diff options
author | Kartik Agaram <vc@akkartik.com> | 2019-07-27 16:01:55 -0700 |
---|---|---|
committer | Kartik Agaram <vc@akkartik.com> | 2019-07-27 17:47:59 -0700 |
commit | 6e1eeeebfb453fa7c871869c19375ce60fbd7413 (patch) | |
tree | 539c4a3fdf1756ae79770d5c4aaf6366f1d1525e /archive/3.transect/compiler5 | |
parent | 8846a7f85cc04b77b2fe8a67b6d317723437b00c (diff) | |
download | mu-6e1eeeebfb453fa7c871869c19375ce60fbd7413.tar.gz |
5485 - promote SubX to top-level
Diffstat (limited to 'archive/3.transect/compiler5')
-rw-r--r-- | archive/3.transect/compiler5 | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/archive/3.transect/compiler5 b/archive/3.transect/compiler5 new file mode 100644 index 00000000..aeb857f4 --- /dev/null +++ b/archive/3.transect/compiler5 @@ -0,0 +1,32 @@ +== Goal + +A memory-safe language with a simple translator to x86 that can be feasibly written in x86. + +== Definitions of terms + +Memory-safe: it should be impossible to: + a) create a pointer out of arbitrary data, or + b) to access heap memory after it's been freed. + +Simple: do all the work in a 2-pass translator: + Pass 1: check each instruction's types in isolation. + Pass 2: emit code for each instruction in isolation. + +== types + +int +char +(address _ t), t ∋ {stack, heap, global} +(array _ t), t ∋ {stack, heap, global} + +stack addresses can't be copied to heap or global +heap addresses can't be copied [1] +global addresses you're free to use anywhere + +[1] (address _ heap) can't be copied or stored, can't be part of a type or +choice. Only thing you can do with it is access it from the register you wrote +it to. And even that not past a call instruction. Important detail: `free()` +is a call. So an address to something on the heap can never be invalid if the +program type-checks. + +<reg x> : (address T m) <- advance <reg/mem> : (array T m), <reg offset> : (index T) |