refactor: use _MiB/_GiB consistently for byte conversions

[l0rinc]

Problem

Byte-size conversions in the codebase currently show up in many equivalent formats (multiplication/division chains, shifts, hex/binary literals), which creates a maintenance burden and makes review error-prone - especially considering the architectural differences of size_t.
Inspired by #34305 (comment), it seemed appropriate to unify Mebibyte usage across the codebase and add Gibibyte support with 32/64 bit size_t validation.

Fix

This PR refactors those call sites to use ""_MiB (existing) and ""_GiB (new), and adds the encountered value/pattern replacements to unit tests to make review straightforward, and to ensure the conversions remain valid.
The literals are overflow-checked when converting to size_t, and unit tests cover the 32-bit boundary cases.

Concretely, it replaces patterns such as:

• 1024*1024, 1<<20, 0x100000, 1048576, / 1024 / 1024, * (1.0 / 1024 / 1024) → 1_MiB or double(1_MiB)
• 1024*1024*1024, 1<<30, 0x40000000, 1024_MiB, >> 30 → 1_GiB

Note

In the few places where arithmetic involves signed values, the result is identical to the previous code assuming those quantities never become negative.

[DrahtBot]

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Reviews

See the guideline for information on the review process.

Type	Reviewers
Concept ACK	sedited
Stale ACK	hodlinator

If your review is incorrectly listed, please copy-paste <!--meta-tag:bot-skip--> into the comment that the bot should ignore.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #34641 (node: scale default -dbcache with system RAM by l0rinc)
• #34639 (iwyu: Document or remove some pragma: export and other improvements by hebasto)
• #34448 (ci, iwyu: Fix warnings in src/util and treat them as errors by hebasto)
• #34132 (coins: drop error catcher, centralize fatal read handling by l0rinc)
• #34038 (logging: replace -loglevel with -trace, various API improvements by ajtowns)
• #33259 (rpc, logging: add backgroundvalidation to getblockchaininfo by polespinasa)
• #30342 (kernel, logging: Pass Logger instances to kernel objects by ryanofsky)
• #29678 (Bugfix: Correct first-run free space checks by luke-jr)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

LLM Linter (✨ experimental)

Possible places where named args for integral literals may be used (e.g. func(x, /*named_arg=*/0) in C++, and func(x, named_arg=0) in Python):

• BlockFilterIndex(interfaces::MakeChain(m_node), BlockFilterType::BASIC, 1_MiB, true) in src/test/blockfilter_index_tests.cpp
• InitBlockFilterIndex([&]{ return interfaces::MakeChain(m_node); }, BlockFilterType::BASIC, 1_MiB, true, false) in src/test/blockfilter_index_tests.cpp
• InitBlockFilterIndex([&]{ return interfaces::MakeChain(m_node); }, BlockFilterType::BASIC, 1_MiB, true, false) in src/test/blockfilter_index_tests.cpp
• InitBlockFilterIndex([&]{ return interfaces::MakeChain(m_node); }, BlockFilterType::BASIC, 1_MiB, true, false) in src/test/blockfilter_index_tests.cpp
• CoinStatsIndex{interfaces::MakeChain(m_node), 1_MiB, true} in src/test/coinstatsindex_tests.cpp
• CoinStatsIndex index{interfaces::MakeChain(m_node), 1_MiB} in src/test/coinstatsindex_tests.cpp
• CoinStatsIndex index{interfaces::MakeChain(m_node), 1_MiB} in src/test/coinstatsindex_tests.cpp
• TxIndex txindex(interfaces::MakeChain(m_node), 1_MiB, true) in src/test/txindex_tests.cpp

If you want, I can propose adding explanatory named comments (e.g. /cache_bytes=/) for these third-or-later literal arguments to improve readability.

^{2026-03-06 21:45:29}

[DrahtBot]

🚧 At least one of the CI tasks failed.
_{Task ASan + LSan + UBSan + integer: https://github.com/bitcoin/bitcoin/actions/runs/21456037564/job/61797017546
LLM reason (✨ experimental): Compilation failed due to invalid user-defined literal operators in util/byte_units.h (invalid parameter type for operator""_MiB/_GiB leading to no matching literal operator).}

Hints

Try to run the tests locally, according to the documentation. However, a CI failure may still
happen due to a number of reasons, for example:

• Possibly due to a silent merge conflict (the changes in this pull request being
  incompatible with the current code in the target branch). If so, make sure to rebase on the latest
  commit of the target branch.

• A sanitizer issue, which can only be found by compiling with the sanitizer and running the
  affected test.

• An intermittent issue.

Leave a comment here, if you need help tracking down a confusing failure.

[hodlinator]

I wonder if multiplying with size_t instead of unspecified integer expression risks flipping negative function inputs into positive output values, but it's probably only used with positive inputs regardless.

[l0rinc]

bitcoin/src/qt/intro.cpp

Line 35 in 25884bd

return prune_target_mib > 1 ? PruneMiBtoGB(prune_target_mib) : DEFAULT_PRUNE_TARGET_GB;

indicates this cannot be negative

[hodlinator]

Experimented a bit and it seems behavior hasn't changed. Passing test:

constexpr uint64_t GB_BYTES{1000000000};
static inline int PruneMiBtoGB_old(int64_t mib) { return (mib * 1024 * 1024 + GB_BYTES - 1) / GB_BYTES; }
static inline int PruneMiBtoGB_new(int64_t mib) { return (mib * 1_MiB + GB_BYTES - 1) / GB_BYTES; }
static inline int64_t PruneGBtoMiB_old(int gb) { return gb * GB_BYTES / 1024 / 1024; }
static inline int64_t PruneGBtoMiB_new(int gb) { return gb * GB_BYTES / 1_MiB; }

BOOST_AUTO_TEST_CASE(prune_tests)
{
    BOOST_CHECK_EQUAL(PruneMiBtoGB_old(1500), 2);
    BOOST_CHECK_EQUAL(PruneMiBtoGB_new(1500), 2);
    BOOST_CHECK_EQUAL(PruneMiBtoGB_old(-1500), 1266874889);
    BOOST_CHECK_EQUAL(PruneMiBtoGB_new(-1500), 1266874889);

    BOOST_CHECK_EQUAL(PruneGBtoMiB_old(1), 953);
    BOOST_CHECK_EQUAL(PruneGBtoMiB_new(1), 953);
    BOOST_CHECK_EQUAL(PruneGBtoMiB_old(-1), 17592186043462);
    BOOST_CHECK_EQUAL(PruneGBtoMiB_new(-1), 17592186043462);
}

[hodlinator]

Concept ACK e5b573f

Makes the code more readible.

Examples:

-constexpr unsigned int FLTR_FILE_CHUNK_SIZE = 0x100000; // 1 MiB
+constexpr unsigned int FLTR_FILE_CHUNK_SIZE = 1_MiB;

-if (m_total_allocated > 0x1000000) return;
+if (m_total_allocated > 16_MiB) return;

-cuckoo_cache.setup_bytes(megabytes << 20);
+cuckoo_cache.setup_bytes(megabytes * 1_MiB);

-LogDebug(BCLog::COINDB, "Writing final batch of %.2f MiB\n", batch.ApproximateSize() * (1.0 / 1048576.0));
+LogDebug(BCLog::COINDB, "Writing final batch of %.2f MiB\n", batch.ApproximateSize() / double(1_MiB));

-constexpr uint64_t min_disk_space = 52428800; // 50 MiB
+constexpr uint64_t min_disk_space = 50_MiB;

[hodlinator]

Experimented a bit and it seems behavior hasn't changed. Passing test:

constexpr uint64_t GB_BYTES{1000000000};
static inline int PruneMiBtoGB_old(int64_t mib) { return (mib * 1024 * 1024 + GB_BYTES - 1) / GB_BYTES; }
static inline int PruneMiBtoGB_new(int64_t mib) { return (mib * 1_MiB + GB_BYTES - 1) / GB_BYTES; }
static inline int64_t PruneGBtoMiB_old(int gb) { return gb * GB_BYTES / 1024 / 1024; }
static inline int64_t PruneGBtoMiB_new(int gb) { return gb * GB_BYTES / 1_MiB; }

BOOST_AUTO_TEST_CASE(prune_tests)
{
    BOOST_CHECK_EQUAL(PruneMiBtoGB_old(1500), 2);
    BOOST_CHECK_EQUAL(PruneMiBtoGB_new(1500), 2);
    BOOST_CHECK_EQUAL(PruneMiBtoGB_old(-1500), 1266874889);
    BOOST_CHECK_EQUAL(PruneMiBtoGB_new(-1500), 1266874889);

    BOOST_CHECK_EQUAL(PruneGBtoMiB_old(1), 953);
    BOOST_CHECK_EQUAL(PruneGBtoMiB_new(1), 953);
    BOOST_CHECK_EQUAL(PruneGBtoMiB_old(-1), 17592186043462);
    BOOST_CHECK_EQUAL(PruneGBtoMiB_new(-1), 17592186043462);
}

[hodlinator]

ACK 792d679

Concpt. review: #34435 (review)

Checked trickier hex literals actually match _MiB/_GiB-versions.

Diffed against previously reviewed push and aside from commit re-ordering, only saw minimal deduplication in gib_string_literal_test.

[hodlinator]

re-ACK 6069bc9

Just changes to surrounding diff context and WARN_FLUSH_COINS_SIZE being replaced by constant no longer measured in bytes.

[hodlinator]

re-ACK c8e955c

(Was just rebased to kick CI).

[maflcko]

would be nice to add:

        BOOST_CHECK_EQUAL(4*uint64_t{1_GiB}, uint64_t{4} << 30);

An alternative would be to just make GiB return u64, and possibly MiB as well.

There shouldn't be any call-site that really needs size_t. size_t seems like a mental overhead, providing bugs such as #34109 and #33724

[l0rinc]

Thanks for the suggestion, 32-bit architectures should also support this widening-first approach, so I added it to the test suite.

I dislike size_t too (for the exact reasons you mentioned), and I’d gladly review a PR that addresses that, but it seems more involved than this one.

[maflcko]

About size_t being annoying, see also #34692 (comment) 😅

[sedited]

Concept ACK

I'm not sure about the first commit, seems a bit noisy to do a conversion from 1024 MiB to 1 GiB for a developer who is probably aware of that fact since shortly after using a computer for the first time. For me at least it is also a good reminder that the unit of -dbcache is MiBs.

The second commit seems like a decent readability improvement though.

[sedited]

Are these really useful? Feels a bit like testing BOOST_CHECK_EQUAL(1+1,2).

[l0rinc]

The reviewers can decide. I covered every change category that I modified in this commit as proof that it doesn't change behavior. I often err on the side of over-testing.