LCOV - code coverage report
Current view: top level - flamenco/runtime/program - fd_bpf_loader_program.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 3 1734 0.2 %
Date: 2025-07-01 05:00:49 Functions: 1 14 7.1 %

          Line data    Source code
       1             : #include "fd_bpf_loader_program.h"
       2             : 
       3             : /* For additional context see https://solana.com/docs/programs/deploying#state-accounts */
       4             : 
       5             : #include "../fd_pubkey_utils.h"
       6             : #include "../../../ballet/base58/fd_base58.h"
       7             : #include "../../../ballet/sbpf/fd_sbpf_loader.h"
       8             : #include "../sysvar/fd_sysvar_clock.h"
       9             : #include "../sysvar/fd_sysvar_rent.h"
      10             : #include "../../vm/syscall/fd_vm_syscall.h"
      11             : #include "../../vm/fd_vm.h"
      12             : #include "../fd_executor.h"
      13             : #include "fd_bpf_loader_serialization.h"
      14             : #include "fd_native_cpi.h"
      15             : #include "../fd_borrowed_account.h"
      16             : 
      17             : #include <stdlib.h>
      18             : 
      19             : static char * trace_buf;
      20             : 
      21           9 : static void __attribute__((constructor)) make_buf(void) {
      22           9 :   trace_buf = (char*)malloc(256*1024);
      23           9 : }
      24             : 
      25           0 : static void __attribute__((destructor)) free_buf(void) {
      26           0 :   free(trace_buf);
      27           0 : }
      28             : 
      29             : /* https://github.com/anza-xyz/agave/blob/ced98f1ebe73f7e9691308afa757323003ff744f/sdk/program/src/program_error.rs#L290-L335 */
      30             : static inline int
      31             : program_error_to_instr_error( ulong  err,
      32           0 :                               uint * custom_err ) {
      33           0 :   switch( err ) {
      34           0 :     case CUSTOM_ZERO:
      35           0 :       *custom_err = 0;
      36           0 :       return FD_EXECUTOR_INSTR_ERR_CUSTOM_ERR;
      37           0 :     case INVALID_ARGUMENT:
      38           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
      39           0 :     case INVALID_INSTRUCTION_DATA:
      40           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
      41           0 :     case INVALID_ACCOUNT_DATA:
      42           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
      43           0 :     case ACCOUNT_DATA_TOO_SMALL:
      44           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
      45           0 :     case INSUFFICIENT_FUNDS:
      46           0 :       return FD_EXECUTOR_INSTR_ERR_INSUFFICIENT_FUNDS;
      47           0 :     case INCORRECT_PROGRAM_ID:
      48           0 :       return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
      49           0 :     case MISSING_REQUIRED_SIGNATURES:
      50           0 :       return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
      51           0 :     case ACCOUNT_ALREADY_INITIALIZED:
      52           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
      53           0 :     case UNINITIALIZED_ACCOUNT:
      54           0 :       return FD_EXECUTOR_INSTR_ERR_UNINITIALIZED_ACCOUNT;
      55           0 :     case NOT_ENOUGH_ACCOUNT_KEYS:
      56           0 :       return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
      57           0 :     case ACCOUNT_BORROW_FAILED:
      58           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_BORROW_FAILED;
      59           0 :     case MAX_SEED_LENGTH_EXCEEDED:
      60           0 :       return FD_EXECUTOR_INSTR_ERR_MAX_SEED_LENGTH_EXCEEDED;
      61           0 :     case INVALID_SEEDS:
      62           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_SEEDS;
      63           0 :     case BORSH_IO_ERROR:
      64           0 :       return FD_EXECUTOR_INSTR_ERR_BORSH_IO_ERROR;
      65           0 :     case ACCOUNT_NOT_RENT_EXEMPT:
      66           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_NOT_RENT_EXEMPT;
      67           0 :     case UNSUPPORTED_SYSVAR:
      68           0 :       return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
      69           0 :     case ILLEGAL_OWNER:
      70           0 :       return FD_EXECUTOR_INSTR_ERR_ILLEGAL_OWNER;
      71           0 :     case MAX_ACCOUNTS_DATA_ALLOCATIONS_EXCEEDED:
      72           0 :       return FD_EXECUTOR_INSTR_ERR_MAX_ACCS_DATA_ALLOCS_EXCEEDED;
      73           0 :     case INVALID_ACCOUNT_DATA_REALLOC:
      74           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
      75           0 :     case MAX_INSTRUCTION_TRACE_LENGTH_EXCEEDED:
      76           0 :       return FD_EXECUTOR_INSTR_ERR_MAX_INSN_TRACE_LENS_EXCEEDED;
      77           0 :     case BUILTIN_PROGRAMS_MUST_CONSUME_COMPUTE_UNITS:
      78           0 :       return FD_EXECUTOR_INSTR_ERR_BUILTINS_MUST_CONSUME_CUS;
      79           0 :     case INVALID_ACCOUNT_OWNER:
      80           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
      81           0 :     case ARITHMETIC_OVERFLOW:
      82           0 :       return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW;
      83           0 :     case IMMUTABLE:
      84           0 :       return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
      85           0 :     case INCORRECT_AUTHORITY:
      86           0 :       return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
      87           0 :     default:
      88           0 :       if( err>>BUILTIN_BIT_SHIFT == 0 ) {
      89           0 :         *custom_err = (uint)err;
      90           0 :         return FD_EXECUTOR_INSTR_ERR_CUSTOM_ERR;
      91           0 :       }
      92           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ERR;
      93           0 :   }
      94           0 : }
      95             : 
      96             : /* TODO: This can be combined with the other bpf loader state decode function */
      97             : fd_bpf_upgradeable_loader_state_t *
      98             : read_bpf_upgradeable_loader_state_for_program( fd_exec_txn_ctx_t *                 txn_ctx,
      99             :                                                ushort                              program_id,
     100           0 :                                                int *                               opt_err ) {
     101           0 :   fd_txn_account_t * rec = NULL;
     102           0 :   int err = fd_exec_txn_ctx_get_account_at_index( txn_ctx,
     103           0 :                                                   program_id,
     104           0 :                                                   &rec,
     105           0 :                                                   fd_txn_account_check_exists );
     106           0 :   if( FD_UNLIKELY( err ) ) {
     107           0 :     *opt_err = err;
     108           0 :     return NULL;
     109           0 :   }
     110             : 
     111           0 :   fd_bpf_upgradeable_loader_state_t * res = fd_bincode_decode_spad(
     112           0 :       bpf_upgradeable_loader_state,
     113           0 :       txn_ctx->spad,
     114           0 :       rec->vt->get_data( rec ),
     115           0 :       rec->vt->get_data_len( rec ),
     116           0 :       &err );
     117           0 :   if( FD_UNLIKELY( err ) ) {
     118           0 :     *opt_err = FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     119           0 :     return NULL;
     120           0 :   }
     121           0 :   return res;
     122           0 : }
     123             : 
     124             : /* https://github.com/anza-xyz/agave/blob/9b22f28104ec5fd606e4bb39442a7600b38bb671/programs/bpf_loader/src/lib.rs#L216-L229 */
     125             : static ulong
     126           0 : calculate_heap_cost( ulong heap_size, ulong heap_cost ) {
     127           0 :   #define KIBIBYTE_MUL_PAGES       (1024UL * 32UL)
     128           0 :   #define KIBIBYTE_MUL_PAGES_SUB_1 (KIBIBYTE_MUL_PAGES - 1UL)
     129             : 
     130           0 :   heap_size = fd_ulong_sat_add( heap_size, KIBIBYTE_MUL_PAGES_SUB_1 );
     131             : 
     132           0 :   heap_size = fd_ulong_sat_mul( fd_ulong_sat_sub( heap_size / KIBIBYTE_MUL_PAGES, 1UL ), heap_cost );
     133           0 :   return heap_size;
     134             : 
     135           0 :   #undef KIBIBYTE_MUL_PAGES
     136           0 :   #undef KIBIBYTE_MUL_PAGES_SUB_1
     137           0 : }
     138             : 
     139             : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L105-L171
     140             : 
     141             :    Our arguments to deploy_program are different from the Agave version because
     142             :    we handle the caching of deployed programs differently. In Firedancer we
     143             :    lack the concept of ProgramCacheEntryType entirely.
     144             :    https://github.com/anza-xyz/agave/blob/114d94a25e9631f9bf6349c4b833d7900ef1fb1c/program-runtime/src/loaded_programs.rs#L158
     145             : 
     146             :    In Agave there is a separate caching structure that is used to store the
     147             :    deployed programs. In Firedancer the deployed, validated program is stored as
     148             :   metadata for the account in the funk record.
     149             : 
     150             :    See https://github.com/firedancer-io/firedancer/blob/9c1df680b3f38bebb0597e089766ec58f3b41e85/src/flamenco/runtime/program/fd_bpf_loader_v3_program.c#L1640
     151             :    for how we handle the concept of 'LoadedProgramType::DelayVisibility' in Firedancer.
     152             : 
     153             :    As a concrete example, our version of deploy_program does not have the
     154             :    'account_size' argument because we do not update the funk record here.
     155             : 
     156             :    The spad used for allocations can be either scoped to the executor or the
     157             :    runtime depending on where it is called from. If a program is deployed from
     158             :    the v3 contract, then the executor spad should be used. */
     159             : int
     160             : fd_deploy_program( fd_exec_instr_ctx_t * instr_ctx,
     161             :                    uchar const *         programdata,
     162             :                    ulong                 programdata_size,
     163           0 :                    fd_spad_t *           spad ) {
     164           0 :   int deploy_mode    = 1;
     165           0 :   int direct_mapping = FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, bpf_account_data_direct_mapping );
     166           0 :   fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_new( fd_spad_alloc( spad,
     167           0 :                                                                        fd_sbpf_syscalls_align(),
     168           0 :                                                                        fd_sbpf_syscalls_footprint() ) );
     169           0 :   if( FD_UNLIKELY( !syscalls ) ) {
     170             :     //TODO: full log including err
     171           0 :     fd_log_collector_msg_literal( instr_ctx, "Failed to register syscalls" );
     172           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     173           0 :   }
     174             : 
     175           0 :   fd_vm_syscall_register_slot( syscalls,
     176           0 :                                instr_ctx->txn_ctx->slot,
     177           0 :                                &instr_ctx->txn_ctx->features,
     178           0 :                                1 );
     179             : 
     180             :   /* Load executable */
     181           0 :   fd_sbpf_elf_info_t  _elf_info[ 1UL ];
     182           0 :   uint min_sbpf_version, max_sbpf_version;
     183           0 :   fd_bpf_get_sbpf_versions( &min_sbpf_version,
     184           0 :                             &max_sbpf_version,
     185           0 :                             instr_ctx->txn_ctx->slot,
     186           0 :                             &instr_ctx->txn_ctx->features );
     187           0 :   fd_sbpf_elf_info_t * elf_info = fd_sbpf_elf_peek( _elf_info, programdata, programdata_size, deploy_mode, min_sbpf_version, max_sbpf_version );
     188           0 :   if( FD_UNLIKELY( !elf_info ) ) {
     189             :     //TODO: actual log, this is a custom Firedancer msg
     190           0 :     fd_log_collector_msg_literal( instr_ctx, "Failed to load or verify Elf" );
     191           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     192           0 :   }
     193             : 
     194             :   /* Allocate rodata segment */
     195           0 :   void * rodata = fd_spad_alloc( spad, FD_SBPF_PROG_RODATA_ALIGN, elf_info->rodata_footprint );
     196           0 :   if( FD_UNLIKELY( !rodata ) ) {
     197           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     198           0 :   }
     199             : 
     200             :   /* Allocate program buffer */
     201           0 :   ulong  prog_align        = fd_sbpf_program_align();
     202           0 :   ulong  prog_footprint    = fd_sbpf_program_footprint( elf_info );
     203           0 :   fd_sbpf_program_t * prog = fd_sbpf_program_new( fd_spad_alloc( spad, prog_align, prog_footprint ), elf_info, rodata );
     204           0 :   if( FD_UNLIKELY( !prog ) ) {
     205           0 :     FD_LOG_ERR(( "fd_sbpf_program_new() failed: %s", fd_sbpf_strerror() ));
     206           0 :   }
     207             : 
     208             :   /* Load program */
     209           0 :   int err = fd_sbpf_program_load( prog, programdata, programdata_size, syscalls, deploy_mode );
     210           0 :   if( FD_UNLIKELY( err ) ) {
     211           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     212           0 :   }
     213             : 
     214             :   /* Validate the program */
     215           0 :   fd_vm_t _vm[ 1UL ];
     216           0 :   fd_vm_t * vm = fd_vm_join( fd_vm_new( _vm ) );
     217             : 
     218           0 :   vm = fd_vm_init(
     219           0 :     /* vm                 */ vm,
     220           0 :     /* instr_ctx          */ instr_ctx,
     221           0 :     /* heap_max           */ instr_ctx->txn_ctx->heap_size,
     222           0 :     /* entry_cu           */ instr_ctx->txn_ctx->compute_meter,
     223           0 :     /* rodata             */ prog->rodata,
     224           0 :     /* rodata_sz          */ prog->rodata_sz,
     225           0 :     /* text               */ prog->text,
     226           0 :     /* text_cnt           */ prog->text_cnt,
     227           0 :     /* text_off           */ prog->text_off, /* FIXME: What if text_off is not multiple of 8 */
     228           0 :     /* text_sz            */ prog->text_sz,
     229           0 :     /* entry_pc           */ prog->entry_pc,
     230           0 :     /* calldests          */ prog->calldests,
     231           0 :     /* sbpf_version       */ elf_info->sbpf_version,
     232           0 :     /* syscalls           */ syscalls,
     233             :     /* trace              */ NULL,
     234             :     /* sha                */ NULL,
     235             :     /* mem_regions        */ NULL,
     236           0 :     /* mem_regions_cnt    */ 0,
     237             :     /* mem_region_accs    */ NULL,
     238           0 :     /* is_deprecated      */ 0,
     239           0 :     /* direct mapping     */ direct_mapping,
     240           0 :     /* dump_syscall_to_pb */ 0 );
     241           0 :   if ( FD_UNLIKELY( vm == NULL ) ) {
     242           0 :     FD_LOG_WARNING(( "NULL vm" ));
     243           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     244           0 :   }
     245             : 
     246           0 :   int validate_result = fd_vm_validate( vm );
     247           0 :   if( FD_UNLIKELY( validate_result!=FD_VM_SUCCESS ) ) {
     248           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     249           0 :   }
     250           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     251           0 : }
     252             : 
     253             : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L195-L218 */
     254             : static int
     255             : write_program_data( fd_exec_instr_ctx_t *   instr_ctx,
     256             :                     ushort                  instr_acc_idx,
     257             :                     ulong                   program_data_offset,
     258             :                     uchar *                 bytes,
     259           0 :                     ulong                   bytes_len ) {
     260           0 :   int err;
     261             : 
     262             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L202 */
     263           0 :   fd_guarded_borrowed_account_t program;
     264           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, instr_acc_idx, &program );
     265             : 
     266             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L203 */
     267           0 :   uchar * data = NULL;
     268           0 :   ulong   dlen = 0UL;
     269           0 :   err = fd_borrowed_account_get_data_mut( &program, &data, &dlen );
     270           0 :   if( FD_UNLIKELY( err ) ) {
     271           0 :     return err;
     272           0 :   }
     273             : 
     274           0 :   ulong write_offset = fd_ulong_sat_add( program_data_offset, bytes_len );
     275           0 :   if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &program )<write_offset ) ) {
     276             :     /* Max msg_sz: 24 - 6 + 2*20 = 58 < 127 => we can use printf */
     277           0 :     fd_log_collector_printf_dangerous_max_127( instr_ctx,
     278           0 :       "Write overflow %lu < %lu", fd_borrowed_account_get_data_len( &program ), write_offset );
     279           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     280           0 :   }
     281             : 
     282           0 :   if( FD_UNLIKELY( program_data_offset>dlen ) ) {
     283           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     284           0 :   }
     285             : 
     286           0 :   if( FD_LIKELY( bytes_len ) ) {
     287           0 :     fd_memcpy( data+program_data_offset, bytes, bytes_len );
     288           0 :   }
     289             : 
     290           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     291           0 : }
     292             : 
     293             : fd_bpf_upgradeable_loader_state_t *
     294             : fd_bpf_loader_program_get_state( fd_txn_account_t const * acct,
     295             :                                  fd_spad_t *              spad,
     296           0 :                                  int *                    err ) {
     297           0 :   fd_bpf_upgradeable_loader_state_t * res = fd_bincode_decode_spad(
     298           0 :       bpf_upgradeable_loader_state,
     299           0 :       spad,
     300           0 :       acct->vt->get_data( acct ),
     301           0 :       acct->vt->get_data_len( acct ),
     302           0 :       err );
     303           0 :   if( FD_UNLIKELY( *err ) ) {
     304           0 :     *err = FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     305           0 :     return NULL;
     306           0 :   }
     307           0 :   return res;
     308           0 : }
     309             : 
     310             : /* Mirrors solana_sdk::transaction_context::BorrowedAccount::set_state()
     311             :    https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L973 */
     312             : int
     313             : fd_bpf_loader_v3_program_set_state( fd_borrowed_account_t * borrowed_acct,
     314           0 :                                     fd_bpf_upgradeable_loader_state_t * state ) {
     315           0 :   ulong state_size = fd_bpf_upgradeable_loader_state_size( state );
     316             : 
     317           0 :   uchar * data = NULL;
     318           0 :   ulong   dlen = 0UL;
     319             : 
     320           0 :   int err = fd_borrowed_account_get_data_mut( borrowed_acct, &data, &dlen );
     321           0 :   if( FD_UNLIKELY( err ) ) {
     322           0 :     return err;
     323           0 :   }
     324             : 
     325           0 :   if( FD_UNLIKELY( state_size>dlen ) ) {
     326           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     327           0 :   }
     328             : 
     329           0 :   fd_bincode_encode_ctx_t ctx = {
     330           0 :     .data    = data,
     331           0 :     .dataend = data + state_size
     332           0 :   };
     333             : 
     334           0 :   err = fd_bpf_upgradeable_loader_state_encode( state, &ctx );
     335           0 :   if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     336           0 :     return FD_EXECUTOR_INSTR_ERR_GENERIC_ERR;
     337           0 :   }
     338             : 
     339           0 :   return FD_BINCODE_SUCCESS;
     340           0 : }
     341             : 
     342             : /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1299-L1331 */
     343             : static int
     344             : common_close_account( fd_pubkey_t * authority_address,
     345             :                       fd_exec_instr_ctx_t * instr_ctx,
     346           0 :                       fd_bpf_upgradeable_loader_state_t * state ) {
     347           0 :   int err;
     348             : 
     349             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1307 */
     350           0 :   if( FD_UNLIKELY( !authority_address ) ) {
     351           0 :     return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
     352           0 :   }
     353             : 
     354             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1312-L1313 */
     355           0 :   fd_pubkey_t const * acc_key = NULL;
     356           0 :   err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &acc_key );
     357           0 :   if( FD_UNLIKELY( err ) ) {
     358           0 :     return err;
     359           0 :   }
     360             : 
     361           0 :   if( FD_UNLIKELY( memcmp( authority_address, acc_key, sizeof(fd_pubkey_t) ) ) ) {
     362           0 :     return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
     363           0 :   }
     364             : 
     365             :   /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1319-L1322 */
     366           0 :   if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL ) ) ) {
     367           0 :     return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
     368           0 :   }
     369             : 
     370             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1324 */
     371           0 :   fd_guarded_borrowed_account_t close_account;
     372           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &close_account );
     373             : 
     374             :   /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1326 */
     375           0 :   fd_guarded_borrowed_account_t recipient_account;
     376           0 :   FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &recipient_account );
     377             : 
     378           0 :   err = fd_borrowed_account_checked_add_lamports( &recipient_account,
     379           0 :                                                   fd_borrowed_account_get_lamports( &close_account ) );
     380           0 :   if( FD_UNLIKELY( err ) ) {
     381           0 :     return err;
     382           0 :   }
     383             : 
     384           0 :   err = fd_borrowed_account_set_lamports( &close_account, 0UL );
     385           0 :   if( FD_UNLIKELY( err ) ) {
     386           0 :     return err;
     387           0 :   }
     388             : 
     389           0 :   state->discriminant = fd_bpf_upgradeable_loader_state_enum_uninitialized;
     390           0 :   err = fd_bpf_loader_v3_program_set_state( &close_account, state );
     391           0 :   if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     392           0 :     return err;
     393           0 :   }
     394             : 
     395           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     396           0 : }
     397             : 
     398             : 
     399             : /* Every loader-owned BPF program goes through this function, which goes into the VM.
     400             : 
     401             :    https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1332-L1501 */
     402             : int
     403           0 : fd_bpf_execute( fd_exec_instr_ctx_t * instr_ctx, fd_sbpf_validated_program_t const * prog, uchar is_deprecated ) {
     404             : 
     405           0 :   int err                       = FD_EXECUTOR_INSTR_SUCCESS;
     406           0 :   fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_new( fd_spad_alloc( instr_ctx->txn_ctx->spad,
     407           0 :                                                                        fd_sbpf_syscalls_align(),
     408           0 :                                                                        fd_sbpf_syscalls_footprint() ) );
     409           0 :   FD_TEST( syscalls );
     410             : 
     411             :   /* TODO do we really need to re-do this on every instruction? */
     412           0 :   fd_vm_syscall_register_slot( syscalls,
     413           0 :                                instr_ctx->txn_ctx->slot,
     414           0 :                                &instr_ctx->txn_ctx->features,
     415           0 :                                0 );
     416             : 
     417             :   /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1362-L1368 */
     418           0 :   ulong                   input_sz                                = 0UL;
     419           0 :   ulong                   pre_lens[256]                           = {0};
     420           0 :   fd_vm_input_region_t    input_mem_regions[1000]                 = {0}; /* We can have a max of (3 * num accounts + 1) regions */
     421           0 :   fd_vm_acc_region_meta_t acc_region_metas[256]                   = {0}; /* instr acc idx to idx */
     422           0 :   uint                    input_mem_regions_cnt                   = 0U;
     423           0 :   int                     direct_mapping                          = FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, bpf_account_data_direct_mapping );
     424           0 :   int                     mask_out_rent_epoch_in_vm_serialization = FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, mask_out_rent_epoch_in_vm_serialization );
     425             : 
     426           0 :   uchar * input = NULL;
     427           0 :   err = fd_bpf_loader_input_serialize_parameters( instr_ctx, &input_sz, pre_lens,
     428           0 :                                                   input_mem_regions, &input_mem_regions_cnt,
     429           0 :                                                   acc_region_metas, direct_mapping, mask_out_rent_epoch_in_vm_serialization,
     430           0 :                                                   is_deprecated, &input );
     431           0 :   if( FD_UNLIKELY( err ) ) {
     432           0 :     return err;
     433           0 :   }
     434             : 
     435           0 :   if( FD_UNLIKELY( input==NULL ) ) {
     436           0 :     return FD_EXECUTOR_INSTR_ERR_MISSING_ACC;
     437           0 :   }
     438             : 
     439           0 :   fd_sha256_t _sha[1];
     440           0 :   fd_sha256_t * sha = fd_sha256_join( fd_sha256_new( _sha ) );
     441             : 
     442           0 :   fd_vm_t _vm[1];
     443           0 :   fd_vm_t * vm = fd_vm_join( fd_vm_new( _vm ) );
     444             : 
     445           0 :   ulong pre_insn_cus = instr_ctx->txn_ctx->compute_meter;
     446           0 :   ulong heap_max     = instr_ctx->txn_ctx->heap_size;
     447             : 
     448             :   /* For dumping syscalls for seed corpora */
     449           0 :   int dump_syscall_to_pb = instr_ctx->txn_ctx->capture_ctx &&
     450           0 :                            instr_ctx->txn_ctx->slot >= instr_ctx->txn_ctx->capture_ctx->dump_proto_start_slot &&
     451           0 :                            instr_ctx->txn_ctx->capture_ctx->dump_syscall_to_pb;
     452             : 
     453             :   /* TODO: (topointon): correctly set check_size in vm setup */
     454           0 :   vm = fd_vm_init(
     455           0 :     /* vm                    */ vm,
     456           0 :     /* instr_ctx             */ instr_ctx,
     457           0 :     /* heap_max              */ heap_max, /* TODO: configure heap allocator */
     458           0 :     /* entry_cu              */ instr_ctx->txn_ctx->compute_meter,
     459           0 :     /* rodata                */ prog->rodata,
     460           0 :     /* rodata_sz             */ prog->rodata_sz,
     461           0 :     /* text                  */ (ulong *)((ulong)prog->rodata + (ulong)prog->text_off), /* Note: text_off is byte offset */
     462           0 :     /* text_cnt              */ prog->text_cnt,
     463           0 :     /* text_off              */ prog->text_off,
     464           0 :     /* text_sz               */ prog->text_sz,
     465           0 :     /* entry_pc              */ prog->entry_pc,
     466           0 :     /* calldests             */ prog->calldests,
     467           0 :     /* sbpf_version          */ prog->sbpf_version,
     468           0 :     /* syscalls              */ syscalls,
     469             :     /* trace                 */ NULL,
     470           0 :     /* sha                   */ sha,
     471           0 :     /* input_mem_regions     */ input_mem_regions,
     472           0 :     /* input_mem_regions_cnt */ input_mem_regions_cnt,
     473           0 :     /* acc_region_metas      */ acc_region_metas,
     474           0 :     /* is_deprecated         */ is_deprecated,
     475           0 :     /* direct_mapping        */ direct_mapping,
     476           0 :     /* dump_syscall_to_pb    */ dump_syscall_to_pb );
     477           0 :   if( FD_UNLIKELY( !vm ) ) {
     478             :     /* We throw an error here because it could be the case that the given heap_size > HEAP_MAX.
     479             :        In this case, Agave fails the transaction but does not error out.
     480             : 
     481             :        https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1396 */
     482           0 :     FD_LOG_WARNING(( "null vm" ));
     483           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     484           0 :   }
     485             : 
     486             : #ifdef FD_DEBUG_SBPF_TRACES
     487             :   uchar * signature = (uchar*)vm->instr_ctx->txn_ctx->_txn_raw->raw + vm->instr_ctx->txn_ctx->txn_descriptor->signature_off;
     488             :   uchar sig[64];
     489             :   /* TODO (topointon): make this run-time configurable, no need for this ifdef */
     490             :   fd_base58_decode_64( "tkacc4VCh2z9cLsQowCnKqX14DmUUxpRyES755FhUzrFxSFvo8kVk444kNTL7kJxYnnANYwRWAdHCgBJupftZrz", sig );
     491             :   if( FD_UNLIKELY( !memcmp( signature, sig, 64UL ) ) ) {
     492             :     ulong event_max = FD_RUNTIME_VM_TRACE_EVENT_MAX;
     493             :     ulong event_data_max = FD_RUNTIME_VM_TRACE_EVENT_DATA_MAX;
     494             :     vm->trace = fd_vm_trace_join( fd_vm_trace_new( fd_spad_alloc(
     495             :     instr_ctx->txn_ctx->spad, fd_vm_trace_align(), fd_vm_trace_footprint( event_max, event_data_max ) ), event_max, event_data_max ) );
     496             :     if( FD_UNLIKELY( !vm->trace ) ) FD_LOG_ERR(( "unable to create trace; make sure you've compiled with sufficient spad size " ));
     497             :   }
     498             : #endif
     499             : 
     500             :   /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L1440-L1447 */
     501           0 :   ulong heap_size = instr_ctx->txn_ctx->heap_size;
     502           0 :   ulong heap_cost = FD_VM_HEAP_COST;
     503           0 :   ulong heap_cost_result = calculate_heap_cost( heap_size, heap_cost );
     504             : 
     505           0 :   if( FD_UNLIKELY( heap_cost_result>vm->cu ) ) {
     506           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_ENVIRONMENT_SETUP_FAILURE;
     507           0 :   }
     508             : 
     509           0 :   vm->cu -= heap_cost_result;
     510             : 
     511           0 :   int exec_err = fd_vm_exec( vm );
     512           0 :   instr_ctx->txn_ctx->compute_meter = vm->cu;
     513             : 
     514           0 :   if( FD_UNLIKELY( vm->trace ) ) {
     515           0 :     err = fd_vm_trace_printf( vm->trace, vm->syscalls );
     516           0 :     if( FD_UNLIKELY( err ) ) {
     517           0 :       FD_LOG_WARNING(( "fd_vm_trace_printf failed (%i-%s)", err, fd_vm_strerror( err ) ));
     518           0 :     }
     519           0 :   }
     520             : 
     521             :   /* Log consumed compute units and return data.
     522             :      https://github.com/anza-xyz/agave/blob/v2.0.6/programs/bpf_loader/src/lib.rs#L1418-L1429 */
     523           0 :   fd_log_collector_program_consumed( instr_ctx, pre_insn_cus-vm->cu, pre_insn_cus );
     524           0 :   if( FD_UNLIKELY( instr_ctx->txn_ctx->return_data.len ) ) {
     525           0 :     fd_log_collector_program_return( instr_ctx );
     526           0 :   }
     527             : 
     528             :   /* Handles instr + EBPF errors */
     529           0 :   if( FD_UNLIKELY( exec_err!=FD_VM_SUCCESS ) ) {
     530             : 
     531             :     /* https://github.com/anza-xyz/agave/blob/v2.1.13/programs/bpf_loader/src/lib.rs#L1434-L1439 */
     532             :     /* (SIMD-182) Consume ALL requested CUs on non-Syscall errors */
     533           0 :     if( FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, deplete_cu_meter_on_vm_failure )
     534           0 :         && exec_err != FD_VM_ERR_SIGSYSCALL ) {
     535           0 :       instr_ctx->txn_ctx->compute_meter = 0UL;
     536           0 :     }
     537             : 
     538             :     /* EBPF error case
     539             :        Edge case with error codes: if direct mapping is enabled, the EBPF error is an access violation,
     540             :        and the access type was a store, a different error code is returned to give developers more insight
     541             :        as to what caused the error.
     542             :        https://github.com/anza-xyz/agave/blob/v2.0.9/programs/bpf_loader/src/lib.rs#L1436-L1470 */
     543           0 :     if( FD_UNLIKELY( direct_mapping && exec_err==FD_VM_ERR_EBPF_ACCESS_VIOLATION && vm->segv_store_vaddr!=ULONG_MAX ) ) {
     544             :       /* vaddrs start at 0xFFFFFFFF + 1, so anything below it would not correspond to any account metadata. */
     545           0 :       if( FD_UNLIKELY( vm->segv_store_vaddr>>32UL==0UL ) ) {
     546           0 :         return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
     547           0 :       }
     548             : 
     549             :       /* Find the account meta corresponding to the vaddr */
     550           0 :       ulong vaddr_offset = vm->segv_store_vaddr & FD_VM_OFFSET_MASK;
     551           0 :       ulong acc_region_addl_off = is_deprecated ? 0UL : MAX_PERMITTED_DATA_INCREASE;
     552             : 
     553             :       /* If the vaddr doesn't live in the input region, then we don't need to
     554             :          bother trying to iterate through all of the borrowed accounts. */
     555           0 :       if( FD_VADDR_TO_REGION( vm->segv_store_vaddr )!=FD_VM_INPUT_REGION ) {
     556           0 :         return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
     557           0 :       }
     558             : 
     559             :       /* If the vaddr of the access violation falls within the bounds of a
     560             :          serialized account vaddr range, then try to retrieve a more specific
     561             :          vm error based on the account's accesss permissions. */
     562           0 :       for( ushort i=0UL; i<instr_ctx->instr->acct_cnt; i++ ) {
     563             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1455 */
     564           0 :         fd_guarded_borrowed_account_t instr_acc;
     565           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, i, &instr_acc );
     566             : 
     567           0 :         ulong idx = acc_region_metas[i].region_idx;
     568           0 :         if( input_mem_regions[idx].vaddr_offset<=vaddr_offset && vaddr_offset<input_mem_regions[idx].vaddr_offset+pre_lens[i]+acc_region_addl_off ) {
     569             : 
     570             :           /* Found an input mem region!
     571             :              https://github.com/anza-xyz/agave/blob/89872fdb074e6658646b2b57a299984f0059cc84/programs/bpf_loader/src/lib.rs#L1515-L1528 */
     572           0 :           if( !FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) &&
     573           0 :               fd_borrowed_account_is_executable( &instr_acc ) ) {
     574           0 :             err = FD_EXECUTOR_INSTR_ERR_EXECUTABLE_DATA_MODIFIED;
     575           0 :           } else if( fd_borrowed_account_is_writable( &instr_acc ) ) {
     576           0 :             err = FD_EXECUTOR_INSTR_ERR_EXTERNAL_DATA_MODIFIED;
     577           0 :           } else {
     578           0 :             err = FD_EXECUTOR_INSTR_ERR_READONLY_DATA_MODIFIED;
     579           0 :           }
     580           0 :           return err;
     581           0 :         }
     582           0 :       }
     583           0 :     }
     584             : 
     585             :     /* Instr error case */
     586             :     /* https://github.com/anza-xyz/agave/blob/v2.1.10/program-runtime/src/invoke_context.rs#L564-L577 */
     587             :     /* If the result returned from fd_vm_exec is an error, there are three possibilities:
     588             :         1. When fd_vm_exec error is a SyscallError and error kind is an InstructionError, return the actual InstructionError
     589             :         2. When fd_vm_exec error is a SyscallError, but error kind is not an InstructionError, return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE
     590             :         3. When fd_vm_exec error is not a SyscallError, return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE
     591             :     */
     592           0 :     if( FD_UNLIKELY( exec_err==FD_VM_ERR_SIGSYSCALL && instr_ctx->txn_ctx->exec_err_kind==FD_EXECUTOR_ERR_KIND_INSTR ) ) {
     593           0 :       return instr_ctx->txn_ctx->exec_err;
     594           0 :     }
     595             : 
     596           0 :     return FD_EXECUTOR_INSTR_ERR_PROGRAM_FAILED_TO_COMPLETE;
     597           0 :   }
     598             : 
     599             :   /* Handles syscall errors
     600             :      TODO: vm should report */
     601           0 :   ulong syscall_err = vm->reg[0];
     602           0 :   if( FD_UNLIKELY( syscall_err ) ) {
     603             :     /* https://github.com/anza-xyz/agave/blob/v2.0.9/programs/bpf_loader/src/lib.rs#L1431-L1434 */
     604           0 :     err = program_error_to_instr_error( syscall_err, &instr_ctx->txn_ctx->custom_err );
     605           0 :     FD_VM_ERR_FOR_LOG_INSTR( vm, err );
     606           0 :     return err;
     607           0 :   }
     608             : 
     609           0 :   err = fd_bpf_loader_input_deserialize_parameters( instr_ctx, pre_lens, input, input_sz, direct_mapping, is_deprecated );
     610           0 :   if( FD_UNLIKELY( err ) ) {
     611           0 :     return err;
     612           0 :   }
     613             : 
     614           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
     615           0 : }
     616             : 
     617             : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L566-L1444 */
     618             : static int
     619           0 : process_loader_upgradeable_instruction( fd_exec_instr_ctx_t * instr_ctx ) {
     620           0 :   uchar const * data = instr_ctx->instr->data;
     621           0 :   fd_spad_t *   spad = instr_ctx->txn_ctx->spad;
     622             : 
     623           0 :   int err;
     624           0 :   fd_bpf_upgradeable_loader_program_instruction_t * instruction =
     625           0 :     fd_bincode_decode_spad(
     626           0 :       bpf_upgradeable_loader_program_instruction, spad,
     627           0 :       data,
     628           0 :       instr_ctx->instr->data_sz>FD_TXN_MTU ? FD_TXN_MTU: instr_ctx->instr->data_sz,
     629           0 :       &err );
     630           0 :   if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     631           0 :     return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
     632           0 :   }
     633             : 
     634             :   /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L510 */
     635           0 :   fd_pubkey_t const * program_id = NULL;
     636           0 :   err = fd_exec_instr_ctx_get_last_program_key( instr_ctx, &program_id );
     637           0 :   if( FD_UNLIKELY( err ) ) {
     638           0 :     return err;
     639           0 :   }
     640             : 
     641           0 :   switch( instruction->discriminant ) {
     642             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L476-L493 */
     643           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_initialize_buffer: {
     644           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
     645           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
     646           0 :       }
     647             : 
     648             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L479 */
     649           0 :       fd_guarded_borrowed_account_t buffer;
     650           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &buffer );
     651           0 :       fd_bpf_upgradeable_loader_state_t * buffer_state = fd_bpf_loader_program_get_state( buffer.acct,
     652           0 :                                                                                           spad,
     653           0 :                                                                                           &err );
     654           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     655           0 :         return err;
     656           0 :       }
     657             : 
     658           0 :       if( FD_UNLIKELY( !fd_bpf_upgradeable_loader_state_is_uninitialized( buffer_state ) ) ) {
     659           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account is already initialized" );
     660           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
     661           0 :       }
     662             : 
     663             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L487-L489 */
     664           0 :       fd_pubkey_t const * authority_key = NULL;
     665           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &authority_key );
     666           0 :       if( FD_UNLIKELY( err ) ) {
     667           0 :         return err;
     668           0 :       }
     669             : 
     670           0 :       buffer_state->discriminant                   = fd_bpf_upgradeable_loader_state_enum_buffer;
     671           0 :       buffer_state->inner.buffer.authority_address = (fd_pubkey_t*)authority_key;
     672             : 
     673           0 :       err = fd_bpf_loader_v3_program_set_state( &buffer, buffer_state );
     674           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     675           0 :         return err;
     676           0 :       }
     677             : 
     678             :       /* implicit drop of buffer account */
     679             : 
     680           0 :       break;
     681           0 :     }
     682             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L494-L525 */
     683           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_write: {
     684           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
     685           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
     686           0 :       }
     687             : 
     688             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L497 */
     689           0 :       fd_guarded_borrowed_account_t buffer;
     690           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &buffer );
     691             : 
     692           0 :        fd_bpf_upgradeable_loader_state_t * loader_state = fd_bpf_loader_program_get_state( buffer.acct,
     693           0 :                                                                                            spad,
     694           0 :                                                                                            &err );
     695           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     696           0 :         return err;
     697           0 :       }
     698             : 
     699           0 :       if( fd_bpf_upgradeable_loader_state_is_buffer( loader_state ) ) {
     700           0 :         if( FD_UNLIKELY( !loader_state->inner.buffer.authority_address ) ) {
     701           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
     702           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
     703           0 :         }
     704             : 
     705             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L505-L507 */
     706           0 :         fd_pubkey_t const * authority_key = NULL;
     707           0 :         err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &authority_key );
     708           0 :         if( FD_UNLIKELY( err ) ) {
     709           0 :           return err;
     710           0 :         }
     711             : 
     712           0 :         if( FD_UNLIKELY( memcmp( loader_state->inner.buffer.authority_address, authority_key, sizeof(fd_pubkey_t) ) ) ) {
     713           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
     714           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
     715           0 :         }
     716           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL ) ) ) {
     717           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
     718           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
     719           0 :         }
     720           0 :       } else {
     721           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
     722           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     723           0 :       }
     724             : 
     725             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L520 */
     726           0 :       fd_borrowed_account_drop( &buffer );
     727             : 
     728           0 :       ulong program_data_offset = fd_ulong_sat_add( BUFFER_METADATA_SIZE, instruction->inner.write.offset );
     729           0 :       err = write_program_data( instr_ctx,
     730           0 :                                 0UL,
     731           0 :                                 program_data_offset,
     732           0 :                                 instruction->inner.write.bytes,
     733           0 :                                 instruction->inner.write.bytes_len );
     734           0 :       if( FD_UNLIKELY( err ) ) {
     735           0 :         return err;
     736           0 :       }
     737             : 
     738           0 :       break;
     739           0 :     }
     740             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L526-L702 */
     741           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_deploy_with_max_data_len: {
     742             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L527-L541 */
     743           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 4U ) ) ) {
     744           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
     745           0 :       }
     746             : 
     747             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L529-L534 */
     748           0 :       fd_pubkey_t const * payer_key       = NULL;
     749           0 :       fd_pubkey_t const * programdata_key = NULL;
     750             : 
     751           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &payer_key );
     752           0 :       if( FD_UNLIKELY( err ) ) {
     753           0 :         return err;
     754           0 :       }
     755             : 
     756           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &programdata_key );
     757           0 :       if( FD_UNLIKELY( err ) ) {
     758           0 :         return err;
     759           0 :       }
     760             : 
     761             :       /* rent is accessed directly from the epoch bank and the clock from the
     762             :         slot context. However, a check must be done to make sure that the
     763             :         sysvars are correctly included in the set of transaction accounts. */
     764           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 4UL, &fd_sysvar_rent_id );
     765           0 :       if( FD_UNLIKELY( err ) ) {
     766           0 :         return err;
     767           0 :       }
     768           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 5UL, &fd_sysvar_clock_id );
     769           0 :       if( FD_UNLIKELY( err ) ) {
     770           0 :         return err;
     771           0 :       }
     772             : 
     773           0 :       fd_sol_sysvar_clock_t const * clock = fd_sysvar_clock_read( instr_ctx->txn_ctx->funk, instr_ctx->txn_ctx->funk_txn, instr_ctx->txn_ctx->spad );
     774           0 :       if( FD_UNLIKELY( !clock ) ) {
     775           0 :         return FD_EXECUTOR_INSTR_ERR_GENERIC_ERR;
     776           0 :       }
     777             : 
     778             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L538 */
     779           0 :       if( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 8U ) ) {
     780           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
     781           0 :       }
     782             : 
     783             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L539-L541 */
     784           0 :       fd_pubkey_t const * authority_key = NULL;
     785           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 7UL, &authority_key );
     786           0 :       if( FD_UNLIKELY( err ) ) {
     787           0 :         return err;
     788           0 :       }
     789             : 
     790             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L542-L560 */
     791             :       /* Verify Program account */
     792             : 
     793           0 :       fd_bpf_upgradeable_loader_state_t * loader_state   = NULL;
     794           0 :       fd_pubkey_t *                       new_program_id = NULL;
     795           0 :       fd_rent_t const *                   rent           = fd_bank_rent_query( instr_ctx->txn_ctx->bank );
     796             : 
     797             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L545 */
     798           0 :       fd_guarded_borrowed_account_t program;
     799           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &program );
     800             : 
     801           0 :       loader_state = fd_bpf_loader_program_get_state( program.acct,
     802           0 :                                                       spad,
     803           0 :                                                       &err );
     804             : 
     805           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     806           0 :         return err;
     807           0 :       }
     808           0 :       if( FD_UNLIKELY( !fd_bpf_upgradeable_loader_state_is_uninitialized( loader_state ) ) ) {
     809           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account already initialized" );
     810           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_ALREADY_INITIALIZED;
     811           0 :       }
     812           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &program )<SIZE_OF_PROGRAM ) ) {
     813           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account too small" );
     814           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     815           0 :       }
     816           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_lamports( &program )<fd_rent_exempt_minimum_balance( rent,
     817           0 :                                                                                                     fd_borrowed_account_get_data_len( &program ) ) ) ) {
     818           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not rent-exempt" );
     819           0 :         return FD_EXECUTOR_INSTR_ERR_EXECUTABLE_ACCOUNT_NOT_RENT_EXEMPT;
     820           0 :       }
     821           0 :       new_program_id = program.acct->pubkey;
     822             : 
     823             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L560 */
     824           0 :       fd_borrowed_account_drop( &program );
     825             : 
     826             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L561-L600 */
     827             :       /* Verify Buffer account */
     828             : 
     829           0 :       fd_pubkey_t * buffer_key       = NULL;
     830           0 :       ulong buffer_data_offset       = 0UL;
     831           0 :       ulong buffer_data_len          = 0UL;
     832           0 :       ulong programdata_len          = 0UL;
     833             : 
     834             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L564-L565 */
     835           0 :       fd_guarded_borrowed_account_t buffer;
     836           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
     837             : 
     838           0 :       fd_bpf_upgradeable_loader_state_t * buffer_state = fd_bpf_loader_program_get_state( buffer.acct, spad, &err );
     839           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
     840           0 :         return err;
     841           0 :       }
     842             : 
     843           0 :       if( fd_bpf_upgradeable_loader_state_is_buffer( buffer_state ) ) {
     844           0 :         if( FD_UNLIKELY( (authority_key==NULL) != (buffer_state->inner.buffer.authority_address == NULL) ||
     845           0 :             (authority_key!=NULL && memcmp( buffer_state->inner.buffer.authority_address, authority_key, sizeof(fd_pubkey_t) ) ) ) ) {
     846           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer and upgrade authority don't match" );
     847           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
     848           0 :         }
     849           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 7UL ) ) ) {
     850           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
     851           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
     852           0 :         }
     853           0 :       } else {
     854           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
     855           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     856           0 :       }
     857           0 :       buffer_key         = buffer.acct->pubkey;
     858           0 :       buffer_data_offset = BUFFER_METADATA_SIZE;
     859           0 :       buffer_data_len    = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &buffer ), buffer_data_offset );
     860             :       /* UpgradeableLoaderState::size_of_program_data( max_data_len ) */
     861           0 :       programdata_len    = fd_ulong_sat_add( PROGRAMDATA_METADATA_SIZE,
     862           0 :                                              instruction->inner.deploy_with_max_data_len.max_data_len );
     863             : 
     864           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &buffer )<BUFFER_METADATA_SIZE || buffer_data_len==0UL ) ) {
     865           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account too small" );
     866           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
     867           0 :       }
     868             : 
     869           0 :       if( FD_UNLIKELY( instruction->inner.deploy_with_max_data_len.max_data_len<buffer_data_len ) ) {
     870           0 :         fd_log_collector_msg_literal( instr_ctx, "Max data length is too small to hold Buffer data" );
     871           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     872           0 :       }
     873             : 
     874           0 :       if( FD_UNLIKELY( programdata_len>MAX_PERMITTED_DATA_LENGTH ) ) {
     875           0 :         fd_log_collector_msg_literal( instr_ctx, "Max data length is too large" );
     876           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     877           0 :       }
     878             : 
     879             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L590 */
     880           0 :       fd_borrowed_account_drop( &buffer );
     881             : 
     882             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L602-L608 */
     883             :       /* Create ProgramData account */
     884             : 
     885           0 :       fd_pubkey_t derived_address[ 1UL ];
     886           0 :       uchar * seeds[ 1UL ];
     887           0 :       seeds[ 0UL ]    = (uchar *)new_program_id;
     888           0 :       ulong seed_sz   = sizeof(fd_pubkey_t);
     889           0 :       uchar bump_seed = 0;
     890           0 :       err = fd_pubkey_find_program_address( program_id, 1UL, seeds, &seed_sz, derived_address,
     891           0 :                                             &bump_seed, &instr_ctx->txn_ctx->custom_err );
     892           0 :       if( FD_UNLIKELY( err ) ) {
     893             :         /* TODO: We should handle these errors more gracefully instead of just killing the client (e.g. excluding the transaction
     894             :            from the block). */
     895           0 :         FD_LOG_ERR(( "Unable to find a viable program address bump seed" )); // Solana panics, error code is undefined
     896           0 :         return err;
     897           0 :       }
     898           0 :       if( FD_UNLIKELY( memcmp( derived_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
     899           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData address is not derived" );
     900           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
     901           0 :       }
     902             : 
     903             :       /* Drain the Buffer account to payer before paying for programdata account in a local scope
     904             :          https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L612-L628 */
     905             : 
     906           0 :       do {
     907             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L615 */
     908           0 :         fd_guarded_borrowed_account_t payer;
     909           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &payer );
     910             : 
     911             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L613 */
     912           0 :         fd_guarded_borrowed_account_t buffer;
     913           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
     914             : 
     915           0 :         err = fd_borrowed_account_checked_add_lamports( &payer, fd_borrowed_account_get_lamports( &buffer ) );
     916           0 :         if( FD_UNLIKELY( err ) ) {
     917           0 :           return err;
     918           0 :         }
     919           0 :         err = fd_borrowed_account_set_lamports( &buffer, 0UL );
     920           0 :         if( FD_UNLIKELY( err ) ) {
     921           0 :           return err;
     922           0 :         }
     923           0 :       } while (0);
     924             : 
     925             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L628-L642 */
     926             :       /* Pass an extra account to avoid the overly strict unbalanced instruction error */
     927             :       /* Invoke the system program to create the new account */
     928           0 :       uchar instr_data[FD_TXN_MTU];
     929           0 :       fd_system_program_instruction_create_account_t create_acct = {
     930           0 :         .lamports = fd_rent_exempt_minimum_balance( rent, programdata_len ),
     931           0 :         .space    = programdata_len,
     932           0 :         .owner    = *program_id,
     933           0 :       };
     934           0 :       if( !create_acct.lamports ) {
     935           0 :         create_acct.lamports = 1UL;
     936           0 :       }
     937             : 
     938           0 :       fd_system_program_instruction_t instr = {
     939           0 :         .discriminant = fd_system_program_instruction_enum_create_account,
     940           0 :         .inner = {
     941           0 :           .create_account = create_acct,
     942           0 :         }
     943           0 :       };
     944             : 
     945           0 :       fd_bincode_encode_ctx_t encode_ctx = {
     946           0 :         .data    = instr_data,
     947           0 :         .dataend = instr_data + FD_TXN_MTU
     948           0 :       };
     949             : 
     950             :       // This should never fail.
     951           0 :       int err = fd_system_program_instruction_encode( &instr, &encode_ctx );
     952           0 :       if( FD_UNLIKELY( err ) ) {
     953           0 :         return FD_EXECUTOR_INSTR_ERR_FATAL;
     954           0 :       }
     955             : 
     956           0 :       fd_vm_rust_account_meta_t * acct_metas = (fd_vm_rust_account_meta_t*)
     957           0 :                                                 fd_spad_alloc( instr_ctx->txn_ctx->spad,
     958           0 :                                                                FD_VM_RUST_ACCOUNT_META_ALIGN,
     959           0 :                                                                3UL * sizeof(fd_vm_rust_account_meta_t) );
     960           0 :       fd_native_cpi_create_account_meta( payer_key,       1U, 1U, &acct_metas[ 0UL ] );
     961           0 :       fd_native_cpi_create_account_meta( programdata_key, 1U, 1U, &acct_metas[ 1UL ] );
     962           0 :       fd_native_cpi_create_account_meta( buffer_key,      0U, 1U, &acct_metas[ 2UL ] );
     963             : 
     964             :       /* caller_program_id == program_id */
     965           0 :       fd_pubkey_t signers[ 1UL ];
     966           0 :       err = fd_pubkey_derive_pda( program_id, 1UL, seeds, &seed_sz, &bump_seed, signers, &instr_ctx->txn_ctx->custom_err );
     967           0 :       if( FD_UNLIKELY( err ) ) {
     968           0 :         return err;
     969           0 :       }
     970           0 :       err = fd_native_cpi_native_invoke( instr_ctx,
     971           0 :                                          &fd_solana_system_program_id,
     972           0 :                                          instr_data,
     973           0 :                                          FD_TXN_MTU,
     974           0 :                                          acct_metas,
     975           0 :                                          3UL,
     976           0 :                                          signers,
     977           0 :                                          1UL );
     978           0 :       if( FD_UNLIKELY( err ) ) {
     979           0 :         return err;
     980           0 :       }
     981             : 
     982             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L644-L665 */
     983             :       /* Load and verify the program bits */
     984             : 
     985             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L648-L649 */
     986           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
     987             : 
     988           0 :       if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
     989           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
     990           0 :       }
     991             : 
     992           0 :       const uchar * buffer_data = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
     993             : 
     994           0 :       err = fd_deploy_program( instr_ctx, buffer_data, buffer_data_len, instr_ctx->txn_ctx->spad );
     995           0 :       if( FD_UNLIKELY( err ) ) {
     996           0 :         return err;
     997           0 :       }
     998             : 
     999             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L657 */
    1000           0 :       fd_borrowed_account_drop( &buffer );
    1001             : 
    1002             :       /* Update the ProgramData account and record the program bits in a local scope
    1003             :          https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L669-L691 */
    1004           0 :       do {
    1005             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L670-L671 */
    1006           0 :         fd_guarded_borrowed_account_t programdata;
    1007           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &programdata );
    1008             : 
    1009           0 :         fd_bpf_upgradeable_loader_state_t programdata_loader_state = {
    1010           0 :           .discriminant = fd_bpf_upgradeable_loader_state_enum_program_data,
    1011           0 :           .inner.program_data = {
    1012           0 :             .slot                      = clock->slot,
    1013           0 :             .upgrade_authority_address = (fd_pubkey_t *)authority_key,
    1014           0 :           },
    1015           0 :         };
    1016           0 :         err = fd_bpf_loader_v3_program_set_state( &programdata, &programdata_loader_state );
    1017           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1018           0 :           return err;
    1019           0 :         }
    1020             : 
    1021             :         /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L675-L689 */
    1022           0 :         if( FD_UNLIKELY( PROGRAMDATA_METADATA_SIZE+buffer_data_len>fd_borrowed_account_get_data_len( &programdata ) ) ) {
    1023           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1024           0 :         }
    1025           0 :         if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
    1026           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1027           0 :         }
    1028             : 
    1029           0 :         uchar * programdata_data = NULL;
    1030           0 :         ulong   programdata_dlen = 0UL;
    1031           0 :         err = fd_borrowed_account_get_data_mut( &programdata, &programdata_data, &programdata_dlen );
    1032           0 :         if( FD_UNLIKELY( err ) ) {
    1033           0 :           return err;
    1034           0 :         }
    1035             : 
    1036           0 :         uchar *   dst_slice = programdata_data + PROGRAMDATA_METADATA_SIZE;
    1037           0 :         ulong dst_slice_len = buffer_data_len;
    1038             : 
    1039             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L683-L684 */
    1040           0 :         fd_guarded_borrowed_account_t buffer;
    1041           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &buffer );
    1042             : 
    1043           0 :         if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
    1044           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1045           0 :         }
    1046           0 :         const uchar * src_slice = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1047           0 :         fd_memcpy( dst_slice, src_slice, dst_slice_len );
    1048             :         /* Update buffer data length.
    1049             :           BUFFER_METADATA_SIZE == UpgradeableLoaderState::size_of_buffer(0) */
    1050           0 :         err = fd_borrowed_account_set_data_length( &buffer, BUFFER_METADATA_SIZE );
    1051           0 :         if( FD_UNLIKELY( err ) ) {
    1052           0 :           return err;
    1053           0 :         }
    1054           0 :       } while(0);
    1055             : 
    1056             :       /* Max msg_sz: 19 - 2 + 45 = 62 < 127 => we can use printf */
    1057           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "Deployed program %s", FD_BASE58_ENC_32_ALLOCA( program_id ) );
    1058             : 
    1059             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L692-L699 */
    1060             : 
    1061             :       /* Update the Program account
    1062             :          https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L694-L695 */
    1063           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &program );
    1064             : 
    1065           0 :       loader_state->discriminant = fd_bpf_upgradeable_loader_state_enum_program;
    1066           0 :       loader_state->inner.program.programdata_address =  *programdata_key;
    1067           0 :       err = fd_bpf_loader_v3_program_set_state( &program, loader_state );
    1068           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1069           0 :         return err;
    1070           0 :       }
    1071           0 :       err = fd_borrowed_account_set_executable( &program, 1 );
    1072           0 :       if( FD_UNLIKELY( err ) ) {
    1073           0 :         return err;
    1074           0 :       }
    1075             : 
    1076           0 :       FD_LOG_INFO(( "Program deployed %s", FD_BASE58_ENC_32_ALLOCA( program.acct->pubkey ) ));
    1077             : 
    1078             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L700 */
    1079           0 :       fd_borrowed_account_drop( &program );
    1080             : 
    1081           0 :       break;
    1082           0 :     }
    1083             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L703-L891 */
    1084           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_upgrade: {
    1085             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L704-L714 */
    1086           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1087           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1088           0 :       }
    1089             : 
    1090             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L706-L708 */
    1091           0 :       fd_pubkey_t const * programdata_key = NULL;
    1092           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &programdata_key );
    1093           0 :       if( FD_UNLIKELY( err ) ) {
    1094           0 :         return err;
    1095           0 :       }
    1096             : 
    1097             :       /* rent is accessed directly from the epoch bank and the clock from the
    1098             :         slot context. However, a check must be done to make sure that the
    1099             :         sysvars are correctly included in the set of transaction accounts. */
    1100           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 4UL, &fd_sysvar_rent_id );
    1101           0 :       if( FD_UNLIKELY( err ) ) {
    1102           0 :         return err;
    1103           0 :       }
    1104           0 :       err = fd_sysvar_instr_acct_check( instr_ctx, 5UL, &fd_sysvar_clock_id );
    1105           0 :       if( FD_UNLIKELY( err ) ) {
    1106           0 :         return err;
    1107           0 :       }
    1108             : 
    1109           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 7U ) ) ) {
    1110           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1111           0 :       }
    1112             : 
    1113             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L713-L715 */
    1114           0 :       fd_pubkey_t const * authority_key = NULL;
    1115           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 6UL, &authority_key );
    1116           0 :       if( FD_UNLIKELY( err ) ) {
    1117           0 :         return err;
    1118           0 :       }
    1119             : 
    1120             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L716-L745 */
    1121             :       /* Verify Program account */
    1122             : 
    1123             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L719-L720 */
    1124           0 :       fd_guarded_borrowed_account_t program;
    1125           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &program );
    1126             : 
    1127             :       /* https://github.com/anza-xyz/agave/blob/89872fdb074e6658646b2b57a299984f0059cc84/programs/bpf_loader/src/lib.rs#L758-L765 */
    1128           0 :       if( FD_UNLIKELY( !FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) &&
    1129           0 :                        !fd_borrowed_account_is_executable( &program ) ) ) {
    1130           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not executable" );
    1131           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_NOT_EXECUTABLE;
    1132           0 :       }
    1133           0 :       if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program ) ) ) {
    1134           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not writeable" );
    1135           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1136           0 :       }
    1137           0 :       if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program ), program_id, sizeof(fd_pubkey_t) ) ) ) {
    1138           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
    1139           0 :         return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    1140           0 :       }
    1141           0 :       fd_bpf_upgradeable_loader_state_t * program_state = fd_bpf_loader_program_get_state( program.acct, spad, &err );
    1142           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1143           0 :         return err;
    1144           0 :       }
    1145           0 :       if( FD_UNLIKELY( fd_bpf_upgradeable_loader_state_is_program( program_state ) ) ) {
    1146           0 :         if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
    1147           0 :           fd_log_collector_msg_literal( instr_ctx, "Program and ProgramData account mismatch" );
    1148           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1149           0 :         }
    1150           0 :       } else {
    1151           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
    1152           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1153           0 :       }
    1154             : 
    1155             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L746 */
    1156           0 :       fd_borrowed_account_drop( &program );
    1157             : 
    1158             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L747-L773 */
    1159             :       /* Verify Buffer account */
    1160             : 
    1161           0 :       ulong buffer_lamports    = 0UL;
    1162           0 :       ulong buffer_data_offset = 0UL;
    1163           0 :       ulong buffer_data_len    = 0UL;
    1164             : 
    1165             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L750-L751 */
    1166           0 :       fd_guarded_borrowed_account_t buffer;
    1167           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1168             : 
    1169           0 :       fd_bpf_upgradeable_loader_state_t * buffer_state = fd_bpf_loader_program_get_state( buffer.acct, spad, &err );
    1170           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1171           0 :         return err;
    1172           0 :       }
    1173           0 :       if( fd_bpf_upgradeable_loader_state_is_buffer( buffer_state ) ) {
    1174           0 :         if( FD_UNLIKELY( (authority_key==NULL) != (buffer_state->inner.buffer.authority_address == NULL) ||
    1175           0 :             (authority_key!=NULL && memcmp( buffer_state->inner.buffer.authority_address, authority_key, sizeof(fd_pubkey_t) ) ) ) ) {
    1176           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer and upgrade authority don't match" );
    1177           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1178           0 :         }
    1179           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 6UL ) ) ) {
    1180           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1181           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1182           0 :         }
    1183           0 :       } else {
    1184           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Buffer account" );
    1185           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1186           0 :       }
    1187           0 :       buffer_lamports    = fd_borrowed_account_get_lamports( &buffer );
    1188           0 :       buffer_data_offset = BUFFER_METADATA_SIZE;
    1189           0 :       buffer_data_len    = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &buffer ), buffer_data_offset );
    1190           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &buffer )<BUFFER_METADATA_SIZE || buffer_data_len==0UL ) ) {
    1191           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account too small" );
    1192           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1193           0 :       }
    1194             : 
    1195             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L774 */
    1196           0 :       fd_borrowed_account_drop( &buffer );
    1197             : 
    1198             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L775-L823 */
    1199             :       /* Verify ProgramData account */
    1200             : 
    1201           0 :       ulong                               programdata_data_offset      = PROGRAMDATA_METADATA_SIZE;
    1202           0 :       fd_bpf_upgradeable_loader_state_t * programdata_state            = NULL;
    1203           0 :       ulong                               programdata_balance_required = 0UL;
    1204             : 
    1205             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L778-L779 */
    1206           0 :       fd_guarded_borrowed_account_t programdata;
    1207           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
    1208             : 
    1209           0 :       fd_rent_t const * rent = fd_bank_rent_query( instr_ctx->txn_ctx->bank );
    1210             : 
    1211           0 :       programdata_balance_required = fd_ulong_max( 1UL, fd_rent_exempt_minimum_balance( rent, fd_borrowed_account_get_data_len( &programdata ) ) );
    1212             : 
    1213           0 :       if( FD_UNLIKELY( fd_borrowed_account_get_data_len( &programdata )<fd_ulong_sat_add( PROGRAMDATA_METADATA_SIZE, buffer_data_len ) ) ) {
    1214           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData account not large enough" );
    1215           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1216           0 :       }
    1217           0 :       if( FD_UNLIKELY( fd_ulong_sat_add( fd_borrowed_account_get_lamports( &programdata ), buffer_lamports )<programdata_balance_required ) ) {
    1218           0 :         fd_log_collector_msg_literal( instr_ctx, "Buffer account balance too low to fund upgrade" );
    1219           0 :         return FD_EXECUTOR_INSTR_ERR_INSUFFICIENT_FUNDS;
    1220           0 :       }
    1221           0 :       programdata_state = fd_bpf_loader_program_get_state( programdata.acct, spad, &err );
    1222           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1223           0 :         return err;
    1224           0 :       }
    1225             : 
    1226           0 :       fd_sol_sysvar_clock_t const * clock = fd_sysvar_clock_read( instr_ctx->txn_ctx->funk, instr_ctx->txn_ctx->funk_txn, instr_ctx->txn_ctx->spad );
    1227           0 :       if( FD_UNLIKELY( !clock ) ) {
    1228           0 :         return FD_EXECUTOR_INSTR_ERR_GENERIC_ERR;
    1229           0 :       }
    1230             : 
    1231           0 :       if( fd_bpf_upgradeable_loader_state_is_program_data( programdata_state ) ) {
    1232           0 :         if( FD_UNLIKELY( clock->slot==programdata_state->inner.program_data.slot ) ) {
    1233           0 :           fd_log_collector_msg_literal( instr_ctx, "Program was deployed in this block already" );
    1234           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1235           0 :         }
    1236           0 :         if( FD_UNLIKELY( !programdata_state->inner.program_data.upgrade_authority_address ) ) {
    1237           0 :           fd_log_collector_msg_literal( instr_ctx, "Prrogram not upgradeable" );
    1238           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1239           0 :         }
    1240           0 :         if( FD_UNLIKELY( memcmp( programdata_state->inner.program_data.upgrade_authority_address, authority_key, sizeof(fd_pubkey_t) ) ) ) {
    1241           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
    1242           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1243           0 :         }
    1244           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 6UL ) ) ) {
    1245           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1246           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1247           0 :         }
    1248           0 :       } else {
    1249           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid ProgramData account" );
    1250           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1251           0 :       }
    1252             : 
    1253             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L824 */
    1254           0 :       fd_borrowed_account_drop( &programdata );
    1255             : 
    1256             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L825-L845 */
    1257             :       /* Load and verify the program bits */
    1258             : 
    1259             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L827-L828 */
    1260           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1261             : 
    1262           0 :       if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ) {
    1263           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1264           0 :       }
    1265             : 
    1266           0 :       const uchar * buffer_data = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1267           0 :       err = fd_deploy_program( instr_ctx, buffer_data, buffer_data_len, instr_ctx->txn_ctx->spad );
    1268           0 :       if( FD_UNLIKELY( err ) ) {
    1269           0 :         return err;
    1270           0 :       }
    1271             : 
    1272             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L836 */
    1273           0 :       fd_borrowed_account_drop( &buffer );
    1274             : 
    1275             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L849-L850 */
    1276           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
    1277             : 
    1278             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L846-L874 */
    1279             :       /* Update the ProgramData account, record the upgraded data, and zero the rest in a local scope */
    1280           0 :       do {
    1281           0 :         programdata_state->discriminant                                 = fd_bpf_upgradeable_loader_state_enum_program_data;
    1282           0 :         programdata_state->inner.program_data.slot                      = clock->slot;
    1283           0 :         programdata_state->inner.program_data.upgrade_authority_address = (fd_pubkey_t *)authority_key;
    1284           0 :         err = fd_bpf_loader_v3_program_set_state( &programdata, programdata_state );
    1285           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1286           0 :           return err;
    1287           0 :         }
    1288             : 
    1289             :         /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L846-L875 */
    1290             :         /* We want to copy over the data and zero out the rest */
    1291           0 :         if( FD_UNLIKELY( programdata_data_offset+buffer_data_len>fd_borrowed_account_get_data_len( &programdata ) ) ) {
    1292           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1293           0 :         }
    1294             : 
    1295           0 :         uchar * programdata_data = NULL;
    1296           0 :         ulong   programdata_dlen = 0UL;
    1297           0 :         err = fd_borrowed_account_get_data_mut( &programdata, &programdata_data, &programdata_dlen );
    1298           0 :         if( FD_UNLIKELY( err ) ) {
    1299           0 :           return err;
    1300           0 :         }
    1301           0 :         uchar * dst_slice     = programdata_data + programdata_data_offset;
    1302           0 :         ulong   dst_slice_len = buffer_data_len;
    1303             : 
    1304             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L863-L864 */
    1305           0 :         fd_guarded_borrowed_account_t buffer;
    1306           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1307             : 
    1308           0 :         if( FD_UNLIKELY( buffer_data_offset>fd_borrowed_account_get_data_len( &buffer ) ) ){
    1309           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1310           0 :         }
    1311             : 
    1312           0 :         const uchar * src_slice = fd_borrowed_account_get_data( &buffer ) + buffer_data_offset;
    1313           0 :         fd_memcpy( dst_slice, src_slice, dst_slice_len );
    1314           0 :         fd_memset( dst_slice + dst_slice_len, 0, fd_borrowed_account_get_data_len( &programdata ) - programdata_data_offset - dst_slice_len );
    1315             : 
    1316             :         /* implicit drop of buffer */
    1317           0 :       } while (0);
    1318             : 
    1319             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L876-L891 */
    1320             :       /* Fund ProgramData to rent-exemption, spill the rest */
    1321             : 
    1322             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L878-L879 */
    1323           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 2UL, &buffer );
    1324             : 
    1325             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L880-L881 */
    1326           0 :       fd_guarded_borrowed_account_t spill;
    1327           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 3UL, &spill );
    1328             : 
    1329           0 :       ulong spill_addend = fd_ulong_sat_sub( fd_ulong_sat_add( fd_borrowed_account_get_lamports( &programdata ), buffer_lamports ),
    1330           0 :                                             programdata_balance_required );
    1331           0 :       err = fd_borrowed_account_checked_add_lamports( &spill, spill_addend );
    1332           0 :       if( FD_UNLIKELY( err ) ) {
    1333           0 :         return err;
    1334           0 :       }
    1335           0 :       err = fd_borrowed_account_set_lamports( &buffer, 0UL );
    1336           0 :       if( FD_UNLIKELY( err ) ) {
    1337           0 :         return err;
    1338           0 :       }
    1339           0 :       err = fd_borrowed_account_set_lamports( &programdata, programdata_balance_required );
    1340           0 :       if( FD_UNLIKELY( err ) ) {
    1341           0 :         return err;
    1342           0 :       }
    1343             : 
    1344             :       /* Buffer account set_data_length */
    1345           0 :       err = fd_borrowed_account_set_data_length( &buffer, BUFFER_METADATA_SIZE );
    1346           0 :       if( FD_UNLIKELY( err ) ) {
    1347           0 :         return err;
    1348           0 :       }
    1349             : 
    1350             :       /* buffer is dropped when it goes out of scope */
    1351             :       /* spill is dropped when it goes out of scope */
    1352             :       /* programdata is dropped when it goes out of scope */
    1353             : 
    1354             :       /* Max msg_sz: 19 - 2 + 45 = 62 < 127 => we can use printf */
    1355             :       //TODO: this is likely the incorrect program_id, do we have new_program_id?
    1356           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "Upgraded program %s", FD_BASE58_ENC_32_ALLOCA( program_id ) );
    1357             : 
    1358           0 :       break;
    1359           0 :     }
    1360             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L893-L957 */
    1361           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_set_authority: {
    1362           0 :       int err;
    1363           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
    1364           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1365           0 :       }
    1366             : 
    1367             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L896-L897 */
    1368           0 :       fd_guarded_borrowed_account_t account;
    1369           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &account );
    1370             : 
    1371             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L898-L900 */
    1372           0 :       fd_pubkey_t const * present_authority_key = NULL;
    1373           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &present_authority_key );
    1374           0 :       if( FD_UNLIKELY( err ) ) {
    1375           0 :         return err;
    1376           0 :       }
    1377             : 
    1378             :       /* Don't check the error here because the new_authority key is allowed to be NULL until further checks.
    1379             :          https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L901-L906 */
    1380           0 :       fd_pubkey_t const * new_authority = NULL;
    1381           0 :       fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &new_authority );
    1382             : 
    1383           0 :       fd_bpf_upgradeable_loader_state_t * account_state = fd_bpf_loader_program_get_state( account.acct,
    1384           0 :                                                                                            spad,
    1385           0 :                                                                                            &err );
    1386           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1387           0 :         return err;
    1388           0 :       }
    1389             : 
    1390           0 :       if( fd_bpf_upgradeable_loader_state_is_buffer( account_state ) ) {
    1391           0 :         if( FD_UNLIKELY( !new_authority ) ) {
    1392           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority is not optional" );
    1393           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1394           0 :         }
    1395           0 :         if( FD_UNLIKELY( !account_state->inner.buffer.authority_address ) ) {
    1396           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
    1397           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1398           0 :         }
    1399           0 :         if( FD_UNLIKELY( memcmp( account_state->inner.buffer.authority_address, present_authority_key, sizeof(fd_pubkey_t) ) ) ) {
    1400           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
    1401           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1402           0 :         }
    1403           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL ) ) ) {
    1404           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
    1405           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1406           0 :         }
    1407             : 
    1408             :         /* copy in the authority public key into the authority address.
    1409             :            https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L926-L928 */
    1410           0 :         *account_state->inner.buffer.authority_address = *new_authority;
    1411             : 
    1412           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1413           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1414           0 :           return err;
    1415           0 :         }
    1416           0 :       } else if( fd_bpf_upgradeable_loader_state_is_program_data( account_state ) ) {
    1417           0 :         if( FD_UNLIKELY( !account_state->inner.program_data.upgrade_authority_address ) ) {
    1418           0 :           fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
    1419           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1420           0 :         }
    1421           0 :         if( FD_UNLIKELY( memcmp( account_state->inner.program_data.upgrade_authority_address, present_authority_key, sizeof(fd_pubkey_t) ) ) ) {
    1422           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
    1423           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1424           0 :         }
    1425           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL ) ) ) {
    1426           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1427           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1428           0 :         }
    1429             : 
    1430             :         /* copy in the authority public key into the upgrade authority address.
    1431             :            https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L946-L949 */
    1432           0 :         if( new_authority ) {
    1433           0 :           *account_state->inner.program_data.upgrade_authority_address = *new_authority;
    1434           0 :         } else {
    1435           0 :           account_state->inner.program_data.upgrade_authority_address = NULL;
    1436           0 :         }
    1437             : 
    1438           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1439           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1440           0 :           return err;
    1441           0 :         }
    1442           0 :       } else {
    1443           0 :         fd_log_collector_msg_literal( instr_ctx, "Account does not support authorities" );
    1444           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1445           0 :       }
    1446             : 
    1447             :       /* Max msg_sz: 16 - 2 + 45 = 59 < 127 => we can use printf */
    1448           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority %s", FD_BASE58_ENC_32_ALLOCA( new_authority ) );
    1449             : 
    1450             :       /* implicit drop of account */
    1451             : 
    1452           0 :       break;
    1453           0 :     }
    1454             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L958-L1030 */
    1455           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_set_authority_checked: {
    1456           0 :       int err;
    1457           0 :       if( !FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, enable_bpf_loader_set_authority_checked_ix ) ) {
    1458           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    1459           0 :       }
    1460             : 
    1461           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1462           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1463           0 :       }
    1464             : 
    1465             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L968-L969 */
    1466           0 :       fd_guarded_borrowed_account_t account;
    1467           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &account );
    1468             : 
    1469             :       /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L970-L975 */
    1470           0 :       fd_pubkey_t const * present_authority_key = NULL;
    1471           0 :       fd_pubkey_t const * new_authority_key     = NULL;
    1472             : 
    1473           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &present_authority_key );
    1474           0 :       if( FD_UNLIKELY( err ) ) {
    1475           0 :         return err;
    1476           0 :       }
    1477             : 
    1478           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &new_authority_key );
    1479           0 :       if( FD_UNLIKELY( err ) ) {
    1480           0 :         return err;
    1481           0 :       }
    1482             : 
    1483             : 
    1484           0 :       fd_bpf_upgradeable_loader_state_t * account_state = fd_bpf_loader_program_get_state( account.acct, spad, &err );
    1485           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1486           0 :         return err;
    1487           0 :       }
    1488             : 
    1489           0 :       if( fd_bpf_upgradeable_loader_state_is_buffer( account_state ) ) {
    1490           0 :         if( FD_UNLIKELY( !account_state->inner.buffer.authority_address ) ) {
    1491           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer is immutable" );
    1492           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1493           0 :         }
    1494           0 :         if( FD_UNLIKELY( memcmp( account_state->inner.buffer.authority_address, present_authority_key, sizeof(fd_pubkey_t) ) ) ) {
    1495           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect buffer authority provided" );
    1496           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1497           0 :         }
    1498           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL ) ) ) {
    1499           0 :           fd_log_collector_msg_literal( instr_ctx, "Buffer authority did not sign" );
    1500           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1501           0 :         }
    1502           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL ) ) ) {
    1503           0 :           fd_log_collector_msg_literal( instr_ctx, "New authority did not sign" );
    1504           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1505           0 :         }
    1506           0 :         account_state->inner.buffer.authority_address = (fd_pubkey_t*)new_authority_key;
    1507           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1508           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1509           0 :           return err;
    1510           0 :         }
    1511           0 :       } else if( fd_bpf_upgradeable_loader_state_is_program_data( account_state ) ) {
    1512           0 :         if( FD_UNLIKELY( !account_state->inner.program_data.upgrade_authority_address ) ) {
    1513           0 :           fd_log_collector_msg_literal( instr_ctx, "Program not upgradeable" );
    1514           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1515           0 :         }
    1516           0 :         if( FD_UNLIKELY( memcmp( account_state->inner.program_data.upgrade_authority_address, present_authority_key, sizeof(fd_pubkey_t) ) ) ) {
    1517           0 :           fd_log_collector_msg_literal( instr_ctx, "Incorrect upgrade authority provided" );
    1518           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1519           0 :         }
    1520           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 1UL ) ) ) {
    1521           0 :           fd_log_collector_msg_literal( instr_ctx, "Upgrade authority did not sign" );
    1522           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1523           0 :         }
    1524           0 :         if( FD_UNLIKELY( !fd_instr_acc_is_signer_idx( instr_ctx->instr, 2UL ) ) ) {
    1525           0 :           fd_log_collector_msg_literal( instr_ctx, "New authority did not sign" );
    1526           0 :           return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1527           0 :         }
    1528           0 :         account_state->inner.program_data.upgrade_authority_address = (fd_pubkey_t*)new_authority_key;
    1529           0 :         err = fd_bpf_loader_v3_program_set_state( &account, account_state );
    1530           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1531           0 :           return err;
    1532           0 :         }
    1533           0 :       } else {
    1534           0 :         fd_log_collector_msg_literal( instr_ctx, "Account does not support authorities" );
    1535           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1536           0 :       }
    1537             : 
    1538             :       /* Max msg_sz: 16 - 2 + 45 = 59 < 127 => we can use printf */
    1539           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "New authority %s", FD_BASE58_ENC_32_ALLOCA( new_authority_key ) );
    1540             : 
    1541             :       /* implicit drop of account */
    1542             : 
    1543           0 :       break;
    1544           0 :     }
    1545             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1031-L1134 */
    1546           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_close: {
    1547           0 :       int err;
    1548             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1032-L1046 */
    1549           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 2U ) ) ) {
    1550           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1551           0 :       }
    1552             : 
    1553             :       /* It's safe to directly access the instruction accounts because we already checked for two
    1554             :          instruction accounts previously.
    1555             :          https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L1034-L1035 */
    1556           0 :       if( FD_UNLIKELY( instr_ctx->instr->accounts[ 0UL ].index_in_transaction ==
    1557           0 :                        instr_ctx->instr->accounts[ 1UL ].index_in_transaction ) ) {
    1558           0 :         fd_log_collector_msg_literal( instr_ctx, "Recipient is the same as the account being closed" );
    1559           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1560           0 :       }
    1561             : 
    1562             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1043-L1044 */
    1563           0 :       fd_guarded_borrowed_account_t close_account;
    1564           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &close_account );
    1565             : 
    1566           0 :       fd_pubkey_t * close_key = close_account.acct->pubkey;
    1567           0 :       fd_bpf_upgradeable_loader_state_t * close_account_state = fd_bpf_loader_program_get_state( close_account.acct, spad, &err );
    1568           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1569           0 :         return err;
    1570           0 :       }
    1571             :       /* Close account set data length */
    1572           0 :       err = fd_borrowed_account_set_data_length( &close_account, SIZE_OF_UNINITIALIZED );
    1573           0 :       if( FD_UNLIKELY( err ) ) {
    1574           0 :         return err;
    1575           0 :       }
    1576             : 
    1577             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1049-L1056 */
    1578           0 :       if( fd_bpf_upgradeable_loader_state_is_uninitialized( close_account_state ) ) {
    1579             : 
    1580             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1050-L1051 */
    1581           0 :         fd_guarded_borrowed_account_t recipient_account;
    1582           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &recipient_account );
    1583             : 
    1584           0 :         err = fd_borrowed_account_checked_add_lamports( &recipient_account, fd_borrowed_account_get_lamports( &close_account ) );
    1585           0 :         if( FD_UNLIKELY( err ) ) {
    1586           0 :           return err;
    1587           0 :         }
    1588           0 :         err = fd_borrowed_account_set_lamports( &close_account, 0UL );
    1589           0 :         if( FD_UNLIKELY( err ) ) {
    1590           0 :           return err;
    1591           0 :         }
    1592             :         /* Max msg_sz: 23 - 2 + 45 = 66 < 127 => we can use printf */
    1593           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx,
    1594           0 :           "Closed Uninitialized %s", FD_BASE58_ENC_32_ALLOCA( close_key ) );
    1595             : 
    1596             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1057-L1068 */
    1597           0 :       } else if( fd_bpf_upgradeable_loader_state_is_buffer( close_account_state ) ) {
    1598             : 
    1599             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1059 */
    1600           0 :         fd_borrowed_account_drop( &close_account );
    1601             : 
    1602           0 :         if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1603           0 :           return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1604           0 :         }
    1605             : 
    1606           0 :         err = common_close_account( close_account_state->inner.buffer.authority_address, instr_ctx, close_account_state );
    1607           0 :         if( FD_UNLIKELY( err ) ) {
    1608           0 :           return err;
    1609           0 :         }
    1610             :         /* Max msg_sz: 16 - 2 + 45 = 63 < 127 => we can use printf */
    1611           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx,
    1612           0 :           "Closed Buffer %s", FD_BASE58_ENC_32_ALLOCA( close_key ) );
    1613             : 
    1614             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1069-L1129 */
    1615           0 :       } else if( fd_bpf_upgradeable_loader_state_is_program_data( close_account_state ) ) {
    1616           0 :         int err;
    1617           0 :         if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 4U ) ) ) {
    1618           0 :           return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1619           0 :         }
    1620             : 
    1621             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1074 */
    1622           0 :         fd_borrowed_account_drop( &close_account );
    1623             : 
    1624             :         /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1075-L1076 */
    1625           0 :         fd_guarded_borrowed_account_t program_account;
    1626           0 :         FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK(instr_ctx, 3UL, &program_account );
    1627             : 
    1628           0 :         if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program_account ) ) ) {
    1629           0 :           fd_log_collector_msg_literal( instr_ctx, "Program account is not writable" );
    1630           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1631           0 :         }
    1632           0 :         if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program_account ), program_id, sizeof(fd_pubkey_t) ) ) ) {
    1633           0 :           fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
    1634           0 :           return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    1635           0 :         }
    1636           0 :         fd_sol_sysvar_clock_t const * clock = fd_sysvar_clock_read( instr_ctx->txn_ctx->funk, instr_ctx->txn_ctx->funk_txn, instr_ctx->txn_ctx->spad );
    1637           0 :         if( FD_UNLIKELY( !clock ) ) {
    1638           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1639           0 :         }
    1640           0 :         if( FD_UNLIKELY( clock->slot==close_account_state->inner.program_data.slot ) ) {
    1641           0 :           fd_log_collector_msg_literal( instr_ctx,"Program was deployed in this block already" );
    1642           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1643           0 :         }
    1644             : 
    1645           0 :         fd_bpf_upgradeable_loader_state_t * program_state = fd_bpf_loader_program_get_state( program_account.acct, spad, &err );
    1646           0 :         if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1647           0 :           return err;
    1648           0 :         }
    1649           0 :         if( fd_bpf_upgradeable_loader_state_is_program( program_state ) ) {
    1650           0 :           if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, close_key, sizeof(fd_pubkey_t) ) ) ) {
    1651           0 :             fd_log_collector_msg_literal( instr_ctx,"Program account does not match ProgramData account" );
    1652           0 :             return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1653           0 :           }
    1654             : 
    1655             :           /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1105 */
    1656           0 :           fd_borrowed_account_drop( &program_account );
    1657             : 
    1658           0 :           err = common_close_account( close_account_state->inner.program_data.upgrade_authority_address,
    1659           0 :                                       instr_ctx,
    1660           0 :                                       close_account_state );
    1661           0 :           if( FD_UNLIKELY( err ) ) {
    1662           0 :             return err;
    1663           0 :           }
    1664             : 
    1665             :           /* The Agave client updates the account state upon closing an account
    1666             :              in their loaded program cache. Checking for a program can be
    1667             :              checked by checking to see if the programdata account's loader state
    1668             :              is unitialized. The firedancer implementation also removes closed
    1669             :              accounts from the loaded program cache at the end of a slot. Closed
    1670             :              accounts are not checked from the cache, instead the account state
    1671             :              is looked up. */
    1672             : 
    1673           0 :         } else {
    1674           0 :           fd_log_collector_msg_literal( instr_ctx, "Invalid program account" );
    1675           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1676           0 :         }
    1677             : 
    1678             :         /* Max msg_sz: 17 - 2 + 45 = 60 < 127 => we can use printf */
    1679           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx,
    1680           0 :           "Closed Program %s", FD_BASE58_ENC_32_ALLOCA( close_key ) );
    1681             : 
    1682             :         /* program account is dropped when it goes out of scope */
    1683           0 :       } else {
    1684           0 :         fd_log_collector_msg_literal( instr_ctx, "Account does not support closing" );
    1685           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1686           0 :       }
    1687             : 
    1688             :       /* implicit drop of close account */
    1689           0 :       break;
    1690           0 :     }
    1691             :     /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1136-L1294 */
    1692           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_extend_program: {
    1693           0 :       int err;
    1694             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1137-L1172 */
    1695           0 :       uint additional_bytes = instruction->inner.extend_program.additional_bytes;
    1696           0 :       if( FD_UNLIKELY( additional_bytes==0U ) ) {
    1697           0 :         fd_log_collector_msg_literal( instr_ctx, "Additional bytes must be greater than 0" );
    1698           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    1699           0 :       }
    1700             : 
    1701             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1151-L1152 */
    1702           0 :       fd_guarded_borrowed_account_t programdata_account;
    1703           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata_account );
    1704             : 
    1705           0 :       fd_pubkey_t * programdata_key = programdata_account.acct->pubkey;
    1706             : 
    1707           0 :       if( FD_UNLIKELY( memcmp( program_id, fd_borrowed_account_get_owner( &programdata_account ), sizeof(fd_pubkey_t) ) ) ) {
    1708           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData owner is invalid" );
    1709           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
    1710           0 :       }
    1711           0 :       if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &programdata_account ) ) ) {
    1712           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData is not writable" );
    1713           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1714           0 :       }
    1715             : 
    1716             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1164-L1165 */
    1717           0 :       fd_guarded_borrowed_account_t program_account;
    1718           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &program_account );
    1719             : 
    1720           0 :       if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program_account ) ) ) {
    1721           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account is not writable" );
    1722           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1723           0 :       }
    1724           0 :       if( FD_UNLIKELY( memcmp( program_id, fd_borrowed_account_get_owner( &program_account ), sizeof(fd_pubkey_t) ) ) ) {
    1725           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
    1726           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_OWNER;
    1727           0 :       }
    1728             : 
    1729             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1172-L1190 */
    1730           0 :       fd_bpf_upgradeable_loader_state_t * program_state = fd_bpf_loader_program_get_state( program_account.acct, spad, &err );
    1731           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1732           0 :         return err;
    1733           0 :       }
    1734           0 :       if( fd_bpf_upgradeable_loader_state_is_program( program_state ) ) {
    1735           0 :         if( FD_UNLIKELY( memcmp( &program_state->inner.program.programdata_address, programdata_key, sizeof(fd_pubkey_t) ) ) ) {
    1736           0 :           fd_log_collector_msg_literal( instr_ctx, "Program account does not match ProgramData account" );
    1737           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1738           0 :         }
    1739           0 :       } else {
    1740           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid program account" );
    1741           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1742           0 :       }
    1743             : 
    1744             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1192 */
    1745           0 :       fd_borrowed_account_drop( &program_account );
    1746             : 
    1747             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1191-L1230 */
    1748           0 :       ulong old_len = fd_borrowed_account_get_data_len( &programdata_account );
    1749           0 :       ulong new_len = fd_ulong_sat_add( old_len, additional_bytes );
    1750           0 :       if( FD_UNLIKELY( new_len>MAX_PERMITTED_DATA_LENGTH ) ) {
    1751             :         /* Max msg_sz: 85 - 6 + 2*20 = 119 < 127 => we can use printf */
    1752           0 :         fd_log_collector_printf_dangerous_max_127( instr_ctx,
    1753           0 :           "Extended ProgramData length of %lu bytes exceeds max account data length of %lu bytes", new_len, MAX_PERMITTED_DATA_LENGTH );
    1754           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC;
    1755           0 :       }
    1756           0 :       fd_sol_sysvar_clock_t const * clock = fd_sysvar_clock_read( instr_ctx->txn_ctx->funk, instr_ctx->txn_ctx->funk_txn, instr_ctx->txn_ctx->spad );
    1757           0 :       if( FD_UNLIKELY( !clock ) ) {
    1758           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1759           0 :       }
    1760             : 
    1761           0 :       fd_pubkey_t * upgrade_authority_address = NULL;
    1762           0 :       fd_bpf_upgradeable_loader_state_t * programdata_state = fd_bpf_loader_program_get_state( programdata_account.acct, spad, &err );
    1763           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1764           0 :         return err;
    1765           0 :       }
    1766           0 :       if( fd_bpf_upgradeable_loader_state_is_program_data( programdata_state ) ) {
    1767           0 :         if( FD_UNLIKELY( clock->slot==programdata_state->inner.program_data.slot ) ) {
    1768           0 :           fd_log_collector_msg_literal( instr_ctx, "Program was extended in this block already" );
    1769           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1770           0 :         }
    1771             : 
    1772           0 :         if( FD_UNLIKELY( !programdata_state->inner.program_data.upgrade_authority_address ) ) {
    1773           0 :           fd_log_collector_msg_literal( instr_ctx, "Cannot extend ProgramData accounts that are not upgradeable" );
    1774           0 :           return FD_EXECUTOR_INSTR_ERR_ACC_IMMUTABLE;
    1775           0 :         }
    1776           0 :         upgrade_authority_address = programdata_state->inner.program_data.upgrade_authority_address;
    1777           0 :       } else {
    1778           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData state is invalid" );
    1779           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    1780           0 :       }
    1781             : 
    1782             :       /* https://github.com/anza-xyz/agave/blob/574bae8fefc0ed256b55340b9d87b7689bcdf222/programs/bpf_loader/src/lib.rs#L1232-L1256 */
    1783           0 :       fd_rent_t const * rent             = fd_bank_rent_query( instr_ctx->txn_ctx->bank );
    1784           0 :       ulong             balance          = fd_borrowed_account_get_lamports( &programdata_account );
    1785           0 :       ulong             min_balance      = fd_ulong_max( fd_rent_exempt_minimum_balance( rent, new_len ), 1UL );
    1786           0 :       ulong             required_payment = fd_ulong_sat_sub( min_balance, balance );
    1787             : 
    1788             :       /* Borrowed accounts need to be dropped before native invocations. Note:
    1789             :          the programdata account is manually released and acquired within the
    1790             :          extend instruction to preserve the local variable scoping to maintain
    1791             :          readability. The scoped macro still successfully handles the case of
    1792             :          freeing a write lock in case of an early termination. */
    1793             : 
    1794             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1242 */
    1795           0 :       fd_borrowed_account_drop( &programdata_account );
    1796             : 
    1797           0 :       if( FD_UNLIKELY( required_payment>0UL ) ) {
    1798           0 :         if ( FD_UNLIKELY( instr_ctx->instr->acct_cnt<=3UL ) ) {
    1799           0 :           return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1800           0 :         }
    1801             : 
    1802             :         /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L1292-L1295 */
    1803           0 :         fd_pubkey_t const * payer_key = NULL;
    1804           0 :         err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 3UL, &payer_key );
    1805           0 :         if( FD_UNLIKELY( err ) ) {
    1806           0 :           return err;
    1807           0 :         }
    1808             : 
    1809           0 :         uchar instr_data[FD_TXN_MTU];
    1810           0 :         fd_system_program_instruction_t instr = {
    1811           0 :           .discriminant = fd_system_program_instruction_enum_transfer,
    1812           0 :           .inner = {
    1813           0 :             .transfer = required_payment
    1814           0 :           }
    1815           0 :         };
    1816             : 
    1817           0 :         fd_bincode_encode_ctx_t encode_ctx = {
    1818           0 :           .data    = instr_data,
    1819           0 :           .dataend = instr_data + FD_TXN_MTU
    1820           0 :         };
    1821             : 
    1822             :         // This should never fail.
    1823           0 :         int err = fd_system_program_instruction_encode( &instr, &encode_ctx );
    1824           0 :         if( FD_UNLIKELY( err ) ) {
    1825           0 :           return FD_EXECUTOR_INSTR_ERR_FATAL;
    1826           0 :         }
    1827             : 
    1828           0 :         fd_vm_rust_account_meta_t * acct_metas = (fd_vm_rust_account_meta_t *)
    1829           0 :                                                   fd_spad_alloc( instr_ctx->txn_ctx->spad,
    1830           0 :                                                                     FD_VM_RUST_ACCOUNT_META_ALIGN,
    1831           0 :                                                                     2UL * sizeof(fd_vm_rust_account_meta_t) );
    1832           0 :         fd_native_cpi_create_account_meta( payer_key,       1UL, 1UL, &acct_metas[ 0UL ] );
    1833           0 :         fd_native_cpi_create_account_meta( programdata_key, 0UL, 1UL, &acct_metas[ 1UL ] );
    1834             : 
    1835           0 :         err = fd_native_cpi_native_invoke( instr_ctx,
    1836           0 :                                            &fd_solana_system_program_id,
    1837           0 :                                            instr_data,
    1838           0 :                                            FD_TXN_MTU,
    1839           0 :                                            acct_metas,
    1840           0 :                                            2UL,
    1841           0 :                                            NULL,
    1842           0 :                                            0UL );
    1843           0 :         if( FD_UNLIKELY( err ) ) {
    1844           0 :           return err;
    1845           0 :         }
    1846           0 :       }
    1847             : 
    1848             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1262-L1263 */
    1849           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata_account );
    1850             : 
    1851             :       /* Programdata account set data length */
    1852           0 :       err = fd_borrowed_account_set_data_length( &programdata_account, new_len );
    1853           0 :       if( FD_UNLIKELY( err ) ) {
    1854           0 :         return err;
    1855           0 :       }
    1856             : 
    1857           0 :       if( FD_UNLIKELY( PROGRAMDATA_METADATA_SIZE>fd_borrowed_account_get_data_len( &programdata_account ) ) ) {
    1858           0 :         return FD_EXECUTOR_INSTR_ERR_ACC_DATA_TOO_SMALL;
    1859           0 :       }
    1860             : 
    1861           0 :       uchar const * programdata_data = fd_borrowed_account_get_data( &programdata_account ) + PROGRAMDATA_METADATA_SIZE;
    1862           0 :       ulong         programdata_size = new_len - PROGRAMDATA_METADATA_SIZE;
    1863             : 
    1864           0 :       err = fd_deploy_program( instr_ctx, programdata_data, programdata_size, instr_ctx->txn_ctx->spad );
    1865           0 :       if( FD_UNLIKELY( err ) ) {
    1866           0 :         return err;
    1867           0 :       }
    1868             : 
    1869             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1275 */
    1870           0 :       fd_borrowed_account_drop( &programdata_account );
    1871             : 
    1872             :       /* Setting the discriminant and upgrade authority address here can likely
    1873             :          be a no-op because these values shouldn't change. These can probably be
    1874             :          removed, but can help to mirror against Agave client's implementation.
    1875             :          The set_state function also contains an ownership check. */
    1876             : 
    1877             :       /* https://github.com/anza-xyz/agave/blob/v2.1.4/programs/bpf_loader/src/lib.rs#L1283-L1284 */
    1878           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata_account );
    1879             : 
    1880           0 :       programdata_state->discriminant                                 = fd_bpf_upgradeable_loader_state_enum_program_data;
    1881           0 :       programdata_state->inner.program_data.slot                      = clock->slot;
    1882           0 :       programdata_state->inner.program_data.upgrade_authority_address = upgrade_authority_address;
    1883             : 
    1884           0 :       err = fd_bpf_loader_v3_program_set_state( &programdata_account, programdata_state );
    1885           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    1886           0 :         return err;
    1887           0 :       }
    1888             : 
    1889             :       /* Max msg_sz: 41 - 2 + 20 = 57 < 127 => we can use printf */
    1890           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx,
    1891           0 :         "Extended ProgramData account by %u bytes", additional_bytes );
    1892             : 
    1893             :       /* programdata account is dropped when it goes out of scope */
    1894             : 
    1895           0 :       break;
    1896           0 :     }
    1897             :     /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1338-L1508 */
    1898           0 :     case fd_bpf_upgradeable_loader_program_instruction_enum_migrate: {
    1899             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1339-L1344 */
    1900           0 :       if( FD_UNLIKELY( !FD_FEATURE_ACTIVE_BANK( instr_ctx->txn_ctx->bank, enable_loader_v4 ) ) ) {
    1901           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_INSTR_DATA;
    1902           0 :       }
    1903             : 
    1904             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1346 */
    1905           0 :       if( FD_UNLIKELY( fd_exec_instr_ctx_check_num_insn_accounts( instr_ctx, 3U ) ) ) {
    1906           0 :         return FD_EXECUTOR_INSTR_ERR_NOT_ENOUGH_ACC_KEYS;
    1907           0 :       }
    1908             : 
    1909             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1347-L1349 */
    1910           0 :       fd_pubkey_t const * programdata_address = NULL;
    1911           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 0UL, &programdata_address );
    1912           0 :       if( FD_UNLIKELY( err ) ) {
    1913           0 :         return err;
    1914           0 :       }
    1915             : 
    1916             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1350-L1352 */
    1917           0 :       fd_pubkey_t const * program_address = NULL;
    1918           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 1UL, &program_address );
    1919           0 :       if( FD_UNLIKELY( err ) ) {
    1920           0 :         return err;
    1921           0 :       }
    1922             : 
    1923             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1353-L1355 */
    1924           0 :       fd_pubkey_t const * provided_authority_address = NULL;
    1925           0 :       err = fd_exec_instr_ctx_get_key_of_account_at_index( instr_ctx, 2UL, &provided_authority_address );
    1926           0 :       if( FD_UNLIKELY( err ) ) {
    1927           0 :         return err;
    1928           0 :       }
    1929             : 
    1930             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1356-L1359 */
    1931           0 :       fd_sol_sysvar_clock_t const * clock = fd_sysvar_clock_read( instr_ctx->txn_ctx->funk, instr_ctx->txn_ctx->funk_txn, instr_ctx->txn_ctx->spad );
    1932           0 :       if( FD_UNLIKELY( !clock ) ) {
    1933           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_SYSVAR;
    1934           0 :       }
    1935           0 :       ulong clock_slot = clock->slot;
    1936             : 
    1937             :       /* Verify ProgramData account
    1938             :          https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1362-L1363 */
    1939           0 :       fd_guarded_borrowed_account_t programdata;
    1940           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 0UL, &programdata );
    1941             : 
    1942             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1364-L1367 */
    1943           0 :       if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &programdata ) ) ) {
    1944           0 :         fd_log_collector_msg_literal( instr_ctx, "ProgramData account not writeable" );
    1945           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1946           0 :       }
    1947             : 
    1948             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1368-L1387 */
    1949           0 :       ulong         program_len               = 0UL;
    1950           0 :       fd_pubkey_t * upgrade_authority_address = NULL;
    1951           0 :       fd_bpf_upgradeable_loader_state_t * programdata_state = fd_bpf_loader_program_get_state( programdata.acct, spad, &err );
    1952           0 :       if( FD_LIKELY( err==FD_BINCODE_SUCCESS && fd_bpf_upgradeable_loader_state_is_program_data( programdata_state ) ) ) {
    1953             : 
    1954             :         /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1374-L1377 */
    1955           0 :         if( FD_UNLIKELY( clock_slot==programdata_state->inner.program_data.slot ) ) {
    1956           0 :           fd_log_collector_msg_literal( instr_ctx, "Program was deployed in this block already" );
    1957           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1958           0 :         }
    1959             : 
    1960             :         /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1378-L1384 */
    1961           0 :         program_len = fd_ulong_sat_sub( fd_borrowed_account_get_data_len( &programdata ), PROGRAMDATA_METADATA_SIZE );
    1962           0 :         upgrade_authority_address = programdata_state->inner.program_data.upgrade_authority_address;
    1963           0 :       }
    1964             : 
    1965             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1388 */
    1966           0 :       ulong programdata_funds = fd_borrowed_account_get_lamports( &programdata );
    1967             : 
    1968             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1389 */
    1969           0 :       fd_borrowed_account_drop( &programdata );
    1970             : 
    1971             :       /* Verify authority signature
    1972             :          https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1391-L1398 */
    1973           0 :       fd_pubkey_t const * authority_key_to_compare = upgrade_authority_address ? upgrade_authority_address : program_address;
    1974           0 :       if( FD_UNLIKELY( memcmp( fd_solana_migration_authority.key, provided_authority_address->key, sizeof(fd_pubkey_t) ) &&
    1975           0 :                        memcmp( authority_key_to_compare->key, provided_authority_address->key, sizeof(fd_pubkey_t) ) ) ) {
    1976           0 :         fd_log_collector_msg_literal( instr_ctx, "Incorrect migration authority provided" );
    1977           0 :         return FD_EXECUTOR_INSTR_ERR_INCORRECT_AUTHORITY;
    1978           0 :       }
    1979             : 
    1980             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1399-L1402 */
    1981           0 :       if( FD_UNLIKELY( !instr_ctx->instr->accounts[ 2UL ].is_signer ) ) {
    1982           0 :         fd_log_collector_msg_literal( instr_ctx, "Migration authority did not sign" );
    1983           0 :         return FD_EXECUTOR_INSTR_ERR_MISSING_REQUIRED_SIGNATURE;
    1984           0 :       }
    1985             : 
    1986             :       /* Verify Program account
    1987             :          https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1404-L1406 */
    1988           0 :       fd_guarded_borrowed_account_t program;
    1989           0 :       FD_TRY_BORROW_INSTR_ACCOUNT_DEFAULT_ERR_CHECK( instr_ctx, 1UL, &program );
    1990             : 
    1991             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1407-L1410 */
    1992           0 :       if( FD_UNLIKELY( !fd_borrowed_account_is_writable( &program ) ) ) {
    1993           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not writeable" );
    1994           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    1995           0 :       }
    1996             : 
    1997             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1411-L1414 */
    1998           0 :       if( FD_UNLIKELY( memcmp( fd_borrowed_account_get_owner( &program ), program_id, sizeof(fd_pubkey_t) ) ) ) {
    1999           0 :         fd_log_collector_msg_literal( instr_ctx, "Program account not owned by loader" );
    2000           0 :         return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    2001           0 :       }
    2002             : 
    2003             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1415-L1426 */
    2004           0 :       fd_bpf_upgradeable_loader_state_t * program_state = fd_bpf_loader_program_get_state( program.acct, spad, &err );
    2005           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    2006           0 :         return err;
    2007           0 :       }
    2008             : 
    2009           0 :       if( FD_LIKELY( fd_bpf_upgradeable_loader_state_is_program( program_state ) ) ) {
    2010           0 :         if( FD_UNLIKELY( memcmp( programdata_address->key, program_state->inner.program.programdata_address.key, sizeof(fd_pubkey_t) ) ) ) {
    2011           0 :           fd_log_collector_msg_literal( instr_ctx, "Program and ProgramData account mismatch" );
    2012           0 :           return FD_EXECUTOR_INSTR_ERR_INVALID_ARG;
    2013           0 :         }
    2014           0 :       } else {
    2015           0 :         fd_log_collector_msg_literal( instr_ctx, "Invalid Program account" );
    2016           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2017           0 :       }
    2018             : 
    2019             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1427 */
    2020           0 :       err = fd_borrowed_account_set_data_from_slice( &program, NULL, 0UL );
    2021           0 :       if( FD_UNLIKELY( err ) ) {
    2022           0 :         return err;
    2023           0 :       }
    2024             : 
    2025             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1428 */
    2026           0 :       err = fd_borrowed_account_checked_add_lamports( &program , programdata_funds );
    2027           0 :       if( FD_UNLIKELY( err ) ) {
    2028           0 :         return err;
    2029           0 :       }
    2030             : 
    2031             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1429-L1433 */
    2032           0 :       if( FD_UNLIKELY( program_len==0UL ) ) {
    2033           0 :         err = fd_borrowed_account_set_owner( &program, &fd_solana_system_program_id );
    2034           0 :       } else {
    2035           0 :         err = fd_borrowed_account_set_owner( &program, &fd_solana_bpf_loader_v4_program_id );
    2036           0 :       }
    2037           0 :       if( FD_UNLIKELY( err ) ) {
    2038           0 :         return err;
    2039           0 :       }
    2040             : 
    2041             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1434 */
    2042           0 :       fd_borrowed_account_drop( &program );
    2043             : 
    2044             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1436-L1437 */
    2045           0 :       err = fd_exec_instr_ctx_try_borrow_instr_account( instr_ctx , 0U, &programdata );
    2046           0 :       if( FD_UNLIKELY( err ) ) {
    2047           0 :         return err;
    2048           0 :       }
    2049             : 
    2050             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1438 */
    2051           0 :       err = fd_borrowed_account_set_lamports( &programdata, 0UL );
    2052           0 :       if( FD_UNLIKELY( err ) ) {
    2053           0 :         return err;
    2054           0 :       }
    2055             : 
    2056             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1439 */
    2057           0 :       fd_borrowed_account_drop( &programdata );
    2058             : 
    2059           0 :       FD_SPAD_FRAME_BEGIN( instr_ctx->txn_ctx->spad ) {
    2060           0 :         uchar                              instr_data[FD_TXN_MTU];
    2061           0 :         fd_loader_v4_program_instruction_t instr      = {0};
    2062           0 :         fd_bincode_encode_ctx_t            encode_ctx = {0};
    2063           0 :         fd_vm_rust_account_meta_t *        acct_metas = fd_spad_alloc( instr_ctx->txn_ctx->spad,
    2064           0 :                                                                        FD_VM_RUST_ACCOUNT_META_ALIGN,
    2065           0 :                                                                        3UL * sizeof(fd_vm_rust_account_meta_t) );
    2066             : 
    2067             :         /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1441-L1484 */
    2068           0 :         if( FD_LIKELY( program_len>0UL ) ) {
    2069             : 
    2070             :           /* Set program length
    2071             :              https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1442-L1451 */
    2072           0 :           fd_native_cpi_create_account_meta( program_address,            0, 1, &acct_metas[0] );
    2073           0 :           fd_native_cpi_create_account_meta( provided_authority_address, 1, 0, &acct_metas[1] );
    2074           0 :           fd_native_cpi_create_account_meta( program_address,            0, 1, &acct_metas[2] );
    2075             : 
    2076           0 :           instr = (fd_loader_v4_program_instruction_t) {
    2077           0 :             .discriminant = fd_loader_v4_program_instruction_enum_set_program_length,
    2078           0 :             .inner = {
    2079           0 :               .set_program_length = {
    2080           0 :                 .new_size = (uint)program_len
    2081           0 :               }
    2082           0 :             }
    2083           0 :           };
    2084             : 
    2085           0 :           encode_ctx = (fd_bincode_encode_ctx_t) {
    2086           0 :             .data    = instr_data,
    2087           0 :             .dataend = instr_data + FD_TXN_MTU
    2088           0 :           };
    2089             : 
    2090             :           // This should never fail.
    2091           0 :           err = fd_loader_v4_program_instruction_encode( &instr, &encode_ctx );
    2092           0 :           if( FD_UNLIKELY( err ) ) {
    2093           0 :             return FD_EXECUTOR_INSTR_ERR_FATAL;
    2094           0 :           }
    2095             : 
    2096           0 :           err = fd_native_cpi_native_invoke( instr_ctx,
    2097           0 :                                              &fd_solana_bpf_loader_v4_program_id,
    2098           0 :                                              instr_data,
    2099           0 :                                              FD_TXN_MTU,
    2100           0 :                                              acct_metas,
    2101           0 :                                              3UL,
    2102           0 :                                              NULL,
    2103           0 :                                              0UL );
    2104           0 :           if( FD_UNLIKELY( err ) ) {
    2105           0 :             return err;
    2106           0 :           }
    2107             : 
    2108             :           /* Copy
    2109             :              https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1453-L1464 */
    2110           0 :           fd_native_cpi_create_account_meta( program_address,            0, 1, &acct_metas[0] );
    2111           0 :           fd_native_cpi_create_account_meta( provided_authority_address, 1, 0, &acct_metas[1] );
    2112           0 :           fd_native_cpi_create_account_meta( programdata_address,        0, 0, &acct_metas[2] );
    2113             : 
    2114           0 :           instr = (fd_loader_v4_program_instruction_t) {
    2115           0 :             .discriminant = fd_loader_v4_program_instruction_enum_copy,
    2116           0 :             .inner = {
    2117           0 :               .copy = {
    2118           0 :                 .destination_offset = 0U,
    2119           0 :                 .source_offset      = 0U,
    2120           0 :                 .length             = (uint)program_len
    2121           0 :               }
    2122           0 :             }
    2123           0 :           };
    2124             : 
    2125           0 :           encode_ctx = (fd_bincode_encode_ctx_t) {
    2126           0 :             .data    = instr_data,
    2127           0 :             .dataend = instr_data + FD_TXN_MTU
    2128           0 :           };
    2129             : 
    2130             :           // This should never fail.
    2131           0 :           err = fd_loader_v4_program_instruction_encode( &instr, &encode_ctx );
    2132           0 :           if( FD_UNLIKELY( err ) ) {
    2133           0 :             return FD_EXECUTOR_INSTR_ERR_FATAL;
    2134           0 :           }
    2135             : 
    2136           0 :           err = fd_native_cpi_native_invoke( instr_ctx,
    2137           0 :                                              &fd_solana_bpf_loader_v4_program_id,
    2138           0 :                                              instr_data,
    2139           0 :                                              FD_TXN_MTU,
    2140           0 :                                              acct_metas,
    2141           0 :                                              3UL,
    2142           0 :                                              NULL,
    2143           0 :                                              0UL );
    2144           0 :           if( FD_UNLIKELY( err ) ) {
    2145           0 :             return err;
    2146           0 :           }
    2147             : 
    2148             :           /* Deploy
    2149             :              https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1466-L1473 */
    2150           0 :           fd_native_cpi_create_account_meta( program_address,            0, 1, &acct_metas[0] );
    2151           0 :           fd_native_cpi_create_account_meta( provided_authority_address, 1, 0, &acct_metas[1] );
    2152             : 
    2153           0 :           instr = (fd_loader_v4_program_instruction_t) {
    2154           0 :             .discriminant = fd_loader_v4_program_instruction_enum_deploy,
    2155           0 :           };
    2156             : 
    2157           0 :           encode_ctx = (fd_bincode_encode_ctx_t) {
    2158           0 :             .data    = instr_data,
    2159           0 :             .dataend = instr_data + FD_TXN_MTU
    2160           0 :           };
    2161             : 
    2162             :           // This should never fail.
    2163           0 :           err = fd_loader_v4_program_instruction_encode( &instr, &encode_ctx );
    2164           0 :           if( FD_UNLIKELY( err ) ) {
    2165           0 :             return FD_EXECUTOR_INSTR_ERR_FATAL;
    2166           0 :           }
    2167             : 
    2168           0 :           err = fd_native_cpi_native_invoke( instr_ctx,
    2169           0 :                                             &fd_solana_bpf_loader_v4_program_id,
    2170           0 :                                             instr_data,
    2171           0 :                                             FD_TXN_MTU,
    2172           0 :                                             acct_metas,
    2173           0 :                                             2UL,
    2174           0 :                                             NULL,
    2175           0 :                                             0UL );
    2176           0 :           if( FD_UNLIKELY( err ) ) {
    2177           0 :             return err;
    2178           0 :           }
    2179             : 
    2180             :           /* Finalize (if no upgrade authority address provided)
    2181             :              https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1475-L1484 */
    2182           0 :           if( upgrade_authority_address==NULL ) {
    2183           0 :             fd_native_cpi_create_account_meta( program_address,            0, 1, &acct_metas[0] );
    2184           0 :             fd_native_cpi_create_account_meta( provided_authority_address, 1, 0, &acct_metas[1] );
    2185           0 :             fd_native_cpi_create_account_meta( program_address,            0, 0, &acct_metas[2] );
    2186             : 
    2187           0 :             instr = (fd_loader_v4_program_instruction_t) {
    2188           0 :               .discriminant = fd_loader_v4_program_instruction_enum_finalize,
    2189           0 :             };
    2190             : 
    2191           0 :             encode_ctx = (fd_bincode_encode_ctx_t) {
    2192           0 :               .data    = instr_data,
    2193           0 :               .dataend = instr_data + FD_TXN_MTU
    2194           0 :             };
    2195             : 
    2196             :             // This should never fail.
    2197           0 :             err = fd_loader_v4_program_instruction_encode( &instr, &encode_ctx );
    2198           0 :             if( FD_UNLIKELY( err ) ) {
    2199           0 :               return FD_EXECUTOR_INSTR_ERR_FATAL;
    2200           0 :             }
    2201             : 
    2202           0 :             err = fd_native_cpi_native_invoke( instr_ctx,
    2203           0 :                                               &fd_solana_bpf_loader_v4_program_id,
    2204           0 :                                               instr_data,
    2205           0 :                                               FD_TXN_MTU,
    2206           0 :                                               acct_metas,
    2207           0 :                                               3UL,
    2208           0 :                                               NULL,
    2209           0 :                                               0UL );
    2210           0 :             if( FD_UNLIKELY( err ) ) {
    2211           0 :               return err;
    2212           0 :             }
    2213           0 :           } else if( !memcmp( fd_solana_migration_authority.key, provided_authority_address->key, sizeof(fd_pubkey_t) ) ) {
    2214             : 
    2215             :             /* Transfer authority
    2216             :                https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1486-L1494 */
    2217           0 :             fd_native_cpi_create_account_meta( program_address,            0, 1, &acct_metas[0] );
    2218           0 :             fd_native_cpi_create_account_meta( provided_authority_address, 1, 0, &acct_metas[1] );
    2219           0 :             fd_native_cpi_create_account_meta( upgrade_authority_address,  1, 0, &acct_metas[2] );
    2220             : 
    2221           0 :             instr = (fd_loader_v4_program_instruction_t) {
    2222           0 :               .discriminant = fd_loader_v4_program_instruction_enum_transfer_authority,
    2223           0 :             };
    2224             : 
    2225           0 :             encode_ctx = (fd_bincode_encode_ctx_t) {
    2226           0 :               .data    = instr_data,
    2227           0 :               .dataend = instr_data + FD_TXN_MTU
    2228           0 :             };
    2229             : 
    2230             :             // This should never fail.
    2231           0 :             err = fd_loader_v4_program_instruction_encode( &instr, &encode_ctx );
    2232           0 :             if( FD_UNLIKELY( err ) ) {
    2233           0 :               return FD_EXECUTOR_INSTR_ERR_FATAL;
    2234           0 :             }
    2235             : 
    2236           0 :             err = fd_native_cpi_native_invoke( instr_ctx,
    2237           0 :                                               &fd_solana_bpf_loader_v4_program_id,
    2238           0 :                                               instr_data,
    2239           0 :                                               FD_TXN_MTU,
    2240           0 :                                               acct_metas,
    2241           0 :                                               3UL,
    2242           0 :                                               NULL,
    2243           0 :                                               0UL );
    2244           0 :             if( FD_UNLIKELY( err ) ) {
    2245           0 :               return err;
    2246           0 :             }
    2247           0 :           }
    2248           0 :         }
    2249           0 :       } FD_SPAD_FRAME_END;
    2250             : 
    2251             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1500-L1501 */
    2252           0 :       err = fd_exec_instr_ctx_try_borrow_instr_account( instr_ctx , 0U, &programdata );
    2253           0 :       if( FD_UNLIKELY( err ) ) {
    2254           0 :         return err;
    2255           0 :       }
    2256             : 
    2257             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1502 */
    2258           0 :       err = fd_borrowed_account_set_data_from_slice( &programdata, NULL, 0UL );
    2259           0 :       if( FD_UNLIKELY( err ) ) {
    2260           0 :         return err;
    2261           0 :       }
    2262             : 
    2263             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1503 */
    2264           0 :       err = fd_borrowed_account_set_owner( &programdata, &fd_solana_system_program_id );
    2265           0 :       if( FD_UNLIKELY( err ) ) {
    2266           0 :         return err;
    2267           0 :       }
    2268             : 
    2269             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1504 */
    2270           0 :       fd_borrowed_account_drop( &programdata );
    2271             : 
    2272             :       /* https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L1506 */
    2273           0 :       fd_log_collector_printf_dangerous_max_127( instr_ctx, "Migrated program %s", FD_BASE58_ENC_32_ALLOCA( program_address ) );
    2274             : 
    2275           0 :       break;
    2276           0 :     }
    2277           0 :     default: {
    2278           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2279           0 :     }
    2280           0 :   }
    2281           0 :   return FD_EXECUTOR_INSTR_SUCCESS;
    2282           0 : }
    2283             : 
    2284             : /* process_instruction_inner() */
    2285             : /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L394-L564 */
    2286             : int
    2287           0 : fd_bpf_loader_program_execute( fd_exec_instr_ctx_t * ctx ) {
    2288           0 :   FD_SPAD_FRAME_BEGIN( ctx->txn_ctx->spad ) {
    2289             :     /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L491-L529 */
    2290             : 
    2291             :     /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L403-L404 */
    2292           0 :     fd_guarded_borrowed_account_t program_account;
    2293           0 :     int err = fd_exec_instr_ctx_try_borrow_last_program_account( ctx, &program_account );
    2294           0 :     if( FD_UNLIKELY( err ) ) {
    2295           0 :       return err;
    2296           0 :     }
    2297             : 
    2298             :     /* https://github.com/anza-xyz/agave/blob/v2.2.0/programs/bpf_loader/src/lib.rs#L409 */
    2299           0 :     fd_pubkey_t const * program_id = NULL;
    2300           0 :     err = fd_exec_instr_ctx_get_last_program_key( ctx, &program_id );
    2301           0 :     if( FD_UNLIKELY( err ) ) {
    2302           0 :       return err;
    2303           0 :     }
    2304             : 
    2305             :     /* Program management instruction */
    2306           0 :     if( FD_UNLIKELY( !memcmp( &fd_solana_native_loader_id, fd_borrowed_account_get_owner( &program_account ), sizeof(fd_pubkey_t) ) ) ) {
    2307             :       /* https://github.com/anza-xyz/agave/blob/v2.2.3/programs/bpf_loader/src/lib.rs#L416 */
    2308           0 :       fd_borrowed_account_drop( &program_account );
    2309             : 
    2310           0 :       if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_upgradeable_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
    2311           0 :         FD_EXEC_CU_UPDATE( ctx, UPGRADEABLE_LOADER_COMPUTE_UNITS );
    2312           0 :         return process_loader_upgradeable_instruction( ctx );
    2313           0 :       } else if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
    2314           0 :         FD_EXEC_CU_UPDATE( ctx, DEFAULT_LOADER_COMPUTE_UNITS );
    2315           0 :         fd_log_collector_msg_literal( ctx, "BPF loader management instructions are no longer supported" );
    2316           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2317           0 :       } else if( FD_UNLIKELY( !memcmp( &fd_solana_bpf_loader_deprecated_program_id, program_id, sizeof(fd_pubkey_t) ) ) ) {
    2318           0 :         FD_EXEC_CU_UPDATE( ctx, DEPRECATED_LOADER_COMPUTE_UNITS );
    2319           0 :         fd_log_collector_msg_literal( ctx, "Deprecated loader is no longer supported" );
    2320           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2321           0 :       } else {
    2322           0 :         fd_log_collector_msg_literal( ctx, "Invalid BPF loader id" );
    2323             :         /* https://github.com/anza-xyz/agave/blob/89872fdb074e6658646b2b57a299984f0059cc84/programs/bpf_loader/src/lib.rs#L429-L436 */
    2324           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2325           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2326           0 :         }
    2327           0 :         return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    2328           0 :       }
    2329           0 :     }
    2330             : 
    2331             :     /* https://github.com/anza-xyz/agave/blob/89872fdb074e6658646b2b57a299984f0059cc84/programs/bpf_loader/src/lib.rs#L445-L452 */
    2332             :     /* Program invocation. Any invalid programs will be caught here or at the program load. */
    2333           0 :     if( FD_UNLIKELY( !FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) &&
    2334           0 :                      !fd_borrowed_account_is_executable( &program_account ) ) ) {
    2335           0 :       fd_log_collector_msg_literal( ctx, "Program is not executable" );
    2336           0 :       return FD_EXECUTOR_INSTR_ERR_INCORRECT_PROGRAM_ID;
    2337           0 :     }
    2338             : 
    2339             :     /* https://github.com/anza-xyz/agave/blob/77daab497df191ef485a7ad36ed291c1874596e5/programs/bpf_loader/src/lib.rs#L551-L563 */
    2340             :     /* The Agave client stores a loaded program type state in its implementation
    2341             :       of the loaded program cache. It checks to see if an account is able to be
    2342             :       executed. It is possible for a program to be in the DelayVisibility state or
    2343             :       Closed state but it won't be reflected in the Firedancer cache. Program
    2344             :       accounts that are in this state should exit with an invalid account data
    2345             :       error. For programs that are recently deployed or upgraded, they should not
    2346             :       be allowed to be executed for the remainder of the slot. For closed
    2347             :       accounts, they're uninitialized and shouldn't be executed as well.
    2348             : 
    2349             :       For the former case the slot that the
    2350             :       program was last updated in is in the program data account.
    2351             :       This means that if the slot in the program data account is greater than or
    2352             :       equal to the current execution slot, then the account is in a
    2353             :       'LoadedProgramType::DelayVisiblity' state.
    2354             : 
    2355             :       The latter case as described above is a tombstone account which is in a Closed
    2356             :       state. This occurs when a program data account is closed. However, our cache
    2357             :       does not track this. Instead, this can be checked for by seeing if the program
    2358             :       account's respective program data account is uninitialized. This should only
    2359             :       happen when the account is closed.
    2360             : 
    2361             :       Every error that comes out of this block is mapped to an InvalidAccountData instruction error in Agave. */
    2362             : 
    2363           0 :     fd_account_meta_t const * metadata = fd_borrowed_account_get_acc_meta( &program_account );
    2364           0 :     uchar is_deprecated = !memcmp( metadata->info.owner, &fd_solana_bpf_loader_deprecated_program_id, sizeof(fd_pubkey_t) );
    2365             : 
    2366           0 :     if( !memcmp( metadata->info.owner, &fd_solana_bpf_loader_upgradeable_program_id, sizeof(fd_pubkey_t) ) ) {
    2367           0 :       fd_bpf_upgradeable_loader_state_t * program_account_state = fd_bpf_loader_program_get_state( program_account.acct, ctx->txn_ctx->spad, &err );
    2368           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    2369           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2370           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2371           0 :         }
    2372           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2373           0 :       }
    2374             : 
    2375             :       /* https://github.com/anza-xyz/agave/blob/v2.0.9/svm/src/program_loader.rs#L96-L98
    2376             :          Program account and program data account discriminants get checked when loading in program accounts
    2377             :          into the program cache. If the discriminants are incorrect, the program is marked as closed. */
    2378           0 :       if( FD_UNLIKELY( !fd_bpf_upgradeable_loader_state_is_program( program_account_state ) ) ) {
    2379           0 :         fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2380           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2381           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2382           0 :         }
    2383           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2384           0 :       }
    2385             : 
    2386           0 :       fd_txn_account_t * program_data_account = NULL;
    2387           0 :       fd_pubkey_t *      programdata_pubkey   = (fd_pubkey_t *)&program_account_state->inner.program.programdata_address;
    2388           0 :       err = fd_exec_txn_ctx_get_executable_account( ctx->txn_ctx,
    2389           0 :                                                     programdata_pubkey,
    2390           0 :                                                     &program_data_account,
    2391           0 :                                                     fd_txn_account_check_exists );
    2392           0 :       if( FD_UNLIKELY( err!=FD_ACC_MGR_SUCCESS ) ) {
    2393           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2394           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2395           0 :         }
    2396           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2397           0 :       }
    2398             : 
    2399           0 :       if( FD_UNLIKELY( program_data_account->vt->get_data_len( program_data_account )<PROGRAMDATA_METADATA_SIZE ) ) {
    2400           0 :         fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2401           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2402           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2403           0 :         }
    2404           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2405           0 :       }
    2406             : 
    2407           0 :       fd_bpf_upgradeable_loader_state_t * program_data_account_state = fd_bpf_loader_program_get_state( program_data_account,
    2408           0 :                                                                                                         ctx->txn_ctx->spad,
    2409           0 :                                                                                                         &err );
    2410           0 :       if( FD_UNLIKELY( err!=FD_BINCODE_SUCCESS ) ) {
    2411           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2412           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2413           0 :         }
    2414           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2415           0 :       }
    2416             : 
    2417             :       /* https://github.com/anza-xyz/agave/blob/v2.0.9/svm/src/program_loader.rs#L100-L104
    2418             :          Same as above comment. Program data discriminant must be set correctly. */
    2419           0 :       if( FD_UNLIKELY( !fd_bpf_upgradeable_loader_state_is_program_data( program_data_account_state ) ) ) {
    2420             :         /* The account is closed. */
    2421           0 :         fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2422           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2423           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2424           0 :         }
    2425           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2426           0 :       }
    2427             : 
    2428           0 :       ulong program_data_slot = program_data_account_state->inner.program_data.slot;
    2429           0 :       if( FD_UNLIKELY( program_data_slot>=ctx->txn_ctx->slot ) ) {
    2430             :         /* The account was likely just deployed or upgraded. Corresponds to
    2431             :           'LoadedProgramType::DelayVisibility' */
    2432           0 :         fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2433           0 :         if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2434           0 :           return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2435           0 :         }
    2436           0 :         return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2437           0 :       }
    2438           0 :     }
    2439             : 
    2440             :     /* Sadly, we have to tie the cache in with consensus. We tried our best to avoid this,
    2441             :        but Agave's program loading logic is too complex to solely rely on checks without
    2442             :        significant redundancy.
    2443             : 
    2444             :        For example, devnet and testnet have older programs that were deployed before stricter ELF / VM validation
    2445             :        checks were put in place, causing these older programs to fail newer validation checks and
    2446             :        be unexecutable. `fd_bpf_scan_and_create_bpf_program_cache_entry()` will populate our BPF program
    2447             :        cache correctly, but now, we have no way of checking if this validation passed or not here without
    2448             :        querying our program cache, otherwise we would have to copy-paste our validation checks here.
    2449             : 
    2450             :        Any failures here would indicate an attempt to interact with a deployed programs that either failed
    2451             :        to load or failed bytecode verification. This applies for v1, v2, and v3 programs. This could
    2452             :        also theoretically cause some currently-deployed programs to fail in the future if ELF / VM checks
    2453             :        are eventually made stricter.
    2454             : 
    2455             :        TLDR: A program is present in the BPF cache iff it is already deployed AND passes current SBPF and VM checks.
    2456             :        Only then it is considered valid to interact with. */
    2457           0 :     fd_sbpf_validated_program_t const * prog = NULL;
    2458           0 :     if( FD_UNLIKELY( fd_bpf_load_cache_entry( ctx->txn_ctx->funk,
    2459           0 :                                               ctx->txn_ctx->funk_txn,
    2460           0 :                                               program_id,
    2461           0 :                                               &prog )!=0 ) ) {
    2462           0 :       fd_log_collector_msg_literal( ctx, "Program is not cached" );
    2463             : 
    2464             :       /* https://github.com/anza-xyz/agave/blob/89872fdb074e6658646b2b57a299984f0059cc84/programs/bpf_loader/src/lib.rs#L460-L467 */
    2465           0 :       if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2466           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2467           0 :       }
    2468           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2469           0 :     }
    2470             : 
    2471             :     /* The program may be in the cache but could have failed verification in the current epoch. */
    2472           0 :     if( FD_UNLIKELY( prog->failed_verification ) ) {
    2473           0 :       fd_log_collector_msg_literal( ctx, "Program is not deployed" );
    2474           0 :       if( FD_FEATURE_ACTIVE_BANK( ctx->txn_ctx->bank, remove_accounts_executable_flag_checks ) ) {
    2475           0 :         return FD_EXECUTOR_INSTR_ERR_UNSUPPORTED_PROGRAM_ID;
    2476           0 :       }
    2477           0 :       return FD_EXECUTOR_INSTR_ERR_INVALID_ACC_DATA;
    2478           0 :     }
    2479             : 
    2480             :     /* https://github.com/anza-xyz/agave/blob/v2.1.14/programs/bpf_loader/src/lib.rs#L446 */
    2481           0 :     fd_borrowed_account_drop( &program_account );
    2482             : 
    2483           0 :     return fd_bpf_execute( ctx, prog, is_deprecated );
    2484           0 :   } FD_SPAD_FRAME_END;
    2485           0 : }
    2486             : 
    2487             : 
    2488             : /* Public APIs */
    2489             : 
    2490             : int
    2491             : fd_directly_invoke_loader_v3_deploy( fd_exec_slot_ctx_t * slot_ctx,
    2492             :                                      uchar const *        elf,
    2493             :                                      ulong                elf_sz,
    2494           0 :                                      fd_spad_t *          runtime_spad ) {
    2495             :   /* Set up a dummy instr and txn context */
    2496           0 :   fd_exec_txn_ctx_t * txn_ctx            = fd_exec_txn_ctx_join( fd_exec_txn_ctx_new( fd_spad_alloc( runtime_spad, FD_EXEC_TXN_CTX_ALIGN, FD_EXEC_TXN_CTX_FOOTPRINT ) ), runtime_spad, fd_wksp_containing( runtime_spad ) );
    2497           0 :   fd_funk_t *         funk               = slot_ctx->funk;
    2498           0 :   fd_wksp_t *         funk_wksp          = fd_funk_wksp( funk );
    2499           0 :   fd_wksp_t *         runtime_wksp       = fd_wksp_containing( slot_ctx );
    2500           0 :   ulong               funk_txn_gaddr     = fd_wksp_gaddr( funk_wksp, slot_ctx->funk_txn );
    2501           0 :   ulong               funk_gaddr         = fd_wksp_gaddr( funk_wksp, funk->shmem );
    2502             : 
    2503           0 :   fd_exec_txn_ctx_from_exec_slot_ctx( slot_ctx,
    2504           0 :                                       txn_ctx,
    2505           0 :                                       funk_wksp,
    2506           0 :                                       runtime_wksp,
    2507           0 :                                       funk_txn_gaddr,
    2508           0 :                                       funk_gaddr,
    2509           0 :                                       NULL );
    2510             : 
    2511           0 :   fd_exec_txn_ctx_setup_basic( txn_ctx );
    2512           0 :   txn_ctx->instr_stack_sz = 1;
    2513           0 :   fd_exec_instr_ctx_t * instr_ctx = &txn_ctx->instr_stack[0];
    2514           0 :   *instr_ctx = (fd_exec_instr_ctx_t) {
    2515           0 :     .instr     = NULL,
    2516           0 :     .txn_ctx   = txn_ctx,
    2517           0 :     .depth     = 0U,
    2518           0 :   };
    2519             : 
    2520           0 :   return fd_deploy_program( instr_ctx, elf, elf_sz, runtime_spad );
    2521           0 : }

Generated by: LCOV version 1.14