From a3dec471c046127e8e0d88bc89a881affb56a76c Mon Sep 17 00:00:00 2001
From: Max Inden <mail@max-inden.de>
Date: Fri, 26 Aug 2022 09:02:14 +0200
Subject: [PATCH] docs/coding-guidelines: Document limit on number of tasks
 (#2839)

Add guideline to limit number of tasks being spawned.
---
 docs/coding-guidelines.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/docs/coding-guidelines.md b/docs/coding-guidelines.md
index a208dd27..70a1ef53 100644
--- a/docs/coding-guidelines.md
+++ b/docs/coding-guidelines.md
@@ -10,6 +10,7 @@
     - [Bound everything](#bound-everything)
         - [Channels](#channels)
         - [Local queues](#local-queues)
+        - [Tasks](#tasks)
         - [Further reading](#further-reading)
     - [No premature optimizations](#no-premature-optimizations)
     - [Keep things sequential unless proven to be slow](#keep-things-sequential-unless-proven-to-be-slow)
@@ -201,6 +202,19 @@ growth and high latencies.
 Note that rust-libp2p fails at this guideline, i.e. still has many unbounded
 local queues.
 
+### Tasks
+
+Bound the number of
+[tasks](https://docs.rs/futures/latest/futures/task/index.html) being spawned.
+As an example, say we spawn one task per incoming request received from a
+socket. If the number of pending requests is not bounded by some limit, a
+misbehaving or malicious remote peer can send requests at a higher rate than the
+local node can respond at. This results in unbounded growth in the number of
+requests, and thus unbounded growth in the number of tasks and used memory.
+
+Simply put, rust-libp2p spawns one task per connection but limits the overall
+number of connections, thus adhering to this guideline.
+
 ### Further reading
 
 - https://en.wikipedia.org/wiki/Bufferbloat