cruster 0.0.27

A Rust framework for building distributed, stateful entity systems with durable workflows
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387

use crate::types::MachineId;
use serde::{Deserialize, Serialize};
use std::fmt;
use std::sync::atomic::{AtomicI32, AtomicI64, Ordering};
use std::time::{SystemTime, UNIX_EPOCH};

/// Error returned when the snowflake generator cannot produce an ID.
#[derive(Debug, thiserror::Error)]
pub enum SnowflakeError {
    /// The system clock jumped backward by more than the maximum tolerable drift.
    #[error(
        "system clock jumped backward by {drift_ms}ms (>{max_drift_ms}ms max) — check NTP configuration"
    )]
    ClockDriftExceeded { drift_ms: i64, max_drift_ms: i64 },
}

/// Custom epoch: 2025-01-01T00:00:00Z in milliseconds since Unix epoch.
const CUSTOM_EPOCH_MS: i64 = 1_735_689_600_000;

/// Maximum tolerable backward clock drift in milliseconds before panicking.
/// If the system clock jumps back by more than this amount, the generator panics
/// rather than blocking the calling thread (likely a tokio runtime thread) indefinitely.
const MAX_CLOCK_DRIFT_MS: i64 = 5_000;

const MACHINE_ID_BITS: u32 = 10;
const SEQUENCE_BITS: u32 = 12;
const MACHINE_ID_SHIFT: u32 = SEQUENCE_BITS;
const TIMESTAMP_SHIFT: u32 = MACHINE_ID_BITS + SEQUENCE_BITS;
const SEQUENCE_MASK: i64 = (1 << SEQUENCE_BITS) - 1;

/// A distributed unique ID using the Snowflake algorithm.
/// Layout: 42-bit timestamp (ms since custom epoch), 10-bit machine ID, 12-bit sequence.
#[derive(Debug, Clone, Copy, Hash, Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize)]
pub struct Snowflake(pub i64);

impl fmt::Display for Snowflake {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "{}", self.0)
    }
}

/// Decomposed parts of a Snowflake ID.
#[derive(Debug, Clone, Copy)]
pub struct SnowflakeParts {
    pub timestamp: i64,
    pub machine_id: MachineId,
    pub sequence: i32,
}

impl Snowflake {
    /// Extract the parts of this snowflake ID.
    pub fn parts(&self) -> SnowflakeParts {
        SnowflakeParts {
            timestamp: (self.0 >> TIMESTAMP_SHIFT) + CUSTOM_EPOCH_MS,
            machine_id: MachineId::new_unchecked(
                ((self.0 >> MACHINE_ID_SHIFT) & ((1 << MACHINE_ID_BITS) - 1)) as i32,
            ),
            sequence: (self.0 & SEQUENCE_MASK) as i32,
        }
    }
}

/// Lock-free snowflake ID generator.
///
/// Uses a single `AtomicI64` (`ts_seq`) to store both the timestamp and sequence
/// atomically, eliminating the race condition where a concurrent thread could read
/// a stale sequence between a timestamp update and sequence reset.
///
/// Layout of `ts_seq`: upper 52 bits = timestamp (ms since Unix epoch), lower 12 bits = sequence.
pub struct SnowflakeGenerator {
    machine_id: AtomicI32,
    /// Combined timestamp (upper 52 bits) and sequence (lower 12 bits).
    ts_seq: AtomicI64,
}

/// Pack timestamp and sequence into a single i64.
fn pack_ts_seq(timestamp: i64, sequence: i64) -> i64 {
    (timestamp << SEQUENCE_BITS) | sequence
}

/// Unpack timestamp from combined value.
fn unpack_timestamp(ts_seq: i64) -> i64 {
    ts_seq >> SEQUENCE_BITS
}

/// Unpack sequence from combined value.
fn unpack_sequence(ts_seq: i64) -> i64 {
    ts_seq & SEQUENCE_MASK
}

impl SnowflakeGenerator {
    pub fn new() -> Self {
        Self {
            machine_id: AtomicI32::new(0),
            // Initialize with timestamp=-1, sequence=0 so first CAS always succeeds
            ts_seq: AtomicI64::new(pack_ts_seq(-1, 0)),
        }
    }

    /// Update the machine ID used for subsequent snowflake generation.
    ///
    /// # Panics
    ///
    /// Panics if `id.0` is outside the valid range `0..=1023`. Use [`MachineId::validated`]
    /// or [`MachineId::wrapping`] to ensure valid values.
    pub fn set_machine_id(&self, id: MachineId) {
        assert!(
            id.value() >= 0 && id.value() <= crate::types::MAX_MACHINE_ID,
            "machine ID {} is out of range (valid: 0..=1023)",
            id.value()
        );
        self.machine_id.store(id.value(), Ordering::Release);
    }

    fn current_timestamp() -> i64 {
        SystemTime::now()
            .duration_since(UNIX_EPOCH)
            .expect("system clock before Unix epoch")
            .as_millis() as i64
    }

    /// Generate the next unique snowflake ID asynchronously. Lock-free.
    /// On clock drift or sequence exhaustion, yields to the tokio runtime
    /// instead of blocking the worker thread.
    ///
    /// Returns `Err(SnowflakeError::ClockDriftExceeded)` if the system clock
    /// has jumped backward by more than 5 seconds.
    ///
    /// Prefer this over [`next()`](Self::next) in async contexts.
    pub async fn next_async(&self) -> Result<Snowflake, SnowflakeError> {
        loop {
            let timestamp = Self::current_timestamp();
            let current = self.ts_seq.load(Ordering::Acquire);
            let last_ts = unpack_timestamp(current);

            if timestamp < last_ts {
                let drift_ms = last_ts - timestamp;
                if drift_ms > MAX_CLOCK_DRIFT_MS {
                    return Err(SnowflakeError::ClockDriftExceeded {
                        drift_ms,
                        max_drift_ms: MAX_CLOCK_DRIFT_MS,
                    });
                }
                if drift_ms > 100 {
                    tracing::warn!(
                        drift_ms,
                        "snowflake: system clock jumped backward, waiting for clock to catch up"
                    );
                }
                tokio::task::yield_now().await;
                continue;
            }

            let (new_val, seq) = if timestamp == last_ts {
                let seq = unpack_sequence(current) + 1;
                if seq > SEQUENCE_MASK {
                    tokio::task::yield_now().await;
                    continue;
                }
                (pack_ts_seq(timestamp, seq), seq)
            } else {
                (pack_ts_seq(timestamp, 0), 0)
            };

            let machine_id = self.machine_id.load(Ordering::Acquire);

            if self
                .ts_seq
                .compare_exchange(current, new_val, Ordering::AcqRel, Ordering::Relaxed)
                .is_err()
            {
                continue;
            }
            let id = ((timestamp - CUSTOM_EPOCH_MS) << TIMESTAMP_SHIFT)
                | ((machine_id as i64) << MACHINE_ID_SHIFT)
                | seq;

            return Ok(Snowflake(id));
        }
    }

    /// Generate the next unique snowflake ID. Lock-free.
    /// On clock drift (backward clock), waits until the clock catches up.
    ///
    /// **Warning:** This method uses `std::thread::yield_now()` on contention,
    /// which blocks the calling OS thread. In async contexts, prefer
    /// [`next_async()`](Self::next_async) to avoid blocking tokio worker threads.
    ///
    /// Returns `Err(SnowflakeError::ClockDriftExceeded)` if the system clock
    /// has jumped backward by more than 5 seconds.
    ///
    /// Uses a single atomic CAS on a combined timestamp+sequence value to
    /// eliminate the race between timestamp update and sequence reset.
    pub fn next(&self) -> Result<Snowflake, SnowflakeError> {
        loop {
            let timestamp = Self::current_timestamp();
            let current = self.ts_seq.load(Ordering::Acquire);
            let last_ts = unpack_timestamp(current);

            if timestamp < last_ts {
                let drift_ms = last_ts - timestamp;
                if drift_ms > MAX_CLOCK_DRIFT_MS {
                    return Err(SnowflakeError::ClockDriftExceeded {
                        drift_ms,
                        max_drift_ms: MAX_CLOCK_DRIFT_MS,
                    });
                }
                if drift_ms > 100 {
                    tracing::warn!(
                        drift_ms,
                        "snowflake: system clock jumped backward, waiting for clock to catch up"
                    );
                }
                // Yield to other threads/tasks until the clock catches up.
                // Using yield_now() instead of spin_loop() to avoid blocking the
                // tokio runtime thread during backward clock drift (e.g., small NTP correction).
                std::thread::yield_now();
                continue;
            }

            let (new_val, seq) = if timestamp == last_ts {
                let seq = unpack_sequence(current) + 1;
                if seq > SEQUENCE_MASK {
                    // Sequence exhausted for this millisecond — yield and wait for next ms.
                    // Using yield_now() instead of spin_loop() to avoid blocking the
                    // tokio runtime thread during burst ID generation (>4096/ms).
                    std::thread::yield_now();
                    continue;
                }
                (pack_ts_seq(timestamp, seq), seq)
            } else {
                // New millisecond — reset sequence to 0
                (pack_ts_seq(timestamp, 0), 0)
            };

            // Capture machine_id before CAS to ensure the ID uses the machine_id
            // that was active when the slot was reserved (not one set concurrently
            // via set_machine_id between CAS and composition).
            let machine_id = self.machine_id.load(Ordering::Acquire);

            // Atomically update both timestamp and sequence together
            if self
                .ts_seq
                .compare_exchange(current, new_val, Ordering::AcqRel, Ordering::Relaxed)
                .is_err()
            {
                continue; // Another thread updated; retry
            }
            let id = ((timestamp - CUSTOM_EPOCH_MS) << TIMESTAMP_SHIFT)
                | ((machine_id as i64) << MACHINE_ID_SHIFT)
                | seq;

            return Ok(Snowflake(id));
        }
    }
}

impl Default for SnowflakeGenerator {
    fn default() -> Self {
        Self::new()
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use std::collections::HashSet;

    #[test]
    fn uniqueness() {
        let gen = SnowflakeGenerator::new();
        let ids: Vec<Snowflake> = (0..10_000).map(|_| gen.next().unwrap()).collect();
        let unique: HashSet<_> = ids.iter().collect();
        assert_eq!(unique.len(), ids.len(), "all IDs must be unique");
    }

    #[test]
    fn monotonicity() {
        let gen = SnowflakeGenerator::new();
        let mut prev = gen.next().unwrap();
        for _ in 0..1_000 {
            let next = gen.next().unwrap();
            assert!(next > prev, "IDs must be strictly increasing");
            prev = next;
        }
    }

    #[test]
    fn parts_round_trip() {
        let gen = SnowflakeGenerator::new();
        gen.set_machine_id(MachineId::new_unchecked(42));
        let id = gen.next().unwrap();
        let parts = id.parts();
        assert_eq!(parts.machine_id, MachineId::new_unchecked(42));
        assert!(parts.timestamp > CUSTOM_EPOCH_MS);
    }

    #[test]
    fn machine_id_update() {
        let gen = SnowflakeGenerator::new();
        let id1 = gen.next().unwrap();
        assert_eq!(id1.parts().machine_id, MachineId::new_unchecked(0));

        gen.set_machine_id(MachineId::new_unchecked(7));
        // Need a new millisecond to see the change reliably
        std::thread::sleep(std::time::Duration::from_millis(2));
        let id2 = gen.next().unwrap();
        assert_eq!(id2.parts().machine_id, MachineId::new_unchecked(7));
    }

    #[test]
    fn serde_round_trip() {
        let sf = Snowflake(123456789);
        let bytes = rmp_serde::to_vec(&sf).unwrap();
        let decoded: Snowflake = rmp_serde::from_slice(&bytes).unwrap();
        assert_eq!(sf, decoded);

        let json = serde_json::to_string(&sf).unwrap();
        let decoded: Snowflake = serde_json::from_str(&json).unwrap();
        assert_eq!(sf, decoded);
    }

    #[test]
    #[should_panic(expected = "out of range")]
    fn set_machine_id_rejects_overflow() {
        let gen = SnowflakeGenerator::new();
        gen.set_machine_id(MachineId::new_unchecked(1024));
    }

    #[test]
    #[should_panic(expected = "out of range")]
    fn set_machine_id_rejects_negative() {
        let gen = SnowflakeGenerator::new();
        gen.set_machine_id(MachineId::new_unchecked(-1));
    }

    #[test]
    fn set_machine_id_accepts_max_valid() {
        let gen = SnowflakeGenerator::new();
        gen.set_machine_id(MachineId::new_unchecked(1023));
        std::thread::sleep(std::time::Duration::from_millis(2));
        let id = gen.next().unwrap();
        assert_eq!(id.parts().machine_id, MachineId::new_unchecked(1023));
    }

    #[test]
    fn concurrent_uniqueness() {
        use std::sync::Arc;
        let gen = Arc::new(SnowflakeGenerator::new());
        let mut handles = vec![];
        for _ in 0..4 {
            let g = gen.clone();
            handles.push(std::thread::spawn(move || {
                (0..2_500).map(|_| g.next().unwrap()).collect::<Vec<_>>()
            }));
        }
        let mut all_ids = HashSet::new();
        for h in handles {
            for id in h.join().unwrap() {
                assert!(all_ids.insert(id), "duplicate ID found in concurrent test");
            }
        }
        assert_eq!(all_ids.len(), 10_000);
    }

    #[tokio::test]
    async fn next_async_uniqueness() {
        let gen = SnowflakeGenerator::new();
        let mut ids = HashSet::new();
        for _ in 0..1_000 {
            let id = gen.next_async().await.unwrap();
            assert!(ids.insert(id), "duplicate ID from next_async");
        }
        assert_eq!(ids.len(), 1_000);
    }

    #[tokio::test]
    async fn next_async_monotonicity() {
        let gen = SnowflakeGenerator::new();
        let mut prev = gen.next_async().await.unwrap();
        for _ in 0..100 {
            let next = gen.next_async().await.unwrap();
            assert!(next > prev, "next_async IDs must be strictly increasing");
            prev = next;
        }
    }
}