( err!=FD_EXECUTOR_INSTR_SUCCESS ) ) {
2208 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2209 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2210 0 : }
2211 :
2212 : /* https://github.com/anza-xyz/agave/blob/v2.0.9/svm/src/program_loader.rs#L100-L104
2213 : Same as above comment. Program data discriminant must be set correctly. */
2214 0 : if( FD_UNLIKELY( program_data_account_state->discriminant!=FD_BPF_STATE_PROGRAM_DATA ) ) {
2215 : /* The account is closed. */
2216 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2217 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2218 0 : }
2219 :
2220 0 : ulong program_data_slot = program_data_account_state->inner.program_data.slot;
2221 0 : if( FD_UNLIKELY( program_data_slot>=ctx->bank->f.slot ) ) {
2222 : /* The account was likely just deployed or upgraded. Corresponds to
2223 : 'LoadedProgramType::DelayVisibility' */
2224 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2225 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2226 0 : }
2227 0 : }
2228 :
2229 2454 : fd_prog_load_env_t load_env[1]; fd_prog_load_env_from_bank( load_env, ctx->bank );
2230 2454 : fd_progcache_t * progcache = ctx->runtime->progcache;
2231 2454 : fd_progcache_rec_t * cache_entry =
2232 2454 : fd_progcache_pull( progcache, ctx->bank->progcache_fork_id, program_id, load_env, progdata_ro );
2233 2454 : if( FD_UNLIKELY( !cache_entry ) ) {
2234 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2235 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2236 0 : }
2237 :
2238 : /* The program may be in the cache but could have failed verification in the current epoch. */
2239 2454 : if( FD_UNLIKELY( !cache_entry->data_gaddr ) ) {
2240 0 : fd_progcache_rec_close( progcache, cache_entry );
2241 0 : fd_log_collector_msg_literal( ctx, "Program is not deployed" );
2242 0 : return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
2243 0 : }
2244 :
2245 : /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L446 */
2246 2454 : fd_borrowed_account_drop( &program_account );
2247 :
2248 2454 : int exec_err = fd_bpf_execute( ctx, cache_entry, is_deprecated );
2249 2454 : fd_progcache_rec_close( progcache, cache_entry );
2250 2454 : return exec_err;
2251 2454 : }
|