2021-02-28 12:55:31 -07:00
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
|
|
here="$(dirname "$0")"
|
|
|
|
|
src_root="$(readlink -f "${here}/..")"
|
|
|
|
|
|
|
|
|
|
cd "${src_root}"
|
|
|
|
|
|
|
|
|
|
cargo_audit_ignores=(
|
|
|
|
|
# failure is officially deprecated/unmaintained
|
|
|
|
|
#
|
|
|
|
|
# Blocked on multiple upstream crates removing their `failure` dependency.
|
|
|
|
|
--ignore RUSTSEC-2020-0036
|
|
|
|
|
|
|
|
|
|
# `net2` crate has been deprecated; use `socket2` instead
|
|
|
|
|
#
|
|
|
|
|
# Blocked on https://github.com/paritytech/jsonrpc/issues/575
|
|
|
|
|
--ignore RUSTSEC-2020-0016
|
|
|
|
|
|
|
|
|
|
# stdweb is unmaintained
|
|
|
|
|
#
|
|
|
|
|
# Blocked on multiple upstream crates removing their `stdweb` dependency.
|
|
|
|
|
--ignore RUSTSEC-2020-0056
|
|
|
|
|
|
|
|
|
|
# Potential segfault in the time crate
|
|
|
|
|
#
|
|
|
|
|
# Blocked on multiple crates updating `time` to >= 0.2.23
|
|
|
|
|
--ignore RUSTSEC-2020-0071
|
|
|
|
|
|
|
|
|
|
# generic-array: arr! macro erases lifetimes
|
|
|
|
|
#
|
|
|
|
|
# Blocked on libsecp256k1 releasing with upgraded dependencies
|
|
|
|
|
# https://github.com/paritytech/libsecp256k1/issues/66
|
|
|
|
|
--ignore RUSTSEC-2020-0146
|
|
|
|
|
|
2021-08-09 18:22:28 -06:00
|
|
|
# hyper: Lenient `hyper` header parsing of `Content-Length` could allow request smuggling
|
|
|
|
|
#
|
|
|
|
|
# Blocked on jsonrpc removing dependency on unmaintained `websocket`
|
|
|
|
|
# https://github.com/paritytech/jsonrpc/issues/605
|
|
|
|
|
--ignore RUSTSEC-2021-0078
|
|
|
|
|
|
|
|
|
|
# hyper: Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss
|
|
|
|
|
#
|
|
|
|
|
# Blocked on jsonrpc removing dependency on unmaintained `websocket`
|
|
|
|
|
# https://github.com/paritytech/jsonrpc/issues/605
|
|
|
|
|
--ignore RUSTSEC-2021-0079
|
Cost model 1.7 (#20188)
* Cost Model to limit transactions which are not parallelizeable (#16694)
* * Add following to banking_stage:
1. CostModel as immutable ref shared between threads, to provide estimated cost for transactions.
2. CostTracker which is shared between threads, tracks transaction costs for each block.
* replace hard coded program ID with id() calls
* Add Account Access Cost as part of TransactionCost. Account Access cost are weighted differently between read and write, signed and non-signed.
* Establish instruction_execution_cost_table, add function to update or insert instruction cost, unit tested. It is read-only for now; it allows Replay to insert realtime instruction execution costs to the table.
* add test for cost_tracker atomically try_add operation, serves as safety guard for future changes
* check cost against local copy of cost_tracker, return transactions that would exceed limit as unprocessed transaction to be buffered; only apply bank processed transactions cost to tracker;
* bencher to new banking_stage with max cost limit to allow cost model being hit consistently during bench iterations
* replay stage feed back program cost (#17731)
* replay stage feeds back realtime per-program execution cost to cost model;
* program cost execution table is initialized into empty table, no longer populated with hardcoded numbers;
* changed cost unit to microsecond, using value collected from mainnet;
* add ExecuteCostTable with fixed capacity for security concern, when its limit is reached, programs with old age AND less occurrence will be pushed out to make room for new programs.
* investigate system performance test degradation (#17919)
* Add stats and counter around cost model ops, mainly:
- calculate transaction cost
- check transaction can fit in a block
- update block cost tracker after transactions are added to block
- replay_stage to update/insert execution cost to table
* Change mutex on cost_tracker to RwLock
* removed cloning cost_tracker for local use, as the metrics show clone is very expensive.
* acquire and hold locks for block of TXs, instead of acquire and release per transaction;
* remove redundant would_fit check from cost_tracker update execution path
* refactor cost checking with less frequent lock acquiring
* avoid many Transaction_cost heap allocation when calculate cost, which
is in the hot path - executed per transaction.
* create hashmap with new_capacity to reduce runtime heap realloc.
* code review changes: categorize stats, replace explicit drop calls, concisely initiate to default
* address potential deadlock by acquiring locks one at time
* Persist cost table to blockstore (#18123)
* Add `ProgramCosts` Column Family to blockstore, implement LedgerColumn; add `delete_cf` to Rocks
* Add ProgramCosts to compaction excluding list alone side with TransactionStatusIndex in one place: `excludes_from_compaction()`
* Write cost table to blockstore after `replay_stage` replayed active banks; add stats to measure persist time
* Deletes program from `ProgramCosts` in blockstore when they are removed from cost_table in memory
* Only try to persist to blockstore when cost_table is changed.
* Restore cost table during validator startup
* Offload `cost_model` related operations from replay main thread to dedicated service thread, add channel to send execute_timings between these threads;
* Move `cost_update_service` to its own module; replay_stage is now decoupled from cost_model.
* log warning when channel send fails (#18391)
* Aggregate cost_model into cost_tracker (#18374)
* * aggregate cost_model into cost_tracker, decouple it from banking_stage to prevent accidental deadlock. * Simplified code, removed unused functions
* review fixes
* update ledger tool to restore cost table from blockstore (#18489)
* update ledger tool to restore cost model from blockstore when compute-slot-cost
* Move initialize_cost_table into cost_model, so the function can be tested and shared between validator and ledger-tool
* refactor and simplify a test
* manually fix merge conflicts
* Per-program id timings (#17554)
* more manual fixing
* solve a merge conflict
* featurize cost model
* more merge fix
* cost model uses compute_unit to replace microsecond as cost unit
(#18934)
* Reject blocks for costs above the max block cost (#18994)
* Update block max cost limit to fix performance regession (#19276)
* replace function with const var for better readability (#19285)
* Add few more metrics data points (#19624)
* periodically report sigverify_stage stats (#19674)
* manual merge
* cost model nits (#18528)
* Accumulate consumed units (#18714)
* tx wide compute budget (#18631)
* more manual merge
* ignore zerorize drop security
* - update const cost values with data collected by #19627
- update cost calculation to closely proposed fee schedule #16984
* add transaction cost histogram metrics (#20350)
* rebase to 1.7.15
* add tx count and thread id to stats (#20451)
each stat reports and resets when slot changes
* remove cost_model feature_set
* ignore vote transactions from cost model
Co-authored-by: sakridge <sakridge@gmail.com>
Co-authored-by: Jeff Biseda <jbiseda@gmail.com>
Co-authored-by: Jack May <jack@solana.com>
2021-10-06 15:11:41 -05:00
|
|
|
|
2021-10-18 15:29:12 -05:00
|
|
|
# chrono: Potential segfault in `localtime_r` invocations
|
|
|
|
|
#
|
|
|
|
|
# Blocked due to no safe upgrade
|
|
|
|
|
# https://github.com/chronotope/chrono/issues/499
|
|
|
|
|
--ignore RUSTSEC-2020-0159
|
|
|
|
|
|
2021-02-28 12:55:31 -07:00
|
|
|
)
|
2021-04-07 14:45:03 +08:00
|
|
|
scripts/cargo-for-all-lock-files.sh stable audit "${cargo_audit_ignores[@]}"
|