go.unbounded_memory

Stability High

Detects operations that can consume unbounded memory, leading to OOM crashes.

Why It Matters

Unbounded memory operations cause:

• OOM crashes - Process killed by kernel
• Pod evictions - Kubernetes kills memory-heavy pods
• Performance degradation - GC pressure increases
• Cascading failures - Memory pressure affects other services

Example

// ❌ Before (unbounded)
func readAll(r io.Reader) ([]byte, error) {
    return io.ReadAll(r) // Could be gigabytes!
}

func collectAll(items <-chan Item) []Item {
    var result []Item
    for item := range items {
        result = append(result, item) // Unbounded growth
    }
    return result
}

// ✅ After (bounded)
func readLimited(r io.Reader, maxSize int64) ([]byte, error) {
    return io.ReadAll(io.LimitReader(r, maxSize))
}

func collectBounded(items <-chan Item, maxItems int) []Item {
    result := make([]Item, 0, min(maxItems, 1000))
    for item := range items {
        result = append(result, item)
        if len(result) >= maxItems {
            break
        }
    }
    return result
}

What Unfault Detects

• io.ReadAll() without size limits
• Unbounded slice appends in loops
• Growing maps without limits
• Collecting all results without pagination

Auto-Fix

Unfault adds size limits:

// Limited reader
io.LimitReader(r, 10*1024*1024) // 10MB max

Tip

Set memory limits in Kubernetes with resources.limits.memory to prevent unbounded growth from affecting other pods.

Related Rules

• go.unbounded_cache
• go.large_response_memory
• python.unbounded_memory