X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fmain.rs;h=96a74fd76c0501c025674bba0e8e04eeb0f8b4f2;hb=25b03a1fd55b67d995e50c2c16243456a311c4f0;hp=a66b9392269e832d1d6e559378c772c9275c5ec5;hpb=dbd60f299ee413b64e5e2a09286bf8ca2ffde8de;p=dnsseed-rust diff --git a/src/main.rs b/src/main.rs index a66b939..96a74fd 100644 --- a/src/main.rs +++ b/src/main.rs @@ -40,8 +40,51 @@ static mut TOR_PROXY: Option = None; pub static START_SHUTDOWN: AtomicBool = AtomicBool::new(false); static SCANNING: AtomicBool = AtomicBool::new(false); + +use std::alloc::{GlobalAlloc, Layout, System}; +use std::ptr; +use std::sync::atomic::AtomicUsize; + +// We keep track of all memory allocated by Rust code, refusing new allocations if it exceeds +// 1.75GB. +// +// Note that while Rust's std, in general, should panic in response to a null allocation, it +// is totally conceivable that some code will instead dereference this null pointer, which +// would violate our guarantees that Rust modules should never crash the entire application. +// +// In the future, as upstream Rust explores a safer allocation API (eg the Alloc API which +// returns Results instead of raw pointers, or redefining the GlobalAlloc API to allow +// panic!()s inside of alloc calls), we should switch to those, however these APIs are +// currently unstable. +const TOTAL_MEM_LIMIT_BYTES: usize = (1024 + 756) * 1024 * 1024; +static TOTAL_MEM_ALLOCD: AtomicUsize = AtomicUsize::new(0); +struct MemoryLimitingAllocator; +unsafe impl GlobalAlloc for MemoryLimitingAllocator { + unsafe fn alloc(&self, layout: Layout) -> *mut u8 { + let len = layout.size(); + if len > TOTAL_MEM_LIMIT_BYTES { + return ptr::null_mut(); + } + if TOTAL_MEM_ALLOCD.fetch_add(len, Ordering::AcqRel) + len > TOTAL_MEM_LIMIT_BYTES { + TOTAL_MEM_ALLOCD.fetch_sub(len, Ordering::AcqRel); + return ptr::null_mut(); + } + System.alloc(layout) + } + + unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) { + System.dealloc(ptr, layout); + TOTAL_MEM_ALLOCD.fetch_sub(layout.size(), Ordering::AcqRel); + } +} + +#[global_allocator] +static ALLOC: MemoryLimitingAllocator = MemoryLimitingAllocator; + + struct PeerState { request: Arc<(u64, BlockHash, Block)>, + pong_nonce: u64, node_services: u64, msg: (String, bool), fail_reason: AddressState, @@ -50,7 +93,6 @@ struct PeerState { recvd_pong: bool, recvd_addrs: bool, recvd_block: bool, - pong_nonce: u64, } pub fn scan_node(scan_time: Instant, node: SocketAddr, manual: bool) { @@ -422,7 +464,7 @@ fn main() { unsafe { REQUEST_BLOCK = Some(Box::new(Mutex::new(Arc::new((0, genesis_block(Network::Bitcoin).bitcoin_hash(), genesis_block(Network::Bitcoin)))))) }; let trt = tokio::runtime::Builder::new() - .blocking_threads(2).core_threads(num_cpus::get().max(1) * 2) + .blocking_threads(2).core_threads(num_cpus::get().max(1) + 1) .build().unwrap(); let _ = trt.block_on_all(future::lazy(|| {