loom
Rudra
loom | Rudra | |
---|---|---|
14 | 11 | |
1,896 | 1,297 | |
3.3% | 0.4% | |
6.8 | 5.5 | |
10 days ago | about 2 months ago | |
Rust | Rust | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
loom
- Turmoil, a framework for developing and testing distributed systems
-
An Introduction to Lockless Algorithms
> Mutexes are very cheap in the uncontended case
It was a while ago I was deep into this mess so forgive any ignorance–but–iirc the thread-mutex dogma[1] has many pitfalls despite being so widely used. Primarily they’re easy to misuse (deadlocks, holding a lock across a suspend point), and have unpredictable performance because they span so far into compiler, OS and CPU territory (instruction reordering, cache line invalidation, mode switches etc). Also on Arm it’s unclear if mutices are as cheap because of the relaxed memory order(?). Finally code with mutices are hard to test exhaustively, and are prone to heisenbugs.
Now, many if not most of the above apply to anything with atomics, so lock-free/wait-free won’t help either. There’s a reason why a lot of concurrency is ~phd level on the theoretical side, as well as deeply coupled with the gritty realities of hardware/compilers/os on the engineering side.
That said, I still think there’s room for a slightly expanded concurrency toolbox for mortals. For instance, a well implemented concurrent queue can be a significant improvement for many workflows, perhaps even with native OS support (io_uring style)?. Another exciting example is concurrency permutation test frameworks[2] for atomics that reorder operations in order to synthetically trigger rare logical race conditions. I’ve also personally had great experience with the Golang race detector. I hope we see some convergence on some of this stuff within a few years. Concurrency is still incredibly hard to get right.
[1]: I say this only because CS degrees has preached mutices to as the silver bullet for decades.
[2]: https://github.com/tokio-rs/loom
-
Should atomics be unsafe?
Of course atomics are absolutely essential for some of the libraries we take for granted, such as Arc and Tokio. But if you start reading the code and comments and issues and PRs around code like that, you'll see how much work it took to mature them to the point we can now rely on them. That's why tools like Loom exist.
-
Best tool to find deadlocks (in async code)
loom and shuttle can help you narrow down the problem.
-
Does Rust not need extra linting and sanitizing tools like C++?
Unless you are writing unsafe code, you generally don't need to use sanitizers. If you do write unsafe code, checking it with a sanitizer would be a great idea. Two most useful tools here I think are miri and loom.
-
The Deadlock Empire
https://github.com/tokio-rs/loom perhaps? It also models weak memory reordering, but takes some work to integrate into existing apps.
For triggering race conditions in compiled binaries, you could try https://robert.ocallahan.org/2016/02/introducing-rr-chaos-mo....
-
What could Go wrong with a mutex? (A Go profiling story)
There is Loom[1] (part of the Tokio project) for exhaustively testing multithreaded code. Though as far as I can tell it is designed for debugging threads, not async tasks.
[1] https://github.com/tokio-rs/loom
-
Cooptex - Deadlock-free Mutexes
That tool seems similar to https://github.com/tokio-rs/loom, insofar as detecting potential locking errors. These are useful during development, but could still miss production cases (as dev never perfectly matches production). This crate is meant to not have to worry about possibly deadlocking.
-
A bug that doesn’t exist on x86: Exploiting an ARM-only race condition
Rust doesn't catch memory ordering errors, which can result in behavioral bugs in safe Rust and data races and memory unsafety in unsafe Rust. But Loom is an excellent tool for catching ordering errors, though its UnsafeCell API differs from std's (and worse yet, some people report Loom returns false positives/negatives in some cases: https://github.com/tokio-rs/loom/issues/180, possibly https://github.com/tokio-rs/loom/issues/166).
- Multicore OCaml: April 2021
Rudra
- Rudra – static analyzer to detect common undefined behaviors in Rust programs
- Rudra: Finding Memory Safety Bugs in Rust at the Ecosystem Scale [pdf]
-
Does Rust not need extra linting and sanitizing tools like C++?
If you’re writing unsafe Rust, you might consider cargo miri and Rudra as additional static analyzers which can find bugs rustc won’t
-
Open Rust-related systems research problems suitable for PhD?
In my opinion, much of Rust-specific PhD research likely to be publishable and/or high impact either falls into verification (e.g Prusti, Cruesot) or bug-finding (e.g. Rudra, SyRust). Ralf Jung and his collaborators have done exceptional work in the verification space.
-
Introducing Fortify: A simple and convenient way to bundle owned data with a borrowing type
Perhaps Rudra as well.
- Magma, a project I hope will make provably correct software possible for everyone
-
Is There Anyway To Analyze Unsafe Rust Code For Vulnerabilities?
Haven't used it myself, but I remembered a tool called Rudra was recently posted about in the sub
-
Scylla – Real-Time Big Data Database
Not sure proves your point, but maybe doesn't disprove your point strongly enough. I am not qualified to argue from experience about how Rust is ideally suited in the ways you think it is not. But from everything I have seen, it can do a whole lot of what C++ is also good at. Rust safety is not all or nothing and a codebase could definitely prioritize ergonomics over correctness.
Two things that I saw in the last couple weeks that might start to sway you.
https://github.com/sslab-gatech/Rudra#readme
GhostCell: Separating Permissions from Data in Rust
- Rudra, Rust Memory Safety and Undefined Behavior Detection
- Rudra: Rust Memory Safety and Undefined Behavior Detection
What are some alternatives?
eioio - Effects-based direct-style IO for multicore OCaml
magmide - A dependently-typed proof language intended to make provably correct bare metal code possible for working software engineers.
console - a debugger for async rust!
prusti-dev - A static verifier for Rust, based on the Viper verification infrastructure.
ocaml-multicore - Multicore OCaml
project-safe-transmute - Project group working on the "safe transmute" feature
shuttle - Shuttle is a library for testing concurrent Rust code
electrolysis - Simple verification of Rust programs via functional purification in Lean 2(!)
TLAPLUS_DeadlockEmpire - Specs and models for solving the DeadlockEmpire problems using TLA+ and TLC
rust-verification-tools - RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.
triple-buffer - Implementation of triple buffering in Rust
rust - Rust for the xtensa architecture. Built in targets for the ESP32 and ESP8266