[tor-project] Sponsor 38 (shadow simulator) update

I’ve just shared the 2022-04 update in the Shadow forum: What's happening in Shadow 2022-04 · Discussion #2007 · shadow/shadow · GitHub

Also it looks like I forgot to share the previous 2021-12 update here: What's happening in Shadow 2021-12 · Discussion #1824 · shadow/shadow · GitHub

Both mirrored below:

2022-04 update

This is part of a series of periodic updates of development in Shadow. This work is sponsored by the NSF. Previous update: 2021-12.

We’ve merged 82 non-dependabot pull requests and closed 18 issues since our previous update.

Release status

We are continuing to work on Shadow 2.1. The biggest user-facing goal for this release is to support running golang programs in Shadow, especially tor simulations using the snowflake pluggable transport.

We’ve also begun planning the Shadow 2.2 release, which will largely be a push to refactor and migrate more of the core Shadow code to Rust.

Notable change since last update

Emulation accuracy

  • Optionally move time forward in non-blocking syscalls. Historically Shadow doesn’t move time forward except when explicitly waiting for an event, such as for a deadline to pass or for data to arrive over the network. Conceptually, this emulates a system with an infinite number of infinitely fast CPUs. Normally this is sufficient for modeling networks where CPUs aren’t expected to be a bottleneck. Unfortunately as we’ve explored running more software under Shadow, we’ve found a growing number of examples of code with “busy loops”, which deadlock in this model. This new feature optionally models every syscall taking some small amount of time (e.g. a microsecond), which allows the simulation to escape most such loops. We are still testing and improving this feature, and expect some version of it to be enabled by default in the next release.
  • Fixed a corner case in getaddrinfo.
  • Fixed several bugs in handling file descriptors:
  • Reliably intercept time via vdso. Previously we relied on intercepting calls to VDSO functions (such as gettimeofday) to be intercepted at the libc level via LD_PRELOAD. However, this doesn’t work when the VDSO is used more directly, such as in golang, which would cause the program to get the real-world time instead of the simulated time. We now patch the VDSO itself at program start to reliably intercept these functions in such cases.
  • Implemented basic signal emulation. This allows managed code to install signal handlers and send and receive signals within the simulation. (Sending a signal from outside the simulation to a managed process is still not supported). Notably this support is required to handle golang programs, and allows simulated processes to be shut down cleanly by scheduling kill processes to send appropriate signals.
  • Implemented the select system call.



  • Nightly shadow benchmarks are now being run to help detect performance regressions. We also have the ability to run the benchmark on our own development branches to investigate performance changes before merging these branches into Shadow. Benchmark results for a 5% Tor network are published publicly, but are only intended to be useful for Shadow developers.
  • Added a library for overriding crypto functions. When enabled, this option overrides some openssl APIs with “no-op” implementations. This is a reimplementation of a feature previously available in Shadow’s “tor plugin”. It is intended primarily to improve the performance of tor simulations on hardware without accelerated AES operations, and is only supported on Debian 11.

Happy simulating!
The Shadow team

2021-12 update

This is part of a series of periodic updates of development in Shadow. This work is sponsored by the NSF. Previous update: 2021-10.

We’ve merged 78 pull requests and closed 17 issues since our previous update.

Release status

We have released Shadow 2.0! Give it a try, and let us know if you run into any issues!

We have begun work on Shadow 2.1. Notable planned features are support for signals (which is needed to reliably run golang programs under Shadow), and improved Unix socket support.

Notable change since last update

Emulation accuracy

Performance improvements


UI improvements

Shadow at Tor

We have been collaborating with The Tor Project to use Shadow in its development and testing.

We have been running Shadow simulations inside a Gitlab CI pipeline to help develop and tune improved congestion control algorithms in the upcoming 0.4.7 release. This is the first major application of Shadow inside the Tor Project itself, and we plan to use the pipeline we’ve developed for further testing and profiling.

We have also been making progress on running Arti (the experimental new Rust implemenation of tor) under Shadow: . In the course of this work we have fixed some bugs in Arti, fixed an upstream bug in the crate, and found and identified and fixed several emulation accuracy bugs in Shadow.

Happy simulating!
The Shadow team