Drop write lock on sysvars #15497
Drop write lock on sysvars #15497
Conversation
Codecov Report
@@ Coverage Diff @@
## master #15497 +/- ##
========================================
Coverage 80.0% 80.0%
========================================
Files 410 410
Lines 109501 109611 +110
========================================
+ Hits 87676 87781 +105
- Misses 21825 21830 +5 |
sdk/program/src/message.rs
Outdated
| @@ -335,7 +335,7 @@ impl Message { | |||
| let mut writable_keys = vec![]; | |||
| let mut readonly_keys = vec![]; | |||
| for (i, key) in self.account_keys.iter().enumerate() { | |||
| if self.is_writable(i) { | |||
| if self.is_writable(i) && !crate::sysvar::is_sysvar_id(key) { | |||
There was a problem hiding this comment.
Wouldn't it make sense to reject all together the ones which write-lock sysvar earlier?
e.g. in sanitize or like the ones with duplicate keys here:
https://github.com/solana-labs/solana/blob/34bebb7d0/runtime/src/accounts.rs#L794-L796
There was a problem hiding this comment.
That's an option, but it would be a change of behavior which would break some applications on mainnet.
behzadnouri
force-pushed
the
drop-sysvar-write-lock
branch
2 times, most recently
from
e51c2ea to
c5514ae
Compare
|
Do we still just record TX success/failure as a bool? Should be fine if so. Otherwise I'm wondering if this would change the error type in cases where a program attempt to write to a sysvar |
bool? there is an error code. |
|
I moved the demote logic to |
Ok. Can you plumb the feature gate and also write a test to verify the error behavior is the same before and after this change for the case of referencing and writing to a sysvar? cc @behzadnouri |
@sakridge which bank should we use to look up the feature-set? |
behzadnouri
force-pushed
the
drop-sysvar-write-lock
branch
from
752b506 to
415482a
Compare
|
@sakridge I added a feature gate for the write-lock demotion.
|
Ok. thanks. Yes the same bank which the process_transactions is going through. So it's from blockstore_processor from the replay side, or banking_stage from the TPU side. |
| transaction.message.get_account_keys_by_lock_type(); | ||
| let (writable_keys, readonly_keys) = transaction | ||
| .message | ||
| .get_account_keys_by_lock_type(bank.demote_sysvar_write_locks()); |
There was a problem hiding this comment.
@CriesofCarrots @mvines I think this will affect how it shows in the explorer. Should we show sysvar as demoted to read locked even if it is write in the transaction? or as the original raw write lock?
There was a problem hiding this comment.
My preference would be to show sysvar accounts as they were processed, so demoted to read-locked.
I looked at the code, I think it looks right. I think we might want to demote for the builtin keys as well: |
Added the builtin keys. I had to copy over keys because direct references create cyclical build dependency. |
| transaction.message.get_account_keys_by_lock_type(); | ||
| let (writable_keys, readonly_keys) = transaction | ||
| .message | ||
| .get_account_keys_by_lock_type(bank.demote_sysvar_write_locks()); |
There was a problem hiding this comment.
My preference would be to show sysvar accounts as they were processed, so demoted to read-locked.
sdk/program/src/message.rs
Outdated
| "Vest111111111111111111111111111111111111111", | ||
| "Vote111111111111111111111111111111111111111", | ||
| "ownab1e111111111111111111111111111111111111", | ||
| ] |
There was a problem hiding this comment.
Should the SystemProgram be included here?
behzadnouri
force-pushed
the
drop-sysvar-write-lock
branch
2 times, most recently
from
6ed66da to
f1f9611
Compare
|
@behzadnouri (CC: @sakridge ), I think this pr starts to prohibit this currently-allowed-but-bizarre tx: sending lamports to sysvars. I think it's ok to prohibit that in the future for the sake of performance. Could you add such a test? (Ah, also please check that capitalization isn't messed up by that, too.) |
@ryoqun do you see any more serious consequences from that or similar transactions? e.g. breaking already deployed programs, or conflicting block producers vs validators? |
behzadnouri
force-pushed
the
drop-sysvar-write-lock
branch
from
f1f9611 to
c826001
Compare
Yea. I dont' think there are any use-cases of transferring lamports to sysvar accounts and I haven't seen any on-chain. Although, I haven't done any kind of scan for it. It would be a good idea to have a test to see what happens in this pathway before and after this change in terms of the capitalization and error behavior though. Both of modifying sysvar data and lamports values. With the feature cutoff I would think there shouldn't be any difference of behavior with block producer and validator since they would be activated at the same time. |
Co-authored-by: Michael Vines <mvines@gmail.com>
…on/encoding methods" This reverts commit ae3e2d2.
sakridge
force-pushed
the
drop-sysvar-write-lock
branch
from
da8c685 to
e2130ff
Compare
mergify
bot
dismissed stale reviews from CriesofCarrots and ryoqun
Pull request has been modified.
* Drop write lock on sysvars * adds env var for demoting sysvar write lock demotion * moves demote logic to is_writable * feature gates sysvar write lock demotion * adds builtins to write lock demotion * adds system program id to builtins * adds Feature111... * adds an abi-freeze test * mvines set of builtin program keys Co-authored-by: Michael Vines <mvines@gmail.com> * update tests * adds bpf loader keys * Add test sysvar * Plumb demote_sysvar to is_writable * more plumbing of demote_sysvar_write_locks to is_writable * patches test_program_bpf_instruction_introspection * hard codes demote_sysvar_write_locks to false for serialization/encoding methods * Revert "hard codes demote_sysvar_write_locks to false for serialization/encoding methods" This reverts commit ae3e2d2. * change the hardcoded ones to demote_sysvar_write_locks=true * Use data_as_mut_slice Co-authored-by: behzad nouri <behzadnouri@gmail.com> Co-authored-by: Michael Vines <mvines@gmail.com> (cherry picked from commit 54c68ea)
* Drop write lock on sysvars * adds env var for demoting sysvar write lock demotion * moves demote logic to is_writable * feature gates sysvar write lock demotion * adds builtins to write lock demotion * adds system program id to builtins * adds Feature111... * adds an abi-freeze test * mvines set of builtin program keys Co-authored-by: Michael Vines <mvines@gmail.com> * update tests * adds bpf loader keys * Add test sysvar * Plumb demote_sysvar to is_writable * more plumbing of demote_sysvar_write_locks to is_writable * patches test_program_bpf_instruction_introspection * hard codes demote_sysvar_write_locks to false for serialization/encoding methods * Revert "hard codes demote_sysvar_write_locks to false for serialization/encoding methods" This reverts commit ae3e2d2. * change the hardcoded ones to demote_sysvar_write_locks=true * Use data_as_mut_slice Co-authored-by: behzad nouri <behzadnouri@gmail.com> Co-authored-by: Michael Vines <mvines@gmail.com> (cherry picked from commit 54c68ea) Co-authored-by: sakridge <sakridge@gmail.com>
Problem
Programs can't write to sysvars and taking a write lock on them can make batch sizes smaller than they should be.
Summary of Changes
Lower write lock to read lock for sysvars.
Fixes #