diff --git a/src/app/fddev/configure/genesis.c b/src/app/fddev/configure/genesis.c index 06bc7a4270..e0f10e88cb 100644 --- a/src/app/fddev/configure/genesis.c +++ b/src/app/fddev/configure/genesis.c @@ -30,7 +30,7 @@ default_enable_features( fd_features_t * features ) { features->incremental_snapshot_only_incremental_hash_calculation = 0UL; features->timely_vote_credits = 0UL; features->apply_cost_tracker_during_replay = 0UL; - features->reject_callx_r10 = 0UL; + features->reject_callx_r10 = 1UL; features->update_hashes_per_tick = 0UL; features->enable_partitioned_epoch_reward = 0UL; features->pico_inflation = 0UL; diff --git a/src/flamenco/features/fd_features_generated.c b/src/flamenco/features/fd_features_generated.c index 50c1505377..4bd9003537 100644 --- a/src/flamenco/features/fd_features_generated.c +++ b/src/flamenco/features/fd_features_generated.c @@ -470,7 +470,8 @@ fd_feature_id_t const ids[] = { { .index = offsetof(fd_features_t, reject_callx_r10)>>3, .id = {"\x23\x2d\x66\x6d\x5c\x7d\x78\x7e\xf9\x05\x90\x7b\x5c\x5b\xfe\x99\xd2\x8a\x96\xc4\x37\xaa\x40\x2a\x06\x26\x72\x4e\xdd\x3c\x7a\x10"}, /* 3NKRSwpySNwD3TvP5pHnRmkAQRsdkXWRr1WaQh8p4PWX */ - .name = "reject_callx_r10" }, + .name = "reject_callx_r10", + .cleaned_up = 2010 }, { .index = offsetof(fd_features_t, drop_redundant_turbine_path)>>3, .id = {"\x2f\xd4\x72\x78\xb4\x96\xc4\xff\x58\x4b\x74\x4b\xfc\xec\x33\x90\x63\xd1\x91\xe8\xd1\xa7\xad\x65\xd2\xe2\x5d\xb1\x03\x6f\xd7\x8f"}, diff --git a/src/flamenco/features/feature_map.json b/src/flamenco/features/feature_map.json index a85589a1be..52666cb2f7 100644 --- a/src/flamenco/features/feature_map.json +++ b/src/flamenco/features/feature_map.json @@ -78,7 +78,7 @@ {"name":"stake_split_uses_rent_sysvar","pubkey": "FQnc7U4koHqWgRvFaBJjZnV8VPg6L6wWK33yJeDp4yvV","cleaned_up":1180}, {"name":"add_get_minimum_delegation_instruction_to_stake_program","pubkey": "St8k9dVXP97xT6faW24YmRSYConLbhsMJA4TJTBLmMT","cleaned_up":1180}, {"name":"error_on_syscall_bpf_function_hash_collisions","pubkey": "8199Q2gMD2kwgfopK5qqVWuDbegLgpuFUFHCcUJQDN8b"}, - {"name":"reject_callx_r10","pubkey": "3NKRSwpySNwD3TvP5pHnRmkAQRsdkXWRr1WaQh8p4PWX"}, + {"name":"reject_callx_r10","pubkey": "3NKRSwpySNwD3TvP5pHnRmkAQRsdkXWRr1WaQh8p4PWX","cleaned_up":2010}, {"name":"drop_redundant_turbine_path","pubkey": "4Di3y24QFLt5QEUPZtbnjyfQKfm6ZMTfa6Dw1psfoMKU","cleaned_up":1180}, {"name":"executables_incur_cpi_data_cost","pubkey": "7GUcYgq4tVtaqNCKT3dho9r4665Qp5TxCZ27Qgjx3829","cleaned_up":1180}, {"name":"fix_recent_blockhashes","pubkey": "6iyggb5MTcsvdcugX7bEKbHV8c6jdLbpHwkncrgLMhfo","cleaned_up":1180}, diff --git a/src/flamenco/runtime/tests/fd_exec_sol_compat.c b/src/flamenco/runtime/tests/fd_exec_sol_compat.c index 62c9b836c6..9416f857f4 100644 --- a/src/flamenco/runtime/tests/fd_exec_sol_compat.c +++ b/src/flamenco/runtime/tests/fd_exec_sol_compat.c @@ -67,7 +67,7 @@ sol_compat_wksp_init( void ) { for( const fd_feature_id_t * current_feature = fd_feature_iter_init(); !fd_feature_iter_done( current_feature ); current_feature = fd_feature_iter_next( current_feature ) ) { // Skip reverted features if( current_feature->reverted ) continue; - + if( current_feature->cleaned_up ) { memcpy( &features.cleaned_up_features[features.cleaned_up_feature_cnt++], ¤t_feature->id, sizeof(ulong) ); } else { @@ -165,7 +165,7 @@ sol_compat_execute_wrapper( fd_exec_instr_test_runner_t * runner, void * input, void ** output, exec_test_run_fn_t * exec_test_run_fn ) { - + assert( fd_scratch_prepare_is_safe( 1UL ) ); ulong out_bufsz = 100000000; /* 100 MB */ void * out0 = fd_scratch_prepare( 1UL ); @@ -320,7 +320,7 @@ sol_compat_cmp_txn( fd_exec_test_txn_result_t * expected, if( !_diff_resulting_states( &expected->resulting_state, &actual->resulting_state ) ) { return 0; } - + /* TxnResult -> rent */ if( expected->rent != actual->rent ) { FD_LOG_WARNING(( "Rent mismatch: expected=%lu actual=%lu", expected->rent, actual->rent )); @@ -554,7 +554,7 @@ sol_compat_vm_interp_fixture( fd_exec_instr_test_runner_t * runner, return ok; } -int +int sol_compat_validate_vm_fixture( fd_exec_instr_test_runner_t * runner, uchar const * in, ulong in_sz ) { @@ -780,7 +780,7 @@ sol_compat_vm_validate_v1( uchar * out, return ok; } -/* We still need a separate entrypoint since other harnesses (namely sfuzz-agave) +/* We still need a separate entrypoint since other harnesses (namely sfuzz-agave) do something other than wrap their vm_syscall equivalent */ int sol_compat_vm_cpi_syscall_v1( uchar * out, diff --git a/src/flamenco/runtime/tests/fd_vm_test.c b/src/flamenco/runtime/tests/fd_vm_test.c index c909d7b653..2fae0aaa3c 100644 --- a/src/flamenco/runtime/tests/fd_vm_test.c +++ b/src/flamenco/runtime/tests/fd_vm_test.c @@ -13,11 +13,11 @@ fd_vm_syscall_noop( void * _vm, ulong arg3, ulong arg4, ulong* _ret){ - /* TODO: have input message determine CUs to deduct? + /* TODO: have input message determine CUs to deduct? fd_vm_t * vm = (fd_vm_t *) _vm; vm->cu = vm->cu - 5; */ - + (void) _vm; (void) arg0; (void) arg1; @@ -42,16 +42,7 @@ fd_exec_vm_validate_test_run( fd_exec_instr_test_runner_t * runner, return 0UL; } - int rej_callx_r10 = 0; - if( input->has_features ) { - for( ulong i=0UL; i < input->features.features_count; i++ ) { - if( input->features.features[i] == TEST_VM_REJECT_CALLX_R10_FEATURE_PREFIX ) { - rej_callx_r10 = 1; - break; - } - } - } - fd_exec_instr_ctx_t * ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual(), rej_callx_r10 ); + fd_exec_instr_ctx_t * ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual() ); FD_TEST( output_bufsz >= sizeof(fd_exec_test_validate_vm_effects_t) ); @@ -75,7 +66,7 @@ fd_exec_vm_validate_test_run( fd_exec_instr_test_runner_t * runner, rodata_sz = vm_ctx->rodata->size; } - ulong * text = (ulong *) (rodata + vm_ctx->rodata_text_section_offset); + ulong * text = (ulong *) (rodata + vm_ctx->rodata_text_section_offset); ulong text_cnt = vm_ctx->rodata_text_section_length / 8UL; fd_vm_t * vm = fd_vm_join( fd_vm_new( fd_valloc_malloc( valloc, fd_vm_align(), fd_vm_footprint() ) ) ); @@ -107,13 +98,13 @@ fd_exec_vm_validate_test_run( fd_exec_instr_test_runner_t * runner, fd_valloc_free( valloc, fd_vm_delete( fd_vm_leave( vm ) ) ); } while(0); - + /* Run vm validate and capture result */ - + effects->success = (effects->result == FD_VM_SUCCESS); *output = effects; - + test_vm_exec_instr_ctx_delete( ctx ); return sizeof (fd_exec_test_validate_vm_effects_t); } @@ -224,7 +215,7 @@ do{ FD_TEST( vm ); /* Override some execution state values from the interp fuzzer input - This is so we can test if the interp (or vm setup) mutates any of + This is so we can test if the interp (or vm setup) mutates any of these erroneously */ vm->reg[0] = input->vm_ctx.r0; vm->reg[1] = input->vm_ctx.r1; @@ -306,7 +297,7 @@ do{ /* CU error is difficult to properly compare as there may have been valid writes to the memory regions prior to capturing the error. And - the pc might be well past (by an arbitrary amount) the instruction + the pc might be well past (by an arbitrary amount) the instruction where the CU error occurred. */ if( exec_res == FD_VM_ERR_SIGCOST ) break; @@ -336,7 +327,7 @@ do{ (void *) tmp_end, fd_ulong_sat_sub( output_end, tmp_end) ); FD_SCRATCH_ALLOC_APPEND( l, 1UL, input_data_regions_size ); - + } while(0); diff --git a/src/flamenco/vm/fd_vm.c b/src/flamenco/vm/fd_vm.c index ef34938e17..2217617815 100644 --- a/src/flamenco/vm/fd_vm.c +++ b/src/flamenco/vm/fd_vm.c @@ -239,12 +239,12 @@ fd_vm_validate( fd_vm_t const * vm ) { /* FIXME: These checks are not necessary assuming fd_vm_t is populated by metadata generated in fd_sbpf_elf_peek (which performs these checks). But there is no guarantee, and - this non-guarantee is (rightfully) exploited by the fuzz harnesses. + this non-guarantee is (rightfully) exploited by the fuzz harnesses. Agave doesn't perform these checks explicitly due to Rust's guarantees */ - if( FD_UNLIKELY( vm->text_sz / 8UL != vm->text_cnt || + if( FD_UNLIKELY( vm->text_sz / 8UL != vm->text_cnt || (const uchar *) vm->text < vm->rodata || (const uchar *) vm->text > (const uchar *) vm->text + vm->text_sz || /* Overflow chk */ - (const uchar *) vm->text + vm->text_sz > vm->rodata + vm->rodata_sz ) ) + (const uchar *) vm->text + vm->text_sz > vm->rodata + vm->rodata_sz ) ) return FD_VM_ERR_BAD_TEXT; if( FD_UNLIKELY( !fd_ulong_is_aligned( vm->text_sz, 8UL ) ) ) /* https://github.com/solana-labs/rbpf/blob/v0.8.0/src/verifier.rs#L109 */ @@ -289,7 +289,7 @@ fd_vm_validate( fd_vm_t const * vm ) { /* FIXME: SET A BIT MAP HERE OF ADDL_IMM TO DENOTE * AS FORBIDDEN BRANCH TARGETS OF CALL_REG?? */ - + i++; /* Skip the addl imm */ break; } @@ -312,7 +312,7 @@ fd_vm_validate( fd_vm_t const * vm ) { case FD_CHECK_CALLX: { /* The register number to read is stored in the immediate. https://github.com/solana-labs/rbpf/blob/v0.8.1/src/verifier.rs#L218 */ - if( FD_UNLIKELY( instr.imm > ( FD_FEATURE_ACTIVE( vm->instr_ctx->slot_ctx, reject_callx_r10 ) ? 9 : 10 ) ) ) { + if( FD_UNLIKELY( instr.imm > 9 ) ) { return FD_VM_ERR_INVALID_REG; } break; diff --git a/src/flamenco/vm/instr_test/jump.instr b/src/flamenco/vm/instr_test/jump.instr index e9fc023095..aa0021dafb 100644 --- a/src/flamenco/vm/instr_test/jump.instr +++ b/src/flamenco/vm/instr_test/jump.instr @@ -364,19 +364,9 @@ $ op=dd dst=a src=1 off=0000 : vfy $ op=dd dst=9 src=b off=0000 : vfy # call_reg reg[imm] (these should fail during exec by default) -$ op=8d dst=9 src=9 imm=0 : err -$ op=8d dst=9 src=9 imm=1 : err -$ op=8d dst=9 src=9 imm=9 : err -$ op=8d dst=9 src=9 imm=b : vfy -$ op=8d dst=9 src=9 imm=ffffffff : vfy -$ op=8d dst=9 src=9 imm=a : err - -$ reject_callx_r10=1 - op=8d dst=9 src=9 imm=a : vfy $ op=8d dst=9 src=9 imm=0 : err $ op=8d dst=9 src=9 imm=1 : err $ op=8d dst=9 src=9 imm=9 : err $ op=8d dst=9 src=9 imm=b : vfy -$ op=8d dst=9 src=9 imm=fffffffff : vfy - -$ reject_callx_r10=0 +$ op=8d dst=9 src=9 imm=ffffffff : vfy +$ op=8d dst=9 src=9 imm=a : vfy diff --git a/src/flamenco/vm/syscall/test_vm_syscall_curve.c b/src/flamenco/vm/syscall/test_vm_syscall_curve.c index 6258cbb7a6..248722a77c 100644 --- a/src/flamenco/vm/syscall/test_vm_syscall_curve.c +++ b/src/flamenco/vm/syscall/test_vm_syscall_curve.c @@ -75,7 +75,7 @@ main( int argc, uchar rodata[ rodata_sz ]; set_memory_region( rodata, rodata_sz ); - fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual(), false ); + fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual() ); fd_features_enable_all( &((fd_exec_epoch_ctx_t *)instr_ctx->epoch_ctx)->features ); int vm_ok = !!fd_vm_init( diff --git a/src/flamenco/vm/syscall/test_vm_syscalls.c b/src/flamenco/vm/syscall/test_vm_syscalls.c index 6830e20fd2..8515ab1f20 100644 --- a/src/flamenco/vm/syscall/test_vm_syscalls.c +++ b/src/flamenco/vm/syscall/test_vm_syscalls.c @@ -3,7 +3,7 @@ static inline void set_memory_region( uchar * mem, ulong sz ) { for( ulong i=0UL; iinput_mem_regions[0].haddr + 800UL, 50UL, 0UL, FD_VM_SUCCESS ); - + test_vm_syscall_sol_memcpy( "test_vm_syscall_sol_memcpy: memcpy in input overlapping vaddr", vm, FD_VM_MEM_MAP_INPUT_REGION_START + 80UL, @@ -475,7 +475,7 @@ main( int argc, vm->input_mem_regions[0].haddr + 50UL, vm->input_mem_regions[0].haddr + 450UL, 500UL, - 0UL, FD_VM_ERR_MEM_OVERLAP ); + 0UL, FD_VM_ERR_MEM_OVERLAP ); test_vm_syscall_toggle_direct_mapping( instr_ctx, 0 ); /* disable direct mapping */ @@ -571,7 +571,7 @@ main( int argc, vm->input_mem_regions[0].haddr + 800UL, 50UL, 0UL, FD_VM_SUCCESS ); - + test_vm_syscall_sol_memmove( "test_vm_syscall_sol_memmove: memmove in input overlapping vaddr", vm, FD_VM_MEM_MAP_INPUT_REGION_START + 80UL, @@ -597,7 +597,7 @@ main( int argc, vm->input_mem_regions[0].haddr + 50UL, vm->input_mem_regions[0].haddr + 450UL, 500UL, - 0UL, FD_VM_SUCCESS ); + 0UL, FD_VM_SUCCESS ); // test for memcmp at the heap region test_vm_syscall_sol_memcmp( "test_vm_syscall_sol_memcmp: memcmp at the heap region", @@ -659,7 +659,6 @@ main( int argc, 200UL, 0UL, FD_VM_SUCCESS ); - uchar expected_log[ FD_VM_LOG_MAX ]; ulong expected_log_sz = 0UL; diff --git a/src/flamenco/vm/test_vm_instr.c b/src/flamenco/vm/test_vm_instr.c index 949463aa94..f4303d0103 100644 --- a/src/flamenco/vm/test_vm_instr.c +++ b/src/flamenco/vm/test_vm_instr.c @@ -45,7 +45,6 @@ struct test_input { ushort off; ulong imm; ulong reg[REG_CNT]; - int reject_callx_r10; uint region_boundary[16]; /* This can be changed */ uint region_boundary_cnt; }; @@ -326,11 +325,6 @@ parse_token( test_parser_t * p, ulong * out = p->state == PARSE_STATE_ASSERT ? p->effects.reg : p->input.reg; out[ reg ] = parse_hex_int( p ); - } else if( 0==strncmp( word, "reject_callx_r10", word_len ) ) { - - parse_assign_sep( p ); - p->input.reject_callx_r10 = !!parse_hex_int( p ); - } else { FD_LOG_ERR(( "Unexpected token '%.*s' at %s(%lu)", (int)word_len, word, p->path, p->line )); @@ -437,7 +431,7 @@ run_input( test_input_t const * input, fd_sbpf_syscalls_new( aligned_alloc( fd_sbpf_syscalls_align(), fd_sbpf_syscalls_footprint() ) ) ); - fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual(), input->reject_callx_r10 ); + fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual() ); int vm_ok = !!fd_vm_init( /* vm */ vm, diff --git a/src/flamenco/vm/test_vm_interp.c b/src/flamenco/vm/test_vm_interp.c index 04bef18d49..ec191af8ca 100644 --- a/src/flamenco/vm/test_vm_interp.c +++ b/src/flamenco/vm/test_vm_interp.c @@ -219,7 +219,7 @@ test_0cu_exit( void ) { fd_vm_instr( FD_SBPF_OP_EXIT, 0, 0, 0, 0 ) }; ulong text_cnt = 3UL; - fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual(), false /* not tested here*/ ); + fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual() ); /* Ensure the VM exits with success if the CU count after the final exit instruction reaches zero. */ @@ -295,7 +295,7 @@ main( int argc, fd_sbpf_syscalls_t * syscalls = fd_sbpf_syscalls_join( fd_sbpf_syscalls_new( _syscalls ) ); FD_TEST( syscalls ); - fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual(), false ); + fd_exec_instr_ctx_t * instr_ctx = test_vm_minimal_exec_instr_ctx( fd_libc_alloc_virtual() ); FD_TEST( fd_vm_syscall_register( syscalls, "accumulator", accumulator_syscall )==FD_VM_SUCCESS ); diff --git a/src/flamenco/vm/test_vm_util.c b/src/flamenco/vm/test_vm_util.c index 7eb5ac09b1..a5a5d552ed 100644 --- a/src/flamenco/vm/test_vm_util.c +++ b/src/flamenco/vm/test_vm_util.c @@ -7,8 +7,7 @@ For now, we just need to setup feature flags. */ fd_exec_instr_ctx_t * test_vm_minimal_exec_instr_ctx( - fd_valloc_t valloc, - int reject_callx_r10 ) { + fd_valloc_t valloc ) { void * _ctx = fd_exec_instr_ctx_new( fd_valloc_malloc( valloc, FD_EXEC_INSTR_CTX_ALIGN, FD_EXEC_INSTR_CTX_FOOTPRINT ) ); @@ -44,9 +43,7 @@ test_vm_minimal_exec_instr_ctx( /* Setup feature flags */ fd_features_disable_all( &epoch_ctx->features ); - if ( reject_callx_r10 ) { - fd_features_set( &epoch_ctx->features, fd_feature_id_query(TEST_VM_REJECT_CALLX_R10_FEATURE_PREFIX), 0UL ); - } + fd_features_set( &epoch_ctx->features, fd_feature_id_query(TEST_VM_REJECT_CALLX_R10_FEATURE_PREFIX), 0UL ); return ctx; } diff --git a/src/flamenco/vm/test_vm_util.h b/src/flamenco/vm/test_vm_util.h index c011353ba5..ceae24c384 100644 --- a/src/flamenco/vm/test_vm_util.h +++ b/src/flamenco/vm/test_vm_util.h @@ -9,8 +9,7 @@ fd_exec_instr_ctx_t * test_vm_minimal_exec_instr_ctx( - fd_valloc_t valloc, - int reject_callx_r10 + fd_valloc_t valloc ); void