aHash VS unsafe-code-guidelines

If you find yourself in a situation where you've got some kind of HashMap in your JSON data, try using ahash as the hasher... either via the ready-made ahash::AHashMap or via something like type AHashMap = std::collections::HashMap; if you're using something like serde_with which doesn't like the ready-made one.

aHash claims it is faster than t1ha[1].

The t1ha crate also hasn't been updated in over three years so the benchmark in this link should be current.

[1] https://github.com/tkaitchuck/aHash/blob/master/compare/read...

When I recently went shopping for fast hashes for short strings, I settled on wyhash, but ahash[0] seemed like it would have been better if I had bothered to port it from Rust.

> In that time you can FNV-1a a "short" string.

Not if you read it one byte at a time like in TFA!

It looks like the best FNV for short strings in smhasher[1] is comparably fast to ahash[2] on short strings, but I proposed doing slightly less work than ahash.

> From the top of my head, t1ha, falkhash, meowhash and metrohash are using AES-NI and none of them are particularly fast on short inputs, and at least two of them have severe issues, despite guarding against lots of vulnerabilities, which your construction does not.

For issues like reading past the ends of buffers and discarding the extra values, it would be nice if programmers could arrange to have buffers that could be used this way. I posted a thing for hashing strings of a fixed length though, to compare with the thing for hashing strings of a fixed length in TFA.

[0]: https://github.com/tkaitchuck/aHash/blob/master/src/aes_hash...

[1]: https://github.com/rurban/smhasher/blob/master/doc/FNV1a_YT....

[2]: https://github.com/rurban/smhasher/blob/master/doc/ahash64.t...

Regarding the hashing function: I'll already tried using aHash which sped thing things up but not by a lot.

aHash has a very good comparison doc: https://github.com/tkaitchuck/aHash/blob/master/compare/readme.md (Personally, I use it more to compare non-aHash hashes than to aHash; aHash has no reason to be biased between other hashes, though it does have reason to be biased for itself. I trust their analysis to not be biased, but it's always better to be more sure.)

Hi, i was under the impression that with resolver = "2" cargo would be able to respect the target for the dependencies. Currently i have the problem that while using sqlx, surf and gloo in projects that are in the same workspace – thus sharing a single Cargo.lock – i get a cyclic dependency with aHash that is roughly discussed here

Apparently there is a patch for the SMHasher here which adds support for ahash:

https://github.com/tkaitchuck/aHash/tree/master/smhasher

There are also ahash's own benchmarks here:

https://github.com/tkaitchuck/aHash/blob/master/compare/test...

They use the wyhash Rust crate, so if wyhash itself was updated doing a head to head comparison would boil down to updating the wyhash crate and rerunning ahash's benchmark suite.

Useful context on the Rust side is this issue [1]. It sounds like some of the author's concerns are addressed already.

[1]: https://github.com/rust-lang/unsafe-code-guidelines/issues/4...

Is this captured by one of the known soundness conflicts? If not then should consider adding it to the list.

There are some competing proposals for different memory models. Stacked borrows is the current proposal, but there are more work in the approproate WG.

Thank you /u/RalfJung for bringing formal methods to Rust, both through models like Stacked Borrows, by developing miri, and by working on unsafe-code-guidelines which aims to specify exactly what is and isn't allowed in unsafe code (surprisingly, it's an open question as 2023!)

You could imagine some way to make this safe for example automatically convert &'short &'long mut T to &'short &'short T, but it's non-trivial to prove they are safe at all, not to mention ensuring this is correctly implemented in the compiler. If you're interested there's also a discussion on whether the opposite (& & T to & &mut T) is sound here.

Agreed! MIRI is so good, it still feels like magic to me. It also comforts me that the Rust team takes improving unsafe semantics seriously, with the past Unsafe Code Guidelines WG and today's operational semantics team (t-opsem).

I think there are some aspects of this rule that are still undecided. See for example:

- https://github.com/rust-lang/unsafe-code-guidelines/issues/8...

- https://github.com/rust-lang/miri/issues/2732

C is much better specified than unsafe Rust. Some things are just not worked out yet in Rust. This may sometimes even bite very experienced devs, such as this issue with Box's aliasing semantics, which tripped up the author of left-right.