Does anyone have suggestions for tools for searching for race conditions in unsafe code? Another developer recently found a bug in some of my code, and it occurred to me that it would be lovely to have a tool that inserts random delays at strategic points to increase the odds of hitting a race condition, and then runs a long test. It seems like something like this ought to exist, but I don't even know what it might be called. Any ideas?
-
Rust supports thread sanitizer: sanitizer - The Rust Unstable Book
-
When the races can cause crashes or panics, then AFL may help.
-
For higher-level logic errors in async/await, Dropbox has come up with a clever trick of fuzzing in Futures executor: Testing sync at Dropbox - Dropbox
2 Likes
The loom project might also be useful. It can hook into your atomic operations and try all the allowed memory orderings, and see if tests fail in any of them.
2 Likes
The thread sanitizer sounds like the best fit for me. Do you know of any examples integrating it into a test suite?
Loom sounds cool and amazing. I'm afraid it might be too intrusive for me, especially given that I'm unsure how slow it might turn out on my test cases.
Loom is very cool and amazing! That said, I admit that it has quite significant costs on the speed of tests.
This should just be a matter of running the test suite with thread sanitizer enabled. It works by detecting (at runtime) whether memory is accessed by different threads without proper synchronization. It adds some runtime overhead, but the process is pretty well automated. You just have to make sure your test suite has good coverage.
Loom may even be more thorough, since it is able to test operation ordering deterministically, meaning it can find subtle logic errors and not "just" memory safety across threads. (Or, this is my understanding, anyway. Based only on what I've read.)
1 Like
It looked to me like the sanitizer output was sent to stderr, but perhaps I'm misunderstanding that?
It is, and IIRC it also exits with a specific error code when it detects a problem. You can also configure it to exit on the first error. ThreadSanitizerFlags · google/sanitizers Wiki · GitHub
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.