loom
rustsec
loom | rustsec | |
---|---|---|
14 | 33 | |
1,896 | 1,524 | |
3.3% | 1.4% | |
6.8 | 9.5 | |
10 days ago | 16 days ago | |
Rust | Rust | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
loom
- Turmoil, a framework for developing and testing distributed systems
-
An Introduction to Lockless Algorithms
> Mutexes are very cheap in the uncontended case
It was a while ago I was deep into this mess so forgive any ignorance–but–iirc the thread-mutex dogma[1] has many pitfalls despite being so widely used. Primarily they’re easy to misuse (deadlocks, holding a lock across a suspend point), and have unpredictable performance because they span so far into compiler, OS and CPU territory (instruction reordering, cache line invalidation, mode switches etc). Also on Arm it’s unclear if mutices are as cheap because of the relaxed memory order(?). Finally code with mutices are hard to test exhaustively, and are prone to heisenbugs.
Now, many if not most of the above apply to anything with atomics, so lock-free/wait-free won’t help either. There’s a reason why a lot of concurrency is ~phd level on the theoretical side, as well as deeply coupled with the gritty realities of hardware/compilers/os on the engineering side.
That said, I still think there’s room for a slightly expanded concurrency toolbox for mortals. For instance, a well implemented concurrent queue can be a significant improvement for many workflows, perhaps even with native OS support (io_uring style)?. Another exciting example is concurrency permutation test frameworks[2] for atomics that reorder operations in order to synthetically trigger rare logical race conditions. I’ve also personally had great experience with the Golang race detector. I hope we see some convergence on some of this stuff within a few years. Concurrency is still incredibly hard to get right.
[1]: I say this only because CS degrees has preached mutices to as the silver bullet for decades.
[2]: https://github.com/tokio-rs/loom
-
Should atomics be unsafe?
Of course atomics are absolutely essential for some of the libraries we take for granted, such as Arc and Tokio. But if you start reading the code and comments and issues and PRs around code like that, you'll see how much work it took to mature them to the point we can now rely on them. That's why tools like Loom exist.
-
Best tool to find deadlocks (in async code)
loom and shuttle can help you narrow down the problem.
-
Does Rust not need extra linting and sanitizing tools like C++?
Unless you are writing unsafe code, you generally don't need to use sanitizers. If you do write unsafe code, checking it with a sanitizer would be a great idea. Two most useful tools here I think are miri and loom.
-
The Deadlock Empire
https://github.com/tokio-rs/loom perhaps? It also models weak memory reordering, but takes some work to integrate into existing apps.
For triggering race conditions in compiled binaries, you could try https://robert.ocallahan.org/2016/02/introducing-rr-chaos-mo....
-
What could Go wrong with a mutex? (A Go profiling story)
There is Loom[1] (part of the Tokio project) for exhaustively testing multithreaded code. Though as far as I can tell it is designed for debugging threads, not async tasks.
[1] https://github.com/tokio-rs/loom
-
Cooptex - Deadlock-free Mutexes
That tool seems similar to https://github.com/tokio-rs/loom, insofar as detecting potential locking errors. These are useful during development, but could still miss production cases (as dev never perfectly matches production). This crate is meant to not have to worry about possibly deadlocking.
-
A bug that doesn’t exist on x86: Exploiting an ARM-only race condition
Rust doesn't catch memory ordering errors, which can result in behavioral bugs in safe Rust and data races and memory unsafety in unsafe Rust. But Loom is an excellent tool for catching ordering errors, though its UnsafeCell API differs from std's (and worse yet, some people report Loom returns false positives/negatives in some cases: https://github.com/tokio-rs/loom/issues/180, possibly https://github.com/tokio-rs/loom/issues/166).
- Multicore OCaml: April 2021
rustsec
-
Rust Tooling: 8 tools that will increase your productivity
cargo-audit is a simple Cargo tool for detecting vulnerable Rust crates. You can install it with cargo install cargo-audit, use cargo audit and you’re done! Any vulnerable crates will appear below, like so:
-
Rust Offline?
Further we use cargo-auditable and cargo-audit as part of both our pipeline and regular scanning of all deployed services. This makes our InfoSec and Legal super happy since it means they can also monitor compliance with licenses and patch/update timings.
-
Sudo and Su Being Rewritten in Rust for Memory Safety
Yeah your decade old single header libs get so many audits by comparison.
https://github.com/RustSec/rustsec/tree/main/cargo-audit
https://mozilla.github.io/cargo-vet/
cargo is not npm
-
A CVE has been issued for hyper. Denial of Service possible
PSA: before filing CVEs for other people's projects, file an issue with https://rustsec.org instead
-
Should atomics be unsafe?
Historically, such serious bugs get communicated broadly and addressed very quickly via security advisory blog posts and on https://rustsec.org.
-
Rust from a security perspective, where is it vulnerable?
For known vulnerabilities we have the rustsec vulnerability database. You could have a look over there for inspiration. There's also the related cargo-audit for checking dependencies for known vulnerabilities.
-
capnproto-rust: out-of-bound memory access bug
Would be cool if this was also reported to https://rustsec.org/ that way cargo audit could pick up and alert the users about it.
-
`cargo audit` can now scan compiled binaries
P.S. I also made scanning binaries 5x faster in the latest release of cargo audit.
-
My Rust development workflow (after 3+ years)
Thanks to cargo and the community, project maintenance is straightforward in rust. You'll need to install cargo-outdated and cargo-audit:
-
Mental models for learning Rust
Use the automated tools to assist you in the maintenance of your projects: rustfmt, clippy, cargo update, cargo outdated and cargo-audit.
What are some alternatives?
eioio - Effects-based direct-style IO for multicore OCaml
opensnitch - OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
console - a debugger for async rust!
vulndb - [mirror] The Go Vulnerability Database
ocaml-multicore - Multicore OCaml
gosec - Go security checker
shuttle - Shuttle is a library for testing concurrent Rust code
crates.io - The Rust package registry
TLAPLUS_DeadlockEmpire - Specs and models for solving the DeadlockEmpire problems using TLA+ and TLC
ripasso - A simple password manager written in Rust
triple-buffer - Implementation of triple buffering in Rust
advisory-db - Security advisory database for Rust crates published through crates.io