Skip to main content

In the #curl project, being written in C, we always work on simplifying the code. One way is to use more internal helper functions and avoid direct use of some functions that are often involved in C mistakes/vulnerabilities.

To measure how this develops, we count number of these function calls used per every thousand lines of code. Over time.
In a graph.

#curl
in reply to daniel:// stenberg://

tambourineman
tambourineman
You're doing great work Daniel. Thanks for carrying the web on your shoulders :)
This entry was edited (6 months ago)
in reply to daniel:// stenberg://

Efi (nap pet) πŸ¦ŠπŸ’€
Efi (nap pet) πŸ¦ŠπŸ’€
wouldn't this be better juxtaposed to the total count of uses? like this an increase in lines of code shows like a decrease in usage which is not intuitive
in reply to Efi (nap pet) πŸ¦ŠπŸ’€

daniel:// stenberg://
daniel:// stenberg://

@efi normally they would grow at the same rate as the number of lines and I don't find that too interesting.

I might try a version that adds two plots with the absolute numbers against a second Y axis.

@Efi (nap pet) πŸ¦ŠπŸ’€
in reply to daniel:// stenberg://

Efi (nap pet) πŸ¦ŠπŸ’€
Efi (nap pet) πŸ¦ŠπŸ’€
it is a fair assumption, but I see that peak on the left and I have to wonder if the project grew a lot that time or it just added a lot of copy calls
in reply to daniel:// stenberg://

Efi (nap pet) πŸ¦ŠπŸ’€
Efi (nap pet) πŸ¦ŠπŸ’€
alright! fair enough XD
I somehow expected more variance, but I guess the larger the project the more time it takes to affect its size too =P
in reply to daniel:// stenberg://

tuxflo
tuxflo
I thought the solution to the vulnerabilities is to rewrite curl in $LANGUAGE over a weekend πŸ€”
in reply to daniel:// stenberg://

Max Horn
Max Horn

that's a really cool graph and also IMHO a very good path for the project.

One small suggestion: I would recommend to start the y-axis as zero to avoid incorrect interpretations. Right now it look as if one category went from a lot to almost nothing, when really it went from 5 to 2 (the other from 5.5 to 2.5). Which still is great of course.

in reply to daniel:// stenberg://

Jan <3
Jan <3

is it true that every C program / library β€œinvents” their own memory management system at some point?
I heard that statement multiple times now and this data seems to add to the validity of it.

I never thought about this, but maybe Zig and Rust are really on to something with their memory management APIs. (Idk, how Hare and Embedded Swift manage this sort of thing)

in reply to Jan <3

daniel:// stenberg://
daniel:// stenberg://
@janvhs I would not call what curl does as "memory management", I would call it helper functions for managing dynamic buffers. And yes, I believe that is common for many C programs.
@Jan <3
⇧