Skip to content

v3.0: Fix - Restrict address space of sysvar syscalls in SIMD-0219 (backport of #7832)#7959

Merged
Lichtso merged 2 commits into
v3.0from
mergify/bp/v3.0/pr-7832
Sep 11, 2025
Merged

v3.0: Fix - Restrict address space of sysvar syscalls in SIMD-0219 (backport of #7832)#7959
Lichtso merged 2 commits into
v3.0from
mergify/bp/v3.0/pr-7832

Conversation

@mergify
Copy link
Copy Markdown

@mergify mergify Bot commented Sep 9, 2025

Problem

ABI v1 aligns the account input region to 8 bytes. Direct mapping however uses the account data allocations which align to at least 16 bytes. Syscalls check the host alignment of translated pointers. This means that syscalls which require a 16 byte alignment suddenly pass the alignment check even if their virtual address is only divisible by 8 but not 16. Currently, only the sysvars syscall has a 16 byte alignment requirement. Thus, preventing that from accessing the account input section masks this behavior.

The SDK uses the stack as destination except for the generic get_sysvar() syscall, which could have the account input region as destination. Also, see section "Syscall parameters" in SIMD-0219.

Summary of Changes

Restricts the var_addr parameter of all sysvar syscalls when stricter_abi_and_runtime_constraints is active.

This is an automatic backport of pull request #7832 done by [Mergify](https://mergify.com).

@Lichtso @mergify
Fix - Restrict address space of sysvar syscalls in SIMD-0219 (#7832)
61d1c3c 
* Restrict address space of sysvar syscalls as well (similar to CPI).

* Adds a test for the new restriction.

(cherry picked from commit 2581e3f)
@mergify mergify Bot assigned Lichtso Sep 9, 2025
@mergify mergify Bot requested a review from a team as a code owner September 9, 2025 06:49
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Sep 9, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 42.85714% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 83.4%. Comparing base (bec0de9) to head (a0d1920).

Additional details and impacted files 
@@           Coverage Diff           @@
##             v3.0    #7959   +/-   ##
=======================================
  Coverage    83.4%    83.4%           
=======================================
  Files         810      810           
  Lines      365311   365317    +6     
=======================================
+ Hits       304985   304994    +9     
+ Misses      60326    60323    -3
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@Lichtso Lichtso requested a review from a team September 9, 2025 13:41
buffalojoec
buffalojoec previously approved these changes Sep 9, 2025
View reviewed changes
LucasSte
LucasSte previously approved these changes Sep 9, 2025
View reviewed changes
@Lichtso Lichtso dismissed stale reviews from LucasSte and buffalojoec via a0d1920 September 10, 2025 16:28
@buffalojoec
Copy link
Copy Markdown

buffalojoec commented Sep 10, 2025

Should the rekey be part of the same backport PR?

@Lichtso
Copy link
Copy Markdown

Lichtso commented Sep 10, 2025

Yep, discussed it on the backports meeting.

@Lichtso Lichtso merged commit 01781bb into v3.0 Sep 11, 2025
42 checks passed
@Lichtso Lichtso deleted the mergify/bp/v3.0/pr-7832 branch September 11, 2025 14:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bw-solana bw-solana bw-solana approved these changes

@buffalojoec buffalojoec buffalojoec approved these changes

@LucasSte LucasSte LucasSte left review comments

Assignees

@Lichtso Lichtso

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@codecov-commenter @buffalojoec @Lichtso @LucasSte @bw-solana