Merge remote-tracking branch 'upstream/v3.2.0-source'

.github/workflows/shellcheck-ci.yml

@@ -0,0 +1,30 @@
+name: ShellCheck CI
+run-name: ShellCheck CI triggered from @${{ github.actor }} of ${{ github.head_ref }}
+
+on:
+  workflow_dispatch:
+  merge_group:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  shellcheck:
+    name: Run ShellCheck
+    runs-on: ubuntu-8
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Run ShellCheck
+        uses: ludeeus/action-shellcheck@master
+        with:
+          ignore_paths: >-
+            ./fastcache/**
+            ./contracts/**
+            ./safe-smart-account/**
+            ./go-ethereum/**
+            ./nitro-testnode/**
+            ./brotli/**
+            ./arbitrator/**

.github/workflows/submodule-pin-check.yml

@@ -1,21 +1,69 @@
-name: Submodule Pin Check
+name: Merge Checks
 
 on:
-  pull_request:
+  pull_request_target:
     branches: [ master ]
     types: [synchronize, opened, reopened]
 
+permissions:
+  statuses: write
+
 jobs:
   submodule-pin-check:
-    name: Submodule Pin Check
+    name: Check Submodule Pin
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          submodules: recursive
+          submodules: true
+          ref: "${{ github.event.pull_request.merge_commit_sha }}"
 
       - name: Check all submodules are ancestors of origin/HEAD or configured branch
-        run: ${{ github.workspace }}/.github/workflows/submodule-pin-check.sh
+        run: |
+          status_state="pending"
+          declare -Ar exceptions=(
+            [contracts]=origin/develop
+            [nitro-testnode]=origin/master
+            
+            #TODO Rachel to check these are the intended branches.
+            [arbitrator/langs/c]=origin/vm-storage-cache
+            [arbitrator/tools/wasmer]=origin/adopt-v4.2.8
+          )
+          divergent=0
+          for mod in `git submodule --quiet foreach 'echo $name'`; do
+            branch=origin/HEAD
+            if [[ -v exceptions[$mod] ]]; then
+              branch=${exceptions[$mod]}
+            fi
+            
+            if ! git -C $mod merge-base --is-ancestor HEAD $branch; then
+              echo $mod diverges from $branch
+              divergent=1
+            fi
+          done
+          if [ $divergent -eq 0 ]; then
+            status_state="success"
+          else
+            resp="$(curl -sSL --fail-with-body \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "https://api.github.com/repos/$GITHUB_REPOSITORY/commits/${{ github.event.pull_request.head.sha }}/statuses")"
 
+            if ! jq -e '.[] | select(.context == "Submodule Pin Check")' > /dev/null <<< "$resp"; then
+              # Submodule pin check is failling and no status exists
+              # Keep it without a status to keep the green checkmark appearing
+              # Otherwise, the commit and PR's CI will appear to be indefinitely pending
+              # Merging will still be blocked until the required status appears
+              exit 0
+            fi
+          fi
+          curl -sSL --fail-with-body \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/$GITHUB_REPOSITORY/statuses/${{ github.event.pull_request.head.sha }}" \
+            -d '{"context":"Submodule Pin Check","state":"'"$status_state"'"}'

Makefile

@@ -31,6 +31,14 @@ ifneq ($(origin GOLANG_LDFLAGS),undefined)
  GOLANG_PARAMS = -ldflags="-extldflags '-ldl' $(GOLANG_LDFLAGS)"
 endif
 
+UNAME_S := $(shell uname -s)
+
+# In Mac OSX, there are a lot of warnings emitted if these environment variables aren't set.
+ifeq ($(UNAME_S), Darwin)
+  export MACOSX_DEPLOYMENT_TARGET := $(shell sw_vers -productVersion)
+  export CGO_LDFLAGS := -Wl,-no_warn_duplicate_libraries
+endif
+
 precompile_names = AddressTable Aggregator BLS Debug FunctionTable GasInfo Info osTest Owner RetryableTx Statistics Sys
 precompiles = $(patsubst %,./solgen/generated/%.go, $(precompile_names))
 

arbcompress/compress_common.go

@@ -17,6 +17,8 @@ func compressedBufferSizeFor(length int) int {
 	return length + (length>>10)*8 + 64 // actual limit is: length + (length >> 14) * 4 + 6
 }
 
-func CompressLevel(input []byte, level int) ([]byte, error) {
+func CompressLevel(input []byte, level uint64) ([]byte, error) {
+	// level is trusted and shouldn't be anything crazy
+	// #nosec G115
 	return Compress(input, uint32(level), EmptyDictionary)
 }

arbitrator/arbutil/src/evm/api.rs

@@ -77,7 +77,7 @@ pub trait EvmApi<D: DataReader>: Send + 'static {
     /// Reads the 32-byte value in the EVM state trie at offset `key`.
     /// Returns the value and the access cost in gas.
     /// Analogous to `vm.SLOAD`.
-    fn get_bytes32(&mut self, key: Bytes32) -> (Bytes32, u64);
+    fn get_bytes32(&mut self, key: Bytes32, evm_api_gas_to_use: u64) -> (Bytes32, u64);
 
     /// Stores the given value at the given key in Stylus VM's cache of the EVM state trie.
     /// Note that the actual values only get written after calls to `set_trie_slots`.

arbitrator/arbutil/src/evm/mod.rs

@@ -74,9 +74,12 @@ pub const GASPRICE_GAS: u64 = GAS_QUICK_STEP;
 // vm.GasQuickStep (see jump_table.go)
 pub const ORIGIN_GAS: u64 = GAS_QUICK_STEP;
 
+pub const ARBOS_VERSION_STYLUS_CHARGING_FIXES: u64 = 32;
+
 #[derive(Clone, Copy, Debug, Default)]
 #[repr(C)]
 pub struct EvmData {
+    pub arbos_version: u64,
     pub block_basefee: Bytes32,
     pub chainid: u64,
     pub block_coinbase: Bytes20,

arbitrator/arbutil/src/evm/req.rs

@@ -7,8 +7,6 @@ use crate::{
         storage::{StorageCache, StorageWord},
         user::UserOutcomeKind,
     },
-    format::Utf8OrHex,
-    pricing::EVM_API_INK,
     Bytes20, Bytes32,
 };
 use eyre::{bail, eyre, Result};
@@ -100,13 +98,13 @@ impl<D: DataReader, H: RequestHandler<D>> EvmApiRequestor<D, H> {
 }
 
 impl<D: DataReader, H: RequestHandler<D>> EvmApi<D> for EvmApiRequestor<D, H> {
-    fn get_bytes32(&mut self, key: Bytes32) -> (Bytes32, u64) {
+    fn get_bytes32(&mut self, key: Bytes32, evm_api_gas_to_use: u64) -> (Bytes32, u64) {
         let cache = &mut self.storage_cache;
         let mut cost = cache.read_gas();
 
         let value = cache.entry(key).or_insert_with(|| {
             let (res, _, gas) = self.handler.request(EvmApiMethod::GetBytes32, key);
-            cost = cost.saturating_add(gas).saturating_add(EVM_API_INK);
+            cost = cost.saturating_add(gas).saturating_add(evm_api_gas_to_use);
             StorageWord::known(res.try_into().unwrap())
         });
         (value.value, cost)
@@ -140,8 +138,13 @@ impl<D: DataReader, H: RequestHandler<D>> EvmApi<D> for EvmApiRequestor<D, H> {
         }
 
         let (res, _, cost) = self.request(EvmApiMethod::SetTrieSlots, data);
-        if res[0] != EvmApiStatus::Success.into() {
-            bail!("{}", String::from_utf8_or_hex(res));
+        let status = res
+            .first()
+            .copied()
+            .map(EvmApiStatus::from)
+            .unwrap_or(EvmApiStatus::Failure);
+        if status != EvmApiStatus::Success {
+            bail!("{:?}", status);
         }
         Ok(cost)
     }
@@ -156,8 +159,13 @@ impl<D: DataReader, H: RequestHandler<D>> EvmApi<D> for EvmApiRequestor<D, H> {
         data.extend(key);
         data.extend(value);
         let (res, ..) = self.request(EvmApiMethod::SetTransientBytes32, data);
-        if res[0] != EvmApiStatus::Success.into() {
-            bail!("{}", String::from_utf8_or_hex(res));
+        let status = res
+            .first()
+            .copied()
+            .map(EvmApiStatus::from)
+            .unwrap_or(EvmApiStatus::Failure);
+        if status != EvmApiStatus::Success {
+            bail!("{:?}", status);
         }
         Ok(())
     }

arbitrator/jit/src/machine.rs

@@ -129,7 +129,9 @@ pub fn create(opts: &Opts, env: WasmEnv) -> (Instance, FunctionEnv<WasmEnv>, Sto
             "send_response" => func!(program::send_response),
             "create_stylus_config" => func!(program::create_stylus_config),
             "create_evm_data" => func!(program::create_evm_data),
+            "create_evm_data_v2" => func!(program::create_evm_data_v2),
             "activate" => func!(program::activate),
+            "activate_v2" => func!(program::activate_v2),
         },
     };
 

arbitrator/jit/src/program.rs

@@ -16,16 +16,54 @@ use prover::{
     programs::{config::PricingParams, prelude::*},
 };
 
-/// activates a user program
+const DEFAULT_STYLUS_ARBOS_VERSION: u64 = 31;
+
 pub fn activate(
+    env: WasmEnvMut,
+    wasm_ptr: GuestPtr,
+    wasm_size: u32,
+    pages_ptr: GuestPtr,
+    asm_estimate_ptr: GuestPtr,
+    init_cost_ptr: GuestPtr,
+    cached_init_cost_ptr: GuestPtr,
+    stylus_version: u16,
+    debug: u32,
+    codehash: GuestPtr,
+    module_hash_ptr: GuestPtr,
+    gas_ptr: GuestPtr,
+    err_buf: GuestPtr,
+    err_buf_len: u32,
+) -> Result<u32, Escape> {
+    activate_v2(
+        env,
+        wasm_ptr,
+        wasm_size,
+        pages_ptr,
+        asm_estimate_ptr,
+        init_cost_ptr,
+        cached_init_cost_ptr,
+        stylus_version,
+        DEFAULT_STYLUS_ARBOS_VERSION,
+        debug,
+        codehash,
+        module_hash_ptr,
+        gas_ptr,
+        err_buf,
+        err_buf_len,
+    )
+}
+
+/// activates a user program
+pub fn activate_v2(
     mut env: WasmEnvMut,
     wasm_ptr: GuestPtr,
     wasm_size: u32,
     pages_ptr: GuestPtr,
     asm_estimate_ptr: GuestPtr,
     init_cost_ptr: GuestPtr,
     cached_init_cost_ptr: GuestPtr,
-    version: u16,
+    stylus_version: u16,
+    arbos_version_for_gas: u64,
     debug: u32,
     codehash: GuestPtr,
     module_hash_ptr: GuestPtr,
@@ -40,7 +78,15 @@ pub fn activate(
 
     let page_limit = mem.read_u16(pages_ptr);
     let gas_left = &mut mem.read_u64(gas_ptr);
-    match Module::activate(&wasm, codehash, version, page_limit, debug, gas_left) {
+    match Module::activate(
+        &wasm,
+        codehash,
+        stylus_version,
+        arbos_version_for_gas,
+        page_limit,
+        debug,
+        gas_left,
+    ) {
         Ok((module, data)) => {
             mem.write_u64(gas_ptr, *gas_left);
             mem.write_u16(pages_ptr, data.footprint);
@@ -222,9 +268,47 @@ pub fn create_stylus_config(
     Ok(res as u64)
 }
 
-/// Creates an `EvmData` handler from its component parts.
 pub fn create_evm_data(
+    env: WasmEnvMut,
+    block_basefee_ptr: GuestPtr,
+    chainid: u64,
+    block_coinbase_ptr: GuestPtr,
+    block_gas_limit: u64,
+    block_number: u64,
+    block_timestamp: u64,
+    contract_address_ptr: GuestPtr,
+    module_hash_ptr: GuestPtr,
+    msg_sender_ptr: GuestPtr,
+    msg_value_ptr: GuestPtr,
+    tx_gas_price_ptr: GuestPtr,
+    tx_origin_ptr: GuestPtr,
+    cached: u32,
+    reentrant: u32,
+) -> Result<u64, Escape> {
+    create_evm_data_v2(
+        env,
+        DEFAULT_STYLUS_ARBOS_VERSION,
+        block_basefee_ptr,
+        chainid,
+        block_coinbase_ptr,
+        block_gas_limit,
+        block_number,
+        block_timestamp,
+        contract_address_ptr,
+        module_hash_ptr,
+        msg_sender_ptr,
+        msg_value_ptr,
+        tx_gas_price_ptr,
+        tx_origin_ptr,
+        cached,
+        reentrant,
+    )
+}
+
+/// Creates an `EvmData` handler from its component parts.
+pub fn create_evm_data_v2(
     mut env: WasmEnvMut,
+    arbos_version: u64,
     block_basefee_ptr: GuestPtr,
     chainid: u64,
     block_coinbase_ptr: GuestPtr,
@@ -243,6 +327,7 @@ pub fn create_evm_data(
     let (mut mem, _) = env.jit_env();
 
     let evm_data = EvmData {
+        arbos_version,
         block_basefee: mem.read_bytes32(block_basefee_ptr),
         cached: cached != 0,
         chainid,