pallet-balances: Clean up empty reserves & do not send the same event twice#12318
Open
bkchr wants to merge 2 commits into
Open
pallet-balances: Clean up empty reserves & do not send the same event twice#12318bkchr wants to merge 2 commits into
bkchr wants to merge 2 commits into
Conversation
… twice When reserves are cleared, the corresponding storage should be cleaned up as well. So, we do not run into `MaxReserves` with only empty reserves. This pull request also fixes the double sending of the same event when slashing a reserved amount.
Member
Author
|
/cmd prdoc --audience runtime_dev --bump patch |
…time_dev --bump patch'
shawntabrizi
approved these changes
Jun 10, 2026
dhirajs0
approved these changes
Jun 10, 2026
Comment on lines
+951
to
+956
| reserves | ||
| .try_insert( | ||
| index, | ||
| ReserveData { id: *id, amount: actual }, | ||
| ) | ||
| .map_err(|_| Error::<T, I>::TooManyReserves)?; |
Contributor
There was a problem hiding this comment.
Small asymmetry: the beneficiary try_insert isn't guarded, so when repatriate_reserved moves nothing (actual == 0 under Polite, e.g. reserved funds frozen) we insert a zero-amount entry on the receiver — the same leak this PR fixes on the slashed side, just mirrored. One-line guard (if !actual.is_zero()) keeps it symmetric. Low priority since the only in-tree caller uses Status::Free. Intentional?
Failing repro (red on this branch, green with the guard)
#[test]
fn repatriate_reserved_named_reserved_status_does_not_leak_empty_beneficiary_entry() {
ExtBuilder::default().build_and_execute_with(|| {
let _ = Balances::deposit_creating(&1, 111);
let _ = Balances::deposit_creating(&2, 100);
// Account 1 holds a named reserve `Foo = 10` (free 101, reserved 10).
assert_ok!(Balances::reserve_named(&TestId::Foo, &1, 10));
assert_eq!(Balances::reserved_balance_named(&TestId::Foo, &1), 10);
// Freeze the whole balance so the reserved funds are unmovable
Balances::set_lock(ID_1, &1, 111, WithdrawReasons::all());
// Beneficiary 2 has no entry under `Foo`, so the insert path is taken.
assert!(Balances::reserves(&2).is_empty());
// Nothing can move, so `actual == 0` and the call returns the full value.
assert_eq!(
Balances::repatriate_reserved_named(&TestId::Foo, &1, &2, 10, Reserved).unwrap(),
10,
);
assert_eq!(Balances::reserved_balance_named(&TestId::Foo, &2), 0);
// Since nothing moved, the beneficiary must NOT gain a named-reserve entry.
assert!(
Balances::reserves(&2).is_empty(),
"no balance moved, so the beneficiary must not gain a named-reserve entry",
);
// No `MaxReserves` (= 2) slot was leaked, so two real reserves still fit.
assert_ok!(Balances::reserve_named(&TestId::Bar, &2, 5));
assert_ok!(Balances::reserve_named(&TestId::Baz, &2, 5));
});
}I have pushed this as a branch (repatriate-reserved-named-empty-entry-repro) if you'd rather run it directly.
ggwpez
approved these changes
Jun 10, 2026
| slashed, | ||
| |maybe_reserves| -> Result<Self::Balance, DispatchError> { | ||
| let Some(reserves) = maybe_reserves.as_mut() else { return Ok(value) }; | ||
| match reserves.binary_search_by_key(id, |data| data.id) { |
Member
There was a problem hiding this comment.
Could be another let else since the Err(_) match is trivial.
| Ok(index) => { | ||
| let to_change = cmp::min(reserves[index].amount, value); | ||
|
|
||
| let actual = if status == Status::Reserved { |
Member
There was a problem hiding this comment.
nit: could be a match to hard-error if a variant is ever added to Status.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When reserves are cleared, the corresponding storage should be cleaned up as well. So, we do not run into
MaxReserveswith only empty reserves. This pull request also fixes the double sending of the same event when slashing a reserved amount.