[TOC]
- For frontend: could you explain parsing techniques like LR/LALR/LL/PEG/RD/Pratt/precedence algorithms? How about the design of good error messages and error recovery? UX/HCI methods in general?
- For architecture: are you familiar with the differences between traditional linear compiler pipeline architecture, and the newer incremental/interactive/query-driven architectures?
- For static & dynamic semantics: could you write a Simply Typed Lambda Calculus interpreter with lexically scoped variables and capture-avoiding substitution? Could you discuss the tradeoffs of names vs. De Bruijn indices vs. De Bruijn levels vs. locally nameless representations?
- For type systems: could you discuss Hindley–Milner type inference with constraint solving (Algorithm W) vs. bidirectional type checking algorithms? Are you aware of advances in dependent types, refinement types, subtyping…? Can you use natural deduction notation?
- For analysis: are you familiar with various IRs like SSA, CPS, and ANF and their tradeoffs? Do you know how to implement things like liveness and escape analyses? Fixpoint/lattice/abstract-interpretation techniques in general?
- For optimisation: could you sketch the implementation of various common compiler optimisations like dead code elimination, inlining, common subexpression elimination? Are you familiar with program transformation techniques like the polyhedral model and automatic vectorisation methods?
- For codegen: could you explain how register allocation works with a greedy or heuristic graph-colouring approach? Could you talk about instruction selection and calling conventions?
备注
说实话,今年年初到现在,安全界最好的文章writeups 在我看来,应该归属于 google 安全员Ian beer的这篇文章,全文大概13500字左右,文章从协议,安全隐患,触发条件介绍的如此细腻,很值得国内的安全员学习下,不过国内的安全员貌似很多不愿分享,。。。。。😔
同时今年也开始接触部分CVE的了,主要是IOS&Mac OSX这块,希望明年能够有一半时间用来搞CVE相关的安全事件吧,今年大部分时间献给了编译器了
| ==简介== | ==链接== |
|---|---|
| Dynamic Infrastructure(nmap,ffuf,masscan,nuclei,etc) | https://github.com/pry0cc/axiom |
| TEE resources for learning how to reverse-engineer(基本以学术论文为主) | https://github.com/enovella/TEE-reversing |
-
HACKvent 2019 Write Up
-
DefCon Archive
-
HIT Con 2020
-
Google CTF 2020
备注
看看人家的writeups,希望明年有机会参加吧。。。。
| ==标题== | ==链接== |
|---|---|
| Mathematics for the adventurous self-learner(数学的魅力) | 1. https://www.neilwithdata.com/mathematics-self-learner 2. https://news.ycombinator.com/item?id=22400375 |
| Apple, ARM, and Intel | 1. https://stratechery.com/2020/apple-arm-and-intel/?href= 2. https://news.ycombinator.com/item?id=23538894 |
| MegaEase的远程工作文化 | https://coolshell.cn/articles/20765.html |
| an engineer's guide to stock options | https://blog.alexmaccaw.com/an-engineers-guide-to-stock-options# |
| Nintendo DS Architecture | https://www.copetti.org/writings/consoles/nintendo-ds/ |
| GCD and the magic of subtraction | https://plumsempy.com/2020/08/24/gcd-and-the-magic-of-subtraction/ |
| How To Write In Plain English | http://www.plainenglish.co.uk/how-to-write-in-plain-english.html |
State of C++ editing With Emacs
Redditor Author: /u/m_ninepoint
I'm posting to see if my experience mirrors that of others, and perhaps to get ideas. As it is emacs has been my primary editor on Linux for years, and it's completely unusable.
I've tried:
- eglot/clangd
- lsp/ccls
- rtags
All of them work to varying degrees on a clean project with minimal code. I test a clean blank-slate emacs config each time to ensure none of my other configuration is interfering.
However, the moment I try to use them on non-trivial projects (hundreds of thousands of lines of code, more complicated code, etc), that's when everything quite literally blows up. Clangd is utterly hopeless and can't even find headers that plainly exist in the compile_commands file. On the flip side, clang crashes when trying to index certain files for CCLS for reasons that elude me. Rtags has deficiencies which was what brought about the LSP in the first place (hanging the editor seems to be the problem I run into the most).
Is Emacs + C++ just an unmitigated disaster? Are these projects actually used by people successfully for large codebases? I'd love to keep using Emacs (I've been a user since 1997!), but I've lost too many hours at this point.
| ==软件简介== | ==链接== | ==个人见解== |
|---|---|---|
| ZSTD(zstandard)压缩算法 | https://github.com/facebook/zstd | 库的开发作者Yann Collet(Cyan4973),@Facebook,主要从事数据压缩方向的,该作者还开发了很多其他压缩算法,值得学习 |
| Kiwi Browser | https://github.com/kiwibrowser/src | 如果有兴趣从事浏览器开发,可以参考下这个源码设计 |
| Briar | https://code.briarproject.org/briar/briar | 这个软件不多做解释,懂的人自然懂,基于WiFi or BlueTooth,软件的协议实现可以参考下,很不错的。 |
| Matrix | https://matrix.org/ | 分布式的安全通信框架 |
| Detect It Easy | https://github.com/horsicq/Detect-It-Easy | 虽然称不上足够优秀,但是可以作为私有HexEditor的参考库 |
| mimalloc | https://github.com/microsoft/mimalloc | 内存释放的巧妙设计 |
| Python For Browser | https://github.com/brython-dev/brython | 没啥可以聊的,直接参考Readme即可 |
| KIRC | https://github.com/mcpcpc/kirc | A tiny IRC client written in POSIX C99. |
| ==PhD Thesis== | ==Reference== |
|---|---|
| On the practical security of white-box cryptography | https://tel.archives-ouvertes.fr/tel-02953586/document |
| Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters | 1. https://seanhn.files.wordpress.com/2020/11/heelan_phd_thesis.pdf 2. https://sean.heelan.io/2020/11/18/phd-thesis-greybox-automatic-exploit-generation-for-heap-overflows-in-language-interpreters/ |
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(1)——Introduction
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(2)——Background
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(3)——Markets Investigated(1/2)
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(4)——Markets Investigated(2/2)
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(5)——Facebook(1/2)
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(6)——Facebook(2/2)
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(7)——Google(1/3)
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(8)——Google(2/3)
- 对美国众议院反垄断调查报告《数字市场竞争的调查》的翻译和思考(9)——Google(3/3)
书比较老了,不过依旧不影响理解和思考当年的美国地位
| ==标题== |
|---|
| Ask HN: What are you learning? |
| Ask HN: What is your blog and why should I read it? |
| Ask HN: What are your favorite low-coding apps / tools as a developer? |