Skip to content
This repository has been archived by the owner on Jan 13, 2025. It is now read-only.

Switch programs activation to whole-set based gating #11736

Closed
wants to merge 6 commits into from

Conversation

ryoqun
Copy link
Contributor

@ryoqun ryoqun commented Aug 20, 2020

Problem

get_entered_epoch_callback isn't called when restoring from snapshots, which is too confusing and error-prone.
Also, we can't simply call it immediately after snapshot restoration because it expects to be called exactly once at each epoch boundary

get_programs and get_builtins returns delta set. i.e. add these new additions of programs to the current available set at the given epoch. This works nicely in the ideal world, where we're running the validator since genesis without ever restarting a perfect bug-free validator.

In reality, we must rely on snapshots 99.999% of time. When restoring from snapshots, the delta set doesn't work quite: we don't persist the current available set (namely bank.message_processor is effectively serde(skip)).

Summary of Changes

So, just reflect the reality by making these functions snapshot-friendly by returning whole-set of available programs at the given epoch. And make it callable from finish_init(), which is called after snapshot restoration.

Also, fix a bunch of other dangerous code along the way.

Also, this is intended to be back-port friendly; so the fix is intentionally not exhaustive. Still, get_entered_epoch_callback is a bit error-prone. Specifically, it must be idempotent. (We could solve this by artificially introducing some intermediate struct like ScheduledBankFeatures or the like instead of mind-opening way of passing &mut Bank).

Fixes #

// The epoch of std::u64::MAX is a placeholder and is expected
// to be reduced in a future network update.
Some(vec![
programs.extend(vec![
Program::BuiltinLoader(solana_bpf_loader_program!()),
Program::Native(solana_vest_program!()),
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to this code, mainnet-beta has yet to enable smart-contracts... ;)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, @mvines indicated that it was enabled on a branch at some point for mainnet and therefore now part of the ledger

@@ -584,6 +574,7 @@ impl Bank {
if !new.fix_recent_blockhashes_sysvar_delay() {
new.update_recent_blockhashes();
}
dbg!(&new.message_processor);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ouch.

@@ -3178,6 +3165,20 @@ impl Bank {
consumed_budget.saturating_sub(budget_recovery_delta)
}

// This is called from snapshot restore and for each epoch boundary
// The entire code path herein must be idempotent
pub fn refresh_programs_and_inflation(&mut self) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NIT: I have a feeling this name won't age well. Maybe something like apply_feature_activations() ?

@ryoqun
Copy link
Contributor Author

ryoqun commented Aug 20, 2020

out of scope of this pr todos:

Some(vec![Program::BuiltinLoader(solana_bpf_loader_program!())])
} else {
None
programs.extend(vec![Program::BuiltinLoader(solana_bpf_loader_program!())]);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this added to the list twice?

OperatingMode::Preview => {
if epoch == std::u64::MAX {
OperatingMode::Stable => {
// at which epoch, bpf_loader_program is enabled??
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mvines Do you know at what epoch the bpf loader was added?

Also, @ryoqun At whatever epoch that is ^^ we should be adding solana_bpf_loader_deprecated_program because on tip that is the original loader.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the original loader was enabled in epoch 34

if epoch == 34 {

@mvines Does this jive with what you would expect?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ryoqun I pushed changes to this to solana/fragile-programs-gating

native_programs
}

fn recheck_cross_program_support(bank: &mut Bank) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not leave this logic in the bank?

@jackcmay
Copy link
Contributor

@ryoqun I'm not too familiar with the snapshot test coverage, can we add tests to recreate the scenario we ran into last night?

@ryoqun
Copy link
Contributor Author

ryoqun commented Aug 20, 2020

Specifically, newer snapshot restoration code is now using MessageProcessor::default() here: https://github.com/solana-labs/solana/blob/master/runtime/src/serde_snapshot/future.rs#L188

}

for program in get_builtins(self.operating_mode(), self.epoch()) {
self.add_builtin(&program.name, program.id, program.entrypoint);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding the same programs at every epoch is going to fail because the account already exists. Looks like the bank hash ci failure is related, looking into it.

@jackcmay
Copy link
Contributor

@ryoqun Closing to switch to the branch in the solana repo:

#11750

Comment on lines -143 to -147
if OperatingMode::Stable == operating_mode {
bank.set_cross_program_support(bank.epoch() >= 63);
} else {
bank.set_cross_program_support(true);
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants