204 lines
7.4 KiB
Rust
204 lines
7.4 KiB
Rust
//! The accounts data space has a maximum size it is permitted to grow to. This module contains
|
|
//! the constants and types for tracking and metering the accounts data space during program
|
|
//! runtime.
|
|
use solana_sdk::instruction::InstructionError;
|
|
|
|
/// The maximum allowed size, in bytes, of the accounts data
|
|
/// 128 GB was chosen because it is the RAM amount listed under Hardware Recommendations on
|
|
/// [Validator Requirements](https://docs.solana.com/running-validator/validator-reqs), and
|
|
/// validators often put the ledger on a RAM disk (i.e. tmpfs).
|
|
pub const MAX_ACCOUNTS_DATA_LEN: u64 = 128_000_000_000;
|
|
|
|
/// Meter and track the amount of available accounts data space
|
|
#[derive(Debug, Default, Clone, Copy, Eq, PartialEq)]
|
|
pub struct AccountsDataMeter {
|
|
/// The maximum amount of accounts data space that can be used (in bytes)
|
|
maximum: u64,
|
|
|
|
/// The initial amount of accounts data space used (in bytes)
|
|
initial: u64,
|
|
|
|
/// The amount of accounts data space that has changed since `initial` (in bytes)
|
|
delta: i64,
|
|
}
|
|
|
|
impl AccountsDataMeter {
|
|
/// Make a new AccountsDataMeter
|
|
#[must_use]
|
|
pub fn new(initial_accounts_data_len: u64) -> Self {
|
|
let accounts_data_meter = Self {
|
|
maximum: MAX_ACCOUNTS_DATA_LEN,
|
|
initial: initial_accounts_data_len,
|
|
delta: 0,
|
|
};
|
|
debug_assert!(accounts_data_meter.initial <= accounts_data_meter.maximum);
|
|
accounts_data_meter
|
|
}
|
|
|
|
/// Return the maximum amount of accounts data space that can be used (in bytes)
|
|
pub fn maximum(&self) -> u64 {
|
|
self.maximum
|
|
}
|
|
|
|
/// Return the initial amount of accounts data space used (in bytes)
|
|
pub fn initial(&self) -> u64 {
|
|
self.initial
|
|
}
|
|
|
|
/// Return the amount of accounts data space that has changed (in bytes)
|
|
pub fn delta(&self) -> i64 {
|
|
self.delta
|
|
}
|
|
|
|
/// Return the current amount of accounts data space used (in bytes)
|
|
pub fn current(&self) -> u64 {
|
|
/// NOTE: Mixed integer ops currently not stable, so copying the impl.
|
|
/// * https://github.com/rust-lang/rust/issues/87840
|
|
/// * https://github.com/a1phyr/rust/blob/47edde1086412b36e9efd6098b191ec15a2a760a/library/core/src/num/uint_macros.rs#L1039-L1048
|
|
const fn saturating_add_signed(lhs: u64, rhs: i64) -> u64 {
|
|
let (res, overflow) = lhs.overflowing_add(rhs as u64);
|
|
if overflow == (rhs < 0) {
|
|
res
|
|
} else if overflow {
|
|
u64::MAX
|
|
} else {
|
|
u64::MIN
|
|
}
|
|
}
|
|
saturating_add_signed(self.initial, self.delta)
|
|
}
|
|
|
|
/// Get the remaining amount of accounts data space (in bytes)
|
|
pub fn remaining(&self) -> u64 {
|
|
self.maximum.saturating_sub(self.current())
|
|
}
|
|
|
|
/// Consume accounts data space, in bytes. If `amount` is positive, we are *increasing* the
|
|
/// amount of accounts data space used. If `amount` is negative, we are *decreasing* the
|
|
/// amount of accounts data space used. If `amount` is greater than the remaining space,
|
|
/// return an error and *do not* consume more accounts data space.
|
|
pub fn consume(&mut self, amount: i64) -> Result<(), InstructionError> {
|
|
if amount > self.remaining() as i64 {
|
|
return Err(InstructionError::AccountsDataBudgetExceeded);
|
|
}
|
|
self.consume_unchecked(amount);
|
|
Ok(())
|
|
}
|
|
|
|
/// Unconditionally consume accounts data space. Refer to `consume()` for more documentation.
|
|
pub fn consume_unchecked(&mut self, amount: i64) {
|
|
self.delta = self.delta.saturating_add(amount);
|
|
}
|
|
}
|
|
|
|
#[cfg(test)]
|
|
impl AccountsDataMeter {
|
|
pub fn set_maximum(&mut self, maximum: u64) {
|
|
self.maximum = maximum;
|
|
}
|
|
pub fn set_initial(&mut self, initial: u64) {
|
|
self.initial = initial;
|
|
}
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use super::*;
|
|
|
|
#[test]
|
|
fn test_new() {
|
|
let initial = 1234;
|
|
let accounts_data_meter = AccountsDataMeter::new(initial);
|
|
assert_eq!(accounts_data_meter.maximum, MAX_ACCOUNTS_DATA_LEN);
|
|
assert_eq!(accounts_data_meter.initial, initial);
|
|
}
|
|
|
|
#[test]
|
|
fn test_new_can_use_max_len() {
|
|
let _ = AccountsDataMeter::new(MAX_ACCOUNTS_DATA_LEN);
|
|
}
|
|
|
|
#[test]
|
|
#[should_panic]
|
|
fn test_new_panics_if_initial_len_too_big() {
|
|
let _ = AccountsDataMeter::new(MAX_ACCOUNTS_DATA_LEN + 1);
|
|
}
|
|
|
|
#[test]
|
|
fn test_remaining() {
|
|
let initial_accounts_data_len = 0;
|
|
let accounts_data_meter = AccountsDataMeter::new(initial_accounts_data_len);
|
|
assert_eq!(accounts_data_meter.remaining(), MAX_ACCOUNTS_DATA_LEN);
|
|
}
|
|
|
|
#[test]
|
|
fn test_remaining_saturates() {
|
|
let initial_accounts_data_len = 0;
|
|
let mut accounts_data_meter = AccountsDataMeter::new(initial_accounts_data_len);
|
|
// To test that remaining() saturates, need to break the invariant that initial <= maximum
|
|
accounts_data_meter.initial = MAX_ACCOUNTS_DATA_LEN + 1;
|
|
assert_eq!(accounts_data_meter.remaining(), 0);
|
|
}
|
|
|
|
#[test]
|
|
fn test_consume() {
|
|
let initial_accounts_data_len = 0;
|
|
let mut accounts_data_meter = AccountsDataMeter::new(initial_accounts_data_len);
|
|
|
|
// Test: simple, positive numbers
|
|
let result = accounts_data_meter.consume(0);
|
|
assert!(result.is_ok());
|
|
let result = accounts_data_meter.consume(1);
|
|
assert!(result.is_ok());
|
|
let result = accounts_data_meter.consume(4);
|
|
assert!(result.is_ok());
|
|
let result = accounts_data_meter.consume(9);
|
|
assert!(result.is_ok());
|
|
|
|
// Test: can consume the remaining amount
|
|
let remaining = accounts_data_meter.remaining() as i64;
|
|
let result = accounts_data_meter.consume(remaining);
|
|
assert!(result.is_ok());
|
|
assert_eq!(accounts_data_meter.remaining(), 0);
|
|
}
|
|
|
|
#[test]
|
|
fn test_consume_deallocate() {
|
|
let initial_accounts_data_len = 10_000;
|
|
let mut accounts_data_meter = AccountsDataMeter::new(initial_accounts_data_len);
|
|
let remaining_before = accounts_data_meter.remaining();
|
|
|
|
let amount = (initial_accounts_data_len / 2) as i64;
|
|
let amount = -amount;
|
|
let result = accounts_data_meter.consume(amount);
|
|
assert!(result.is_ok());
|
|
let remaining_after = accounts_data_meter.remaining();
|
|
assert_eq!(remaining_after, remaining_before + amount.abs() as u64);
|
|
}
|
|
|
|
#[test]
|
|
fn test_consume_too_much() {
|
|
let initial_accounts_data_len = 0;
|
|
let mut accounts_data_meter = AccountsDataMeter::new(initial_accounts_data_len);
|
|
|
|
// Test: consuming more than what's available (1) returns an error, (2) does not consume
|
|
let remaining = accounts_data_meter.remaining();
|
|
let result = accounts_data_meter.consume(remaining as i64 + 1);
|
|
assert!(result.is_err());
|
|
assert_eq!(accounts_data_meter.remaining(), remaining);
|
|
}
|
|
|
|
#[test]
|
|
fn test_consume_zero() {
|
|
// Pre-condition: set up the accounts data meter such that there is no remaining space
|
|
let initial_accounts_data_len = 1234;
|
|
let mut accounts_data_meter = AccountsDataMeter::new(initial_accounts_data_len);
|
|
accounts_data_meter.maximum = initial_accounts_data_len;
|
|
assert_eq!(accounts_data_meter.remaining(), 0);
|
|
|
|
// Test: can always consume zero, even if there is no remaining space
|
|
let result = accounts_data_meter.consume(0);
|
|
assert!(result.is_ok());
|
|
}
|
|
}
|