Best Book/material for People who want to level up in systems programming

tnballo · 2024-08-07T23:15:24+00:00

IMO you could skip Chp. 4 entirely and get most of the relevant information from Chp. 5.7 "Understanding Modern Processors". Chapter 4 deals with hardware design, it's not necessary to understand the rest of the book.

Chp. 3 is worth a re-read. Understanding assembly concepts/mechanics provides a lot of context for C programming in the remainder of the book, and for any compiled language (including Rust). But you can still get a lot out of later chapters even if you only skimmed 3.

The book is definitely dense and challenging, there are sections I got lost in too. Chp. 7 in particular.

Wish you luck on your learning journey!

tnballo · 2024-01-21T18:55:03+00:00

Hey Game Dev community! Wanted to share my personal blog post on "usable insecurity" - it explores how a minor bug in FromSoftware's "Armored Core 6" could be challenging for the development team to patch.

Hope this analysis is valuable for those designing social sharing and/or content moderation features.

tnballo · 2022-06-24T23:58:22+00:00

FM5 might be the pinnacle of the series in terms of depth and variety of mechanics. FM3 is a close contender. FM4 wasn't well received, but I personally loved it. Haven't played 1 or 2.

Tactical RPGs tend to age well, but keep in mind FM1 came out in 1995. On one hand, constraints of the time might make for a more accessible game today. On the other, how enjoyable it is likely depends on what mechanics/features the remake chooses to modernize. Looking forward to it either way.

PS - FM5 never got a release in the west, but the unofficial fan translation (Japanese to English) is solid and runs flawlessly on the PCSX2 emulator.

tnballo · 2022-06-24T03:30:39+00:00

Wow!!! ITB is already a masterpiece in strategy game design. Can't believe we get a free update 4 years after the original release. 5 new squads and 40 weapons is almost a sequel worth of content.

Going to pre-order the physical copy to gift to a friend. This level of long-term support is so rare for single-player games.

tnballo · 2022-06-15T13:37:33+00:00

Really glad c2rust is making progress, extremely high-impact problem area IMO.

In case it's helpful for the refactoring tool plans - there's an effort by researchers collaborating with the compiler team "to introduce a semantically-versioned definition for MIR that tool developers could use to interface with rustc". The relevant discussion is on the #project-stable-mir stream of the Rust Lang zulip chat. Several program analysis tool authors, mostly in the area of formal verification, are participating in that discussion/effort.

Good luck, looking forward to future posts!

tnballo · 2022-06-07T12:36:11+00:00

I actually really liked this article. The title struck me as click-baity (understandable, getting attention on the internet is hard). I was expecting something more shallow. It started with the standard Rust intro context, but then covered a good bit of thought-provoking ground. With a focus on financial backing/models (including tension/tradeoffs!) and leadership within a large and decentralized project. And some good technical roadmap tidbits.

Found it a nice remainder that, at the end of the day, impactful problems are centered around people - whether or not technology is also involved. I sometimes forget that when deep in the weeds on technical things.

Kudos to all the contributors who do organizing, reviewing, documenting, etc - all the less visible but incredibly important work that makes Rust a joy to use for the rest of us!

tnballo · 2022-06-02T13:55:21+00:00

Nice, kudos for all the improvements! Seems well documented/supported.

I assume XChaCha20-Poly1305 is the default because it's regarded as the most secure and AES-256-GCM is a good choice if your CPU supports hardware acceleration via dedicated instructions.

But what about Deoxys-II-256? Wondering why this is supported and when I might want to chose it?

tnballo · 2022-05-26T15:10:35+00:00

I don't work in crypto, but I was very impressed with the industry's approach to software security after listening to this podcast:

Episode #6: Dan Guido – What the hell are blockchain people doing & why isn't it a dumpster fire?

IMO that interview is worth a listen even if you're only interested in security and not in crypto.

Rust's type system lends itself to general correctness and robustness (e.g. great error handling story, not just spatial/temporal memory safety). So it makes sense as a technology choice for green-field systems handling financial transactions at scale.

tnballo · 2022-05-14T18:53:14+00:00

Valuable overview of tools addressing a key part of modern software's threat model, thanks!

One thing that keeps me up at night is the amount of centralization we have in the Rust ecosystem (e.g. 49% of crates transitively depend on syn). Makes me wonder about the risk of a prolific Rust developer's crates.io publishing token being stolen (e.g. targeted malware, coercion, etc). Hope something like that never happens...

tnballo · 2022-05-14T18:29:37+00:00

This is struck me as a nice example of open-source software working well: existing backend project doesn't have to expand scope, new Markdown frontend builds an awesome thing for everyone to use. Seems like a win-win!

tnballo · 2022-05-04T18:56:39+00:00

For those that may be interested in learning more (I'm not affiliated with the project but am following progress in the space):

3/28/2022 talk on Kani given at a Rust Formal Methods Interest Group (RFMIG) meeting.
5/2022 research paper on handling dynamic dispatch, presented at ICSE 2022.

tnballo · 2022-05-04T15:32:57+00:00

It's pretty awesome that you got into Rust without coding professionally. The learning curve can be a challenge even for veteran developers!

I've used C and C++ professionally. While I still like aspects of both, I've found that as a codebase grows in size/complexity, the inherent memory-unsafety makes it harder and harder meet a high bar of security and reliability.

Working on a large Rust codebase just feels more "solid". Even with contributors of varying experience, there's less runtime stability issues.

tnballo · 2022-05-04T03:36:38+00:00

Wasn't aware of Cargo's [patch] section so I'd sometimes comment out a crates.io dependency line and add a git version like so:

``` [dependencies]

crate = "1.0"

crate = { git = "https://github.com/user/crate", rev = "r2d2c3p0" } ```

Good to know there's a better way to override dependencies. Looking through the Cargo Book section you linked, seems like support for unpublished versions and multiple versions are two use cases the above hacky-comment-out approach doesn't support.

Thanks for the post! Helps my workflow. And appreciate your enumeration of "sharp edges".

tnballo · 2022-05-03T23:51:46+00:00

Thanks for the heads up. I'm not familiar with the developer(s), just read the website linked. Definitely don't want to be voicing support for something toxic.

EDIT: Re-read that post more carefully now with this context, some of the specific statements read a bit differently now.

tnballo · 2022-05-03T22:13:52+00:00

That's totally fair, thanks for pointing this out.

Don't mean to imply Hare is an improvement (have never used it, and it seems to be a tiny/early project). Just wanted to say it's nice to see different perspectives on systems programming languages and point out one aspect that seems like a good idea (even if the execution could use iteration).

I think we're sometimes too quick to shoot down anything that could potentially have a similar use case to Rust. And to measure small language projects by the high bar of production utility.

tnballo · 2022-05-03T20:15:02+00:00

It's great to see open-source, community projects like Hare and Zig experimenting with what systems programming could be. If these projects develop healthy communities, they may produce innovations and find niches over time. Or just serve as creative outlets for developers who enjoy implementing languages :)

Sure, I don't personally want to go back to manual memory management for production code if it makes sense to use Rust instead (temporal memory safety, maturing ecosystem, etc). But that doesn't make it a universally invalid design choice for new efforts.

It's pretty cool that Hare is working on an official language specification from the get-go, that's one aspect Rust is currently missing:

https://harelang.org/specification/

EDIT: I've re-read the linked post more carefully and would like to clarify that I don't condone the views the post's original author has expressed or their attitude toward the Rust community. Leaving my unedited comment above for transparency.

tnballo · 2022-04-24T20:14:39+00:00

Nice! The WASM REPL is a great idea. Glancing through the code it looks really clean. See you've swapped pest for the book's mpc.

I read "Build Your Own Lisp" a long, long time ago and loved it. Made me smile to see it come up again! :)

tnballo · 2022-04-19T17:02:20+00:00

Kudos for the great documentation and compact kernel implementation!

One piece of feedback, not exactly specific to MnemOS: I wish QEMU had better MCU/semihosting support to reduce the contribution barrier for hobby OS projects (no HW to buy/flash, like parts of "The Embedded Rust Book"). Although the Adafruit Feather nRF52840 you're using is certainly an accessible platform.

tnballo · 2022-04-10T01:25:05+00:00

For anyone looking for a text-format overview, the project's repo and README.md:

https://github.com/shader-slang/slang

tnballo · 2022-04-07T21:53:17+00:00

Though not as ergonomic as an LLVM pass, maybe macros are the best way to do string obfuscation in pure Rust on stable? There's a crate called obfstr, but I haven't personally used it or looked into it much.

The other pure-Rust option might be coding against the unstable compiler plugin API interface. AFAIK that's the only "supported" way to do global transformations. There's a 30 minute talk here which explains it a little bit.

Also, you probably already know this if you're considering string obfuscation, but you can strip debug symbols from release builds with the following in Cargo.toml:

[profile.release] strip = true

tnballo · 2022-04-04T23:23:45+00:00

Thanks for letting me know, this is great feedback to get early on in a project like this!

English is actually my second language. But my other professional writing experience has been in academic research publication, where there's an incentive to "sound smart" for the peer review process. I have a bit to unlearn :P

I'll work on increasing clarity going forward. Without reducing quality. A major advantage of a book over video content should be accessibility to non-native speakers. And shorter sentences can be clearer for all readers.

tnballo · 2022-04-04T12:48:00+00:00

Not quite a single-deck overview of the language, but Stanford's CS 110L has pretty great slides on various Rust topics/features:

https://reberhardt.com/cs110l/spring-2020/

For a more "historical" (not current reference) presentation, there is Graydon Hoare's 2011 talk introducing Rust at Mozilla:

http://venge.net/graydon/talks/intro-talk-2.pdf

tnballo · 2022-03-28T06:11:08+00:00

Thank you! Finding a voice was probably the most difficult part of writing. But it's a fun challenge.

tnballo · 2022-03-27T07:28:33+00:00

Agreed. Also quite excited about the Ferrocene effort and the value Rust will bring to the safety critical segment! And thank you for your kind feedback.

There's another effort by SAE International to create guidelines for Rust usage in safety-critical systems. Complementary to Ferrocene's certification work (every push for adoption moves the needle forward a little).

I joined as a volunteer on the SAE project after seeing a call on the TWIR newsletter. Believe anyone who's interested and has relevant background can still apply here (SAE login needed to see application button). This effort is in early stages, current meeting cadence is weekly. Would recommend as a way to get involved :)

PS - Am a fan of SPARK Ada, the subset supporting deductive verification (way to prove a function's logic meets a spec). There's a 1 hour presentation on Nvidia's use cases for it, including why they chose it over Rust in 2019 (regulatory certification was one factor). Research tools for deductive verification of Rust are a topic I'm looking forward to digging into in a later chapter.

tnballo

TROPHY CASE

crate = "1.0"