LCOV - code coverage report
Current view: top level - flamenco/vm - fd_vm.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 319 464 68.8 %
Date: 2025-10-27 04:40:00 Functions: 10 12 83.3 %

          Line data    Source code
       1             : #include "fd_vm_private.h"
       2             : 
       3             : /* fd_vm_syscall_strerror() returns the error message corresponding to err,
       4             :    intended to be logged by log_collector, or an empty string if the error code
       5             :    should be omitted in logs for whatever reason.  Omitted examples are success,
       6             :    panic (logged in place)...
       7             :    See also fd_log_collector_program_failure(). */
       8             : char const *
       9           0 : fd_vm_syscall_strerror( int err ) {
      10             : 
      11           0 :   switch( err ) {
      12             : 
      13           0 :   case FD_VM_SYSCALL_ERR_INVALID_STRING:                         return "invalid utf-8 sequence"; // truncated
      14           0 :   case FD_VM_SYSCALL_ERR_ABORT:                                  return "SBF program panicked";
      15           0 :   case FD_VM_SYSCALL_ERR_PANIC:                                  return "SBF program Panicked in..."; // truncated
      16           0 :   case FD_VM_SYSCALL_ERR_INVOKE_CONTEXT_BORROW_FAILED:           return "Cannot borrow invoke context";
      17           0 :   case FD_VM_SYSCALL_ERR_MALFORMED_SIGNER_SEED:                  return "Malformed signer seed"; // truncated
      18           0 :   case FD_VM_SYSCALL_ERR_BAD_SEEDS:                              return "Could not create program address with signer seeds"; // truncated
      19           0 :   case FD_VM_SYSCALL_ERR_PROGRAM_NOT_SUPPORTED:                  return "Program not supported by inner instructions"; // truncated
      20           0 :   case FD_VM_SYSCALL_ERR_UNALIGNED_POINTER:                      return "Unaligned pointer";
      21           0 :   case FD_VM_SYSCALL_ERR_TOO_MANY_SIGNERS:                       return "Too many signers";
      22           0 :   case FD_VM_SYSCALL_ERR_INSTRUCTION_TOO_LARGE:                  return "Instruction passed to inner instruction is too large"; // truncated
      23           0 :   case FD_VM_SYSCALL_ERR_TOO_MANY_ACCOUNTS:                      return "Too many accounts passed to inner instruction";
      24           0 :   case FD_VM_SYSCALL_ERR_COPY_OVERLAPPING:                       return "Overlapping copy";
      25           0 :   case FD_VM_SYSCALL_ERR_RETURN_DATA_TOO_LARGE:                  return "Return data too large"; // truncated
      26           0 :   case FD_VM_SYSCALL_ERR_TOO_MANY_SLICES:                        return "Hashing too many sequences";
      27           0 :   case FD_VM_SYSCALL_ERR_INVALID_LENGTH:                         return "InvalidLength";
      28           0 :   case FD_VM_SYSCALL_ERR_MAX_INSTRUCTION_DATA_LEN_EXCEEDED:      return "Invoked an instruction with data that is too large"; // truncated
      29           0 :   case FD_VM_SYSCALL_ERR_MAX_INSTRUCTION_ACCOUNTS_EXCEEDED:      return "Invoked an instruction with too many accounts"; // truncated
      30           0 :   case FD_VM_SYSCALL_ERR_MAX_INSTRUCTION_ACCOUNT_INFOS_EXCEEDED: return "Invoked an instruction with too many account info's"; // truncated
      31           0 :   case FD_VM_SYSCALL_ERR_INVALID_ATTRIBUTE:                      return "InvalidAttribute";
      32           0 :   case FD_VM_SYSCALL_ERR_INVALID_POINTER:                        return "Invalid pointer";
      33           0 :   case FD_VM_SYSCALL_ERR_ARITHMETIC_OVERFLOW:                    return "Arithmetic overflow";
      34             : 
      35           0 :   case FD_VM_SYSCALL_ERR_INSTR_ERR:                              return "Instruction error";
      36           0 :   case FD_VM_SYSCALL_ERR_INVALID_PDA:                            return "Invalid PDA";
      37           0 :   case FD_VM_SYSCALL_ERR_COMPUTE_BUDGET_EXCEEDED:                return "Compute budget exceeded";
      38           0 :   case FD_VM_SYSCALL_ERR_SEGFAULT:                               return "Segmentation fault";
      39           0 :   case FD_VM_SYSCALL_ERR_OUTSIDE_RUNTIME:                        return "Syscall executed outside runtime";
      40             : 
      41             : 
      42           0 :   case FD_VM_SYSCALL_ERR_POSEIDON_INVALID_PARAMS:                return "Invalid parameters.";
      43           0 :   case FD_VM_SYSCALL_ERR_POSEIDON_INVALID_ENDIANNESS:            return "Invalid endianness.";
      44             : 
      45           0 :   default: break;
      46           0 :   }
      47             : 
      48           0 :   return "";
      49           0 : }
      50             : 
      51             : /* fd_vm_ebpf_strerror() returns the error message corresponding to err,
      52             :    intended to be logged by log_collector, or an empty string if the error code
      53             :    should be omitted in logs for whatever reason.
      54             :    See also fd_log_collector_program_failure(). */
      55             : char const *
      56           0 : fd_vm_ebpf_strerror( int err ) {
      57             : 
      58           0 :   switch( err ) {
      59             : 
      60           0 :   case FD_VM_ERR_EBPF_ELF_ERROR:                   return "ELF error"; // truncated
      61           0 :   case FD_VM_ERR_EBPF_FUNCTION_ALREADY_REGISTERED: return "function was already registered"; // truncated
      62           0 :   case FD_VM_ERR_EBPF_CALL_DEPTH_EXCEEDED:         return "exceeded max BPF to BPF call depth";
      63           0 :   case FD_VM_ERR_EBPF_EXIT_ROOT_CALL_FRAME:        return "attempted to exit root call frame";
      64           0 :   case FD_VM_ERR_EBPF_DIVIDE_BY_ZERO:              return "divide by zero at BPF instruction";
      65           0 :   case FD_VM_ERR_EBPF_DIVIDE_OVERFLOW:             return "division overflow at BPF instruction";
      66           0 :   case FD_VM_ERR_EBPF_EXECUTION_OVERRUN:           return "attempted to execute past the end of the text segment at BPF instruction";
      67           0 :   case FD_VM_ERR_EBPF_CALL_OUTSIDE_TEXT_SEGMENT:   return "callx attempted to call outside of the text segment";
      68           0 :   case FD_VM_ERR_EBPF_EXCEEDED_MAX_INSTRUCTIONS:   return "exceeded CUs meter at BPF instruction";
      69           0 :   case FD_VM_ERR_EBPF_JIT_NOT_COMPILED:            return "program has not been JIT-compiled";
      70           0 :   case FD_VM_ERR_EBPF_INVALID_VIRTUAL_ADDRESS:     return "invalid virtual address"; // truncated
      71           0 :   case FD_VM_ERR_EBPF_INVALID_MEMORY_REGION:       return "Invalid memory region at index"; // truncated
      72           0 :   case FD_VM_ERR_EBPF_ACCESS_VIOLATION:            return "Access violation"; // truncated
      73           0 :   case FD_VM_ERR_EBPF_STACK_ACCESS_VIOLATION:      return "Access violation in stack frame"; // truncated
      74           0 :   case FD_VM_ERR_EBPF_INVALID_INSTRUCTION:         return "invalid BPF instruction";
      75           0 :   case FD_VM_ERR_EBPF_UNSUPPORTED_INSTRUCTION:     return "unsupported BPF instruction";
      76           0 :   case FD_VM_ERR_EBPF_EXHAUSTED_TEXT_SEGMENT:      return "Compilation exhausted text segment at BPF instruction"; // truncated
      77           0 :   case FD_VM_ERR_EBPF_LIBC_INVOCATION_FAILED:      return "Libc calling returned error code"; // truncated
      78           0 :   case FD_VM_ERR_EBPF_VERIFIER_ERROR:              return "Verifier error"; // truncated
      79           0 :   case FD_VM_ERR_EBPF_SYSCALL_ERROR:               return ""; // handled explicitly via fd_vm_syscall_strerror()
      80             : 
      81           0 :   default: break;
      82           0 :   }
      83             : 
      84           0 :   return "";
      85           0 : }
      86             : 
      87             : /* fd_vm_strerror() returns the error message corresponding to err, used internally
      88             :    for system logs, NOT for log_collector / transaction logs. */
      89             : char const *
      90          42 : fd_vm_strerror( int err ) {
      91             : 
      92          42 :   switch( err ) {
      93             : 
      94             :   /* "Standard" Firedancer error codes */
      95             : 
      96           3 :   case FD_VM_SUCCESS:   return "SUCCESS success";
      97           3 :   case FD_VM_ERR_INVAL: return "INVAL invalid request";
      98           3 :   case FD_VM_ERR_UNSUP: return "UNSUP unsupported request";
      99           3 :   case FD_VM_ERR_FULL:  return "FULL storage full";
     100           3 :   case FD_VM_ERR_EMPTY: return "EMPTY nothing to do";
     101           3 :   case FD_VM_ERR_IO:    return "IO input-output error";
     102             : 
     103             :   /* VM exec error codes */
     104             : 
     105           0 :   case FD_VM_ERR_SIGFPE:      return "SIGFPE division by zero";
     106             : 
     107             :   /* VM validate error codes */
     108             : 
     109           3 :   case FD_VM_ERR_INVALID_OPCODE:    return "INVALID_OPCODE detected an invalid opcode";
     110           3 :   case FD_VM_ERR_INVALID_SRC_REG:   return "INVALID_SRC_REG detected an invalid source register";
     111           3 :   case FD_VM_ERR_INVALID_DST_REG:   return "INVALID_DST_REG detected an invalid destination register";
     112           3 :   case FD_VM_ERR_JMP_OUT_OF_BOUNDS: return "JMP_OUT_OF_BOUNDS detected an out of bounds jump";
     113           3 :   case FD_VM_ERR_JMP_TO_ADDL_IMM:   return "JMP_TO_ADDL_IMM detected a jump to an addl imm";
     114           3 :   case FD_VM_ERR_INVALID_END_IMM:   return "INVALID_END_IMM detected an invalid immediate for an endianness conversion instruction";
     115           3 :   case FD_VM_ERR_INCOMPLETE_LDQ:    return "INCOMPLETE_LDQ detected an incomplete ldq at program end";
     116           3 :   case FD_VM_ERR_LDQ_NO_ADDL_IMM:   return "LDQ_NO_ADDL_IMM detected a ldq without an addl imm following it";
     117           0 :   case FD_VM_ERR_INVALID_REG:       return "INVALID_REG detected an invalid register number in a callx instruction";
     118           0 :   case FD_VM_ERR_BAD_TEXT:          return "BAD_TEXT detected a bad text section";
     119           0 :   case FD_VM_SH_OVERFLOW:           return "SH_OVERFLOW detected a shift overflow in an instruction";
     120           0 :   case FD_VM_TEXT_SZ_UNALIGNED:     return "TEXT_SZ_UNALIGNED detected an unaligned text section size (not a multiple of 8)";
     121             : 
     122           0 :   default: break;
     123          42 :   }
     124             : 
     125           0 :   return "UNKNOWN probably not a FD_VM_ERR code";
     126          42 : }
     127             : 
     128             : /* FIXME: add a pedantic version of this validation that does things
     129             :    like:
     130             :   - only 0 imms when the instruction does not use an imm
     131             :   - same as above but for src/dst reg, offset */
     132             : /* FIXME: HANDLING OF LDQ ON NEWER SBPF VERSUS OLDER SBPF (AND WITH CALL
     133             :    REG) */
     134             : /* FIXME: LINK TO SOLANA CODE VALIDATE AND DOUBLE CHECK THIS BEHAVES
     135             :    IDENTICALLY! */
     136             : 
     137             : int
     138        7878 : fd_vm_validate( fd_vm_t const * vm ) {
     139             : 
     140        7878 :   ulong sbpf_version = vm->sbpf_version;
     141             : 
     142             :   /* A mapping of all the possible 1-byte sBPF opcodes to their
     143             :      validation criteria. */
     144             : 
     145   645053142 : # define FD_VALID               ((uchar)0) /* Valid opcode */
     146        7878 : # define FD_CHECK_JMP_V3        ((uchar)1) /* Validation should check that the instruction is a valid jump (v3+) */
     147       11736 : # define FD_CHECK_END           ((uchar)2) /* Validation should check that the instruction is a valid endianness conversion */
     148      204810 : # define FD_CHECK_ST            ((uchar)3) /* Validation should check that the instruction is a valid store */
     149        9180 : # define FD_CHECK_LDQ           ((uchar)4) /* Validation should check that the instruction is a valid load-quad */
     150    64549542 : # define FD_CHECK_DIV           ((uchar)5) /* Validation should check that the instruction is a valid division by immediate */
     151    48331914 : # define FD_CHECK_SH32          ((uchar)6) /* Validation should check that the immediate is a valid 32-bit shift exponent */
     152    48359007 : # define FD_CHECK_SH64          ((uchar)7) /* Validation should check that the immediate is a valid 64-bit shift exponent */
     153     1642149 : # define FD_INVALID             ((uchar)8) /* The opcode is invalid */
     154       12015 : # define FD_CHECK_CALL_REG      ((uchar)9) /* Validation should check that callx has valid register number */
     155       13764 : # define FD_CHECK_CALL_REG_DEPR ((uchar)10) /* Older / deprecated FD_CHECK_CALLX */
     156        7878 : # define FD_CHECK_CALL_IMM      ((uchar)11) /* Check call against functions registry */
     157        7878 : # define FD_CHECK_SYSCALL       ((uchar)12) /* Check call against syscalls registry */
     158       37815 : # define FD_CHECK_JMP_V0        ((uchar)13) /* Validation should check that the instruction is a valid jump (v0..v2) */
     159             : 
     160        7878 :   uchar FD_CHECK_JMP = FD_VM_SBPF_STATIC_SYSCALLS (sbpf_version) ? FD_CHECK_JMP_V3 : FD_CHECK_JMP_V0;
     161             : 
     162        7878 :   uchar validation_map[ 256 ] = {
     163        7878 :     /* 0x00 */ FD_INVALID,    /* 0x01 */ FD_INVALID,    /* 0x02 */ FD_INVALID,    /* 0x03 */ FD_INVALID,
     164        7878 :     /* 0x04 */ FD_VALID,      /* 0x05 */ FD_CHECK_JMP,  /* 0x06 */ FD_INVALID,    /* 0x07 */ FD_VALID,
     165        7878 :     /* 0x08 */ FD_INVALID,    /* 0x09 */ FD_INVALID,    /* 0x0a */ FD_INVALID,    /* 0x0b */ FD_INVALID,
     166        7878 :     /* 0x0c */ FD_VALID,      /* 0x0d */ FD_INVALID,    /* 0x0e */ FD_INVALID,    /* 0x0f */ FD_VALID,
     167        7878 :     /* 0x10 */ FD_INVALID,    /* 0x11 */ FD_INVALID,    /* 0x12 */ FD_INVALID,    /* 0x13 */ FD_INVALID,
     168        7878 :     /* 0x14 */ FD_VALID,      /* 0x15 */ FD_CHECK_JMP,  /* 0x16 */ FD_INVALID,    /* 0x17 */ FD_VALID,
     169        7878 :     /* 0x18 */ FD_INVALID,    /* 0x19 */ FD_INVALID,    /* 0x1a */ FD_INVALID,    /* 0x1b */ FD_INVALID,
     170        7878 :     /* 0x1c */ FD_VALID,      /* 0x1d */ FD_CHECK_JMP,  /* 0x1e */ FD_INVALID,    /* 0x1f */ FD_VALID,
     171        7878 :     /* 0x20 */ FD_INVALID,    /* 0x21 */ FD_INVALID,    /* 0x22 */ FD_INVALID,    /* 0x23 */ FD_INVALID,
     172        7878 :     /* 0x24 */ FD_INVALID,    /* 0x25 */ FD_CHECK_JMP,  /* 0x26 */ FD_INVALID,    /* 0x27 */ FD_CHECK_ST,
     173        7878 :     /* 0x28 */ FD_INVALID,    /* 0x29 */ FD_INVALID,    /* 0x2a */ FD_INVALID,    /* 0x2b */ FD_INVALID,
     174        7878 :     /* 0x2c */ FD_VALID,      /* 0x2d */ FD_CHECK_JMP,  /* 0x2e */ FD_INVALID,    /* 0x2f */ FD_CHECK_ST,
     175        7878 :     /* 0x30 */ FD_INVALID,    /* 0x31 */ FD_INVALID,    /* 0x32 */ FD_INVALID,    /* 0x33 */ FD_INVALID,
     176        7878 :     /* 0x34 */ FD_INVALID,    /* 0x35 */ FD_CHECK_JMP,  /* 0x36 */ FD_VALID,      /* 0x37 */ FD_CHECK_ST,
     177        7878 :     /* 0x38 */ FD_INVALID,    /* 0x39 */ FD_INVALID,    /* 0x3a */ FD_INVALID,    /* 0x3b */ FD_INVALID,
     178        7878 :     /* 0x3c */ FD_VALID,      /* 0x3d */ FD_CHECK_JMP,  /* 0x3e */ FD_VALID,      /* 0x3f */ FD_CHECK_ST,
     179        7878 :     /* 0x40 */ FD_INVALID,    /* 0x41 */ FD_INVALID,    /* 0x42 */ FD_INVALID,    /* 0x43 */ FD_INVALID,
     180        7878 :     /* 0x44 */ FD_VALID,      /* 0x45 */ FD_CHECK_JMP,  /* 0x46 */ FD_CHECK_DIV,  /* 0x47 */ FD_VALID,
     181        7878 :     /* 0x48 */ FD_INVALID,    /* 0x49 */ FD_INVALID,    /* 0x4a */ FD_INVALID,    /* 0x4b */ FD_INVALID,
     182        7878 :     /* 0x4c */ FD_VALID,      /* 0x4d */ FD_CHECK_JMP,  /* 0x4e */ FD_VALID,      /* 0x4f */ FD_VALID,
     183        7878 :     /* 0x50 */ FD_INVALID,    /* 0x51 */ FD_INVALID,    /* 0x52 */ FD_INVALID,    /* 0x53 */ FD_INVALID,
     184        7878 :     /* 0x54 */ FD_VALID,      /* 0x55 */ FD_CHECK_JMP,  /* 0x56 */ FD_CHECK_DIV,  /* 0x57 */ FD_VALID,
     185        7878 :     /* 0x58 */ FD_INVALID,    /* 0x59 */ FD_INVALID,    /* 0x5a */ FD_INVALID,    /* 0x5b */ FD_INVALID,
     186        7878 :     /* 0x5c */ FD_VALID,      /* 0x5d */ FD_CHECK_JMP,  /* 0x5e */ FD_VALID,      /* 0x5f */ FD_VALID,
     187        7878 :     /* 0x60 */ FD_INVALID,    /* 0x61 */ FD_INVALID,    /* 0x62 */ FD_INVALID,    /* 0x63 */ FD_INVALID,
     188        7878 :     /* 0x64 */ FD_CHECK_SH32, /* 0x65 */ FD_CHECK_JMP,  /* 0x66 */ FD_CHECK_DIV,  /* 0x67 */ FD_CHECK_SH64,
     189        7878 :     /* 0x68 */ FD_INVALID,    /* 0x69 */ FD_INVALID,    /* 0x6a */ FD_INVALID,    /* 0x6b */ FD_INVALID,
     190        7878 :     /* 0x6c */ FD_VALID,      /* 0x6d */ FD_CHECK_JMP,  /* 0x6e */ FD_VALID,      /* 0x6f */ FD_VALID,
     191        7878 :     /* 0x70 */ FD_INVALID,    /* 0x71 */ FD_INVALID,    /* 0x72 */ FD_INVALID,    /* 0x73 */ FD_INVALID,
     192        7878 :     /* 0x74 */ FD_CHECK_SH32, /* 0x75 */ FD_CHECK_JMP,  /* 0x76 */ FD_CHECK_DIV,  /* 0x77 */ FD_CHECK_SH64,
     193        7878 :     /* 0x78 */ FD_INVALID,    /* 0x79 */ FD_INVALID,    /* 0x7a */ FD_INVALID,    /* 0x7b */ FD_INVALID,
     194        7878 :     /* 0x7c */ FD_VALID,      /* 0x7d */ FD_CHECK_JMP,  /* 0x7e */ FD_VALID,      /* 0x7f */ FD_VALID,
     195        7878 :     /* 0x80 */ FD_INVALID,    /* 0x81 */ FD_INVALID,    /* 0x82 */ FD_INVALID,    /* 0x83 */ FD_INVALID,
     196        7878 :     /* 0x84 */ FD_INVALID,    /* 0x85 */ FD_CHECK_CALL_IMM,/*0x86*/FD_VALID,      /* 0x87 */ FD_CHECK_ST,
     197        7878 :     /* 0x88 */ FD_INVALID,    /* 0x89 */ FD_INVALID,    /* 0x8a */ FD_INVALID,    /* 0x8b */ FD_INVALID,
     198        7878 :     /* 0x8c */ FD_VALID,      /* 0x8d */ FD_CHECK_CALL_REG,/*0x8e*/FD_VALID,      /* 0x8f */ FD_CHECK_ST,
     199        7878 :     /* 0x90 */ FD_INVALID,    /* 0x91 */ FD_INVALID,    /* 0x92 */ FD_INVALID,    /* 0x93 */ FD_INVALID,
     200        7878 :     /* 0x94 */ FD_INVALID,    /* 0x95 */ FD_CHECK_SYSCALL,/*0x96*/ FD_VALID,      /* 0x97 */ FD_CHECK_ST,
     201        7878 :     /* 0x98 */ FD_INVALID,    /* 0x99 */ FD_INVALID,    /* 0x9a */ FD_INVALID,    /* 0x9b */ FD_INVALID,
     202        7878 :     /* 0x9c */ FD_VALID,      /* 0x9d */ FD_VALID,      /* 0x9e */ FD_VALID,      /* 0x9f */ FD_CHECK_ST,
     203        7878 :     /* 0xa0 */ FD_INVALID,    /* 0xa1 */ FD_INVALID,    /* 0xa2 */ FD_INVALID,    /* 0xa3 */ FD_INVALID,
     204        7878 :     /* 0xa4 */ FD_VALID,      /* 0xa5 */ FD_CHECK_JMP,  /* 0xa6 */ FD_INVALID,    /* 0xa7 */ FD_VALID,
     205        7878 :     /* 0xa8 */ FD_INVALID,    /* 0xa9 */ FD_INVALID,    /* 0xaa */ FD_INVALID,    /* 0xab */ FD_INVALID,
     206        7878 :     /* 0xac */ FD_VALID,      /* 0xad */ FD_CHECK_JMP,  /* 0xae */ FD_INVALID,    /* 0xaf */ FD_VALID,
     207        7878 :     /* 0xb0 */ FD_INVALID,    /* 0xb1 */ FD_INVALID,    /* 0xb2 */ FD_INVALID,    /* 0xb3 */ FD_INVALID,
     208        7878 :     /* 0xb4 */ FD_VALID,      /* 0xb5 */ FD_CHECK_JMP,  /* 0xb6 */ FD_VALID,      /* 0xb7 */ FD_VALID,
     209        7878 :     /* 0xb8 */ FD_INVALID,    /* 0xb9 */ FD_INVALID,    /* 0xba */ FD_INVALID,    /* 0xbb */ FD_INVALID,
     210        7878 :     /* 0xbc */ FD_VALID,      /* 0xbd */ FD_CHECK_JMP,  /* 0xbe */ FD_VALID,      /* 0xbf */ FD_VALID,
     211        7878 :     /* 0xc0 */ FD_INVALID,    /* 0xc1 */ FD_INVALID,    /* 0xc2 */ FD_INVALID,    /* 0xc3 */ FD_INVALID,
     212        7878 :     /* 0xc4 */ FD_CHECK_SH32, /* 0xc5 */ FD_CHECK_JMP,  /* 0xc6 */ FD_CHECK_DIV,  /* 0xc7 */ FD_CHECK_SH64,
     213        7878 :     /* 0xc8 */ FD_INVALID,    /* 0xc9 */ FD_INVALID,    /* 0xca */ FD_INVALID,    /* 0xcb */ FD_INVALID,
     214        7878 :     /* 0xcc */ FD_VALID,      /* 0xcd */ FD_CHECK_JMP,  /* 0xce */ FD_VALID,      /* 0xcf */ FD_VALID,
     215        7878 :     /* 0xd0 */ FD_INVALID,    /* 0xd1 */ FD_INVALID,    /* 0xd2 */ FD_INVALID,    /* 0xd3 */ FD_INVALID,
     216        7878 :     /* 0xd4 */ FD_INVALID,    /* 0xd5 */ FD_CHECK_JMP,  /* 0xd6 */ FD_CHECK_DIV,  /* 0xd7 */ FD_INVALID,
     217        7878 :     /* 0xd8 */ FD_INVALID,    /* 0xd9 */ FD_INVALID,    /* 0xda */ FD_INVALID,    /* 0xdb */ FD_INVALID,
     218        7878 :     /* 0xdc */ FD_CHECK_END,  /* 0xdd */ FD_CHECK_JMP,  /* 0xde */ FD_VALID,      /* 0xdf */ FD_INVALID,
     219        7878 :     /* 0xe0 */ FD_INVALID,    /* 0xe1 */ FD_INVALID,    /* 0xe2 */ FD_INVALID,    /* 0xe3 */ FD_INVALID,
     220        7878 :     /* 0xe4 */ FD_INVALID,    /* 0xe5 */ FD_INVALID,    /* 0xe6 */ FD_CHECK_DIV,  /* 0xe7 */ FD_INVALID,
     221        7878 :     /* 0xe8 */ FD_INVALID,    /* 0xe9 */ FD_INVALID,    /* 0xea */ FD_INVALID,    /* 0xeb */ FD_INVALID,
     222        7878 :     /* 0xec */ FD_INVALID,    /* 0xed */ FD_INVALID,    /* 0xee */ FD_VALID,      /* 0xef */ FD_INVALID,
     223        7878 :     /* 0xf0 */ FD_INVALID,    /* 0xf1 */ FD_INVALID,    /* 0xf2 */ FD_INVALID,    /* 0xf3 */ FD_INVALID,
     224        7878 :     /* 0xf4 */ FD_INVALID,    /* 0xf5 */ FD_INVALID,    /* 0xf6 */ FD_CHECK_DIV,  /* 0xf7 */ FD_VALID,
     225        7878 :     /* 0xf8 */ FD_INVALID,    /* 0xf9 */ FD_INVALID,    /* 0xfa */ FD_INVALID,    /* 0xfb */ FD_INVALID,
     226        7878 :     /* 0xfc */ FD_INVALID,    /* 0xfd */ FD_INVALID,    /* 0xfe */ FD_VALID,      /* 0xff */ FD_INVALID,
     227        7878 :   };
     228             : 
     229             :   /* SIMD-0173: LDDW */
     230        7878 :   validation_map[ 0x18 ] = FD_VM_SBPF_ENABLE_LDDW(sbpf_version) ? FD_CHECK_LDQ : FD_INVALID;
     231        7878 :   validation_map[ 0xf7 ] = FD_VM_SBPF_ENABLE_LDDW(sbpf_version) ? FD_INVALID   : FD_VALID; /* HOR64 */
     232             : 
     233             :   /* SIMD-0173: LE */
     234        7878 :   validation_map[ 0xd4 ] = FD_VM_SBPF_ENABLE_LE  (sbpf_version) ? FD_CHECK_END : FD_INVALID;
     235             : 
     236             :   /* SIMD-0173: LDXW, STW, STXW */
     237        7878 :   validation_map[ 0x61 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_VALID;
     238        7878 :   validation_map[ 0x62 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     239        7878 :   validation_map[ 0x63 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     240        7878 :   validation_map[ 0x8c ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_VALID     : FD_INVALID;
     241        7878 :   validation_map[ 0x87 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_VALID; /* VALID because it's NEG64 */
     242        7878 :   validation_map[ 0x8f ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_INVALID;
     243             : 
     244             :   /* SIMD-0173: LDXH, STH, STXH */
     245        7878 :   validation_map[ 0x69 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_VALID;
     246        7878 :   validation_map[ 0x6a ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     247        7878 :   validation_map[ 0x6b ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     248        7878 :   validation_map[ 0x3c ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_VALID     : FD_VALID;
     249        7878 :   validation_map[ 0x37 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_CHECK_DIV;
     250        7878 :   validation_map[ 0x3f ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_VALID;
     251             : 
     252             :   /* SIMD-0173: LDXB, STB, STXB */
     253        7878 :   validation_map[ 0x71 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_VALID;
     254        7878 :   validation_map[ 0x72 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     255        7878 :   validation_map[ 0x73 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     256        7878 :   validation_map[ 0x2c ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_VALID     : FD_VALID;
     257        7878 :   validation_map[ 0x27 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_VALID;
     258        7878 :   validation_map[ 0x2f ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_VALID;
     259             : 
     260             :   /* SIMD-0173: LDXDW, STDW, STXDW */
     261        7878 :   validation_map[ 0x79 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_VALID;
     262        7878 :   validation_map[ 0x7a ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     263        7878 :   validation_map[ 0x7b ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_INVALID   : FD_CHECK_ST;
     264        7878 :   validation_map[ 0x9c ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_VALID     : FD_VALID;
     265        7878 :   validation_map[ 0x97 ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_CHECK_DIV;
     266        7878 :   validation_map[ 0x9f ] = FD_VM_SBPF_MOVE_MEMORY_IX_CLASSES(sbpf_version) ? FD_CHECK_ST  : FD_VALID;
     267             : 
     268             :   /* SIMD-0173: CALLX */
     269        7878 :   validation_map[ 0x8d ] = FD_VM_SBPF_CALLX_USES_SRC_REG(sbpf_version) ? FD_CHECK_CALL_REG : FD_CHECK_CALL_REG_DEPR;
     270             : 
     271             :   /* SIMD-0174: MUL, DIV, MOD */
     272        7878 :   validation_map[ 0x24 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_INVALID : FD_VALID;
     273        7878 :   validation_map[ 0x34 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_INVALID : FD_CHECK_DIV;
     274        7878 :   validation_map[ 0x94 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_INVALID : FD_CHECK_DIV;
     275             :   /* note: 0x?c, 0x?7, 0x?f should not be overwritten because they're now load/store ix */
     276             : 
     277             :   /* SIMD-0174: NEG */
     278        7878 :   validation_map[ 0x84 ] = FD_VM_SBPF_ENABLE_NEG (sbpf_version) ? FD_VALID : FD_INVALID;
     279             :   /* note: 0x87 should not be overwritten because it was NEG64 and it becomes STW */
     280             : 
     281             :   /* SIMD-0174: MUL, DIV, MOD */
     282        7878 :   validation_map[ 0x36 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID; /* UHMUL64 */
     283        7878 :   validation_map[ 0x3e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     284        7878 :   validation_map[ 0x46 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* UDIV32 */
     285        7878 :   validation_map[ 0x4e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     286        7878 :   validation_map[ 0x56 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* UDIV64 */
     287        7878 :   validation_map[ 0x5e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     288        7878 :   validation_map[ 0x66 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* UREM32 */
     289        7878 :   validation_map[ 0x6e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     290        7878 :   validation_map[ 0x76 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* UREM64 */
     291        7878 :   validation_map[ 0x7e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     292        7878 :   validation_map[ 0x86 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID; /* LMUL32 */
     293        7878 :   validation_map[ 0x8e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     294        7878 :   validation_map[ 0x96 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID; /* LMUL64 */
     295        7878 :   validation_map[ 0x9e ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     296        7878 :   validation_map[ 0xb6 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID; /* SHMUL64 */
     297        7878 :   validation_map[ 0xbe ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     298        7878 :   validation_map[ 0xc6 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* SDIV32 */
     299        7878 :   validation_map[ 0xce ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     300        7878 :   validation_map[ 0xd6 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* SDIV64 */
     301        7878 :   validation_map[ 0xde ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     302        7878 :   validation_map[ 0xe6 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* SREM32 */
     303        7878 :   validation_map[ 0xee ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     304        7878 :   validation_map[ 0xf6 ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_CHECK_DIV : FD_INVALID; /* SREM64 */
     305        7878 :   validation_map[ 0xfe ] = FD_VM_SBPF_ENABLE_PQR (sbpf_version) ? FD_VALID     : FD_INVALID;
     306             : 
     307             :   /* SIMD-0178: static syscalls */
     308        7878 :   validation_map[ 0x85 ] = FD_VM_SBPF_STATIC_SYSCALLS (sbpf_version) ? FD_CHECK_CALL_IMM : FD_VALID;
     309        7878 :   validation_map[ 0x95 ] = FD_VM_SBPF_STATIC_SYSCALLS (sbpf_version) ? FD_CHECK_SYSCALL : FD_VALID;
     310        7878 :   validation_map[ 0x9d ] = FD_VM_SBPF_STATIC_SYSCALLS (sbpf_version) ? FD_VALID : FD_INVALID;
     311             : 
     312             :   /* FIXME: These checks are not necessary assuming fd_vm_t is populated by metadata
     313             :      generated in fd_sbpf_elf_peek (which performs these checks). But there is no guarantee, and
     314             :      this non-guarantee is (rightfully) exploited by the fuzz harnesses.
     315             :      Agave doesn't perform these checks explicitly due to Rust's guarantees  */
     316        7878 :   if( FD_UNLIKELY( vm->text_sz / 8UL != vm->text_cnt ||
     317        7878 :                    (const uchar *)vm->text < vm->rodata ||
     318        7878 :                    (ulong)vm->text > (ulong)vm->text + vm->text_sz || /* Overflow chk */
     319        7878 :                    (const uchar *)vm->text + vm->text_sz > vm->rodata + vm->rodata_sz ) )
     320           0 :     return FD_VM_ERR_BAD_TEXT;
     321             : 
     322        7878 :   if( FD_UNLIKELY( !fd_ulong_is_aligned( vm->text_sz, 8UL ) ) ) /* https://github.com/solana-labs/rbpf/blob/v0.8.0/src/verifier.rs#L109 */
     323           0 :     return FD_VM_TEXT_SZ_UNALIGNED;
     324             : 
     325        7878 :   if ( FD_UNLIKELY( vm->text_cnt == 0UL ) ) /* https://github.com/solana-labs/rbpf/blob/v0.8.0/src/verifier.rs#L112 */
     326           0 :     return FD_VM_ERR_EMPTY;
     327             : 
     328        7878 :   ulong const * text     = vm->text;
     329        7878 :   ulong         text_cnt = vm->text_cnt;
     330             : 
     331             :   /* https://github.com/anza-xyz/sbpf/blob/v0.12.2/src/verifier.rs#L233-L235 */
     332        7878 :   ulong function_start = 0UL;
     333        7878 :   ulong function_next  = 0UL;
     334        7878 :   if( fd_sbpf_enable_stricter_elf_headers_enabled( sbpf_version ) ) {
     335           0 :     if( FD_UNLIKELY( !fd_sbpf_is_function_start( fd_sbpf_instr( text[0] ) ) ) ) {
     336           0 :       return FD_VM_INVALID_FUNCTION;
     337           0 :     }
     338           0 :   }
     339             : 
     340   805465317 :   for( ulong i=0UL; i<text_cnt; i++ ) {
     341   805459896 :     fd_sbpf_instr_t instr = fd_sbpf_instr( text[i] );
     342             : 
     343             :     /* Validate functions
     344             :        https://github.com/anza-xyz/sbpf/blob/v0.12.2/src/verifier.rs#L240-L255
     345             :        At the start of a function, we check that the function ends with JA(0x05) or RETURN(0x9D).
     346             :        As a side effect, the range of the function is [function_start, function_next-1],
     347             :        used to validate jumps.
     348             :        Note that the first function always starts at 0, and similarly the last function
     349             :        always ends at text_cnt-1. */
     350   805459896 :     if( FD_UNLIKELY( fd_sbpf_enable_stricter_elf_headers_enabled( sbpf_version ) && fd_sbpf_is_function_start( instr ) ) ) {
     351           0 :       function_start = i;
     352           0 :       function_next  = i+1;
     353           0 :       while( function_next<text_cnt && !fd_sbpf_is_function_start( fd_sbpf_instr( text[function_next] ) ) ) {
     354           0 :         function_next++;
     355           0 :       }
     356           0 :       if( FD_UNLIKELY( !fd_sbpf_is_function_end( fd_sbpf_instr( text[function_next-1] ) ) ) ) {
     357           0 :         return FD_VM_INVALID_FUNCTION;
     358           0 :       }
     359           0 :     }
     360             : 
     361   805459896 :     uchar validation_code = validation_map[ instr.opcode.raw ];
     362   805459896 :     switch( validation_code ) {
     363             : 
     364   644362578 :     case FD_VALID: break;
     365             : 
     366             :     /* Store ops are special because they allow dreg==r10.
     367             :        We use a special validation_code, used later in the
     368             :        "Check registers" section.
     369             :        But there's nothing to do at this time. */
     370       15738 :     case FD_CHECK_ST: break;
     371             : 
     372       22059 :     case FD_CHECK_JMP_V0: {
     373       22059 :       long jmp_dst = (long)i + (long)instr.offset + 1L;
     374       22059 :       if( FD_UNLIKELY( (jmp_dst<0) | (jmp_dst>=(long)text_cnt)                          ) ) return FD_VM_ERR_JMP_OUT_OF_BOUNDS;
     375             :       //FIXME: this shouldn't be here?
     376       21921 :       if( FD_UNLIKELY( fd_sbpf_instr( text[ jmp_dst ] ).opcode.raw==FD_SBPF_OP_ADDL_IMM ) ) return FD_VM_ERR_JMP_TO_ADDL_IMM;
     377       21921 :       break;
     378       21921 :     }
     379             : 
     380       21921 :     case FD_CHECK_JMP_V3: {
     381           0 :       long jmp_dst = (long)i + (long)instr.offset + 1L;
     382           0 :       if( FD_UNLIKELY( (jmp_dst<(long)function_start) | (jmp_dst>=(long)function_next) ) ) return FD_VM_ERR_JMP_OUT_OF_BOUNDS;
     383           0 :       break;
     384           0 :     }
     385             : 
     386          96 :     case FD_CHECK_END: {
     387          96 :       if( FD_UNLIKELY( !((instr.imm==16) | (instr.imm==32) | (instr.imm==64)) ) ) return FD_VM_ERR_INVALID_END_IMM;
     388          78 :       break;
     389          96 :     }
     390             : 
     391             :     /* https://github.com/solana-labs/rbpf/blob/b503a1867a9cfa13f93b4d99679a17fe219831de/src/verifier.rs#L244 */
     392        5418 :     case FD_CHECK_LDQ: {
     393             :       /* https://github.com/solana-labs/rbpf/blob/b503a1867a9cfa13f93b4d99679a17fe219831de/src/verifier.rs#L131 */
     394        5418 :       if( FD_UNLIKELY( (i+1UL)>=text_cnt ) ) return FD_VM_ERR_INCOMPLETE_LDQ;
     395             : 
     396             :       /* https://github.com/solana-labs/rbpf/blob/b503a1867a9cfa13f93b4d99679a17fe219831de/src/verifier.rs#L137-L139 */
     397        5418 :       fd_sbpf_instr_t addl_imm = fd_sbpf_instr( text[ i+1UL ] );
     398        5418 :       if( FD_UNLIKELY( addl_imm.opcode.raw!=FD_SBPF_OP_ADDL_IMM ) ) return FD_VM_ERR_LDQ_NO_ADDL_IMM;
     399             : 
     400             :       /* FIXME: SET A BIT MAP HERE OF ADDL_IMM TO DENOTE * AS FORBIDDEN
     401             :          BRANCH TARGETS OF CALL_REG?? */
     402             : 
     403        5418 :       i++; /* Skip the addl imm */
     404        5418 :       break;
     405        5418 :     }
     406             : 
     407    64407030 :     case FD_CHECK_DIV: {
     408    64407030 :       if( FD_UNLIKELY( instr.imm==0 ) ) return FD_VM_ERR_SIGFPE;
     409    64406970 :       break;
     410    64407030 :     }
     411             : 
     412    64406970 :     case FD_CHECK_SH32: {
     413    48308280 :       if( FD_UNLIKELY( instr.imm>=32 ) ) return FD_VM_SH_OVERFLOW;
     414    48308250 :       break;
     415    48308280 :     }
     416             : 
     417    48335373 :     case FD_CHECK_SH64: {
     418    48335373 :       if( FD_UNLIKELY( instr.imm>=64 ) ) return FD_VM_SH_OVERFLOW;
     419    48335331 :       break;
     420    48335373 :     }
     421             : 
     422             :     /* https://github.com/anza-xyz/sbpf/blob/v0.11.1/src/verifier.rs#L220 */
     423    48335331 :     case FD_CHECK_CALL_REG: {
     424          21 :       if( FD_UNLIKELY( instr.src_reg > 9 ) ) {
     425           9 :         return FD_VM_ERR_INVALID_REG;
     426           9 :       }
     427          12 :       break;
     428          21 :     }
     429        2124 :     case FD_CHECK_CALL_REG_DEPR: {
     430        2124 :       if( FD_UNLIKELY( instr.imm > 9 ) ) {
     431           9 :         return FD_VM_ERR_INVALID_REG;
     432           9 :       }
     433        2115 :       break;
     434        2124 :     }
     435             : 
     436             :     /* https://github.com/anza-xyz/sbpf/blob/v0.12.2/src/verifier.rs#L403-L409 */
     437        2115 :     case FD_CHECK_CALL_IMM: {
     438           0 :       ulong target_pc = (ulong)( fd_long_sat_add( (long)i, fd_long_sat_add( (long)(int)instr.imm, 1 ) ) );
     439           0 :       if( FD_UNLIKELY( !(
     440           0 :         target_pc<text_cnt && fd_sbpf_is_function_start( fd_sbpf_instr( text[target_pc] ) )
     441           0 :       ) ) ) {
     442           0 :         return FD_VM_INVALID_FUNCTION;
     443           0 :       }
     444           0 :       break;
     445           0 :     }
     446             : 
     447             :     /* https://github.com/anza-xyz/sbpf/blob/v0.12.2/src/verifier.rs#L414-L423 */
     448           0 :     case FD_CHECK_SYSCALL: {
     449             :       /* check active syscall */
     450           0 :       fd_sbpf_syscalls_t const * syscall = fd_sbpf_syscalls_query_const( vm->syscalls, (ulong)instr.imm, NULL );
     451           0 :       if( FD_UNLIKELY( !syscall ) ) {
     452           0 :         return FD_VM_INVALID_SYSCALL;
     453           0 :       }
     454           0 :       break;
     455           0 :     }
     456             : 
     457        1179 :     case FD_INVALID: default: return FD_VM_ERR_INVALID_OPCODE;
     458   805459896 :     }
     459             : 
     460             :     /* Check registers
     461             :        https://github.com/solana-labs/rbpf/blob/v0.8.5/src/verifier.rs#L177 */
     462             : 
     463             :     /* Source register */
     464   805458411 :     if( FD_UNLIKELY( instr.src_reg>10 ) ) return FD_VM_ERR_INVALID_SRC_REG;
     465             : 
     466             :     /* Special R10 register allowed for ADD64_IMM */
     467   805458021 :     if( instr.dst_reg==10U
     468   805458021 :         && FD_VM_SBPF_DYNAMIC_STACK_FRAMES( sbpf_version )
     469   805458021 :         && instr.opcode.raw == 0x07
     470   805458021 :         && ( instr.imm % FD_VM_SBPF_DYNAMIC_STACK_FRAMES_ALIGN )==0 )
     471           9 :         continue;
     472             : 
     473             :     /* Destination register. */
     474   805458012 :     if( FD_UNLIKELY( instr.dst_reg==10U && validation_code != FD_CHECK_ST ) ) return FD_VM_ERR_INVALID_DST_REG;
     475   805457631 :     if( FD_UNLIKELY( instr.dst_reg > 10U ) ) return FD_VM_ERR_INVALID_DST_REG;
     476   805457631 :   }
     477             : 
     478        5421 :   return FD_VM_SUCCESS;
     479        7878 : }
     480             : 
     481             : FD_FN_CONST ulong
     482         471 : fd_vm_align( void ) {
     483         471 :   return FD_VM_ALIGN;
     484         471 : }
     485             : 
     486             : FD_FN_CONST ulong
     487         231 : fd_vm_footprint( void ) {
     488         231 :   return FD_VM_FOOTPRINT;
     489         231 : }
     490             : 
     491             : void *
     492         231 : fd_vm_new( void * shmem ) {
     493             : 
     494         231 :   if( FD_UNLIKELY( !shmem ) ) {
     495           0 :     FD_LOG_WARNING(( "NULL shmem" ));
     496           0 :     return NULL;
     497           0 :   }
     498             : 
     499         231 :   if( FD_UNLIKELY( !fd_ulong_is_aligned( (ulong)shmem, fd_vm_align() ) ) ) {
     500           0 :     FD_LOG_WARNING(( "misaligned shmem" ));
     501           0 :     return NULL;
     502           0 :   }
     503             : 
     504         231 :   fd_vm_t * vm = (fd_vm_t *)shmem;
     505         231 :   fd_memset( vm, 0, fd_vm_footprint() );
     506             : 
     507         231 :   FD_COMPILER_MFENCE();
     508         231 :   FD_VOLATILE( vm->magic ) = FD_VM_MAGIC;
     509         231 :   FD_COMPILER_MFENCE();
     510             : 
     511         231 :   return shmem;
     512         231 : }
     513             : 
     514             : fd_vm_t *
     515         231 : fd_vm_join( void * shmem ) {
     516             : 
     517         231 :   if( FD_UNLIKELY( !shmem ) ) {
     518           0 :     FD_LOG_WARNING(( "NULL shmem" ));
     519           0 :     return NULL;
     520           0 :   }
     521             : 
     522         231 :   if( FD_UNLIKELY( !fd_ulong_is_aligned( (ulong)shmem, fd_vm_align() ) ) ) {
     523           0 :     FD_LOG_WARNING(( "misaligned shmem" ));
     524           0 :     return NULL;
     525           0 :   }
     526             : 
     527         231 :   fd_vm_t * vm = (fd_vm_t *)shmem;
     528             : 
     529         231 :   if( FD_UNLIKELY( vm->magic!=FD_VM_MAGIC ) ) {
     530           0 :     FD_LOG_WARNING(( "bad magic" ));
     531           0 :     return NULL;
     532           0 :   }
     533             : 
     534         231 :   return vm;
     535         231 : }
     536             : 
     537             : void *
     538           9 : fd_vm_leave( fd_vm_t * vm ) {
     539             : 
     540           9 :   if( FD_UNLIKELY( !vm ) ) {
     541           0 :     FD_LOG_WARNING(( "NULL vm" ));
     542           0 :     return NULL;
     543           0 :   }
     544             : 
     545           9 :   return (void *)vm;
     546           9 : }
     547             : 
     548             : void *
     549           9 : fd_vm_delete( void * shmem ) {
     550             : 
     551           9 :   if( FD_UNLIKELY( !shmem ) ) {
     552           0 :     FD_LOG_WARNING(( "NULL shmem" ));
     553           0 :     return NULL;
     554           0 :   }
     555             : 
     556           9 :   if( FD_UNLIKELY( !fd_ulong_is_aligned( (ulong)shmem, fd_vm_align() ) ) ) {
     557           0 :     FD_LOG_WARNING(( "misaligned shmem" ));
     558           0 :     return NULL;
     559           0 :   }
     560             : 
     561           9 :   fd_vm_t * vm = (fd_vm_t *)shmem;
     562             : 
     563           9 :   if( FD_UNLIKELY( vm->magic!=FD_VM_MAGIC ) ) {
     564           0 :     FD_LOG_WARNING(( "bad magic" ));
     565           0 :     return NULL;
     566           0 :   }
     567             : 
     568           9 :   FD_COMPILER_MFENCE();
     569           9 :   FD_VOLATILE( vm->magic ) = 0UL;
     570           9 :   FD_COMPILER_MFENCE();
     571             : 
     572           9 :   return (void *)vm;
     573           9 : }
     574             : 
     575             : fd_vm_t *
     576             : fd_vm_init(
     577             :    fd_vm_t * vm,
     578             :    fd_exec_instr_ctx_t *instr_ctx,
     579             :    ulong heap_max,
     580             :    ulong entry_cu,
     581             :    uchar const * rodata,
     582             :    ulong rodata_sz,
     583             :    ulong const * text,
     584             :    ulong text_cnt,
     585             :    ulong text_off,
     586             :    ulong text_sz,
     587             :    ulong entry_pc,
     588             :    ulong const * calldests,
     589             :    ulong sbpf_version,
     590             :    fd_sbpf_syscalls_t * syscalls,
     591             :    fd_vm_trace_t * trace,
     592             :    fd_sha256_t * sha,
     593             :    fd_vm_input_region_t * mem_regions,
     594             :    uint mem_regions_cnt,
     595             :    fd_vm_acc_region_meta_t * acc_region_metas,
     596             :    uchar is_deprecated,
     597             :    int direct_mapping,
     598             :    int stricter_abi_and_runtime_constraints,
     599        7884 :    int dump_syscall_to_pb ) {
     600             : 
     601        7884 :   if ( FD_UNLIKELY( vm == NULL ) ) {
     602           0 :     FD_LOG_WARNING(( "NULL vm" ));
     603           0 :     return NULL;
     604           0 :   }
     605             : 
     606        7884 :   if ( FD_UNLIKELY( vm->magic != FD_VM_MAGIC ) ) {
     607           0 :     FD_LOG_WARNING(( "bad magic" ));
     608           0 :     return NULL;
     609           0 :   }
     610             : 
     611        7884 :   if ( FD_UNLIKELY( heap_max > FD_VM_HEAP_MAX ) ) {
     612           0 :     FD_LOG_WARNING(( "heap_max > FD_VM_HEAP_MAX" ));
     613           0 :     return NULL;
     614           0 :   }
     615             : 
     616             :   /* We do support calldests==NULL for tests that do not require
     617             :      program execution, e.g. just testing some interpreter functionality
     618             :      or syscalls.
     619             :      SBPF v3+ no longer needs calldests, so we enforce it to be NULL. */
     620        7884 :   if( FD_UNLIKELY( calldests && fd_sbpf_enable_stricter_elf_headers_enabled( sbpf_version ) ) ) {
     621           0 :     return NULL;
     622           0 :   }
     623             : 
     624             :   // Set the vm fields
     625        7884 :   vm->instr_ctx                            = instr_ctx;
     626        7884 :   vm->heap_max                             = heap_max;
     627        7884 :   vm->entry_cu                             = entry_cu;
     628        7884 :   vm->rodata                               = rodata;
     629        7884 :   vm->rodata_sz                            = rodata_sz;
     630        7884 :   vm->text                                 = text;
     631        7884 :   vm->text_cnt                             = text_cnt;
     632        7884 :   vm->text_off                             = text_off;
     633        7884 :   vm->text_sz                              = text_sz;
     634        7884 :   vm->entry_pc                             = entry_pc;
     635        7884 :   vm->calldests                            = calldests;
     636        7884 :   vm->sbpf_version                         = sbpf_version;
     637        7884 :   vm->syscalls                             = syscalls;
     638        7884 :   vm->trace                                = trace;
     639        7884 :   vm->sha                                  = sha;
     640        7884 :   vm->input_mem_regions                    = mem_regions;
     641        7884 :   vm->input_mem_regions_cnt                = mem_regions_cnt;
     642        7884 :   vm->acc_region_metas                     = acc_region_metas;
     643        7884 :   vm->is_deprecated                        = is_deprecated;
     644        7884 :   vm->direct_mapping                       = direct_mapping;
     645        7884 :   vm->stricter_abi_and_runtime_constraints = stricter_abi_and_runtime_constraints;
     646        7884 :   vm->segv_vaddr                           = ULONG_MAX;
     647        7884 :   vm->segv_access_len                      = 0UL;
     648        7884 :   vm->segv_access_type                     = 0;
     649        7884 :   vm->dump_syscall_to_pb                   = dump_syscall_to_pb;
     650             : 
     651             :   /* Unpack the configuration */
     652        7884 :   int err = fd_vm_setup_state_for_execution( vm );
     653        7884 :   if( FD_UNLIKELY( err != FD_VM_SUCCESS ) ) {
     654           0 :     return NULL;
     655           0 :   }
     656             : 
     657        7884 :   return vm;
     658        7884 : }
     659             : 
     660             : int
     661        7884 : fd_vm_setup_state_for_execution( fd_vm_t * vm ) {
     662             : 
     663        7884 :   if ( FD_UNLIKELY( !vm ) ) {
     664           0 :     FD_LOG_WARNING(( "NULL vm" ));
     665           0 :     return FD_VM_ERR_INVAL;
     666           0 :   }
     667             : 
     668             :   /* Unpack input and rodata */
     669        7884 :   fd_vm_mem_cfg( vm );
     670             : 
     671             :   /* Initialize registers */
     672             :   /* FIXME: Zero out shadow, stack and heap here? */
     673        7884 :   fd_memset( vm->reg, 0, FD_VM_REG_MAX * sizeof(ulong) );
     674        7884 :   vm->reg[ 1] = FD_VM_MEM_MAP_INPUT_REGION_START;
     675             :   /* https://github.com/solana-labs/rbpf/blob/4ad935be45e5663be23b30cfc750b1ae1ad03c44/src/vm.rs#L326-L333 */
     676        7884 :   vm->reg[10] = FD_VM_MEM_MAP_STACK_REGION_START +
     677        7884 :     ( FD_VM_SBPF_DYNAMIC_STACK_FRAMES( vm->sbpf_version ) ? FD_VM_STACK_MAX : FD_VM_STACK_FRAME_SZ );
     678             :   /* Note: Agave uses r11 as pc, we don't */
     679             : 
     680             :   /* Set execution state */
     681        7884 :   vm->pc        = vm->entry_pc;
     682        7884 :   vm->ic        = 0UL;
     683        7884 :   vm->cu        = vm->entry_cu;
     684        7884 :   vm->frame_cnt = 0UL;
     685             : 
     686        7884 :   vm->heap_sz = 0UL;
     687             : 
     688             :   /* Do NOT reset logs */
     689             : 
     690        7884 :   return FD_VM_SUCCESS;
     691        7884 : }

Generated by: LCOV version 1.14