Stream: wg-secure-code

Topic: cfnts


Alex Gaynor (Nov 01 2019 at 22:34, on Zulip):

https://github.com/cloudflare/cfnts - exactly one unsafe block. Nice to see how tractable that is for real-world code

Shnatsel (Nov 01 2019 at 22:49, on Zulip):

Nice! There is actually a bunch of examples like that - https://github.com/Frommi/miniz_oxide is 100% safe and faster than the C version, https://github.com/RustAudio/lewton is 100% safe and is within 5% performance difference compared to reference C library

Tony Arcieri (Nov 01 2019 at 23:58, on Zulip):

Beating C on performance seems to be pretty easy

Tony Arcieri (Nov 01 2019 at 23:58, on Zulip):

it was really funny installing loc

Tony Arcieri (Nov 01 2019 at 23:58, on Zulip):

cloc was taking... I dunno, 30s+ on a particular directory

Tony Arcieri (Nov 01 2019 at 23:58, on Zulip):

loc was instant

Shnatsel (Nov 02 2019 at 00:06, on Zulip):

Depends on the code. Some C libs are heavily optimized. Use cases also matter. For example, for my use cases (searching through 10,000 XML files, 11Gb total) grep is still considerably faster than ripgrep

Thom Chiovoloni (Nov 02 2019 at 04:29, on Zulip):

IIRC cloc is written in perl, not c. taking a look, that seems to still be true

Shnatsel (Nov 02 2019 at 13:40, on Zulip):

Also https://github.com/RazrFalcon/resvg and its dependencies are very fast and only use unsafe where there are truly no mechanisms to get the job done safely.

XAMPPRocky (Nov 02 2019 at 20:26, on Zulip):

cloc was taking... I dunno, 30s+ on a particular directory

@Tony Arcieri cloc is a giant perl script, so it's always going to be pretty slow. If you're interested in code counter performance comparisons, I also write one of these tools and did comparison on each's performance (Though this isn't the most up to date) https://github.com/XAMPPRocky/tokei/blob/master/COMPARISON.md

Tony Arcieri (Nov 03 2019 at 02:26, on Zulip):

@XAMPPRocky neat!

Last update: Nov 11 2019 at 22:00UTC