Closed gh0st42 closed 4 years ago
While I'm yet not sure where the attitude of removing unsafe code everywhere will lead us in general. In this case yes, I think the overhead does not worth optimizing. Having less to worry about for users matters more.
Merged. Thanks!
FYI, we've had to fork this code in a project where this is called in a hot loop and the 4% speed difference for us is very worth it. I know this type of change is all about tradeoffs but I personally believe this is easy enough to audit and worth optimizing for.
While checking one of my own crates with
cargo geiger
I was surprised to see that humantime makes use ofunsafe
code. After a quick look at the code it looks safe at the moment but this does not mean that nothing of the code before the unsafe utf8 conversion will ever change and bugs will be introduced in the future. Also other people might just look at the output of tools like geiger or crev and think that humantime is insecure. This crate is awesome, small, fast and does what it is supposed to do, I love it :)I replaced the unsafe code with the straight forward safe variant and benchmarked the speed penalty on my machine:
Old code using
unsafe
:New safe code:
So the safe variant is slightly slower on my machine but not significantly. As an added bonus I added
#![forbid(unsafe_code)]
to the lib which letscargo geiger
output a safe lock symbol, clearly indicating that it is absolutely safe to use this crate.I do understand if you reject this PR because your code currently is safe even though it might not be obvious to all users of this crate.