Writeup: What it takes to safely model a Semaphore type in rust

A couple of months ago there was a small discussion on r/rust about why the standard library doesn’t include a semaphore and I mentioned that it’s a deceivingly difficult synchronization primitive to safely model in a rusty way.

I ended up nerd-sniping myself into trying anyway (docs.rs link), and decided to share a writeup with some of the issues I ran into trying to come up with a safe and no/low-cost rusty interface for a semaphore.

This ended up being a great example of some of the things I love about the rust ecosystem (though it did also reveal some of the weaknesses of the rust ro^rw borrow semantics) in terms of the thought and care it takes to make an api that’s resistant to misuse but still (hopefully) ergonomic.

Link: Implementing a truly safe Semaphore type in rust, and the costs we pay for safety

It's a bit of a longer read, sorry if I go off on any tangents. I'm happy to answer any questions anyone might have on the article, semaphores, or anything else!

6 Likes