Most active commenters
  • j-krieger(4)
  • bangaladore(3)

←back to thread

Zlib-rs is faster than C

(trifectatech.org)
341 points dochtman | 11 comments | 16 Mar 25 19:35 UTC | HN request time: 1.908s | source | bottom
Show context
YZF ◴[16 Mar 25 20:12 UTC] No.43381858[source]
I found out I already know Rust:

        unsafe {
            let x_tmp0 = _mm_clmulepi64_si128(xmm_crc0, crc_fold, 0x10);
            xmm_crc0 = _mm_clmulepi64_si128(xmm_crc0, crc_fold, 0x01);
            xmm_crc1 = _mm_xor_si128(xmm_crc1, x_tmp0);
            xmm_crc1 = _mm_xor_si128(xmm_crc1, xmm_crc0);
Kidding aside, I thought the purpose of Rust was for safety but the keyword unsafe is sprinkled liberally throughout this library. At what point does it really stop mattering if this is C or Rust?

Presumably with inline assembly both languages can emit what is effectively the same machine code. Is the Rust compiler a better optimizing compiler than C compilers?

replies(30): >>43381895 #>>43381907 #>>43381922 #>>43381925 #>>43381928 #>>43381931 #>>43381934 #>>43381952 #>>43381971 #>>43381985 #>>43382004 #>>43382028 #>>43382110 #>>43382166 #>>43382503 #>>43382805 #>>43382836 #>>43383033 #>>43383096 #>>43383480 #>>43384867 #>>43385039 #>>43385521 #>>43385577 #>>43386151 #>>43386256 #>>43386389 #>>43387043 #>>43388529 #>>43392530 #
Aurornis ◴[16 Mar 25 20:21 UTC] No.43381931[source]
Using unsafe blocks in Rust is confusing when you first see it. The idea is that you have to opt-out of compiler safety guarantees for specific sections of code, but they’re clearly marked by the unsafe block.

In good practice it’s used judiciously in a codebase where it makes sense. Those sections receive extra attention and analysis by the developers.

Of course you can find sloppy codebases where people reach for unsafe as a way to get around Rust instead of writing code the Rust way, but that’s not the intent.

You can also find die-hard Rust users who think unsafe should never be used and make a point to avoid libraries that use it, but that’s excessive.

replies(10): >>43381986 #>>43382095 #>>43382102 #>>43382323 #>>43385098 #>>43385651 #>>43386071 #>>43386189 #>>43386569 #>>43392018 #
1. j-krieger ◴[17 Mar 25 06:24 UTC] No.43385651[source]
This is not really true. You have to uphold those guarantees yourself. With unsafe preconditions, if you don't, the code will still crash loudly (which is better than undefined behaviour).
replies(1): >>43386098 #
2. littlestymaar ◴[17 Mar 25 07:52 UTC] No.43386098[source]
With unsafe you get exactly the same kind of semantics as C, if you don't uphold the invariant the unsafe functions expect, you end up with UB exactly like in C.

If you want a clean crash instead on indeterministic behavior, you need to use assert like in C, but it won't save you from compiler optimization removing checks that are deemed useless (again, exactly like in C).

replies(2): >>43386272 #>>43388759 #
3. lenkite ◴[17 Mar 25 08:30 UTC] No.43386272[source]
> With unsafe you get exactly the same kind of semantics as C

People seem to disagree.

Unsafe Rust Is Harder Than C

https://chadaustin.me/2024/10/intrusive-linked-list-in-rust/

https://news.ycombinator.com/item?id=41944121

replies(1): >>43390805 #
4. j-krieger ◴[17 Mar 25 14:07 UTC] No.43388759[source]
> With unsafe you get exactly the same kind of semantics as C, if you don't uphold the invariant the unsafe functions expect, you end up with UB exactly like in C.

This is not exactly true. Even in production code, unsafe preconditions check if you violate these rules.

Here: https://doc.rust-lang.org/core/macro.assert_unsafe_precondit... And here: https://google.github.io/comprehensive-rust/unsafe-rust/unsa...

replies(1): >>43390437 #
5. bangaladore ◴[17 Mar 25 16:51 UTC] No.43390437{3}[source]
Quoted from your link

> Safe Rust: memory safe, no undefined behavior possible. Unsafe Rust: can trigger undefined behavior if preconditions are violated.

So Unsafe Rust from a UB perspective is no different than C/C++. If preconditions are violated, UB can occur, affecting anywhere in the program. Its unclear how the compiler could check anything about preconditions in a block explicitly used to say that the developer is the one upholding the preconditions.

replies(2): >>43392757 #>>43397883 #
6. kibwen ◴[17 Mar 25 17:31 UTC] No.43390805{3}[source]
Using references in unsafe Rust is harder than using raw pointers in C.

Using raw pointers in unsafe Rust is easier than using raw pointers in C.

The solution is to not manipulate references in unsafe code. The problem is that in old versions of Rust this was tricky. Modern versions of Rust have addressed this by adding first-class facilities for producing pointers without needing temporary references: https://blog.rust-lang.org/2024/10/17/Rust-1.82.0.html#nativ...

7. randomNumber7 ◴[17 Mar 25 21:08 UTC] No.43392757{4}[source]
The rust compiler was written by chuck norris.
8. j-krieger ◴[18 Mar 25 10:52 UTC] No.43397883{4}[source]
> So Unsafe Rust from a UB perspective is no different than C/C++. If preconditions are violated, UB can occur

Only if you actively disable panics being triggered if unsafe preconditions are triggered. In most code, the program will crash instead. Enabling default panic on up violation in production code was done last year, IIRC.

> Its unclear how the compiler could check anything about preconditions

It can't. This is done at runtime, by default and without manually needed programmer interaction.

You can see an example of this in the `ptr`module, here: https://doc.rust-lang.org/beta/src/core/ptr/mod.rs.html#1071

Some are only enabled for `debug_assert` (which is enabled by default), see `ptr::read`, here: https://doc.rust-lang.org/beta/src/core/ptr/mod.rs.html#1370

replies(1): >>43402637 #
9. bangaladore ◴[18 Mar 25 18:05 UTC] No.43402637{5}[source]
These seem to be beta features. But in any case it seems like its just doing some number of asserts to validate some preconditions.

However, even at runtime it can't do anything to say if (excuse the C pseudocode) *(uint32_t*)0x1C00 = 0xFE is a valid memory operations. On some systems, in some cases it might be.

replies(1): >>43410104 #
10. j-krieger ◴[19 Mar 25 10:16 UTC] No.43410104{6}[source]
> These seem to be beta features

What? Where did you get that impression?

> But in any case it seems like its just doing some number of asserts to validate some preconditions

Yeah, like C code normally would, just in the STD in this case.

replies(1): >>43465052 #
11. bangaladore ◴[24 Mar 25 20:25 UTC] No.43465052{7}[source]
> What? Where did you get that impression?

https://doc.rust-lang.org/beta/

> Yeah, like C code normally would, just in the STD in this case.

Yes, in that manual checks are still needed. My point is unsafe code in rust is nowhere near safe and cannot be considered as safe without extensive analysis, no matter the language features used.